Update SettingsController

This commit is contained in:
Daniel Supernault 2019-08-21 13:28:44 -06:00
parent 9524ea19f5
commit cd9db4fe0c
No known key found for this signature in database
GPG key ID: 0DEF1C662C9033F7

View file

@ -92,12 +92,20 @@ class SettingsController extends Controller
public function removeAccountTemporary(Request $request) public function removeAccountTemporary(Request $request)
{ {
$user = Auth::user();
abort_if(!config('pixelfed.account_deletion'), 403);
abort_if($user->is_admin, 403);
abort_if($user->created_at->gt(now()->subHours(12)), 403);
return view('settings.remove.temporary'); return view('settings.remove.temporary');
} }
public function removeAccountTemporarySubmit(Request $request) public function removeAccountTemporarySubmit(Request $request)
{ {
$user = Auth::user(); $user = Auth::user();
abort_if(!config('pixelfed.account_deletion'), 403);
abort_if($user->is_admin, 403);
abort_if($user->created_at->gt(now()->subHours(12)), 403);
$profile = $user->profile; $profile = $user->profile;
$user->status = 'disabled'; $user->status = 'disabled';
$profile->status = 'disabled'; $profile->status = 'disabled';
@ -110,9 +118,9 @@ class SettingsController extends Controller
public function removeAccountPermanent(Request $request) public function removeAccountPermanent(Request $request)
{ {
if(config('pixelfed.account_deletion') == false) { $user = Auth::user();
abort(404); abort_if($user->is_admin, 403);
} abort_if($user->created_at->gt(now()->subDays(7)), 403);
return view('settings.remove.permanent'); return view('settings.remove.permanent');
} }
@ -122,9 +130,9 @@ class SettingsController extends Controller
abort(404); abort(404);
} }
$user = Auth::user(); $user = Auth::user();
if($user->is_admin == true) { abort_if(!config('pixelfed.account_deletion'), 403);
return abort(400, 'You cannot delete an admin account.'); abort_if($user->is_admin, 403);
} abort_if($user->created_at->gt(now()->subDays(7)), 403);
$profile = $user->profile; $profile = $user->profile;
$ts = Carbon::now()->addMonth(); $ts = Carbon::now()->addMonth();
$user->status = 'delete'; $user->status = 'delete';