Merged with dev, resolved conflicts

ydahal1 · ydahal1 · commit b71b11b0aa8a · 2025-02-25T14:17:59.000-05:00
diff --git a/Tombolo/client-reactjs/src/components/admin/userManagement/ActionButton.jsx b/Tombolo/client-reactjs/src/components/admin/userManagement/ActionButton.jsx
@@ -44,7 +44,7 @@ const UserManagementActionButton = ({
           </Menu.Item>
           <Menu.Item key="3" disabled={selectedRows.length < 2}>
             <Popconfirm
-              title={`Are you sure you want to delete  selected ${selectedRows.length} users?. `}
+              title={`Are you sure you want to delete  selected ${selectedRows.length} users? `}
               okButtonProps={{ type: 'primary', danger: true }}
               okText="Delete"
               onConfirm={deleteSelected}>
diff --git a/Tombolo/server/controllers/authController.js b/Tombolo/server/controllers/authController.js
@@ -1133,7 +1133,6 @@ const requestAccess = async (req, res) => {
 
 // Resend verification code - user provides email
 const resendVerificationCode = async (req, res) => {
-  t;
   try {
     const { email } = req.body;
 
diff --git a/Tombolo/server/controllers/userController.js b/Tombolo/server/controllers/userController.js
@@ -15,6 +15,7 @@ const {
   setPreviousPasswords,
   generatePassword,
   sendAccountUnlockedEmail,
+  deleteUser: deleteUserUtil,
 } = require("../utils/authUtil");
 
 // Constants
@@ -30,11 +31,11 @@ const deleteUser = async (req, res) => {
   try {
     const { id } = req.params;
 
-    const deletedCount = await User.destroy({ where: { id } });
+    const deleted = await deleteUserUtil(id, "Admin Removal");
 
     // If deleted count is 0, user not found
-    if (deletedCount === 0) {
-      throw { status: 404, message: "User not found" };
+    if (!deleted) {
+      throw { status: 404, message: "Error Removing User." };
     }
 
     // User successfully deleted
@@ -226,14 +227,32 @@ const changePassword = async (req, res) => {
 const bulkDeleteUsers = async (req, res) => {
   try {
     const { ids } = req.body;
-    const deletedCount = await User.destroy({ where: { id: ids } });
 
-    // If deleted count is 0, user not found
-    if (deletedCount === 0) {
-      throw { status: 404, message: "Users not found" };
+    let deletedCount = 0;
+    let idsCount = ids.length;
+    // Loop through each user and delete
+    for (let id of ids) {
+      const deleted = await deleteUserUtil(id, "Admin Removal");
+      if (deleted) {
+        deletedCount++;
+      }
     }
+
+    if (deletedCount !== idsCount) {
+      res.status(207).json({
+        success: false,
+        message: "Some users could not be deleted",
+        data: { deletedCount, idsCount },
+      });
+    }
+
+    res.status(200).json({
+      success: true,
+      message: "Users deleted successfully",
+      data: { deletedCount },
+    });
   } catch (err) {
-    logger.error(`Update user applications: ${err.message}`);
+    logger.error(`Bulk Delete Users: ${err.message}`);
     res
       .status(err.status || 500)
       .json({ success: false, message: err.message });
diff --git a/Tombolo/server/jobs/userManagement/accountDelete.js b/Tombolo/server/jobs/userManagement/accountDelete.js
@@ -5,8 +5,7 @@ const { v4: uuidv4 } = require("uuid");
 
 //Local Imports
 const models = require("../../models");
-const { trimURL, getSupportContactEmails } = require("../../utils/authUtil");
-const { trim } = require("lodash");
+const { trimURL, deleteUser } = require("../../utils/authUtil");
 
 // Constants
 const User = models.user;
@@ -201,15 +200,24 @@ const updateUserAndSendNotification = async (user, daysToExpiry, version) => {
         });
 
         // delete user account
-        // TODO -- Move user to archive table
-        await user.destroy();
+        const deleted = await deleteUser(userInternal.id, "Inactivity");
+        if (!deleted) {
+          parentPort &&
+            parentPort.postMessage({
+              level: "error",
+              text:
+                "Failed to delete userwith email " +
+                userInternal.email +
+                ", due to inactivity.",
+            });
+        }
       }
     }
 
     parentPort &&
       parentPort.postMessage({
         level: "info",
-        text: "Account lock check job completed ...",
+        text: "Account Delete check job completed ...",
       });
   } catch (error) {
     parentPort &&
diff --git a/Tombolo/server/jobs/userManagement/removeUnverifiedUsers.js b/Tombolo/server/jobs/userManagement/removeUnverifiedUsers.js
@@ -1,6 +1,7 @@
 // imports
 const { parentPort } = require("worker_threads");
 const { Op } = require("sequelize");
+const { deleteUser } = require("../../utils/authUtil");
 
 
 //Local Imports
@@ -27,7 +28,7 @@ const { user} = models;
     parentPort && parentPort.postMessage({level: "info", text : `Number of unverified users to be removed: ${unverifiedUsers.length}`});
 
     for (const user of unverifiedUsers) {
-      await user.destroy();
+      await deleteUser(user.id, "unverified user deleted by system");
     }
 
     parentPort && parentPort.postMessage({level: "info", text : "Job to remove unverified user completed ..."});
diff --git a/Tombolo/server/migrations/20250219847293-create-user_archive.js b/Tombolo/server/migrations/20250219847293-create-user_archive.js
@@ -0,0 +1,97 @@
+"use strict";
+
+module.exports = {
+  up: async (queryInterface, Sequelize) => {
+    await queryInterface.createTable("user_archive", {
+      id: {
+        primaryKey: true,
+        type: Sequelize.UUID,
+        defaultValue: Sequelize.UUIDV4,
+        allowNull: false,
+      },
+      removedBy: {
+        type: Sequelize.STRING,
+        allowNull: false,
+      },
+      removedAt: {
+        type: Sequelize.DATE,
+        allowNull: false,
+      },
+      firstName: {
+        type: Sequelize.STRING,
+        allowNull: false,
+      },
+      lastName: {
+        type: Sequelize.STRING,
+        allowNull: false,
+      },
+      email: {
+        type: Sequelize.STRING,
+        allowNull: false,
+        validate: {
+          isEmail: true,
+        },
+      },
+      registrationMethod: {
+        type: Sequelize.STRING,
+        allowNull: false,
+        validate: {
+          isIn: [["traditional", "microsoft"]],
+        },
+      },
+      verifiedUser: {
+        type: Sequelize.BOOLEAN,
+        allowNull: false,
+        defaultValue: false,
+      },
+      verifiedAt: {
+        type: Sequelize.DATE,
+        allowNull: true,
+      },
+      registrationStatus: {
+        type: Sequelize.STRING,
+        allowNull: false,
+        validate: {
+          isIn: [["pending", "active", "revoked"]],
+        },
+      },
+      forcePasswordReset: {
+        type: Sequelize.BOOLEAN,
+        allowNull: false,
+        defaultValue: false,
+      },
+      passwordExpiresAt: {
+        type: Sequelize.DATE,
+        allowNull: true,
+      },
+      lastLoginAt: {
+        type: Sequelize.DATE,
+        allowNull: true,
+      },
+      lastAccessedAt: {
+        type: Sequelize.DATE,
+        allowNull: true,
+      },
+      metaData: {
+        type: Sequelize.JSON,
+        defaultValue: {},
+        allowNull: true,
+      },
+      createdAt: {
+        allowNull: false,
+        type: Sequelize.DATE,
+      },
+      updatedAt: {
+        allowNull: false,
+        type: Sequelize.DATE,
+      },
+      deletedAt: {
+        type: Sequelize.DATE,
+        allowNull: true,
+      },
+    });
+  },
+  down: async (queryInterface, Sequelize) => {
+    await queryInterface.dropTable("users");
+  },
+};
diff --git a/Tombolo/server/models/user_archive.js b/Tombolo/server/models/user_archive.js
@@ -0,0 +1,90 @@
+"use strict";
+
+module.exports = (sequelize, DataTypes) => {
+  const userArchive = sequelize.define(
+    "userArchive",
+    {
+      id: {
+        primaryKey: true,
+        type: DataTypes.UUID,
+        defaultValue: DataTypes.UUIDV4,
+        allowNull: false,
+      },
+      removedBy: {
+        type: DataTypes.STRING,
+        allowNull: false,
+      },
+      removedAt: {
+        type: DataTypes.DATE,
+        allowNull: false,
+      },
+      firstName: {
+        type: DataTypes.STRING,
+        allowNull: false,
+      },
+      lastName: {
+        type: DataTypes.STRING,
+        allowNull: false,
+      },
+      email: {
+        type: DataTypes.STRING,
+        allowNull: false,
+        validate: {
+          isEmail: true,
+        },
+      },
+      registrationMethod: {
+        type: DataTypes.STRING,
+        allowNull: false,
+        validate: {
+          isIn: [["traditional", "azure"]],
+        },
+      },
+      verifiedUser: {
+        type: DataTypes.BOOLEAN,
+        allowNull: false,
+        defaultValue: false,
+      },
+      verifiedAt: {
+        type: DataTypes.DATE,
+        allowNull: true,
+      },
+      registrationStatus: {
+        type: DataTypes.STRING,
+        allowNull: false,
+        defaultValue: "pending",
+        validate: {
+          isIn: [["pending", "active", "revoked"]], // Must be one of these values
+        },
+      },
+      forcePasswordReset: {
+        type: DataTypes.BOOLEAN,
+        allowNull: false,
+        defaultValue: false,
+      },
+      passwordExpiresAt: {
+        type: DataTypes.DATE,
+        allowNull: true,
+      },
+      lastLoginAt: {
+        type: DataTypes.DATE,
+        allowNull: true,
+      },
+      lastAccessedAt: {
+        type: DataTypes.DATE,
+        allowNull: true,
+      },
+      metaData: {
+        type: DataTypes.JSON,
+        defaultValue: {}, //put default value to avoid null conflicts
+        allowNull: true,
+      },
+    },
+    {
+      tableName: "user_archive",
+      timestamps: true,
+    }
+  );
+
+  return userArchive;
+};
diff --git a/Tombolo/server/utils/authUtil.js b/Tombolo/server/utils/authUtil.js
@@ -14,6 +14,7 @@ const bcrypt = require("bcryptjs");
 const User = model.user;
 const UserRoles = model.UserRoles;
 const RoleTypes = model.RoleTypes;
+const userArchive = model.userArchive;
 const user_application = model.user_application;
 const Application = model.application;
 const InstanceSettings = model.instance_settings;
@@ -495,6 +496,49 @@ const sendAccountUnlockedEmail = async ({
     createdBy: user.id,
   });
 };
+const deleteUser = async (id, reason) => {
+  try {
+    if (!reason || reason === "") {
+      throw new Error("Reason for deletion is required");
+    }
+
+    //get user
+    const user = await User.findByPk(id);
+
+    if (!user) {
+      throw new Error("User not found");
+    }
+
+    const removedAt = Date.now();
+    const removedBy = reason;
+
+    //remove hash from user
+    user.dataValues.hash = null;
+
+    const archivedUser = await userArchive.create({
+      ...user.dataValues,
+      removedAt,
+      removedBy,
+    });
+
+    if (!archivedUser) {
+      throw new Error("Failed to archive user");
+    }
+
+    //hard delete without paranoid
+    await User.destroy({
+      where: {
+        id: id,
+      },
+      force: true,
+    });
+
+    return true;
+  } catch (e) {
+    logger.error("Error while deleting user:" + e);
+    return false;
+  }
+};
 
 //Exports
 module.exports = {
@@ -517,4 +561,5 @@ module.exports = {
   setLastLoginAndReturn,
   handleInvalidLoginAttempt,
   sendAccountUnlockedEmail,
+  deleteUser,
 };
