From 5b98bc48485ac85a62feba01ce43912974523197 Mon Sep 17 00:00:00 2001 From: Sahil Batra Date: Wed, 24 Jul 2024 14:25:35 +0530 Subject: [PATCH] settings: Allow admins/owners to deactivate themselves from users list. We previously did not allow users to deactivate themselves from users list to avoid users deactivating themselves accidentally. But we now show a confirmation modal before deactivating, so it is fine to allow it. --- web/src/settings_account.js | 16 ++++++---------- web/src/settings_users.js | 18 +++++++++++++++--- web/src/user_deactivation_ui.ts | 15 ++++++++++++++- 3 files changed, 35 insertions(+), 14 deletions(-) diff --git a/web/src/settings_account.js b/web/src/settings_account.js index 67f8dfc7b4..d5272c52a1 100644 --- a/web/src/settings_account.js +++ b/web/src/settings_account.js @@ -1,7 +1,6 @@ import $ from "jquery"; import render_change_email_modal from "../templates/change_email_modal.hbs"; -import render_confirm_deactivate_own_user from "../templates/confirm_dialog/confirm_deactivate_own_user.hbs"; import render_demo_organization_add_email_modal from "../templates/demo_organization_add_email_modal.hbs"; import render_dialog_change_password from "../templates/dialog_change_password.hbs"; import render_settings_api_key_modal from "../templates/settings/api_key_modal.hbs"; @@ -11,7 +10,6 @@ import * as avatar from "./avatar"; import * as blueslip from "./blueslip"; import * as channel from "./channel"; import * as common from "./common"; -import * as confirm_dialog from "./confirm_dialog"; import {csrf_token} from "./csrf"; import * as custom_profile_fields_ui from "./custom_profile_fields_ui"; import * as dialog_widget from "./dialog_widget"; @@ -28,6 +26,7 @@ import * as settings_ui from "./settings_ui"; import {current_user, realm} from "./state_data"; import * as ui_report from "./ui_report"; import * as ui_util from "./ui_util"; +import * as user_deactivation_ui from "./user_deactivation_ui"; import * as user_pill from "./user_pill"; import * as user_profile from "./user_profile"; import {user_settings} from "./user_settings"; @@ -745,14 +744,11 @@ export function set_up() { }, }); } - const html_body = render_confirm_deactivate_own_user(); - confirm_dialog.launch({ - html_heading: $t_html({defaultMessage: "Deactivate your account"}), - html_body, - on_click: handle_confirm, - help_link: "/help/deactivate-your-account", - loading_spinner: true, - }); + user_deactivation_ui.confirm_deactivation( + people.my_current_user_id(), + handle_confirm, + true, + ); }); $("#show_my_user_profile_modal").on("click", (e) => { diff --git a/web/src/settings_users.js b/web/src/settings_users.js index 27d9f1439d..fdabe25913 100644 --- a/web/src/settings_users.js +++ b/web/src/settings_users.js @@ -278,7 +278,8 @@ function human_info(person) { info.can_modify = current_user.is_admin; info.is_current_user = people.is_my_user_id(person.user_id); - info.cannot_deactivate = info.is_current_user || (person.is_owner && !current_user.is_owner); + info.cannot_deactivate = + person.is_owner && (!current_user.is_owner || people.is_current_user_only_owner()); info.display_email = person.delivery_email; info.img_src = people.small_avatar_url_for_person(person); @@ -492,8 +493,12 @@ function handle_deactivation($tbody) { const $row = $(e.target).closest(".user_row"); const user_id = Number($row.attr("data-user-id")); + let url = "/json/users/" + encodeURIComponent(user_id); + if (user_id === current_user.user_id) { + url = "/json/users/me"; + } + function handle_confirm() { - const url = "/json/users/" + encodeURIComponent(user_id); let data = {}; if ($(".send_email").is(":checked")) { data = { @@ -501,7 +506,14 @@ function handle_deactivation($tbody) { }; } - dialog_widget.submit_api_request(channel.del, url, data); + const opts = {}; + if (user_id === current_user.user_id) { + opts.success_continuation = () => { + window.location.href = "/login/"; + }; + } + + dialog_widget.submit_api_request(channel.del, url, data, opts); } user_deactivation_ui.confirm_deactivation(user_id, handle_confirm, true); diff --git a/web/src/user_deactivation_ui.ts b/web/src/user_deactivation_ui.ts index a56cb2af8c..4b05c8127e 100644 --- a/web/src/user_deactivation_ui.ts +++ b/web/src/user_deactivation_ui.ts @@ -2,6 +2,7 @@ import $ from "jquery"; import {z} from "zod"; import render_settings_deactivation_bot_modal from "../templates/confirm_dialog/confirm_deactivate_bot.hbs"; +import render_confirm_deactivate_own_user from "../templates/confirm_dialog/confirm_deactivate_own_user.hbs"; import render_settings_deactivation_user_modal from "../templates/confirm_dialog/confirm_deactivate_user.hbs"; import render_settings_reactivation_bot_modal from "../templates/confirm_dialog/confirm_reactivate_bot.hbs"; import render_settings_reactivation_user_modal from "../templates/confirm_dialog/confirm_reactivate_user.hbs"; @@ -13,13 +14,25 @@ import * as dialog_widget from "./dialog_widget"; import {$t_html} from "./i18n"; import * as people from "./people"; import {invite_schema} from "./settings_invites"; -import {realm} from "./state_data"; +import {current_user, realm} from "./state_data"; export function confirm_deactivation( user_id: number, handle_confirm: () => void, loading_spinner: boolean, ): void { + if (user_id === current_user.user_id) { + const html_body = render_confirm_deactivate_own_user(); + confirm_dialog.launch({ + html_heading: $t_html({defaultMessage: "Deactivate your account"}), + html_body, + on_click: handle_confirm, + help_link: "/help/deactivate-your-account", + loading_spinner, + }); + return; + } + // Knowing the number of invites requires making this request. If the request fails, // we won't have the accurate number of invites. So, we don't show the modal if the // request fails.