card-mod-account 0.18.1 → 0.19.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 2ba05840b147403c0678e4db3ac24db0189bedcd608b796acabe14508fe1ec21
-  data.tar.gz: 55985598054e74c33849c9fe582b7d129de544b35ea1dffa8ee0a945c4cb981f
+  metadata.gz: 8bcb1a70e1148c5804275bd6ca69cc55f6d735ee7f663a4bb82eb2f7799000a3
+  data.tar.gz: 8d3371719d814a89d3234f937a8a8e11f5d0d887a2a876701c6e27d497feb117
 SHA512:
-  metadata.gz: 4e43112b506e88693cfc28b9a27f9895262c23cd3db7665704717636db17d572059c15f8fd46a26512efb23a193e704ba15d69e37ff75c3254ca8b8f4bd1796e
-  data.tar.gz: ad7d881bd0ab9f5b2695f14cd86ae3171b2b8551353d0258c2a8db6416651985f14c2601e303886f9098de3e7732eac0ed6f587231c1da4b36ce00fd45dafdbc
+  metadata.gz: 1685a1ef741b5a9290d566a2a4496191fb8b40b8d6440edc3f73a00492d932fc8d91a65278e804c1f1811d73aea7ef2361bd10d61a248833ff09bd12db6b697a
+  data.tar.gz: 05deb7957302555ce940024c4959da85eabc6aac4573e76ba2548e2c9cbe92826e1326adec5ced3f3252bcd2aa6f23225dede9a8b25289c7bbc7b7c5b99465b5

data/config/locales/en.yml

@@ -32,5 +32,9 @@ en:
   account_sign_in_title: Sign In
   account_sign_out: Sign out
   account_sign_up: Sign up
+  account_close_account: Permanently Close Account
+  account_confirm_delete_account:
+    Are you CERTAIN you want to PERMANENTLY delete the account associated 
+    with %{accounted}?
   account_sorry_email_reset:
     Sorry, %{error_msg}. Please check your email for a new password reset link.

data/data/real.yml

@@ -199,7 +199,7 @@
   :content: _left
 
 - :name:
-    - :wagn_bot
+    - :decko_bot
     - :account
   :fields:
     :email: no-reply@decko.org

data/data/transform/20220815112551_move_roles.rb

@@ -42,6 +42,7 @@ class MoveRoles < Cardio::Migration::Transform
                                 .exec_query(query)
                                 .rows&.first&.first
     return unless content.present?
+
     content.split "\n"
   end
 end

data/data/transform/20240510141851_member_ids.rb

@@ -2,6 +2,6 @@
 
 class MemberIds < Cardio::Migration::Transform
   def up
-    Card.search(right: :members).each &:save!
+    Card.search(right: :members).each(&:save!)
   end
 end

data/set/abstract/account_holder.rb

@@ -72,8 +72,22 @@ def account_manager?
   own_account? || parties.member?(HelpDeskID)
 end
 
+def close_account
+  anonymize!
+  closure_deletions.each(&:delete)
+  self
+end
+
 private
 
+def anonymize!
+  self.name = "ANON-#{SecureRandom.hex(6)}"
+end
+
+def closure_deletions
+  Card::Auth.as_bot { Card.search left: id, not: { right: :account } }
+end
+
 def enabled_role_ids
   with_enabled_roles do |enabled|
     enabled.virtual? ? enabled.item_ids : fetch_roles
@@ -99,7 +113,7 @@ def fetch_roles
 end
 
 def fetch_read_rules
-  return [] if id == WagnBotID # always_ok, so not needed
+  return [] if id == DeckoBotID # always_ok, so not needed
 
   ([AnyoneID] + parties).each_with_object([]) do |party_id, rule_ids|
     next unless (cache = Card::Rule.read_rule_cache[party_id])
@@ -109,6 +123,8 @@ def fetch_read_rules
 end
 
 format :html do
+  view :closed_account, template: :haml
+
   def default_board_tab
     card.current_account? ? :account_tab : super
   end
@@ -141,7 +157,9 @@ format :html do
       ["API", :account,
        { path: { view: :api_key,
                  items: { view: :content },
-                 slot: { hide: %i[help_link board_link] } } }]
+                 slot: { hide: %i[help_link board_link] } } }],
+      ["Close Account", :account,
+       { path: { view: :closure } }]
     ]
   end
 

data/set/abstract/closed_account.haml

@@ -0,0 +1,5 @@
+%h2 Account Closed
+
+%p
+  The sign-in account once associated with this card has been removed, the card
+  has been anonymized, and its data fields have been deleted.

data/set/all/account.rb

@@ -1,3 +1,4 @@
+# for extending the Card class
 module ClassMethods
   def default_accounted_type_id
     UserID

data/set/right/account/closure.haml

@@ -0,0 +1,39 @@
+
+#account-closure.p-3
+  %h2
+    Close Account
+
+  .alert-danger.p-4.my-3
+    %strong Warning:
+    this action cannot be undone
+
+  %p
+    Closing your account entails:
+    %ul
+      %li Deleting your account information and personal data
+      %li Anonymizing your edits
+
+    It does
+    %em not
+    entail deleting your collaborative contributions; that would be messy and unfair to
+    collaborators.
+
+  .closure-deletions
+    The following cards will be permanently deleted:
+
+    %ul.py-2
+      - card.accounted.closure_deletions.each do |deletee|
+        %li
+          = link_to_card deletee
+
+  .button-form-group.py-3.justify-content-end
+    - accounted = card.accounted
+    - confirmation = t :account_confirm_delete_account, accounted: accounted.name
+    %a.btn.btn-primary.slotter{ href: path(success: { mark: "~#{accounted.id}",
+                                                      redirect: true,
+                                                      view: :closed_account }),
+                                "data-method": :delete,
+                                "data-remote": true,
+                                "rel": "nofollow",
+                                "data-confirm": confirmation }
+      = t :account_close_account

data/set/right/account/events.rb

@@ -5,7 +5,7 @@ event :set_default_salt, :prepare_to_validate, on: :create do
 end
 
 event :set_default_status, :prepare_to_validate, on: :create do
-  field :status, content: (accounted&.try(:default_account_status) || "active")
+  field :status, content: accounted&.try(:default_account_status) || "active"
 end
 
 # ON UPDATE
@@ -30,13 +30,30 @@ end
 # INTEGRATION
 
 %i[password_reset_email verification_email welcome_email].each do |email|
-  event "send_#{email}".to_sym, :integrate, trigger: :required do
+  event :"send_#{email}", :integrate, trigger: :required do
     send_account_email email
   end
 end
 
+# NOTE: this only works in the context of an action.
+# if run independently, it will not activate an account
+event :activate_account do
+  field :status, content: "active"
+  trigger_event! :send_welcome_email
+end
+
+event :delete_account, :prepare_to_validate, on: :delete do
+  subcard accounted.close_account
+end
+
+event :signout_upon_delete, :integrate, on: :delete, when: :current_account? do
+  Self::Signin.signout
+end
+
 ## EVENT HELPERS
 
+private
+
 def activatable
   abort :failure, "no field manipulation mid-activation" if subcards.present?
   # above is necessary because activation uses super user (Decko Bot),
@@ -44,13 +61,6 @@ def activatable
   yield
 end
 
-# NOTE: this only works in the context of an action.
-# if run independently, it will not activate an account
-event :activate_account do
-  field :status, content: "active"
-  trigger_event! :send_welcome_email
-end
-
 def verifying_token success, failure
   requiring_token do |token|
     result = Auth::Token.decode token
@@ -63,10 +73,10 @@ def verifying_token success, failure
 end
 
 def requiring_token
-  if !(token = Env.params[:token])
-    errors.add :token, "is required"
-  else
+  if (token = Env.params[:token])
     yield token
+  else
+    errors.add :token, "is required"
   end
 end
 

data/set/right/account/views.rb

@@ -1,13 +1,9 @@
 format do
-  view :verify_url, cache: :never, denial: :blank do
-    raise Error::PermissionDenied unless card.ok?(:create) || card.action
-
+  view :verify_url, cache: :never, denial: :blank, perms: :verify_url_ok? do
     token_url :verify_and_activate, anonymous: true
   end
 
-  view :reset_password_url, denial: :blank do
-    raise Error::PermissionDenied unless card.password_card.ok? :update
-
+  view :reset_password_url, denial: :blank, perms: :reset_password_ok? do
     token_url :reset_password
   end
 
@@ -23,6 +19,18 @@ format do
   view :verify_days, :token_days
   view :reset_password_days, :token_days
 
+  view :closure, perms: :delete, template: :haml, wrap: :slot
+
+  private
+
+  def verify_url_ok?
+    card.ok?(:create) || card.action
+  end
+
+  def reset_password_ok?
+    card.password_card.ok? :update
+  end
+
   def token_url trigger, extra_payload={}
     card_url path(action: :update,
                   card: { trigger: trigger },
@@ -50,8 +58,8 @@ format :html do
   end
 
   before :content_formgroups do
-    voo.edit_structure = [[:email, title: "email"],
-                          [:password, title: "password"]]
+    voo.edit_structure = [[:email, { title: "email" }],
+                          [:password, { title: "password" }]]
   end
 
   view :token_expiry do
@@ -61,6 +69,6 @@ end
 
 format :email_html do
   def mail context, fields
-    super context, fields.reverse_merge(to: card.email)
+    super(context, fields.reverse_merge(to: card.email))
   end
 end

data/set/right/account.rb

@@ -7,10 +7,16 @@ card_accessor :status
 
 require_field :email
 
+STATUS_OPTIONS = %w[unapproved unverified active blocked].freeze
+
 def own_account?
   accounted&.try :own_account?
 end
 
+def current_account?
+  accounted&.try :current_account?
+end
+
 def accounted
   left
 end
@@ -28,13 +34,6 @@ def ok_to_update?
   (own_account? && !name_changed? && !type_id_changed?) || super
 end
 
-def changes_visible? act
-  act.actions_affecting(act.card).each do |action|
-    return true if action.card.ok? :read
-  end
-  false
-end
-
 def send_account_email email_template
   ecard = Card[email_template]
   unless ecard&.type_id == EmailTemplateID
@@ -44,12 +43,8 @@ def send_account_email email_template
   ecard.deliver self, to: email
 end
 
-def method_missing method, *args
-  return super unless args.empty? && (matches = method.match(/^(?<status>.*)\?$/))
-
-  status == matches[:status]
-end
-
-def respond_to_missing? method, _include_private=false
-  method.match?(/\?$/) ? true : super
+STATUS_OPTIONS.each do |stat|
+  define_method "#{stat}?" do
+    status == stat
+  end
 end

data/set/right/email.rb

@@ -33,7 +33,7 @@ event :downcase_email, :prepare_to_validate, on: :save do
 end
 
 def email_required?
-  !left&.left&.codename == :wagn_bot
+  !left&.left&.codename == :decko_bot
 end
 
 def ok_to_read?

data/set/right/password.rb

@@ -5,7 +5,7 @@ assign_type :phrase
 PASSWORD_REGEX = {
   lower: /[a-z]/,
   upper: /[A-Z]/,
-  special_char: /[!"#$%&'()*+,-.\/:;<=>?@\[\]\\^_`{|}~]/,
+  special_char: %r{[!"#$%&'()*+,-./:;<=>?@\[\]\\^_`{|}~]},
   number: /\d+/,
   letter: /[a-zA-Z]/
 }.freeze

data/set/right/status.rb

@@ -10,7 +10,7 @@ format :html do
 end
 
 def option_names
-  %w[unapproved unverified active blocked] # system
+  Card::Set::Right::Account::STATUS_OPTIONS
 end
 
 def ok_to_update?

data/set/self/role.rb

@@ -8,6 +8,7 @@ class << self
   def role_ids user_id
     role_hash.each_with_object([]) do |(role_id, member_ids), all_role_ids|
       next unless member_ids.include? user_id
+
       all_role_ids << role_id
     end
   end

data/set/self/signin.rb

@@ -17,8 +17,8 @@ event :signin_success, after: :signin do
 end
 
 event :signout, :validate, on: :delete do
-  Env.reset_session
   Auth.signin AnonymousID
+  Env.reset_session
   abort :success
 end
 
@@ -168,7 +168,10 @@ format :html do
   end
 
   def signin_success
-    { redirect: true, mark: (Env.interrupted_action || "*previous") }
+    (Env.hash(params[:success]) || {}).symbolize_keys.reverse_merge(
+      redirect: true,
+      mark: Env.interrupted_action || "*previous"
+    )
   end
 
   def signin_button

data/set/type/signup.rb

@@ -4,6 +4,7 @@ basket[:non_createable_types] << :signup
 
 require_field :account
 
+# TODO: either justify separating these two statuses or merge them
 def default_account_status
   can_approve? ? "unverified" : "unapproved"
 end

metadata

@@ -1,16 +1,15 @@
 --- !ruby/object:Gem::Specification
 name: card-mod-account
 version: !ruby/object:Gem::Version
-  version: 0.18.1
+  version: 0.19.1
 platform: ruby
 authors:
 - Ethan McCutchen
 - Philipp Kühl
 - Gerry Gleason
-autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-11-22 00:00:00.000000000 Z
+date: 1980-01-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: card
@@ -18,84 +17,84 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 1.108.1
+        version: 1.109.1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 1.108.1
+        version: 1.109.1
 - !ruby/object:Gem::Dependency
   name: card-mod-email
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.18.1
+        version: 0.19.1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.18.1
+        version: 0.19.1
 - !ruby/object:Gem::Dependency
   name: card-mod-permissions
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.18.1
+        version: 0.19.1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.18.1
+        version: 0.19.1
 - !ruby/object:Gem::Dependency
   name: card-mod-list
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.18.1
+        version: 0.19.1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.18.1
+        version: 0.19.1
 - !ruby/object:Gem::Dependency
   name: card-mod-integrate
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.18.1
+        version: 0.19.1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.18.1
+        version: 0.19.1
 - !ruby/object:Gem::Dependency
   name: card-mod-edit
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.18.1
+        version: 0.19.1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.18.1
+        version: 0.19.1
 description: ''
 email:
 - info@decko.org
@@ -110,17 +109,18 @@ files:
 - config/admin.yml
 - config/locales/de.yml
 - config/locales/en.yml
-- data/files/mod_account_script_asset_output/file.js
 - data/real.yml
 - data/transform/20220815112551_move_roles.rb
 - data/transform/20240510141851_member_ids.rb
 - lib/card/mod/account.rb
 - set/abstract/account_field.rb
 - set/abstract/account_holder.rb
+- set/abstract/closed_account.haml
 - set/all/account.rb
 - set/all/password_input.haml
 - set/all/password_input.rb
 - set/right/account.rb
+- set/right/account/closure.haml
 - set/right/account/events.rb
 - set/right/account/views.rb
 - set/right/email.rb
@@ -129,10 +129,10 @@ files:
 - set/right/salt.rb
 - set/right/status.rb
 - set/self/anonymous.rb
+- set/self/decko_bot.rb
 - set/self/role.rb
 - set/self/signin.rb
 - set/self/signin/core.haml
-- set/self/wagn_bot.rb
 - set/type/role.rb
 - set/type/signup.rb
 - set/type/signup/core.haml
@@ -153,7 +153,6 @@ metadata:
   documentation_url: http://docs.decko.org/
   card-mod: account
   card-mod-group: gem-defaults
-post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -161,15 +160,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '3.0'
+      version: '3.2'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.5.10
-signing_key:
+rubygems_version: 3.6.8
 specification_version: 4
 summary: Email-based account handling for decko cards
 test_files: []

data/data/files/mod_account_script_asset_output/file.js

@@ -1,2 +0,0 @@
-// toggle_visibility.js.coffee
-(function(){$(function(){return $("body").on("click","._toggle-pw-visibility",function(){var i,t;return i=$("._pw-input"),t=$("._pw-text-area"),"password"===i.prop("type")?(i.prop("type","text"),t.find("i").text("visibility")):(i.prop("type","password"),t.find("i").text("visibility_off"))})})}).call(this);