summaryrefslogtreecommitdiffstats
path: root/application
diff options
context:
space:
mode:
authorFlorian Pritz <bluewind@xinu.at>2018-06-14 11:45:05 +0200
committerFlorian Pritz <bluewind@xinu.at>2018-06-14 11:45:05 +0200
commitef3d5fea06b8ddc69bd94d40a051f5aa5c5cf005 (patch)
tree248e237a77e9f9f3b5a07ce1534765d91acdd882 /application
parent24126d9432edb415952af83c2f2a09aa6b95d29d (diff)
Refactor user deletion to work without password
Signed-off-by: Florian Pritz <bluewind@xinu.at>
Diffstat (limited to 'application')
-rw-r--r--application/models/Muser.php59
1 files changed, 36 insertions, 23 deletions
diff --git a/application/models/Muser.php b/application/models/Muser.php
index e59572f82..ef260f47b 100644
--- a/application/models/Muser.php
+++ b/application/models/Muser.php
@@ -194,35 +194,48 @@ class Muser extends CI_Model {
$this->duser->require_implemented("can_delete_account");
if ($this->duser->test_login_credentials($username, $password)) {
- $userid = $this->get_userid_by_name($username);
- assert($userid !== null);
-
- $this->db->delete('profiles', array('user' => $userid));
-
- $this->load->model("mfile");
- $this->load->model("mmultipaste");
- $this->mfile->delete_by_user($userid);
- $this->mmultipaste->delete_by_user($userid);
-
- # null out user data to keep referer information traceable
- # If referer information was relinked, one user could create many
- # accounts, delete the account that was used to invite them and
- # then cause trouble so that the account that invited him gets
- # banned because the admin thinks that account invited abusers
- $this->db->set(array(
- 'username' => null,
- 'password' => null,
- 'email' => null,
- ))
- ->where(array('username' => $username))
- ->update('users');
-
+ $this->delete_user_real($username);
return true;
}
return false;
}
+ /**
+ * Delete a user
+ *
+ * @param username
+ * @return void
+ */
+ public function delete_user_real($username)
+ {
+ $this->duser->require_implemented("can_delete_account");
+ $userid = $this->get_userid_by_name($username);
+ if ($userid === null) {
+ throw new \exceptions\ApiException("user/delete", "User cannot be found", ["username" => $username]);
+ }
+
+ $this->db->delete('profiles', array('user' => $userid));
+
+ $this->load->model("mfile");
+ $this->load->model("mmultipaste");
+ $this->mfile->delete_by_user($userid);
+ $this->mmultipaste->delete_by_user($userid);
+
+ # null out user data to keep referer information traceable
+ # If referer information was relinked, one user could create many
+ # accounts, delete the account that was used to invite them and
+ # then cause trouble so that the account that invited him gets
+ # banned because the admin thinks that account invited abusers
+ $this->db->set(array(
+ 'username' => null,
+ 'password' => null,
+ 'email' => null,
+ ))
+ ->where(array('username' => $username))
+ ->update('users');
+ }
+
function get_userid()
{
if (!$this->logged_in()) {