ElyBy-Mirror/accounts
1
0
Fork 0
mirror of https://github.com/elyby/accounts.git synced 2025-05-31 14:11:46 +05:30
Code Issues Packages Projects Releases Wiki Activity

Implemented account deletion. Not all cases covered with tests [skip ci]

Browse Source
This commit is contained in:
ErickSkrauch
2020-06-12 00:27:02 +03:00
parent c86817a93d
commit 0183e54442
56 changed files with 1041 additions and 188 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
api/rbac/Permissions.php
View File

@@ -12,6 +12,8 @@ final class Permissions {
public const CHANGE_ACCOUNT_PASSWORD = 'change_account_password';
public const CHANGE_ACCOUNT_EMAIL = 'change_account_email';
public const MANAGE_TWO_FACTOR_AUTH = 'manage_two_factor_auth';
public const DELETE_ACCOUNT = 'delete_account';
public const RESTORE_ACCOUNT = 'restore_account';
public const BLOCK_ACCOUNT = 'block_account';
public const COMPLETE_OAUTH_FLOW = 'complete_oauth_flow';
public const CREATE_OAUTH_CLIENTS = 'create_oauth_clients';
@@ -27,6 +29,8 @@ final class Permissions {
public const CHANGE_OWN_ACCOUNT_PASSWORD = 'change_own_account_password';
public const CHANGE_OWN_ACCOUNT_EMAIL = 'change_own_account_email';
public const MANAGE_OWN_TWO_FACTOR_AUTH = 'manage_own_two_factor_auth';
public const DELETE_OWN_ACCOUNT = 'delete_own_account';
public const RESTORE_OWN_ACCOUNT = 'restore_own_account';
public const MINECRAFT_SERVER_SESSION = 'minecraft_server_session';
public const VIEW_OWN_OAUTH_CLIENTS = 'view_own_oauth_clients';
public const MANAGE_OWN_OAUTH_CLIENTS = 'manage_own_oauth_clients';

8
api/rbac/rules/AccountOwner.php
View File

@@ -8,7 +8,7 @@ use Webmozart\Assert\Assert;
use Yii;
use yii\rbac\Rule;
class AccountOwner extends Rule {
final class AccountOwner extends Rule {
public $name = 'account_owner';
@@ -43,7 +43,11 @@ class AccountOwner extends Rule {
return false;
}
if ($account->status !== Account::STATUS_ACTIVE) {
$allowDeleted = $params['allowDeleted'] ?? false;
if ($account->status !== Account::STATUS_ACTIVE
// if deleted accounts are allowed, but the passed one is not in deleted state
&& (!$allowDeleted || $account->status !== Account::STATUS_DELETED)
) {
return false;
}