UnityHPC · hakasapl · Jun 2, 2023 · Jun 2, 2023 · Jun 2, 2023 · Jun 2, 2023
diff --git a/resources/lib/UnityGroup.php b/resources/lib/UnityGroup.php
@@ -78,6 +78,11 @@ public function requestGroup($send_mail_to_admins, $send_mail = true)
             return;
         }
 
+        // check if account deletion request already exists
+        if ($this->SQL->accDeletionRequestExists($this->getOwner()->getUID())) {
+            return;
+        }
+
         $this->SQL->addRequest($this->getOwner()->getUID());
 
         if ($send_mail) {
@@ -352,6 +357,11 @@ public function newUserRequest($new_user, $send_mail = true)
             return;
         }
 
+        // check if account deletion request already exists
+        if ($this->SQL->accDeletionRequestExists($new_user->getUID())) {
+            return;
+        }
+
         $this->addRequest($new_user->getUID());
 
         if ($send_mail) {

diff --git a/resources/lib/UnitySQL.php b/resources/lib/UnitySQL.php
@@ -12,6 +12,7 @@ class UnitySQL
     private const TABLE_PAGES = "pages";
     private const TABLE_EVENTS = "events";
     private const TABLE_AUDIT_LOG = "audit_log";
+    private const TABLE_ACCOUNT_DELETION_REQUESTS = "account_deletion_requests";
 
     private const REQUEST_ADMIN = "admin";
 
@@ -252,4 +253,26 @@ public function addLog($operator, $operator_ip, $action_type, $recipient)
 
         $stmt->execute();
     }
+
+    public function addAccountDeletionRequest($uid)
+    {
+        $stmt = $this->conn->prepare(
+            "INSERT INTO " . self::TABLE_ACCOUNT_DELETION_REQUESTS . " (uid) VALUE (:uid)"
+        );
+        $stmt->bindParam(":uid", $uid);
+
+        $stmt->execute();
+    }
+
+    public function accDeletionRequestExists($uid)
+    {
+        $stmt = $this->conn->prepare(
+            "SELECT * FROM " . self::TABLE_ACCOUNT_DELETION_REQUESTS . " WHERE uid=:uid"
+        );
+        $stmt->bindParam(":uid", $uid);
+
+        $stmt->execute();
+
+        return count($stmt->fetchAll()) > 0;
+    }
 }
diff --git a/resources/lib/UnityUser.php b/resources/lib/UnityUser.php
@@ -644,4 +644,31 @@ public function getGroups($ignorecache = false)
 
         return $out;
     }
+
+    /**
+     * Sends an email to admins about account deletion request and also adds it to a table in the database
+     */
+    public function requestAccountDeletion()
+    {
+        $this->SQL->addAccountDeletionRequest($this->getUID());
+        $this->MAILER->sendMail(
+            "admin",
+            "account_deletion_request_admin",
+            array(
+                "user" => $this->getUID(),
+                "name" => $this->getFullname(),
+                "email" => $this->getMail()
+            )
+        );
+    }
+
+    /**
+     * Checks if the user has requested account deletion
+     *
+     * @return boolean true if account deletion has been requested, false if not
+     */
+    public function hasRequestedAccountDeletion()
+    {
+        return $this->SQL->accDeletionRequestExists($this->getUID());
+    }
 }
diff --git a/resources/mail/account_deletion_request_admin.php b/resources/mail/account_deletion_request_admin.php
@@ -0,0 +1,17 @@
+<?php
+
+// This template is sent to admins when a new group is requested
+$this->Subject = "Account Deletion Request";
+?>
+
+<p>Hello,</p>
+
+<p>A user has requested deletion of their account. User details are below:</p>
+
+<p>
+    <strong>Username</strong> <?php echo $data["user"]; ?>
+    <br>
+    <strong>Name</strong> <?php echo $data["name"]; ?>
+    <br>
+    <strong>Email</strong> <?php echo $data["email"]; ?>
+</p>
diff --git a/tools/docker-dev/sql/bootstrap.sql b/tools/docker-dev/sql/bootstrap.sql
@@ -108,6 +108,20 @@ CREATE TABLE `audit_log` (
 
 -- --------------------------------------------------------
 
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `account_deletion_requests`
+--
+
+CREATE TABLE `account_deletion_requests` (
+  `id` int(11) NOT NULL,
+  `timestamp` timestamp NOT NULL DEFAULT current_timestamp(),
+  `uid` varchar(1000) NOT NULL,
+) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;
+
+-- --------------------------------------------------------
+
 --
 -- Indexes for dumped tables
 --
@@ -148,6 +162,12 @@ ALTER TABLE `sso_log`
 ALTER TABLE `audit_log`
   ADD PRIMARY KEY (`id`);
 
+--
+-- Indexes for table `audit_log`
+--
+ALTER TABLE `account_deletion_requests`
+  ADD PRIMARY KEY (`id`);
+
 --
 -- AUTO_INCREMENT for dumped tables
 --
@@ -189,6 +209,14 @@ ALTER TABLE `audit_log`
   MODIFY `id` int(11) NOT NULL AUTO_INCREMENT;
 COMMIT;
 
+--
+--
+-- AUTO_INCREMENT for table `account_deletion_requests`
+--
+ALTER TABLE `account_deletion_requests`
+  MODIFY `id` int(11) NOT NULL AUTO_INCREMENT;
+COMMIT;
+
 /*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;
 /*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */;
 /*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;
diff --git a/webroot/admin/user-mgmt.php b/webroot/admin/user-mgmt.php
@@ -43,7 +43,11 @@
     });
 
     foreach ($users as $user) {
-        echo "<tr>";
+        if ($user->hasRequestedAccountDeletion()) {
+            echo "<tr style='color:grey; font-style: italic'>";
+        } else {
+            echo "<tr>";
+        }
         echo "<td>" . $user->getFirstname() . " " . $user->getLastname() . "</td>";
         echo "<td>" . $user->getUID() . "</td>";
         echo "<td>" . $user->getOrg() . "</td>";

diff --git a/webroot/panel/account.php b/webroot/panel/account.php
@@ -70,6 +70,16 @@
                 }
             }
             break;
+        case "account_deletion_request":
+            $hasGroups = count($USER->getGroups()) > 0;
+            if ($hasGroups) {
+                die();
+                break;
+            }
+            if (!$SQL->accDeletionRequestExists($USER->getUID())) {
+                $USER->requestAccountDeletion();
+            }
+            break;
     }
 }
 ?>
@@ -107,17 +117,30 @@
 }
 
 if (!$isPI) {
-    echo
-    "<form action='' method='POST' id='piReq' 
-    onsubmit='return confirm(\"Are you sure you want to request a PI account?\")'>
-    <input type='hidden' name='form_type' value='pi_request'>";
-    if ($SQL->requestExists($USER->getUID())) {
+    if ($SQL->accDeletionRequestExists($USER->getUID())) {
+        echo
+        "<form action='' method='POST' id='piReq' 
+        onsubmit='return confirm(\"Are you sure you want to request a PI account?\")'>
+        <input type='hidden' name='form_type' value='pi_request'>";
         echo "<input type='submit' value='Request PI Account' disabled>";
-        echo "<label style='margin-left: 10px'>Your request has been submitted and is currently pending</label>";
+        echo
+        "<label style='margin-left: 10px'>
+            You cannot request PI Account while you have requested account deletion.
+        </label>";
+        echo "</form>";
     } else {
-        echo "<input type='submit' value='Request PI Account'>";
+        echo
+        "<form action='' method='POST' id='piReq' 
+        onsubmit='return confirm(\"Are you sure you want to request a PI account?\")'>
+        <input type='hidden' name='form_type' value='pi_request'>";
+        if ($SQL->requestExists($USER->getUID())) {
+            echo "<input type='submit' value='Request PI Account' disabled>";
+            echo "<label style='margin-left: 10px'>Your request has been submitted and is currently pending</label>";
+        } else {
+            echo "<input type='submit' value='Request PI Account'>";
+        }
+        echo "</form>";
     }
-    echo "</form>";
 }
 ?>
 
@@ -194,6 +217,33 @@
 
 </form>
 
+<hr>
+
+<h5>Account Deletion</h5>
+<?php
+$hasGroups = count($USER->getGroups()) > 0;
+
+if ($hasGroups) {
+    echo "<p>You cannot request to delete your account while you are in a PI group.</p>";
+} else {
+    echo
+    "<form action='' method='POST' id='accDel' 
+    onsubmit='return confirm(\"Are you sure you want to request an account deletion?\")'>
+    <input type='hidden' name='form_type' value='account_deletion_request'>";
+    if ($SQL->accDeletionRequestExists($USER->getUID())) {
+        echo "<input type='submit' value='Request Account Deletion' disabled>";
+        echo "<label style='margin-left: 10px'>Your request has been submitted and is currently pending</label>";
+    } else {
+        echo "<input type='submit' value='Request Account Deletion'>";
+    }
+    echo "</form>";
+}
+
+?>
+
+<hr>
+
+
 <script>
     $("button.btnAddKey").click(function() {
         openModal("Add New Key", "<?php echo $CONFIG["site"]["prefix"]; ?>/panel/modal/new_key.php");

diff --git a/webroot/panel/groups.php b/webroot/panel/groups.php
@@ -125,7 +125,14 @@
 echo "</table>";
 ?>
 
-<button type="button" class="plusBtn btnAddPI">&#43;</button>
+<?php
+if ($SQL->accDeletionRequestExists($USER->getUID())) {
+    echo "<button type='button' class='plusBtn btnAddPI' disabled>&#43;</button>";
+    echo "<label>You cannot join a PI while you have requested account deletion.</label>";
+} else {
+    echo "<button type='button' class='plusBtn btnAddPI'>&#43;</button>";
+}
+?>
 
 <style>
     div.modalContent {