#38 Delete user

misago/acl/migrations/0003_default_roles.py

@@ -106,7 +106,7 @@ def create_default_roles(apps, schema_editor):
         })
     role.save()
 
-    role = Role(name=_("Delete users"))
+    role = Role(name=_("Deleting users"))
     pickle_permissions(role,
         {
             # delete users perms

misago/acl/testutils.py

@@ -16,3 +16,8 @@ def fake_post_data(target, data_dict):
             else:
                 data_dict[field.html_name] = field.value()
     return data_dict
+
+
+def override_acl(user, new_acl):
+    user.acl
+    user._acl_cache.update(new_acl)

misago/templates/misago/profile/base.html

@@ -79,7 +79,7 @@
                   {% csrf_token %}
                   <button type="submit" class="btn">
                     <span class="fa fa-times-circle"></span>
-                    {% trans "Delete user account and content" %}
+                    {% trans "Delete user and content" %}
                   </button>
                 </form>
               </li>

misago/users/migrations/0004_default_ranks.py

@@ -27,6 +27,7 @@ def create_default_ranks(apps, schema_editor):
 
     Role = apps.get_model('misago_acl', 'Role')
     team.roles.add(Role.objects.get(name=_("Moderator")))
+    team.roles.add(Role.objects.get(name=_("Deleting users")))
 
 
 class Migration(migrations.Migration):

misago/users/tests/test_moderation_views.py

@@ -0,0 +1,45 @@
+from django.contrib.auth import get_user_model
+from django.core.urlresolvers import reverse
+
+from misago.acl.testutils import override_acl
+from misago.admin.testutils import AdminTestCase
+
+
+class UserModerationTestCase(AdminTestCase):
+    def setUp(self):
+        super(UserModerationTestCase, self).setUp()
+        self.test_user = get_user_model().objects.create_user(
+            "Bob", "bob@bob.com", "Pass.123")
+
+
+class DeleteUserTests(UserModerationTestCase):
+    def test_no_delete_permission(self):
+        """user with no permission fails to delete other user"""
+        override_acl(self.test_user, {
+            'can_delete_users_newer_than': 0,
+            'can_delete_users_with_less_posts_than': 0,
+        })
+
+        response = self.client.post(reverse('misago:delete_user', kwargs={
+                                                'user_id': self.test_user.pk
+                                            }))
+
+        self.assertEqual(response.status_code, 403)
+        self.assertIn("delete users.", response.content)
+
+    def test_delete_user(self):
+        """user with permission deletes other user"""
+        override_acl(self.test_user, {
+            'can_delete_users_newer_than': 2,
+            'can_delete_users_with_less_posts_than': 2,
+        })
+
+        response = self.client.post(reverse('misago:delete_user', kwargs={
+                                                'user_id': self.test_user.pk
+                                            }))
+
+        self.assertEqual(response.status_code, 302)
+
+        response = self.client.post(reverse('misago:index'))
+        self.assertEqual(response.status_code, 200)
+        self.assertIn('Bob has been deleted', response.content)

misago/users/views/moderation.py

@@ -33,6 +33,6 @@ def user_moderation_view(required_permission=None):
 def delete(request, user):
     user.delete(delete_content=True)
 
-    message = _("User %(username)s account has been deleted with all content.")
+    message = _("User %(username)s has been deleted with all content.")
     messages.success(request, message % {'username': user.username})
     return redirect('misago:index')