fix: delete user record if belongs to no account (#6664)

2025-10-29 18:22:53 +00:00 · 2023-03-15 21:49:49 +05:30
parent 6848433a4c
commit cf487c76a0
2 changed files with 29 additions and 4 deletions
--- a/app/controllers/api/v1/accounts/agents_controller.rb
+++ b/app/controllers/api/v1/accounts/agents_controller.rb
@@ -19,6 +19,7 @@ class Api::V1::Accounts::AgentsController < Api::V1::Accounts::BaseController

  def destroy
    @agent.current_account_user.destroy!
+    delete_user_record(@agent)
    head :ok
  end

@@ -74,4 +75,8 @@ class Api::V1::Accounts::AgentsController < Api::V1::Accounts::BaseController
  def validate_limit
    render_payment_required('Account limit exceeded. Please purchase more licenses') if agents.count >= Current.account.usage_limits[:agents]
  end
+
+  def delete_user_record(agent)
+    DeleteObjectJob.perform_later(agent) if agent.reload.account_users.blank?
+  end
 end
--- a/spec/controllers/api/v1/accounts/agents_controller_spec.rb
+++ b/spec/controllers/api/v1/accounts/agents_controller_spec.rb
@@ -1,6 +1,8 @@
 require 'rails_helper'

 RSpec.describe 'Agents API', type: :request do
+  include ActiveJob::TestHelper
+
  let(:account) { create(:account) }
  let(:admin) { create(:user, custom_attributes: { test: 'test' }, account: account, role: :administrator) }
  let(:agent) { create(:user, account: account, role: :agent) }
@@ -60,13 +62,31 @@ RSpec.describe 'Agents API', type: :request do
        expect(response).to have_http_status(:unauthorized)
      end

-      it 'deletes an agent' do
-        delete "/api/v1/accounts/#{account.id}/agents/#{other_agent.id}",
-               headers: admin.create_new_auth_token,
-               as: :json
+      it 'deletes the agent and user object if associated with only one account' do
+        perform_enqueued_jobs(only: DeleteObjectJob) do
+          delete "/api/v1/accounts/#{account.id}/agents/#{other_agent.id}",
+                 headers: admin.create_new_auth_token,
+                 as: :json
+        end
+
+        expect(response).to have_http_status(:success)
+        expect(account.reload.users.size).to eq(1)
+        expect(User.count).to eq(account.reload.users.size)
+      end
+
+      it 'deletes only the agent object when user is associated with multiple accounts' do
+        other_account = create(:account)
+        create(:account_user, account_id: other_account.id, user_id: other_agent.id)
+
+        perform_enqueued_jobs(only: DeleteObjectJob) do
+          delete "/api/v1/accounts/#{account.id}/agents/#{other_agent.id}",
+                 headers: admin.create_new_auth_token,
+                 as: :json
+        end

        expect(response).to have_http_status(:success)
        expect(account.users.size).to eq(1)
+        expect(User.count).to eq(account.reload.users.size + 1)
      end
    end
  end