From 5b27f640afa7ff9a6804949ad16667d988f7f5d4 Mon Sep 17 00:00:00 2001
From: Byron Jones <glob@mozilla.com>
Date: Mon, 27 Jul 2015 12:13:26 +0800
Subject: Bug 1171806 - add the ability for a user to disable/"remove" their
 own account

---
 js/account.js                                      | 41 +++++++++++
 skins/standard/admin.css                           | 19 +++++
 .../en/default/account/prefs/account.html.tmpl     | 30 +++++++-
 template/en/default/account/prefs/prefs.html.tmpl  | 85 ++++++++++++++--------
 userprefs.cgi                                      | 21 +++++-
 5 files changed, 165 insertions(+), 31 deletions(-)
 create mode 100644 js/account.js

diff --git a/js/account.js b/js/account.js
new file mode 100644
index 000000000..c2c7a6282
--- /dev/null
+++ b/js/account.js
@@ -0,0 +1,41 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this file,
+ * You can obtain one at http://mozilla.org/MPL/2.0/.
+ *
+ * This Source Code Form is "Incompatible With Secondary Licenses", as
+ * defined by the Mozilla Public License, v. 2.0. */
+
+$(function() {
+    $('#account-disable-toggle')
+        .click(function(event) {
+            event.preventDefault();
+            var that = $(this);
+
+            if (that.data('open')) {
+                $('#account-disable-spinner').html('&#9656;');
+                $('#account-disable').hide();
+                that.data('open', false);
+            }
+            else {
+                $('#account-disable-spinner').html('&#9662;');
+                $('#account-disable').show();
+                that.data('open', true);
+            }
+        });
+
+    $('#account-disable-confirm')
+        .click(function(event) {
+            $('#account-disable-button').prop('disabled', !$(this).is(':checked'));
+        })
+        .prop('checked', false);
+
+    $('#account-disable-button')
+        .click(function(event) {
+            $('#account_disable').val('1');
+            document.userprefsform.submit();
+        });
+
+    $(window).on('pageshow', function() {
+        $('#account_disable').val('');
+    });
+});
diff --git a/skins/standard/admin.css b/skins/standard/admin.css
index c5816a549..4c3af2255 100644
--- a/skins/standard/admin.css
+++ b/skins/standard/admin.css
@@ -160,3 +160,22 @@ th.title {
 .report_information {
     font-style: italic;
 }
+
+#account-disable-button {
+    background-color: #a91300;
+    background-image: linear-gradient(#da5132, #a91300);
+    color: #fff;
+}
+
+#account-disable-button:hover {
+    color: #fff;
+    -webkit-box-shadow: 0 1px 0 0 rgba(0,0,0,0.2),inset 0 -1px 0 0 rgba(0,0,0,0.3),inset 0 12px 24px 2px #e64926;
+    -moz-box-shadow: 0 1px 0 0 rgba(0,0,0,0.2),inset 0 -1px 0 0 rgba(0,0,0,0.3),inset 0 12px 24px 2px #e64926;
+    box-shadow: 0 1px 0 0 rgba(0,0,0,0.2),inset 0 -1px 0 0 rgba(0,0,0,0.3),inset 0 12px 24px 2px #e64926;
+}
+
+#account-disable-button[disabled] {
+    opacity: 0.2;
+    cursor: default;
+}
+
diff --git a/template/en/default/account/prefs/account.html.tmpl b/template/en/default/account/prefs/account.html.tmpl
index 0c8f0807f..919563440 100644
--- a/template/en/default/account/prefs/account.html.tmpl
+++ b/template/en/default/account/prefs/account.html.tmpl
@@ -29,7 +29,7 @@
 
 <table>
   <tr>
-    <th align="right">Your real name:</th>
+    <th align="right" width="150">Your real name:</th>
     <td>
       <input size="35" name="realname" value="[% realname FILTER html %]">
       <i>optional, but encouraged</i>
@@ -118,4 +118,32 @@
     </tr>
   [% END %]
 
+  <tr>
+    <td></td>
+    <td>
+      <a href="#" id="account-disable-toggle"><span id="account-disable-spinner">&#9656;</span> Disable My Account</a>
+    </td>
+  </tr>
+  <tr id="account-disable" style="display:none">
+    <td></td>
+    <td>
+      <p>
+        Your contributions on bugzilla.mozilla.org will still be visible;
+        however, your email address and name will be removed in most locations.
+        We are not able to remove your details that are part of comment text.
+      </p>
+      <p>
+        <input type="checkbox" id="account-disable-confirm">
+        I acknowledge that my account will not be functional after it has been
+        disabled.
+      </p>
+      <input type="hidden" name="account_disable" id="account_disable">
+      <button type="button" id="account-disable-button" disabled>Disable Account</button>
+    </td>
+  </tr>
+  <tr>
+    <td></td>
+    <td><hr></td>
+  </tr>
+
 </table>
diff --git a/template/en/default/account/prefs/prefs.html.tmpl b/template/en/default/account/prefs/prefs.html.tmpl
index 1fcb3e25a..e898738b7 100644
--- a/template/en/default/account/prefs/prefs.html.tmpl
+++ b/template/en/default/account/prefs/prefs.html.tmpl
@@ -35,38 +35,65 @@
   # dont_show_button: boolean. Prevent the display of the "Submit Changes" button.
   #%]
 
-[% filtered_login = user.login FILTER html %]
-[% PROCESS global/header.html.tmpl
-   title = "User Preferences"
-   subheader = filtered_login
-   generate_api_token = 1
-   style_urls = ['skins/standard/admin.css']
-   javascript_urls = ['js/util.js', 'js/field.js', 'js/TUI.js']
-   doc_section = "userpreferences.html"
- %]
+[%
+  filtered_login = user.login FILTER html;
 
-[% tabs = [{ name => "settings", label => "General Preferences",
-              link => "userprefs.cgi?tab=settings", saveable => "1" },
-            { name => "email", label => "Email Preferences", 
-              link => "userprefs.cgi?tab=email", saveable => "1" },
-            { name => "saved-searches", label => "Saved Searches", 
-              link => "userprefs.cgi?tab=saved-searches", saveable => "1" },
-            { name => "account", label => "Account Information",
-              link => "userprefs.cgi?tab=account", saveable => "1" },
-            { name => "apikey", label => "API Keys",
-              link => "userprefs.cgi?tab=apikey", saveable => "1",
-              doc_section => "using.html#apikey" },
-            { name => "permissions", label => "Permissions", 
-              link => "userprefs.cgi?tab=permissions", saveable => "0" } ] %]
+  PROCESS global/header.html.tmpl
+    title              = "User Preferences"
+    subheader          = filtered_login
+    generate_api_token = 1
+    style_urls         = ['skins/standard/admin.css']
+    javascript_urls    = ['js/util.js', 'js/field.js', 'js/TUI.js', 'js/account.js']
+    doc_section        = "userpreferences.html";
 
-[% Hook.process('tabs') %]
+  tabs = [
+    {
+      name        => "account",
+      label       => "Account",
+      link        => "userprefs.cgi?tab=account",
+      saveable    => "1"
+    },
+    {
+      name        => "settings",
+      label       => "General Preferences",
+      link        => "userprefs.cgi?tab=settings",
+      saveable    => "1"
+    },
+    {
+      name        => "email",
+      label       => "Email Preferences",
+      link        => "userprefs.cgi?tab=email",
+      saveable    => "1"
+    },
+    {
+      name        => "saved-searches",
+      label       => "Saved Searches",
+      link        => "userprefs.cgi?tab=saved-searches",
+      saveable    => "1"
+    },
+    {
+      name        => "apikey",
+      label       => "API Keys",
+      link        => "userprefs.cgi?tab=apikey",
+      saveable    => "1",
+      doc_section => "using.html#apikey"
+    },
+    {
+      name        => "permissions",
+      label       => "Permissions",
+      link        => "userprefs.cgi?tab=permissions",
+      saveable    => "0"
+    },
+  ];
+  Hook.process('tabs');
 
-[% FOREACH tab IN tabs %]
-  [% IF tab.name == current_tab_name %]
-    [% current_tab = tab %]
-    [% LAST %]
-  [% END %]
-[% END %]
+  FOREACH tab IN tabs;
+    IF tab.name == current_tab_name;
+      current_tab = tab;
+      LAST;
+    END;
+  END;
+%]
 
 [% WRAPPER global/tabs.html.tmpl
    tabs        = tabs
diff --git a/userprefs.cgi b/userprefs.cgi
index 1764bb2dd..52c5adba0 100755
--- a/userprefs.cgi
+++ b/userprefs.cgi
@@ -143,6 +143,24 @@ sub SaveAccount {
     $dbh->bz_commit_transaction;
 }
 
+sub DisableAccount {
+    my $user = Bugzilla->user;
+
+    my $new_login = 'u' . $user->id . '@disabled.tld';
+
+    Bugzilla->audit(sprintf('<%s> self-disabled %s (now %s)', remote_ip(), $user->login, $new_login));
+
+    $user->set_login($new_login);
+    $user->set_name('');
+    $user->set_disabledtext('Disabled by account owner.');
+    $user->set_disable_mail(1);
+    $user->set_password('*');
+    $user->update();
+
+    Bugzilla->logout();
+    print Bugzilla->cgi->redirect(correct_urlbase());
+    exit;
+}
 
 sub DoSettings {
     my $user = Bugzilla->user;
@@ -598,7 +616,7 @@ Bugzilla->login(LOGIN_REQUIRED);
 my $save_changes = $cgi->param('dosave');
 $vars->{'changes_saved'} = $save_changes;
 
-my $current_tab_name = $cgi->param('tab') || "settings";
+my $current_tab_name = $cgi->param('tab') || "account";
 
 # The SWITCH below makes sure that this is valid
 trick_taint($current_tab_name);
@@ -621,6 +639,7 @@ SWITCH: for ($current_tab_name) {
     last SWITCH if $handled;
 
     /^account$/ && do {
+        DisableAccount() if $cgi->param('account_disable');
         SaveAccount() if $save_changes;
         DoAccount();
         last SWITCH;
-- 
cgit v1.2.3-24-g4f1b