diff --git a/app/controllers/organizations_controller.rb b/app/controllers/organizations_controller.rb
index 1e953fa..ace28e3 100644
--- a/app/controllers/organizations_controller.rb
+++ b/app/controllers/organizations_controller.rb
@@ -43,10 +43,11 @@ class OrganizationsController < ApplicationController
end
def destroy
- unless current_user.authenticate(params[:password])
+ if params[:confirm_text].blank? || params[:confirm_text].downcase.strip != organization.name.downcase.strip
respond_to do |wants|
- wants.html { redirect_to organization_delete_path(@organization), alert: "The password you entered was not valid. Please check and try again." }
- wants.json { render json: { alert: "The password you entered was invalid. Please check and try again." } }
+ alert_text = "The text you entered does not match the organization name. Please check and try again."
+ wants.html { redirect_to organization_delete_path(@organization), alert: alert_text }
+ wants.json { render json: { alert: alert_text } }
end
return
end
diff --git a/app/controllers/servers_controller.rb b/app/controllers/servers_controller.rb
index f0de090..fd78dee 100644
--- a/app/controllers/servers_controller.rb
+++ b/app/controllers/servers_controller.rb
@@ -65,17 +65,15 @@ class ServersController < ApplicationController
end
def destroy
- unless current_user.authenticate(params[:password])
+ if params[:confirm_text].blank? || params[:confirm_text].downcase.strip != @server.name.downcase.strip
respond_to do |wants|
- wants.html do
- redirect_to [:delete, organization, @server], alert: "The password you entered was not valid. Please check and try again."
- end
- wants.json do
- render json: { alert: "The password you entere was invalid. Please check and try again" }
- end
+ alert_text = "The text you entered does not match the server name. Please check and try again."
+ wants.html { redirect_to organization_delete_path(@organization), alert: alert_text }
+ wants.json { render json: { alert: alert_text } }
end
return
end
+
@server.soft_destroy
redirect_to_with_json organization_root_path(organization), notice: "#{@server.name} has been deleted successfully"
end
diff --git a/app/views/organizations/delete.html.haml b/app/views/organizations/delete.html.haml
index 8a53641..115dc96 100644
--- a/app/views/organizations/delete.html.haml
+++ b/app/views/organizations/delete.html.haml
@@ -13,12 +13,11 @@
all its mail servers & data will be deleted from our systems.
.dangerZone
%p.pageContent__text.u-margin
- To continue to delete this organization, please enter your password in the field below and press
+ To continue to delete this organization, please enter the name of the organization in the field below and press
continue. There will be no other confirmations.
= form_tag [organization, :delete], :method => :delete, :remote => true do
= hidden_field_tag 'return_to', params[:return_to]
%p.u-margin
- = password_field_tag "password", '', :class => 'input input--text input--danger'
+ = text_field_tag "confirm_text", '', :class => 'input input--text input--danger'
.buttonSet.u-center
= submit_tag "Delete this organization, mail servers and all messages", :class => 'button button--danger js-form-submit'
-
diff --git a/app/views/servers/delete.html.haml b/app/views/servers/delete.html.haml
index 604cf06..baf64b2 100644
--- a/app/views/servers/delete.html.haml
+++ b/app/views/servers/delete.html.haml
@@ -10,12 +10,11 @@
immediately.
.dangerZone
%p.pageContent__text.u-margin
- To continue to remove this server, please enter your password in the field below and press
+ To continue to remove this server, please enter the server name in the field below and press
continue. There will be no other confirmations.
= form_tag [organization, @server], :remote => true, :method => :delete do
= hidden_field_tag 'return_to', params[:return_to]
%p.u-margin
- = password_field_tag "password", '', :class => 'input input--text input--danger'
+ = text_field_tag "confirm_text", '', :class => 'input input--text input--danger'
.buttonSet.u-center
= submit_tag "Delete this mail server and all messages", :class => 'button button--danger'
-