Commit a38e046f authored by catch's avatar catch
Browse files

Issue #3258321 by darvanen, AaronMcHale, dww, mstrelan, lauriii, Gábor Hojtsy,... 

Issue #3258321 by darvanen, AaronMcHale, dww, mstrelan, lauriii, Gábor Hojtsy, benjifisher, hmendes, rkoller, shaal, worldlinemine: Cancel account button on user form triggers server-side validation

(cherry picked from commit 2a21bdae)
parent 4fb5cf25

core/modules/user/src/ProfileForm.php

+17 −25
Original line number Diff line number Diff line
@@ -17,13 +17,23 @@ class ProfileForm extends AccountForm { 
  protected function actions(array $form, FormStateInterface $form_state) {

    $element = parent::actions($form, $form_state);



    // The user account being edited.

    $account = $this->entity;



    $element['delete']['#type'] = 'submit';

    $element['delete']['#value'] = $this->t('Cancel account');

    $element['delete']['#submit'] = ['::editCancelSubmit'];

    $element['delete']['#access'] = $account->id() > 1 && $account->access('delete');

    if (!$this->entity->isNew() && $this->entity->hasLinkTemplate('cancel-form')) {

      $route_info = $this->entity->toUrl('cancel-form');

      if ($this->getRequest()->query->has('destination')) {

        $query = $route_info->getOption('query');

        $query['destination'] = $this->getRequest()->query->get('destination');

        $route_info->setOption('query', $query);

      }

      $element['delete'] = [

        '#type' => 'link',

        '#title' => $this->t('Cancel account'),

        '#access' => $this->entity->id() > 1 && $this->entity->access('delete'),

        '#attributes' => [

          'class' => ['button', 'button--danger'],

        ],

      ];

      $element['delete']['#url'] = $route_info;

    }



    return $element;

  }
@@ -39,22 +49,4 @@ public function save(array $form, FormStateInterface $form_state) { 
    $this->messenger()->addStatus($this->t('The changes have been saved.'));

  }



  /**

   * Provides a submit handler for the 'Cancel account' button.

   */

  public function editCancelSubmit($form, FormStateInterface $form_state) {

    $destination = [];

    $query = $this->getRequest()->query;

    if ($query->has('destination')) {

      $destination = ['destination' => $query->get('destination')];

      $query->remove('destination');

    }

    // We redirect from user/%/edit to user/%/cancel to make the tabs disappear.

    $form_state->setRedirect(

      'entity.user.cancel_form',

      ['user' => $this->entity->id()],

      ['query' => $destination]

    );

  }



}

core/modules/user/tests/src/Functional/UserCancelTest.php

+8 −18
Original line number Diff line number Diff line
@@ -142,10 +142,7 @@ public function testUserCancelInvalid() { 
    $node = $this->drupalCreateNode(['uid' => $account->id()]);



    // Attempt to cancel account.

    $this->drupalGet('user/' . $account->id() . '/edit');

    $this->submitForm([], 'Cancel account');



    // Confirm account cancellation.

    $this->drupalGet('user/' . $account->id() . '/cancel');

    $timestamp = time();

    $this->submitForm([], 'Confirm');

    $this->assertSession()->pageTextContains('A confirmation request to cancel your account has been sent to your email address.');
@@ -189,8 +186,7 @@ public function testUserBlock() { 
    $account = $user_storage->load($web_user->id());



    // Attempt to cancel account.

    $this->drupalGet('user/' . $account->id() . '/edit');

    $this->submitForm([], 'Cancel account');

    $this->drupalGet('user/' . $account->id() . '/cancel');

    $this->assertSession()->pageTextContains('Are you sure you want to cancel your account?');

    $this->assertSession()->pageTextContains('Your account will be blocked and you will no longer be able to log in. All of your content will remain attributed to your username.');

    $this->assertSession()->pageTextNotContains('Cancellation method');
@@ -249,8 +245,7 @@ public function testUserBlockUnpublish() { 
    $comment->save();



    // Attempt to cancel account.

    $this->drupalGet('user/' . $account->id() . '/edit');

    $this->submitForm([], 'Cancel account');

    $this->drupalGet('user/' . $account->id() . '/cancel');

    $this->assertSession()->pageTextContains('Are you sure you want to cancel your account?');

    $this->assertSession()->pageTextContains('Your account will be blocked and you will no longer be able to log in. All of your content will be hidden from everyone but administrators.');
@@ -371,8 +366,7 @@ public function testUserAnonymize() { 
    $revision_node = $this->drupalCreateNode($settings);



    // Attempt to cancel account.

    $this->drupalGet('user/' . $account->id() . '/edit');

    $this->submitForm([], 'Cancel account');

    $this->drupalGet('user/' . $account->id() . '/cancel');

    $this->assertSession()->pageTextContains('Are you sure you want to cancel your account?');

    $this->assertSession()->pageTextContains("Your account will be removed and all account information deleted. All of your content will be assigned to the {$this->config('user.settings')->get('anonymous')} user.");
@@ -435,8 +429,7 @@ public function testUserAnonymizeBatch() { 
    }



    // Attempt to cancel account.

    $this->drupalGet('user/' . $account->id() . '/edit');

    $this->submitForm([], 'Cancel account');

    $this->drupalGet('user/' . $account->id() . '/cancel');

    $this->assertSession()->pageTextContains('Are you sure you want to cancel your account?');

    $this->assertSession()->pageTextContains("Your account will be removed and all account information deleted. All of your content will be assigned to the {$this->config('user.settings')->get('anonymous')} user.");
@@ -508,8 +501,7 @@ public function testUserDelete() { 
    $revision_node = $this->drupalCreateNode($settings);



    // Attempt to cancel account.

    $this->drupalGet('user/' . $account->id() . '/edit');

    $this->submitForm([], 'Cancel account');

    $this->drupalGet('user/' . $account->id() . '/cancel');

    $this->assertSession()->pageTextContains('Are you sure you want to cancel your account?');

    $this->assertSession()->pageTextContains('Your account will be removed and all account information deleted. All of your content will also be deleted.');
@@ -555,8 +547,7 @@ public function testUserCancelByAdmin() { 
    $this->drupalLogin($admin_user);



    // Delete regular user.

    $this->drupalGet('user/' . $account->id() . '/edit');

    $this->submitForm([], 'Cancel account');

    $this->drupalGet('user/' . $account->id() . '/cancel');

    $this->assertSession()->pageTextContains("Are you sure you want to cancel the account {$account->getAccountName()}?");

    $this->assertSession()->pageTextContains('Cancellation method');
@@ -583,8 +574,7 @@ public function testUserWithoutEmailCancelByAdmin() { 
    $this->drupalLogin($admin_user);



    // Delete regular user without email address.

    $this->drupalGet('user/' . $account->id() . '/edit');

    $this->submitForm([], 'Cancel account');

    $this->drupalGet('user/' . $account->id() . '/cancel');

    $this->assertSession()->pageTextContains("Are you sure you want to cancel the account {$account->getAccountName()}?");

    $this->assertSession()->pageTextContains('Cancellation method');

core/modules/user/tests/src/Functional/UserTranslationUITest.php

+1 −1
Original line number Diff line number Diff line
@@ -109,7 +109,7 @@ public function testTranslatedUserDeletion() { 
      ['language' => $this->container->get('language_manager')->getLanguage('en')]

    );

    $this->drupalGet($url);

    $this->submitForm([], 'Cancel account');

    $this->clickLink('Cancel account');

    $this->assertSession()->statusCodeEquals(200);

  }