Customers will now be able to remove all their data from the system (#480).

This commit is contained in:
alext 2018-06-24 19:08:45 +02:00
parent d171a5b2ee
commit 0d91792d36
7 changed files with 142 additions and 25 deletions

View file

@ -121,12 +121,18 @@ class Appointments extends CI_Controller {
$provider = $this->providers_model->get_row($appointment['id_users_provider']);
$customer = $this->customers_model->get_row($appointment['id_users_customer']);
$customer_token = md5(uniqid(mt_rand(), true));
$this->load->driver('cache', ['adapter' => 'file']);
$this->cache->save('customer-token-' . $customer_token, $customer['id'], 600); // save for 10 minutes
}
else
{
// The customer is going to book a new appointment so there is no
// need for the manage functionality to be initialized.
$manage_mode = FALSE;
$customer_token = FALSE;
$appointment = [];
$provider = [];
$customer = [];
@ -138,6 +144,7 @@ class Appointments extends CI_Controller {
'available_providers' => $available_providers,
'company_name' => $company_name,
'manage_mode' => $manage_mode,
'customer_token' => $customer_token,
'date_format' => $date_format,
'time_format' => $time_format,
'appointment_data' => $appointment,

View file

@ -0,0 +1,62 @@
<?php defined('BASEPATH') OR exit('No direct script access allowed');
/* ----------------------------------------------------------------------------
* Easy!Appointments - Open Source Web Scheduler
*
* @package EasyAppointments
* @author A.Tselegidis <alextselegidis@gmail.com>
* @copyright Copyright (c) 2013 - 2018, Alex Tselegidis
* @license http://opensource.org/licenses/GPL-3.0 - GPLv3
* @link http://easyappointments.org
* @since v1.3.2
* ---------------------------------------------------------------------------- */
/**
* Class Privacy
*
* @package Controllers
*/
class Privacy extends CI_Controller {
/**
* Remove all customer data (including appointments from the system).
*/
public function ajax_delete_personal_information()
{
try
{
$customer_token = $this->input->post('customer_token');
if (empty($customer_token))
{
throw new InvalidArgumentException('Invalid customer token value provided.');
}
$this->load->driver('cache', ['adapter' => 'file']);
$customer_id = $this->cache->get('customer-token-' . $customer_token);
if (empty($customer_id))
{
throw new InvalidArgumentException('Customer ID could not be found, please reload the page and try again.');
}
$this->load->model('customers_model');
$this->customers_model->delete($customer_id);
$this->output
->set_content_type('application/json')
->set_output(json_encode([
'success' => TRUE
]));
}
catch (Exception $exc)
{
$this->output
->set_content_type('application/json')
->set_output(json_encode([
'exceptions' => [exceptionToJavaScript($exc)]
]));
}
}
}

View file

@ -295,3 +295,6 @@ $lang['privacy_policy_content'] = 'Privacy Policy Content';
$lang['website_using_cookies_to_ensure_best_experience'] = 'This website uses cookies to ensure you get the best experience on our website.';
$lang['read_and_agree_to_terms_and_conditions'] = 'I have read and agree to the {$link}Terms & Conditions{/$link}.';
$lang['read_and_agree_to_privacy_policy'] = 'I have read and agree to the {$link}Privacy Policy{/$link}.';
$lang['delete_personal_information_hint'] = 'Delete all personal information from the system.';
$lang['delete_personal_information'] = 'Delete Personal Information';
$lang['delete_personal_information_prompt'] = 'Are you sure that you want to delete your personal information? This action cannot be undone.';

View file

@ -46,27 +46,29 @@
</div>
</div>
<?php
if ($manage_mode === TRUE) {
echo '
<div id="cancel-appointment-frame" class="row">
<?php if ($manage_mode): ?>
<div id="cancel-appointment-frame" class="booking-header-bar row">
<div class="col-xs-12 col-sm-10">
<p>' .
lang('cancel_appointment_hint') .
'</p>
<p><?= lang('cancel_appointment_hint') ?></p>
</div>
<div class="col-xs-12 col-sm-2">
<form id="cancel-appointment-form" method="post"
action="' . site_url('appointments/cancel/' . $appointment_data['hash']) . '">
<input type="hidden" name="csrfToken" value="' . $this->security->get_csrf_hash() . '" />
action="<?= site_url('appointments/cancel/' . $appointment_data['hash']) ?>">
<input type="hidden" name="csrfToken" value="<?= $this->security->get_csrf_hash() ?>" />
<textarea name="cancel_reason" style="display:none"></textarea>
<button id="cancel-appointment" class="btn btn-default">' .
lang('cancel') . '</button>
<button id="cancel-appointment" class="btn btn-default btn-sm"><?= lang('cancel') ?></button>
</form>
</div>
</div>';
}
?>
</div>
<div class="booking-header-bar row">
<div class="col-xs-12 col-sm-10">
<p><?= lang('delete_personal_information_hint') ?></p>
</div>
<div class="col-xs-12 col-sm-2">
<button id="delete-personal-information" class="btn btn-danger btn-sm"><?= lang('delete') ?></button>
</div>
</div>
<?php endif; ?>
<?php
if (isset($exceptions)) {
@ -365,6 +367,7 @@
availableProviders : <?= json_encode($available_providers) ?>,
baseUrl : <?= json_encode(config('base_url')) ?>,
manageMode : <?= $manage_mode ? 'true' : 'false' ?>,
customerToken : <?= json_encode($customer_token) ?>,
dateFormat : <?= json_encode($date_format) ?>,
timeFormat : <?= json_encode($time_format) ?>,
displayCookieNotice : <?= json_encode($display_cookie_notice === '1') ?>,

View file

@ -225,15 +225,16 @@ body {
/* CANCEL APPOINTMENT
------------------------------------------------------------------------- */
#cancel-appointment-frame {
padding: 15px 0;
.booking-header-bar {
padding: 10px 0;
margin: 0;
background: #FAFAFA;
border-bottom: 1px solid #E2E2E2;
}
#cancel-appointment-frame p {
margin-top: 8px;
.booking-header-bar p {
margin-top: 2px;
margin-bottom: 0;
}

View file

@ -380,6 +380,26 @@ window.FrontendBook = window.FrontendBook || {};
$('#cancel-reason').css('width', '100%');
return false;
});
$('#delete-personal-information').on('click', function () {
var buttons = [
{
text: 'Delete',
click: function () {
FrontendBookApi.deletePersonalInformation(GlobalVariables.customerToken);
}
},
{
text: EALang.cancel,
click: function () {
$('#message_box').dialog('close');
}
}
];
GeneralFunctions.displayMessageBox(EALang.delete_personal_information,
EALang.delete_personal_information_prompt, buttons);
});
}
/**

View file

@ -292,4 +292,25 @@ window.FrontendBookApi = window.FrontendBookApi || {};
}, 'json').fail(GeneralFunctions.ajaxFailureHandler);
};
/**
* Delete personal information.
*
* @param {Number} customerToken Customer unique token.
*/
exports.deletePersonalInformation = function (customerToken) {
var url = GlobalVariables.baseUrl + '/index.php/privacy/ajax_delete_personal_information';
var data = {
csrfToken: GlobalVariables.csrfToken,
customer_token: customerToken
};
$.post(url, data, function (response) {
if (!GeneralFunctions.handleAjaxExceptions(response)) {
return;
}
location.href = GlobalVariables.baseUrl;
}, 'json').fail(GeneralFunctions.ajaxFailureHandler);
};
})(window.FrontendBookApi);