feat: delete user backend support

2024-11-16 13:40:55 +00:00 · 2023-12-28 23:02:49 -08:00 · 2023-12-28 23:02:49 -08:00 · b61bb77950
commit b61bb77950
parent 8370465796
3 changed files with 51 additions and 0 deletions
--- a/backend/apps/web/models/users.py
+++ b/backend/apps/web/models/users.py
@ -8,6 +8,8 @@ from utils.utils import decode_token
 from utils.misc import get_gravatar_url

 from apps.web.internal.db import DB
+from apps.web.models.chats import Chat
+

 ####################
 # User DB Schema
@ -110,5 +112,19 @@ class UsersTable:
        except:
            return None

+    def delete_user_by_id(self, id: str) -> bool:
+        try:
+            # Delete User Chats
+            query = Chat.delete().where(Chat.user_id == id)
+            query.execute()  # Remove the rows, return number of rows removed.
+
+            # Delete User
+            query = User.delete().where(User.id == id)
+            query.execute()  # Remove the rows, return number of rows removed.
+
+            return True
+        except:
+            return False
+

 Users = UsersTable(DB)
--- a/backend/apps/web/routers/users.py
+++ b/backend/apps/web/routers/users.py
@ -73,3 +73,36 @@ async def update_user_role(form_data: UserRoleUpdateForm, cred=Depends(bearer_sc
            status_code=status.HTTP_401_UNAUTHORIZED,
            detail=ERROR_MESSAGES.INVALID_TOKEN,
        )
+
+
+############################
+# DeleteUser
+############################
+
+
+@router.delete("/{user_id}", response_model=bool)
+async def delete_user_by_id(user_id: str, cred=Depends(bearer_scheme)):
+    token = cred.credentials
+    user = Users.get_user_by_token(token)
+
+    if user:
+        if user.role == "admin":
+            result = Users.delete_user_by_id(user_id)
+
+            if result:
+                return True
+            else:
+                raise HTTPException(
+                    status_code=status.HTTP_403_FORBIDDEN,
+                    detail=ERROR_MESSAGES.DELETE_USER_ERROR,
+                )
+        else:
+            raise HTTPException(
+                status_code=status.HTTP_403_FORBIDDEN,
+                detail=ERROR_MESSAGES.ACCESS_PROHIBITED,
+            )
+    else:
+        raise HTTPException(
+            status_code=status.HTTP_401_UNAUTHORIZED,
+            detail=ERROR_MESSAGES.INVALID_TOKEN,
+        )
--- a/backend/constants.py
+++ b/backend/constants.py
@ -12,6 +12,7 @@ class ERROR_MESSAGES(str, Enum):
    DEFAULT = lambda err="": f"Something went wrong :/\n{err if err else ''}"
    ENV_VAR_NOT_FOUND = "Required environment variable not found. Terminating now."
    CREATE_USER_ERROR = "Oops! Something went wrong while creating your account. Please try again later. If the issue persists, contact support for assistance."
+    DELETE_USER_ERROR = "Oops! Something went wrong. We encountered an issue while trying to delete the user. Please give it another shot."
    EMAIL_TAKEN = "Uh-oh! This email is already registered. Sign in with your existing account or choose another email to start anew."
    USERNAME_TAKEN = (
        "Uh-oh! This username is already registered. Please choose another username."
@ -27,4 +28,5 @@ class ERROR_MESSAGES(str, Enum):
    )
    NOT_FOUND = "We could not find what you're looking for :/"
    USER_NOT_FOUND = "We could not find what you're looking for :/"
+
    MALICIOUS = "Unusual activities detected, please try again in a few minutes."