Add account deletion

docs/deletion.rst

@@ -0,0 +1,25 @@
+Account deletion
+================
+
+The NucleosUserBundle has built-in support for deleting the user account.
+
+Enable feature
+--------------
+
+The feature is disabled by default. You can enable it by using the following configuration:
+
+.. code-block:: yaml
+
+    # config/packages/nucleos_user.yaml
+    nucleos_user:
+        # ...
+        deletion:
+            enable: true
+
+Add the routing config:
+
+.. code-block:: yaml
+
+    # config/routes/nucleos_user.yaml
+    nucleos_user_deletion:
+        resource: "@NucleosUserBundle/Resources/config/routing/deletion.xml"

docs/index.rst

@@ -26,5 +26,6 @@ The following documents are available:
     custom_storage_layer
     routing
     security
+    deletion
     configuration_reference
     migrate_from_fos

phpstan-baseline.neon

@@ -127,7 +127,7 @@ parameters:
 
 		-
 			message: "#^Call to an undefined method Symfony\\\\Component\\\\Config\\\\Definition\\\\Builder\\\\NodeDefinition\\:\\:addDefaultsIfNotSet\\(\\)\\.$#"
-			count: 1
+			count: 2
 			path: src/DependencyInjection/Configuration.php
 
 		-
@@ -150,6 +150,11 @@ parameters:
 			count: 1
 			path: src/DependencyInjection/NucleosUserExtension.php
 
+		-
+			message: "#^Method Nucleos\\\\UserBundle\\\\DependencyInjection\\\\NucleosUserExtension\\:\\:loadDeletion\\(\\) has parameter \\$config with no value type specified in iterable type array\\.$#"
+			count: 1
+			path: src/DependencyInjection/NucleosUserExtension.php
+
 		-
 			message: "#^Method Nucleos\\\\UserBundle\\\\DependencyInjection\\\\NucleosUserExtension\\:\\:loadResetting\\(\\) has parameter \\$config with no value type specified in iterable type array\\.$#"
 			count: 1

psalm-baseline.xml

@@ -25,7 +25,7 @@
     </NullableReturnStatement>
   </file>
   <file src="src/DependencyInjection/Configuration.php">
-    <UndefinedMethod occurrences="4">
+    <UndefinedMethod occurrences="5">
       <code>addDefaultsIfNotSet</code>
       <code>children</code>
       <code>children</code>

src/Action/AccountDeletionAction.php

@@ -0,0 +1,146 @@
+<?php
+
+declare(strict_types=1);
+
+/*
+ * This file is part of the NucleosUserBundle package.
+ *
+ * (c) Christian Gripp <mail@core23.de>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Nucleos\UserBundle\Action;
+
+use Nucleos\UserBundle\Event\AccountDeletionEvent;
+use Nucleos\UserBundle\Event\AccountDeletionResponseEvent;
+use Nucleos\UserBundle\Event\GetResponseAccountDeletionEvent;
+use Nucleos\UserBundle\Form\Model\AccountDeletion;
+use Nucleos\UserBundle\Form\Type\AccountDeletionFormType;
+use Nucleos\UserBundle\Model\UserInterface;
+use Nucleos\UserBundle\Model\UserManagerInterface;
+use Nucleos\UserBundle\NucleosUserEvents;
+use Symfony\Component\Form\Extension\Core\Type\SubmitType;
+use Symfony\Component\Form\FormFactoryInterface;
+use Symfony\Component\HttpFoundation\RedirectResponse;
+use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\HttpFoundation\Response;
+use Symfony\Component\Routing\RouterInterface;
+use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
+use Symfony\Component\Security\Core\Exception\AccessDeniedException;
+use Symfony\Contracts\EventDispatcher\EventDispatcherInterface;
+use Twig\Environment;
+
+final class AccountDeletionAction
+{
+    /**
+     * @var Environment
+     */
+    private $twig;
+
+    /**
+     * @var RouterInterface
+     */
+    private $router;
+
+    /**
+     * @var UserManagerInterface
+     */
+    private $userManager;
+
+    /**
+     * @var TokenStorageInterface
+     */
+    private $tokenStorage;
+
+    /**
+     * @var FormFactoryInterface
+     */
+    private $formFactory;
+
+    /**
+     * @var EventDispatcherInterface
+     */
+    private $eventDispatcher;
+
+    public function __construct(
+        Environment $twig,
+        RouterInterface $router,
+        UserManagerInterface $userManager,
+        TokenStorageInterface $tokenStorage,
+        FormFactoryInterface $formFactory,
+        EventDispatcherInterface $eventDispatcher
+    ) {
+        $this->twig            = $twig;
+        $this->router          = $router;
+        $this->userManager     = $userManager;
+        $this->formFactory     = $formFactory;
+        $this->eventDispatcher = $eventDispatcher;
+        $this->tokenStorage    = $tokenStorage;
+    }
+
+    public function __invoke(Request $request): Response
+    {
+        $user = $this->getUser();
+
+        if (!$user instanceof UserInterface) {
+            throw new AccessDeniedException('Access Denied.');
+        }
+
+        $event = new GetResponseAccountDeletionEvent($user, $request);
+        $this->eventDispatcher->dispatch($event, NucleosUserEvents::ACCOUNT_DELETION_INITIALIZE);
+
+        if (null !== $response = $event->getResponse()) {
+            return $response;
+        }
+
+        $form = $this->formFactory
+            ->create(AccountDeletionFormType::class, new AccountDeletion(), [
+                'action'  => $this->router->generate('nucleos_user_delete_account'),
+            ])
+            ->add('delete', SubmitType::class, [
+                'label'     => 'deletion.submit',
+            ])
+        ;
+        $form->handleRequest($request);
+
+        if ($form->isSubmitted() && $form->isValid()) {
+            return $this->processDeletion($user, $request);
+        }
+
+        return new Response($this->twig->render('@NucleosUser/Account/deletion.html.twig', [
+            'form' => $form->createView(),
+        ]));
+    }
+
+    private function getUser(): ?UserInterface
+    {
+        $token = $this->tokenStorage->getToken();
+
+        if (null === $token) {
+            return null;
+        }
+
+        $user = $token->getUser();
+
+        if ($user instanceof UserInterface) {
+            return $user;
+        }
+
+        return null;
+    }
+
+    private function processDeletion(UserInterface $user, Request $request): Response
+    {
+        $event = new AccountDeletionEvent($user, $request);
+        $this->eventDispatcher->dispatch($event, NucleosUserEvents::ACCOUNT_DELETION);
+
+        $this->userManager->deleteUser($user);
+
+        $event = new AccountDeletionResponseEvent($user, $request, new RedirectResponse($this->router->generate('nucleos_user_security_logout')));
+        $this->eventDispatcher->dispatch($event, NucleosUserEvents::ACCOUNT_DELETION_SUCCESS);
+
+        return $event->getResponse();
+    }
+}

src/DependencyInjection/Configuration.php

@@ -27,6 +27,7 @@ public function getConfigTreeBuilder(): TreeBuilder
 
         $this->addMainSection($rootNode);
         $this->addResettingSection($rootNode);
+        $this->addDeletionSection($rootNode);
         $this->addGroupSection($rootNode);
         $this->addServiceSection($rootNode);
 
@@ -89,6 +90,18 @@ private function addResettingSection(NodeDefinition $node): void
         ;
     }
 
+    private function addDeletionSection(NodeDefinition $node): void
+    {
+        $node
+            ->addDefaultsIfNotSet()
+            ->children()
+                ->arrayNode('deletion')
+                    ->canBeEnabled()
+                ->end()
+            ->end()
+        ;
+    }
+
     private function addServiceSection(NodeDefinition $node): void
     {
         $node

src/DependencyInjection/NucleosUserExtension.php

@@ -122,6 +122,7 @@ public function load(array $configs, ContainerBuilder $container): void
         ]);
 
         $this->loadChangePassword($loader);
+        $this->loadDeletion($config['deletion'], $loader);
         $this->loadResetting($config['resetting'], $container, $loader, $config['from_email']);
 
         if (isset($config['group'])) {
@@ -204,6 +205,15 @@ private function loadChangePassword(FileLoader $loader): void
         $loader->load('change_password.php');
     }
 
+    private function loadDeletion(array $config, FileLoader $loader): void
+    {
+        if (true !== $config['enabled']) {
+            return;
+        }
+
+        $loader->load('deletion.php');
+    }
+
     private function loadResetting(array $config, ContainerBuilder $container, FileLoader $loader, string $fromEmail): void
     {
         $this->mailerNeeded = true;

src/Event/AccountDeletionEvent.php

@@ -0,0 +1,47 @@
+<?php
+
+declare(strict_types=1);
+
+/*
+ * This file is part of the NucleosUserBundle package.
+ *
+ * (c) Christian Gripp <mail@core23.de>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Nucleos\UserBundle\Event;
+
+use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\Security\Core\User\UserInterface;
+use Symfony\Contracts\EventDispatcher\Event;
+
+class AccountDeletionEvent extends Event
+{
+    /**
+     * @var Request
+     */
+    private $request;
+
+    /**
+     * @var UserInterface
+     */
+    private $user;
+
+    public function __construct(UserInterface $user, Request $request)
+    {
+        $this->user      = $user;
+        $this->request   = $request;
+    }
+
+    public function getRequest(): Request
+    {
+        return $this->request;
+    }
+
+    public function getUser(): UserInterface
+    {
+        return $this->user;
+    }
+}

src/Event/AccountDeletionResponseEvent.php

@@ -0,0 +1,38 @@
+<?php
+
+declare(strict_types=1);
+
+/*
+ * This file is part of the NucleosUserBundle package.
+ *
+ * (c) Christian Gripp <mail@core23.de>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Nucleos\UserBundle\Event;
+
+use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\HttpFoundation\Response;
+use Symfony\Component\Security\Core\User\UserInterface;
+
+final class AccountDeletionResponseEvent extends AccountDeletionEvent
+{
+    /**
+     * @var Response
+     */
+    private $response;
+
+    public function __construct(UserInterface $user, Request $request, Response $response)
+    {
+        parent::__construct($user, $request);
+
+        $this->response = $response;
+    }
+
+    public function getResponse(): Response
+    {
+        return $this->response;
+    }
+}

src/Event/GetResponseAccountDeletionEvent.php

@@ -0,0 +1,34 @@
+<?php
+
+declare(strict_types=1);
+
+/*
+ * This file is part of the NucleosUserBundle package.
+ *
+ * (c) Christian Gripp <mail@core23.de>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Nucleos\UserBundle\Event;
+
+use Symfony\Component\HttpFoundation\Response;
+
+final class GetResponseAccountDeletionEvent extends AccountDeletionEvent
+{
+    /**
+     * @var Response|null
+     */
+    private $response;
+
+    public function setResponse(Response $response): void
+    {
+        $this->response = $response;
+    }
+
+    public function getResponse(): ?Response
+    {
+        return $this->response;
+    }
+}

src/EventListener/FlashListener.php

@@ -28,6 +28,7 @@ final class FlashListener implements EventSubscriberInterface
     private static $successMessages = [
         NucleosUserEvents::CHANGE_PASSWORD_COMPLETED => 'change_password.flash.success',
         NucleosUserEvents::RESETTING_RESET_COMPLETED => 'resetting.flash.success',
+        NucleosUserEvents::ACCOUNT_DELETION_SUCCESS  => 'deletion.success',
     ];
 
     /**
@@ -51,6 +52,7 @@ public static function getSubscribedEvents(): array
         return [
             NucleosUserEvents::CHANGE_PASSWORD_COMPLETED => 'addSuccessFlash',
             NucleosUserEvents::RESETTING_RESET_COMPLETED => 'addSuccessFlash',
+            NucleosUserEvents::ACCOUNT_DELETION_SUCCESS  => 'addSuccessFlash',
         ];
     }