Merge pull request #826 from Arnthorny/feat/delete-all-invite-links

feat: endpoint to delete all invites (superadmin)
hngprojects · Aug 8, 2024 · acc6fab · acc6fab
2 parents 8271bfd + 1e33786
commit acc6fab
Show file tree

Hide file tree

Showing 4 changed files with 105 additions and 139 deletions.
diff --git a/api/v1/routes/invitations.py b/api/v1/routes/invitations.py
@@ -41,6 +41,25 @@ async def add_user_to_organization(
     logging.info(f"Processing invitation ID: {invite_id}")
 
     return invite.InviteService.add_user_to_organization(invite_id, session)
+
+
+@invites.delete("", status_code=status.HTTP_204_NO_CONTENT)
+def delete_all_invite(
+    db: Session = Depends(get_session), 
+    admin: User = Depends(user_service.get_current_super_admin)
+):
+    """Delete all invitations from the database
+
+    Args:
+        db (Session, optional): _description_. Defaults to Depends(get_session).
+        admin (User, optional): _description_. Defaults to Depends(user_service.get_current_super_admin).
+    """    
+    print("Deleting all invites")
+    invite.InviteService.delete_all(db)
+
+    logging.info("Deleted all invites successfully")
+
+
 @invites.delete("/{invite_id}", status_code=status.HTTP_204_NO_CONTENT)
 def delete_invite(
     invite_id: str,
@@ -53,14 +72,4 @@ def delete_invite(
     if not invite_is_deleted:
         raise HTTPException(status_code=404, detail="Invalid invitation id")
 
-    logging.info(f"Deleted invite. ID: {invite_id}")
-
-@invites.delete("/{id}", status_code=status.HTTP_204_NO_CONTENT,response_model=None,tags=["Invitation Management"])
-def delete_invitation(
-    id: str, 
-    db: Session = Depends(get_session),
-    current_user: User = Depends(user_service.get_current_super_admin)
-    ):
-    '''Delete invitation from the database'''
-    invite.InviteService.delete_invitation(id, db)
-
+    logging.info(f"Deleted invite. ID: {invite_id}")
diff --git a/api/v1/services/invite.py b/api/v1/services/invite.py
@@ -172,24 +172,6 @@ def add_user_to_organization(invite_id: str, session: Session):
                 detail="An error occurred while adding the user to the organization"
             )
     @staticmethod
-    def delete_invitation(id: str, db: Session):
-        """Function to delete an invitation by its id
-        
-        Args:
-            session(Session): The current ORM session object.
-            id(str): Invite id string
-        """
-        invitation = db.query(Invitation).filter(Invitation.id == id).first()
-        if invitation:
-            try:
-                db.delete(invitation)
-                db.commit()
-            except Exception as e:
-                db.rollback()
-                raise HTTPException(status_code=500, detail="An unexpected error occurred: " + str(e))
-        else:
-            raise HTTPException(status_code=404, detail="Invitation not found")
-
     def delete(session: Session, id: str):
         """Function to delete invite link
         
@@ -211,6 +193,22 @@ def delete(session: Session, id: str):
         session.commit()
         return True
 
+    @staticmethod
+    def delete_all(session: Session):
+        """Function to delete all invite links
+        
+        Args:
+            session(Session): The current ORM session object.
+            id(str): Invite id string
+        
+        """
+        all_invites = session.query(Invitation).all()
+
+        for invite in all_invites:
+            session.delete(invite)
+
+        session.commit()
+
     def fetch(self):
         pass
 

diff --git a/tests/v1/invitation/test_delete_all_invitations.py b/tests/v1/invitation/test_delete_all_invitations.py
@@ -0,0 +1,69 @@
+# Dependencies:
+# pip install pytest-mock
+import pytest
+from unittest.mock import patch, MagicMock
+from fastapi.testclient import TestClient
+from main import app
+from api.v1.services.user import user_service
+from api.db.database import get_db
+from sqlalchemy.orm import Session
+from api.v1.services.user import oauth2_scheme
+
+from api.v1.services.invite import InviteService
+from sqlalchemy.orm import Session
+
+
+db_mck = MagicMock(spec=Session)
+def mock_deps():
+    return MagicMock(id="user_id")
+
+def mock_oauth():
+    return 'access_token'
+
+def mock_db():
+    return db_mck
+
+@pytest.fixture
+def client():
+    client = TestClient(app)
+    yield client
+
+DELETE_ENDPOINT = "/api/v1/invite"
+class TestDeleteAllInvite:
+    @classmethod
+    def setup_class(cls):
+        app.dependency_overrides[user_service.get_current_super_admin] = mock_deps
+        app.dependency_overrides[get_db] = mock_db
+
+    @classmethod
+    def teardown_class(cls):
+        app.dependency_overrides = {}
+
+
+    # Successfully delete all invitations when called by a super admin
+    def test_delete_all_invite_success(self, mocker, client):
+
+        mocker.patch.object(InviteService, 'delete_all')
+        response = client.delete(DELETE_ENDPOINT)
+
+        InviteService.delete_all.assert_called_once_with(db_mck)
+        assert response.status_code == 204
+
+        # Handling unauthorized request
+    def test_delete_all_invite_unauth(self, client):
+        app.dependency_overrides = {}
+
+        response = client.delete(DELETE_ENDPOINT)
+        assert response.status_code == 401
+        assert response.json()['message'] == 'Not authenticated'
+
+  # Handling forbidden request
+    def test_delete_all_invite_forbidden(self, client):
+        app.dependency_overrides = {}
+        app.dependency_overrides[get_db] = mock_db
+        app.dependency_overrides[oauth2_scheme] = mock_oauth
+
+        with patch('api.v1.services.user.user_service.get_current_user', return_value=MagicMock(is_super_admin=False)) as cu:
+            response = client.delete(DELETE_ENDPOINT)
+            assert response.status_code == 403
+            assert response.json()['message'] == 'You do not have permission to access this resource'
diff --git a/tests/v1/invitation/test_delete_invite.py b/tests/v1/invitation/test_delete_invite.py