From 9f2ac99390aadd40ab5ecfb5f45f832e58c2bfd5 Mon Sep 17 00:00:00 2001
From: Adurti <adurti.v@tataelxsi.co.in>
Date: Mon, 25 Mar 2024 10:58:29 +0000
Subject: [PATCH] Bug 2357 Fixed: Session expiry while deleting non-session
 Project-Role

Change-Id: Ifc14e2e5c6cc167cbbca02e2dc9bc6dc16d649ae
Signed-off-by: Adurti <adurti.v@tataelxsi.co.in>
---
 osm_nbi/admin_topics.py            | 12 ++++++++++++
 osm_nbi/authconn_internal.py       |  5 ++++-
 osm_nbi/tests/test_admin_topics.py |  6 ++++++
 3 files changed, 22 insertions(+), 1 deletion(-)

diff --git a/osm_nbi/admin_topics.py b/osm_nbi/admin_topics.py
index b4f8980..a98e2ff 100644
--- a/osm_nbi/admin_topics.py
+++ b/osm_nbi/admin_topics.py
@@ -1105,6 +1105,17 @@ class UserTopicAuth(UserTopic):
                         http_code=HTTPStatus.UNPROCESSABLE_ENTITY,
                     )
 
+            # check before deleting project-role
+            delete_session_project = False
+            if indata.get("remove_project_role_mappings"):
+                for pr in indata["remove_project_role_mappings"]:
+                    project_name = pr.get("project")
+                    project_details = self.db.get_one(
+                        "projects", {"_id": session.get("project_id")[0]}
+                    )
+                    if project_details["name"] == project_name:
+                        delete_session_project = True
+
             # password change
             if indata.get("password"):
                 if not session.get("admin_show"):
@@ -1212,6 +1223,7 @@ class UserTopicAuth(UserTopic):
                     "renew": indata.get("renew"),
                     "session_user": session.get("username"),
                     "email_id": indata.get("email_id"),
+                    "remove_session_project": delete_session_project,
                 }
             )
             data_to_send = {"_id": _id, "changes": indata}
diff --git a/osm_nbi/authconn_internal.py b/osm_nbi/authconn_internal.py
index cf8c55a..cfd23af 100644
--- a/osm_nbi/authconn_internal.py
+++ b/osm_nbi/authconn_internal.py
@@ -738,7 +738,10 @@ class AuthconnInternal(Authconn):
         self.db.set_one(self.users_collection, {idf: uid}, user_data)
         if user_info.get("remove_project_role_mappings"):
             idf = "user_id" if idf == "_id" else idf
-            self.db.del_list(self.tokens_collection, {idf: uid})
+            if not user_data.get("project_role_mappings") or user_info.get(
+                "remove_session_project"
+            ):
+                self.db.del_list(self.tokens_collection, {idf: uid})
 
     def delete_user(self, user_id):
         """
diff --git a/osm_nbi/tests/test_admin_topics.py b/osm_nbi/tests/test_admin_topics.py
index 2ecdbf7..101604c 100755
--- a/osm_nbi/tests/test_admin_topics.py
+++ b/osm_nbi/tests/test_admin_topics.py
@@ -926,6 +926,12 @@ class Test_UserTopicAuth(TestCase):
         uid = str(uuid4())
         pid1 = str(uuid4())
         rid1 = str(uuid4())
+        test_project = {
+            "_id": test_pid,
+            "name": "test",
+            "_admin": {"created": now, "modified": now},
+        }
+        self.db.create("projects", test_project)
         self.fake_session["user_id"] = uid
         self.fake_session["admin_show"] = True
         prms = [
-- 
2.25.1