diff options
author | Florian Pritz <bluewind@xinu.at> | 2018-06-14 11:45:05 +0200 |
---|---|---|
committer | Florian Pritz <bluewind@xinu.at> | 2018-06-14 11:45:05 +0200 |
commit | ef3d5fea06b8ddc69bd94d40a051f5aa5c5cf005 (patch) | |
tree | 248e237a77e9f9f3b5a07ce1534765d91acdd882 /application | |
parent | 24126d9432edb415952af83c2f2a09aa6b95d29d (diff) |
Refactor user deletion to work without password
Signed-off-by: Florian Pritz <bluewind@xinu.at>
Diffstat (limited to 'application')
-rw-r--r-- | application/models/Muser.php | 59 |
1 files changed, 36 insertions, 23 deletions
diff --git a/application/models/Muser.php b/application/models/Muser.php index e59572f82..ef260f47b 100644 --- a/application/models/Muser.php +++ b/application/models/Muser.php @@ -194,35 +194,48 @@ class Muser extends CI_Model { $this->duser->require_implemented("can_delete_account"); if ($this->duser->test_login_credentials($username, $password)) { - $userid = $this->get_userid_by_name($username); - assert($userid !== null); - - $this->db->delete('profiles', array('user' => $userid)); - - $this->load->model("mfile"); - $this->load->model("mmultipaste"); - $this->mfile->delete_by_user($userid); - $this->mmultipaste->delete_by_user($userid); - - # null out user data to keep referer information traceable - # If referer information was relinked, one user could create many - # accounts, delete the account that was used to invite them and - # then cause trouble so that the account that invited him gets - # banned because the admin thinks that account invited abusers - $this->db->set(array( - 'username' => null, - 'password' => null, - 'email' => null, - )) - ->where(array('username' => $username)) - ->update('users'); - + $this->delete_user_real($username); return true; } return false; } + /** + * Delete a user + * + * @param username + * @return void + */ + public function delete_user_real($username) + { + $this->duser->require_implemented("can_delete_account"); + $userid = $this->get_userid_by_name($username); + if ($userid === null) { + throw new \exceptions\ApiException("user/delete", "User cannot be found", ["username" => $username]); + } + + $this->db->delete('profiles', array('user' => $userid)); + + $this->load->model("mfile"); + $this->load->model("mmultipaste"); + $this->mfile->delete_by_user($userid); + $this->mmultipaste->delete_by_user($userid); + + # null out user data to keep referer information traceable + # If referer information was relinked, one user could create many + # accounts, delete the account that was used to invite them and + # then cause trouble so that the account that invited him gets + # banned because the admin thinks that account invited abusers + $this->db->set(array( + 'username' => null, + 'password' => null, + 'email' => null, + )) + ->where(array('username' => $username)) + ->update('users'); + } + function get_userid() { if (!$this->logged_in()) { |