From fe714e9989e52ab9579b9edfa0c79beee1101a4e Mon Sep 17 00:00:00 2001
From: James Cole <thegrumpydictator@gmail.com>
Date: Wed, 22 Apr 2015 07:54:56 +0200
Subject: [PATCH] Built a routine that will allow you to completely delete an
 account.

---
 app/Http/Controllers/ProfileController.php    | 31 ++++++++++++
 .../Requests/DeleteAccountFormRequest.php     | 32 ++++++++++++
 app/Http/routes.php                           |  2 +
 ...11_10_172053_create_account_meta_table.php |  3 ++
 .../views/profile/delete-account.blade.php    | 49 +++++++++++++++++++
 resources/views/profile/index.blade.php       |  5 +-
 6 files changed, 121 insertions(+), 1 deletion(-)
 create mode 100644 app/Http/Requests/DeleteAccountFormRequest.php
 create mode 100644 resources/views/profile/delete-account.blade.php

diff --git a/app/Http/Controllers/ProfileController.php b/app/Http/Controllers/ProfileController.php
index a74e6a0960..2c61ff4bdd 100644
--- a/app/Http/Controllers/ProfileController.php
+++ b/app/Http/Controllers/ProfileController.php
@@ -2,6 +2,7 @@
 
 use Auth;
 use FireflyIII\Http\Requests;
+use FireflyIII\Http\Requests\DeleteAccountFormRequest;
 use FireflyIII\Http\Requests\ProfileFormRequest;
 use Hash;
 use Redirect;
@@ -34,6 +35,36 @@ class ProfileController extends Controller
         return view('profile.index')->with('title', 'Profile')->with('subTitle', Auth::user()->email)->with('mainTitleIcon', 'fa-user');
     }
 
+
+    /**
+     * @return \Illuminate\View\View
+     */
+    public function deleteAccount()
+    {
+        return view('profile.delete-account')->with('title', Auth::user()->email)->with('subTitle', 'Delete account')->with(
+            'mainTitleIcon', 'fa-user'
+        );
+    }
+
+    /**
+     *
+     */
+    public function postDeleteAccount(DeleteAccountFormRequest $request) {
+        // old, new1, new2
+        if (!Hash::check($request->get('password'), Auth::user()->password)) {
+            Session::flash('error', 'Invalid password!');
+
+            return Redirect::route('delete-account');
+        }
+
+        // DELETE!
+        Auth::user()->delete();
+        Session::flush();
+        return Redirect::route('index');
+    }
+
+
+
     /**
      * @return \Illuminate\Http\RedirectResponse|\Illuminate\View\View
      */
diff --git a/app/Http/Requests/DeleteAccountFormRequest.php b/app/Http/Requests/DeleteAccountFormRequest.php
new file mode 100644
index 0000000000..05f928ab8b
--- /dev/null
+++ b/app/Http/Requests/DeleteAccountFormRequest.php
@@ -0,0 +1,32 @@
+<?php
+
+namespace FireflyIII\Http\Requests;
+
+use Auth;
+
+/**
+ * Class DeleteAccountFormRequest
+ *
+ * @package FireflyIII\Http\Requests
+ */
+class DeleteAccountFormRequest extends Request
+{
+    /**
+     * @return bool
+     */
+    public function authorize()
+    {
+        // Only allow logged in users
+        return Auth::check();
+    }
+
+    /**
+     * @return array
+     */
+    public function rules()
+    {
+        return [
+            'password'          => 'required',
+        ];
+    }
+}
diff --git a/app/Http/routes.php b/app/Http/routes.php
index 274cc21d5a..117edea60e 100644
--- a/app/Http/routes.php
+++ b/app/Http/routes.php
@@ -282,6 +282,8 @@ Route::group(
      */
     Route::get('/profile', ['uses' => 'ProfileController@index', 'as' => 'profile']);
     Route::get('/profile/change-password', ['uses' => 'ProfileController@changePassword', 'as' => 'change-password']);
+    Route::get('/profile/delete-account', ['uses' => 'ProfileController@deleteAccount', 'as' => 'delete-account']);
+    Route::post('/profile/delete-account', ['uses' => 'ProfileController@postDeleteAccount', 'as' => 'delete-account-post']);
     Route::post('/profile/change-password', ['uses' => 'ProfileController@postChangePassword', 'as' => 'change-password-post']);
 
     /**
diff --git a/database/migrations/2014_11_10_172053_create_account_meta_table.php b/database/migrations/2014_11_10_172053_create_account_meta_table.php
index 24f92af144..5ca584d007 100644
--- a/database/migrations/2014_11_10_172053_create_account_meta_table.php
+++ b/database/migrations/2014_11_10_172053_create_account_meta_table.php
@@ -41,6 +41,9 @@ class CreateAccountMetaTable extends Migration
 
             $table->unique(['account_id', 'name']);
 
+            // link to account!
+            $table->foreign('account_id')->references('id')->on('accounts')->onDelete('cascade');
+
 
         }
         );
diff --git a/resources/views/profile/delete-account.blade.php b/resources/views/profile/delete-account.blade.php
new file mode 100644
index 0000000000..a181f16a68
--- /dev/null
+++ b/resources/views/profile/delete-account.blade.php
@@ -0,0 +1,49 @@
+@extends('layouts.default')
+@section('content')
+{!! Breadcrumbs::renderIfExists(Route::getCurrentRoute()->getName()) !!}
+<div class="row">
+    <div class="col-lg-6 col-md-12 col-sm-12">
+        <div class="panel panel-red">
+            <div class="panel-heading">
+                Delete your account
+            </div>
+            <div class="panel-body">
+
+                <p class="text-danger">
+                    Deleting your account will also delete any accounts, transactions, <em>anything</em>
+                    you might have saved into Firefly III. It'll be GONE.
+                </p>
+                <p class="text-danger">
+                    Enter your password to continue.
+                </p>
+
+                @if($errors->count() > 0)
+                    <ul>
+                        @foreach($errors->all() as $err)
+                            <li class="text-info">{{$err}}</li>
+                        @endforeach
+                    </ul>
+
+                @endif
+
+                {!! Form::open(['class' => 'form-horizontal','id' => 'change-password']) !!}
+                    <div class="form-group">
+                        <label for="password" class="col-sm-4 control-label">Password</label>
+                        <div class="col-sm-8">
+                            <input type="password" class="form-control" id="password" placeholder="Password" name="password">
+                        </div>
+                    </div>
+
+                    <div class="form-group">
+                        <div class="col-sm-offset-4 col-sm-10">
+                            <button type="submit" onclick="confirm('Are you sure? You cannot undo this.')" class="btn btn-danger">DELETE your account</button>
+                        </div>
+                    </div>
+                {!! Form::close() !!}
+            </div>
+        </div>
+    </div>
+</div>
+@stop
+@section('scripts')
+@stop
diff --git a/resources/views/profile/index.blade.php b/resources/views/profile/index.blade.php
index e6eab98606..660cd54bcc 100644
--- a/resources/views/profile/index.blade.php
+++ b/resources/views/profile/index.blade.php
@@ -8,7 +8,10 @@
                 Options
             </div>
             <div class="panel-body">
-                <a href="{{route('change-password')}}">Change your password</a>
+                <ul>
+                    <li><a href="{{route('change-password')}}">Change your password</a></li>
+                    <li><a class="text-danger" href="{{route('delete-account')}}">Delete account</a></li>
+                </ul>
             </div>
         </div>
     </div>