def post(self, request):
"""
POST /api/user/v1/accounts/retire_misc/
{
'username': '******'
}
Retires the user with the given username in the LMS.
"""
username = request.data['username']
try:
retirement = UserRetirementStatus.get_retirement_for_retirement_action(
username)
RevisionPluginRevision.retire_user(retirement.user)
ArticleRevision.retire_user(retirement.user)
PendingNameChange.delete_by_user_value(retirement.user,
field='user')
PasswordHistory.retire_user(retirement.user.id)
course_enrollments = CourseEnrollment.objects.filter(
user=retirement.user)
ManualEnrollmentAudit.retire_manual_enrollments(
course_enrollments, retirement.retired_email)
CreditRequest.retire_user(retirement)
ApiAccessRequest.retire_user(retirement.user)
CreditRequirementStatus.retire_user(retirement)
# This signal allows code in higher points of LMS to retire the user as necessary
USER_RETIRE_LMS_MISC.send(sender=self.__class__,
user=retirement.user)
# This signal allows code in higher points of LMS to unsubscribe the user
# from various types of mailings.
USER_RETIRE_MAILINGS.send(sender=self.__class__,
email=retirement.original_email,
new_email=retirement.retired_email,
user=retirement.user)
except UserRetirementStatus.DoesNotExist:
return Response(status=status.HTTP_404_NOT_FOUND)
except RetirementStateError as exc:
return Response(text_type(exc), status=status.HTTP_400_BAD_REQUEST)
except Exception as exc: # pylint: disable=broad-except
return Response(text_type(exc),
status=status.HTTP_500_INTERNAL_SERVER_ERROR)
return Response(status=status.HTTP_204_NO_CONTENT)
def test_retirement(self):
"""
Verify that the user's password history contains no actual
passwords after retirement is called.
"""
user = self._user_factory_with_history()
# create multiple rows in the password history table
self._change_password(user, "different")
self._change_password(user, "differentagain")
for row in PasswordHistory.objects.filter(user_id=user.id):
self.assertFalse(row.password == "")
PasswordHistory.retire_user(user.id)
for row in PasswordHistory.objects.filter(user_id=user.id):
self.assertEqual(row.password, "")
def post(self, request):
"""
POST /api/user/v1/accounts/retire_misc/
{
'username': '******'
}
Retires the user with the given username in the LMS.
"""
username = request.data['username']
try:
retirement = UserRetirementStatus.get_retirement_for_retirement_action(username)
RevisionPluginRevision.retire_user(retirement.user)
ArticleRevision.retire_user(retirement.user)
PendingNameChange.delete_by_user_value(retirement.user, field='user')
PasswordHistory.retire_user(retirement.user.id)
course_enrollments = CourseEnrollment.objects.filter(user=retirement.user)
ManualEnrollmentAudit.retire_manual_enrollments(course_enrollments, retirement.retired_email)
CreditRequest.retire_user(retirement.original_username, retirement.retired_username)
ApiAccessRequest.retire_user(retirement.user)
CreditRequirementStatus.retire_user(retirement.user.username)
# This signal allows code in higher points of LMS to retire the user as necessary
USER_RETIRE_LMS_MISC.send(sender=self.__class__, user=retirement.user)
# This signal allows code in higher points of LMS to unsubscribe the user
# from various types of mailings.
USER_RETIRE_MAILINGS.send(
sender=self.__class__,
email=retirement.original_email,
new_email=retirement.retired_email,
user=retirement.user
)
except UserRetirementStatus.DoesNotExist:
return Response(status=status.HTTP_404_NOT_FOUND)
except RetirementStateError as exc:
return Response(text_type(exc), status=status.HTTP_400_BAD_REQUEST)
except Exception as exc: # pylint: disable=broad-except
return Response(text_type(exc), status=status.HTTP_500_INTERNAL_SERVER_ERROR)
return Response(status=status.HTTP_204_NO_CONTENT)
def post(self, request):
"""
POST /api/user/v1/accounts/retire_misc/
{
'username': '******'
}
Retires the user with the given username in the LMS.
"""
username = request.data['username']
if is_username_retired(username):
return Response(status=status.HTTP_404_NOT_FOUND)
try:
retirement = UserRetirementStatus.get_retirement_for_retirement_action(
username)
RevisionPluginRevision.retire_user(retirement.user)
ArticleRevision.retire_user(retirement.user)
PendingNameChange.delete_by_user_value(retirement.user,
field='user')
PasswordHistory.retire_user(retirement.user.id)
course_enrollments = CourseEnrollment.objects.filter(
user=retirement.user)
ManualEnrollmentAudit.retire_manual_enrollments(
course_enrollments, retirement.retired_email)
CreditRequest.retire_user(retirement.original_username,
retirement.retired_username)
ApiAccessRequest.retire_user(retirement.user)
CreditRequirementStatus.retire_user(retirement.user.username)
SurveyAnswer.retire_user(retirement.user.id)
except UserRetirementStatus.DoesNotExist:
return Response(status=status.HTTP_404_NOT_FOUND)
except RetirementStateError as exc:
return Response(text_type(exc), status=status.HTTP_400_BAD_REQUEST)
except Exception as exc: # pylint: disable=broad-except
return Response(text_type(exc),
status=status.HTTP_500_INTERNAL_SERVER_ERROR)
return Response(status=status.HTTP_204_NO_CONTENT)
def test_retirement(self):
"""
Verify that the user's password history contains no actual
passwords after retirement is called.
"""
user = self._user_factory_with_history()
# create multiple rows in the password history table
self._change_password(user, "different")
self._change_password(user, "differentagain")
# ensure the rows were actually created and stored the passwords
self.assertTrue(PasswordHistory.objects.filter(user_id=user.id).exists())
for row in PasswordHistory.objects.filter(user_id=user.id):
self.assertFalse(row.password == "")
# retire the user and ensure that the rows are still present, but with no passwords
PasswordHistory.retire_user(user.id)
self.assertTrue(PasswordHistory.objects.filter(user_id=user.id).exists())
for row in PasswordHistory.objects.filter(user_id=user.id):
self.assertEqual(row.password, "")
def test_retirement(self):
"""
Verify that the user's password history contains no actual
passwords after retirement is called.
"""
user = self._user_factory_with_history()
# create multiple rows in the password history table
self._change_password(user, "different")
self._change_password(user, "differentagain")
# ensure the rows were actually created and stored the passwords
self.assertTrue(
PasswordHistory.objects.filter(user_id=user.id).exists())
for row in PasswordHistory.objects.filter(user_id=user.id):
self.assertFalse(row.password == "")
# retire the user and ensure that the rows are still present, but with no passwords
PasswordHistory.retire_user(user.id)
self.assertTrue(
PasswordHistory.objects.filter(user_id=user.id).exists())
for row in PasswordHistory.objects.filter(user_id=user.id):
self.assertEqual(row.password, "")
