Best IT Recipes

How to "gently delete" a user using

I am currently using Devise to register / authenticate a user in a Rails project. When a user wants to cancel his account, the user object is destroyed, which leaves my application in an undesirable state.

What is the easiest way to implement soft deletion, i.e. only deleting personal data and marking the user as deleted? I still want to keep all associations of records.

I assume that I will have to first enter a new “remote” column for users. But then I was stuck with this default code in the user profile view:

<p>Unhappy? <%= link_to "Cancel my account", registration_path(resource_name), :confirm => "Are you sure?", :method => :delete %>.</p>

Where can I find the method :delete ? How to rewrite default devise methods?

+66
authentication ruby ruby-on-rails
Feb 28 '11 at 10:13
source share
4 answers

I would advise overriding the destroy method on your user model to just do update_attribute(:deleted_at, Time.current) (instead of actually destroying), but this deviation from the standard API may become burdensome in the future, so here's how to change the controller.

The developer has a bunch of default controllers. The best way to configure them is to create your own controller that inherits the corresponding controller. In this case, we are talking about Devise::RegistrationsController - which is easily recognized when looking at the source. So create a new controller.

 class RegistrationsController < Devise::RegistrationsController end

Now we have our own controller that completely inherits all the logic provided by the application. The next step is to suggest the developer to use it instead of the standard one. On your routes, you have the line devise_for . It must be modified to enable the registration controller.

 devise_for :users, :controllers => { :registrations => 'registrations' }

This seems strange, but it makes sense, because by default it is “developing / registering”, and not just “registering”.

The next step is to override the destroy action in the registration controller. When you use registration_path(:user), :method => :delete is where it binds. To destroy action of the registration controller.

The following is currently being developed.

 def destroy resource.destroy set_flash_message :notice, :destroyed sign_out_and_redirect(self.resource) end

Instead, we can use this code. First add a new method to the User model.

 class User < ActiveRecord::Base def soft_delete # assuming you have deleted_at column added already update_attribute(:deleted_at, Time.current) end end # Use this for Devise 2.1.0 and newer versions class RegistrationsController < Devise::RegistrationsController def destroy resource.soft_delete Devise.sign_out_all_scopes ? sign_out : sign_out(resource_name) set_flash_message :notice, :destroyed if is_navigational_format? respond_with_navigational(resource){ redirect_to after_sign_out_path_for(resource_name) } end end # Use this for older Devise versions class RegistrationsController < Devise::RegistrationsController def destroy resource.soft_delete set_flash_message :notice, :destroyed sign_out_and_redirect(resource) end end

You should now be tuned. Use scopes to filter out remote users.

+102
Feb 28 '11 at 10:50
source share
— -

Adding on hakunin answer :

To prevent soft deletion users from active_for_authentication? in, override active_for_authentication? in your User model:

 def active_for_authentication? super && !deleted_at end
+89
Nov 12 '11 at
source share

You can use acts_as_paranoid for your user model, which sets delete_at instead of deleting the object.

+10
Feb 28 '11 at 10:27
source share

The full tutorial can be found in the “Soft delete user account” on the wiki page.

Summary:
1. Add the DATATIME column "deleted_at"
2. Override users / registrations # destroy on their routes
3. User redefinition / registration # destroy in the registration controller
4. Update the user model with soft_delete and check if the user is active in authentication
5. Add a custom delete message

+6
Jun 11 '15 at 20:42
source share


More articles:


All Articles