Add user delete process

2025-10-31 11:54:19 +01:00
parent 63f5c6d512
commit 269d3b5032
74 changed files with 16783 additions and 213 deletions
--- a/services/training/app/api/training_operations.py
+++ b/services/training/app/api/training_operations.py
@@ -16,7 +16,7 @@ from shared.monitoring.decorators import track_execution_time
 from shared.monitoring.metrics import get_metrics_collector
 from shared.database.base import create_database_manager
 from shared.auth.decorators import get_current_user_dep
-from shared.auth.access_control import require_user_role, admin_role_required
+from shared.auth.access_control import require_user_role, admin_role_required, service_only_access
 from shared.security import create_audit_logger, create_rate_limiter, AuditSeverity, AuditAction
 from shared.subscription.plans import (
    get_training_job_quota,
@@ -503,3 +503,126 @@ async def health_check():
        ],
        "timestamp": datetime.now().isoformat()
    }
+
+
+# ============================================================================
+# Tenant Data Deletion Operations (Internal Service Only)
+# ============================================================================
+
+@router.delete(
+    route_builder.build_base_route("tenant/{tenant_id}", include_tenant_prefix=False),
+    response_model=dict
+)
+@service_only_access
+async def delete_tenant_data(
+    tenant_id: str = Path(..., description="Tenant ID to delete data for"),
+    current_user: dict = Depends(get_current_user_dep)
+):
+    """
+    Delete all training data for a tenant (Internal service only)
+
+    This endpoint is called by the orchestrator during tenant deletion.
+    It permanently deletes all training-related data including:
+    - Trained models (all versions)
+    - Model artifacts (files and metadata)
+    - Training logs and job history
+    - Model performance metrics
+    - Training job queue entries
+    - Audit logs
+
+    **WARNING**: This operation is irreversible!
+    **NOTE**: Physical model files (.pkl) should be cleaned up separately
+
+    Returns:
+        Deletion summary with counts of deleted records
+    """
+    from app.services.tenant_deletion_service import TrainingTenantDeletionService
+    from app.core.config import settings
+
+    try:
+        logger.info("training.tenant_deletion.api_called", tenant_id=tenant_id)
+
+        db_manager = create_database_manager(settings.DATABASE_URL, "training")
+
+        async with db_manager.get_session() as session:
+            deletion_service = TrainingTenantDeletionService(session)
+            result = await deletion_service.safe_delete_tenant_data(tenant_id)
+
+            if not result.success:
+                raise HTTPException(
+                    status_code=500,
+                    detail=f"Tenant data deletion failed: {', '.join(result.errors)}"
+                )
+
+            return {
+                "message": "Tenant data deletion completed successfully",
+                "note": "Physical model files should be cleaned up separately from storage",
+                "summary": result.to_dict()
+            }
+
+    except HTTPException:
+        raise
+    except Exception as e:
+        logger.error("training.tenant_deletion.api_error",
+                    tenant_id=tenant_id,
+                    error=str(e),
+                    exc_info=True)
+        raise HTTPException(
+            status_code=500,
+            detail=f"Failed to delete tenant data: {str(e)}"
+        )
+
+
+@router.get(
+    route_builder.build_base_route("tenant/{tenant_id}/deletion-preview", include_tenant_prefix=False),
+    response_model=dict
+)
+@service_only_access
+async def preview_tenant_data_deletion(
+    tenant_id: str = Path(..., description="Tenant ID to preview deletion for"),
+    current_user: dict = Depends(get_current_user_dep)
+):
+    """
+    Preview what data would be deleted for a tenant (dry-run)
+
+    This endpoint shows counts of all data that would be deleted
+    without actually deleting anything. Useful for:
+    - Confirming deletion scope before execution
+    - Auditing and compliance
+    - Troubleshooting
+
+    Returns:
+        Dictionary with entity names and their counts
+    """
+    from app.services.tenant_deletion_service import TrainingTenantDeletionService
+    from app.core.config import settings
+
+    try:
+        logger.info("training.tenant_deletion.preview_called", tenant_id=tenant_id)
+
+        db_manager = create_database_manager(settings.DATABASE_URL, "training")
+
+        async with db_manager.get_session() as session:
+            deletion_service = TrainingTenantDeletionService(session)
+            preview = await deletion_service.get_tenant_data_preview(tenant_id)
+
+            total_records = sum(preview.values())
+
+            return {
+                "tenant_id": tenant_id,
+                "service": "training",
+                "preview": preview,
+                "total_records": total_records,
+                "note": "Physical model files (.pkl, metadata) are not counted here",
+                "warning": "These records will be permanently deleted and cannot be recovered"
+            }
+
+    except Exception as e:
+        logger.error("training.tenant_deletion.preview_error",
+                    tenant_id=tenant_id,
+                    error=str(e),
+                    exc_info=True)
+        raise HTTPException(
+            status_code=500,
+            detail=f"Failed to preview tenant data deletion: {str(e)}"
+        )