From e483b7c3e2fe65b834576f59e8781ecb605bcb2b Mon Sep 17 00:00:00 2001
From: Marcelo Schmidt <marcelo.schmidt@gmail.com>
Date: Thu, 3 Mar 2016 09:22:56 -0300
Subject: [PATCH] Adds setting to allow/deny own account deletion
---
i18n/en.i18n.json | 1 +
.../rocketchat-lib/server/methods/deleteUserOwnAccount.js | 4 ++++
packages/rocketchat-lib/server/startup/settings.coffee | 1 +
.../rocketchat-ui-account/account/accountPreferences.coffee | 3 +++
.../rocketchat-ui-account/account/accountPreferences.html | 2 ++
5 files changed, 11 insertions(+)
diff --git a/i18n/en.i18n.json b/i18n/en.i18n.json
index a568a8a45e0..8a8b26c1c48 100644
--- a/i18n/en.i18n.json
+++ b/i18n/en.i18n.json
@@ -7,6 +7,7 @@
"Access_Online_Demo" : "Access the Online Demo",
"Access_Token_URL" : "Access Token URL",
"Accounts" : "Accounts",
+ "Accounts_AllowDeleteOwnAccount" : "Allow users to delete own account",
"Accounts_AllowedDomainsList" : "Allowed Domains List",
"Accounts_AllowedDomainsList_Description" : "Comma-separated list of allowed domains",
"Accounts_AllowEmailChange" : "Allow E-mail Change",
diff --git a/packages/rocketchat-lib/server/methods/deleteUserOwnAccount.js b/packages/rocketchat-lib/server/methods/deleteUserOwnAccount.js
index cf4463f6a72..6296b40cec7 100644
--- a/packages/rocketchat-lib/server/methods/deleteUserOwnAccount.js
+++ b/packages/rocketchat-lib/server/methods/deleteUserOwnAccount.js
@@ -4,6 +4,10 @@ Meteor.methods({
throw new Meteor.Error('invalid-user', "[methods] deleteUserOwnAccount -> Invalid user");
}
+ if (!RocketChat.settings.get('Accounts_AllowDeleteOwnAccount')) {
+ throw new Meteor.Error('not-authorized', "[methods] deleteUserOwnAccount -> Not authorized");
+ }
+
const userId = Meteor.userId();
const user = RocketChat.models.Users.findOneById(userId);
diff --git a/packages/rocketchat-lib/server/startup/settings.coffee b/packages/rocketchat-lib/server/startup/settings.coffee
index d711cb9a2b3..9b86492c354 100644
--- a/packages/rocketchat-lib/server/startup/settings.coffee
+++ b/packages/rocketchat-lib/server/startup/settings.coffee
@@ -3,6 +3,7 @@ if not RocketChat.models.Settings.findOneById 'uniqueID'
RocketChat.models.Settings.createWithIdAndValue 'uniqueID', process.env.DEPLOYMENT_ID or Random.id()
RocketChat.settings.addGroup 'Accounts', ->
+ @add 'Accounts_AllowDeleteOwnAccount', true, { type: 'boolean', public: true }
@add 'Accounts_AllowUserProfileChange', true, { type: 'boolean', public: true }
@add 'Accounts_AllowUserAvatarChange', true, { type: 'boolean', public: true }
@add 'Accounts_AllowUsernameChange', true, { type: 'boolean', public: true }
diff --git a/packages/rocketchat-ui-account/account/accountPreferences.coffee b/packages/rocketchat-ui-account/account/accountPreferences.coffee
index 1c3d41e35bb..93491c849ca 100644
--- a/packages/rocketchat-ui-account/account/accountPreferences.coffee
+++ b/packages/rocketchat-ui-account/account/accountPreferences.coffee
@@ -1,4 +1,7 @@
Template.accountPreferences.helpers
+ allowDeleteOwnAccount: ->
+ return RocketChat.settings.get('Accounts_AllowDeleteOwnAccount')
+
checked: (property, value, defaultValue) ->
if not Meteor.user()?.settings?.preferences?[property]? and defaultValue is true
currentValue = value
diff --git a/packages/rocketchat-ui-account/account/accountPreferences.html b/packages/rocketchat-ui-account/account/accountPreferences.html
index 2325775dadd..a465c97129c 100644
--- a/packages/rocketchat-ui-account/account/accountPreferences.html
+++ b/packages/rocketchat-ui-account/account/accountPreferences.html
@@ -115,9 +115,11 @@
<div class="submit">
<button class="button"><i class="icon-send"></i><span>{{_ "Save_changes"}}</span></button>
</div>
+ {{#if allowDeleteOwnAccount}}
<div class="delete-account text-right">
<button class="button red"><i class="icon-trash"></i><span>{{_ "Delete_my_account"}}</span></button>
</div>
+ {{/if}}
</div>
</div>
</section>
--
GitLab