Handle date_deletion_requested in user-modified webhook D10139

2021-01-20 10:43:11 +01:00
parent b6127c736d
commit 6b835e74f1
2 changed files with 65 additions and 0 deletions
--- a/cloud/webhooks.py
+++ b/cloud/webhooks.py
@@ -117,6 +117,10 @@ def insert_or_fetch_user(wh_payload: dict) -> typing.Optional[dict]:
        my_log.debug('found user %s', db_user['email'])
        return db_user

+    if wh_payload.get('date_deletion_requested'):
+        my_log.info('Received update for a deleted user %s, not creating', bid_str)
+        return None
+
    # Pretend to create the user, so that we can inspect the resulting
    # capabilities. This is more future-proof than looking at the list
    # of roles in the webhook payload.
@@ -181,6 +185,10 @@ def user_modified():
        my_log.info('Received update for unknown user %r', payload['old_email'])
        return '', 204

+    if payload.get('date_deletion_requested'):
+        delete_user(db_user, payload)
+        return '', 204
+
    # Use direct database updates to change the email and full name.
    # Also updates the db_user dict so that local_user below will have
    # the updated information.
@@ -219,3 +227,37 @@ def user_modified():
    subscription.do_update_subscription(local_user, payload)

    return '', 204
+
+
+def delete_user(db_user, payload):
+    """Handle deletion request coming from BID."""
+    my_log = log.getChild('delete_user')
+    date_deletion_requested = payload['date_deletion_requested']
+    bid_str = str(payload['id'])
+    local_id = db_user['_id']
+    my_log.info(
+        'User %s with BID=%s requested deletion on %s, soft-deleting the user',
+        local_id, bid_str, date_deletion_requested,
+    )
+    # Delete all session tokens linked to this user
+    token_coll = current_app.db('tokens')
+    delete_res = token_coll.delete_many({'user': local_id})
+    my_log.info('Deleted %s session tokens of user %s', delete_res.deleted_count, local_id)
+
+    # Soft-delete the user and clear their PII
+    users_coll = current_app.db('users')
+    updates = {
+        '_deleted': True,
+        'email': None,
+        'full_name': None,
+        'username': None,
+        'auth': [],
+    }
+    update_res = users_coll.update_one({'_id': local_id}, {'$set': updates})
+    if update_res.matched_count != 1:
+        my_log.error(
+            'Soft-deleted %s users %s with BID=%s',
+            update_res.matched_count, local_id, bid_str,
+        )
+    else:
+        my_log.warning('Soft-deleted user %s with BID=%s', local_id, bid_str)