You can change your name, your email address and enable ``Two factor authentication``.
+If the wallabag instance has more than one enabled user, you can delete your account here. **Take care, we delete all your data**.
+
Two factor authentication
~~~~~~~~~~~~~~~~~~~~~~~~~
Vous pouvez ici modifier votre nom, votre adresse email et activer la ``Double authentification``.
+Si l'instance de wallabag compte plus d'un utilisateur actif, vous pouvez supprimer ici votre compte. **Attention, nous supprimons toutes vos données**.
+
Double authentification (2FA)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
// testing if database driver exists
$fulfilled = true;
- $label = '<comment>PDO Driver</comment>';
+ $label = '<comment>PDO Driver (%s)</comment>';
$status = '<info>OK!</info>';
$help = '';
$help = 'Database driver "'.$this->getContainer()->getParameter('database_driver').'" is not installed.';
}
- $rows[] = [$label, $status, $help];
+ $rows[] = [sprintf($label, $this->getContainer()->getParameter('database_driver')), $status, $help];
// testing if connection to the database can be etablished
$label = '<comment>Database connection</comment>';
use Symfony\Component\HttpFoundation\JsonResponse;
use Symfony\Component\HttpFoundation\RedirectResponse;
use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
use Wallabag\CoreBundle\Entity\Config;
use Wallabag\CoreBundle\Entity\TaggingRule;
use Wallabag\CoreBundle\Form\Type\ConfigType;
'token' => $config->getRssToken(),
],
'twofactor_auth' => $this->getParameter('twofactor_auth'),
+ 'enabled_users' => $this->getDoctrine()
+ ->getRepository('WallabagUserBundle:User')
+ ->getSumEnabledUsers(),
]);
}
return $config;
}
+
+ /**
+ * Delete account for current user.
+ *
+ * @Route("/account/delete", name="delete_account")
+ *
+ * @param Request $request
+ *
+ * @throws AccessDeniedHttpException
+ *
+ * @return \Symfony\Component\HttpFoundation\RedirectResponse
+ */
+ public function deleteAccountAction(Request $request)
+ {
+ $enabledUsers = $this->getDoctrine()
+ ->getRepository('WallabagUserBundle:User')
+ ->getSumEnabledUsers();
+
+ if ($enabledUsers <= 1) {
+ throw new AccessDeniedHttpException();
+ }
+
+ $user = $this->getUser();
+
+ // logout current user
+ $this->get('security.token_storage')->setToken(null);
+ $request->getSession()->invalidate();
+
+ $em = $this->get('fos_user.user_manager');
+ $em->deleteUser($user);
+
+ return $this->redirect($this->generateUrl('fos_user_security_login'));
+ }
}
name_label: 'Navn'
email_label: 'Emailadresse'
# twoFactorAuthentication_label: 'Two factor authentication'
+ delete:
+ # title: Delete my account (danger zone !)
+ # description: If you remove your account, ALL your articles, ALL your tags, ALL your annotations and your account will be PERMANENTLY removed (it can't be UNDONE). You'll then be logged out.
+ # confirm: Are you really sure? (it can't be UNDONE)
+ # button: Delete my account
form_password:
old_password_label: 'Gammel adgangskode'
new_password_label: 'Ny adgangskode'
name_label: 'Name'
email_label: 'E-Mail-Adresse'
twoFactorAuthentication_label: 'Zwei-Faktor-Authentifizierung'
+ delete:
+ # title: Delete my account (danger zone !)
+ # description: If you remove your account, ALL your articles, ALL your tags, ALL your annotations and your account will be PERMANENTLY removed (it can't be UNDONE). You'll then be logged out.
+ # confirm: Are you really sure? (it can't be UNDONE)
+ # button: Delete my account
form_password:
old_password_label: 'Altes Kennwort'
new_password_label: 'Neues Kennwort'
name_label: 'Name'
email_label: 'Email'
twoFactorAuthentication_label: 'Two factor authentication'
+ delete:
+ title: Delete my account (danger zone !)
+ description: If you remove your account, ALL your articles, ALL your tags, ALL your annotations and your account will be PERMANENTLY removed (it can't be UNDONE). You'll then be logged out.
+ confirm: Are you really sure? (it can't be UNDONE)
+ button: Delete my account
form_password:
old_password_label: 'Current password'
new_password_label: 'New password'
name_label: 'Nombre'
email_label: 'Direccion e-mail'
twoFactorAuthentication_label: 'Autentificación de dos factores'
+ delete:
+ # title: Delete my account (danger zone !)
+ # description: If you remove your account, ALL your articles, ALL your tags, ALL your annotations and your account will be PERMANENTLY removed (it can't be UNDONE). You'll then be logged out.
+ # confirm: Are you really sure? (it can't be UNDONE)
+ # button: Delete my account
form_password:
old_password_label: 'Contraseña actual'
new_password_label: 'Nueva contraseña'
name_label: 'نام'
email_label: 'نشانی ایمیل'
twoFactorAuthentication_label: 'تأیید ۲مرحلهای'
+ delete:
+ # title: Delete my account (danger zone !)
+ # description: If you remove your account, ALL your articles, ALL your tags, ALL your annotations and your account will be PERMANENTLY removed (it can't be UNDONE). You'll then be logged out.
+ # confirm: Are you really sure? (it can't be UNDONE)
+ # button: Delete my account
form_password:
old_password_label: 'رمز قدیمی'
new_password_label: 'رمز تازه'
name_label: 'Nom'
email_label: 'Adresse e-mail'
twoFactorAuthentication_label: 'Double authentification'
+ delete:
+ title: Supprimer mon compte (attention danger !)
+ description: Si vous confirmez la suppression de votre compte, TOUS les articles, TOUS les tags, TOUTES les annotations et votre compte seront DÉFINITIVEMENT supprimé (c'est IRRÉVERSIBLE). Vous serez ensuite déconnecté.
+ confirm: Vous êtes vraiment sûr ? (c'est IRRÉVERSIBLE !)
+ button: 'Supprimer mon compte'
form_password:
old_password_label: 'Mot de passe actuel'
new_password_label: 'Nouveau mot de passe'
name_label: 'Nome'
email_label: 'E-mail'
twoFactorAuthentication_label: 'Two factor authentication'
+ delete:
+ # title: Delete my account (danger zone !)
+ # description: If you remove your account, ALL your articles, ALL your tags, ALL your annotations and your account will be PERMANENTLY removed (it can't be UNDONE). You'll then be logged out.
+ # confirm: Are you really sure? (it can't be UNDONE)
+ # button: Delete my account
form_password:
old_password_label: 'Password corrente'
new_password_label: 'Nuova password'
name_label: 'Nom'
email_label: 'Adreça de corrièl'
twoFactorAuthentication_label: 'Dobla autentificacion'
+ delete:
+ # title: Delete my account (danger zone !)
+ # description: If you remove your account, ALL your articles, ALL your tags, ALL your annotations and your account will be PERMANENTLY removed (it can't be UNDONE). You'll then be logged out.
+ # confirm: Are you really sure? (it can't be UNDONE)
+ # button: Delete my account
form_password:
old_password_label: 'Senhal actual'
new_password_label: 'Senhal novèl'
name_label: 'Nazwa'
email_label: 'Adres email'
twoFactorAuthentication_label: 'Autoryzacja dwuetapowa'
+ delete:
+ # title: Delete my account (danger zone !)
+ # description: If you remove your account, ALL your articles, ALL your tags, ALL your annotations and your account will be PERMANENTLY removed (it can't be UNDONE). You'll then be logged out.
+ # confirm: Are you really sure? (it can't be UNDONE)
+ # button: Delete my account
form_password:
old_password_label: 'Stare hasło'
new_password_label: 'Nowe hasło'
name_label: 'Nume'
email_label: 'E-mail'
# twoFactorAuthentication_label: 'Two factor authentication'
+ delete:
+ # title: Delete my account (danger zone !)
+ # description: If you remove your account, ALL your articles, ALL your tags, ALL your annotations and your account will be PERMANENTLY removed (it can't be UNDONE). You'll then be logged out.
+ # confirm: Are you really sure? (it can't be UNDONE)
+ # button: Delete my account
form_password:
old_password_label: 'Parola veche'
new_password_label: 'Parola nouă'
name_label: 'İsim'
email_label: 'E-posta'
twoFactorAuthentication_label: 'İki adımlı doğrulama'
+ delete:
+ # title: Delete my account (danger zone !)
+ # description: If you remove your account, ALL your articles, ALL your tags, ALL your annotations and your account will be PERMANENTLY removed (it can't be UNDONE). You'll then be logged out.
+ # confirm: Are you really sure? (it can't be UNDONE)
+ # button: Delete my account
form_password:
old_password_label: 'Eski şifre'
new_password_label: 'Yeni şifre'
{{ form_widget(form.user.save) }}
</form>
+ {% if enabled_users > 1 %}
+ <h2>{{ 'config.form_user.delete.title'|trans }}</h2>
+
+ <p>{{ 'config.form_user.delete.description'|trans }}</p>
+ <a href="{{ path('delete_account') }}" onclick="return confirm('{{ 'config.form_user.delete.confirm'|trans|escape('js') }}')" class="waves-effect waves-light btn red delete-account">
+ {{ 'config.form_user.delete.button'|trans }}
+ </a>
+ {% endif %}
+
<h2>{{ 'config.tab_menu.password'|trans }}</h2>
{{ form_start(form.pwd) }}
{{ form_widget(form.user.save, {'attr': {'class': 'btn waves-effect waves-light'}}) }}
{{ form_widget(form.user._token) }}
</form>
+
+ {% if enabled_users > 1 %}
+ <br /><hr /><br />
+
+ <div class="row">
+ <h5>{{ 'config.form_user.delete.title'|trans }}</h5>
+ <p>{{ 'config.form_user.delete.description'|trans }}</p>
+ <a href="{{ path('delete_account') }}" onclick="return confirm('{{ 'config.form_user.delete.confirm'|trans|escape('js') }}')" class="waves-effect waves-light btn red delete-account">
+ {{ 'config.form_user.delete.button'|trans }}
+ </a>
+ </div>
+ {% endif %}
</div>
<div id="set4" class="col s12">
->getQuery()
->getSingleResult();
}
+
+ /**
+ * Count how many users are enabled.
+ *
+ * @return int
+ */
+ public function getSumEnabledUsers()
+ {
+ return $this->createQueryBuilder('u')
+ ->select('count(u)')
+ ->andWhere('u.expired = false')
+ ->getQuery()
+ ->getSingleScalarResult();
+ }
}
namespace Tests\Wallabag\CoreBundle\Controller;
use Tests\Wallabag\CoreBundle\WallabagCoreTestCase;
+use Wallabag\CoreBundle\Entity\Config;
+use Wallabag\UserBundle\Entity\User;
class ConfigControllerTest extends WallabagCoreTestCase
{
$config->set('demo_mode_enabled', 0);
$config->set('demo_mode_username', 'wallabag');
}
+
+ public function testDeleteUserButtonVisibility()
+ {
+ $this->logInAs('admin');
+ $client = $this->getClient();
+
+ $crawler = $client->request('GET', '/config');
+
+ $this->assertGreaterThan(1, $body = $crawler->filter('body')->extract(['_text']));
+ $this->assertContains('config.form_user.delete.button', $body[0]);
+
+ $em = $client->getContainer()->get('doctrine.orm.entity_manager');
+
+ $user = $em
+ ->getRepository('WallabagUserBundle:User')
+ ->findOneByUsername('empty');
+ $user->setExpired(1);
+ $em->persist($user);
+
+ $user = $em
+ ->getRepository('WallabagUserBundle:User')
+ ->findOneByUsername('bob');
+ $user->setExpired(1);
+ $em->persist($user);
+
+ $em->flush();
+
+ $crawler = $client->request('GET', '/config');
+
+ $this->assertGreaterThan(1, $body = $crawler->filter('body')->extract(['_text']));
+ $this->assertNotContains('config.form_user.delete.button', $body[0]);
+
+ $client->request('GET', '/account/delete');
+ $this->assertEquals(403, $client->getResponse()->getStatusCode());
+
+ $user = $em
+ ->getRepository('WallabagUserBundle:User')
+ ->findOneByUsername('empty');
+ $user->setExpired(0);
+ $em->persist($user);
+
+ $user = $em
+ ->getRepository('WallabagUserBundle:User')
+ ->findOneByUsername('bob');
+ $user->setExpired(0);
+ $em->persist($user);
+
+ $em->flush();
+ }
+
+ public function testDeleteAccount()
+ {
+ $client = $this->getClient();
+ $em = $client->getContainer()->get('doctrine.orm.entity_manager');
+
+ $user = new User();
+ $user->setName('Wallace');
+ $user->setEmail('wallace@wallabag.org');
+ $user->setUsername('wallace');
+ $user->setPlainPassword('wallace');
+ $user->setEnabled(true);
+ $user->addRole('ROLE_SUPER_ADMIN');
+
+ $em->persist($user);
+
+ $config = new Config($user);
+
+ $config->setTheme('material');
+ $config->setItemsPerPage(30);
+ $config->setReadingSpeed(1);
+ $config->setLanguage('en');
+ $config->setPocketConsumerKey('xxxxx');
+
+ $em->persist($config);
+ $em->flush();
+
+ $this->logInAs('wallace');
+ $loggedInUserId = $this->getLoggedInUserId();
+
+ // create entry to check after user deletion
+ // that this entry is also deleted
+ $crawler = $client->request('GET', '/new');
+
+ $this->assertEquals(200, $client->getResponse()->getStatusCode());
+
+ $form = $crawler->filter('form[name=entry]')->form();
+ $data = [
+ 'entry[url]' => $url = 'https://github.com/wallabag/wallabag',
+ ];
+
+ $client->submit($form, $data);
+ $this->assertEquals(302, $client->getResponse()->getStatusCode());
+
+ $crawler = $client->request('GET', '/config');
+
+ $deleteLink = $crawler->filter('.delete-account')->last()->link();
+
+ $client->click($deleteLink);
+ $this->assertEquals(302, $client->getResponse()->getStatusCode());
+
+ $em = $client->getContainer()->get('doctrine.orm.entity_manager');
+ $user = $em
+ ->getRepository('WallabagUserBundle:User')
+ ->createQueryBuilder('u')
+ ->where('u.username = :username')->setParameter('username', 'wallace')
+ ->getQuery()
+ ->getOneOrNullResult()
+ ;
+
+ $this->assertNull($user);
+
+ $entries = $client->getContainer()
+ ->get('doctrine.orm.entity_manager')
+ ->getRepository('WallabagCoreBundle:Entry')
+ ->findByUser($loggedInUserId);
+
+ $this->assertEmpty($entries);
+ }
}