From 5e5f31c3754c0b730731b564de824e23e4b09511 Mon Sep 17 00:00:00 2001
From: Joshua Arts <josha5@outlook.com>
Date: Fri, 27 Jul 2018 11:36:28 -0400
Subject: [PATCH] add option in settings to delete account

---
 app/controllers/users_controller.rb           | 11 +++++++-
 app/models/user.rb                            |  7 ++++++
 .../modals/_delete_account_modal.html.erb     | 25 +++++++++++++++++++
 app/views/shared/settings/_delete.html.erb    | 15 +++++++++++
 app/views/users/edit.html.erb                 |  6 +++++
 config/locales/en.yml                         | 10 ++++++++
 config/routes.rb                              |  2 ++
 7 files changed, 75 insertions(+), 1 deletion(-)
 create mode 100644 app/views/shared/modals/_delete_account_modal.html.erb
 create mode 100644 app/views/shared/settings/_delete.html.erb

diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb
index 877cc49e..198ae8b7 100644
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 class UsersController < ApplicationController
-  before_action :find_user, only: [:edit, :update]
+  before_action :find_user, only: [:edit, :update, :destroy]
   before_action :ensure_unauthenticated, only: [:new, :create]
 
   # POST /u
@@ -72,6 +72,15 @@ class UsersController < ApplicationController
     end
   end
 
+  # DELETE /u/:user_uid
+  def destroy
+    if current_user && current_user == @user
+      @user.destroy
+      session.delete(:user_id)
+    end
+    redirect_to root_path
+  end
+
   # GET /u/terms
   def terms
     redirect_to root_path unless current_user
diff --git a/app/models/user.rb b/app/models/user.rb
index 88f253a3..4f1b31ac 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -4,6 +4,8 @@ class User < ApplicationRecord
   after_create :initialize_main_room
   before_save { email.try(:downcase!) }
 
+  before_destroy :destroy_rooms
+
   has_many :rooms
   belongs_to :main_room, class_name: 'Room', foreign_key: :room_id, required: false
 
@@ -83,6 +85,11 @@ class User < ApplicationRecord
 
   private
 
+  # Destory a users rooms when they are removed.
+  def destroy_rooms
+    rooms.destroy_all
+  end
+
   # Initializes a room for the user and assign a BigBlueButton user id.
   def initialize_main_room
     self.uid = "gl-#{(0...12).map { (65 + rand(26)).chr }.join.downcase}"
diff --git a/app/views/shared/modals/_delete_account_modal.html.erb b/app/views/shared/modals/_delete_account_modal.html.erb
new file mode 100644
index 00000000..90b60174
--- /dev/null
+++ b/app/views/shared/modals/_delete_account_modal.html.erb
@@ -0,0 +1,25 @@
+<div class="modal fade" id="deleteAccountModal" tabindex="-1" role="dialog">
+  <div class="modal-dialog modal-dialog-centered" role="document">
+    <div class="modal-content text-center">
+      <div class="modal-body">
+        <div class="card-body p-6">
+          <div class="card-title">
+            <h3><%= t("modal.delete_account.confirm") %></h3>
+          </div>
+
+          <button type="button" class="btn btn-pill btn-info my-1 btn-del-room" data-dismiss="modal">
+            <%= t("modal.delete_account.keep") %>
+          </button>
+
+          <%= button_to delete_user_path, method: :delete, id: "delete-confirm", class: "btn btn-pill btn-danger my-1 btn-del-room" do %>
+            <%= t("modal.delete_account.delete") %>
+          <% end %>
+
+        </div>
+        <div class="card-footer">
+          <p><%= t("modal.delete_account.warning").html_safe %></p>
+        </div>
+      </div>
+    </div>
+  </div>
+</div>
diff --git a/app/views/shared/settings/_delete.html.erb b/app/views/shared/settings/_delete.html.erb
new file mode 100644
index 00000000..9412eb0d
--- /dev/null
+++ b/app/views/shared/settings/_delete.html.erb
@@ -0,0 +1,15 @@
+<div class="form-group">
+  <div class="row">
+    <div class="col-12">
+      <center>
+        <%= t("settings.delete.disclaimer").html_safe %>
+        <br>
+        <a href="" data-toggle="modal" data-target="#deleteAccountModal" class="btn btn-danger mt-6">
+          <%= t("settings.delete.button") %>
+        </a>
+      </center>
+    </div>
+  </div>
+</div>
+
+<%= render "shared/modals/delete_account_modal" %>
diff --git a/app/views/users/edit.html.erb b/app/views/users/edit.html.erb
index 11854729..7e10bf8b 100644
--- a/app/views/users/edit.html.erb
+++ b/app/views/users/edit.html.erb
@@ -17,6 +17,10 @@
         <button id="design" class="list-group-item list-group-item-action setting-btn">
           <span class="icon mr-3"><i class="fas fa-edit"></i></span><%= t("settings.design.title") %>
         </button>
+
+        <button id="delete" class="list-group-item list-group-item-action setting-btn">
+          <span class="icon mr-3"><i class="fas fa-trash-alt"></i></span><%= t("settings.delete.title") %>
+        </button>
       </div>
 
       <% if @user.errors.any? %>
@@ -42,6 +46,8 @@
       <% end %>
 
       <%= render "shared/settings/setting_view", setting_id: "design", setting_title: t("settings.design.subtitle") %>
+
+      <%= render "shared/settings/setting_view", setting_id: "delete", setting_title: t("settings.delete.subtitle") %>
     </div>
   </div>
 </div>
diff --git a/config/locales/en.yml b/config/locales/en.yml
index edd5cedf..087afa81 100644
--- a/config/locales/en.yml
+++ b/config/locales/en.yml
@@ -61,6 +61,11 @@ en:
       name_placeholder: Enter a room name...
       not_blank: Room name cannot be blank.
       title: Create New Room
+    delete_account:
+      confirm: Are you sure you want to delete your account?
+      delete: I'm sure, delete my account.
+      keep: Actually, I'll keep it.
+      warning: This decision is final. You will <b>not</b> be able to recover associated data.
     delete_room:
       confirm: Are you sure you want to delete %{room}?
       delete: I'm sure, delete this room.
@@ -107,6 +112,11 @@ en:
       image_url: Profile Image URL
       subtitle: Update your Account Info
       title: Account
+    delete:
+      button: Yes, I would like to delete my account.
+      disclaimer: If you choose to delete your account, it will <b>NOT</b> be recoverable. All information regarding your account, including settings, rooms, and recording references will be removed.
+      subtitle: Permanently Delete your Account
+      title: Delete Account
     design:
       not_supported: Customization not currently supported.
       subtitle: Customize Greenlight
diff --git a/config/routes.rb b/config/routes.rb
index bc3f4b98..c8d4d65e 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -20,8 +20,10 @@ Rails.application.routes.draw do
     # Log the user out of the session.
     get '/logout', to: 'sessions#destroy'
 
+    # Account management.
     get '/:user_uid/edit', to: 'users#edit', as: :edit_user
     patch '/:user_uid/edit', to: 'users#update', as: :update_user
+    delete '/:user_uid', to: 'users#destroy', as: :delete_user
   end
 
   # Handles Omniauth authentication.