Allow users to request account closure

app/controllers/admin_user_controller.rb

@@ -131,6 +131,15 @@ def modify_comment_visibility
     redirect_back(fallback_location: admin_users_url)
   end
 
+  def account_closure_requests
+    @title = 'Account closure requests'
+
+    # Find requests where the account associated with the request is not closed
+    @account_closure_requests = AccountClosureRequest.
+      joins(:user).
+      where(users: { closed_at: nil })
+  end
+
   private
 
   def user_params

app/controllers/admin_users_account_closing_controller.rb

@@ -12,7 +12,7 @@ def create
         'Something went wrong. The user account could not be closed.'
     end
 
-    redirect_to admin_user_path(@closed_user)
+    redirect_back_or_to admin_user_path(@closed_user)
   end
 
   private

app/controllers/application_controller.rb

@@ -29,6 +29,9 @@ class RouteNotFound < StandardError
   # Standard headers, footers and navigation for whole site
   layout "default"
 
+  # Defaults are :alert and :notice, but Alaveteli uses :error as well
+  add_flash_types :error
+
   include FastGettext::Translation # make functions like _, n_, N_ etc available)
   include AlaveteliPro::PostRedirectHandler
 

app/controllers/users/close_account_controller.rb

@@ -0,0 +1,34 @@
+class Users::CloseAccountController < ApplicationController
+  before_action :authenticate_user!
+
+  def new
+    # Display a form that explains the process to the users
+  end
+
+  def create
+    # If they haven't checked the "confirm" checkbox, then redirect them back to the form
+    return redirect_to users_close_account_path, error: "You must confirm that you want to close your account" if params[:confirm] == "0"
+
+    # Otherwise, create a record of the user's request to close their account
+    current_user.create_account_closure_request!
+
+    # Send the user an acknowledgement email
+    UserMailer.account_closure_requested(current_user).deliver_now
+
+    # TODO: Should the user be logged out here?
+
+    redirect_to root_path, notice: "Your account closure request has been received. We will be in touch."
+  end
+
+  private
+
+  def authenticate_user!
+    return if authenticated?
+
+    ask_to_login(
+      web: _('To close your account on {{site_name}}', site_name: site_name),
+      email: _('Then you can close your account on {{site_name}}', site_name: site_name),
+      email_subject: _('Close your account on {{site_name}}', site_name: site_name)
+    )
+  end
+end

app/mailers/user_mailer.rb

@@ -45,4 +45,11 @@ def changeemail_already_used(old_email, new_email)
          to: new_email,
          subject: _("Unable to change email address on {{site_name}}", site_name: site_name))
   end
+
+  def account_closure_requested(user)
+    @name = user.name
+
+    set_reply_to_headers(user)
+    mail_user(user, _("Your account closure request on {{site_name}}", site_name: site_name))
+  end
 end

app/models/account_closure_request.rb

@@ -0,0 +1,13 @@
+# == Schema Information
+# Schema version: 20230718062820
+#
+# Table name: account_closure_requests
+#
+#  id         :bigint           not null, primary key
+#  user_id    :bigint           not null
+#  created_at :datetime         not null
+#  updated_at :datetime         not null
+#
+class AccountClosureRequest < ApplicationRecord
+  belongs_to :user
+end

app/models/outgoing_message.rb

@@ -1,5 +1,5 @@
 # == Schema Information
-# Schema version: 20230412084830
+# Schema version: 20230718062820
 #
 # Table name: outgoing_messages
 #

app/models/user.rb

@@ -159,6 +159,10 @@ class User < ApplicationRecord
            inverse_of: :user,
            dependent: :destroy
 
+  has_one :account_closure_request,
+          inverse_of: :user,
+          dependent: :destroy
+
   scope :active, -> { not_banned.not_closed }
   scope :banned, -> { where.not(ban_text: '') }
   scope :not_banned, -> { where(ban_text: '') }

app/views/admin_general/_admin_navbar.html.erb

@@ -46,6 +46,7 @@
             <ul class="dropdown-menu" role="menu">
               <li><%= link_to 'Users', admin_users_path %></li>
               <li><%= link_to 'Tracks', admin_tracks_path %></li>
+              <li><%= link_to 'Account closure requests', account_closure_requests_admin_users_path %></li>
             </ul>
           </li>
 

app/views/admin_user/_close_account_form.html.erb

@@ -0,0 +1,9 @@
+<%= form_tag admin_users_account_closing_index_path(user_id: user.id), class: 'span3 form form-inline' do %>
+  <% disabled = user.closed? %>
+  <% submit_class = %w(btn btn-danger) %>
+  <% submit_class << 'disabled' if disabled %>
+  <%= submit_tag 'Close',
+    class: submit_class,
+    disabled: disabled,
+    data: { confirm: 'Are you sure? This is irreversible.' } %>
+<% end %>

app/views/admin_user/_scopes.html.erb

@@ -22,6 +22,10 @@
       <%= nav_li(admin_sign_ins_path) do %>
         <%= link_to 'Sign Ins', admin_sign_ins_path %>
       <% end %>
+
+      <%= nav_li(account_closure_requests_admin_users_path) do %>
+        <%= link_to 'Account closure requests', account_closure_requests_admin_users_path %>
+      <% end %>
     </ul>
   </div>
 </div>

app/views/admin_user/account_closure_requests.html.erb

@@ -0,0 +1,35 @@
+<%= render 'scopes' %>
+
+<div class="row">
+  <div class="span12">
+    <% if @account_closure_requests.any? %>
+      <table class="table table-striped">
+        <thead>
+          <tr>
+            <th>Request ID</th>
+            <th>User</th>
+            <th>Created at</th>
+            <th>Action</th>
+          </tr>
+        </thead>
+        <tbody>
+          <% @account_closure_requests.each do |request| %>
+            <tr id="account-closure-request-<%= request.id %>">
+              <td><%= request.id %></td>
+              <td>
+                <%= link_to request.user.name, admin_user_path(request.user) %>
+              </td>
+              <td><%= request.created_at.to_fs(:long) %></td>
+              <td>
+                <%= render 'close_account_form', { user: request.user } %>
+              </td>
+            </tr>
+          <% end %>
+        </tbody>
+      </table>
+
+    <% else %>
+      <p>No users have requested to close their accounts.</p>
+    <% end %>
+  </div>
+</div>

app/views/admin_user/edit.html.erb

@@ -39,15 +39,7 @@
         </p>
       </div>
       <hr>
-      <%= form_tag admin_users_account_closing_index_path(user_id: @admin_user.id), class: 'span3 form form-inline' do %>
-        <% disabled = @admin_user.closed? %>
-        <% submit_class = %w(btn btn-danger) %>
-        <% submit_class << 'disabled' if disabled %>
-        <%= submit_tag 'Close',
-          class: submit_class,
-          disabled: disabled,
-          data: { confirm: 'Are you sure? This is irreversible.' } %>
-      <% end %>
+      <%= render 'close_account_form', { user: @admin_user } %>
     </div>
 
     <div class="danger-zone__item">

app/views/user/_show_user_info.html.erb

@@ -14,7 +14,8 @@
       <%= link_to _('Change profile photo'), set_profile_photo_path %> |
     <% end %>
     <%= link_to _('Change your password'), new_password_change_path %> |
-    <%= link_to _('Change your email'), signchangeemail_path %>
+    <%= link_to _('Change your email'), signchangeemail_path %> |
+    <%= link_to _('Close your account'), users_close_account_path %>
     <% if AlaveteliConfiguration.enable_two_factor_auth %>
     |
       <% if @display_user.otp_enabled? %>

app/views/user_mailer/account_closure_requested.text.erb

@@ -0,0 +1,7 @@
+<%= raw @name %>,
+
+<%= _("You've requested to close your account on {{site_name}}." \
+      'We will process your request and will be in touch once it has been actioned.',
+      :site_name => site_name.html_safe) %>
+
+-- <%= _('the {{site_name}} team', :site_name => site_name.html_safe) %>

app/views/users/close_account/new.html.erb

@@ -0,0 +1,26 @@
+<% @title = "Close your account" %>
+<h1><%= @title %></h1>
+
+<p>If you no longer wish to use your WhatDoTheyKnow account, you can ask us to close your account.</p>
+
+<p>Closing your account will:</p>
+
+<ul>
+  <li>Set your user name to &#91;Name Removed&#93;</li>
+  <li>Reset your email address to something random</li>
+  <li>Clear your about me text</li>
+  <li>Disable all email alerts</li>
+  <li>Hide any requests you have made from your profile page</li>
+  <li>Make an automatic attempt to remove your name from your requests</li>
+</ul>
+
+<p>Closing your account will prevent you from logging in. If you have any requests that are ongoing, you will not be able to send any follow up messages to public authorities.</p>
+
+<%= form_with url: users_close_account_path, method: :post do |form| %>
+  <p>
+    <%= form.check_box :confirm, class: "checkbox" %>
+    I understand that closing my account will mean that I <b>will not</b> be able to login or follow up on my requests, and that this cannot be undone.
+  </p>
+
+  <%= form.submit "Close my account", class: "button alert", data: { confirm: "Are you sure you want to close your account?" } %>
+<% end %>

config/routes.rb

@@ -309,6 +309,9 @@ def matches?(request)
     get 'email_alerts/disable/:token',
         to: 'email_alerts#destroy',
         as: :disable_email_alerts
+
+    get 'close_account', to: 'close_account#new', as: :close_account
+    post 'close_account', to: 'close_account#create'
   end
 
   namespace :users, path: 'profile' do
@@ -704,6 +707,7 @@ def matches?(request)
       get 'active', :on => :collection
       get 'banned', :on => :collection
       get 'closed', :on => :collection
+      get 'account_closure_requests', :on => :collection
       get 'show_bounce_message', :on => :member
       post 'clear_bounce', :on => :member
       post 'clear_profile_photo', :on => :member

db/migrate/20230718062820_create_account_closure_requests.rb

@@ -0,0 +1,8 @@
+class CreateAccountClosureRequests < ActiveRecord::Migration[7.0]
+  def change
+    create_table :account_closure_requests do |t|
+      t.references :user, null: false, foreign_key: true
+      t.timestamps
+    end
+  end
+end

spec/controllers/admin_user_controller_spec.rb

@@ -449,4 +449,17 @@
       }.to change(ActsAsXapian::ActsAsXapianJob, :count).by(1)
     end
   end
+
+  describe "GET #account_closure_requests" do
+    it "assigns @account_closure_requests with requests where accounts are not closed" do
+      user_with_closed_account = FactoryBot.create(:user, closed_at: Time.now)
+      user_with_open_account = FactoryBot.create(:user)
+      request_for_closed_account = FactoryBot.create(:account_closure_request, user: user_with_closed_account)
+      request_for_open_account = FactoryBot.create(:account_closure_request, user: user_with_open_account)
+
+      get :account_closure_requests
+
+      expect(assigns(:account_closure_requests)).to eq([request_for_open_account])
+    end
+  end
 end

spec/controllers/users/close_account_controller_spec.rb

@@ -0,0 +1,46 @@
+# spec/controllers/users/close_account_controller_spec.rb
+require 'spec_helper'
+
+RSpec.describe Users::CloseAccountController, type: :controller do
+  describe "POST #create" do
+    let(:user) { FactoryBot.create(:user) }
+
+    before do
+      sign_in user
+    end
+
+    after do
+      user.account_closure_request&.destroy
+    end
+
+    it "shows the user a confirmation page" do
+      get :new
+      assert_response :success
+      expect(response).to render_template(:new)
+    end
+
+    it "asks the user to check the confirmation checkbox" do
+      post :create, params: { confirm: "0" }
+      assert_response :redirect
+      expect(response).to redirect_to(users_close_account_path)
+      expect(flash[:error]).to eq("You must confirm that you want to close your account")
+    end
+
+    it "creates a record of the user's request to close their account" do
+      post :create, params: { confirm: "1" }
+
+      user.reload
+      expect(user.account_closure_request).to be_present
+
+      # Check email has been sent
+      expect(ActionMailer::Base.deliveries.count).to eq(1)
+      email = ActionMailer::Base.deliveries.last
+      expect(email.to).to eq([user.email])
+      expect(email.subject).to eq("Your account closure request on #{site_name}")
+
+      assert_response :redirect
+      expect(response).to redirect_to(root_path)
+      expect(flash[:notice]).to eq("Your account closure request has been received. We will be in touch.")
+    end
+  end
+end

spec/factories/account_closure_requests.rb

@@ -0,0 +1,14 @@
+# == Schema Information
+# Schema version: 20230718062820
+#
+# Table name: account_closure_requests
+#
+#  id         :bigint           not null, primary key
+#  user_id    :bigint           not null
+#  created_at :datetime         not null
+#  updated_at :datetime         not null
+#
+FactoryBot.define do
+  factory :account_closure_request do
+  end
+end

spec/integration/admin_user_account_closing_spec.rb

@@ -0,0 +1,40 @@
+require 'spec_helper'
+require 'integration/alaveteli_dsl'
+
+RSpec.describe 'Admin Account Closure Requests' do
+  before do
+    allow(AlaveteliConfiguration).to receive(:skip_admin_auth).and_return(false)
+
+    confirm(:admin_user)
+    @admin = login(:admin_user)
+    @user = FactoryBot.create(:user)
+    @account_closure_request = FactoryBot.create(:account_closure_request, user: @user)
+  end
+
+  context 'viewing account closure requests' do
+    it 'displays link to "Account closure requests" on admin homepage' do
+      using_session(@admin) do
+        visit admin_general_index_path
+        expect(page).to have_link('Account closure requests')
+      end
+    end
+
+    it 'can close an account from the "Account closure requests" page' do
+      using_session(@admin) do
+        expect(@user).to_not be_closed
+
+        visit account_closure_requests_admin_users_path
+        within("tr#account-closure-request-#{@account_closure_request.id}") do
+          click_button 'Close'
+        end
+        expect(page).to have_text('The user account was closed.')
+
+        @user.reload
+        expect(@user).to be_closed
+
+        visit account_closure_requests_admin_users_path
+        expect(page).to_not have_text(@user.name)
+      end
+    end
+  end
+end