New API: Deleting User's Profile

api.py

@@ -11,6 +11,7 @@
 from resources.user.password.ResetPassword import ResetPassword
 from resources.user.Publicity import Publicity
 from resources.user.Socializing.Activity import Activity
+from resources.user.Profile import Profile
 
 from resources.links.LinksDeleter import LinksDeleter
 from resources.links.LinksAdder import LinksAdder
@@ -118,6 +119,10 @@
     LinksByUserId,
     CONFIG.get('routes', {}).get('links', {}).get('by_user_id')
 )
+api.add_resource(
+    Profile,
+    CONFIG.get('routes', {}).get('user', {}).get('profile')
+)
 
 
 @app.before_first_request

common/User.py

@@ -15,7 +15,8 @@ class User(db.Model):
     id = db.Column(db.Integer, primary_key=True, autoincrement=True)
     username = db.Column(db.String(32), unique=True)
     password_hash = db.Column(db.String(128))
-    links = db.relationship('Link', backref='owner')
+    links = db.relationship('Link', backref='owner',
+                            cascade="all, delete-orphan")
     time_created = db.Column(db.DateTime(timezone=True),
                              server_default=func.now())
     time_profile_updated = db.Column(db.DateTime)

config.json

@@ -8,7 +8,8 @@
 			"verify_code": "/user/password/verify",
 			"reset_password": "/user/password/reset",
 			"publicity": "/user/publicity",
-			"activity_list": "/user/activity"
+			"activity_list": "/user/activity",
+			"profile": "/user/profile"
 		},
 		"links":{
 			"main": "/links",

resources/user/Profile.py

@@ -0,0 +1,26 @@
+from flask_restful import Resource
+from flask import jsonify, make_response
+from flask_jwt_extended import jwt_required, get_jwt_identity
+from flasgger import swag_from
+
+from src.DbHandler import DbHandler
+
+
+class Profile(Resource):
+    @jwt_required
+    @swag_from('../../yml/user_profile_delete.yml')
+    def delete(self):
+        """ Delete current user's profile """
+        current_user_username = get_jwt_identity()
+
+        status = DbHandler.delete_user_profile(current_user_username)
+        if status == 'OK':
+            return make_response(
+                jsonify(msg="User's profile deleted."),
+                200
+            )
+        else:
+            return make_response(
+                jsonify(msg="Server Error!"),
+                500
+            )

src/DbHandler.py

@@ -377,3 +377,11 @@ def get_user_publicity(user_id: int) -> bool:
         """ Returns user's publicity. """
         return(User.query.with_entities(User.is_public).
                filter_by(id=user_id).first()[0])
+
+    @staticmethod
+    def delete_user_profile(username: str) -> str:
+        """ Delete user's profile. """
+        user_object = User.query.filter_by(username=username).first()
+        db.session.delete(user_object)
+        db.session.commit()
+        return "OK"

tests/test_forget_password.py

@@ -20,6 +20,8 @@
 USER_VERIFY_CODE = CONFIG.get('routes', {}).get('user', {}).get('verify_code')
 USER_RESET_PASSWORD = CONFIG.get('routes', {}).get('user', {}).get(
     'reset_password')
+USER_PROFILE_ROUTE = CONFIG.get('routes', {}).get('user', {}).get(
+    'profile')
 
 
 def generate_random_string(length):
@@ -235,4 +237,21 @@ def test_login_with_new_password_accepted(client):
         headers=HEADERS
     )
 
+    global TOKEN
+    TOKEN = json.loads(res.get_data(as_text=True))["access_token"]
+    assert res.status_code == 200
+
+
+def test_delete_user_profile_accepted(client):
+    """curl -i -H "Content-Type: application/json" -H "Authorization: Bearer $x"
+    -X DELETE localhost:5000/user/profile
+    """
+    headers = {
+        'Authorization': f"Bearer {TOKEN}"
+    }
+    res = client.delete(
+        USER_PROFILE_ROUTE,
+        headers=headers
+    )
+
     assert res.status_code == 200

tests/test_user.py

@@ -19,6 +19,8 @@
     'publicity')
 USER_ACTIVITY_ROUTE = CONFIG.get('routes', {}).get('user', {}).get(
     'activity_list')
+USER_PROFILE_ROUTE = CONFIG.get('routes', {}).get('user', {}).get(
+    'profile')
 LINKS_MAIN_ROUTE = CONFIG.get('routes', {}).get('links', {}).get('main')
 CATEGORIES_MAIN_ROUTE = CONFIG.get(
     'routes', {}).get('categories', {}).get('main')
@@ -941,3 +943,31 @@ def test_update_categories_of_a_link_rejected(client):
         data=json.dumps(data)
     )
     assert res.status_code == 404
+
+
+def test_delete_user_profile_accepted(client):
+    """curl -i -H "Content-Type: application/json" -H "Authorization: Bearer $x"
+    -X DELETE localhost:5000/user/profile
+    """
+    headers = {
+        'Authorization': f"Bearer {TOKEN}"
+    }
+    res = client.delete(
+        USER_PROFILE_ROUTE,
+        headers=headers
+    )
+    assert res.status_code == 200
+
+
+def test_login_deleted_profile_failed(client):
+    """ User was deleted on previous call """
+    data = {
+        "username": USERNAME,
+        "password": PASSWORD
+    }
+    res = client.post(
+        USER_LOGIN_ROUTE,
+        data=json.dumps(data),
+        headers=HEADERS
+    )
+    assert res.status_code == 401

yml/user_profile_delete.yml

@@ -0,0 +1,43 @@
+Deletes profile of the owner of current token, including the links.
+---
+openapi: 3.0.0
+components:
+  securitySchemes:
+    bearerAuth:
+      type: http
+      scheme: bearer
+      bearerFormat: JWT
+security:
+  - bearerAuth: []
+consumes:
+  "application/json"
+tags:
+  - name: "User"
+parameters:
+  - in: header
+    name: Authorization
+    description: "Send like this: Bearer [TOKEN]"
+    type: string
+    required: true
+
+responses:
+  200:
+    description: "User's profile deleted."
+    schema:
+      type: object
+      properties:
+        msg:
+          type: string
+          description: "User's profile deleted."
+      example:
+        msg: "User's profile deleted."
+  500:
+    description: "Server Error!"
+    schema:
+      type: object
+      properties:
+        msg:
+          type: string
+          description: "Server Error!"
+      example:
+        msg: "Server Error!"