Add user delete process

2025-10-31 11:54:19 +01:00
parent 63f5c6d512
commit 269d3b5032
74 changed files with 16783 additions and 213 deletions
--- a/services/forecasting/app/api/forecasting_operations.py
+++ b/services/forecasting/app/api/forecasting_operations.py
@@ -23,7 +23,7 @@ from shared.monitoring.metrics import get_metrics_collector
 from app.core.config import settings
 from app.models import AuditLog
 from shared.routing import RouteBuilder
-from shared.auth.access_control import require_user_role
+from shared.auth.access_control import require_user_role, service_only_access
 from shared.security import create_audit_logger, create_rate_limiter, AuditSeverity, AuditAction
 from shared.subscription.plans import get_forecast_quota, get_forecast_horizon_limit
 from shared.redis_utils import get_redis_client
@@ -482,3 +482,120 @@ async def clear_prediction_cache(
            status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
            detail="Failed to clear prediction cache"
        )
+
+
+# ============================================================================
+# Tenant Data Deletion Operations (Internal Service Only)
+# ============================================================================
+
+@router.delete(
+    route_builder.build_base_route("tenant/{tenant_id}", include_tenant_prefix=False),
+    response_model=dict
+)
+@service_only_access
+async def delete_tenant_data(
+    tenant_id: str = Path(..., description="Tenant ID to delete data for"),
+    current_user: dict = Depends(get_current_user_dep)
+):
+    """
+    Delete all forecasting data for a tenant (Internal service only)
+
+    This endpoint is called by the orchestrator during tenant deletion.
+    It permanently deletes all forecasting-related data including:
+    - Forecasts (all time periods)
+    - Prediction batches
+    - Model performance metrics
+    - Prediction cache
+    - Audit logs
+
+    **WARNING**: This operation is irreversible!
+
+    Returns:
+        Deletion summary with counts of deleted records
+    """
+    from app.services.tenant_deletion_service import ForecastingTenantDeletionService
+
+    try:
+        logger.info("forecasting.tenant_deletion.api_called", tenant_id=tenant_id)
+
+        db_manager = create_database_manager(settings.DATABASE_URL, "forecasting")
+
+        async with db_manager.get_session() as session:
+            deletion_service = ForecastingTenantDeletionService(session)
+            result = await deletion_service.safe_delete_tenant_data(tenant_id)
+
+            if not result.success:
+                raise HTTPException(
+                    status_code=500,
+                    detail=f"Tenant data deletion failed: {', '.join(result.errors)}"
+                )
+
+            return {
+                "message": "Tenant data deletion completed successfully",
+                "summary": result.to_dict()
+            }
+
+    except HTTPException:
+        raise
+    except Exception as e:
+        logger.error("forecasting.tenant_deletion.api_error",
+                    tenant_id=tenant_id,
+                    error=str(e),
+                    exc_info=True)
+        raise HTTPException(
+            status_code=500,
+            detail=f"Failed to delete tenant data: {str(e)}"
+        )
+
+
+@router.get(
+    route_builder.build_base_route("tenant/{tenant_id}/deletion-preview", include_tenant_prefix=False),
+    response_model=dict
+)
+@service_only_access
+async def preview_tenant_data_deletion(
+    tenant_id: str = Path(..., description="Tenant ID to preview deletion for"),
+    current_user: dict = Depends(get_current_user_dep)
+):
+    """
+    Preview what data would be deleted for a tenant (dry-run)
+
+    This endpoint shows counts of all data that would be deleted
+    without actually deleting anything. Useful for:
+    - Confirming deletion scope before execution
+    - Auditing and compliance
+    - Troubleshooting
+
+    Returns:
+        Dictionary with entity names and their counts
+    """
+    from app.services.tenant_deletion_service import ForecastingTenantDeletionService
+
+    try:
+        logger.info("forecasting.tenant_deletion.preview_called", tenant_id=tenant_id)
+
+        db_manager = create_database_manager(settings.DATABASE_URL, "forecasting")
+
+        async with db_manager.get_session() as session:
+            deletion_service = ForecastingTenantDeletionService(session)
+            preview = await deletion_service.get_tenant_data_preview(tenant_id)
+
+            total_records = sum(preview.values())
+
+            return {
+                "tenant_id": tenant_id,
+                "service": "forecasting",
+                "preview": preview,
+                "total_records": total_records,
+                "warning": "These records will be permanently deleted and cannot be recovered"
+            }
+
+    except Exception as e:
+        logger.error("forecasting.tenant_deletion.preview_error",
+                    tenant_id=tenant_id,
+                    error=str(e),
+                    exc_info=True)
+        raise HTTPException(
+            status_code=500,
+            detail=f"Failed to preview tenant data deletion: {str(e)}"
+        )