From ce3268862380ce79f93ab42faeb683752ef36c3c Mon Sep 17 00:00:00 2001
From: meyric <meyric@dxw.com>
Date: Thu, 12 Dec 2024 14:49:38 +0000
Subject: [PATCH] Allow users to be deactivated and re-activated

This work builds on switching from an `active` boolean to a
`deactivated_at` date and time. Later this switch will allow us to know
how long a user has been deactivated for and 'anonymise' them if they
meet our retention policies.

Here we are enabling users to be deactivated and re-activated in the
same was as they were before, this work is temporary as we plan to
introduce a new UI for managing the state of a user.

We update the service that updates users so it can set or nil the
deactivated_at date and time, we must set it to nil when re-activating.

At this point the application is working and out tests our passing, this
is the smallest work we can do to get out new model into the
application.
---
 CHANGELOG.md                        | 2 ++
 app/controllers/users_controller.rb | 7 ++++---
 app/services/update_user.rb         | 5 ++++-
 3 files changed, 10 insertions(+), 4 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index b47f2cc67..e0257329d 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,6 +4,8 @@
 
 [Full changelog][unreleased]
 
+- The date and time a user is deactivated is now stored
+
 ## Release 156 - 2024-12-12
 
 [Full changelog][156]
diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb
index 0737c0128..9902c6d30 100644
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@@ -29,7 +29,7 @@ def new
   end
 
   def create
-    @user = User.new(user_params)
+    @user = User.new(user_params.except(:active))
     authorize @user
     @service_owner = service_owner
     @partner_organisations = partner_organisations
@@ -60,10 +60,11 @@ def update
     @partner_organisations = partner_organisations
 
     reset_mfa = user_params.delete(:reset_mfa)
-    @user.assign_attributes(user_params.except(:reset_mfa))
+    active = user_params[:active] === "true"
+    @user.assign_attributes(user_params.except(:reset_mfa, :active))
 
     if @user.valid?
-      result = UpdateUser.new(user: @user, organisation: organisation, reset_mfa: reset_mfa).call
+      result = UpdateUser.new(user: @user, active: active, organisation: organisation, reset_mfa: reset_mfa).call
 
       if result.success?
         flash[:notice] = t("action.user.update.success")
diff --git a/app/services/update_user.rb b/app/services/update_user.rb
index 0ebd9fb80..218bb5cd2 100644
--- a/app/services/update_user.rb
+++ b/app/services/update_user.rb
@@ -1,10 +1,11 @@
 class UpdateUser
   attr_accessor :user, :organisation, :reset_mfa
 
-  def initialize(user:, organisation:, reset_mfa: false)
+  def initialize(user:, organisation:, active: true, reset_mfa: false)
     self.user = user
     self.organisation = organisation
     self.reset_mfa = reset_mfa
+    @active = active
   end
 
   def call
@@ -18,6 +19,8 @@ def call
         user.mobile_number_confirmed_at = nil
       end
 
+      user.deactivated_at = @active ? nil : DateTime.now
+
       user.save
     end