Add endpoint to archive a user

This archives a user if their state is 'active'.
2025-12-21 16:01:15 -05:00 · 2019-05-21 15:59:23 +01:00
parent bef24408d0
commit ffcd731a68
2 changed files with 49 additions and 1 deletions
--- a/app/user/rest.py
+++ b/app/user/rest.py
@@ -21,7 +21,8 @@ from app.dao.users_dao import (
    save_user_attribute,
    update_user_password,
    count_user_verify_codes,
-    get_user_and_accounts
+    get_user_and_accounts,
+    dao_archive_user,
 )
 from app.dao.permissions_dao import permission_dao
 from app.dao.service_user_dao import dao_get_service_user, dao_update_service_user
@@ -128,6 +129,14 @@ def update_user_attribute(user_id):
    return jsonify(data=user_to_update.serialize()), 200


+@user_blueprint.route('/<uuid:user_id>/archive', methods=['POST'])
+def archive_user(user_id):
+    user = get_user_by_id(user_id)
+    dao_archive_user(user)
+
+    return '', 204
+
+
@user_blueprint.route('/<uuid:user_id>/activate', methods=['POST'])
 def activate_user(user_id):
    user = get_user_by_id(user_id=user_id)
--- a/tests/app/user/test_rest.py
+++ b/tests/app/user/test_rest.py
@@ -309,6 +309,45 @@ def test_post_user_attribute_with_updated_by(
        mock_persist_notification.assert_not_called()


+def test_archive_user(mocker, client, sample_user):
+    archive_mock = mocker.patch('app.user.rest.dao_archive_user')
+
+    response = client.post(
+        url_for('user.archive_user', user_id=sample_user.id),
+        headers=[create_authorization_header()]
+    )
+
+    assert response.status_code == 204
+    archive_mock.assert_called_once_with(sample_user)
+
+
+def test_archive_user_when_user_does_not_exist_gives_404(mocker, client, fake_uuid, notify_db_session):
+    archive_mock = mocker.patch('app.user.rest.dao_archive_user')
+
+    response = client.post(
+        url_for('user.archive_user', user_id=fake_uuid),
+        headers=[create_authorization_header()]
+    )
+
+    assert response.status_code == 404
+    archive_mock.assert_not_called()
+
+
+def test_archive_user_when_user_cannot_be_archived(mocker, client, sample_user):
+    mocker.patch('app.dao.users_dao.user_can_be_archived', return_value=False)
+
+    response = client.post(
+        url_for('user.archive_user', user_id=sample_user.id),
+        headers=[create_authorization_header()]
+    )
+    json_resp = json.loads(response.get_data(as_text=True))
+
+    msg = "User can’t be removed from a service - check all services have another team member with manage_settings"
+
+    assert response.status_code == 400
+    assert json_resp['message'] == msg
+
+
 def test_get_user_by_email(client, sample_service):
    sample_user = sample_service.users[0]
    header = create_authorization_header()