Clean-up controllers that were used for anonymizing the user

app/controllers/redirects_controller.rb

@@ -0,0 +1,36 @@
+# This controller holds temporary redirection logic.
+# After a while, it would be fine removing each action as it shouldn't be used anymore.
+class RedirectsController < ApplicationController
+  rescue_from ActiveRecord::RecordNotFound, with: :redirect_to_root_with_message
+  rescue_from ArgumentError, with: :redirect_to_root_with_message
+
+  def confirm_destroy_from_match
+    redirect_to confirm_destroy_path(
+      Match.find_by!(match_confirmation_token: params[:match_confirmation_token]).user
+    )
+  end
+
+  def confirm_destroy_from_slot_alert
+    redirect_to confirm_destroy_path(
+      SlotAlert.find_by!(token: params[:token]).user
+    )
+  end
+
+  private
+
+  def skip_pundit?
+    true
+  end
+
+  def redirect_to_root_with_message
+    flash[:error] = "Désolé, ce lien n’est plus valide."
+    redirect_to root_path
+  end
+
+  def confirm_destroy_path(user)
+    raise ArgumentError if user.anonymized_at
+
+    token = user.signed_id(purpose: "users.destroy", expires_in: 1.minute)
+    confirm_destroy_profile_path(authentication_token: token)
+  end
+end

app/views/match_mailer/match_confirmation_instructions.mjml

@@ -1,3 +1,4 @@
+<% authentication_token = @match.user.signed_id(purpose: "users.destroy", expires_in: 7.days) %>
 <mj-section padding-top="15px" padding-bottom="15px">
   <mj-column>
     <mj-text padding-bottom="0px">
@@ -16,13 +17,13 @@
     <mj-text padding-bottom="0px">
       <strong>Vous ne souhaitez plus être informé de doses disponibles ?</strong>
     </mj-text>
-    <mj-button href="<%= edit_matches_users_url(match_confirmation_token: @match_confirmation_token) %>" padding-bottom="0px">
+    <mj-button href="<%= confirm_destroy_profile_url(authentication_token: authentication_token) %>" padding-bottom="0px">
       Supprimer mon compte
     </mj-button>
     <mj-text>
       <strong>Si le lien ne fonctionne pas</strong>, copiez et collez l’adresse suivante dans votre navigateur :
       <br />
-      <%= edit_matches_users_url(match_confirmation_token: @match_confirmation_token) %>
+      <%= confirm_destroy_profile_url(authentication_token: authentication_token) %>
     </mj-text>
     <%= render partial: "mailer/social_networks", formats: [:html] %>
   </mj-column>

app/views/slot_alert_mailer/follow_up.mjml

@@ -1,3 +1,4 @@
+<% authentication_token = @alert.user.signed_id(purpose: "users.destroy", expires_in: 7.days) %>
 <mj-section padding-top="15px" padding-bottom="15px">
   <mj-column>
     <mj-text padding-bottom="0px">
@@ -9,7 +10,7 @@
       <br />
       Si c'est le cas nous vous invitons à supprimer votre compte Covidliste.
     </mj-text>
-    <mj-button href="<%= edit_slot_alerts_users_url(token: @alert_token) %>" padding-bottom="20px">
+    <mj-button href="<%= confirm_destroy_profile_url(authentication_token: authentication_token) %>" padding-bottom="20px">
       Supprimer mon compte
     </mj-button>
     <mj-text>

app/views/slot_alert_mailer/notify.mjml

@@ -1,4 +1,5 @@
 <%- distance = distance_delta({lat: @alert.user.lat, lon: @alert.user.lon}, {lat: @slot.latitude, lon: @slot.longitude}) %>
+<% authentication_token = @alert.user.signed_id(purpose: "users.destroy", expires_in: 7.days) %>
 <mj-section padding-top="15px" padding-bottom="0px">
   <mj-column>
     <mj-text padding-bottom="0px">
@@ -48,7 +49,7 @@
       <strong>Vous ne souhaitez plus être informé de doses ou de créneaux disponibles ?</strong>
       <br />
       <strong>
-        <%= link_to "Supprimer mon compte", edit_slot_alerts_users_url(token: @alert_token) %>
+        <%= link_to "Supprimer mon compte", confirm_destroy_profile_url(authentication_token: authentication_token) %>
       </strong>
     </mj-text>
     <mj-text padding-top="20px" padding-bottom="0px">

app/views/users/_confirm_destroy_message.html.erb

@@ -1,14 +1,29 @@
-<div class="container">
-  <div class="d-flex align-items-center flex-column my-4 my-lg-5">
-    <h4 class="text-center">
-      Vous souhaitez vous désinscrire de Covidliste en supprimant votre compte ?
-    </h4>
-    <% token = user.signed_id(purpose: "users.destroy", expires_in: 1.hour) %>
-    <%= button_to "Supprimer mon compte", profile_path(authentication_token: token),
-      method: :delete,
-      id: dom_id(user, :delete),
-      class: "btn btn-outline-danger btn-lg mt-4",
-      data: {
-        confirm: "En confirmant, votre compte ainsi que toutes les données associées seront supprimées de nos serveurs. Êtes-vous sûr(e) ?"} %>
+<% if user.matches.confirmed.any? %>
+  <div class="container">
+    <div class="d-flex align-items-center flex-column my-4 my-lg-5">
+      <h4 class="text-center mb-4">
+        Vous avez confirmé votre rendez-vous.
+      </h4>
+      <p class="alert alert-info">
+        Vous ne pouvez pas supprimer vos informations actuellement car vous avez confirmé un rendez-vous de vaccination.
+        <br>
+        Votre profil sera anonymisé quelques jours après le RDV.
+      </p>
+    </div>
   </div>
-</div>
+<% else %>
+  <div class="container">
+    <div class="d-flex align-items-center flex-column my-4 my-lg-5">
+      <h4 class="text-center">
+        Vous souhaitez vous désinscrire de Covidliste en supprimant votre compte ?
+      </h4>
+      <% token = user.signed_id(purpose: "users.destroy", expires_in: 1.hour) %>
+      <%= button_to "Supprimer mon compte", profile_path(authentication_token: token),
+        method: :delete,
+        id: dom_id(user, :delete),
+        class: "btn btn-outline-danger btn-lg mt-4",
+        data: {
+          confirm: "En confirmant, votre compte ainsi que toutes les données associées seront supprimées de nos serveurs. Êtes-vous sûr(e) ?"} %>
+    </div>
+  </div>
+<% end %>

config/routes.rb

@@ -120,18 +120,11 @@
     resources :partner_external_accounts, only: [:destroy]
   end
 
-  ## matches
-  namespace :matches do
-    resource :users, only: [:edit]
-  end
-
   # slot alerts
   get "/s/:token" => "slot_alerts#show", :as => :slot_alert
   patch "/s/:token" => "slot_alerts#update"
-  namespace :slot_alerts do
-    resource :users, only: [:edit]
-  end
 
+  # Matches
   get "/m/:match_confirmation_token(/:source)" => "matches#show", :as => :match
   patch "/m/:match_confirmation_token(/:source)" => "matches#update"
   delete "/m/:match_confirmation_token(/:source)" => "matches#destroy"

config/routes/redirects.rb

@@ -1,8 +1,9 @@
 # Handle old routes redirections (before devise users path migration)
-
 get "/login", to: redirect("/users/login", status: 302), as: :legacy_new_user_session
 post "/login", to: redirect("/users/login", status: 302), as: :legacy_user_session
 delete "/logout", to: redirect("/users/logout", status: 302), as: :legacy_destroy_user_session
 get "/profile", to: redirect("/users/profile", status: 302), as: :legacy_profile
 get "/confirmation/new", to: redirect("/users/confirmation/new", status: 302), as: :legacy_new_user_confirmation
 get "/confirmation", to: redirect { |_, request| "/users/confirmation#{request.params.present? ? "?" + request.params.to_query : ""}" }, as: :legacy_user_confirmation
+get "/matches/users/edit", controller: :redirects, action: :confirm_destroy_from_match, as: :legacy_edit_matches_users
+get "/slot_alerts/users/edit", controller: :redirects, action: :confirm_destroy_from_slot_alert, as: :legacy_edit_slot_alerts_users

spec/requests/redirections_spec.rb

@@ -0,0 +1,53 @@
+require "rails_helper"
+
+RSpec.describe "Redirects", type: :request do
+  describe "From a matches email to delete the account" do
+    it "redirects to the confirm_destroy_profile_path" do
+      match = create(:match)
+
+      get legacy_edit_matches_users_path(match_confirmation_token: match.match_confirmation_token)
+      expect(response).to redirect_to(%r{#{confirm_destroy_profile_path}})
+
+      auth_token = Rack::Utils.parse_query(URI.parse(response.location).query).fetch("authentication_token")
+      expect(User.find_signed(auth_token, purpose: "users.destroy")).to eq(match.user)
+    end
+
+    it "redirects to the root_path when the token is wrong" do
+      match = create(:match)
+      get legacy_edit_matches_users_path(match_confirmation_token: match.match_confirmation_token + "foo")
+      expect(response).to redirect_to(root_path)
+    end
+
+    it "redirects to the root_path when the user is anynomized" do
+      match = create(:match)
+      match.user.anonymize!
+      get legacy_edit_matches_users_path(match_confirmation_token: match.match_confirmation_token)
+      expect(response).to redirect_to(root_path)
+    end
+  end
+
+  describe "From a slot alert email to delete the account" do
+    it "redirects to the confirm_destroy_profile_path" do
+      slot_alert = create(:slot_alert)
+
+      get legacy_edit_slot_alerts_users_path(token: slot_alert.token)
+      expect(response).to redirect_to(%r{#{confirm_destroy_profile_path}})
+
+      auth_token = Rack::Utils.parse_query(URI.parse(response.location).query).fetch("authentication_token")
+      expect(User.find_signed(auth_token, purpose: "users.destroy")).to eq(slot_alert.user)
+    end
+
+    it "redirects to the root_path when the token is wrong" do
+      slot_alert = create(:slot_alert)
+      get legacy_edit_slot_alerts_users_path(token: slot_alert.token + "foo")
+      expect(response).to redirect_to(root_path)
+    end
+
+    it "redirects to the root_path when the user is anynomized" do
+      slot_alert = create(:slot_alert)
+      slot_alert.user.anonymize!
+      get legacy_edit_slot_alerts_users_path(token: slot_alert.token)
+      expect(response).to redirect_to(root_path)
+    end
+  end
+end