Unverified Commit 1730f78f authored by Luc Didry's avatar Luc Didry
Browse files

Follow-up #300 — Allow account deletion only if using built-in authentication

parent 7d38cc48
...@@ -836,6 +836,9 @@ Warning: this message may already have been sent by one of the list's moderators ...@@ -836,6 +836,9 @@ Warning: this message may already have been sent by one of the list's moderators
[%~ ELSIF report_entry == 'still_owner' ~%] [%~ ELSIF report_entry == 'still_owner' ~%]
[%|loc(report_param.lists)%]You are the only owner of the following list(s): %1. Please give ownership to other people before deleting your account. You have been unsubscribed from all your lists though.[%END%] [%|loc(report_param.lists)%]You are the only owner of the following list(s): %1. Please give ownership to other people before deleting your account. You have been unsubscribed from all your lists though.[%END%]
[%~ ELSIF report_entry == 'no_classic_session' ~%]
[%|loc()%]You are not authorized to delete your account if you are not using the built-in authentication (i.e. you are using a LDAP authentication, a SSO system, etc.).[%END%]
[%~ END ~%] [%~ END ~%]
[%~ END ~%] [%~ END ~%]
...@@ -70,6 +70,7 @@ ...@@ -70,6 +70,7 @@
</form> </form>
[% END %] [% END %]
[% IF session.auth == 'classic' %]
<h4>[%|loc%]Deleting your account[%END%]</h4> <h4>[%|loc%]Deleting your account[%END%]</h4>
<p> <p>
[%|loc%]Deleting your account will unsubscribe you from all your lists, remove your ownership of your lists and permanently delete your account.[%END%] [%|loc%]Deleting your account will unsubscribe you from all your lists, remove your ownership of your lists and permanently delete your account.[%END%]
...@@ -85,6 +86,7 @@ ...@@ -85,6 +86,7 @@
<input class="MainMenuLinks" type="submit" name="action_delete_account" value="[%|loc%]Submit[%END%]" /> <input class="MainMenuLinks" type="submit" name="action_delete_account" value="[%|loc%]Submit[%END%]" />
</fieldset> </fieldset>
</form> </form>
[% END %]
</div> </div>
......
...@@ -17182,6 +17182,20 @@ sub do_delete_account { ...@@ -17182,6 +17182,20 @@ sub do_delete_account {
return 'pref'; return 'pref';
} }
   
unless ($session->{auth} eq 'classic') {
Sympa::WWW::Report::reject_report_web('user', 'no_classic_session',
{}, $param->{'action'});
wwslog('info', 'No classic session');
web_db_log(
{ 'parameters' => $email,
'target_email' => $email,
'status' => 'error',
'error_type' => "no_classic_session"
}
);
return 'pref';
}
my $next_action = my $next_action =
$session->confirm_action($in{'action'}, $in{'response_action'}, $session->confirm_action($in{'action'}, $in{'response_action'},
previous_action => 'pref'); previous_action => 'pref');
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment