feat(anonymisation): anonymiser les utiliseurs quand on le supprime e…

…n mettant leur initiales (#1480)
SocialGouv · Sep 30, 2024 · 831c37a · 831c37a
1 parent f7f0d8a
commit 831c37a
Show file tree

Hide file tree

Showing 6 changed files with 39 additions and 15 deletions.
diff --git a/targets/frontend/src/components/user/List.tsx b/targets/frontend/src/components/user/List.tsx
@@ -31,7 +31,7 @@ query getUsers {
 `;
 
 type Props = {
-  onDeleteUser: (userId: string) => Promise<boolean>;
+  onDeleteUser: (userId: string, userName: string) => Promise<boolean>;
   refresh?: boolean;
 };
 
@@ -47,8 +47,8 @@ export function UserList({ onDeleteUser }: Props) {
   const { data, fetching, error } = result;
   const users = data?.users || [];
 
-  function confirmDeleteUser(id: string, email: string) {
-    setSelectedUser({ email, id });
+  function confirmDeleteUser(id: string, email: string, userName:string) {
+    setSelectedUser({ email, id, userName });
     open();
   }
 
@@ -57,7 +57,7 @@ export function UserList({ onDeleteUser }: Props) {
       return;
     }
     close();
-    const result = await onDeleteUser(selectedUser.id);
+    const result = await onDeleteUser(selectedUser.id, selectedUser.userName);
     if (result) {
       executeQuery({ requestPolicy: "network-only" });
     }
@@ -78,7 +78,7 @@ export function UserList({ onDeleteUser }: Props) {
         ariaLabel="Supprimer l'utilisateur"
       >
         <p>Etes vous sur de vouloir supprimer l’utilisateur</p>
-        <strong>{selectedUser?.email}</strong>
+        <strong>{selectedUser?.userName} ({selectedUser?.email})</strong>
         <Stack direction="row" spacing={2} mt={4} justifyContent="end">
           <Button variant="outlined" onClick={close}>
             Annuler
@@ -117,7 +117,7 @@ export function UserList({ onDeleteUser }: Props) {
               </TableCell>
               <TableCell align="center">
                 <MenuButton variant="contained">
-                  <MenuItem onClick={() => confirmDeleteUser(id, email)}>
+                  <MenuItem onClick={() => confirmDeleteUser(id, email, name)}>
                     Supprimer
                   </MenuItem>
                 </MenuButton>

diff --git a/targets/frontend/src/modules/authentification/deleteUser.ts b/targets/frontend/src/modules/authentification/deleteUser.ts
@@ -12,28 +12,36 @@ const deleteQuery = gql`
         isDeleted: true
       }
     ) {
-      name
+      id
     }
   }
 `;
 
 interface DeleteUserHasuraResult {
   update_auth_users_by_pk: {
-    name: string;
+    id: string;
   };
 }
 
-export const deleteUser = async (userId: string): Promise<boolean> => {
+const anonymizeUser = (userName: string, userId: string): string => {
+  if (!userName?.length) return userId.slice(4);
+  return userName.toUpperCase().split(" ").map((word) => word[0]).join("");
+};
+
+export const deleteUser = async (
+  userId: string,
+  userName: string
+): Promise<boolean> => {
   const deleteResult = await gqlClient()
     .mutation<DeleteUserHasuraResult>(deleteQuery, {
       email: `${userId}@gouv.fr`,
       id: userId,
-      name: userId,
+      name: anonymizeUser(userName, userId),
     })
     .toPromise();
 
   if (
-    deleteResult.data?.update_auth_users_by_pk.name !== userId ||
+    deleteResult.data?.update_auth_users_by_pk.id !== userId ||
     deleteResult.error
   ) {
     return false;

diff --git a/targets/frontend/src/pages/api/users/delete.ts b/targets/frontend/src/pages/api/users/delete.ts
@@ -14,6 +14,7 @@ export default async function handler(
   }
 
   const userId = req.body.userId;
+  const userName = req.body.userName;
 
   if (!userId) {
     res.status(400).json({ message: "Missing user id" });
@@ -36,7 +37,7 @@ export default async function handler(
     return;
   }
 
-  const result = await deleteUser(userId);
+  const result = await deleteUser(userId, userName);
 
   if (!result) {
     res.status(500).json({ message: "Error deleting user" });

diff --git a/targets/frontend/src/pages/users/index.tsx b/targets/frontend/src/pages/users/index.tsx
@@ -9,13 +9,13 @@ import { useRouter } from "next/router";
 export function UserPage() {
   const router = useRouter();
 
-  const onDeleteUser = async (userId: string) => {
+  const onDeleteUser = async (userId: string, userName: string) => {
     const result = await fetch(`/api/users/delete`, {
       method: "DELETE",
       headers: {
         "Content-Type": "application/json",
       },
-      body: JSON.stringify({ userId }),
+      body: JSON.stringify({ userId, userName }),
     });
 
     const resultJson = await result.json();
@@ -26,7 +26,6 @@ export function UserPage() {
     }
 
     alert("L'utilisateur a été supprimé avec succès");
-
     return true;
   };
 

diff --git a/targets/hasura/migrations/default/1727349866123_put_back_users_initials/down.sql b/targets/hasura/migrations/default/1727349866123_put_back_users_initials/down.sql
@@ -0,0 +1 @@
+-- alter table "contribution"."answers" alter column "display_date" drop not null;
diff --git a/targets/hasura/migrations/default/1727349866123_put_back_users_initials/up.sql b/targets/hasura/migrations/default/1727349866123_put_back_users_initials/up.sql
@@ -0,0 +1,15 @@
+UPDATE auth.users
+SET name = 'CL'
+WHERE id = '62a6e4c1-2624-4dfb-b984-0d206ec8a43e';
+
+UPDATE auth.users
+SET name = 'FD'
+WHERE id = '474702f8-7f7e-4f05-92b2-45796a075e0f';
+
+UPDATE auth.users
+SET name = 'AB'
+WHERE id = '1baef8d6-e871-46b4-8150-1f587b9f56cd';
+
+UPDATE auth.users
+SET name = 'CL'
+WHERE id = 'aa6d1721-71e5-42a8-bf26-98f453d1fab5';
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1 @@
		-- alter table "contribution"."answers" alter column "display_date" drop not null;