Browse Source

Improve user account deletion flow

pull/7269/head
Thomas Kaul 1 week ago
parent
commit
7019d53e2b
  1. 8
      apps/api/src/app/user/user.service.ts
  2. 15
      apps/client/src/app/components/user-account-settings/user-account-settings.component.ts
  3. 8
      apps/client/src/app/components/user-account-settings/user-account-settings.html
  4. 1
      libs/common/src/lib/permissions.ts

8
apps/api/src/app/user/user.service.ts

@ -535,6 +535,14 @@ export class UserService {
user.subscription.offer.label = undefined; user.subscription.offer.label = undefined;
} }
if (
!hasRole(user, Role.DEMO) &&
(user.provider !== 'ANONYMOUS' ||
user.subscription?.type === SubscriptionType.Premium)
) {
currentPermissions.push(permissions.requestOwnUserDeletion);
}
if (hasRole(user, Role.ADMIN)) { if (hasRole(user, Role.ADMIN)) {
currentPermissions.push(permissions.syncDemoUserAccount); currentPermissions.push(permissions.syncDemoUserAccount);
} }

15
apps/client/src/app/components/user-account-settings/user-account-settings.component.ts

@ -76,8 +76,8 @@ export class GfUserAccountSettingsComponent implements OnInit {
public deleteOwnUserForm = this.formBuilder.group({ public deleteOwnUserForm = this.formBuilder.group({
accessToken: ['', Validators.required] accessToken: ['', Validators.required]
}); });
public hasPermissionForSubscription: boolean;
public hasPermissionToDeleteOwnUser: boolean; public hasPermissionToDeleteOwnUser: boolean;
public hasPermissionToRequestOwnUserDeletion: boolean;
public hasPermissionToUpdateViewMode: boolean; public hasPermissionToUpdateViewMode: boolean;
public hasPermissionToUpdateUserSettings: boolean; public hasPermissionToUpdateUserSettings: boolean;
public isAccessTokenHidden = true; public isAccessTokenHidden = true;
@ -115,17 +115,11 @@ export class GfUserAccountSettingsComponent implements OnInit {
private userService: UserService, private userService: UserService,
public webAuthnService: WebAuthnService public webAuthnService: WebAuthnService
) { ) {
const { baseCurrency, currencies, globalPermissions } = const { baseCurrency, currencies } = this.dataService.fetchInfo();
this.dataService.fetchInfo();
this.baseCurrency = baseCurrency; this.baseCurrency = baseCurrency;
this.currencies = currencies; this.currencies = currencies;
this.hasPermissionForSubscription = hasPermission(
globalPermissions,
permissions.enableSubscription
);
this.userService.stateChanged this.userService.stateChanged
.pipe(takeUntilDestroyed(this.destroyRef)) .pipe(takeUntilDestroyed(this.destroyRef))
.subscribe((state) => { .subscribe((state) => {
@ -139,6 +133,11 @@ export class GfUserAccountSettingsComponent implements OnInit {
permissions.deleteOwnUser permissions.deleteOwnUser
); );
this.hasPermissionToRequestOwnUserDeletion = hasPermission(
this.user.permissions,
permissions.requestOwnUserDeletion
);
this.hasPermissionToUpdateUserSettings = hasPermission( this.hasPermissionToUpdateUserSettings = hasPermission(
this.user.permissions, this.user.permissions,
permissions.updateUserSettings permissions.updateUserSettings

8
apps/client/src/app/components/user-account-settings/user-account-settings.html

@ -285,7 +285,9 @@
</button> </button>
</div> </div>
</div> </div>
@if (hasPermissionToDeleteOwnUser || hasPermissionForSubscription) { @if (
hasPermissionToDeleteOwnUser || hasPermissionToRequestOwnUserDeletion
) {
<hr class="mt-5" /> <hr class="mt-5" />
<div class="d-flex py-1"> <div class="d-flex py-1">
<div class="pr-1 text-danger w-50" i18n>Danger Zone</div> <div class="pr-1 text-danger w-50" i18n>Danger Zone</div>
@ -336,14 +338,14 @@
</button> </button>
</form> </form>
} @else if ( } @else if (
hasPermissionForSubscription && hasPermissionToRequestOwnUserDeletion &&
(user?.accounts?.length > 0 || user?.activitiesCount > 0) (user?.accounts?.length > 0 || user?.activitiesCount > 0)
) { ) {
<div class="hint-text text-muted" i18n> <div class="hint-text text-muted" i18n>
For security reasons, please delete all activities and accounts For security reasons, please delete all activities and accounts
first before your Ghostfolio account can be closed. first before your Ghostfolio account can be closed.
</div> </div>
} @else if (hasPermissionForSubscription) { } @else if (hasPermissionToRequestOwnUserDeletion) {
<a color="warn" i18n mat-flat-button [href]="closeUserAccountMail" <a color="warn" i18n mat-flat-button [href]="closeUserAccountMail"
>Close Account</a >Close Account</a
> >

1
libs/common/src/lib/permissions.ts

@ -50,6 +50,7 @@ export const permissions = {
readTags: 'readTags', readTags: 'readTags',
readWatchlist: 'readWatchlist', readWatchlist: 'readWatchlist',
reportDataGlitch: 'reportDataGlitch', reportDataGlitch: 'reportDataGlitch',
requestOwnUserDeletion: 'requestOwnUserDeletion',
syncDemoUserAccount: 'syncDemoUserAccount', syncDemoUserAccount: 'syncDemoUserAccount',
toggleReadOnlyMode: 'toggleReadOnlyMode', toggleReadOnlyMode: 'toggleReadOnlyMode',
updateAccount: 'updateAccount', updateAccount: 'updateAccount',

Loading…
Cancel
Save