podkrepi-bg · slavcho · Nov 23, 2023 · Nov 14, 2023 · Nov 14, 2023 · Nov 14, 2023
diff --git a/apps/api/src/account/account.controller.ts b/apps/api/src/account/account.controller.ts
@@ -69,11 +69,11 @@ export class AccountController {
   }
 
   @Delete('me')
-  async disableUser(@AuthenticatedUser() user: KeycloakTokenParsed) {
+  async deleteUser(@AuthenticatedUser() user: KeycloakTokenParsed) {
     try {
-      return await this.accountService.disableUser(user)
+      return await this.accountService.deleteUser(user)
     } catch (err) {
-      Logger.error(`Failed to disable user with keycloakId ${user.sub}. Error is: ${err}`)
+      Logger.error(`Failed to delete user with keycloakId ${user.sub}. Error is: ${err}`)
       throw err
     }
   }

diff --git a/apps/api/src/account/account.service.ts b/apps/api/src/account/account.service.ts
@@ -28,6 +28,10 @@ export class AccountService {
     return await this.authService.changeEnabledStatus(user.sub, false)
   }
 
+  async deleteUser(user: KeycloakTokenParsed) {
+    return await this.authService.deleteUser(user.sub)
+  }
+
   async changeProfileActivationStatus(keycloakId: string, newStatus: boolean) {
     return await this.authService.changeEnabledStatus(keycloakId, newStatus)
   }

diff --git a/apps/api/src/auth/auth.service.spec.ts b/apps/api/src/auth/auth.service.spec.ts
@@ -1,10 +1,10 @@
-import { Person } from '@prisma/client'
+import { Beneficiary, Person } from '@prisma/client'
 import { mockDeep } from 'jest-mock-extended'
 import { ConfigService } from '@nestjs/config'
 import { HttpService } from '@nestjs/axios'
 import { plainToClass } from 'class-transformer'
 import { Test, TestingModule } from '@nestjs/testing'
-import { Logger, UnauthorizedException } from '@nestjs/common'
+import { InternalServerErrorException, Logger, UnauthorizedException } from '@nestjs/common'
 import KeycloakConnect, { Grant } from 'keycloak-connect'
 import { KEYCLOAK_INSTANCE } from 'nest-keycloak-connect'
 import KeycloakAdminClient from '@keycloak/keycloak-admin-client'
@@ -23,6 +23,7 @@
 import { SendGridNotificationsProvider } from '../notifications/providers/notifications.sendgrid.provider'
 import { NotificationsProviderInterface } from '../notifications/providers/notifications.interface.providers'
 import { MarketingNotificationsModule } from '../notifications/notifications.module'
+import { PersonService } from '../person/person.service'
 
 jest.mock('@keycloak/keycloak-admin-client')
 
@@ -32,6 +33,7 @@
   let admin: KeycloakAdminClient
   let keycloak: KeycloakConnect.Keycloak
   let marketing: NotificationsProviderInterface<unknown>
+  let personService: PersonService
 
   const person: Person = {
     id: 'e43348aa-be33-4c12-80bf-2adfbf8736cd',
@@ -116,6 +118,7 @@
     admin = module.get<KeycloakAdminClient>(KeycloakAdminClient)
     marketing = module.get<NotificationsProviderInterface<never>>(NotificationsProviderInterface)
     keycloak = module.get<KeycloakConnect.Keycloak>(KEYCLOAK_INSTANCE)
+    personService = module.get<PersonService>(PersonService)
   })
 
   it('should be defined', () => {
@@ -501,4 +504,155 @@
       expect(marketingSpy).not.toHaveBeenCalled()
     })
   })
+
+  describe('deleteUser', () => {
+    const corporatePerson: any = {
+      id: 'e43348aa-be33-4c12-80bf-2adfbf8736cd',
+      firstName: 'Admin',
+      lastName: 'Dev',
+      companyId: null,
+      keycloakId: '123',
+      email: '[email protected]',
+      emailConfirmed: false,
+      phone: null,
+      picture: null,
+      createdAt: new Date('2021-10-07T13:38:11.097Z'),
+      updatedAt: new Date('2021-10-07T13:38:11.097Z'),
+      newsletter: false,
+      address: null,
+      birthday: null,
+      personalNumber: null,
+      stripeCustomerId: null,
+      profileEnabled: false,
+      beneficiaries: [],
+      organizer: null,
+    }
+
+    it('should delete user successfully', async () => {
+      const keycloakId = '123'
+
+      const personSpy = jest
+        .spyOn(personService, 'findOneByKeycloakId')
+        .mockResolvedValue(corporatePerson)
+
+      const authenticateAdminSpy = jest
+        .spyOn(service as any, 'authenticateAdmin')
+        .mockResolvedValueOnce('')
+
+      const adminDeleteSpy = jest.spyOn(admin.users, 'del').mockResolvedValueOnce()
+      const prismaDeleteSpy = jest.spyOn(prismaMock.person, 'delete').mockResolvedValueOnce(person)
+      const loggerLogSpy = jest.spyOn(Logger, 'log')
+
+      await expect(service.deleteUser(keycloakId)).resolves.not.toThrow()
+
+      expect(personSpy).toHaveBeenCalledOnce()
+      expect(authenticateAdminSpy).toHaveBeenCalledTimes(1)
+      expect(adminDeleteSpy).toHaveBeenCalledWith({ id: keycloakId })
+      expect(prismaDeleteSpy).toHaveBeenCalledWith({ where: { keycloakId } })
+      expect(loggerLogSpy).toHaveBeenCalledWith(
+        `User with keycloak id ${keycloakId} was successfully deleted!`,
+      )
+    })
+
+    it('should handle admin client rejection', async () => {
+      const keycloakId = '123'
+
+      const personSpy = jest
+        .spyOn(personService, 'findOneByKeycloakId')
+        .mockResolvedValue(corporatePerson)
+
+      const authenticateAdminSpy = jest
+        .spyOn(service as any, 'authenticateAdmin')
+        .mockResolvedValueOnce('')
+
+      const adminDeleteSpy = jest
+        .spyOn(admin.users, 'del')
+        .mockRejectedValueOnce(new Error('Admin Client Rejection!'))
+
+      const loggerLogSpy = jest.spyOn(Logger, 'error')
+
+      await expect(service.deleteUser(keycloakId)).rejects.toThrow(InternalServerErrorException)
+
+      expect(personSpy).toHaveBeenCalledOnce()
+      expect(authenticateAdminSpy).toHaveBeenCalledTimes(1)
+      expect(adminDeleteSpy).toHaveBeenCalledWith({ id: keycloakId })
+      expect(loggerLogSpy).toHaveBeenCalledWith(
+        `Deleting user fails with reason: Admin Client Rejection!`,
+      )
+    })
+
+    it('should handle Prisma rejection', async () => {
+      const keycloakId = '123'
+      const personSpy = jest
+        .spyOn(personService, 'findOneByKeycloakId')
+        .mockResolvedValue(corporatePerson)
+
+      const authenticateAdminSpy = jest
+        .spyOn(service as any, 'authenticateAdmin')
+        .mockResolvedValueOnce('')
+
+      const adminDeleteSpy = jest.spyOn(admin.users, 'del').mockResolvedValueOnce()
+
+      const prismaDeleteSpy = jest
+        .spyOn(prismaMock.person, 'delete')
+        .mockRejectedValueOnce(new Error('Prisma Rejection!'))
+
+      const loggerLogSpy = jest.spyOn(Logger, 'error')
+
+      await expect(service.deleteUser(keycloakId)).rejects.toThrow(InternalServerErrorException)
+
+      expect(personSpy).toHaveBeenCalledOnce()
+      expect(authenticateAdminSpy).toHaveBeenCalledTimes(1)
+      expect(adminDeleteSpy).toHaveBeenCalledWith({ id: keycloakId })
+      expect(prismaDeleteSpy).toHaveBeenCalledWith({ where: { keycloakId } })
+      expect(loggerLogSpy).toHaveBeenCalledWith(
+        `Deleting user fails with reason: Prisma Rejection!`,
+      )
+    })
+
+    it('should throw when corporate user has beneficiaries', async () => {
+      corporatePerson.beneficiaries = [{ id: '123' } as Beneficiary]
+
+      const personSpy = jest
+        .spyOn(personService, 'findOneByKeycloakId')
+        .mockResolvedValue(corporatePerson)
+
+      await expect(service.deleteUser('123')).rejects.toThrow(InternalServerErrorException)
+      expect(personSpy).toHaveBeenCalledOnce()
+    })
+
+    it('should throw when user has company id', async () => {
+      corporatePerson.companyId = '123'
+
+      const personSpy = jest
+        .spyOn(personService, 'findOneByKeycloakId')
+        .mockResolvedValue(corporatePerson)
+
+      await expect(service.deleteUser('123')).rejects.toThrow(InternalServerErrorException)
+      expect(personSpy).toHaveBeenCalledOnce()
+    })
+
+    it('should throw when user is organizer', async () => {
+      corporatePerson.organizer = { id: '123' }
+      const personSpy = jest
+        .spyOn(personService, 'findOneByKeycloakId')
+        .mockResolvedValue(corporatePerson)
+
+      await expect(service.deleteUser('123')).rejects.toThrow(InternalServerErrorException)
+      expect(personSpy).toHaveBeenCalledOnce()
+    })
+
+    it('should throw when corporate user has companyId & beneficiaries & is organizer', async () => {
+      corporatePerson.companyId = '123'
+      corporatePerson.beneficiaries = [{ id: '123' } as Beneficiary]
+      corporatePerson.organizer = { id: '123' }
+
+      const personSpy = jest
+        .spyOn(personService, 'findOneByKeycloakId')
+        .mockResolvedValue(corporatePerson)
+
+      await expect(service.deleteUser('123')).rejects.toThrow(InternalServerErrorException)
+      expect(personSpy).toHaveBeenCalledOnce()
+    })
+  })
 })
diff --git a/apps/api/src/auth/auth.service.ts b/apps/api/src/auth/auth.service.ts
@@ -32,6 +32,7 @@ import { EmailService } from '../email/email.service'
 import { ForgottenPasswordMailDto } from '../email/template.interface'
 import { NewPasswordDto } from './dto/recovery-password.dto'
 import { MarketingNotificationsService } from '../notifications/notifications.service'
+import { PersonService } from '../person/person.service'
 
 type ErrorResponse = { error: string; data: unknown }
 type KeycloakErrorResponse = { error: string; error_description: string }
@@ -63,6 +64,7 @@ export class AuthService {
     private sendEmail: EmailService,
     @Inject(KEYCLOAK_INSTANCE) private keycloak: KeycloakConnect.Keycloak,
     private readonly marketingNotificationsService: MarketingNotificationsService,
+    private readonly personService: PersonService,
   ) {}
 
   async issueGrant(email: string, password: string): Promise<KeycloakConnect.Grant> {
@@ -426,4 +428,25 @@ export class AuthService {
           )
     }
   }
+
+  async deleteUser(keycloakId: string) {
+    const user = await this.personService.findOneByKeycloakId(keycloakId)
+
+    //Check and throw if user is a beneficiary, organizer or corporate profile
+    if (!!user && user.beneficiaries.length > 0 || user?.organizer || user?.companyId) {
+      throw new InternalServerErrorException(
+        'Cannot delete a beneficiary, organizer or corporate profile',
+      )
+    }
+
+    return this.authenticateAdmin()
+      .then(() => this.admin.users.del({ id: keycloakId }))
+      .then(() => this.prismaService.person.delete({ where: { keycloakId } }))
+      .then(() => Logger.log(`User with keycloak id ${keycloakId} was successfully deleted!`))
+      .catch((err) => {
+        const errorMessage = `Deleting user fails with reason: ${err.message ?? 'server error!'}`
+        Logger.error(errorMessage)
+        throw new InternalServerErrorException(errorMessage)
+      })
+  }
 }
diff --git a/apps/api/src/person/person.service.ts b/apps/api/src/person/person.service.ts
@@ -118,7 +118,14 @@ export class PersonService {
   }
 
   async findOneByKeycloakId(keycloakId: string) {
-    return await this.prisma.person.findFirst({ where: { keycloakId }, include: { company: true } })
+    return await this.prisma.person.findFirst({
+      where: { keycloakId },
+      include: {
+        company: true,
+        beneficiaries: { select: { id: true } },
+        organizer: { select: { id: true } },
+      },
+    })
   }
 
   async update(id: string, updatePersonDto: UpdatePersonDto) {