Add endpoint to deactivate user from app on delete

2023-01-12 16:26:46 +00:00 · 2023-01-12 16:26:46 +00:00 · 09b4533cc8
parent 24f8f3a7cb
commit 09b4533cc8
2 changed files with 37 additions and 0 deletions
--- a/packages/server/src/api/controllers/user.ts
+++ b/packages/server/src/api/controllers/user.ts
@ -173,3 +173,35 @@ export async function getFlags(ctx: BBContext) {
  }
  ctx.body = doc
 }
+
+export async function removeUserFromApp(ctx: BBContext) {
+  const { id: userId, prodAppId } = ctx.params
+
+  const devAppId = dbCore.getDevelopmentAppID(prodAppId)
+  for (let appId of [prodAppId, devAppId]) {
+    if (!(await dbCore.dbExists(appId))) {
+      continue
+    }
+    await context.doInAppContext(appId, async () => {
+      const db = context.getAppDB()
+      const metadataId = generateUserMetadataID(userId)
+      let metadata
+      try {
+        metadata = await db.get(metadataId)
+      } catch (err) {
+        return
+      }
+
+      let combined = {
+        ...metadata,
+        status: constants.UserStatus.INACTIVE,
+        metadata: rolesCore.BUILTIN_ROLE_IDS.PUBLIC,
+      }
+
+      await db.put(combined)
+    })
+  }
+  ctx.body = {
+    message: `User ${userId} deleted from ${prodAppId} and ${"devapp"}.`,
+  }
+}
--- a/packages/server/src/api/routes/user.ts
+++ b/packages/server/src/api/routes/user.ts
@ -47,5 +47,10 @@ router
    authorized(PermissionType.USER, PermissionLevel.READ),
    controller.getFlags
  )
+  .delete(
+    "/api/users/metadata/:id/app/:prodAppId",
+    authorized(PermissionType.USER, PermissionLevel.WRITE),
+    controller.removeUserFromApp
+  )

 export default router