Allow all users to delete their account

Previously the user could not delete his own account unless signup was
enabled in the global settings. This was due to the fact that deleting
the user would also delete the issues and other items associated to him.
Deleting an user does not destroy essential data anymore, for this
reason we removed the `signup_enabled?` check.

3 files changed, 24 insertions, 33 deletions

diff --git a/app/views/profiles/accounts/show.html.haml b/app/views/profiles/accounts/show.html.haml
index ed079ed7dfb..5d778d67ae7 100644
--- a/app/views/profiles/accounts/show.html.haml
+++ b/app/views/profiles/accounts/show.html.haml
@@ -92,25 +92,24 @@
             Update username
   %hr
 
-- if signup_enabled?
-  .row.prepend-top-default
-    .col-lg-4.profile-settings-sidebar
-      %h4.prepend-top-0.danger-title
-        Remove account
-    .col-lg-8
-      - if @user.can_be_removed? && can?(current_user, :destroy_user, @user)
+.row.prepend-top-default
+  .col-lg-4.profile-settings-sidebar
+    %h4.prepend-top-0.danger-title
+      Remove account
+  .col-lg-8
+    - if @user.can_be_removed? && can?(current_user, :destroy_user, @user)
+      %p
+        Deleting an account has the following effects:
+      = render 'users/deletion_guidance', user: current_user
+      = link_to 'Delete account', user_registration_path, data: { confirm: "REMOVE #{current_user.name}? Are you sure?" }, method: :delete, class: "btn btn-remove"
+    - else
+      - if @user.solo_owned_groups.present?
         %p
-          Deleting an account has the following effects:
-        = render 'users/deletion_guidance', user: current_user
-        = link_to 'Delete account', user_registration_path, data: { confirm: "REMOVE #{current_user.name}? Are you sure?" }, method: :delete, class: "btn btn-remove"
+          Your account is currently an owner in these groups:
+          %strong= @user.solo_owned_groups.map(&:name).join(', ')
+        %p
+          You must transfer ownership or delete these groups before you can delete your account.
       - else
-        - if @user.solo_owned_groups.present?
-          %p
-            Your account is currently an owner in these groups:
-            %strong= @user.solo_owned_groups.map(&:name).join(', ')
-          %p
-            You must transfer ownership or delete these groups before you can delete your account.
-        - else
-          %p
-            You don't have access to delete this user.
+        %p
+          You don't have access to delete this user.
 .append-bottom-default
diff --git a/changelogs/unreleased/36087-users-cannot-delete-their-account.yml b/changelogs/unreleased/36087-users-cannot-delete-their-account.yml
new file mode 100644
index 00000000000..9ba75d8b1d0
--- /dev/null
+++ b/changelogs/unreleased/36087-users-cannot-delete-their-account.yml
@@ -0,0 +1,5 @@
+---
+title: allow all users to delete their account
+merge_request: 13636
+author: Jacopo Beschi @jacopo-beschi
+type: changed
diff --git a/spec/features/profile_spec.rb b/spec/features/profile_spec.rb
index 672022304da..f183dd8cb75 100644
--- a/spec/features/profile_spec.rb
+++ b/spec/features/profile_spec.rb
@@ -7,9 +7,8 @@ describe 'Profile account page' do
     sign_in(user)
   end
 
-  describe 'when signup is enabled' do
+  describe 'when I delete my account' do
     before do
-      stub_application_setting(signup_enabled: true)
       visit profile_account_path
     end
 
@@ -21,18 +20,6 @@ describe 'Profile account page' do
     end
   end
 
-  describe 'when signup is disabled' do
-    before do
-      stub_application_setting(signup_enabled: false)
-      visit profile_account_path
-    end
-
-    it 'does not have option to remove account' do
-      expect(page).not_to have_content('Remove account')
-      expect(current_path).to eq(profile_account_path)
-    end
-  end
-
   describe 'when I reset private token' do
     before do
       visit profile_account_path