Fix account delete form not accepting password, update suspended (#3745)

account before removing content for quicker feedback to end-users

3 files changed, 4 insertions, 4 deletions

diff --git a/app/controllers/settings/deletes_controller.rb b/app/controllers/settings/deletes_controller.rb
index 55c18345b..dd18b4c2f 100644
--- a/app/controllers/settings/deletes_controller.rb
+++ b/app/controllers/settings/deletes_controller.rb
@@ -22,6 +22,6 @@ class Settings::DeletesController < ApplicationController
   private
 
   def delete_params
-    params.permit(:password)
+    params.require(:form_delete_confirmation).permit(:password)
   end
 end
diff --git a/app/services/suspend_account_service.rb b/app/services/suspend_account_service.rb
index 1e3a51e4e..983c5495b 100644
--- a/app/services/suspend_account_service.rb
+++ b/app/services/suspend_account_service.rb
@@ -5,8 +5,8 @@ class SuspendAccountService < BaseService
     @account = account
 
     purge_user if remove_user
-    purge_content
     purge_profile
+    purge_content
     unsubscribe_push_subscribers
   end
 
diff --git a/spec/controllers/settings/deletes_controller_spec.rb b/spec/controllers/settings/deletes_controller_spec.rb
index c9e163261..b9c7c3068 100644
--- a/spec/controllers/settings/deletes_controller_spec.rb
+++ b/spec/controllers/settings/deletes_controller_spec.rb
@@ -35,7 +35,7 @@ describe Settings::DeletesController do
 
       context 'with correct password' do
         before do
-          delete :destroy, params: { password: 'petsmoldoggos' }
+          delete :destroy, params: { form_delete_confirmation: { password: 'petsmoldoggos' } }
         end
 
         it 'redirects to sign in page' do
@@ -53,7 +53,7 @@ describe Settings::DeletesController do
 
       context 'with incorrect password' do
         before do
-          delete :destroy, params: { password: 'blaze420' }
+          delete :destroy, params: { form_delete_confirmation: { password: 'blaze420' } }
         end
 
         it 'redirects back to confirmation page' do