Merge pull request #116 from julialawrence/feature/prevent-deletion-o…

…f-jutice-gov-users-and-groups Excluding EntraID users and groups from deletion
ministryofjustice · Aug 5, 2024 · 573b138 · 573b138
2 parents 15d4c49 + 7db4e3d
commit 573b138
Show file tree

Hide file tree

Showing 2 changed files with 13 additions and 1 deletion.
diff --git a/.gitignore b/.gitignore
@@ -1,4 +1,5 @@
 .env
 node_modules
 function.zip
-.terraform
+.terraform
+**/**.vscode
diff --git a/function/utilities.js b/function/utilities.js
@@ -300,6 +300,17 @@ async function sync (type, payload) {
 
   if (payload.delete.length) {
     for (const needsDeleting of payload.delete) {
+      // Don't delete users that end with '@justice.gov.uk' [EntraID emails]
+      if (type === 'users' && needsDeleting.name && needsDeleting.name.endsWith('@justice.gov.uk')) {
+        console.log(`Skipping deletion of user with email: ${needsDeleting.name}`)
+        continue;
+      }
+
+      // Don't delete groups that start with 'entraid-aws-identitycenter-' [EntraID groups]
+      if (type === 'groups' && needsDeleting.name && needsDeleting.name.startsWith('entraid-aws-identitycenter-')) {
+        console.log(`Skipping deletion of group with name: ${needsDeleting.name}`)
+        continue;
+      }
       const parameters = generateParametersForTypeAction(type, 'delete', needsDeleting)
 
       console.log(generateMessage('delete', type, needsDeleting, JSON.stringify(parameters)))