commit: 566749f77ad5291e28e2a90e32c39637149bdd01
parent: 42ce7a4bab454f4b1ba41eedfac19b1050cd111d
Author: lain <lain@soykaf.club>
Date: Tue, 18 Aug 2020 11:31:13 +0000
Merge branch 'purge-user' into 'develop'
Purge a local user upon deletion, fixes #2062
Closes #2062
See merge request pleroma/pleroma!2898
Diffstat:
4 files changed, 158 insertions(+), 6 deletions(-)
diff --git a/lib/pleroma/user.ex b/lib/pleroma/user.ex
@@ -1583,6 +1583,49 @@ defmodule Pleroma.User do
|> update_and_set_cache()
end
+ @spec purge_user_changeset(User.t()) :: Changeset.t()
+ def purge_user_changeset(user) do
+ # "Right to be forgotten"
+ # https://gdpr.eu/right-to-be-forgotten/
+ change(user, %{
+ bio: nil,
+ raw_bio: nil,
+ email: nil,
+ name: nil,
+ password_hash: nil,
+ keys: nil,
+ public_key: nil,
+ avatar: %{},
+ tags: [],
+ last_refreshed_at: nil,
+ last_digest_emailed_at: nil,
+ banner: %{},
+ background: %{},
+ note_count: 0,
+ follower_count: 0,
+ following_count: 0,
+ locked: false,
+ confirmation_pending: false,
+ password_reset_pending: false,
+ approval_pending: false,
+ registration_reason: nil,
+ confirmation_token: nil,
+ domain_blocks: [],
+ deactivated: true,
+ ap_enabled: false,
+ is_moderator: false,
+ is_admin: false,
+ mastofe_settings: nil,
+ mascot: nil,
+ emoji: %{},
+ pleroma_settings_store: %{},
+ fields: [],
+ raw_fields: [],
+ discoverable: false,
+ also_known_as: []
+ })
+ end
+
def delete(users) when is_list(users) do
for user <- users, do: delete(user)
end
@@ -1610,7 +1653,7 @@ defmodule Pleroma.User do
_ ->
user
- |> change(%{deactivated: true, email: nil})
+ |> purge_user_changeset()
|> update_and_set_cache()
end
end
diff --git a/test/user_test.exs b/test/user_test.exs
@@ -1417,7 +1417,6 @@ defmodule Pleroma.UserTest do
test "delete/1 when approval is pending deletes the user" do
user = insert(:user, approval_pending: true)
- {:ok, user: user}
{:ok, job} = User.delete(user)
{:ok, _} = ObanHelpers.perform(job)
@@ -1426,6 +1425,85 @@ defmodule Pleroma.UserTest do
refute User.get_by_id(user.id)
end
+ test "delete/1 purges a user when they wouldn't be fully deleted" do
+ user =
+ insert(:user, %{
+ bio: "eyy lmao",
+ name: "qqqqqqq",
+ password_hash: "pdfk2$1b3n159001",
+ keys: "RSA begin buplic key",
+ public_key: "--PRIVATE KEYE--",
+ avatar: %{"a" => "b"},
+ tags: ["qqqqq"],
+ banner: %{"a" => "b"},
+ background: %{"a" => "b"},
+ note_count: 9,
+ follower_count: 9,
+ following_count: 9001,
+ locked: true,
+ confirmation_pending: true,
+ password_reset_pending: true,
+ approval_pending: true,
+ registration_reason: "ahhhhh",
+ confirmation_token: "qqqq",
+ domain_blocks: ["lain.com"],
+ deactivated: true,
+ ap_enabled: true,
+ is_moderator: true,
+ is_admin: true,
+ mastofe_settings: %{"a" => "b"},
+ mascot: %{"a" => "b"},
+ emoji: %{"a" => "b"},
+ pleroma_settings_store: %{"q" => "x"},
+ fields: [%{"gg" => "qq"}],
+ raw_fields: [%{"gg" => "qq"}],
+ discoverable: true,
+ also_known_as: ["https://lol.olo/users/loll"]
+ })
+
+ {:ok, job} = User.delete(user)
+ {:ok, _} = ObanHelpers.perform(job)
+ user = User.get_by_id(user.id)
+
+ assert %User{
+ bio: nil,
+ raw_bio: nil,
+ email: nil,
+ name: nil,
+ password_hash: nil,
+ keys: nil,
+ public_key: nil,
+ avatar: %{},
+ tags: [],
+ last_refreshed_at: nil,
+ last_digest_emailed_at: nil,
+ banner: %{},
+ background: %{},
+ note_count: 0,
+ follower_count: 0,
+ following_count: 0,
+ locked: false,
+ confirmation_pending: false,
+ password_reset_pending: false,
+ approval_pending: false,
+ registration_reason: nil,
+ confirmation_token: nil,
+ domain_blocks: [],
+ deactivated: true,
+ ap_enabled: false,
+ is_moderator: false,
+ is_admin: false,
+ mastofe_settings: nil,
+ mascot: nil,
+ emoji: %{},
+ pleroma_settings_store: %{},
+ fields: [],
+ raw_fields: [],
+ discoverable: false,
+ also_known_as: []
+ } = user
+ end
+
test "get_public_key_for_ap_id fetches a user that's not in the db" do
assert {:ok, _key} = User.get_public_key_for_ap_id("http://mastodon.example.org/users/admin")
end
diff --git a/test/web/admin_api/controllers/admin_api_controller_test.exs b/test/web/admin_api/controllers/admin_api_controller_test.exs
@@ -155,13 +155,30 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
describe "DELETE /api/pleroma/admin/users" do
test "single user", %{admin: admin, conn: conn} do
- user = insert(:user)
clear_config([:instance, :federating], true)
+ user =
+ insert(:user,
+ avatar: %{"url" => [%{"href" => "https://someurl"}]},
+ banner: %{"url" => [%{"href" => "https://somebanner"}]},
+ bio: "Hello world!",
+ name: "A guy"
+ )
+
+ # Create some activities to check they got deleted later
+ follower = insert(:user)
+ {:ok, _} = CommonAPI.post(user, %{status: "test"})
+ {:ok, _, _, _} = CommonAPI.follow(user, follower)
+ {:ok, _, _, _} = CommonAPI.follow(follower, user)
+ user = Repo.get(User, user.id)
+ assert user.note_count == 1
+ assert user.follower_count == 1
+ assert user.following_count == 1
refute user.deactivated
with_mock Pleroma.Web.Federator,
- publish: fn _ -> nil end do
+ publish: fn _ -> nil end,
+ perform: fn _, _ -> nil end do
conn =
conn
|> put_req_header("accept", "application/json")
@@ -181,6 +198,14 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
user = Repo.get(User, user.id)
assert user.deactivated
+ assert user.avatar == %{}
+ assert user.banner == %{}
+ assert user.note_count == 0
+ assert user.follower_count == 0
+ assert user.following_count == 0
+ assert user.bio == nil
+ assert user.name == nil
+
assert called(Pleroma.Web.Federator.publish(:_))
end
end
diff --git a/test/web/twitter_api/util_controller_test.exs b/test/web/twitter_api/util_controller_test.exs
@@ -586,10 +586,16 @@ defmodule Pleroma.Web.TwitterAPI.UtilControllerTest do
end
end
- test "with proper permissions and valid password", %{conn: conn} do
+ test "with proper permissions and valid password", %{conn: conn, user: user} do
conn = post(conn, "/api/pleroma/delete_account", %{"password" => "test"})
-
+ ObanHelpers.perform_all()
assert json_response(conn, 200) == %{"status" => "success"}
+
+ user = User.get_by_id(user.id)
+ assert user.deactivated == true
+ assert user.name == nil
+ assert user.bio == nil
+ assert user.password_hash == nil
end
end
end
