From 766a16b686227d35a2b5ae52b9426480a01a1e20 Mon Sep 17 00:00:00 2001
From: Stefano Pigozzi <256895@studenti.unimore.it>
Date: Thu, 29 Apr 2021 00:14:38 +0200
Subject: [PATCH] Revert "piccoli fix"

This reverts commit 10c4040da212bb243c0b1dd95eb9dfb0333c9fc3
---
 .../nest_backend/routes/users/user_delete.py  | 28 +++++++++++++++++++
 .../nest_backend/test/user_delete_test.py     | 26 +++++++++++++++++
 2 files changed, 54 insertions(+)
 create mode 100644 code/backend/nest_backend/routes/users/user_delete.py
 create mode 100644 code/backend/nest_backend/test/user_delete_test.py

diff --git a/code/backend/nest_backend/routes/users/user_delete.py b/code/backend/nest_backend/routes/users/user_delete.py
new file mode 100644
index 0000000..892e3fb
--- /dev/null
+++ b/code/backend/nest_backend/routes/users/user_delete.py
@@ -0,0 +1,28 @@
+from flask import render_template, abort, jsonify, request
+from ...database import *
+from flask_jwt_extended import jwt_required
+from ...gestione import *
+from flask_cors import cross_origin
+
+
+@cross_origin()
+@jwt_required()
+def page_user_delete():
+    """
+    API call that allows an user to be deleted from NEST.
+    :parameter email: The email of the user that needs to be removed.
+    :return: JSON-formatted data. If the user has the privilege, the target user exists and differs from the current
+    user, the target gets deleted and a json containing the field "result":"success" is returned.
+    """
+    user = find_user(get_jwt_identity())
+    if not user.isAdmin:
+        return json_error("User is not admin."), 403
+    deluser=request.json.get('email')
+    target = find_user(deluser)
+    if not target:
+        return json_error("User not found."), 404
+    if user == target:
+        return json_error("The user cant delete himself. Its a sin."), 406
+    Base.session.delete(target)
+    Base.session.commit()
+    return json_success("The user has been deleted.")
diff --git a/code/backend/nest_backend/test/user_delete_test.py b/code/backend/nest_backend/test/user_delete_test.py
new file mode 100644
index 0000000..5faa754
--- /dev/null
+++ b/code/backend/nest_backend/test/user_delete_test.py
@@ -0,0 +1,26 @@
+import requests
+import json
+import unittest
+
+auth_code = ""
+
+
+class MyTestCase(unittest.TestCase):
+    def test_user_delete(self):
+        global auth_code
+
+        r = requests.post('http://localhost:5000/api/login', json={'email': 'admin@admin.com', 'password': 'password'})
+        j = json.loads(r.text)
+        assert j['result'] == "success"
+        auth_code = j['data']['access_token']
+
+        r = requests.post(f'http://localhost:5000/api/user/remove', headers={'authorization': "Bearer " + auth_code},
+                          json={'email': 'utente15@nest.com'})
+        j = json.loads(r.text)
+        assert j['result'] == "success"
+
+        print("User_delete eseguito correttamente!")
+
+    print("Testing del metodo user_delete")
+
+