diff --git a/ReplayBrowser/Controllers/AccountController.cs b/ReplayBrowser/Controllers/AccountController.cs index 5987386..c54036a 100644 --- a/ReplayBrowser/Controllers/AccountController.cs +++ b/ReplayBrowser/Controllers/AccountController.cs @@ -62,6 +62,13 @@ public async Task RedirectFromLogin() if (guid == null) return BadRequest("Guid is null. This should not happen."); + var gdprRequest = await _context.GdprRequests.FirstOrDefaultAsync(g => g.Guid == guid); + if (gdprRequest != null) + { + await HttpContext.SignOutAsync("Cookies"); + return BadRequest("You have requested to be deleted from the database. You cannot create an account."); + } + var user = _context.Accounts.FirstOrDefault(a => a.Guid == guid); var data = await _ss14ApiHelper.FetchPlayerDataFromGuid((Guid)guid); if (user == null) @@ -91,7 +98,9 @@ public async Task RedirectFromLogin() /// Deletes the account from the logged in user. /// [HttpGet("delete")] - public async Task DeleteAccount() + public async Task DeleteAccount( + [FromQuery] bool permanently = false + ) { if (!User.Identity.IsAuthenticated) { @@ -110,6 +119,26 @@ public async Task DeleteAccount() return NotFound("Account is null. This should not happen."); } + if (permanently) + { + _context.GdprRequests.Add(new GdprRequest + { + Guid = (Guid) guid + }); + + _context.Replays + .Include(replay => replay.RoundEndPlayers) + .Where(r => r.RoundEndPlayers != null && r.RoundEndPlayers.Any(p => p.PlayerGuid == guid)) + .ToList() + .ForEach(r => + { + r.RoundEndPlayers! + .Where(p => p.PlayerGuid == guid) + .ToList() + .ForEach(p => p.RedactInformation(true)); + }); + } + _context.Accounts.Remove(user); await _context.SaveChangesAsync(); diff --git a/ReplayBrowser/Pages/Account/Manage.razor b/ReplayBrowser/Pages/Account/Manage.razor index 21bcfcc..0c260ab 100644 --- a/ReplayBrowser/Pages/Account/Manage.razor +++ b/ReplayBrowser/Pages/Account/Manage.razor @@ -61,6 +61,19 @@ else if (account != null) + // Collapse for permanently deleting account + + +
+
+

Are you sure you want to delete your account? This action is irreversible and will delete all your settings and all other data related to your account.

+ Furthermore, all replays that have your name in them will have your name removed from them. This cannot be undone. + +
+
+ // Download data Download Account Data } @@ -84,6 +97,13 @@ else window.location.href = "/account/delete"; } }); + + $("#deleteAccountPermanently").click(function() { + if (confirm("This will remove you permanently from all replays. Are you sure? Even you will not be able to search for yourself in replays anymore. This action is irreversible and will delete all your settings and all other data related to your account.")) + { + window.location.href = "/account/delete?permanently=true"; + } + }); }); diff --git a/ReplayBrowser/Pages/Privacy.razor b/ReplayBrowser/Pages/Privacy.razor index 4fcea1a..ad23c38 100644 --- a/ReplayBrowser/Pages/Privacy.razor +++ b/ReplayBrowser/Pages/Privacy.razor @@ -23,6 +23,13 @@
  • GUID
    • +
  • Public information gotten from replays: +
      +
    • Player names (both character names and usernames)
      • +
    • Player GUIDs
      • +
    • Jobs they choose to play as
      • +
    +

    • 2. Purpose of Data Collection

    @@ -33,13 +40,14 @@

    3. Data Sharing and Disclosure

    -

    I do not share your data with third parties.

    - +

    I do not share your account data with third parties.

    +

    Raw replay data may be accessed by third parties for the purposes of data visualization and analysis.

    4. Data Storage and Security

    Logs are NOT encrypted. Log data is cleared periodically for visits without a login present.

    -

    You can delete your account, which will remove all associated data.

    +

    You can delete your account, which will remove all associated account data.

    +

    If you wish to delete ALL data in future replays and past replays in a way that is irreversible, please contact me or log in and use the dedicated button.

    5. Data Download

    You can download a copy of your data by clicking here.