def delete_anonymous_user(user_name, token_info: Dict = None): """ Delete User Profile. 1) check if the token user is admin/owner of the current user 2) disable the user from kc 3) set user status as INACTIVE 4) set membership as inactive """ admin_user: UserModel = UserModel.find_by_jwt_token(token_info) if not admin_user: raise BusinessException(Error.DATA_NOT_FOUND, None) if admin_user.status == UserStatus.INACTIVE.value: raise BusinessException(Error.DELETE_FAILED_INACTIVE_USER, None) # handle validations. user = UserModel.find_by_username(user_name) membership = MembershipModel.find_membership_by_userid(user.id) org_id = membership.org_id is_valid_action = False # admin/owner deleteion admin_user_membership = MembershipModel.find_membership_by_user_and_org( admin_user.id, org_id) if admin_user_membership.membership_type_code in [ADMIN]: is_valid_action = True # staff admin deleteion is_staff_admin = token_info and Role.STAFF_CREATE_ACCOUNTS.value in token_info.get( 'realm_access').get('roles') if is_staff_admin: is_valid_action = True # self deletion if user.keycloak_guid == admin_user.keycloak_guid: is_valid_action = True # is the only owner getting deleted if is_valid_action and membership.membership_type_code == ADMIN: count_of_owners = MembershipModel.get_count_active_owner_org_id( org_id) if count_of_owners == 1: is_valid_action = False if not is_valid_action: raise BusinessException(Error.INVALID_USER_CREDENTIALS, None) user.is_terms_of_use_accepted = False user.status = UserStatus.INACTIVE.value user.save() membership.status = Status.INACTIVE.value membership.save() update_user_request = KeycloakUser() update_user_request.user_name = user_name.replace( IdpHint.BCROS.value + '/', '') update_user_request.enabled = False KeycloakService.update_user(update_user_request)
def test_get_count_active_owner_org_id_multiple(session): # pylint:disable=unused-argument """Assert that an Org can be updated from a dictionary.""" membership1 = factory_membersip_model(session) user2 = factory_user_model(TestUserInfo.user2) membership2 = MembershipModel(org_id=membership1.org_id, user_id=user2.id, membership_type_code=ADMIN, status=1) membership2.save() assert MembershipModel.get_count_active_owner_org_id( membership2.org_id) == 2
def test_get_count_active_owner_org_id(session): # pylint:disable=unused-argument """Assert that an Org can be updated from a dictionary.""" membership = factory_membersip_model(session) assert MembershipModel.get_count_active_owner_org_id( membership.org_id) == 1