From b67e07fb9ee576c57dcbca21c52aa1e4ed2d2818 Mon Sep 17 00:00:00 2001
From: Apoorv Dixit <64925866+apoorvdixit88@users.noreply.github.com>
Date: Tue, 23 Apr 2024 15:43:18 +0530
Subject: [PATCH] fix(user): blacklist token after delete user role (#4428)

---
 crates/diesel_models/src/query/user_role.rs |  4 +--
 crates/router/src/core/user_role.rs         | 13 +++++-----
 crates/router/src/db/kafka_store.rs         |  2 +-
 crates/router/src/db/user_role.rs           | 28 +++++++++++----------
 4 files changed, 24 insertions(+), 23 deletions(-)

diff --git a/crates/diesel_models/src/query/user_role.rs b/crates/diesel_models/src/query/user_role.rs
index 4cce0d3f80..09a0bbfe30 100644
--- a/crates/diesel_models/src/query/user_role.rs
+++ b/crates/diesel_models/src/query/user_role.rs
@@ -70,8 +70,8 @@ impl UserRole {
         conn: &PgPooledConn,
         user_id: String,
         merchant_id: String,
-    ) -> StorageResult<bool> {
-        generics::generic_delete::<<Self as HasTable>::Table, _>(
+    ) -> StorageResult<Self> {
+        generics::generic_delete_one_with_result::<<Self as HasTable>::Table, _, _>(
             conn,
             dsl::user_id
                 .eq(user_id)
diff --git a/crates/router/src/core/user_role.rs b/crates/router/src/core/user_role.rs
index 6ddab570ae..43d6b1c648 100644
--- a/crates/router/src/core/user_role.rs
+++ b/crates/router/src/core/user_role.rs
@@ -282,7 +282,7 @@ pub async fn delete_user_role(
         }
     };
 
-    if user_roles.len() > 1 {
+    let deleted_user_role = if user_roles.len() > 1 {
         state
             .store
             .delete_user_role_by_user_id_merchant_id(
@@ -291,9 +291,7 @@ pub async fn delete_user_role(
             )
             .await
             .change_context(UserErrors::InternalServerError)
-            .attach_printable("Error while deleting user role")?;
-
-        Ok(ApplicationResponse::StatusOk)
+            .attach_printable("Error while deleting user role")?
     } else {
         state
             .store
@@ -310,8 +308,9 @@ pub async fn delete_user_role(
             )
             .await
             .change_context(UserErrors::InternalServerError)
-            .attach_printable("Error while deleting user role")?;
+            .attach_printable("Error while deleting user role")?
+    };
 
-        Ok(ApplicationResponse::StatusOk)
-    }
+    auth::blacklist::insert_user_in_blacklist(&state, &deleted_user_role.user_id).await?;
+    Ok(ApplicationResponse::StatusOk)
 }
diff --git a/crates/router/src/db/kafka_store.rs b/crates/router/src/db/kafka_store.rs
index 73b519e544..b094d1447e 100644
--- a/crates/router/src/db/kafka_store.rs
+++ b/crates/router/src/db/kafka_store.rs
@@ -2376,7 +2376,7 @@ impl UserRoleInterface for KafkaStore {
         &self,
         user_id: &str,
         merchant_id: &str,
-    ) -> CustomResult<bool, errors::StorageError> {
+    ) -> CustomResult<user_storage::UserRole, errors::StorageError> {
         self.diesel_store
             .delete_user_role_by_user_id_merchant_id(user_id, merchant_id)
             .await
diff --git a/crates/router/src/db/user_role.rs b/crates/router/src/db/user_role.rs
index 2f61f70b2a..e31a266335 100644
--- a/crates/router/src/db/user_role.rs
+++ b/crates/router/src/db/user_role.rs
@@ -48,7 +48,7 @@ pub trait UserRoleInterface {
         &self,
         user_id: &str,
         merchant_id: &str,
-    ) -> CustomResult<bool, errors::StorageError>;
+    ) -> CustomResult<storage::UserRole, errors::StorageError>;
 
     async fn list_user_roles_by_user_id(
         &self,
@@ -145,8 +145,9 @@ impl UserRoleInterface for Store {
         &self,
         user_id: &str,
         merchant_id: &str,
-    ) -> CustomResult<bool, errors::StorageError> {
+    ) -> CustomResult<storage::UserRole, errors::StorageError> {
         let conn = connection::pg_connection_write(self).await?;
+
         storage::UserRole::delete_by_user_id_merchant_id(
             &conn,
             user_id.to_owned(),
@@ -459,18 +460,19 @@ impl UserRoleInterface for MockDb {
         &self,
         user_id: &str,
         merchant_id: &str,
-    ) -> CustomResult<bool, errors::StorageError> {
+    ) -> CustomResult<storage::UserRole, errors::StorageError> {
         let mut user_roles = self.user_roles.lock().await;
-        let user_role_index = user_roles
+
+        match user_roles
             .iter()
-            .position(|user_role| {
-                user_role.user_id == user_id && user_role.merchant_id == merchant_id
-            })
-            .ok_or(errors::StorageError::ValueNotFound(format!(
-                "No user available for user_id = {user_id}"
-            )))?;
-        user_roles.remove(user_role_index);
-        Ok(true)
+            .position(|role| role.user_id == user_id && role.merchant_id == merchant_id)
+        {
+            Some(index) => Ok(user_roles.remove(index)),
+            None => Err(errors::StorageError::ValueNotFound(
+                "Cannot find user role to delete".to_string(),
+            )
+            .into()),
+        }
     }
 
     async fn list_user_roles_by_user_id(
@@ -521,7 +523,7 @@ impl UserRoleInterface for super::KafkaStore {
         &self,
         user_id: &str,
         merchant_id: &str,
-    ) -> CustomResult<bool, errors::StorageError> {
+    ) -> CustomResult<storage::UserRole, errors::StorageError> {
         self.diesel_store
             .delete_user_role_by_user_id_merchant_id(user_id, merchant_id)
             .await