bakery-admin/bakery-ia
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add user delete process 2

Browse Source
This commit is contained in:
Urtzi Alfaro
2025-10-31 18:57:58 +01:00
parent 269d3b5032
commit f44d235c6d
15 changed files with 166 additions and 145 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
services/recipes/app/api/recipes.py
View File

@@ -18,9 +18,10 @@ from ..schemas.recipes import (
)
from ..models import AuditLog
from shared.routing import RouteBuilder, RouteCategory
from shared.auth.access_control import require_user_role
from shared.auth.access_control import require_user_role, service_only_access
from shared.auth.decorators import get_current_user_dep
from shared.security import create_audit_logger, AuditSeverity, AuditAction
from shared.services.tenant_deletion import TenantDataDeletionResult
route_builder = RouteBuilder('recipes')
logger = logging.getLogger(__name__)
@@ -395,6 +396,7 @@ async def get_recipe_deletion_summary(
# ===== Tenant Data Deletion Endpoints =====
@router.delete("/tenant/{tenant_id}")
@service_only_access
async def delete_tenant_data(
tenant_id: str,
current_user: dict = Depends(get_current_user_dep),
@@ -407,13 +409,6 @@ async def delete_tenant_data(
logger.info(f"Tenant data deletion request received for tenant: {tenant_id}")
# Only allow internal service calls
if current_user.get("type") != "service":
raise HTTPException(
status_code=403,
detail="This endpoint is only accessible to internal services"
)
try:
from app.services.tenant_deletion_service import RecipesTenantDeletionService
@@ -434,6 +429,7 @@ async def delete_tenant_data(
@router.get("/tenant/{tenant_id}/deletion-preview")
@service_only_access
async def preview_tenant_data_deletion(
tenant_id: str,
current_user: dict = Depends(get_current_user_dep),
@@ -444,16 +440,6 @@ async def preview_tenant_data_deletion(
Accessible by internal services and tenant admins
"""
# Allow internal services and admins
is_service = current_user.get("type") == "service"
is_admin = current_user.get("role") in ["owner", "admin"]
if not (is_service or is_admin):
raise HTTPException(
status_code=403,
detail="Insufficient permissions"
)
try:
from app.services.tenant_deletion_service import RecipesTenantDeletionService