1 files changed, 21 insertions, 18 deletions

diff --git a/app/controllers/registrations_controller.rb b/app/controllers/registrations_controller.rb
index 1f3a936eb5c..d9142311b6f 100644
--- a/app/controllers/registrations_controller.rb
+++ b/app/controllers/registrations_controller.rb
@@ -25,29 +25,32 @@ class RegistrationsController < Devise::RegistrationsController
   end
 
   def destroy
-    begin
-      confirmation_params = params.permit(:username, :password)
-      current_user.delete_async(deleted_by: current_user, confirmation_params: confirmation_params)
-    rescue User::DeletionNotConfirmedError
-      alert = if current_user.confirm_deletion_with_password?
-                s_('Profiles|Invalid password')
-              else
-                s_('Profiles|Invalid username')
-              end
-
-      redirect_to profile_account_path, status: 303, alert: alert
-      return
+    if destroy_confirmation_valid?
+      current_user.delete_async(deleted_by: current_user)
+      session.try(:destroy)
+      redirect_to new_user_session_path, status: 303, notice: s_('Profiles|Account scheduled for removal.')
+    else
+      redirect_to profile_account_path, status: 303, alert: destroy_confirmation_failure_message
     end
+  end
+
+  protected
 
-    respond_to do |format|
-      format.html do
-        session.try(:destroy)
-        redirect_to new_user_session_path, status: 303, notice: s_('Profiles|Account scheduled for removal.')
-      end
+  def destroy_confirmation_valid?
+    if current_user.confirm_deletion_with_password?
+      current_user.valid_password?(params[:password])
+    else
+      current_user.username == params[:username]
     end
   end
 
-  protected
+  def destroy_confirmation_failure_message
+    if current_user.confirm_deletion_with_password?
+      s_('Profiles|Invalid password')
+    else
+      s_('Profiles|Invalid username')
+    end
+  end
 
   def build_resource(hash = nil)
     super