match4everyone / match4healthcare

Helping hospitals find qualified medicine students (Hackathon #wirvsvirus). A more flexibel version is currently in development under match4everyone/match4everything,
https://match4healthcare.de
Other
17 stars 10 forks source link

Deleting Hospitals from Approval page only deletes Hospital Model #542

Open maltezacharias opened 4 years ago

maltezacharias commented 4 years ago

Describe the bug When a staff member deletes an approval request only the hospital model object is deleted, the useraccount is still active. This leads to Error 500 when the user later logs in and tries to access any hospital related function, as the hospital cannot be found.

To Reproduce Steps to reproduce the behavior:

  1. Create a new Facility User
  2. As a staff user, delete User from (1)
  3. Log on as User from (1) and open the profile page
  4. See error

Expected behavior To be discussed, I think it might be a good idea to just set is_hospital to false. This way the user will still be able to login and get an error message. Otherwise they will probably just sign in again.

Log output

{
  "status_code": 500,
  "request": {
    "path": "/ineedstudent/hospital_dashboard",
    "method": "GET",
    "get": {}
  },
  "level": "error",
  "message": "[django.request]: Internal Server Error: /ineedstudent/hospital_dashboard",
  "timestamp": "2020-07-22T09:06:27.287370",
  "user": "***",
  "exc_info": "Traceback (most recent call last):
  File \"/usr/local/lib/python3.6/dist-packages/django/core/handlers/exception.py\", line 34, in inner
    response = get_response(request)
  File \"/usr/local/lib/python3.6/dist-packages/django/core/handlers/base.py\", line 115, in _get_response
    response = self.process_exception_by_middleware(e, request)
  File \"/usr/local/lib/python3.6/dist-packages/django/core/handlers/base.py\", line 113, in _get_response
    response = wrapped_callback(request, *callback_args, **callback_kwargs)
  File \"/usr/local/lib/python3.6/dist-packages/django/contrib/auth/decorators.py\", line 21, in _wrapped_view
    return view_func(request, *args, **kwargs)
  File \"/usr/local/lib/python3.6/dist-packages/django/contrib/auth/decorators.py\", line 21, in _wrapped_view
    return view_func(request, *args, **kwargs)
  File \"/match4healthcare-backend/apps/ineedstudent/views.py\", line 228, in hospital_dashboard
    qs = request.user.hospital.emailtosend_set.all().values(
  File \"/usr/local/lib/python3.6/dist-packages/django/utils/functional.py\", line 225, in inner
    return func(self._wrapped, *args)
  File \"/usr/local/lib/python3.6/dist-packages/django/db/models/fields/related_descriptors.py\", line 423, in get
    self.related.get_accessor_name()
apps.accounts.models.User.hospital.RelatedObjectDoesNotExist: User has no hospital."
}
{
  "status_code": 500,
  "request": {
    "path": "/accounts/profile_hospital",
    "method": "GET",
    "get": {}
  },
  "level": "error",
  "message": "[django.request]: Internal Server Error: /accounts/profile_hospital",
  "timestamp": "2020-07-22T09:06:44.151089",
  "user": "***",
  "exc_info": "Traceback (most recent call last):
  File \"/usr/local/lib/python3.6/dist-packages/django/core/handlers/exception.py\", line 34, in inner
    response = get_response(request)
  File \"/usr/local/lib/python3.6/dist-packages/django/core/handlers/base.py\", line 115, in _get_response
    response = self.process_exception_by_middleware(e, request)
  File \"/usr/local/lib/python3.6/dist-packages/django/core/handlers/base.py\", line 113, in _get_response
    response = wrapped_callback(request, *callback_args, **callback_kwargs)
  File \"/usr/local/lib/python3.6/dist-packages/django/contrib/auth/decorators.py\", line 21, in _wrapped_view
    return view_func(request, *args, **kwargs)
  File \"/usr/local/lib/python3.6/dist-packages/django/contrib/auth/decorators.py\", line 21, in _wrapped_view
    return view_func(request, *args, **kwargs)
  File \"/match4healthcare-backend/apps/accounts/views.py\", line 195, in edit_hospital_profile
    hospital = request.user.hospital
  File \"/usr/local/lib/python3.6/dist-packages/django/utils/functional.py\", line 225, in inner
    return func(self._wrapped, *args)
  File \"/usr/local/lib/python3.6/dist-packages/django/db/models/fields/related_descriptors.py\", line 423, in get
    self.related.get_accessor_name()
apps.accounts.models.User.hospital.RelatedObjectDoesNotExist: User has no hospital."
}

match4healthcare=# \x on
Expanded display is on.
match4healthcare=# select * from accounts_user where email = '***';
-[ RECORD 1 ]---------+-------------------------------------------------------------------------------
id                    | 99999999
password              | ***
last_login            | 2020-07-22 09:06:26.35629+00
is_superuser          | f
username              | ***
first_name            |
last_name             |
email                 | ***
is_staff              | f
is_active             | t
date_joined           | 2020-07-16 12:01:19.740697+00
is_student            | f
is_hospital           | t
validated_email       | t
email_validation_date | 2020-07-22 09:06:26.651782+00

match4healthcare=# select * from ineedstudent_hospital where user_id = 99999999;
(0 rows)

match4healthcare=#

Desktop (please complete the following information): Smartphone (please complete the following information): All affected

Additional context

Baschdl commented 4 years ago

Otherwise they will probably just sign in again.

It would probably also lead to a lot of confusion why the credentials don't work anymore.