27 :tag("password"):up(); |
27 :tag("password"):up(); |
28 session.send(reply); |
28 session.send(reply); |
29 elseif stanza.attr.type == "set" then |
29 elseif stanza.attr.type == "set" then |
30 if query.tags[1] and query.tags[1].name == "remove" then |
30 if query.tags[1] and query.tags[1].name == "remove" then |
31 -- TODO delete user auth data, send iq response, kick all user resources with a <not-authorized/>, delete all user data |
31 -- TODO delete user auth data, send iq response, kick all user resources with a <not-authorized/>, delete all user data |
|
32 local username, host = session.username, session.host; |
32 --session.send(st.error_reply(stanza, "cancel", "not-allowed")); |
33 --session.send(st.error_reply(stanza, "cancel", "not-allowed")); |
33 --return; |
34 --return; |
34 usermanager_create_user(session.username, nil, session.host); -- Disable account |
35 usermanager_create_user(username, nil, host); -- Disable account |
35 -- FIXME the disabling currently allows a different user to recreate the account |
36 -- FIXME the disabling currently allows a different user to recreate the account |
36 -- we should add an in-memory account block mode when we have threading |
37 -- we should add an in-memory account block mode when we have threading |
37 session.send(st.reply(stanza)); |
38 session.send(st.reply(stanza)); |
38 local roster = session.roster; |
39 local roster = session.roster; |
39 for _, session in pairs(hosts[session.host].sessions[session.username].sessions) do -- disconnect all resources |
40 for _, session in pairs(hosts[host].sessions[username].sessions) do -- disconnect all resources |
40 session:close({condition = "not-authorized", text = "Account deleted"}); |
41 session:close({condition = "not-authorized", text = "Account deleted"}); |
41 end |
42 end |
42 -- TODO datamanager should be able to delete all user data itself |
43 -- TODO datamanager should be able to delete all user data itself |
43 datamanager.store(session.username, session.host, "roster", nil); |
44 datamanager.store(username, host, "roster", nil); |
44 datamanager.store(session.username, session.host, "vcard", nil); |
45 datamanager.store(username, host, "vcard", nil); |
45 datamanager.store(session.username, session.host, "private", nil); |
46 datamanager.store(username, host, "private", nil); |
46 datamanager.store(session.username, session.host, "offline", nil); |
47 datamanager.store(username, host, "offline", nil); |
47 --local bare = session.username.."@"..session.host; |
48 --local bare = username.."@"..host; |
48 for jid, item in pairs(roster) do |
49 for jid, item in pairs(roster) do |
49 if jid ~= "pending" then |
50 if jid ~= "pending" then |
50 if item.subscription == "both" or item.subscription == "to" then |
51 if item.subscription == "both" or item.subscription == "to" then |
51 -- TODO unsubscribe |
52 -- TODO unsubscribe |
52 end |
53 end |
53 if item.subscription == "both" or item.subscription == "from" then |
54 if item.subscription == "both" or item.subscription == "from" then |
54 -- TODO unsubscribe |
55 -- TODO unsubscribe |
55 end |
56 end |
56 end |
57 end |
57 end |
58 end |
58 datamanager.store(session.username, session.host, "accounts", nil); -- delete accounts datastore at the end |
59 datamanager.store(username, host, "accounts", nil); -- delete accounts datastore at the end |
59 else |
60 else |
60 local username = query:child_with_name("username"); |
61 local username = query:child_with_name("username"); |
61 local password = query:child_with_name("password"); |
62 local password = query:child_with_name("password"); |
62 if username and password then |
63 if username and password then |
63 -- FIXME shouldn't use table.concat |
64 -- FIXME shouldn't use table.concat |