v.1.15.2 users can't delete themselfs

[amosin]

On latest version of NodeBB 1.15.2 I am getting an exception when users is trying to delete themself. It is fine if admin deletes the users. It works fine on 1.13.x.

First: /admin/settings/user -> Allow Account Deletion = True

• NodeBB version: v.1.15.2

• NodeBB git hash: ce5c0ee6e70db95934f18e4fcf26132afe3c88d3

• NodeJS version: 10.18.1

• Installed NodeBB Plugins: Active plugins:

  • nodebb-plugin-composer-default (installed, enabled)
  • nodebb-plugin-custom-pages (installed, enabled)
  • nodebb-plugin-dbsearch (installed, enabled)
  • nodebb-plugin-emoji (installed, enabled)
  • nodebb-plugin-emoji-android (installed, enabled)
  • nodebb-plugin-leaderboard (installed, enabled)
  • nodebb-plugin-markdown (installed, enabled)
  • nodebb-plugin-mentions (installed, enabled)
  • nodebb-plugin-ns-login (installed, enabled)
  • nodebb-plugin-rss (installed, enabled)
  • nodebb-plugin-soundpack-default (installed, disabled)
  • nodebb-plugin-spam-be-gone (installed, disabled)
  • nodebb-plugin-sso-facebook (installed, enabled)
  • nodebb-plugin-sso-google (installed, enabled)
  • nodebb-rewards-essentials (installed, enabled)
  • nodebb-theme-lavender (installed, disabled)
  • nodebb-theme-persona (installed, enabled)
  • nodebb-theme-slick (installed, disabled)
  • nodebb-theme-vanilla (installed, disabled)
  • nodebb-widget-essentials (installed, enabled)

• Database type: mongo, redis, or postgres MONGO

• Database version: db version v4.0.15 git version: 5547f61d0abc1f81cf160f3693f741b8ce889084 OpenSSL version: OpenSSL 1.1.1 11 Sep 2018 allocator: tcmalloc modules: none build environment: distmod: ubuntu1804 distarch: x86_64 target_arch: x86_64

• Exact steps to cause this issue:

  1. Register New User
  2. New Users go to /user/{username}/edit and click on delete account
  3. Redirected to / and user is still logged in. -> node server throws an exception.

• What you expected: Users to be logged out and deleted

• What happened instead: Redirected to / and user is still logged in.

HERE is the exception log:

2020-11-20T00:52:12.405Z [4567/24453] - verbose: [plugins/fireHook] static:sockets.validateSession 2020-11-20T00:52:12.406Z [4567/24453] - warn: [deprecated] at SocketUser.deleteAccount (/home/username/nodebb/src/socket.io/user.js:39:10) at wrapperCallback (/home/username/nodebb/src/promisify.js:48:18) at onMessage (/home/username/nodebb/src/socket.io/index.js:136:25) use DELETE /api/v3/users/:uid/account (node:24453) UnhandledPromiseRejectionWarning: Error: [[error:no-privileges]] at processDeletion (/home/username/nodebb/src/api/users.js:248:9) at process._tickCallback (internal/process/next_tick.js:68:7) (node:24453) UnhandledPromiseRejectionWarning: Unhandled promise rejection. This error originated either by throwing inside of an async function without a catch block, or by rejecting a promise which was not handled with .catch(). (rejection id: 1) (node:24453) [DEP0018] DeprecationWarning: Unhandled promise rejections are deprecated. In the future, promise rejections that are not handled will terminate the Node.js process with a non-zero exit code. 2020-11-20T00:52:12.504Z [4567/24453] - verbose: [plugins/fireHook] filter:user.getSettings

[barisusakli]

@amosin thanks for reporting seems like a regression from https://github.com/NodeBB/NodeBB/pull/8881