feat: remove user (#812)

* feat: remove user * feat: handle delete state on user by id * feat: handle delete state on project by id
2025-08-12 03:57:32 +00:00 · 2020-10-07 08:16:42 +02:00
parent 8278efc131
commit 9ad547185c
35 changed files with 232 additions and 18 deletions
--- a/internal/user/repository/eventsourcing/eventstore.go
+++ b/internal/user/repository/eventsourcing/eventstore.go
@@ -104,6 +104,9 @@ func (es *UserEventstore) UserByID(ctx context.Context, id string) (*usr_model.U
 	if err != nil && caos_errs.IsNotFound(err) && user.Sequence == 0 {
 		return nil, err
 	}
+	if user.State == int32(usr_model.UserStateDeleted) {
+		return nil, caos_errs.ThrowNotFound(nil, "EVENT-6hsK9", "Errors.User.NotFound")
+	}
 	es.userCache.cacheUser(user)
 	return model.UserToModel(user), nil
 }
@@ -323,6 +326,28 @@ func (es *UserEventstore) UnlockUser(ctx context.Context, id string) (*usr_model
 	return model.UserToModel(repoUser), nil
 }

+func (es *UserEventstore) PrepareRemoveUser(ctx context.Context, id string, orgIamPolicy *org_model.OrgIAMPolicy) (*model.User, []*es_models.Aggregate, error) {
+	user, err := es.UserByID(ctx, id)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	repoUser := model.UserFromModel(user)
+	aggregate, err := UserRemoveAggregate(ctx, es.AggregateCreator(), repoUser, orgIamPolicy.UserLoginMustBeDomain)
+	if err != nil {
+		return nil, nil, err
+	}
+	return repoUser, aggregate, nil
+}
+
+func (es *UserEventstore) RemoveUser(ctx context.Context, id string, orgIamPolicy *org_model.OrgIAMPolicy) error {
+	repoUser, aggregate, err := es.PrepareRemoveUser(ctx, id, orgIamPolicy)
+	if err != nil {
+		return err
+	}
+	return es_sdk.PushAggregates(ctx, es.PushAggregates, repoUser.AppendEvents, aggregate...)
+}
+
 func (es *UserEventstore) UserChanges(ctx context.Context, id string, lastSequence uint64, limit uint64, sortAscending bool) (*usr_model.UserChanges, error) {
 	query := ChangesQuery(id, lastSequence, limit, sortAscending)

--- a/internal/user/repository/eventsourcing/model/user.go
+++ b/internal/user/repository/eventsourcing/model/user.go
@@ -94,6 +94,8 @@ func (u *User) AppendEvent(event *es_models.Event) error {
 		u.appendLockedEvent()
 	case UserUnlocked:
 		u.appendUnlockedEvent()
+	case UserRemoved:
+		u.appendRemovedEvent()
 	}

 	if u.Human != nil {
@@ -138,3 +140,7 @@ func (u *User) appendLockedEvent() {
 func (u *User) appendUnlockedEvent() {
 	u.State = int32(model.UserStateActive)
 }
+
+func (u *User) appendRemovedEvent() {
+	u.State = int32(model.UserStateDeleted)
+}
--- a/internal/user/repository/eventsourcing/user.go
+++ b/internal/user/repository/eventsourcing/user.go
@@ -282,7 +282,7 @@ func releasedUniqueUserNameAggregate(ctx context.Context, aggCreator *es_models.
 		return nil, err
 	}

-	return aggregate.SetPrecondition(UserUserNameUniqueQuery(uniqueUserName), isEventValidation(aggregate, model.UserUserNameReserved)), nil
+	return aggregate.SetPrecondition(UserUserNameUniqueQuery(uniqueUserName), isEventValidation(aggregate, model.UserUserNameReleased)), nil
 }

 func changeUniqueUserNameAggregate(ctx context.Context, aggCreator *es_models.AggregateCreator, resourceOwner, oldUsername, username string, userLoginMustBeDomain bool) ([]*es_models.Aggregate, error) {
@@ -315,6 +315,25 @@ func UserUnlockAggregate(aggCreator *es_models.AggregateCreator, user *model.Use
 	return userStateAggregate(aggCreator, user, model.UserUnlocked)
 }

+func UserRemoveAggregate(ctx context.Context, aggCreator *es_models.AggregateCreator, user *model.User, userLoginMustBeDomain bool) ([]*es_models.Aggregate, error) {
+	agg, err := UserAggregate(ctx, aggCreator, user)
+	if err != nil {
+		return nil, err
+	}
+	agg, err = agg.AppendEvent(model.UserRemoved, nil)
+	if err != nil {
+		return nil, err
+	}
+	uniqueAgg, err := releasedUniqueUserNameAggregate(ctx, aggCreator, user.ResourceOwner, user.UserName, userLoginMustBeDomain)
+	if err != nil {
+		return nil, err
+	}
+	return []*es_models.Aggregate{
+		agg,
+		uniqueAgg,
+	}, nil
+}
+
 func userStateAggregate(aggCreator *es_models.AggregateCreator, user *model.User, state es_models.EventType) func(ctx context.Context) (*es_models.Aggregate, error) {
 	return func(ctx context.Context) (*es_models.Aggregate, error) {
 		agg, err := UserAggregate(ctx, aggCreator, user)
--- a/internal/user/repository/view/external_idp_view.go
+++ b/internal/user/repository/view/external_idp_view.go
@@ -115,3 +115,8 @@ func DeleteExternalIDP(db *gorm.DB, table, externalUserID, idpConfigID string) e
 	)
 	return delete(db)
 }
+
+func DeleteExternalIDPsByUserID(db *gorm.DB, table, userID string) error {
+	delete := repository.PrepareDeleteByKey(table, model.ExternalIDPSearchKey(usr_model.ExternalIDPSearchKeyUserID), userID)
+	return delete(db)
+}
--- a/internal/user/repository/view/model/user.go
+++ b/internal/user/repository/view/model/user.go
@@ -206,6 +206,8 @@ func (u *UserView) AppendEvent(event *models.Event) (err error) {
 			return err
 		}
 		err = u.setPasswordData(event)
+	case es_model.UserRemoved:
+		u.State = int32(model.UserStateDeleted)
 	case es_model.UserPasswordChanged,
 		es_model.HumanPasswordChanged:
 		err = u.setPasswordData(event)
--- a/internal/user/repository/view/usermembership_view.go
+++ b/internal/user/repository/view/usermembership_view.go
@@ -78,3 +78,8 @@ func DeleteUserMembership(db *gorm.DB, table, userID, aggregateID, objectID stri
 	)
 	return delete(db)
 }
+
+func DeleteUserMembershipsByUserID(db *gorm.DB, table, userID string) error {
+	delete := repository.PrepareDeleteByKey(table, model.UserMembershipSearchKey(usr_model.UserMembershipSearchKeyUserID), userID)
+	return delete(db)
+}