From 34e607f8d9620d350919d92727852f1355ee2034 Mon Sep 17 00:00:00 2001 From: Shawn Kwang Date: Fri, 10 Aug 2018 11:32:08 -0500 Subject: [PATCH 1/5] Drupal: Improve user delete functionality with additional delete choice. Add admin option to chose between soft and hard delete; or let user choose. User form updated with two options: soft and hard delete. Presentation is up to admin based on admin variable. Added additional menu path for soft delete confirmation. Added new confirmation form for soft-delete. Drupal user data modified for soft-delete. https://dev.gridrepublic.org/browse/DBOINCP-452 --- .../boinc/modules/boincuser/boincuser.module | 1 + .../boincuser_delete.admin.inc | 21 ++ .../boincuser_delete/boincuser_delete.module | 207 +++++++++++++++--- .../includes/boincuser_delete.helpers.inc | 62 ++++++ 4 files changed, 261 insertions(+), 30 deletions(-) diff --git a/drupal/sites/default/boinc/modules/boincuser/boincuser.module b/drupal/sites/default/boinc/modules/boincuser/boincuser.module index 67e0e8575d..596f6af387 100644 --- a/drupal/sites/default/boinc/modules/boincuser/boincuser.module +++ b/drupal/sites/default/boinc/modules/boincuser/boincuser.module @@ -274,6 +274,7 @@ function boincuser_init() { if (module_exists('boincuser_delete')) { $paths_to_ignore[] = 'user/' . $user->uid . '/delete'; $paths_to_ignore[] = 'user/' . $user->uid . '/deleteconfirm/*'; + $paths_to_ignore[] = 'user/' . $user->uid . '/odeleteconfirm/*'; } if (!_boincuser_ignore_paths($path, $paths_to_ignore)) { drupal_goto('user/termsofuse'); diff --git a/drupal/sites/default/boinc/modules/boincuser/boincuser_delete/boincuser_delete.admin.inc b/drupal/sites/default/boinc/modules/boincuser/boincuser_delete/boincuser_delete.admin.inc index fba37f53fc..f96961e213 100644 --- a/drupal/sites/default/boinc/modules/boincuser/boincuser_delete/boincuser_delete.admin.inc +++ b/drupal/sites/default/boinc/modules/boincuser/boincuser_delete/boincuser_delete.admin.inc @@ -16,9 +16,30 @@ function boincuser_delete_settings() { $form = array(); $default = array( + 'boincuser_delete_type' => variable_get('boincuser_delete_type', ''), 'boincuser_delete_redirect' => variable_get('boincuser_delete_redirect', ''), ); + $form['options'] = array( + '#type' => 'fieldset', + '#title' => t('Options'), + ); + $form['options']['help'] = array( + '#value' => t('When a user deletes their account, which option is shown to the user? A soft/obfusate delete, a hard/wipe delete, or let the user chose between the two.'), + '#weight' => 11, + ); + $form['options']['boincuser_delete_type'] = array( + '#type' => 'radios', + '#title' => t('Type of delete'), + '#default_value' => $default['boincuser_delete_type'], + '#options' => array( + 'soft_obfuscate' => t('A soft/obfuscate delete. User\'s account is disabled, but some data is deleted.'), + 'hard_wipe' => t('A hard/wipe delete. User\'s account is deleted along with many data.'), + 'user_decides' => t('User is presented with radio buttons where they choose between the two options above.'), + ), + '#weight' => 21, + ); + $form['redirect'] = array( '#type' => 'fieldset', '#title' => t('Redirect'), diff --git a/drupal/sites/default/boinc/modules/boincuser/boincuser_delete/boincuser_delete.module b/drupal/sites/default/boinc/modules/boincuser/boincuser_delete/boincuser_delete.module index 329b081abd..01f245eacb 100644 --- a/drupal/sites/default/boinc/modules/boincuser/boincuser_delete/boincuser_delete.module +++ b/drupal/sites/default/boinc/modules/boincuser/boincuser_delete/boincuser_delete.module @@ -57,6 +57,16 @@ function boincuser_delete_menu() { 'type' => MENU_CALLBACK, ); + $items['user/%user/odeleteconfirm/%'] = array( + 'title' => t('Final confirmation for account deletion'), + 'description' => t('Final confirmation for account deletion'), + 'page callback' => 'drupal_get_form', + 'page arguments' => array('boincuser_delete_softdelconfirmation', 3), + 'access callback' => 'boincuser_delete_access', + 'access arguments' => array(1), + 'type' => MENU_CALLBACK, + ); + return $items; } @@ -125,6 +135,24 @@ function boincuser_delete_form_alter(&$form, $form_state, $form_id) { $disable_delete = TRUE; } + // Configure radio options + $deleteoptions = array( + 'boincuser_delete_softdelete' => bts('Soft delete the account. Afterwards your account will be disabled, and all posts/comments will be attributed to the Anonymous User. However, your user profile will be deleted, your host information deleted, and you will be removed from any team you are a member of.', array(), NULL, 'boinc:delete-user-account'), + 'boincuser_delete_delete' => bts('Delete the account. Afterwards your account will be deleted, and all posts/comments will be attributed to the Anonymous User. Your user profile will be deleted.', array(), NULL, 'boinc:delete-user-account'), + ); + + $dtypes = variable_get('boincuser_delete_type', 'user_decides'); + // unset the other option if dtype is set. i.e., if dtype is set + // to soft delete, unset the hard delete option. + switch ($dtypes) { + case 'soft_obfuscate': + unset($deleteoptions['boincuser_delete_delete']); + break; + case 'hard_wipe': + unset($deleteoptions['boincuser_delete_softdelete']); + break; + } + $question = 'Are you sure you want to delete the account ' . htmlspecialchars($form['_account']['#value']->boincuser_name) . '?'; drupal_set_title($question); @@ -147,11 +175,10 @@ function boincuser_delete_form_alter(&$form, $form_state, $form_id) { '#suffix' => "", ); + // @todo - choose options array based on boincuser_delete_type $form['main']['user_delete_action'] = array( '#type' => 'radios', - '#options' => array( - 'boincuser_delete_delete' => bts('Delete the account. Afterwards your account will be deleted, and all posts/comments will be attributed to the Anonymous User. Your user profile will be deleted.', array(), NULL, 'boinc:delete-user-account'), - ), + '#options' => $deleteoptions, '#weight' => 21, ); if ($disable_delete) { @@ -274,36 +301,40 @@ function boincuser_delete_submit($form, &$form_state) { // Perform the requested operation $op = $form_state['values']['user_delete_action']; + // create token with 1 day/24 hour expiration + $mytoken = create_token($account->boincuser_id, 'D', 24*60*60); switch ($op) { + case 'boincuser_delete_softdelete': + $myurl = "${base_url}/user/{$account->uid}/odeleteconfirm/$mytoken"; + break; case 'boincuser_delete_delete': - // create token with 1 day/24 hour expiration - $mytoken = create_token($account->boincuser_id, 'D', 24*60*60); - $mysubject = "Instructions for account deletion at {$site_name}"; - - $mymessage = '' - . "{$account->boincuser_name},\n" - . "\n" - . "We have received a request to DELETE your user account at " - . "${site_name}. Below in this email is a one-time token you must " - . "use. Either click on the link or copy-and-paste the URL into your " - . "browser address bar. Then you will be required to enter your password " - . "again to confirm your identity.\n" - . "\n" - . "${base_url}/user/{$account->uid}/deleteconfirm/$mytoken\n" - . "\n" - . "This one-time token will expire in 24 hours. Afterwards you must " - . "re-request deletion of your account in order to generate a new token.\n" - . "\n" - . "If you did not initiate this request, please login to the " - . "${site_name} Web site (${site_url}) and " - . "then contact the administrators.\n" - . "\n" - . "Thanks, \n" - . "\n" - . "{$site_name} support team"; + $myurl = "${base_url}/user/{$account->uid}/deleteconfirm/$mytoken"; break; } + $mysubject = "Instructions for account deletion at {$site_name}"; + $mymessage = '' + . "{$account->boincuser_name},\n" + . "\n" + . "We have received a request to DELETE your user account at " + . "${site_name}. Below in this email is a one-time token you must " + . "use. Either click on the link or copy-and-paste the URL into your " + . "browser address bar. Then you will be required to enter your password " + . "again to confirm your identity.\n" + . "\n" + . "${myurl}\n" + . "\n" + . "This one-time token will expire in 24 hours. Afterwards you must " + . "re-request deletion of your account in order to generate a new token.\n" + . "\n" + . "If you did not initiate this request, please login to the " + . "${site_name} Web site (${site_url}) and " + . "then contact the administrators.\n" + . "\n" + . "Thanks, \n" + . "\n" + . "{$site_name} support team"; + // Create array for sending email to user to notify account is being // disabled/deleted. Then send email. $settings = array( @@ -356,6 +387,9 @@ function boincuser_delete_finalconfirmation(&$form_state, $token) { // Attach account to this form. $form['_account'] = array('#type' => 'value', '#value' => $account); + // This form is for hard/wipe delete + $form['_action'] = array('#type' => 'value', '#value' => 'hard_wipe'); + // Instructions $form['main']['instructions1'] = array( '#value' => '

'. @@ -404,6 +438,88 @@ function boincuser_delete_finalconfirmation(&$form_state, $token) { return $form; } +/** + * Final confirmation form for the user to delete their account, using + * the soft/obfuscate method. + */ +function boincuser_delete_softdelconfirmation(&$form_state, $token) { + require_boinc('token'); + + global $user; + $form = array(); + + // check BOINC user exists + $account = user_load(array('uid' => $user->uid)); + $uid = $user->uid; + $boincid = $account->boincuser_id; + + // check $token is valid + if (!is_valid_token($boincid, $token, 'D')) { + drupal_set_message(bts('ERROR: You have supplied an incorrect (most likely expired) token. Please obtain a new token by !link your account be deleted.', + array( + '!link' => l(bts('re-requesting', array(), NULL, 'boinc:delete-user-account'), "/user/${uid}/delete"), + ), + NULL, 'boinc:delete-user-account'), 'error'); + drupal_goto(); + } + + // Attach account to this form. + $form['_account'] = array('#type' => 'value', '#value' => $account); + + // This form is for hard/wipe delete + $form['_action'] = array('#type' => 'value', '#value' => 'soft_obfuscate'); + + // Instructions + $form['main']['instructions1'] = array( + '#value' => '

'. + bts('You are one-step away from deleting your account. Enter your password in the textbox below and click submit. This action is irreversable: once you delete your account, there is no way un-delete.', array(), NULL, 'boinc:delete-user-account'). + '

', + ); + + $form['main']['instructions2'] = array( + '#value' => '

'. + bts('If you wish to cancel, click cancel and you will be taken to your account dashboard.', array(), NULL, 'boinc:delete-user-account'). + '

', + ); + + // Password field + $form['main']['current_pass'] = array( + '#type' => 'password', + '#title' => bts('Enter your password before clicking Submit', array(), NULL, 'boinc:delete-user-account'), + '#size' => 17, + '#attributes' => array( + 'autocomplete' => 'off', + ), + '#weight' => 25, + ); + + // Form control + $form['form control tabs prefix'] = array( + '#value' => '', + '#weight' => 1004, + ); + + //set validation and submit to the functions below + $form['#validate'][] = 'boincuser_delete_finalconfirmation_validate'; + $form['#submit'][] = 'boincuser_delete_finalconfirmation_submit'; + return $form; +} + /** * Validation for final confirmation */ @@ -426,6 +542,7 @@ function boincuser_delete_finalconfirmation_submit($form, &$form_state) { global $user; $account = $form_state['values']['_account']; + $action = $form_state['values']['_action']; $boinc_user = BoincUser::lookup_id($account->boincuser_id); // watchdog message @@ -439,8 +556,38 @@ function boincuser_delete_finalconfirmation_submit($form, &$form_state) { // delete the account - This will delete the boinc user from the // boinc project database, and then delete the Drupal user using the // hook_user() functions. - wipe_account($boinc_user); - user_delete(array(), $account->uid); + + // @todo - chose between obfuscate and wipe BOINC functions. + switch ($action) { + case 'soft_obfuscate': + obfuscate_account($boinc_user); + // @todo - delete additional things, set account status to disable + _boincuser_delete_comment_reassign($account); + _boincuser_delete_node_reassign($account); + _boincuser_delete_privatemsg_delete($account); + _boincuser_delete_friends($account); + // delete the user's profile + $profile = content_profile_load('profile', $account->uid); + node_delete($profile->$nid); + // Drupal account - + // * 'block'/disable the account + // * set name, mail, pass, and init to deleted + // * erase signature + $myarray = array( + 'status' => 0, + 'name' => 'deleted_' . time() . '_' . random_string(), + 'mail' => 'deleted_' . time() . '_' . random_string(), + 'pass' => 'deleted_' . time() . '_' . random_string(), + 'signature' => '', + 'init' => 'deleted_' . time() . '_' . random_string(), + ); + user_save($account, $myarray); + break; + case 'hard_wipe': + wipe_account($boinc_user); + user_delete(array(), $account->uid); + break; + } // Destroy the current session: session_destroy(); diff --git a/drupal/sites/default/boinc/modules/boincuser/boincuser_delete/includes/boincuser_delete.helpers.inc b/drupal/sites/default/boinc/modules/boincuser/boincuser_delete/includes/boincuser_delete.helpers.inc index ef5c0e29a7..987096a6d2 100644 --- a/drupal/sites/default/boinc/modules/boincuser/boincuser_delete/includes/boincuser_delete.helpers.inc +++ b/drupal/sites/default/boinc/modules/boincuser/boincuser_delete/includes/boincuser_delete.helpers.inc @@ -31,4 +31,66 @@ function _boincuser_delete_validatepasswd($boinc_user, $current_pass) { } return true; +} + +/* * * * * * * * * * * * * * * * * * * * * * * * * * * * + * Custom delete functions + * * * * * * * * * * * * * * * * * * * * * * * * * * * */ + +/** + * Assigns nodes to anonymous user. + * + * Copied from node.module, node_user() + */ +function _boincuser_delete_node_reassign($account) { + db_query('UPDATE {node} SET uid = 0 WHERE uid = %d', $account->uid); + db_query('UPDATE {node_revisions} SET uid = 0 WHERE uid = %d', $account->uid); +} + +/** + * Assigns comments to anonymous user. + * + * Copied from comment.module, comment_user() + */ +function _boincuser_delete_comment_reassign($account) { + // bug in comment module, remove user name from comments. + db_query("UPDATE {comments} SET comments.name='' WHERE uid =%d", $account->uid); + + db_query('UPDATE {comments} SET uid = 0 WHERE uid = %d', $account->uid); + db_query('UPDATE {node_comment_statistics} SET last_comment_uid = 0 WHERE last_comment_uid = %d', $account->uid); +} + +/** + * Deletes private messages + * + * Copied from privatemsg module, case 'delete' in privatemsg_user(). + */ +function _boincuser_delete_privatemsg_delete($account) { + // Load all mids of the messages the user wrote. + $result = db_query("SELECT mid FROM {pm_message} WHERE author = %d", $account->uid); + $mids = array(); + while ($row = db_fetch_array($result)) { + $mids[] = $row['mid']; + } + + // Delete messages the user wrote. + db_query('DELETE FROM {pm_message} WHERE author = %d', $account->uid); + + if (!empty($mids)) { + // Delete recipient entries in {pm_index} of the messages the user wrote. + db_query('DELETE FROM {pm_index} WHERE mid IN (' . db_placeholders($mids) . ')', $mids); + } + + // Delete recipient entries of that user. + db_query('DELETE FROM {pm_index} WHERE uid = %d', $account->uid); +} + +/** + * Deletes the friend connections for this user + * + * Copied from flag_friend, flag_friend_user() + */ +function _boincuser_delete_friends($account) { + // remove any friend relationships if an account is removed + db_query("DELETE FROM {flag_friend} WHERE uid = %d OR friend_uid = %d", $account->uid, $account->uid); } \ No newline at end of file From b9f24ade1c849afdc5f9c9f72150c965544634f8 Mon Sep 17 00:00:00 2001 From: Shawn Kwang Date: Mon, 13 Aug 2018 16:42:22 -0500 Subject: [PATCH 2/5] Drupal: Changed user profile template. User profile is now longer shown if user's status is non-zero. i.e. if user is blocked/disabled there is no user profile. --- .../boinc/templates/user-profile.tpl.php | 66 ++++++++++--------- 1 file changed, 34 insertions(+), 32 deletions(-) diff --git a/drupal/sites/default/boinc/themes/boinc/templates/user-profile.tpl.php b/drupal/sites/default/boinc/themes/boinc/templates/user-profile.tpl.php index fe590a1a40..3accfdb088 100644 --- a/drupal/sites/default/boinc/themes/boinc/templates/user-profile.tpl.php +++ b/drupal/sites/default/boinc/themes/boinc/templates/user-profile.tpl.php @@ -163,39 +163,41 @@ if ($user->uid AND ($user->uid != $account->uid)) { -
- : - -
-
- : - -
-
- : - -
- -
- : - + status==1): ?> +
+ : +
- - uid AND ($user->uid != $account->uid)): ?> -
    - $link): ?> -
  • - drupal_get_destination())); ?> -
    • - -
-
    - $link): ?> -
  • - drupal_get_destination())); ?> -
    • - -
+
+ : + +
+
+ : + +
+ +
+ : + +
+ + uid AND ($user->uid != $account->uid)): ?> +
    + $link): ?> +
  • + drupal_get_destination())); ?> +
    • + +
+
    + $link): ?> +
  • + drupal_get_destination())); ?> +
    • + +
+
From 39477d65b2cada5b7f4d19eaf9cdfddd4721a9f7 Mon Sep 17 00:00:00 2001 From: Shawn Kwang Date: Tue, 14 Aug 2018 09:36:56 -0500 Subject: [PATCH 3/5] Drupal: Updated boinc_standard Feature. Account Page has selection condition, if user's status is non-zero, the page is not found. --- .../boinc_standard.pages_default.inc | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/drupal/sites/all/features/boinc_standard/boinc_standard.pages_default.inc b/drupal/sites/all/features/boinc_standard/boinc_standard.pages_default.inc index dc4083e6d6..32f5884dec 100644 --- a/drupal/sites/all/features/boinc_standard/boinc_standard.pages_default.inc +++ b/drupal/sites/all/features/boinc_standard/boinc_standard.pages_default.inc @@ -361,6 +361,21 @@ echo \'
\' . $account->po 'css' => '', 'contexts' => array(), 'relationships' => array(), + 'access' => array( + 'plugins' => array( + 0 => array( + 'name' => 'php', + 'settings' => array( + 'description' => 'if user status then show profile', + 'php' => '$account = $contexts[\'argument_uid_1\']->data; +return ($account->status); +', + ), + 'not' => FALSE, + ), + ), + 'logic' => 'and', + ), ); $display = new panels_display; $display->layout = 'one_sidebar_second'; From c1e768404be332142d1fb5a2e404f110b7625f45 Mon Sep 17 00:00:00 2001 From: Shawn Kwang Date: Tue, 14 Aug 2018 11:22:18 -0500 Subject: [PATCH 4/5] Drupal: Additional changes to user delete functionality. Added delete options to admin interface. Fixed admin interface slightly. Moved delete functionality to helper function. Cleaned up code. --- .../boincuser_delete.admin.inc | 30 +++++------ .../boincuser_delete/boincuser_delete.module | 51 +----------------- .../includes/boincuser_delete.helpers.inc | 52 +++++++++++++++++++ 3 files changed, 68 insertions(+), 65 deletions(-) diff --git a/drupal/sites/default/boinc/modules/boincuser/boincuser_delete/boincuser_delete.admin.inc b/drupal/sites/default/boinc/modules/boincuser/boincuser_delete/boincuser_delete.admin.inc index f96961e213..8883c03d8a 100644 --- a/drupal/sites/default/boinc/modules/boincuser/boincuser_delete/boincuser_delete.admin.inc +++ b/drupal/sites/default/boinc/modules/boincuser/boincuser_delete/boincuser_delete.admin.inc @@ -65,7 +65,7 @@ function boincuser_delete_admindelete(&$form_state, $uid) { $form['#uid'] = $uid; $form['account']['help'] = array( - '#value' => "

" . t("This form will delete this user without any email notification sent to the user. Be very careful in deleting users using this form. Once you enter your password, check the checkbox, and click submit, the user's account will be deleted. This will occur immediately. There is no 'undo'!") . "

" . t("You are deleting the following user:") . "

", + '#value' => "

" . t("This form will delete this user without any email notification sent to the user. Be very careful in deleting users using this form. Once you select the delete type, check the checkbox, enter your password, and click submit, the user's account will be deleted. This will occur immediately. There is no 'undo'!") . "

" . t("You are deleting the following user, link opens in new window:") . "

", '#weight' => -1, '#prefix' => "
", '#suffix' => "
", @@ -76,7 +76,7 @@ function boincuser_delete_admindelete(&$form_state, $uid) { drupal_set_title($account->boincuser_name); $form['account']['boincuser_name'] = array( - '#value' => t('
  • BOINC username (public displayname): ') . $account->boincuser_name, + '#value' => t('
  • BOINC username (public displayname): ') . l("{$account->boincuser_name}", "account/{$account->uid}", array('attributes' => array('target' => '_blank'))), ); $form['account']['boincuser_id'] = array( '#value' => t('
  • BOINC user ID: ') . $account->boincuser_id, @@ -88,6 +88,13 @@ function boincuser_delete_admindelete(&$form_state, $uid) { '#value' => t('
  • Drupal user ID: ') . $account->uid, ); + $form['account']['user_delete_action'] = array( + '#type' => 'radios', + '#options' => array( + 'boincuser_delete_softdelete' => bts('Soft delete the account. The account will be disabled, and all posts/comments will be attributed to the Anonymous User. The user profile will be deleted, the host information deleted, and the user will be removed from any team.', array(), NULL, 'boinc:delete-user-account'), + 'boincuser_delete_delete' => bts('Delete the account. The account will be deleted, and all posts/comments will be attributed to the Anonymous User. The user profile will be deleted.', array(), NULL, 'boinc:delete-user-account'),), + ); + $form['account']['surecheckbox'] = array( '#type' => 'checkbox', '#title' => t('I am sure I know what I am doing. I am deleting user %name.', @@ -137,6 +144,10 @@ function boincuser_delete_admindelete_validate($form, &$form_state) { global $user; $boinc_user = boincuser_load($user->uid, TRUE); + if ($form_state['values']['user_delete_action'] == '') { + form_set_error('user_delete_action', bts('Please select an action to perform using the radio buttons.', array(), NULL, 'boinc:delete-user-account')); + } + if (!($form_state['values']['surecheckbox'])) { return form_set_error('surecheckbox', t('Please confirm you are sure you want to delete this account.')); } @@ -150,9 +161,6 @@ function boincuser_delete_admindelete_validate($form, &$form_state) { * Submit function for admin delete user. */ function boincuser_delete_admindelete_submit($form, &$form_state) { - require_boinc('user_util'); - require_boinc('delete_account'); - // This is the account to be deleted, and not the administrator's // account. $account = user_load(array('uid' => $form['#uid'])); @@ -163,18 +171,8 @@ function boincuser_delete_admindelete_submit($form, &$form_state) { '@displayname' => $account->boincuser_name, )), 'warning'); - // watchdog message - watchdog('boincuser_delete', 'Deleting account drupal UID: %uid, BOINC id: %boincuser_id., BOINC displayname: %displayname', - array( - '%uid' => $form['#uid'], - '%boincuser_id' => $account->boincuser_id, - '%displayname' => $account->boincuser_name, - ), WATCHDOG_NOTICE); - // Delete the user - $boinc_user = boincuser_load($account->uid, TRUE); - wipe_account($boinc_user); - user_delete(array(), $account->uid); + _boincuser_delete_deleteuser($account, $action); drupal_goto('/admin/boinc/user_delete'); } diff --git a/drupal/sites/default/boinc/modules/boincuser/boincuser_delete/boincuser_delete.module b/drupal/sites/default/boinc/modules/boincuser/boincuser_delete/boincuser_delete.module index 01f245eacb..b528af2bef 100644 --- a/drupal/sites/default/boinc/modules/boincuser/boincuser_delete/boincuser_delete.module +++ b/drupal/sites/default/boinc/modules/boincuser/boincuser_delete/boincuser_delete.module @@ -175,7 +175,6 @@ function boincuser_delete_form_alter(&$form, $form_state, $form_id) { '#suffix' => "
    • ", ); - // @todo - choose options array based on boincuser_delete_type $form['main']['user_delete_action'] = array( '#type' => 'radios', '#options' => $deleteoptions, @@ -536,58 +535,12 @@ function boincuser_delete_finalconfirmation_validate($form, &$form_state) { * Submit for final confirmation */ function boincuser_delete_finalconfirmation_submit($form, &$form_state) { - require_boinc('user_util'); - require_boinc('delete_account'); - global $user; + // Delete the user $account = $form_state['values']['_account']; $action = $form_state['values']['_action']; - $boinc_user = BoincUser::lookup_id($account->boincuser_id); - - // watchdog message - watchdog('boincuser_delete', 'Deleting account drupal UID: %uid, BOINC id: %boincuser_id., BOINC displayname: %displayname', - array( - '%uid' => $account->uid, - '%boincuser_id' => $account->boincuser_id, - '%displayname' => $account->boincuser_name, - ), WATCHDOG_NOTICE); - - // delete the account - This will delete the boinc user from the - // boinc project database, and then delete the Drupal user using the - // hook_user() functions. - - // @todo - chose between obfuscate and wipe BOINC functions. - switch ($action) { - case 'soft_obfuscate': - obfuscate_account($boinc_user); - // @todo - delete additional things, set account status to disable - _boincuser_delete_comment_reassign($account); - _boincuser_delete_node_reassign($account); - _boincuser_delete_privatemsg_delete($account); - _boincuser_delete_friends($account); - // delete the user's profile - $profile = content_profile_load('profile', $account->uid); - node_delete($profile->$nid); - // Drupal account - - // * 'block'/disable the account - // * set name, mail, pass, and init to deleted - // * erase signature - $myarray = array( - 'status' => 0, - 'name' => 'deleted_' . time() . '_' . random_string(), - 'mail' => 'deleted_' . time() . '_' . random_string(), - 'pass' => 'deleted_' . time() . '_' . random_string(), - 'signature' => '', - 'init' => 'deleted_' . time() . '_' . random_string(), - ); - user_save($account, $myarray); - break; - case 'hard_wipe': - wipe_account($boinc_user); - user_delete(array(), $account->uid); - break; - } + _boincuser_delete_deleteuser($account, $action); // Destroy the current session: session_destroy(); diff --git a/drupal/sites/default/boinc/modules/boincuser/boincuser_delete/includes/boincuser_delete.helpers.inc b/drupal/sites/default/boinc/modules/boincuser/boincuser_delete/includes/boincuser_delete.helpers.inc index 987096a6d2..09e3fe4ce0 100644 --- a/drupal/sites/default/boinc/modules/boincuser/boincuser_delete/includes/boincuser_delete.helpers.inc +++ b/drupal/sites/default/boinc/modules/boincuser/boincuser_delete/includes/boincuser_delete.helpers.inc @@ -37,6 +37,58 @@ function _boincuser_delete_validatepasswd($boinc_user, $current_pass) { * Custom delete functions * * * * * * * * * * * * * * * * * * * * * * * * * * * */ +/** + * Delete the user function. + */ +function _boincuser_delete_deleteuser($account, $action=NULL) { + require_boinc('user_util'); + require_boinc('delete_account'); + + $boinc_user = BoincUser::lookup_id($account->boincuser_id); + + // watchdog message + watchdog('boincuser_delete', 'Deleting account drupal UID: %uid, BOINC id: %boincuser_id., BOINC displayname: %displayname', + array( + '%uid' => $account->uid, + '%boincuser_id' => $account->boincuser_id, + '%displayname' => $account->boincuser_name, + ), WATCHDOG_NOTICE); + + // delete the account - This will delete the boinc user from the + // boinc project database, and then delete the Drupal user using the + // hook_user() functions. + + switch ($action) { + case 'soft_obfuscate': + obfuscate_account($boinc_user); + _boincuser_delete_comment_reassign($account); + _boincuser_delete_node_reassign($account); + _boincuser_delete_privatemsg_delete($account); + _boincuser_delete_friends($account); + // delete the user's profile + $profile = content_profile_load('profile', $account->uid); + node_delete($profile->$nid); + // Drupal account - + // * 'block'/disable the account + // * set name, mail, pass, and init to deleted + // * erase signature + $myarray = array( + 'status' => 0, + 'name' => 'deleted_' . time() . '_' . random_string(), + 'mail' => 'deleted_' . time() . '_' . random_string(), + 'pass' => 'deleted_' . time() . '_' . random_string(), + 'signature' => '', + 'init' => 'deleted_' . time() . '_' . random_string(), + ); + user_save($account, $myarray); + break; + case 'hard_wipe': + wipe_account($boinc_user); + user_delete(array(), $account->uid); + break; + } +} + /** * Assigns nodes to anonymous user. * From 455dbc780efe005f05c4857addb38dd855bc95f9 Mon Sep 17 00:00:00 2001 From: Shawn Kwang Date: Thu, 16 Aug 2018 08:27:26 -0500 Subject: [PATCH 5/5] Drupal: Scrutinizer found a few bugs, which have been fixed. --- .../boincuser_delete/boincuser_delete.admin.inc | 11 ++++++++--- .../boincuser_delete/boincuser_delete.module | 2 -- .../includes/boincuser_delete.helpers.inc | 6 +++++- 3 files changed, 13 insertions(+), 6 deletions(-) diff --git a/drupal/sites/default/boinc/modules/boincuser/boincuser_delete/boincuser_delete.admin.inc b/drupal/sites/default/boinc/modules/boincuser/boincuser_delete/boincuser_delete.admin.inc index 8883c03d8a..b0d96b146f 100644 --- a/drupal/sites/default/boinc/modules/boincuser/boincuser_delete/boincuser_delete.admin.inc +++ b/drupal/sites/default/boinc/modules/boincuser/boincuser_delete/boincuser_delete.admin.inc @@ -91,8 +91,8 @@ function boincuser_delete_admindelete(&$form_state, $uid) { $form['account']['user_delete_action'] = array( '#type' => 'radios', '#options' => array( - 'boincuser_delete_softdelete' => bts('Soft delete the account. The account will be disabled, and all posts/comments will be attributed to the Anonymous User. The user profile will be deleted, the host information deleted, and the user will be removed from any team.', array(), NULL, 'boinc:delete-user-account'), - 'boincuser_delete_delete' => bts('Delete the account. The account will be deleted, and all posts/comments will be attributed to the Anonymous User. The user profile will be deleted.', array(), NULL, 'boinc:delete-user-account'),), + 'soft_obfuscate' => bts('Soft delete the account. The account will be disabled, and all posts/comments will be attributed to the Anonymous User. The user profile will be deleted, the host information deleted, and the user will be removed from any team.', array(), NULL, 'boinc:delete-user-account'), + 'hard_wipe' => bts('Delete the account. The account will be deleted, and all posts/comments will be attributed to the Anonymous User. The user profile will be deleted.', array(), NULL, 'boinc:delete-user-account'),), ); $form['account']['surecheckbox'] = array( @@ -145,7 +145,11 @@ function boincuser_delete_admindelete_validate($form, &$form_state) { $boinc_user = boincuser_load($user->uid, TRUE); if ($form_state['values']['user_delete_action'] == '') { - form_set_error('user_delete_action', bts('Please select an action to perform using the radio buttons.', array(), NULL, 'boinc:delete-user-account')); + form_set_error('user_delete_action', t('Please select an action to perform using the radio buttons.')); + } + + if ( ($form_state['values']['user_delete_action'] != 'soft_obfuscate') and ($form_state['values']['user_delete_action'] != 'hard_wipe') ) { + form_set_error('user_delete_action', t('User Delete action not a predefined value, unknown error in radio buttons.')); } if (!($form_state['values']['surecheckbox'])) { @@ -164,6 +168,7 @@ function boincuser_delete_admindelete_submit($form, &$form_state) { // This is the account to be deleted, and not the administrator's // account. $account = user_load(array('uid' => $form['#uid'])); + $action = $form_state['values']['user_delete_action']; drupal_set_message(t('WARNING: Account @displayname, Drupal UID=@uid has been deleted.', array( diff --git a/drupal/sites/default/boinc/modules/boincuser/boincuser_delete/boincuser_delete.module b/drupal/sites/default/boinc/modules/boincuser/boincuser_delete/boincuser_delete.module index b528af2bef..fc0b6adff2 100644 --- a/drupal/sites/default/boinc/modules/boincuser/boincuser_delete/boincuser_delete.module +++ b/drupal/sites/default/boinc/modules/boincuser/boincuser_delete/boincuser_delete.module @@ -293,8 +293,6 @@ function boincuser_delete_submit($form, &$form_state) { global $base_url; global $base_path; module_load_include('inc', 'rules', 'modules/system.rules'); - $mysubject = ''; - $mymessage = ''; $site_name = variable_get('site_name', 'Drupal-BOINC'); $site_url = $base_url . $base_path . "user/login"; diff --git a/drupal/sites/default/boinc/modules/boincuser/boincuser_delete/includes/boincuser_delete.helpers.inc b/drupal/sites/default/boinc/modules/boincuser/boincuser_delete/includes/boincuser_delete.helpers.inc index 09e3fe4ce0..174ce81c04 100644 --- a/drupal/sites/default/boinc/modules/boincuser/boincuser_delete/includes/boincuser_delete.helpers.inc +++ b/drupal/sites/default/boinc/modules/boincuser/boincuser_delete/includes/boincuser_delete.helpers.inc @@ -67,7 +67,7 @@ function _boincuser_delete_deleteuser($account, $action=NULL) { _boincuser_delete_friends($account); // delete the user's profile $profile = content_profile_load('profile', $account->uid); - node_delete($profile->$nid); + node_delete($profile->nid); // Drupal account - // * 'block'/disable the account // * set name, mail, pass, and init to deleted @@ -86,6 +86,10 @@ function _boincuser_delete_deleteuser($account, $action=NULL) { wipe_account($boinc_user); user_delete(array(), $account->uid); break; + default: + watchdog('boincuser_delete', 'Delete action is %action, which is not \'soft_obfuscate\' or \'hard_wipe\'.', array( + '%action' => $action, + ), WATCHDOG_ERROR); } }