From 7976fc58f9a20354aa50102eda66cae22b4fbcdf Mon Sep 17 00:00:00 2001
From: Paul Marillonnet <pmarillonnet@entrouvert.com>
Date: Wed, 14 Nov 2018 11:04:13 +0100
Subject: [PATCH] WIP warn user after account self-deletion (#26910)

    todo: OU-specific email templates
---
 src/authentic2/registration_backend/views.py        |  6 ++++++
 .../account_delete_notification_body.html           |  9 +++++++++
 .../authentic2/account_delete_notification_body.txt |  4 ++++
 .../account_delete_notification_subject.txt         |  1 +
 src/authentic2/utils.py                             | 13 +++++++++++++
 tests/test_views.py                                 |  4 +++-
 6 files changed, 36 insertions(+), 1 deletion(-)
 create mode 100644 src/authentic2/templates/authentic2/account_delete_notification_body.html
 create mode 100644 src/authentic2/templates/authentic2/account_delete_notification_body.txt
 create mode 100644 src/authentic2/templates/authentic2/account_delete_notification_subject.txt

diff --git a/src/authentic2/registration_backend/views.py b/src/authentic2/registration_backend/views.py
index 3338dbc2..854e821c 100644
--- a/src/authentic2/registration_backend/views.py
+++ b/src/authentic2/registration_backend/views.py
@@ -389,6 +389,11 @@ class DeleteView(FormView):
         return kwargs
 
     def form_valid(self, form):
+        email = self.request.user.email
+        ou = self.request.user.ou
+        context = {
+            'full_name': self.request.user.get_full_name(),
+            'site': self.request.get_host()}
         models.DeletedUser.objects.delete_user(self.request.user)
         self.request.user.email += '#%d' % random.randint(1, 10000000)
         self.request.user.email_verified = False
@@ -397,6 +402,7 @@ class DeleteView(FormView):
         hooks.call_hooks('event', name='delete-account', user=self.request.user)
         messages.info(self.request,
                       _('Your account has been scheduled for deletion. You cannot use it anymore.'))
+        utils.send_account_deletion_mail(self.request, email, ou, context)
         return super(DeleteView, self).form_valid(form)
 
 registration_completion = valid_token(RegistrationCompletionView.as_view())
diff --git a/src/authentic2/templates/authentic2/account_delete_notification_body.html b/src/authentic2/templates/authentic2/account_delete_notification_body.html
new file mode 100644
index 00000000..69acf56f
--- /dev/null
+++ b/src/authentic2/templates/authentic2/account_delete_notification_body.html
@@ -0,0 +1,9 @@
+{% load i18n %}
+<html>
+  <body style="max-width: 90ex">
+    {% blocktrans %}
+        <p>{{ full_name }},</p>
+        <p>Your account deletion request on {{ site }} has been received.</p>
+    {% endblocktrans %}
+  </body>
+</html>
diff --git a/src/authentic2/templates/authentic2/account_delete_notification_body.txt b/src/authentic2/templates/authentic2/account_delete_notification_body.txt
new file mode 100644
index 00000000..45229e25
--- /dev/null
+++ b/src/authentic2/templates/authentic2/account_delete_notification_body.txt
@@ -0,0 +1,4 @@
+{% load i18n %}{% autoescape off %}{% blocktrans %}{{ full_name }},
+
+Your account deletion request on {{ site }} has been received.
+{% endblocktrans %}{% endautoescape %}
diff --git a/src/authentic2/templates/authentic2/account_delete_notification_subject.txt b/src/authentic2/templates/authentic2/account_delete_notification_subject.txt
new file mode 100644
index 00000000..fcd51d65
--- /dev/null
+++ b/src/authentic2/templates/authentic2/account_delete_notification_subject.txt
@@ -0,0 +1 @@
+{% load i18n %}{% autoescape off %}{% trans "Account deletion request on" %} {{ site }}{% endautoescape %}
diff --git a/src/authentic2/utils.py b/src/authentic2/utils.py
index d32a5a67..ec44456d 100644
--- a/src/authentic2/utils.py
+++ b/src/authentic2/utils.py
@@ -693,6 +693,19 @@ def send_registration_mail(request, email, ou, template_names=None, next_url=Non
                 registration_url)
 
 
+def send_account_deletion_mail(request, email, ou, context=None, template_names=None):
+    '''Send an account deletion notification mail to an user.
+
+       Can raise an smtplib.SMTPException
+    '''
+    logger = logging.getLogger(__name__)
+    if not template_names:
+        template_names = ['authentic2/account_delete_notification']
+
+    send_templated_mail(email, template_names, request=request, context=context)
+    logger.info(u'account deletion mail sent to %s', email)
+
+
 def build_reset_password_url(user, request=None, next_url=None, set_random_password=True):
     '''Build a reset password URL'''
     from .compat import default_token_generator
diff --git a/tests/test_views.py b/tests/test_views.py
index 6cab8874..f76a50c0 100644
--- a/tests/test_views.py
+++ b/tests/test_views.py
@@ -21,14 +21,16 @@ def test_password_change(app, simple_user):
     page = page.form.submit('cancel').follow()
 
 
-def test_account_delete(app, simple_user):
+def test_account_delete(app, simple_user, mailoutbox):
     assert simple_user.is_active
+    assert not len(mailoutbox)
     page = login(app, simple_user, path=reverse('delete_account'))
     page.form.set('password', simple_user.username)
     # FIXME: webtest does not set the Referer header, so the logout page will always ask for
     # confirmation under tests
     response = page.form.submit(name='submit').follow()
     response = response.form.submit()
+    assert len(mailoutbox) == 1
     assert not User.objects.get(pk=simple_user.pk).is_active
     assert urlparse(response.location).path == '/'
     response = response.follow().follow()
-- 
2.19.1