logoutCleanup does not need to send whole user object when called

### Description:

When a user logs out of Rocket Chat, a message is sent upstream via the web socket that includes the entire User object payload. After investigation, all current listeners do not take the user object and ignore it.

For security based installations of Rocket Chat the amount of data is hard to inspect and validate.

### Steps to reproduce:

1. Logout of Rocket Chat
2. Inspect Web Socket traffic and see the whole user object get sent with the method logoutCleanup.
3. The server side logic invokes post logout callbacks that ignore the provided user object.

### Expected behaviour:

The user object is not required in this call.

### Actual behavior:

https://github.com/RocketChat/Rocket.Chat/blob/d53e264b83ccc971236123853e4b68c9eb6beeb4/server/methods/logoutCleanUp.js

[app/ui-utils/client/lib/RoomManager.js](https://github.com/RocketChat/Rocket.Chat/blob/6f041baa25e14f45d43d77698db216c14815d294/app/ui-utils/client/lib/RoomManager.js)
`callbacks.add('afterLogoutCleanUp', () => RoomManager.closeAllRooms()`

[app/ui-master/client/main.js](https://github.com/RocketChat/Rocket.Chat/blob/811688e11988bd55129ceccb9dbd600acfa945ae/app/ui-master/client/main.js)
`callbacks.add('afterLogoutCleanUp', () => customScriptsOnLogout()`

[app/ui-utils/client/lib/popout.js](https://github.com/RocketChat/Rocket.Chat/blob/d53e264b83ccc971236123853e4b68c9eb6beeb4/app/ui-utils/client/lib/popout.js)
`callbacks.add('afterLogoutCleanUp', () => popout.close(), callbacks.priority.MEDIUM, 'popout-close-after-logout-cleanup');`

[app/ui/client/lib/iframeCommands.js](https://github.com/RocketChat/Rocket.Chat/blob/fec3800f6fd1347e244d990a9693e5deb47287f4/app/ui/client/lib/iframeCommands.js)

Notice here how `callbacks.run('afterLogoutCleanUp', user);` is called but `Meteor.call('logoutCleanUp', user);` calls the same function internally too.

```
'logout'() {
		const user = Meteor.user();
		Meteor.logout(() => {
			callbacks.run('afterLogoutCleanUp', user);
			Meteor.call('logoutCleanUp', user);
			return FlowRouter.go('home');
		});
	},
```


### Server Setup Information:

- Version of Rocket.Chat Server: 3.2.2
- Operating System: Mac OS / Docker
- Deployment Method: k8s/docker
- Number of Running Instances: 1
- DB Replicaset Oplog: 
- NodeJS Version: 
- MongoDB Version:

### Client Setup Information

- Desktop App or Browser Version: Chrome 83.0.4103.116
- Operating System: Catalina Mac OS

### Additional context

N/A

### Relevant logs:

N/A

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

logoutCleanup does not need to send whole user object when called #18183

Description:

Steps to reproduce:

Expected behaviour:

Actual behavior:

Server Setup Information:

Client Setup Information

Additional context

Relevant logs:

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

logoutCleanup does not need to send whole user object when called #18183

Description

Description:

Steps to reproduce:

Expected behaviour:

Actual behavior:

Server Setup Information:

Client Setup Information

Additional context

Relevant logs:

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions