Correct SeAT API logic (#860)

* Do not attempt to change user email on SeAT if unchanged. This prevents HTTP422 from being raised on password resets. *Delete users on deactivation. The existing disable user logic does nothing and results in a HTTP500. It's safe to delete users entirely - the API keys are retained. Fixes #844
2026-02-08 16:16:18 +01:00 · 2017-09-08 13:42:35 -04:00
parent 3f454743a9
commit 0ac0f71fef
3 changed files with 18 additions and 29 deletions
--- a/services/modules/seat/tests.py
+++ b/services/modules/seat/tests.py
@@ -100,10 +100,10 @@ class SeatHooksTestCase(TestCase):

        # Test none user is deleted
        none_user = User.objects.get(username=self.none_user)
-        manager.disable_user.return_value = 'abc123'
+        manager.delete_user.return_value = 'abc123'
        SeatUser.objects.create(user=none_user, username='abc123')
        service.validate_user(none_user)
-        self.assertTrue(manager.disable_user.called)
+        self.assertTrue(manager.delete_user.called)
        with self.assertRaises(ObjectDoesNotExist):
            none_seat = User.objects.get(username=self.none_user).seat

@@ -115,7 +115,7 @@ class SeatHooksTestCase(TestCase):
        result = service.delete_user(member)

        self.assertTrue(result)
-        self.assertTrue(manager.disable_user.called)
+        self.assertTrue(manager.delete_user.called)
        with self.assertRaises(ObjectDoesNotExist):
            seat_user = User.objects.get(username=self.member).seat

@@ -177,7 +177,7 @@ class SeatViewsTestCase(TestCase):

        response = self.client.get(urls.reverse('auth_deactivate_seat'))

-        self.assertTrue(manager.disable_user.called)
+        self.assertTrue(manager.delete_user.called)
        self.assertRedirects(response, expected_url=urls.reverse('auth_services'), target_status_code=200)
        with self.assertRaises(ObjectDoesNotExist):
            seat_user = User.objects.get(pk=self.member.pk).seat