From c869de60af14ebe01776d3ba9cc8542235527dfc Mon Sep 17 00:00:00 2001 From: Mikael Araya Date: Thu, 19 Dec 2024 14:59:24 +0300 Subject: [PATCH 1/5] Add user payment & webauth credentials delete helper in modules --- .../src/module/configurePaymentCredentialsModule.ts | 4 ++++ .../core-users/src/module/configureUsersWebAuthnModule.ts | 6 ++++++ packages/core/src/services/deleteUser.ts | 2 ++ 3 files changed, 12 insertions(+) diff --git a/packages/core-payment/src/module/configurePaymentCredentialsModule.ts b/packages/core-payment/src/module/configurePaymentCredentialsModule.ts index 326783de51..f7dd408bdc 100644 --- a/packages/core-payment/src/module/configurePaymentCredentialsModule.ts +++ b/packages/core-payment/src/module/configurePaymentCredentialsModule.ts @@ -128,6 +128,10 @@ export const configurePaymentCredentialsModule = ( const paymentCredentials = await PaymentCredentials.findOneAndDelete(selector, {}); return paymentCredentials; }, + removeUserCredentials: async (userId: string): Promise => { + const { deletedCount } = await PaymentCredentials.deleteMany({ userId }, {}); + return deletedCount; + }, }; }; diff --git a/packages/core-users/src/module/configureUsersWebAuthnModule.ts b/packages/core-users/src/module/configureUsersWebAuthnModule.ts index 2deea1e6b8..2c7a5bf0b9 100644 --- a/packages/core-users/src/module/configureUsersWebAuthnModule.ts +++ b/packages/core-users/src/module/configureUsersWebAuthnModule.ts @@ -220,5 +220,11 @@ export const configureUsersWebAuthnModule = async ({ db }: ModuleInput) => const loginResult = await f2l.assertionResult(assertionResponse, assertionExpectations); return { userHandle: loginResult?.authnrData?.get('userHandle') }; }, + deleteUserCredentials: async (username: string) => { + const { deletedCount } = await WebAuthnCredentialsCreationRequests.deleteMany({ + username, + }); + return deletedCount; + }, }; }; diff --git a/packages/core/src/services/deleteUser.ts b/packages/core/src/services/deleteUser.ts index 0c0974b6a5..f6fb8a5f5b 100644 --- a/packages/core/src/services/deleteUser.ts +++ b/packages/core/src/services/deleteUser.ts @@ -8,6 +8,8 @@ export async function deleteUserService(this: Modules, { userId }: { userId: str await this.bookmarks.deleteByUserId(userId); await this.quotations.deleteRequestedUserQuotations(userId); await this.enrollments.deleteInactiveUserEnrollments(userId); + await this.payment.paymentCredentials.removeUserCredentials(userId); + await this.users.webAuthn.deleteUserCredentials(user.username); const carts = await this.orders.findOrders({ userId, status: null }); From 5b3e021f44814ea9f640972e081ab03f4f687ba6 Mon Sep 17 00:00:00 2001 From: Mikael Araya Date: Thu, 19 Dec 2024 15:43:19 +0300 Subject: [PATCH 2/5] Add payment credential count helper --- .../module/configurePaymentCredentialsModule.ts | 13 ++++++++----- packages/core/src/services/deleteUser.ts | 14 +++++++++++--- 2 files changed, 19 insertions(+), 8 deletions(-) diff --git a/packages/core-payment/src/module/configurePaymentCredentialsModule.ts b/packages/core-payment/src/module/configurePaymentCredentialsModule.ts index f7dd408bdc..f0e9a10815 100644 --- a/packages/core-payment/src/module/configurePaymentCredentialsModule.ts +++ b/packages/core-payment/src/module/configurePaymentCredentialsModule.ts @@ -36,7 +36,10 @@ export const configurePaymentCredentialsModule = ( return { markPreferred, - + async count(query: mongodb.Filter): Promise { + const credentials = await PaymentCredentials.countDocuments(query); + return credentials; + }, credentialsExists: async ({ paymentCredentialsId, }: { @@ -91,9 +94,9 @@ export const configurePaymentCredentialsModule = ( _id ? generateDbFilterById(_id) : { - userId, - paymentProviderId, - }, + userId, + paymentProviderId, + }, { $setOnInsert: { _id: insertedId, @@ -128,7 +131,7 @@ export const configurePaymentCredentialsModule = ( const paymentCredentials = await PaymentCredentials.findOneAndDelete(selector, {}); return paymentCredentials; }, - removeUserCredentials: async (userId: string): Promise => { + deleteUserPaymentCredentials: async (userId: string): Promise => { const { deletedCount } = await PaymentCredentials.deleteMany({ userId }, {}); return deletedCount; }, diff --git a/packages/core/src/services/deleteUser.ts b/packages/core/src/services/deleteUser.ts index f6fb8a5f5b..07de4eb5f8 100644 --- a/packages/core/src/services/deleteUser.ts +++ b/packages/core/src/services/deleteUser.ts @@ -8,7 +8,7 @@ export async function deleteUserService(this: Modules, { userId }: { userId: str await this.bookmarks.deleteByUserId(userId); await this.quotations.deleteRequestedUserQuotations(userId); await this.enrollments.deleteInactiveUserEnrollments(userId); - await this.payment.paymentCredentials.removeUserCredentials(userId); + await this.payment.paymentCredentials.deleteUserPaymentCredentials(userId); await this.users.webAuthn.deleteUserCredentials(user.username); const carts = await this.orders.findOrders({ userId, status: null }); @@ -26,8 +26,16 @@ export async function deleteUserService(this: Modules, { userId }: { userId: str const reviewsCount = await this.products.reviews.count({ authorId: userId }); const enrollmentsCount = await this.enrollments.count({ userId }); const tokens = await this.warehousing.findTokensForUser({ userId }); - - if (!ordersCount && !reviewsCount && !enrollmentsCount && !quotationsCount && !tokens?.length) { + const paymentCredentials = await this.payment.paymentCredentials.count({ userId }); + + if ( + !ordersCount && + !reviewsCount && + !enrollmentsCount && + !quotationsCount && + !tokens?.length && + !paymentCredentials + ) { await this.users.deletePermanently({ userId }); } From 9dce37b354d118fe9c85c4466886b2fb72bd9f88 Mon Sep 17 00:00:00 2001 From: Mikael Araya Date: Thu, 19 Dec 2024 15:49:30 +0300 Subject: [PATCH 3/5] Adjust delete helper name consistency --- packages/core-users/src/module/configureUsersWebAuthnModule.ts | 2 +- packages/core/src/services/deleteUser.ts | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/packages/core-users/src/module/configureUsersWebAuthnModule.ts b/packages/core-users/src/module/configureUsersWebAuthnModule.ts index 2c7a5bf0b9..3911914c9d 100644 --- a/packages/core-users/src/module/configureUsersWebAuthnModule.ts +++ b/packages/core-users/src/module/configureUsersWebAuthnModule.ts @@ -220,7 +220,7 @@ export const configureUsersWebAuthnModule = async ({ db }: ModuleInput) => const loginResult = await f2l.assertionResult(assertionResponse, assertionExpectations); return { userHandle: loginResult?.authnrData?.get('userHandle') }; }, - deleteUserCredentials: async (username: string) => { + deleteUserWebAuthnCredentials: async (username: string) => { const { deletedCount } = await WebAuthnCredentialsCreationRequests.deleteMany({ username, }); diff --git a/packages/core/src/services/deleteUser.ts b/packages/core/src/services/deleteUser.ts index 07de4eb5f8..6b73eae44d 100644 --- a/packages/core/src/services/deleteUser.ts +++ b/packages/core/src/services/deleteUser.ts @@ -9,7 +9,7 @@ export async function deleteUserService(this: Modules, { userId }: { userId: str await this.quotations.deleteRequestedUserQuotations(userId); await this.enrollments.deleteInactiveUserEnrollments(userId); await this.payment.paymentCredentials.deleteUserPaymentCredentials(userId); - await this.users.webAuthn.deleteUserCredentials(user.username); + await this.users.webAuthn.deleteUserWebAuthnCredentials(user.username); const carts = await this.orders.findOrders({ userId, status: null }); From 3faeedf13cca7a63c26085da6d0f8b8b886fa50b Mon Sep 17 00:00:00 2001 From: Mikael Araya Date: Fri, 20 Dec 2024 14:48:25 +0300 Subject: [PATCH 4/5] Delete user from session on remove --- packages/core-users/src/module/configureUsersModule.ts | 3 +++ packages/core/src/services/migrateUserData.ts | 4 ++-- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/packages/core-users/src/module/configureUsersModule.ts b/packages/core-users/src/module/configureUsersModule.ts index 396c5b386c..543894168f 100644 --- a/packages/core-users/src/module/configureUsersModule.ts +++ b/packages/core-users/src/module/configureUsersModule.ts @@ -611,6 +611,9 @@ export const configureUsersModule = async ({ }, deletePermanently: async ({ userId }: { userId: string }): Promise => { + await db.collection('sessions').deleteMany({ + session: { $regex: `"user":"${userId}"` }, + }); return Users.findOneAndDelete({ _id: userId }); }, diff --git a/packages/core/src/services/migrateUserData.ts b/packages/core/src/services/migrateUserData.ts index edb281168a..babb469213 100644 --- a/packages/core/src/services/migrateUserData.ts +++ b/packages/core/src/services/migrateUserData.ts @@ -10,13 +10,13 @@ export async function migrateUserDataService(userIdBeforeLogin: string, userId: fromUserId: userIdBeforeLogin, toUserId: userId, shouldMerge: userSettings.mergeUserCartsOnLogin, - countryContext: userBeforeLogin.lastLogin?.countryCode || user.lastLogin?.countryCode, + countryContext: userBeforeLogin?.lastLogin?.countryCode || user?.lastLogin?.countryCode, }); await migrateBookmarksService.bind(this)({ fromUserId: userIdBeforeLogin, toUserId: userId, shouldMerge: userSettings.mergeUserCartsOnLogin, - countryContext: userBeforeLogin.lastLogin?.countryCode || user.lastLogin?.countryCode, + countryContext: userBeforeLogin?.lastLogin?.countryCode || user?.lastLogin?.countryCode, }); } From 3d7fac9e78a771c7abdaf0636915846771778312 Mon Sep 17 00:00:00 2001 From: Mikael Araya Date: Fri, 20 Dec 2024 15:57:32 +0300 Subject: [PATCH 5/5] Remove user from session when marking it as deleted --- .../src/module/configurePaymentCredentialsModule.ts | 6 +++--- packages/core-users/src/module/configureUsersModule.ts | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/packages/core-payment/src/module/configurePaymentCredentialsModule.ts b/packages/core-payment/src/module/configurePaymentCredentialsModule.ts index f0e9a10815..e5fee5ab5e 100644 --- a/packages/core-payment/src/module/configurePaymentCredentialsModule.ts +++ b/packages/core-payment/src/module/configurePaymentCredentialsModule.ts @@ -94,9 +94,9 @@ export const configurePaymentCredentialsModule = ( _id ? generateDbFilterById(_id) : { - userId, - paymentProviderId, - }, + userId, + paymentProviderId, + }, { $setOnInsert: { _id: insertedId, diff --git a/packages/core-users/src/module/configureUsersModule.ts b/packages/core-users/src/module/configureUsersModule.ts index 543894168f..dcc1c5c67c 100644 --- a/packages/core-users/src/module/configureUsersModule.ts +++ b/packages/core-users/src/module/configureUsersModule.ts @@ -583,6 +583,9 @@ export const configureUsersModule = async ({ }, markDeleted: async (userId: string): Promise => { + await db.collection('sessions').deleteMany({ + session: { $regex: `"user":"${userId}"` }, + }); const user = await Users.findOneAndUpdate( { _id: userId }, { @@ -611,9 +614,6 @@ export const configureUsersModule = async ({ }, deletePermanently: async ({ userId }: { userId: string }): Promise => { - await db.collection('sessions').deleteMany({ - session: { $regex: `"user":"${userId}"` }, - }); return Users.findOneAndDelete({ _id: userId }); },