From 91c71471ab41bb9af673daf6dde50159d0bfde18 Mon Sep 17 00:00:00 2001 From: Eugen Rochko Date: Wed, 14 Jun 2017 20:30:12 +0200 Subject: [PATCH] Fix account delete form not accepting password, update suspended (#3745) account before removing content for quicker feedback to end-users --- app/controllers/settings/deletes_controller.rb | 2 +- app/services/suspend_account_service.rb | 2 +- spec/controllers/settings/deletes_controller_spec.rb | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/app/controllers/settings/deletes_controller.rb b/app/controllers/settings/deletes_controller.rb index 55c18345bdb..dd18b4c2fe8 100644 --- a/app/controllers/settings/deletes_controller.rb +++ b/app/controllers/settings/deletes_controller.rb @@ -22,6 +22,6 @@ class Settings::DeletesController < ApplicationController private def delete_params - params.permit(:password) + params.require(:form_delete_confirmation).permit(:password) end end diff --git a/app/services/suspend_account_service.rb b/app/services/suspend_account_service.rb index 1e3a51e4e26..983c5495b60 100644 --- a/app/services/suspend_account_service.rb +++ b/app/services/suspend_account_service.rb @@ -5,8 +5,8 @@ class SuspendAccountService < BaseService @account = account purge_user if remove_user - purge_content purge_profile + purge_content unsubscribe_push_subscribers end diff --git a/spec/controllers/settings/deletes_controller_spec.rb b/spec/controllers/settings/deletes_controller_spec.rb index c9e163261b8..b9c7c3068cb 100644 --- a/spec/controllers/settings/deletes_controller_spec.rb +++ b/spec/controllers/settings/deletes_controller_spec.rb @@ -35,7 +35,7 @@ describe Settings::DeletesController do context 'with correct password' do before do - delete :destroy, params: { password: 'petsmoldoggos' } + delete :destroy, params: { form_delete_confirmation: { password: 'petsmoldoggos' } } end it 'redirects to sign in page' do @@ -53,7 +53,7 @@ describe Settings::DeletesController do context 'with incorrect password' do before do - delete :destroy, params: { password: 'blaze420' } + delete :destroy, params: { form_delete_confirmation: { password: 'blaze420' } } end it 'redirects back to confirmation page' do