Closed seanh closed 4 months ago
Should make devdata
mark everything it upserts as deleted=False
?
It looks like a login screen and you only discover that you can click on the fields, clicking the email gives you a "confirm password" field but clicking the password gives you "current, new and confirm password fields. The way it also takes focus until you save/cancel seem very unorthodox, I can see many places I'd like to click that for me should be an implicit "cancel".
I agree. The original design called for something that acted like a modal dialog but didn't have the visual "weight" of one. This was modeled after some other popular web property (I can't remember which) but I would prefer to make this a much more ordinary form. Something like:
Email: {current email} [Change email]
[Change password]
Where [...]
indicates a button, and clicking the button would open a modal form.
Aside from behaving unconventionally, this has also been prone to problematic interactions with browser autocomplete and other features.
Should
make devdata
mark everything it upserts asdeleted=False
?
I think unfortunately this could produce confusing situations, if devdata
changes a user from deleted=True
to deleted=False
but there's still a "purge_user"
for for that user on the job queue. Maybe we could change the job queue to just delete the job is user.deleted
is False
Add a new
/account/delete
form that allows a user to delete their own account by calling the new user deletion backend (UserDeleteService.delete_user()
, https://github.com/hypothesis/h/pull/8700).This completes the delivery of the "self-service user deletion" feature (PRD, DD).
UI Design Changes
I made some small changes to the design of h's account settings forms in order to accommodate the desired design for the user deletion UI.
Current design of account settings forms
Here's what the https://hypothes.is/account/settings form looks like currently:
If you navigate to the form from your user profile page it gets a Back to your profile page in the bottom-left of the footer:
This link instead reads Back to group overview page if navigated from a group page.
In fact all four account settings pages (Account details, Edit profile, Notifications and Developer) have two versions depending on how you navigate to them--with or without the Back... link in the footer:
The current design is inconsistent
Note that the Back link is sometimes shown below a grey horizontal line (marking the start of the form footer), but sometimes this line is not present:
New design
The design for the user deletion feature (https://github.com/hypothesis/h/issues/8504) calls for a Delete your account button in the bottom-right, beneath the horizontal grey line:
The design failed to account for the Back link that is sometimes present, but it's fairly obvious how this should be accommodated:
I've decided to change the base template shared by all the account settings form so that the Back... link will always be shown beneath a horizontal grey line. This is more consistent and it more clearly separates the Back... link from the form elements:
When there's no back link, and no other footer content to show, then the grey horizontal line marking the start of the footer will not be shown at all (this is the same as on
main
currently):Testing
Log in as
devdata_user
: http://localhost:5000/loginClick on the gear icon in the top right and select Account details
Click on Delete your account in the bottom-right
You'll see this form:
Go to http://localhost:5000/docs/help and create one annotation then reload http://localhost:5000/account/delete and you should see this version of the form:
Create some more annotations then reload http://localhost:5000/account/delete and you should see this version of the form:
Finally, there's a version of the form when the oldest and newest annotations were created on different days. To get this, hack the created date of one of your annotations:
Now load http://localhost:5000/account/delete again and you'll see this version of the form:
Delete some of your annotations then reload http://localhost:5000/account/delete and test that your deleted annotations aren't counted, even if they haven't been purged from the DB yet.
If you try to submit the form without entering a password you'll get this error:
If you try to submit the form with the wrong password you'll get this error:
If you click the Back to safety link it'll take you back to http://localhost:5000/account/settings
Finally, if you enter the correct password and click Delete your account you'll be redirected to this page:
You'll be logged out, including in any other tabs or clients etc that you had open.
A
"purge_user"
job will have been added to thejob
table, and a row will have been added to theuser_deletions
table.