Add client ability to delete all future replays

Simyon264 · Jun 4, 2024 · e3b7adb · e3b7adb
1 parent efdff1a
commit e3b7adb
Show file tree

Hide file tree

Showing 3 changed files with 61 additions and 4 deletions.
diff --git a/ReplayBrowser/Controllers/AccountController.cs b/ReplayBrowser/Controllers/AccountController.cs
@@ -62,6 +62,13 @@ public async Task<IActionResult> RedirectFromLogin()
         if (guid == null) 
             return BadRequest("Guid is null. This should not happen.");
 
+        var gdprRequest = await _context.GdprRequests.FirstOrDefaultAsync(g => g.Guid == guid);
+        if (gdprRequest != null)
+        {
+            await HttpContext.SignOutAsync("Cookies");
+            return BadRequest("You have requested to be deleted from the database. You cannot create an account.");
+        }
+
         var user = _context.Accounts.FirstOrDefault(a => a.Guid == guid);
         var data = await _ss14ApiHelper.FetchPlayerDataFromGuid((Guid)guid);
         if (user == null)
@@ -91,7 +98,9 @@ public async Task<IActionResult> RedirectFromLogin()
     /// Deletes the account from the logged in user.
     /// </summary>
     [HttpGet("delete")]
-    public async Task<IActionResult> DeleteAccount()
+    public async Task<IActionResult> DeleteAccount(
+        [FromQuery] bool permanently = false
+        )
     {
         if (!User.Identity.IsAuthenticated)
         {
@@ -110,6 +119,26 @@ public async Task<IActionResult> DeleteAccount()
             return NotFound("Account is null. This should not happen.");
         }
 
+        if (permanently)
+        {
+            _context.GdprRequests.Add(new GdprRequest
+            {
+                Guid = (Guid) guid
+            });
+
+            _context.Replays
+                .Include(replay => replay.RoundEndPlayers)
+                .Where(r => r.RoundEndPlayers != null && r.RoundEndPlayers.Any(p => p.PlayerGuid == guid))
+                .ToList()
+                .ForEach(r =>
+                {
+                    r.RoundEndPlayers!
+                        .Where(p => p.PlayerGuid == guid)
+                        .ToList()
+                        .ForEach(p => p.RedactInformation(true));
+                });
+        }
+
         _context.Accounts.Remove(user);
         await _context.SaveChangesAsync();
 

diff --git a/ReplayBrowser/Pages/Account/Manage.razor b/ReplayBrowser/Pages/Account/Manage.razor
@@ -61,6 +61,19 @@ else if (account != null)
         </div>
     </div>
 
+    // Collapse for permanently deleting account
+    <button class="btn btn-danger" type="button" data-bs-toggle="collapse" data-bs-target="#deleteAccountPermanently" aria-expanded="false" aria-controls="deleteAccountPermanently">
+        Delete Account Permanently And Remove All Data From Replays
+    </button>
+
+    <div class="collapse" id="deleteAccountPermanently">
+        <div class="card card-body">
+            <p>Are you sure you want to delete your account? This action is <b>irreversible</b> and will delete all your settings and all other data related to your account.</p>
+            <b>Furthermore, all replays that have your name in them will have your name removed from them. This cannot be undone.</b>
+            <button class="btn btn-danger" id="deleteAccountPermanently">Delete Account Permanently</button>
+        </div>
+    </div>
+
     // Download data
     <a class="btn btn-primary" href="/account/download" target="_blank">Download Account Data</a>
 }
@@ -84,6 +97,13 @@ else
                 window.location.href = "/account/delete";
             }
         });
+        
+        $("#deleteAccountPermanently").click(function() {
+            if (confirm("This will remove you permanently from all replays. Are you sure? Even you will not be able to search for yourself in replays anymore. This action is irreversible and will delete all your settings and all other data related to your account."))
+            {
+                window.location.href = "/account/delete?permanently=true";
+            }
+        });
     });
 </script>
 

diff --git a/ReplayBrowser/Pages/Privacy.razor b/ReplayBrowser/Pages/Privacy.razor
@@ -23,6 +23,13 @@
             <li>GUID</li>
         </ul>
     </li>
+    <li>Public information gotten from replays:
+        <ul>
+            <li>Player names (both character names and usernames)</li>
+            <li>Player GUIDs</li>
+            <li>Jobs they choose to play as</li>
+        </ul>
+    </li>
 </ul>
 
 <h4>2. Purpose of Data Collection</h4>
@@ -33,13 +40,14 @@
 </ul>
 
 <h4>3. Data Sharing and Disclosure</h4>
-<p>I do not share your data with third parties.</p>
-
+<p>I do not share your account data with third parties.</p>
+<p>Raw replay data may be accessed by third parties for the purposes of data visualization and analysis.</p>
 
 <h4>4. Data Storage and Security</h4>
 <p>Logs are <em>NOT</em> encrypted. Log data is cleared periodically for visits without a login present.</p>
 
-<p>You can delete your account, which will remove all associated data.</p>
+<p>You can delete your account, which will remove all associated account data.</p>
+<p>If you wish to delete ALL data in future replays and past replays in a way that is irreversible, please contact me or log in and use the dedicated button.</p>
 
 <h4>5. Data Download</h4>
 <p>You can download a copy of your data by clicking <a href="/account/download" target="_blank">here</a>.</p>