feat: Platform API improvements (#2900)

- Platform APIs to add and update custom attributes to users - Platform APIs to delete accounts - Platform APIs to delete users
2021-09-02 18:29:45 +05:30
parent a60a33679f
commit ad83d1bb71
18 changed files with 160 additions and 12 deletions
--- a/app/controllers/platform/api/v1/accounts_controller.rb
+++ b/app/controllers/platform/api/v1/accounts_controller.rb
@@ -16,7 +16,7 @@ class Platform::Api::V1::AccountsController < PlatformController
  end

  def destroy
-    # TODO: obfusicate account
+    DeleteObjectJob.perform_later(@resource)
    head :ok
  end

--- a/app/controllers/platform/api/v1/users_controller.rb
+++ b/app/controllers/platform/api/v1/users_controller.rb
@@ -19,21 +19,33 @@ class Platform::Api::V1::UsersController < PlatformController
  def show; end

  def update
-    @resource.update!(user_params)
+    @resource.assign_attributes(user_update_params)
+    @resource.save!
  end

  def destroy
-    # TODO: obfusicate user
+    DeleteObjectJob.perform_later(@resource)
    head :ok
  end

  private

+  def user_custom_attributes
+    return @resource.custom_attributes.merge(user_params[:custom_attributes]) if user_params[:custom_attributes]
+
+    @resource.custom_attributes
+  end
+
+  def user_update_params
+    # we want the merged custom attributes not the original one
+    user_params.except(:custom_attributes).merge({ custom_attributes: user_custom_attributes })
+  end
+
  def set_resource
    @resource = User.find(params[:id])
  end

  def user_params
-    params.permit(:name, :email, :password)
+    params.permit(:name, :email, :password, custom_attributes: {})
  end
 end
--- a/app/jobs/delete_object_job.rb
+++ b/app/jobs/delete_object_job.rb
@@ -0,0 +1,7 @@
+class DeleteObjectJob < ApplicationJob
+  queue_as :default
+
+  def perform(object)
+    object.destroy!
+  end
+end
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -9,6 +9,7 @@
 #  confirmed_at           :datetime
 #  current_sign_in_at     :datetime
 #  current_sign_in_ip     :string
+#  custom_attributes      :jsonb
 #  display_name           :string
 #  email                  :string
 #  encrypted_password     :string           default(""), not null
@@ -112,6 +113,7 @@ class User < ApplicationRecord
    self[:display_name].presence || name
  end

+  # Used internally for Chatwoot in Chatwoot
  def hmac_identifier
    hmac_key = GlobalConfig.get('CHATWOOT_INBOX_HMAC_KEY')['CHATWOOT_INBOX_HMAC_KEY']
    return OpenSSL::HMAC.hexdigest('sha256', hmac_key, email) if hmac_key.present?
--- a/app/views/api/v1/models/_agent.json.jbuilder
+++ b/app/views/api/v1/models/_agent.json.jbuilder
@@ -4,6 +4,7 @@ json.confirmed resource.confirmed?
 json.email resource.email
 json.available_name resource.available_name
 json.id resource.id
+json.custom_attributes resource.custom_attributes if resource.custom_attributes.present?
 json.name resource.name
 json.role resource.role
 json.thumbnail resource.avatar_url
--- a/app/views/api/v1/models/_user.json.jbuilder
+++ b/app/views/api/v1/models/_user.json.jbuilder
@@ -12,6 +12,7 @@ json.inviter_id resource.active_account_user&.inviter_id
 json.name resource.name
 json.provider resource.provider
 json.pubsub_token resource.pubsub_token
+json.custom_attributes resource.custom_attributes if resource.custom_attributes.present?
 json.role resource.active_account_user&.role
 json.ui_settings resource.ui_settings
 json.uid resource.uid
--- a/app/views/platform/api/v1/models/_user.json.jbuilder
+++ b/app/views/platform/api/v1/models/_user.json.jbuilder
@@ -10,6 +10,7 @@ json.id resource.id
 json.name resource.name
 json.provider resource.provider
 json.pubsub_token resource.pubsub_token
+json.custom_attributes resource.custom_attributes if resource.custom_attributes.present?
 json.role resource.active_account_user&.role
 json.ui_settings resource.ui_settings
 json.uid resource.uid