Merge pull request #2415 from RocketChat/delete-own-account

Adds ability to delete own account

i18n/en.i18n.json

@@ -7,6 +7,7 @@
   "Access_Online_Demo" : "Access the Online Demo",
   "Access_Token_URL" : "Access Token URL",
   "Accounts" : "Accounts",
+  "Accounts_AllowDeleteOwnAccount" : "Allow users to delete own account",
   "Accounts_AllowedDomainsList" : "Allowed Domains List",
   "Accounts_AllowedDomainsList_Description" : "Comma-separated list of allowed domains",
   "Accounts_AllowEmailChange" : "Allow E-mail Change",
@@ -92,6 +93,7 @@
   "are_also_typing" : "are also typing",
   "are_typing" : "are typing",
   "Are_you_sure" : "Are you sure?",
+  "Are_you_sure_you_want_to_delete_your_account" : "Are you sure you want to delete your account?",
   "Authorization_URL" : "Authorization URL",
   "Authorize" : "Authorize",
   "Auto_Load_Images" : "Auto Load Images",
@@ -146,6 +148,7 @@
   "days" : "days",
   "Deactivate" : "Deactivate",
   "Default" : "Default",
+  "Delete_my_account" : "Delete my account",
   "Delete_Room_Warning" : "Deleting a room will delete all messages posted within the room. This cannot be undone.",
   "Delete_User_Warning" : "Deleting a user will delete all messages from that user as well. This cannot be undone.",
   "Deleted" : "Deleted!",
@@ -214,6 +217,7 @@
   "Highlights_List" : "Highlight words",
   "History" : "History",
   "hours" : "hours",
+  "If_you_are_sure_type_in_your_password" : "If you are sure type in your password:",
   "Incorrect_Password" : "Incorrect Password",
   "inline_code" : "inline_code",
   "Install_Extension" : "Install Extension",
@@ -434,6 +438,7 @@
   "Please_wait" : "Please wait",
   "Please_wait_activation" : "Please wait, this can take some time.",
   "Please_wait_statistics" : "Please wait, statistics are being generated.",
+  "Please_wait_while_your_account_is_being_deleted" : "Please wait while your account is being deleted...",
   "Post_as" : "Post as",
   "Post_to_Channel" : "Post to Channel",
   "Post_to_s_as_s" : "Post to <strong>%s</strong> as <strong>%s</strong>",
@@ -686,6 +691,7 @@
   "You_need_confirm_email" : "You need to confirm your email to login!",
   "You_need_install_an_extension_to_allow_screen_sharing" : "You need install an extension to allow screen sharing",
   "You_need_to_change_your_password" : "You need to change your password",
+  "You_need_to_type_in_your_password_in_order_to_do_this" : "You need to type in your password in order to do this!",
   "You_should_name_it_to_easily_manage_your_integrations" : "You should name it to easily manage your integrations.",
   "You_will_not_be_able_to_recover" : "You will not be able to recover this message!",
   "You_will_not_be_able_to_recover_file" : "You will not be able to recover this file!",
@@ -693,5 +699,6 @@
   "Your_file_has_been_deleted" : "Your file has been deleted.",
   "Your_mail_was_sent_to_s" : "Your mail was sent to %s",
   "Your_Open_Source_solution" : "Your own Open Source chat solution",
+  "Your_password_is_wrong" : "Your password is wrong!",
   "Your_push_was_sent_to_s_devices" : "Your push was sent to %s devices"
 }

packages/rocketchat-lib/package.js

@@ -75,6 +75,7 @@ Package.onUse(function(api) {
 	api.addFiles('server/methods/addOAuthService.coffee', 'server');
 	api.addFiles('server/methods/checkRegistrationSecretURL.coffee', 'server');
 	api.addFiles('server/methods/clearRequirePasswordChange.js', 'server');
+	api.addFiles('server/methods/deleteUserOwnAccount.js', 'server');
 	api.addFiles('server/methods/joinDefaultChannels.coffee', 'server');
 	api.addFiles('server/methods/removeOAuthService.coffee', 'server');
 	api.addFiles('server/methods/robotMethods.coffee', 'server');

packages/rocketchat-lib/server/methods/deleteUserOwnAccount.js

@@ -0,0 +1,42 @@
+Meteor.methods({
+	deleteUserOwnAccount: function(password) {
+		if (!Meteor.userId()) {
+			throw new Meteor.Error('invalid-user', "[methods] deleteUserOwnAccount -> Invalid user");
+		}
+
+		if (!RocketChat.settings.get('Accounts_AllowDeleteOwnAccount')) {
+			throw new Meteor.Error('not-authorized', "[methods] deleteUserOwnAccount -> Not authorized");
+		}
+
+		const userId = Meteor.userId();
+		const user = RocketChat.models.Users.findOneById(userId);
+
+		result = Accounts._checkPassword(user, { digest: password, algorithm: 'sha-256' });
+		if (result.error) {
+			throw new Meteor.Error('invalid-password', "[methods] deleteUserOwnAccount -> Invalid password");
+		}
+
+		Meteor.defer(function() {
+			RocketChat.models.Messages.removeByUserId(userId); // Remove user messages
+			RocketChat.models.Subscriptions.findByUserId(userId).forEach((subscription) => {
+				let room = RocketChat.models.Rooms.findOneById(subscription.rid);
+				if (room) {
+					if (room.t !== 'c' && room.usernames.length === 1) {
+						RocketChat.models.Rooms.removeById(subscription.rid); // Remove non-channel rooms with only 1 user (the one being deleted)
+					}
+					if (room.t === 'd') {
+						RocketChat.models.Subscriptions.removeByRoomId(subscription.rid);
+						RocketChat.models.Messages.removeByRoomId(subscription.rid);
+					}
+				}
+			});
+
+			RocketChat.models.Subscriptions.removeByUserId(userId); // Remove user subscriptions
+			RocketChat.models.Rooms.removeByTypeContainingUsername('d', user.username); // Remove direct rooms with the user
+			RocketChat.models.Rooms.removeUsernameFromAll(user.username); // Remove user from all other rooms
+			RocketChat.models.Users.removeById(userId); // Remove user from users database
+		});
+
+		return true;
+	}
+})

packages/rocketchat-lib/server/startup/settings.coffee

@@ -3,6 +3,7 @@ if not RocketChat.models.Settings.findOneById 'uniqueID'
 	RocketChat.models.Settings.createWithIdAndValue 'uniqueID', process.env.DEPLOYMENT_ID or Random.id()
 
 RocketChat.settings.addGroup 'Accounts', ->
+	@add 'Accounts_AllowDeleteOwnAccount', false, { type: 'boolean', public: true }
 	@add 'Accounts_AllowUserProfileChange', true, { type: 'boolean', public: true }
 	@add 'Accounts_AllowUserAvatarChange', true, { type: 'boolean', public: true }
 	@add 'Accounts_AllowUsernameChange', true, { type: 'boolean', public: true }

packages/rocketchat-theme/assets/stylesheets/base.less

@@ -27,6 +27,10 @@
 	user-select: text;
 }
 
+.text-right {
+	text-align: right;
+}
+
 .no-scroll {
 	overflow: hidden !important;
 }

packages/rocketchat-ui-account/account/accountPreferences.coffee

@@ -1,4 +1,7 @@
 Template.accountPreferences.helpers
+	allowDeleteOwnAccount: ->
+		return RocketChat.settings.get('Accounts_AllowDeleteOwnAccount')
+
 	checked: (property, value, defaultValue) ->
 		if not Meteor.user()?.settings?.preferences?[property]? and defaultValue is true
 			currentValue = value
@@ -84,3 +87,27 @@ Template.accountPreferences.events
 					username: 'rocket.cat'
 			title: TAPi18n.__('Desktop_Notification_Test')
 			text: TAPi18n.__('This_is_a_desktop_notification')
+
+	'click .delete-account button': (e) ->
+		e.preventDefault();
+
+		swal
+			title: t("Are_you_sure_you_want_to_delete_your_account"),
+			text: t("If_you_are_sure_type_in_your_password"),
+			type: "input",
+			inputType: "password",
+			showCancelButton: true,
+			closeOnConfirm: false
+
+		, (typedPassword) =>
+			if typedPassword
+				toastr.warning(t("Please_wait_while_your_account_is_being_deleted"));
+				Meteor.call 'deleteUserOwnAccount', SHA256(typedPassword), (error, results) ->
+					if error
+						toastr.remove();
+						swal.showInputError(t("Your_password_is_wrong"));
+					else
+						swal.close();
+			else
+				swal.showInputError(t("You_need_to_type_in_your_password_in_order_to_do_this"));
+				return false;

packages/rocketchat-ui-account/account/accountPreferences.html

@@ -115,6 +115,11 @@
 				<div class="submit">
 					<button class="button"><i class="icon-send"></i><span>{{_ "Save_changes"}}</span></button>
 				</div>
+				{{#if allowDeleteOwnAccount}}
+				<div class="delete-account text-right">
+					<button class="button red"><i class="icon-trash"></i><span>{{_ "Delete_my_account"}}</span></button>
+				</div>
+				{{/if}}
 			</div>
 		</div>
 	</section>

packages/rocketchat-ui-account/package.js

@@ -18,7 +18,8 @@ Package.onUse(function(api) {
 		'templating',
 		'coffeescript',
 		'underscore',
-		'rocketchat:lib'
+		'rocketchat:lib',
+		'sha'
 	]);
 
 	api.addFiles('account/account.html', 'client');