From b61bb779502b654e934e8055d34654f149bfca39 Mon Sep 17 00:00:00 2001 From: "Timothy J. Baek" Date: Thu, 28 Dec 2023 23:02:49 -0800 Subject: [PATCH] feat: delete user backend support --- backend/apps/web/models/users.py | 16 +++++++++++++++ backend/apps/web/routers/users.py | 33 +++++++++++++++++++++++++++++++ backend/constants.py | 2 ++ 3 files changed, 51 insertions(+) diff --git a/backend/apps/web/models/users.py b/backend/apps/web/models/users.py index 782b7f47..2768f20b 100644 --- a/backend/apps/web/models/users.py +++ b/backend/apps/web/models/users.py @@ -8,6 +8,8 @@ from utils.utils import decode_token from utils.misc import get_gravatar_url from apps.web.internal.db import DB +from apps.web.models.chats import Chat + #################### # User DB Schema @@ -110,5 +112,19 @@ class UsersTable: except: return None + def delete_user_by_id(self, id: str) -> bool: + try: + # Delete User Chats + query = Chat.delete().where(Chat.user_id == id) + query.execute() # Remove the rows, return number of rows removed. + + # Delete User + query = User.delete().where(User.id == id) + query.execute() # Remove the rows, return number of rows removed. + + return True + except: + return False + Users = UsersTable(DB) diff --git a/backend/apps/web/routers/users.py b/backend/apps/web/routers/users.py index 08437bd3..0206b7d7 100644 --- a/backend/apps/web/routers/users.py +++ b/backend/apps/web/routers/users.py @@ -73,3 +73,36 @@ async def update_user_role(form_data: UserRoleUpdateForm, cred=Depends(bearer_sc status_code=status.HTTP_401_UNAUTHORIZED, detail=ERROR_MESSAGES.INVALID_TOKEN, ) + + +############################ +# DeleteUser +############################ + + +@router.delete("/{user_id}", response_model=bool) +async def delete_user_by_id(user_id: str, cred=Depends(bearer_scheme)): + token = cred.credentials + user = Users.get_user_by_token(token) + + if user: + if user.role == "admin": + result = Users.delete_user_by_id(user_id) + + if result: + return True + else: + raise HTTPException( + status_code=status.HTTP_403_FORBIDDEN, + detail=ERROR_MESSAGES.DELETE_USER_ERROR, + ) + else: + raise HTTPException( + status_code=status.HTTP_403_FORBIDDEN, + detail=ERROR_MESSAGES.ACCESS_PROHIBITED, + ) + else: + raise HTTPException( + status_code=status.HTTP_401_UNAUTHORIZED, + detail=ERROR_MESSAGES.INVALID_TOKEN, + ) diff --git a/backend/constants.py b/backend/constants.py index 06d67eec..a068995d 100644 --- a/backend/constants.py +++ b/backend/constants.py @@ -12,6 +12,7 @@ class ERROR_MESSAGES(str, Enum): DEFAULT = lambda err="": f"Something went wrong :/\n{err if err else ''}" ENV_VAR_NOT_FOUND = "Required environment variable not found. Terminating now." CREATE_USER_ERROR = "Oops! Something went wrong while creating your account. Please try again later. If the issue persists, contact support for assistance." + DELETE_USER_ERROR = "Oops! Something went wrong. We encountered an issue while trying to delete the user. Please give it another shot." EMAIL_TAKEN = "Uh-oh! This email is already registered. Sign in with your existing account or choose another email to start anew." USERNAME_TAKEN = ( "Uh-oh! This username is already registered. Please choose another username." @@ -27,4 +28,5 @@ class ERROR_MESSAGES(str, Enum): ) NOT_FOUND = "We could not find what you're looking for :/" USER_NOT_FOUND = "We could not find what you're looking for :/" + MALICIOUS = "Unusual activities detected, please try again in a few minutes."