[Issue] User Management: Delete Passage identity on user deactivation

[TylerHendrickson]

Subtask of user story: User Management https://github.com/usdigitalresponse/cpf-reporter/issues/81

DOD: When an update to an existing user sets isActive=false, the user's Passage identity is deleted.

Blocked by issues:

• https://github.com/usdigitalresponse/cpf-reporter/issues/102

• 117

Blocks these issues: (none)

Implementation Details:

• Update the api/src/lib/auth.ts module interface to provide an exported function that facilitates deleting a user identity from Passage.
• Use the lib/auth module to create a new Passage user identity so that the following scenarios are satisfied:
  • In the user service's updateUser mutation resolver: when the request's UpdateUserInput input data will set isActive=true -> isActive=false, the user's passageId value is used to delete the user's Passage identity, and then set to null in the database.

Relevant Code Snippets

api/src/services/users/users.ts
import { createPassageUser, deletePassageUser } from 'src/lib/auth'

export const updateUser: MutationResolvers['updateUser'] = ({ id, input }) => {
  const user = db.user.findUnique({
    where: { id },
  })

  if (process.env.AUTH_PROVIDER == 'passage') {
    try {
      if (input.isActive && !user.passageId) {
        // user not in passage and is marked as active
        await createPassageUser(user.email)
      } else {
        await deletePassageUser(input.passageId)
        input.passageId = null
      }
    } catch (e) {
      // send to datadog and log the error
      // ensure user update fails for the front-end
      raise
    }
    // verify if this needs to be empty string or null
  }
  return db.user.update({
    data: input,
    where: { id },
  })
}

export const deleteUser: MutationResolvers['deleteUser'] = ({ id }) => {
  const user = db.user.findUnique({ where: { id } })
  if (process.env.AUTH_PROVIDER == 'passage') {
    try {
      await deletePassageUser(user.passageId)
    } catch (e) {
      // send to datadog and log the error
      // ensure user update fails for the front-end
      raise
    }
  }
  return db.user.delete({
    where: { id },
  })
}

[as1729]

Lower priority compared to registering a passage identity.