From 2bfc09b2ee1b1e5c258ebded6bf859dc794cb002 Mon Sep 17 00:00:00 2001 From: Alejandro Alonso Date: Wed, 8 Oct 2014 10:33:08 +0200 Subject: [PATCH] Adding cancel account by token API --- taiga/users/api.py | 31 +++++++++++++++++------------ taiga/users/models.py | 15 ++++++++++++++ tests/integration/test_users.py | 35 +++++++++++++++++++++++++++++++++ 3 files changed, 68 insertions(+), 13 deletions(-) diff --git a/taiga/users/api.py b/taiga/users/api.py index 8c602b89..6a38ab35 100644 --- a/taiga/users/api.py +++ b/taiga/users/api.py @@ -258,20 +258,25 @@ class UsersViewSet(ModelCrudViewSet): return Response(status=status.HTTP_204_NO_CONTENT) + @list_route(methods=["POST"]) + def cancel(self, request, pk=None): + """ + Cancel an account via token + """ + serializer = serializers.CancelAccountSerializer(data=request.DATA, many=False) + if not serializer.is_valid(): + raise exc.WrongArguments(_("Invalid, are you sure the token is correct?")) + + try: + user = models.User.objects.get(cancel_token=serializer.data["cancel_token"]) + except models.User.DoesNotExist: + raise exc.WrongArguments(_("Invalid, are you sure the token is correct?")) + + user.cancel() + return Response(status=status.HTTP_204_NO_CONTENT) + def destroy(self, request, pk=None): user = self.get_object() self.check_permissions(request, "destroy", user) - user.username = slugify_uniquely("deleted-user", models.User, slugfield="username") - user.email = "{}@taiga.io".format(user.username) - user.is_active = False - user.full_name = "Deleted user" - user.color = "" - user.bio = "" - user.default_language = "" - user.default_timezone = "" - user.colorize_tags = True - user.token = None - user.github_id = None - user.set_unusable_password() - user.save() + user.cancel() return Response(status=status.HTTP_204_NO_CONTENT) diff --git a/taiga/users/models.py b/taiga/users/models.py index 08423515..782dd0b7 100644 --- a/taiga/users/models.py +++ b/taiga/users/models.py @@ -156,6 +156,21 @@ class User(AbstractBaseUser, PermissionsMixin): super().save(*args, **kwargs) + def cancel(self): + self.username = slugify_uniquely("deleted-user", User, slugfield="username") + self.email = "{}@taiga.io".format(self.username) + self.is_active = False + self.full_name = "Deleted user" + self.color = "" + self.bio = "" + self.default_language = "" + self.default_timezone = "" + self.colorize_tags = True + self.token = None + self.github_id = None + self.set_unusable_password() + self.save() + class Role(models.Model): name = models.CharField(max_length=200, null=False, blank=False, verbose_name=_("name")) diff --git a/tests/integration/test_users.py b/tests/integration/test_users.py index 6354fbad..fb79ef24 100644 --- a/tests/integration/test_users.py +++ b/tests/integration/test_users.py @@ -113,3 +113,38 @@ def test_api_user_action_change_email_invalid_token(client): assert response.status_code == 400 assert response.data['_error_message'] == 'Invalid, are you sure the token is correct and you didn\'t use it before?' + + +def test_api_user_delete(client): + user = f.UserFactory.create() + url = reverse('users-detail', kwargs={"pk": user.pk}) + + client.login(user) + response = client.delete(url) + + assert response.status_code == 204 + user = models.User.objects.get(pk=user.id) + assert user.full_name == "Deleted user" + + +def test_api_user_cancel_valid_token(client): + user = f.UserFactory.create() + url = reverse('users-cancel') + data = {"cancel_token": user.cancel_token} + client.login(user) + response = client.post(url, json.dumps(data), content_type="application/json") + + assert response.status_code == 204 + user = models.User.objects.get(pk=user.id) + assert user.full_name == "Deleted user" + + +def test_api_user_cancel_invalid_token(client): + user = f.UserFactory.create() + url = reverse('users-cancel') + data = {"cancel_token": "invalid_cancel_token"} + client.login(user) + response = client.post(url, json.dumps(data), content_type="application/json") + + assert response.status_code == 400 + assert response.data['_error_message'] == "Invalid, are you sure the token is correct?"