Merge branch 'master' into PRWLR-6064-change-user-deletion-api-response

test(api): add test for unexpected exception during user deletion
chore: fix formatting issues in views.py
2025-12-19 05:17:47 +00:00 · 2025-07-16 11:23:32 +05:30 · 2025-07-15 16:42:09 +05:30 · 2025-07-15 14:21:14 +05:30 · 2025-07-15 14:11:41 +05:30 · 2025-07-15 13:03:01 +05:30
3 changed files with 26 additions and 1 deletions
--- a/api/CHANGELOG.md
+++ b/api/CHANGELOG.md
@@ -12,6 +12,7 @@ All notable changes to the **Prowler API** are documented in this file.
 - `/processors` endpoints to post-process findings. Currently, only the Mutelist processor is supported to allow to mute findings.
 - Optimized the underlying queries for resources endpoints [(#8112)](https://github.com/prowler-cloud/prowler/pull/8112)
 - Optimized include parameters for resources view [(#8229)](https://github.com/prowler-cloud/prowler/pull/8229)
+- Improved user deletion error handling with structured JSON response [(#8272)](https://github.com/prowler-cloud/prowler/pull/8272)

 ### Fixed
 - Search filter for findings and resources [(#8112)](https://github.com/prowler-cloud/prowler/pull/8112)
--- a/api/src/backend/api/tests/test_views.py
+++ b/api/src/backend/api/tests/test_views.py
@@ -324,6 +324,19 @@ class TestUserViewSet:
        assert response.status_code == status.HTTP_400_BAD_REQUEST
        assert User.objects.filter(id=another_user.id).exists()

+    def test_users_destroy_unexpected_exception(
+        self, authenticated_client, create_test_user
+    ):
+        with patch(
+            "api.v1.views.UserViewSet.perform_destroy",
+            side_effect=Exception("Unexpected"),
+        ):
+            response = authenticated_client.delete(
+                reverse("user-detail", kwargs={"pk": create_test_user.id})
+            )
+        assert response.status_code == status.HTTP_400_BAD_REQUEST
+        assert response.json()["errors"][0]["detail"] == "Failed to delete the user"
+
    @pytest.mark.parametrize(
        "attribute_key, attribute_value, error_field",
        [
--- a/api/src/backend/api/v1/views.py
+++ b/api/src/backend/api/v1/views.py
@@ -779,7 +779,18 @@ class UserViewSet(BaseUserViewset):
        if kwargs["pk"] != str(self.request.user.id):
            raise ValidationError("Only the current user can be deleted.")

-        return super().destroy(request, *args, **kwargs)
+        try:
+            return super().destroy(request, *args, **kwargs)
+        except Exception:
+            raise ValidationError(
+                [
+                    {
+                        "detail": "Failed to delete the user",
+                        "status": "400",
+                        "code": "delete_failed",
+                    }
+                ]
+            )

    @extend_schema(
        parameters=[
Author	SHA1	Message	Date
sumit_chaturvedi	c7b6f03bbe	Merge branch 'master' into PRWLR-6064-change-user-deletion-api-response	2025-07-16 11:23:32 +05:30
sumit_chaturvedi	52996af891	test(api): add test for unexpected exception during user deletion	2025-07-15 16:42:09 +05:30
sumit_chaturvedi	dd16d896a9	chore: fix formatting issues in views.py	2025-07-15 14:21:14 +05:30
sumit_chaturvedi	a53d03e36e	docs: changelog update	2025-07-15 14:11:41 +05:30
sumit_chaturvedi	15e87f5a02	fix(users): Add user deletion error handling to return expected response format	2025-07-15 13:03:01 +05:30