diff options
| author | Nick Thomas <nick@gitlab.com> | 2017-10-05 18:36:08 +0100 |
|---|---|---|
| committer | Winnie Hellmann <winnie@gitlab.com> | 2017-10-06 20:26:06 +0200 |
| commit | d40ed7487a4b7b41bf4ba1ef0c932d4b449b23b9 (patch) | |
| tree | a930bd9af952006e4ef67fa929c04f13bf14447f /app/controllers/registrations_controller.rb | |
| parent | 3fbed9f8c9624feb2ba5aab1b7c367fbf3ef8eae (diff) | |
| download | gitlab-ce-winh-delete-account-modal.tar.gz | |
Move destroy confirmation logic from model to controllerwinh-delete-account-modal
Diffstat (limited to 'app/controllers/registrations_controller.rb')
| -rw-r--r-- | app/controllers/registrations_controller.rb | 39 |
1 files changed, 21 insertions, 18 deletions
diff --git a/app/controllers/registrations_controller.rb b/app/controllers/registrations_controller.rb index 1f3a936eb5c..d9142311b6f 100644 --- a/app/controllers/registrations_controller.rb +++ b/app/controllers/registrations_controller.rb @@ -25,29 +25,32 @@ class RegistrationsController < Devise::RegistrationsController end def destroy - begin - confirmation_params = params.permit(:username, :password) - current_user.delete_async(deleted_by: current_user, confirmation_params: confirmation_params) - rescue User::DeletionNotConfirmedError - alert = if current_user.confirm_deletion_with_password? - s_('Profiles|Invalid password') - else - s_('Profiles|Invalid username') - end - - redirect_to profile_account_path, status: 303, alert: alert - return + if destroy_confirmation_valid? + current_user.delete_async(deleted_by: current_user) + session.try(:destroy) + redirect_to new_user_session_path, status: 303, notice: s_('Profiles|Account scheduled for removal.') + else + redirect_to profile_account_path, status: 303, alert: destroy_confirmation_failure_message end + end + + protected - respond_to do |format| - format.html do - session.try(:destroy) - redirect_to new_user_session_path, status: 303, notice: s_('Profiles|Account scheduled for removal.') - end + def destroy_confirmation_valid? + if current_user.confirm_deletion_with_password? + current_user.valid_password?(params[:password]) + else + current_user.username == params[:username] end end - protected + def destroy_confirmation_failure_message + if current_user.confirm_deletion_with_password? + s_('Profiles|Invalid password') + else + s_('Profiles|Invalid username') + end + end def build_resource(hash = nil) super |