Add the initial user admin delete code

2025-08-01 22:20:32 +02:00
parent 6e6c2cc42e
commit d4687e6375
3 changed files with 1147 additions and 3 deletions
--- a/services/auth/app/api/users.py
+++ b/services/auth/app/api/users.py
@@ -2,19 +2,22 @@
 User management API routes
 """

-from fastapi import APIRouter, Depends, HTTPException, status
+from fastapi import APIRouter, Depends, HTTPException, status, BackgroundTasks
 from sqlalchemy.ext.asyncio import AsyncSession
 from typing import Dict, Any
 import structlog
+import uuid

 from app.core.database import get_db
 from app.schemas.auth import UserResponse, PasswordChange
 from app.schemas.users import UserUpdate
 from app.services.user_service import UserService
-from app.models.users import User
+from app.models.users import User 

 from sqlalchemy.ext.asyncio import AsyncSession

+from app.services.admin_delete import AdminUserDeleteService
+
 # Import unified authentication from shared library
 from shared.auth.decorators import (
    get_current_user_dep,
@@ -116,4 +119,122 @@ async def update_current_user(
        raise HTTPException(
            status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
            detail="Failed to update user"
-        )
+        )
+
+@router.delete("/delete/users/{user_id}")
+async def delete_admin_user(
+    user_id: str,
+    background_tasks: BackgroundTasks,
+    current_user = Depends(get_current_user_dep),
+    #_admin_check = Depends(require_admin_role),
+    db: AsyncSession = Depends(get_db)
+):
+    """
+    Delete an admin user and all associated data across all services.
+    
+    This operation will:
+    1. Cancel any active training jobs for user's tenants
+    2. Delete all trained models and artifacts
+    3. Delete all forecasts and predictions
+    4. Delete notification preferences and logs
+    5. Handle tenant ownership (transfer or delete)
+    6. Delete user account and authentication data
+    
+    **Warning: This operation is irreversible!**
+    """
+    
+    # Validate user_id format
+    try:
+        uuid.UUID(user_id)
+    except ValueError:
+        raise HTTPException(
+            status_code=status.HTTP_400_BAD_REQUEST,
+            detail="Invalid user ID format"
+        )
+    
+    # Prevent self-deletion
+    if user_id == current_user.id:
+        raise HTTPException(
+            status_code=status.HTTP_400_BAD_REQUEST,
+            detail="Cannot delete your own account"
+        )
+    
+    # Initialize deletion service
+    deletion_service = AdminUserDeleteService(db)
+    
+    # Perform the deletion
+    try:
+        result = await deletion_service.delete_admin_user_complete(
+            user_id=user_id,
+            requesting_user_id=current_user.id
+        )
+        
+        return {
+            "success": True,
+            "message": f"Admin user {user_id} has been successfully deleted",
+            "deletion_details": result
+        }
+        
+    except HTTPException:
+        raise
+    except Exception as e:
+        logger.error("Unexpected error during user deletion", 
+                    user_id=user_id, 
+                    error=str(e))
+        raise HTTPException(
+            status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
+            detail="An unexpected error occurred during user deletion"
+        )
+
+
+@router.get("/delete/users/{user_id}/deletion-preview")
+async def preview_user_deletion(
+    user_id: str,
+    current_user = Depends(get_current_user_dep),
+    #_admin_check = Depends(require_admin_role),
+    db: AsyncSession = Depends(get_db)
+):
+    """
+    Preview what data would be deleted for an admin user.
+    
+    This endpoint provides a dry-run preview of the deletion operation
+    without actually deleting any data.
+    """
+    
+    try:
+        uuid.UUID(user_id)
+    except ValueError:
+        raise HTTPException(
+            status_code=status.HTTP_400_BAD_REQUEST,
+            detail="Invalid user ID format"
+        )
+    
+    deletion_service = AdminUserDeleteService(db)
+    
+    # Get user info
+    user_info = await deletion_service._validate_admin_user(user_id)
+    if not user_info:
+        raise HTTPException(
+            status_code=status.HTTP_404_NOT_FOUND,
+            detail=f"Admin user {user_id} not found"
+        )
+    
+    # Get tenant associations
+    tenant_info = await deletion_service._get_user_tenant_info(user_id)
+    
+    # Build preview
+    preview = {
+        "user": user_info,
+        "tenant_associations": tenant_info,
+        "estimated_deletions": {
+            "training_models": "All models for associated tenants",
+            "forecasts": "All forecasts for associated tenants", 
+            "notifications": "All user notification data",
+            "tenant_memberships": tenant_info['total_tenants'],
+            "owned_tenants": f"{tenant_info['owned_tenants']} (will be transferred or deleted)"
+        },
+        "warning": "This operation is irreversible and will permanently delete all associated data"
+    }
+    
+    return preview
+