[PM-13013] add delete many async method to i user repository and i user service for bulk user deletion (#5035)

* Add DeleteManyAsync method and stored procedure * Add DeleteManyAsync and tests * removed stored procedure, refactor User_DeleteById to accept multiple Ids * add sproc, refactor tests * revert existing sproc * add bulk delete to IUserService * fix sproc * fix and add tests * add migration script, fix test * Add feature flag * add feature flag to tests for deleteManyAsync * enable nullable, delete only user that pass validation * revert changes to DeleteAsync * Cleanup whitespace * remove redundant feature flag * fix tests * move DeleteManyAsync from UserService into DeleteManagedOrganizationUserAccountCommand * refactor validation, remove unneeded tasks * refactor tests, remove unused service
2025-06-30 15:42:48 -05:00 · 2024-12-06 14:40:47 -05:00
parent fb5db40f4c
commit c591997d01
8 changed files with 565 additions and 8 deletions
--- a/test/Core.Test/AdminConsole/OrganizationFeatures/OrganizationUsers/DeleteManagedOrganizationUserAccountCommandTests.cs
+++ b/test/Core.Test/AdminConsole/OrganizationFeatures/OrganizationUsers/DeleteManagedOrganizationUserAccountCommandTests.cs
@ -258,14 +258,15 @@ public class DeleteManagedOrganizationUserAccountCommandTests
            .Returns(new Dictionary<Guid, bool> { { orgUser1.Id, true }, { orgUser2.Id, true } });

        // Act
-        var results = await sutProvider.Sut.DeleteManyUsersAsync(organizationId, new[] { orgUser1.Id, orgUser2.Id }, null);
+        var userIds = new[] { orgUser1.Id, orgUser2.Id };
+        var results = await sutProvider.Sut.DeleteManyUsersAsync(organizationId, userIds, null);

        // Assert
        Assert.Equal(2, results.Count());
        Assert.All(results, r => Assert.Empty(r.Item2));

-        await sutProvider.GetDependency<IUserService>().Received(1).DeleteAsync(user1);
-        await sutProvider.GetDependency<IUserService>().Received(1).DeleteAsync(user2);
+        await sutProvider.GetDependency<IOrganizationUserRepository>().Received(1).GetManyAsync(userIds);
+        await sutProvider.GetDependency<IUserRepository>().Received(1).DeleteManyAsync(Arg.Is<IEnumerable<User>>(users => users.Any(u => u.Id == user1.Id) && users.Any(u => u.Id == user2.Id)));
        await sutProvider.GetDependency<IEventService>().Received(1).LogOrganizationUserEventsAsync(
            Arg.Is<IEnumerable<(OrganizationUser, EventType, DateTime?)>>(events =>
                events.Count(e => e.Item1.Id == orgUser1.Id && e.Item2 == EventType.OrganizationUser_Deleted) == 1
@ -286,7 +287,9 @@ public class DeleteManagedOrganizationUserAccountCommandTests
        Assert.Single(result);
        Assert.Equal(orgUserId, result.First().Item1);
        Assert.Contains("Member not found.", result.First().Item2);
-        await sutProvider.GetDependency<IUserService>().Received(0).DeleteAsync(Arg.Any<User>());
+        await sutProvider.GetDependency<IUserRepository>()
+            .DidNotReceiveWithAnyArgs()
+            .DeleteManyAsync(default);
        await sutProvider.GetDependency<IEventService>().Received(0)
            .LogOrganizationUserEventsAsync(Arg.Any<IEnumerable<(OrganizationUser, EventType, DateTime?)>>());
    }
@ -484,7 +487,6 @@ public class DeleteManagedOrganizationUserAccountCommandTests
        Assert.Equal("You cannot delete a member with Invited status.", results.First(r => r.Item1 == orgUser2.Id).Item2);
        Assert.Equal("Member is not managed by the organization.", results.First(r => r.Item1 == orgUser3.Id).Item2);

-        await sutProvider.GetDependency<IUserService>().Received(1).DeleteAsync(user1);
        await sutProvider.GetDependency<IEventService>().Received(1).LogOrganizationUserEventsAsync(
            Arg.Is<IEnumerable<(OrganizationUser, EventType, DateTime?)>>(events =>
            events.Count(e => e.Item1.Id == orgUser1.Id && e.Item2 == EventType.OrganizationUser_Deleted) == 1));
--- a/test/Infrastructure.IntegrationTest/Auth/Repositories/UserRepositoryTests.cs
+++ b/test/Infrastructure.IntegrationTest/Auth/Repositories/UserRepositoryTests.cs
@ -0,0 +1,99 @@
+using Bit.Core.AdminConsole.Entities;
+using Bit.Core.Entities;
+using Bit.Core.Enums;
+using Bit.Core.Repositories;
+using Xunit;
+
+namespace Bit.Infrastructure.IntegrationTest.Repositories;
+
+public class UserRepositoryTests
+{
+    [DatabaseTheory, DatabaseData]
+    public async Task DeleteAsync_Works(IUserRepository userRepository)
+    {
+        var user = await userRepository.CreateAsync(new User
+        {
+            Name = "Test User",
+            Email = $"test+{Guid.NewGuid()}@example.com",
+            ApiKey = "TEST",
+            SecurityStamp = "stamp",
+        });
+
+        await userRepository.DeleteAsync(user);
+
+        var deletedUser = await userRepository.GetByIdAsync(user.Id);
+        Assert.Null(deletedUser);
+    }
+
+    [DatabaseTheory, DatabaseData]
+    public async Task DeleteManyAsync_Works(IUserRepository userRepository, IOrganizationUserRepository organizationUserRepository, IOrganizationRepository organizationRepository)
+    {
+        var user1 = await userRepository.CreateAsync(new User
+        {
+            Name = "Test User 1",
+            Email = $"test+{Guid.NewGuid()}@email.com",
+            ApiKey = "TEST",
+            SecurityStamp = "stamp",
+        });
+
+        var user2 = await userRepository.CreateAsync(new User
+        {
+            Name = "Test User 2",
+            Email = $"test+{Guid.NewGuid()}@email.com",
+            ApiKey = "TEST",
+            SecurityStamp = "stamp",
+        });
+
+        var user3 = await userRepository.CreateAsync(new User
+        {
+            Name = "Test User 3",
+            Email = $"test+{Guid.NewGuid()}@email.com",
+            ApiKey = "TEST",
+            SecurityStamp = "stamp",
+        });
+
+        var organization = await organizationRepository.CreateAsync(new Organization
+        {
+            Name = "Test Org",
+            BillingEmail = user3.Email, // TODO: EF does not enfore this being NOT NULL
+            Plan = "Test", // TODO: EF does not enforce this being NOT NULl
+        });
+
+        await organizationUserRepository.CreateAsync(new OrganizationUser
+        {
+            OrganizationId = organization.Id,
+            UserId = user1.Id,
+            Status = OrganizationUserStatusType.Confirmed,
+        });
+
+        await organizationUserRepository.CreateAsync(new OrganizationUser
+        {
+            OrganizationId = organization.Id,
+            UserId = user3.Id,
+            Status = OrganizationUserStatusType.Confirmed,
+        });
+
+        await userRepository.DeleteManyAsync(new List<User>
+        {
+            user1,
+            user2
+        });
+
+        var deletedUser1 = await userRepository.GetByIdAsync(user1.Id);
+        var deletedUser2 = await userRepository.GetByIdAsync(user2.Id);
+        var notDeletedUser3 = await userRepository.GetByIdAsync(user3.Id);
+
+        var orgUser1Deleted = await organizationUserRepository.GetByIdAsync(user1.Id);
+
+        var notDeletedOrgUsers = await organizationUserRepository.GetManyByUserAsync(user3.Id);
+
+        Assert.Null(deletedUser1);
+        Assert.Null(deletedUser2);
+        Assert.NotNull(notDeletedUser3);
+
+        Assert.Null(orgUser1Deleted);
+        Assert.NotNull(notDeletedOrgUsers);
+        Assert.True(notDeletedOrgUsers.Count > 0);
+    }
+
+}