From 3e174c4c953395ddb55b51bf82e0fbb3888051aa Mon Sep 17 00:00:00 2001
From: julialawrence <julia.lawrence@digital.justice.gov.uk>
Date: Mon, 5 Aug 2024 14:41:08 +0100
Subject: [PATCH 1/2] Excluding EntraID users and groups from deletion

---
 .gitignore            |  3 ++-
 function/utilities.js | 11 +++++++++++
 2 files changed, 13 insertions(+), 1 deletion(-)

diff --git a/.gitignore b/.gitignore
index c413989..ef207a3 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,4 +1,5 @@
 .env
 node_modules
 function.zip
-.terraform
\ No newline at end of file
+.terraform
+**/**.vscode
\ No newline at end of file
diff --git a/function/utilities.js b/function/utilities.js
index 8de1dd5..6dc2427 100644
--- a/function/utilities.js
+++ b/function/utilities.js
@@ -300,6 +300,17 @@ async function sync (type, payload) {
 
   if (payload.delete.length) {
     for (const needsDeleting of payload.delete) {
+      // Don't delete emails that end with '@justice.gov.uk' [EntraID emails]
+      if (type === 'users' && needsDeleting.email && needsDeleting.email.endsWith('@justice.gov.uk')) {
+        console.log(`Skipping deletion of user with email: ${needsDeleting.email}`)
+        continue;
+      }
+
+      // Don't delete groups that start with 'entraid-aws-identitycenter-' [EntraID groups]
+      if (type === 'groups' && needsDeleting.name && needsDeleting.name.startsWith('entraid-aws-identitycenter-')) {
+        console.log(`Skipping deletion of group with name: ${needsDeleting.name}`)
+        continue;
+      }
       const parameters = generateParametersForTypeAction(type, 'delete', needsDeleting)
 
       console.log(generateMessage('delete', type, needsDeleting, JSON.stringify(parameters)))

From 7db4e3d46d05ac2f0b2859ba38a1f2195c7139e0 Mon Sep 17 00:00:00 2001
From: julialawrence <julia.lawrence@digital.justice.gov.uk>
Date: Mon, 5 Aug 2024 15:36:43 +0100
Subject: [PATCH 2/2] Fixing field reference for users

---
 function/utilities.js | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/function/utilities.js b/function/utilities.js
index 6dc2427..e2e945b 100644
--- a/function/utilities.js
+++ b/function/utilities.js
@@ -300,9 +300,9 @@ async function sync (type, payload) {
 
   if (payload.delete.length) {
     for (const needsDeleting of payload.delete) {
-      // Don't delete emails that end with '@justice.gov.uk' [EntraID emails]
-      if (type === 'users' && needsDeleting.email && needsDeleting.email.endsWith('@justice.gov.uk')) {
-        console.log(`Skipping deletion of user with email: ${needsDeleting.email}`)
+      // Don't delete users that end with '@justice.gov.uk' [EntraID emails]
+      if (type === 'users' && needsDeleting.name && needsDeleting.name.endsWith('@justice.gov.uk')) {
+        console.log(`Skipping deletion of user with email: ${needsDeleting.name}`)
         continue;
       }