diff --git a/public_html/dispatch.php b/public_html/dispatch.php
index a523c004..65d46d08 100644
--- a/public_html/dispatch.php
+++ b/public_html/dispatch.php
@@ -147,6 +147,8 @@ $userValidations =
\Chibi\Router::register(['UserController', 'banAction'], 'POST', '/user/{name}/ban', $userValidations);
\Chibi\Router::register(['UserController', 'unbanAction'], 'POST', '/user/{name}/unban', $userValidations);
\Chibi\Router::register(['UserController', 'acceptRegistrationAction'], 'POST', '/user/{name}/accept-registration', $userValidations);
+\Chibi\Router::register(['UserController', 'deleteView'], 'GET', '/user/{name}/delete', $userValidations);
+\Chibi\Router::register(['UserController', 'deleteAction'], 'POST', '/user/{name}/delete', $userValidations);
foreach (['GET', 'POST'] as $method)
{
@@ -155,7 +157,6 @@ foreach (['GET', 'POST'] as $method)
\Chibi\Router::register(['UserController', 'registrationAction'], $method, '/register', $userValidations);
\Chibi\Router::register(['UserController', 'viewAction'], $method, '/user/{name}/{tab}', $userValidations);
\Chibi\Router::register(['UserController', 'viewAction'], $method, '/user/{name}/{tab}/{page}', $userValidations);
- \Chibi\Router::register(['UserController', 'deleteAction'], $method, '/user/{name}/delete', $userValidations);
\Chibi\Router::register(['UserController', 'settingsAction'], $method, '/user/{name}/settings', $userValidations);
\Chibi\Router::register(['UserController', 'editAction'], $method, '/user/{name}/edit', $userValidations);
\Chibi\Router::register(['UserController', 'activationAction'], $method, '/activation/{token}', $userValidations);
diff --git a/src/Api/Jobs/DeleteUserJob.php b/src/Api/Jobs/DeleteUserJob.php
new file mode 100644
index 00000000..a657a263
--- /dev/null
+++ b/src/Api/Jobs/DeleteUserJob.php
@@ -0,0 +1,24 @@
+user;
+
+ $name = $user->name;
+ UserModel::remove($user);
+
+ LogHelper::log('{user} removed {subject}\'s account', [
+ 'user' => TextHelper::reprUser(Auth::getCurrentUser()),
+ 'subject' => TextHelper::reprUser($name)]);
+ }
+
+ public function requiresPrivilege()
+ {
+ return
+ [
+ Privilege::DeleteUser,
+ Access::getIdentity($this->user)
+ ];
+ }
+}
diff --git a/src/Controllers/UserController.php b/src/Controllers/UserController.php
index e6b47a1c..df112665 100644
--- a/src/Controllers/UserController.php
+++ b/src/Controllers/UserController.php
@@ -42,40 +42,37 @@ class UserController
AcceptUserRegistrationJob::USER_NAME => $name]);
}
- public function deleteAction($name)
+ public function deleteView($name)
{
- $context = getContext();
$user = UserModel::findByNameOrEmail($name);
- Access::assert(
- Privilege::ViewUser,
- Access::getIdentity($user));
- Access::assert(
- Privilege::DeleteUser,
- Access::getIdentity($user));
$this->loadUserView($user);
+ $context = getContext();
$context->transport->tab = 'delete';
+ }
- $context->suppliedCurrentPassword = $suppliedCurrentPassword = InputHelper::get('current-password');
+ public function deleteAction($name)
+ {
+ $this->deleteView($name);
+ $user = UserModel::findByNameOrEmail($name);
- if (!InputHelper::get('submit'))
- return;
-
- $name = $user->name;
if (Auth::getCurrentUser()->id == $user->id)
{
- $suppliedPasswordHash = UserModel::hashPassword($suppliedCurrentPassword, $user->passSalt);
+ $suppliedPassword = InputHelper::get('current-password');
+ $suppliedPasswordHash = UserModel::hashPassword($suppliedPassword, $user->passSalt);
if ($suppliedPasswordHash != $user->passHash)
throw new SimpleException('Must supply valid password');
}
$oldId = $user->id;
- UserModel::remove($user);
+
+ Api::run(new DeleteUserJob(), [
+ DeleteUserJob::USER_NAME => $name]);
+
if ($oldId == Auth::getCurrentUser()->id)
Auth::logOut();
\Chibi\Util\Url::forward(\Chibi\Router::linkTo(['StaticPagesController', 'mainPageView']));
- LogHelper::log('{user} removed {subject}\'s account', ['subject' => TextHelper::reprUser($name)]);
exit;
}