✨ Add account deactivate (fixed #1350)

staart · Nov 9, 2020 · 48ba176 · 48ba176
1 parent dc1a370
commit 48ba176
Show file tree

Hide file tree

Showing 6 changed files with 24 additions and 5 deletions.
diff --git a/src/config/configuration.interface.ts b/src/config/configuration.interface.ts
@@ -23,6 +23,7 @@ export interface Configuration {
     accessTokenExpiry: string;
     passwordPwnedCheck: boolean;
     unusedRefreshTokenExpiryDays: number;
+    inactiveUserDeleteDays: number;
   };
 
   email: {

diff --git a/src/config/configuration.ts b/src/config/configuration.ts
@@ -28,6 +28,7 @@ const configuration: Configuration = {
     accessTokenExpiry: process.env.ACCESS_TOKEN_EXPIRY ?? '1h',
     passwordPwnedCheck: !!process.env.PASSWORD_PWNED_CHECK,
     unusedRefreshTokenExpiryDays: int(process.env.DELETE_EXPIRED_SESSIONS, 30),
+    inactiveUserDeleteDays: int(process.env.INACTIVE_USER_DELETE_DAYS, 30),
   },
   email: {
     name: process.env.EMAIL_NAME ?? 'Staart',

diff --git a/src/modules/api-keys/api-keys.service.ts b/src/modules/api-keys/api-keys.service.ts
@@ -360,7 +360,7 @@ export class ApiKeysService {
     const scopes: Record<string, string> = {};
     scopes[`read-info`] = 'Read user details';
     scopes[`write-info`] = 'Update user details';
-    scopes[`delete`] = 'Delete user';
+    scopes[`deactivate`] = 'Deactivate user';
 
     scopes[`write-membership-*`] = 'Create new groups';
     scopes[`read-membership-*`] = 'Read group memberships';

diff --git a/src/modules/tasks/tasks.service.ts b/src/modules/tasks/tasks.service.ts
@@ -24,4 +24,20 @@ export class TasksService {
     if (deleted.count)
       this.logger.debug(`Deleted ${deleted.count} expired sessions`);
   }
+
+  @Cron(CronExpression.EVERY_DAY_AT_2PM)
+  async deleteInactiveUsers() {
+    const now = new Date();
+    const inactiveUserDeleteDays =
+      this.configService.get<number>('security.inactiveUserDeleteDays') ?? 30;
+    now.setDate(now.getDate() - inactiveUserDeleteDays);
+    const deleted = await this.prisma.users.deleteMany({
+      where: {
+        active: false,
+        sessions: { every: { updatedAt: { lte: now } } },
+      },
+    });
+    if (deleted.count)
+      this.logger.debug(`Deleted ${deleted.count} inactive users`);
+  }
 }
diff --git a/src/modules/users/users.controller.ts b/src/modules/users/users.controller.ts
@@ -52,9 +52,9 @@ export class UserController {
   }
 
   @Delete(':id')
-  @Scopes('user-{id}:delete')
+  @Scopes('user-{id}:deactivate')
   async remove(@Param('id', ParseIntPipe) id: number): Promise<Expose<users>> {
-    return this.usersService.deleteUser(Number(id));
+    return this.usersService.deactivateUser(Number(id));
   }
 
   @Post(':id/merge-request')

diff --git a/src/modules/users/users.service.ts b/src/modules/users/users.service.ts
@@ -103,9 +103,10 @@ export class UsersService {
     return this.prisma.expose<users>(user);
   }
 
-  async deleteUser(id: number): Promise<Expose<users>> {
-    const user = await this.prisma.users.delete({
+  async deactivateUser(id: number): Promise<Expose<users>> {
+    const user = await this.prisma.users.update({
       where: { id },
+      data: { active: false },
     });
     return this.prisma.expose<users>(user);
   }