Main RocketGit repo
List of commits:
| Subject | Hash | Author | Date (UTC) |
|---|---|---|---|
| Allow users to delete their account | 2a2338aca850737f16febc056c1d248daf935736 | Catalin(ux) M. BOIE | 2016-12-30 12:49:48 |
| Improved TLS cyphers list for better security | 00f1ad9bffc47d0cd786e6caa6f9777fae27b2ff | Catalin(ux) M. BOIE | 2016-12-30 12:47:54 |
| Corrected the api key mail | 3ac431ae8e880ceebc18507383771b23ce5d9b6a | Catalin(ux) M. BOIE | 2016-12-08 04:20:30 |
| Big Amazon fixes | f185636cf44652a2da9779ab21979807b91cf48f | Catalin(ux) M. BOIE | 2016-12-07 20:38:54 |
| Typos, some additions for hints, TODO | a0b3ff70ddcdfa28770b6467b03332b70cf38067 | Catalin(ux) M. BOIE | 2016-12-07 20:37:47 |
| events.php missed apikeys include | e6370414e0bef923fb5d1f639b8a7738fb8d1641 | Catalin(ux) M. BOIE | 2016-12-07 20:34:05 |
| Improved the functional tests | 935c1f0f62aba1ca75fce124a33593e7e900a83a | Catalin(ux) M. BOIE | 2016-12-07 20:33:33 |
| Put passwords next to username to allow browser to cache username and not e-mail | 4e2d12ca5ce8f5420c3d51469386eda84724256a | Catalin(ux) M. BOIE | 2016-12-07 20:32:23 |
| Raise the limits for the queries to 50 | 529edd633de2059eefd12afeb67847bbb72c4eed | Catalin(ux) M. BOIE | 2016-12-07 20:29:06 |
| Added Gogs.io into comparison and added more criteria | 09bb2d793e67f732ff275ba72e42c71d54fd51d6 | Catalin(ux) M. BOIE | 2016-12-07 20:28:20 |
| If session expires and the user presses logout, do not give errors | 5871b5cd6efae48655000b980f641b39ccc4a146 | Catalin(ux) M. BOIE | 2016-12-07 20:11:31 |
| No need for AllowOverride All | 4b0cf4ec9663f0aa3cf4f8d55dfb4f7f3fd8614d | Catalin(ux) M. BOIE | 2016-11-20 08:17:15 |
| Use getmyuid instead of posix_getuid to not depend on another extention | f6d6dcce4d565281e3d47079974b6d6a91a36ae4 | Catalin(ux) M. BOIE | 2016-11-20 07:15:04 |
| CSS adjustments | 264821ffdde5ad2d9c196844ecd13fd689b7e353 | Catalin(ux) M. BOIE | 2016-11-19 14:13:02 |
| Some rewording in Donate page | 58626a058176945e165ab0230bd1093e025a07ac | Catalin(ux) M. BOIE | 2016-11-19 14:08:20 |
| Bump version to 0.64 | b414b4d454c2f37010d213cd23662f01b7fb3951 | Catalin(ux) M. BOIE | 2016-11-19 13:25:15 |
| Do not set ServerName if it unknown; else will not match | 1b58474438fff06932d666f04f75581bfea7361b | Catalin(ux) M. BOIE | 2016-11-19 13:24:23 |
| The build process nedds php | 681151c53be2922e9f2cedc20be5add1587e013d | Catalin(ux) M. BOIE | 2016-11-17 22:37:46 |
| Bump version to 0.63 | cefea42530ef6ed4ddf8d2f36020b8e2d5dbf467 | Catalin(ux) M. BOIE | 2016-11-17 18:39:51 |
| TODO updates | b11fde8c1548fe9b0968b4193ace5418516ef043 | Catalin(ux) M. BOIE | 2016-11-17 18:39:08 |
Commit 2a2338aca850737f16febc056c1d248daf935736
- Allow users to delete their account
Author: Catalin(ux) M. BOIE
Author date (UTC): 2016-12-30 12:49
Committer name: Catalin(ux) M. BOIE
Committer date (UTC): 2017-01-05 16:10
Parent(s): 00f1ad9bffc47d0cd786e6caa6f9777fae27b2ff
Signer:
Signing key:
Signing status: N
Tree: be2f8dab467a39dc5665ae9f18fa4e58d73d1510
Author: Catalin(ux) M. BOIE
Author date (UTC): 2016-12-30 12:49
Committer name: Catalin(ux) M. BOIE
Committer date (UTC): 2017-01-05 16:10
Parent(s): 00f1ad9bffc47d0cd786e6caa6f9777fae27b2ff
Signer:
Signing key:
Signing status: N
Tree: be2f8dab467a39dc5665ae9f18fa4e58d73d1510
| File inc/struct.inc.php changed (mode: 100644) (index a30d3e5..5c1e042) | |||
| ... | ... | $rg_sql_struct[41]['other'] = array( | |
| 588 | 588 | . " ON workers(fingerprint_sha256)" | . " ON workers(fingerprint_sha256)" |
| 589 | 589 | ); | ); |
| 590 | 590 | ||
| 591 | $rg_sql_struct[42]['other'] = array( | ||
| 592 | 'deleted for users' => | ||
| 593 | "ALTER TABLE users ADD deleted INTEGER NOT NULL DEFAULT 0" | ||
| 594 | ); | ||
| 595 | |||
| 591 | 596 | // Do not forget to add the new tables to statistics | // Do not forget to add the new tables to statistics |
| 592 | 597 | // This must be the last line | // This must be the last line |
| 593 | 598 | $rg_sql_schema_ver = count($rg_sql_struct); | $rg_sql_schema_ver = count($rg_sql_struct); |
| File inc/user.inc.php changed (mode: 100644) (index 6c7719b..ed27197) | |||
| ... | ... | function rg_user_edit($db, $d) | |
| 531 | 531 | break; | break; |
| 532 | 532 | ||
| 533 | 533 | $d['suspended'] = 0; | $d['suspended'] = 0; |
| 534 | $d['deleted'] = 0; | ||
| 534 | 535 | $d['last_seen'] = 0; | $d['last_seen'] = 0; |
| 535 | 536 | $d['disk_used_mb'] = 0; | $d['disk_used_mb'] = 0; |
| 536 | 537 | $sql = "INSERT INTO users (username, realname, salt" | $sql = "INSERT INTO users (username, realname, salt" |
| 537 | 538 | . ", pass, email, itime" | . ", pass, email, itime" |
| 538 | 539 | . ", is_admin, rights, session_time" | . ", is_admin, rights, session_time" |
| 539 | 540 | . ", confirmed, confirm_token, plan_id" | . ", confirmed, confirm_token, plan_id" |
| 540 | . ", suspended, last_seen, disk_used_mb)" | ||
| 541 | . ", suspended, last_seen, disk_used_mb" | ||
| 542 | . ", deleted)" | ||
| 541 | 543 | . " VALUES (@@username@@, @@realname@@, @@salt@@" | . " VALUES (@@username@@, @@realname@@, @@salt@@" |
| 542 | 544 | . ", @@pass_crypted@@, @@email@@, @@itime@@" | . ", @@pass_crypted@@, @@email@@, @@itime@@" |
| 543 | 545 | . ", @@is_admin@@, @@rights@@, @@session_time@@" | . ", @@is_admin@@, @@rights@@, @@session_time@@" |
| 544 | 546 | . ", @@confirmed@@, @@confirm_token@@, @@plan_id@@" | . ", @@confirmed@@, @@confirm_token@@, @@plan_id@@" |
| 545 | 547 | . ", @@suspended@@, @@last_seen@@" | . ", @@suspended@@, @@last_seen@@" |
| 546 | . ", @@disk_used_mb@@)" | ||
| 548 | . ", @@disk_used_mb@@, @@deleted@@)" | ||
| 547 | 549 | . " RETURNING uid"; | . " RETURNING uid"; |
| 548 | 550 | } else { // edit | } else { // edit |
| 549 | 551 | $salt_pass_add = ""; | $salt_pass_add = ""; |
| ... | ... | function rg_user_edit($db, $d) | |
| 625 | 627 | ||
| 626 | 628 | /* | /* |
| 627 | 629 | * Delete a user | * Delete a user |
| 630 | * @uid - the uid of the user to be removed | ||
| 631 | * This function only marks the user to be removed. | ||
| 628 | 632 | */ | */ |
| 629 | 633 | function rg_user_remove($db, $rg, $uid) | function rg_user_remove($db, $rg, $uid) |
| 630 | 634 | { | { |
| 631 | rg_prof_start("user_remove"); | ||
| 632 | rg_log_enter("user_remove: uid=$uid"); | ||
| 635 | rg_prof_start('user_remove'); | ||
| 636 | rg_log_enter('user_remove: uid=$uid'); | ||
| 633 | 637 | ||
| 634 | 638 | $ret = FALSE; | $ret = FALSE; |
| 635 | 639 | while (1) { | while (1) { |
| ... | ... | function rg_user_remove($db, $rg, $uid) | |
| 641 | 645 | $x['username'] = $rg['login_ui']['username']; | $x['username'] = $rg['login_ui']['username']; |
| 642 | 646 | $x['needed_rights'] = 'R'; | $x['needed_rights'] = 'R'; |
| 643 | 647 | $x['ip'] = $rg['ip']; | $x['ip'] = $rg['ip']; |
| 644 | $x['misc'] = ""; | ||
| 648 | $x['misc'] = ''; | ||
| 645 | 649 | if (rg_rights_allow($db, $x) !== TRUE) | if (rg_rights_allow($db, $x) !== TRUE) |
| 646 | 650 | break; | break; |
| 647 | 651 | ||
| 648 | $params = array("uid" => $uid); | ||
| 649 | $sql = "DELETE FROM users WHERE uid = @@uid@@"; | ||
| 652 | $now = time(); | ||
| 653 | $params = array( | ||
| 654 | 'now' => $now, | ||
| 655 | 'uid' => $uid | ||
| 656 | ); | ||
| 657 | $sql = 'UPDATE users SET deleted = @@now@@' | ||
| 658 | . ' WHERE uid = @@uid@@'; | ||
| 650 | 659 | $res = rg_sql_query_params($db, $sql, $params); | $res = rg_sql_query_params($db, $sql, $params); |
| 651 | 660 | if ($res === FALSE) { | if ($res === FALSE) { |
| 652 | rg_user_set_error("cannot remove user $uid (" . rg_sql_error() . ")"); | ||
| 661 | rg_user_set_error('cannot remove user'); | ||
| 653 | 662 | break; | break; |
| 654 | 663 | } | } |
| 655 | 664 | rg_sql_free_result($res); | rg_sql_free_result($res); |
| 656 | 665 | ||
| 657 | // invalidate cache | ||
| 658 | rg_cache_unset('user' . '::' . $uid, RG_SOCKET_NO_WAIT); | ||
| 666 | // update cache | ||
| 667 | rg_cache_set('user' . '::' . $uid . '::' . 'info' | ||
| 668 | . '::' . 'deleted', $now, RG_SOCKET_NO_WAIT); | ||
| 669 | |||
| 670 | // invalidate session | ||
| 671 | rg_sess_destroy($db, $rg['sid'], $rg['login_ui']); | ||
| 659 | 672 | ||
| 660 | 673 | $ret = TRUE; | $ret = TRUE; |
| 661 | 674 | break; | break; |
| 662 | 675 | } | } |
| 663 | 676 | ||
| 664 | 677 | rg_log_exit(); | rg_log_exit(); |
| 665 | rg_prof_end("user_remove"); | ||
| 678 | rg_prof_end('user_remove'); | ||
| 666 | 679 | return $ret; | return $ret; |
| 667 | 680 | } | } |
| 668 | 681 | ||
| ... | ... | function rg_user_login_by_user_pass($db, $user, $pass, $login_token, $lock_ip, | |
| 954 | 967 | break; | break; |
| 955 | 968 | } | } |
| 956 | 969 | ||
| 970 | if ($ui0['deleted'] > 0) { | ||
| 971 | rg_user_set_error('invalid user, pass or login token'); | ||
| 972 | rg_log('account is deleted'); | ||
| 973 | break; | ||
| 974 | } | ||
| 975 | |||
| 957 | 976 | if ($ui0['suspended'] > 0) { | if ($ui0['suspended'] > 0) { |
| 958 | 977 | rg_user_set_error("invalid user, pass or login token"); | rg_user_set_error("invalid user, pass or login token"); |
| 959 | 978 | rg_log("account is suspended"); | rg_log("account is suspended"); |
| ... | ... | function rg_user_list($db) | |
| 1117 | 1136 | ||
| 1118 | 1137 | $ret = FALSE; | $ret = FALSE; |
| 1119 | 1138 | while (1) { | while (1) { |
| 1120 | $sql = "SELECT * FROM users ORDER BY username"; | ||
| 1139 | $sql = 'SELECT * FROM users ORDER BY username' | ||
| 1140 | . ' WHERE deleted = 0'; | ||
| 1121 | 1141 | $res = rg_sql_query($db, $sql); | $res = rg_sql_query($db, $sql); |
| 1122 | 1142 | if ($res === FALSE) { | if ($res === FALSE) { |
| 1123 | 1143 | rg_user_set_error("cannot get info (" . rg_sql_error() . ")!"); | rg_user_set_error("cannot get info (" . rg_sql_error() . ")!"); |
| ... | ... | function rg_user_http_git($db, $rg, $paras) | |
| 2054 | 2074 | return $ret; | return $ret; |
| 2055 | 2075 | } | } |
| 2056 | 2076 | ||
| 2077 | /* | ||
| 2078 | * Delete account high level function | ||
| 2079 | */ | ||
| 2080 | function rg_user_delete_account_high_level($db, $rg, $paras) | ||
| 2081 | { | ||
| 2082 | $ret = ''; | ||
| 2083 | |||
| 2084 | $are_you_sure = rg_var_uint('are_you_sure'); | ||
| 2085 | $errmsg = array(); | ||
| 2086 | $show_form = TRUE; | ||
| 2087 | while (1) { | ||
| 2088 | if ($rg['doit'] != 1) | ||
| 2089 | break; | ||
| 2090 | |||
| 2091 | if ($are_you_sure == 0) { | ||
| 2092 | $ret .= rg_template('user/settings/delete/no.html', | ||
| 2093 | $rg, TRUE/*xss*/); | ||
| 2094 | $show_form = FALSE; | ||
| 2095 | break; | ||
| 2096 | } | ||
| 2097 | |||
| 2098 | if (!rg_valid_referer()) { | ||
| 2099 | $errmsg[] = 'invalid referer; try again'; | ||
| 2100 | break; | ||
| 2101 | } | ||
| 2102 | |||
| 2103 | if (!rg_token_valid($db, $rg, 'delete_account', FALSE)) { | ||
| 2104 | $errmsg[] = 'invalid token; try again'; | ||
| 2105 | break; | ||
| 2106 | } | ||
| 2107 | |||
| 2108 | $r = rg_user_remove($db, $rg, $rg['login_ui']['uid']); | ||
| 2109 | if ($r !== TRUE) { | ||
| 2110 | $errmsg[] = rg_user_error(); | ||
| 2111 | break; | ||
| 2112 | } | ||
| 2113 | |||
| 2114 | $ret .= rg_template('user/settings/delete/done.html', | ||
| 2115 | $rg, TRUE/*xss*/); | ||
| 2116 | $show_form = FALSE; | ||
| 2117 | break; | ||
| 2118 | } | ||
| 2119 | |||
| 2120 | if ($show_form) { | ||
| 2121 | // hints | ||
| 2122 | $hints = array(); | ||
| 2123 | $hints[]['HTML:hint'] = rg_template('hints/user/delete_account.html', | ||
| 2124 | $rg, TRUE /*xss*/); | ||
| 2125 | $rg['HTML:hints'] = rg_template_table('hints/list', $hints, $rg); | ||
| 2126 | |||
| 2127 | $rg['HTML:errmsg'] = rg_template_errmsg($errmsg); | ||
| 2128 | $rg['rg_form_token'] = rg_token_get($db, $rg, 'delete_account'); | ||
| 2129 | $ret .= rg_template('user/settings/delete/sure.html', | ||
| 2130 | $rg, TRUE/*xss*/); | ||
| 2131 | } | ||
| 2132 | |||
| 2133 | return $ret; | ||
| 2134 | } | ||
| 2135 | |||
| 2057 | 2136 | ?> | ?> |
| File inc/user/settings.php changed (mode: 100644) (index 7c2d3af..faabd82) | |||
| ... | ... | case 'workers': | |
| 45 | 45 | $_settings_body = rg_worker_high_level($db, $rg, $paras); | $_settings_body = rg_worker_high_level($db, $rg, $paras); |
| 46 | 46 | break; | break; |
| 47 | 47 | ||
| 48 | case 'delete_account': | ||
| 49 | $_settings_body = rg_user_delete_account_high_level($db, $rg, $paras); | ||
| 50 | break; | ||
| 51 | |||
| 48 | 52 | default: | default: |
| 49 | 53 | $rg['ask_for_pass'] = 0; | $rg['ask_for_pass'] = 0; |
| 50 | 54 | $rg['no_tos'] = 1; // we ask for only for account creation | $rg['no_tos'] = 1; // we ask for only for account creation |
| File root/themes/default/hints/user/delete_account.html added (mode: 100644) (index 0000000..b8e3692) | |||
| 1 | <br /> | ||
| 2 | <span style="color: red">Warning!</span> This operation will delete all | ||
| 3 | stuff created by your account: repositories (both public and private), | ||
| 4 | bugs, rights granted by you, web hooks, login tokens and scratch codes | ||
| 5 | etc. and cannot be undone. | ||
| File root/themes/default/user/settings/delete/done.html added (mode: 100644) (index 0000000..6add69b) | |||
| 1 | <div class="mess ok"> | ||
| 2 | The user account has been deleted. | ||
| 3 | </div> | ||
| File root/themes/default/user/settings/delete/no.html copied from file root/themes/default/user/repo/delete/no.html (similarity 100%) |
| File root/themes/default/user/settings/delete/sure.html copied from file root/themes/default/user/repo/delete/sure.html (similarity 61%) (mode: 100644) (index 3cb4923..b72316b) | |||
| 1 | 1 | <div class="formarea"> | <div class="formarea"> |
| 2 | 2 | ||
| 3 | <div class="formarea_title">Delete repository</div> | ||
| 3 | <div class="formarea_title">Delete account</div> | ||
| 4 | 4 | ||
| 5 | <form method="post" action="@@url_repo@@/admin/delete"> | ||
| 5 | <form method="post" action="@@url@@"> | ||
| 6 | 6 | <input type="hidden" name="doit" value="1" /> | <input type="hidden" name="doit" value="1" /> |
| 7 | 7 | <input type="hidden" name="token" value="@@rg_form_token@@" /> | <input type="hidden" name="token" value="@@rg_form_token@@" /> |
| 8 | 8 | ||
| 9 | 9 | <p> | <p> |
| 10 | 10 | <label for="are_you_sure">Are you sure?</label><br /> | <label for="are_you_sure">Are you sure?</label><br /> |
| 11 | 11 | <select name="are_you_sure" id="are_you_sure"> | <select name="are_you_sure" id="are_you_sure"> |
| 12 | <option value="0">No</option> | ||
| 13 | <option value="1">Yes</option> | ||
| 12 | <option value="0">No, just kidding</option> | ||
| 13 | <option value="1">Yes, I want to delete everything</option> | ||
| 14 | 14 | </select> | </select> |
| 15 | 15 | </p> | </p> |
| 16 | 16 | ||
| 19 | 19 | </form> | </form> |
| 20 | 20 | ||
| 21 | 21 | </div> | </div> |
| 22 | |||
| 23 | @@hints@@ | ||
| File root/themes/default/user/settings/menu.html changed (mode: 100644) (index 88cd49a..c3ba768) | |||
| 9 | 9 | <li@@if(@@set_menu::totp@@ == 1){{ class="selected"}}{{}}><a href="/op/settings/totp">Login tokens</a></li> | <li@@if(@@set_menu::totp@@ == 1){{ class="selected"}}{{}}><a href="/op/settings/totp">Login tokens</a></li> |
| 10 | 10 | <li@@if(@@set_menu::wh@@ == 1){{ class="selected"}}{{}}><a href="/op/settings/wh">Webhooks</a></li> | <li@@if(@@set_menu::wh@@ == 1){{ class="selected"}}{{}}><a href="/op/settings/wh">Webhooks</a></li> |
| 11 | 11 | <li@@if(@@set_menu::workers@@ == 1){{ class="selected"}}{{}}><a href="/op/settings/workers">Workers</a></li> | <li@@if(@@set_menu::workers@@ == 1){{ class="selected"}}{{}}><a href="/op/settings/workers">Workers</a></li> |
| 12 | <li@@if(@@set_menu::delete_account@@ == 1){{ class="selected"}}{{}}><a href="/op/settings/delete_account">Delete account</a></li> | ||
| 12 | 13 | </ul> | </ul> |
| 13 | 14 | </div> | </div> |
| 14 | 15 | @@menu_level2@@ | @@menu_level2@@ |
Hints:
Before first commit, do not forget to setup your git environment:
Clone this repository using HTTP(S):
Clone this repository using ssh (do not forget to upload a key first):
Clone this repository using git:
You are allowed to anonymously push to this repository.
This means that your pushed commits will automatically be transformed into a merge request:
Before first commit, do not forget to setup your git environment:
git config --global user.name "your_name_here"
git config --global user.email "your@email_here"
git config --global user.email "your@email_here"
Clone this repository using HTTP(S):
git clone https://rocketgit.com/user/catalinux/rocketgit
Clone this repository using ssh (do not forget to upload a key first):
git clone ssh://rocketgit@ssh.rocketgit.com/user/catalinux/rocketgit
Clone this repository using git:
git clone git://git.rocketgit.com/user/catalinux/rocketgit
You are allowed to anonymously push to this repository.
This means that your pushed commits will automatically be transformed into a merge request:
... clone the repository ...
... make some changes and some commits ...
git push origin main
... make some changes and some commits ...
git push origin main
RocketGit
Rocket your launch!
Rocket your launch!