Request account removal

microsetta_private_api/admin/admin_impl.py

@@ -35,6 +35,7 @@
 from werkzeug.exceptions import Unauthorized
 from microsetta_private_api.qiita import qclient
 from microsetta_private_api.repo.interested_user_repo import InterestedUserRepo
+from microsetta_private_api.repo.removal_queue_repo import RemovalQueueRepo
 
 
 def search_barcode(token_info, sample_barcode):
@@ -614,6 +615,15 @@ def list_campaigns(token_info):
     return jsonify(campaigns), 200
 
 
+def list_removal_queue(token_info):
+    validate_admin_access(token_info)
+
+    with Transaction() as t:
+        repo = RemovalQueueRepo(t)
+        requests = repo.get_all_account_removal_requests()
+    return jsonify(requests), 200
+
+
 def post_campaign_information(body, token_info):
     validate_admin_access(token_info)
 
@@ -853,6 +863,40 @@ def delete_account(account_id, token_info):
     return None, 204
 
 
+def ignore_removal_request(account_id, token_info):
+    validate_admin_access(token_info)
+
+    with Transaction() as t:
+        rq_repo = RemovalQueueRepo(t)
+        try:
+            # remove the user from the queue, noting the admin who allowed it
+            # and the time the action was performed.
+            rq_repo.update_queue(account_id, token_info['email'], 'ignored')
+            t.commit()
+        except RepoException as e:
+            raise e
+
+    return None, 204
+
+
+def allow_removal_request(account_id, token_info):
+    validate_admin_access(token_info)
+
+    with Transaction() as t:
+        rq_repo = RemovalQueueRepo(t)
+
+        try:
+            # remove the user from the queue, noting the admin who allowed it
+            # and the time the action was performed.
+            rq_repo.update_queue(account_id, token_info['email'], 'deleted')
+            t.commit()
+        except RepoException as e:
+            raise e
+
+        # delete the user
+        return delete_account(account_id, token_info)
+
+
 def get_vioscreen_sample_to_user(token_info):
     validate_admin_access(token_info)
     with Transaction() as t:

microsetta_private_api/api/__init__.py

@@ -3,6 +3,12 @@
     read_account, update_account, check_email_match, _verify_jwt,
     _verify_jwt_mock
 )
+
+from ._removal_queue import (
+    check_request_remove_account, request_remove_account,
+    cancel_request_remove_account
+)
+
 from ._consent import (
     render_consent_doc,
     check_consent_signature,
@@ -69,6 +75,9 @@
     'read_account',
     'update_account',
     'check_email_match',
+    'request_remove_account',
+    'cancel_request_remove_account',
+    'check_request_remove_account',
     'render_consent_doc',
     'create_source',
     'read_source',

microsetta_private_api/api/_account.py

@@ -1,11 +1,8 @@
 import uuid
-
 import jwt
 from flask import jsonify
 from jwt import InvalidTokenError
-
 from werkzeug.exceptions import Unauthorized, Forbidden, NotFound
-
 from microsetta_private_api.api.literals import AUTHROCKET_PUB_KEY, \
     INVALID_TOKEN_MSG, JWT_ISS_CLAIM_KEY, JWT_SUB_CLAIM_KEY, \
     JWT_EMAIL_CLAIM_KEY, ACCT_NOT_FOUND_MSG, CRONJOB_PUB_KEY

microsetta_private_api/api/_removal_queue.py

@@ -0,0 +1,39 @@
+from flask import jsonify
+from microsetta_private_api.repo.transaction import Transaction
+from microsetta_private_api.repo.removal_queue_repo import RemovalQueueRepo
+from microsetta_private_api.api._account import _validate_account_access
+
+
+def check_request_remove_account(account_id, token_info):
+    # raises 401 if method fails
+    _validate_account_access(token_info, account_id)
+
+    with Transaction() as t:
+        rq_repo = RemovalQueueRepo(t)
+        status = rq_repo.check_request_remove_account(account_id)
+        result = {'account_id': account_id, 'status': status}
+        return jsonify(result), 200
+
+
+def request_remove_account(account_id, token_info):
+    # raises 401 if method fails
+    _validate_account_access(token_info, account_id)
+
+    with Transaction() as t:
+        rq_repo = RemovalQueueRepo(t)
+        rq_repo.request_remove_account(account_id)
+        t.commit()
+
+    return jsonify(code=200, message="Request Accepted"), 200
+
+
+def cancel_request_remove_account(account_id, token_info):
+    # raises 401 if method fails
+    _validate_account_access(token_info, account_id)
+
+    with Transaction() as t:
+        rq_repo = RemovalQueueRepo(t)
+        rq_repo.cancel_request_remove_account(account_id)
+        t.commit()
+
+    return jsonify(code=200, message="Request Accepted"), 200

microsetta_private_api/api/microsetta_private_api.yaml

@@ -168,6 +168,51 @@ paths:
         '422':
           $ref: '#/components/responses/422UnprocessableEntity'
 
+  '/accounts/{account_id}/removal_queue':
+    get:
+      operationId: microsetta_private_api.api.check_request_remove_account
+      tags:
+        - Account
+      summary: Verify user requested account to be removed
+      description: Verify user requested account to be removed
+      parameters:
+        - $ref: '#/components/parameters/account_id'
+      responses:
+        '200':
+          description: Successfully requested for removal request status
+        '401':
+          $ref: '#/components/responses/401Unauthorized'
+    put:
+      operationId: microsetta_private_api.api.request_remove_account
+      tags:
+        - Account
+      summary: Request account to be removed
+      description: Request account to be removed
+      parameters:
+        - $ref: '#/components/parameters/account_id'
+      responses:
+        '200':
+          description: Successfully requested for account to be removed
+        '401':
+          $ref: '#/components/responses/401Unauthorized'
+        '422':
+          $ref: '#/components/responses/422UnprocessableEntity'
+    delete:
+        operationId: microsetta_private_api.api.cancel_request_remove_account
+        tags:
+          - Account
+        summary: Cancel request for account to be removed
+        description: Cancel request for account to be removed
+        parameters:
+          - $ref: '#/components/parameters/account_id'
+        responses:
+          '200':
+            description: Successfully canceled request
+          '401':
+            $ref: '#/components/responses/401Unauthorized'
+          '422':
+            $ref: '#/components/responses/422UnprocessableEntity'
+
   '/accounts/{account_id}/check_duplicate_source':
     post:
       operationId: microsetta_private_api.api.check_duplicate_source_name
@@ -2128,6 +2173,51 @@ paths:
         '401':
           $ref: '#/components/responses/401Unauthorized'
 
+  '/admin/account_removal/{account_id}':
+    put:
+      operationId: microsetta_private_api.admin.admin_impl.ignore_removal_request
+      tags:
+        - Admin
+      parameters:
+        - $ref: '#/components/parameters/account_id'
+      responses:
+        '200':
+          description: Removes account from queue w/out deleting it.
+          content:
+            application/json:
+              schema:
+                type: array
+    delete:
+      operationId: microsetta_private_api.admin.admin_impl.allow_removal_request
+      tags:
+        - Admin
+      parameters:
+        - $ref: '#/components/parameters/account_id'
+      responses:
+        '200':
+          description: Updates queue, log before calling delete_account()
+          content:
+            application/json:
+              schema:
+                type: array
+
+  '/admin/account_removal/list':
+    get:
+      operationId: microsetta_private_api.admin.admin_impl.list_removal_queue
+      tags:
+        - Admin
+      summary: Return a list of all account removal requests
+      description: Return a list of all account removal requests
+      responses:
+        '200':
+          description: Array of account removal requests
+          content:
+            application/json:
+              schema:
+                type: array
+        '401':
+          $ref: '#/components/responses/401Unauthorized'
+
   '/admin/scan/{sample_barcode}':
     post:
       # Note: We might want to be able to differentiate system administrator operations