From: Syldexia <syldexia@ofthewi.red>
Date: Sun, 13 May 2018 13:24:15 +0000 (+0100)
Subject: Moved account deletion stuff to somewhere that hopefully makes more sense
X-Git-Url: https://git.squeep.com/?a=commitdiff_plain;h=5bfb7b4ce6c23f84c27643e9871b78b867f86b7e;p=akkoma

Moved account deletion stuff to somewhere that hopefully makes more sense
---

diff --git a/lib/pleroma/web/common_api/utils.ex b/lib/pleroma/web/common_api/utils.ex
index 5c2123f2d..d9f80ee0f 100644
--- a/lib/pleroma/web/common_api/utils.ex
+++ b/lib/pleroma/web/common_api/utils.ex
@@ -188,17 +188,11 @@ defmodule Pleroma.Web.CommonAPI.Utils do
   end
 
   def confirm_current_password(user, params) do
-    case user do
-      nil ->
-        {:error, "Invalid credentials."}
-
-      _ ->
-        with %User{local: true} = db_user <- Repo.get(User, user.id),
-             true <- Pbkdf2.checkpw(params["password"], db_user.password_hash) do
-          {:ok, db_user}
-        else
-          _ -> {:error, "Invalid password."}
-        end
+    with %User{local: true} = db_user <- Repo.get(User, user.id),
+          true <- Pbkdf2.checkpw(params["password"], db_user.password_hash) do
+      {:ok, db_user}
+    else
+      _ -> {:error, "Invalid password."}
     end
   end
 end
diff --git a/lib/pleroma/web/router.ex b/lib/pleroma/web/router.ex
index 829d9fc7b..2b5209b75 100644
--- a/lib/pleroma/web/router.ex
+++ b/lib/pleroma/web/router.ex
@@ -73,6 +73,7 @@ defmodule Pleroma.Web.Router do
   scope "/api/pleroma", Pleroma.Web.TwitterAPI do
     pipe_through(:authenticated_api)
     post("/follow_import", UtilController, :follow_import)
+    post("/delete_account", UtilController, :delete_account)
   end
 
   scope "/oauth", Pleroma.Web.OAuth do
@@ -211,8 +212,6 @@ defmodule Pleroma.Web.Router do
     post("/account/update_profile_banner", TwitterAPI.Controller, :update_banner)
     post("/qvitter/update_background_image", TwitterAPI.Controller, :update_background)
 
-    post("/account/delete_account", TwitterAPI.Controller, :delete_account)
-
     post(
       "/account/most_recent_notification",
       TwitterAPI.Controller,
diff --git a/lib/pleroma/web/twitter_api/controllers/util_controller.ex b/lib/pleroma/web/twitter_api/controllers/util_controller.ex
index ea540b34c..3f3ddb9e4 100644
--- a/lib/pleroma/web/twitter_api/controllers/util_controller.ex
+++ b/lib/pleroma/web/twitter_api/controllers/util_controller.ex
@@ -4,6 +4,7 @@ defmodule Pleroma.Web.TwitterAPI.UtilController do
   alias Pleroma.Web
   alias Pleroma.Web.OStatus
   alias Pleroma.Web.WebFinger
+  alias Pleroma.Web.CommonAPI
   alias Comeonin.Pbkdf2
   alias Pleroma.Formatter
   alias Pleroma.Web.ActivityPub.ActivityPub
@@ -195,4 +196,17 @@ defmodule Pleroma.Web.TwitterAPI.UtilController do
 
     json(conn, "job started")
   end
+
+  def delete_account(%{assigns: %{user: user}} = conn, params) do
+    case CommonAPI.Utils.confirm_current_password(user, params) do
+      {:ok, user} ->
+        case User.delete(user) do
+          :ok -> json(conn, %{status: "success"})
+          :error -> json(conn, %{error: "Unable to delete user."})
+        end
+
+      {:error, msg} ->
+        json(conn, %{error: msg})
+    end
+  end
 end
diff --git a/lib/pleroma/web/twitter_api/twitter_api_controller.ex b/lib/pleroma/web/twitter_api/twitter_api_controller.ex
index a51cfa036..a99487738 100644
--- a/lib/pleroma/web/twitter_api/twitter_api_controller.ex
+++ b/lib/pleroma/web/twitter_api/twitter_api_controller.ex
@@ -364,19 +364,6 @@ defmodule Pleroma.Web.TwitterAPI.Controller do
     end
   end
 
-  def delete_account(%{assigns: %{user: user}} = conn, params) do
-    case CommonAPI.Utils.confirm_current_password(user, params) do
-      {:ok, user} ->
-        case User.delete(user) do
-          :ok -> json(conn, %{status: "success"})
-          :error -> error_json(conn, "Unable to delete user.")
-        end
-
-      {:error, msg} ->
-        forbidden_json_reply(conn, msg)
-    end
-  end
-
   def search(%{assigns: %{user: user}} = conn, %{"q" => _query} = params) do
     activities = TwitterAPI.search(user, params)
 
diff --git a/test/web/twitter_api/twitter_api_controller_test.exs b/test/web/twitter_api/twitter_api_controller_test.exs
index a9350d189..170dda145 100644
--- a/test/web/twitter_api/twitter_api_controller_test.exs
+++ b/test/web/twitter_api/twitter_api_controller_test.exs
@@ -801,11 +801,11 @@ defmodule Pleroma.Web.TwitterAPI.ControllerTest do
     assert user.bio == "Hello,<br>World! I<br> am a test."
   end
 
-  describe "POST /api/account/delete_account" do
+  describe "POST /api/pleroma/delete_account" do
     setup [:valid_user]
 
     test "without credentials", %{conn: conn} do
-      conn = post(conn, "/api/account/delete_account")
+      conn = post(conn, "/api/pleroma/delete_account")
       assert json_response(conn, 403) == %{"error" => "Invalid credentials."}
     end
 
@@ -813,23 +813,16 @@ defmodule Pleroma.Web.TwitterAPI.ControllerTest do
       conn =
         conn
         |> with_credentials(current_user.nickname, "test")
-        |> post("/api/account/delete_account", %{
-          "password" => ""
-        })
+        |> post("/api/pleroma/delete_account", %{"password" => "hi"})
 
-      assert json_response(conn, 403) == %{
-               "error" => "Invalid password.",
-               "request" => "/api/account/delete_account"
-             }
+      assert json_response(conn, 200) == %{"error" => "Invalid password."}
     end
 
     test "with credentials and valid password", %{conn: conn, user: current_user} do
       conn =
         conn
         |> with_credentials(current_user.nickname, "test")
-        |> post("/api/account/delete_account", %{
-          "password" => "test"
-        })
+        |> post("/api/pleroma/delete_account", %{"password" => "test"})
 
       assert json_response(conn, 200) == %{"status" => "success"}
       fetched_user = Repo.get(User, current_user.id)