UnityHPC · simonLeary42 · Dec 10, 2025 · Dec 10, 2025 · Dec 12, 2025 · Dec 12, 2025
diff --git a/resources/lib/UnityUser.php b/resources/lib/UnityUser.php
@@ -381,6 +381,16 @@ public function requestAccountDeletion(): void
         ]);
     }
 
+    public function cancelRequestAccountDeletion(): void
+    {
+        $this->SQL->deleteAccountDeletionRequest($this->uid);
+        $this->MAILER->sendMail("admin", "account_deletion_request_cancelled_admin", [
+            "user" => $this->uid,
+            "name" => $this->getFullname(),
+            "email" => $this->getMail(),
+        ]);
+    }
+
     /**
      * Checks if the user has requested account deletion
      */

diff --git a/resources/mail/account_deletion_request_cancelled_admin.php b/resources/mail/account_deletion_request_cancelled_admin.php
@@ -0,0 +1,15 @@
+<?php
+
+$this->Subject = "Account Deletion Request Cancelled"; ?>
+
+<p>Hello,</p>
+
+<p>A user has cancelled their request for account deletion. User details are below:</p>
+
+<p>
+    <strong>Username</strong> <?php echo $data["user"]; ?>
+    <br>
+    <strong>Name</strong> <?php echo $data["name"]; ?>
+    <br>
+    <strong>Email</strong> <?php echo $data["email"]; ?>
+</p>
diff --git a/test/functional/AccountDeletionRequestTest.php b/test/functional/AccountDeletionRequestTest.php
@@ -69,4 +69,25 @@ public function testRequestAccountDeletionUserHasRequest()
             ensureUserNotInPIGroup($pi_group);
         }
     }
+
+    public function testRequestAccountDeletionCancel()
+    {
+        global $USER;
+        switchUser(...getBlankUser());
+        $this->assertEmpty($USER->getPIGroupGIDs());
+        $this->assertNumberAccountDeletionRequests(0);
+        $this->assertNumberRequests(0);
+        try {
+            http_post(__DIR__ . "/../../webroot/panel/account.php", [
+                "form_type" => "account_deletion_request",
+            ]);
+            $this->assertNumberAccountDeletionRequests(1);
+            http_post(__DIR__ . "/../../webroot/panel/account.php", [
+                "form_type" => "cancel_account_deletion_request",
+            ]);
+            $this->assertNumberAccountDeletionRequests(0);
+        } finally {
+            ensureUserNotRequestedAccountDeletion();
+        }
+    }
 }
diff --git a/test/phpunit-bootstrap.php b/test/phpunit-bootstrap.php
@@ -206,6 +206,14 @@ function ensureOrgGroupDoesNotExist()
     }
 }
 
+function ensureUserNotRequestedAccountDeletion()
+{
+    global $USER, $SSO, $LDAP, $SQL, $MAILER, $WEBHOOK;
+    if ($SQL->accDeletionRequestExists($USER->uid)) {
+        $SQL->deleteAccountDeletionRequest($USER->uid);
+    }
+}
+
 function ensureUserNotInPIGroup(UnityGroup $pi_group)
 {
     global $USER;

diff --git a/webroot/panel/account.php b/webroot/panel/account.php
@@ -86,10 +86,17 @@
             if ($hasGroups) {
                 break;
             }
+            // FIXME send an error message if already exists
             if (!$SQL->accDeletionRequestExists($USER->uid)) {
                 $USER->requestAccountDeletion();
             }
             break;
+        case "cancel_account_deletion_request":
+            // FIXME send an error message if doesn't exist
+            if ($SQL->accDeletionRequestExists($USER->uid)) {
+                $USER->cancelRequestAccountDeletion();
+            }
+            break;
     }
 }
 
@@ -245,25 +252,34 @@
 if ($hasGroups) {
     echo "<p>You cannot request to delete your account while you are in a PI group.</p>";
 } else {
-    echo "
-        <form
-            action=''
-            method='POST'
-            id='accDel'
-            onsubmit='return confirm(\"Are you sure you want to request an account deletion?\")'
-        >
-        <input type='hidden' name='form_type' value='account_deletion_request' />
-    ";
     if ($SQL->accDeletionRequestExists($USER->uid)) {
-        echo "<input type='submit' value='Request Account Deletion' disabled />";
         echo "
-            <label style='margin-left: 10px'>
-            Your request has been submitted and is currently pending</label>
+            <p>Your request has been submitted and is currently pending.</p>
+            <form
+                action=''
+                method='POST'
+                onsubmit='
+                    return confirm(
+                        \"Are you sure you want to cancel your request for account deletion?\"
+                    )
+                '
+            >
+                <input type='hidden' name='form_type' value='cancel_account_deletion_request' />
+                <input type='submit' value='Cancel Account Deletion Request' />
+            </form>
         ";
     } else {
-        echo "<input type='submit' value='Request Account Deletion' />";
+        echo "
+            <form
+                action=''
+                method='POST'
+                onsubmit='return confirm(\"Are you sure you want to request an account deletion?\")'
+            >
+                <input type='hidden' name='form_type' value='account_deletion_request' />
+                <input type='submit' value='Request Account Deletion' />
+            </form>
+        ";
     }
-    echo "</form>";
 }
 
 ?>