diff --git a/src/user_management/user.rs b/src/user_management/user.rs index bdfa85a..56695b3 100644 --- a/src/user_management/user.rs +++ b/src/user_management/user.rs @@ -363,6 +363,42 @@ impl RegisteredUser { Ok(()) } + /// Permanently delete this user and all their data + /// + /// Permanently remove all traces of this user from the database, including: + /// * User data associated with their account + /// * Any certificates linked to their account + /// * Their username (which is freed for other users to take) + /// * Their password hash + /// * ~~Any happy memories you have with them~~ + /// + /// If you're not using [`UserManagementRoutes`], it's strongly recommended that you + /// expose some way for users to delete their accounts, in order to appropriately + /// respect their privacy and their right to their data. + /// + /// If you *are* using [`UserManagementRoutes`], your users already have a way of + /// deleting their accounts! Just direct them to `/account`. + /// + /// # Errors + /// Can error if the a database error occurs + pub fn delete(self) -> Result<()> { + let certificates = self.all_certificates(); + + (&self.manager.users, &self.manager.certificates).transaction(|(tx_usr, tx_crt)| { + tx_usr.remove( + self.username.as_str(), + )?; + for cert in certificates { + tx_crt.remove( + cert, + )?; + } + Ok(()) + })?; + + Ok(()) + } + #[cfg(feature = "user_management_advanced")] /// Check if the user has a password set ///