chris
/
pixelfed
forked from mirror/pixelfed
1
0
Fork 0
Code Pull Requests Activity

Merge pull request #1630 from pixelfed/staging 

Staging
This commit is contained in:
daniel 2019-08-21 13:31:17 -06:00 committed by GitHub
parent 2a16e64659 0586c022a9
commit 0fd4481ca6
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 17 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
app/Http/Controllers/SettingsController.php
View File

@ -92,12 +92,20 @@ class SettingsController extends Controller
public function removeAccountTemporary(Request $request) public function removeAccountTemporary(Request $request)
{ {
$user = Auth::user();
abort_if(!config('pixelfed.account_deletion'), 403);
abort_if($user->is_admin, 403);
abort_if($user->created_at->gt(now()->subHours(12)), 403);
return view('settings.remove.temporary'); return view('settings.remove.temporary');
} }
public function removeAccountTemporarySubmit(Request $request) public function removeAccountTemporarySubmit(Request $request)
{ {
$user = Auth::user(); $user = Auth::user();
abort_if(!config('pixelfed.account_deletion'), 403);
abort_if($user->is_admin, 403);
abort_if($user->created_at->gt(now()->subHours(12)), 403);
$profile = $user->profile; $profile = $user->profile;
$user->status = 'disabled'; $user->status = 'disabled';
$profile->status = 'disabled'; $profile->status = 'disabled';
@ -110,9 +118,9 @@ class SettingsController extends Controller
public function removeAccountPermanent(Request $request) public function removeAccountPermanent(Request $request)
{ {
if(config('pixelfed.account_deletion') == false) { $user = Auth::user();
abort(404); abort_if($user->is_admin, 403);
} abort_if($user->created_at->gt(now()->subDays(7)), 403);
return view('settings.remove.permanent'); return view('settings.remove.permanent');
} }
@ -122,9 +130,9 @@ class SettingsController extends Controller
abort(404); abort(404);
} }
$user = Auth::user(); $user = Auth::user();
if($user->is_admin == true) { abort_if(!config('pixelfed.account_deletion'), 403);
return abort(400, 'You cannot delete an admin account.'); abort_if($user->is_admin, 403);
} abort_if($user->created_at->gt(now()->subDays(7)), 403);
$profile = $user->profile; $profile = $user->profile;
$ts = Carbon::now()->addMonth(); $ts = Carbon::now()->addMonth();
$user->status = 'delete'; $user->status = 'delete';

4
resources/views/settings/security.blade.php
View File

@ -27,7 +27,7 @@
@include('settings.security.device-panel') @include('settings.security.device-panel')
@if(config('pixelfed.account_deletion') == true) @if(config('pixelfed.account_deletion') && !$user->is_admin && $user->created_at->gt(now()->subHours(12)))
<h4 class="font-weight-bold pt-3">Danger Zone</h4> <h4 class="font-weight-bold pt-3">Danger Zone</h4>
<div class="mb-4 border rounded border-danger"> <div class="mb-4 border rounded border-danger">
<ul class="list-group mb-0 pb-0"> <ul class="list-group mb-0 pb-0">
@ -40,6 +40,7 @@
<a class="btn btn-outline-danger font-weight-bold py-1" href="{{route('settings.remove.temporary')}}">Disable</a> <a class="btn btn-outline-danger font-weight-bold py-1" href="{{route('settings.remove.temporary')}}">Disable</a>
</div> </div>
</li> </li>
@if( !$user->is_admin && $user->created_at->gt(now()->subDays(7)) )
<li class="list-group-item border-left-0 border-right-0 py-3 d-flex justify-content-between"> <li class="list-group-item border-left-0 border-right-0 py-3 d-flex justify-content-between">
<div> <div>
<p class="font-weight-bold mb-1">Delete this Account</p> <p class="font-weight-bold mb-1">Delete this Account</p>
@ -49,6 +50,7 @@
<a class="btn btn-outline-danger font-weight-bold py-1" href="{{route('settings.remove.permanent')}}">Delete</a> <a class="btn btn-outline-danger font-weight-bold py-1" href="{{route('settings.remove.permanent')}}">Delete</a>
</div> </div>
</li> </li>
@endif
</ul> </ul>
</div> </div>
@endif @endif