mark accounts as erased when requested

2024-07-15 08:14:06 +00:00 · 2018-06-12 09:43:59 +01:00 · 2018-06-12 09:43:59 +01:00 · f1023ebf4b
parent 3ff8a619f5
commit f1023ebf4b
3 changed files with 20 additions and 4 deletions
--- a/synapse/handlers/deactivate_account.py
+++ b/synapse/handlers/deactivate_account.py
@ -42,7 +42,7 @@ class DeactivateAccountHandler(BaseHandler):
        reactor.callWhenRunning(self._start_user_parting)

    @defer.inlineCallbacks
-    def deactivate_account(self, user_id):
+    def deactivate_account(self, user_id, erase_data):
        """Deactivate a user's account

        Args:
@ -92,6 +92,11 @@ class DeactivateAccountHandler(BaseHandler):
        # delete from user directory
        yield self.user_directory_handler.handle_user_deactivated(user_id)

+        # Mark the user as erased, if they asked for that
+        if erase_data:
+            logger.info("Marking %s as erased", user_id)
+            yield self.store.mark_user_erased(user_id)
+
        # Now start the process that goes through that list and
        # parts users from rooms (if it isn't already running)
        self._start_user_parting()
--- a/synapse/rest/client/v1/admin.py
+++ b/synapse/rest/client/v1/admin.py
@ -254,7 +254,9 @@ class DeactivateAccountRestServlet(ClientV1RestServlet):
        if not is_admin:
            raise AuthError(403, "You are not a server admin")

-        yield self._deactivate_account_handler.deactivate_account(target_user_id)
+        yield self._deactivate_account_handler.deactivate_account(
+            target_user_id, False,
+        )
        defer.returnValue((200, {}))


--- a/synapse/rest/client/v2_alpha/account.py
+++ b/synapse/rest/client/v2_alpha/account.py
@ -1,6 +1,7 @@
 # -*- coding: utf-8 -*-
 # Copyright 2015, 2016 OpenMarket Ltd
 # Copyright 2017 Vector Creations Ltd
+# Copyright 2018 New Vector Ltd
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@ -15,6 +16,7 @@
 # limitations under the License.
 import logging

+from six.moves import http_client
 from twisted.internet import defer

 from synapse.api.auth import has_access_token
@ -187,13 +189,20 @@ class DeactivateAccountRestServlet(RestServlet):
    @defer.inlineCallbacks
    def on_POST(self, request):
        body = parse_json_object_from_request(request)
+        erase = body.get("erase", False)
+        if not isinstance(erase, bool):
+            raise SynapseError(
+                http_client.BAD_REQUEST,
+                "Param 'erase' must be a boolean, if given",
+                Codes.BAD_JSON,
+            )

        requester = yield self.auth.get_user_by_req(request)

        # allow ASes to dectivate their own users
        if requester.app_service:
            yield self._deactivate_account_handler.deactivate_account(
-                requester.user.to_string()
+                requester.user.to_string(), erase,
            )
            defer.returnValue((200, {}))

@ -201,7 +210,7 @@ class DeactivateAccountRestServlet(RestServlet):
            requester, body, self.hs.get_ip_from_request(request),
        )
        yield self._deactivate_account_handler.deactivate_account(
-            requester.user.to_string(),
+            requester.user.to_string(), erase,
        )
        defer.returnValue((200, {}))