Add ability to delete users (#2342)

* add ability to delete users * fix tiny build issue * Add comments
2025-04-03 09:28:25 +02:00 · 2024-09-06 10:37:04 -07:00 · 2024-09-06 10:37:04 -07:00 · aeb6060854
commit aeb6060854
parent 8977b1b5fc
4 changed files with 113 additions and 5 deletions
--- a/backend/danswer/server/manage/users.py
+++ b/backend/danswer/server/manage/users.py
@ -213,6 +213,52 @@ def deactivate_user(
    db_session.commit()


+@router.delete("/manage/admin/delete-user")
+async def delete_user(
+    user_email: UserByEmail,
+    _: User | None = Depends(current_admin_user),
+    db_session: Session = Depends(get_session),
+) -> None:
+    user_to_delete = get_user_by_email(
+        email=user_email.user_email, db_session=db_session
+    )
+    if not user_to_delete:
+        raise HTTPException(status_code=404, detail="User not found")
+
+    if user_to_delete.is_active is True:
+        logger.warning(
+            "{} must be deactivated before deleting".format(user_to_delete.email)
+        )
+        raise HTTPException(
+            status_code=400, detail="User must be deactivated before deleting"
+        )
+
+    # Detach the user from the current session
+    db_session.expunge(user_to_delete)
+
+    try:
+        # Delete related OAuthAccounts first
+        for oauth_account in user_to_delete.oauth_accounts:
+            db_session.delete(oauth_account)
+
+        db_session.delete(user_to_delete)
+        db_session.commit()
+
+        # NOTE: edge case may exist with race conditions
+        # with this `invited user` scheme generally.
+        user_emails = get_invited_users()
+        remaining_users = [
+            user for user in user_emails if user != user_email.user_email
+        ]
+        write_invited_users(remaining_users)
+
+        logger.info(f"Deleted user {user_to_delete.email}")
+    except Exception as e:
+        db_session.rollback()
+        logger.error(f"Error deleting user {user_to_delete.email}: {str(e)}")
+        raise HTTPException(status_code=500, detail="Error deleting user")
+
+
@router.patch("/manage/admin/activate-user")
 def activate_user(
    user_email: UserByEmail,
--- a/web/src/components/admin/users/InvitedUserTable.tsx
+++ b/web/src/components/admin/users/InvitedUserTable.tsx
@ -38,7 +38,7 @@ const RemoveUserButton = ({
  );
  return (
    <Button onClick={() => trigger({ user_email: user.email })}>
-      Uninivite User
+      Uninvite User
    </Button>
  );
 };
--- a/web/src/components/admin/users/SignedUpUserTable.tsx
+++ b/web/src/components/admin/users/SignedUpUserTable.tsx
@ -19,6 +19,7 @@ import {
 import { GenericConfirmModal } from "@/components/modals/GenericConfirmModal";
 import { useState } from "react";
 import { usePaidEnterpriseFeaturesEnabled } from "@/components/settings/usePaidEnterpriseFeaturesEnabled";
+import { DeleteEntityModal } from "@/components/modals/DeleteEntityModal";

 const USER_ROLE_LABELS: Record<UserRole, string> = {
  [UserRole.BASIC]: "Basic",
@ -157,6 +158,59 @@ const DeactivaterButton = ({
  );
 };

+const DeleteUserButton = ({
+  user,
+  setPopup,
+  mutate,
+}: {
+  user: User;
+  setPopup: (spec: PopupSpec) => void;
+  mutate: () => void;
+}) => {
+  const { trigger, isMutating } = useSWRMutation(
+    "/api/manage/admin/delete-user",
+    userMutationFetcher,
+    {
+      onSuccess: () => {
+        mutate();
+        setPopup({
+          message: "User deleted successfully!",
+          type: "success",
+        });
+      },
+      onError: (errorMsg) =>
+        setPopup({
+          message: `Unable to delete user - ${errorMsg}`,
+          type: "error",
+        }),
+    }
+  );
+
+  const [showDeleteModal, setShowDeleteModal] = useState(false);
+  return (
+    <>
+      {showDeleteModal && (
+        <DeleteEntityModal
+          entityType="user"
+          entityName={user.email}
+          onClose={() => setShowDeleteModal(false)}
+          onSubmit={() => trigger({ user_email: user.email, method: "DELETE" })}
+        />
+      )}
+
+      <Button
+        className="w-min"
+        onClick={() => setShowDeleteModal(true)}
+        disabled={isMutating}
+        size="xs"
+        color="red"
+      >
+        Delete
+      </Button>
+    </>
+  );
+};
+
 const SignedUpUserTable = ({
  users,
  setPopup,
@ -215,13 +269,20 @@ const SignedUpUserTable = ({
                  <i>{user.status === "live" ? "Active" : "Inactive"}</i>
                </TableCell>
                <TableCell>
-                  <div className="flex flex-col items-end gap-y-2">
+                  <div className="flex justify-end  gap-x-2">
                    <DeactivaterButton
                      user={user}
                      deactivate={user.status === UserStatus.live}
                      setPopup={setPopup}
                      mutate={mutate}
                    />
+                    {user.status == UserStatus.deactivated && (
+                      <DeleteUserButton
+                        user={user}
+                        setPopup={setPopup}
+                        mutate={mutate}
+                      />
+                    )}
                  </div>
                </TableCell>
              </TableRow>
--- a/web/src/lib/admin/users/userMutationFetcher.ts
+++ b/web/src/lib/admin/users/userMutationFetcher.ts
@ -1,13 +1,14 @@
 const userMutationFetcher = async (
  url: string,
-  { arg }: { arg: { user_email: string; new_role?: string } }
+  { arg }: { arg: { user_email: string; new_role?: string; method?: string } }
 ) => {
+  const { method = "PATCH", ...body } = arg;
  return fetch(url, {
-    method: "PATCH",
+    method,
    headers: {
      "Content-Type": "application/json",
    },
-    body: JSON.stringify(arg),
+    body: JSON.stringify(body),
  }).then(async (res) => {
    if (res.ok) return res.json();
    const errorDetail = (await res.json()).detail;