backend/tests/test_organizations_delete_api.py

# ruff: noqa: INP001, S101
"""Tests for organization deletion API behavior and authorization."""

from __future__ import annotations

from dataclasses import dataclass, field
from typing import Any
from uuid import uuid4

import pytest
from fastapi import HTTPException, status

from app.api import organizations
from app.models.organization_members import OrganizationMember
from app.models.organizations import Organization
from app.services.organizations import OrganizationContext


@dataclass
class _FakeSession:
    executed: list[object] = field(default_factory=list)
    committed: int = 0

    async def exec(self, statement: object) -> None:
        self.executed.append(statement)

    async def execute(self, statement: object) -> None:
        self.executed.append(statement)

    async def commit(self) -> None:
        self.committed += 1


@pytest.mark.asyncio
async def test_delete_my_org_cleans_dependents_before_organization_delete() -> None:
    """Delete flow should remove dependent rows before the organization row."""
    session: Any = _FakeSession()
    org_id = uuid4()
    ctx = OrganizationContext(
        organization=Organization(id=org_id, name=f"org-{org_id}"),
        member=OrganizationMember(
            organization_id=org_id,
            user_id=uuid4(),
            role="owner",
        ),
    )

    await organizations.delete_my_org(
        session=session,
        ctx=ctx,
    )

    executed_tables = [statement.table.name for statement in session.executed]
    assert executed_tables == [
        "activity_events",
        "activity_events",
        "task_dependencies",
        "task_fingerprints",
        "approval_task_links",
        "approvals",
        "board_memory",
        "board_webhook_payloads",
        "board_webhooks",
        "board_onboarding_sessions",
        "organization_board_access",
        "organization_invite_board_access",
        "organization_board_access",
        "organization_invite_board_access",
        "tasks",
        "agents",
        "boards",
        "board_group_memory",
        "board_groups",
        "gateways",
        "organization_invites",
        "organization_members",
        "users",
        "organizations",
    ]
    assert session.committed == 1


@pytest.mark.asyncio
async def test_delete_my_org_requires_owner_role() -> None:
    """Delete flow should reject non-owner members with HTTP 403."""
    session: Any = _FakeSession()
    org_id = uuid4()
    ctx = OrganizationContext(
        organization=Organization(id=org_id, name=f"org-{org_id}"),
        member=OrganizationMember(
            organization_id=org_id,
            user_id=uuid4(),
            role="admin",
        ),
    )

    with pytest.raises(HTTPException) as exc_info:
        await organizations.delete_my_org(
            session=session,
            ctx=ctx,
        )

    assert exc_info.value.status_code == status.HTTP_403_FORBIDDEN
    assert session.executed == []
    assert session.committed == 0
refactor: update module docstrings for clarity and consistency 2026-02-09 15:49:50 +05:30			`# ruff: noqa: INP001, S101`
			`"""Tests for organization deletion API behavior and authorization."""`

feat: implement organization deletion with cascading cleanup of associated resources 2026-02-09 00:22:37 +05:30			`from __future__ import annotations`

			`from dataclasses import dataclass, field`
refactor: replace DefaultLimitOffsetPage with LimitOffsetPage in multiple files and update timezone handling to use UTC 2026-02-09 20:40:17 +05:30			`from typing import Any`
feat: implement organization deletion with cascading cleanup of associated resources 2026-02-09 00:22:37 +05:30			`from uuid import uuid4`

			`import pytest`
			`from fastapi import HTTPException, status`

			`from app.api import organizations`
refactor: replace DefaultLimitOffsetPage with LimitOffsetPage in multiple files and update timezone handling to use UTC 2026-02-09 20:40:17 +05:30			`from app.models.organization_members import OrganizationMember`
			`from app.models.organizations import Organization`
			`from app.services.organizations import OrganizationContext`
refactor: update module docstrings for clarity and consistency 2026-02-09 15:49:50 +05:30
feat: implement organization deletion with cascading cleanup of associated resources 2026-02-09 00:22:37 +05:30
			`@dataclass`
			`class _FakeSession:`
refactor: update module docstrings for clarity and consistency 2026-02-09 15:49:50 +05:30			`executed: list[object] = field(default_factory=list)`
feat: implement organization deletion with cascading cleanup of associated resources 2026-02-09 00:22:37 +05:30			`committed: int = 0`

refactor: update module docstrings for clarity and consistency 2026-02-09 15:49:50 +05:30			`async def exec(self, statement: object) -> None:`
refactor: update migration paths and improve database operation handling 2026-02-09 00:51:26 +05:30			`self.executed.append(statement)`

refactor: update module docstrings for clarity and consistency 2026-02-09 15:49:50 +05:30			`async def execute(self, statement: object) -> None:`
feat: implement organization deletion with cascading cleanup of associated resources 2026-02-09 00:22:37 +05:30			`self.executed.append(statement)`

			`async def commit(self) -> None:`
			`self.committed += 1`


			`@pytest.mark.asyncio`
			`async def test_delete_my_org_cleans_dependents_before_organization_delete() -> None:`
refactor: update module docstrings for clarity and consistency 2026-02-09 15:49:50 +05:30			`"""Delete flow should remove dependent rows before the organization row."""`
refactor: replace DefaultLimitOffsetPage with LimitOffsetPage in multiple files and update timezone handling to use UTC 2026-02-09 20:40:17 +05:30			`session: Any = _FakeSession()`
feat: implement organization deletion with cascading cleanup of associated resources 2026-02-09 00:22:37 +05:30			`org_id = uuid4()`
refactor: replace DefaultLimitOffsetPage with LimitOffsetPage in multiple files and update timezone handling to use UTC 2026-02-09 20:40:17 +05:30			`ctx = OrganizationContext(`
			`organization=Organization(id=org_id, name=f"org-{org_id}"),`
			`member=OrganizationMember(`
			`organization_id=org_id,`
			`user_id=uuid4(),`
			`role="owner",`
			`),`
feat: implement organization deletion with cascading cleanup of associated resources 2026-02-09 00:22:37 +05:30			`)`

refactor: update module docstrings for clarity and consistency 2026-02-09 15:49:50 +05:30			`await organizations.delete_my_org(`
refactor: replace DefaultLimitOffsetPage with LimitOffsetPage in multiple files and update timezone handling to use UTC 2026-02-09 20:40:17 +05:30			`session=session,`
refactor: update module docstrings for clarity and consistency 2026-02-09 15:49:50 +05:30			`ctx=ctx,`
			`)`
feat: implement organization deletion with cascading cleanup of associated resources 2026-02-09 00:22:37 +05:30
			`executed_tables = [statement.table.name for statement in session.executed]`
			`assert executed_tables == [`
			`"activity_events",`
			`"activity_events",`
			`"task_dependencies",`
			`"task_fingerprints",`
feat: add approval-task links model and related functionality for task associations 2026-02-11 20:27:04 +05:30			`"approval_task_links",`
feat: implement organization deletion with cascading cleanup of associated resources 2026-02-09 00:22:37 +05:30			`"approvals",`
			`"board_memory",`
feat: add board webhook configuration and payload models 2026-02-13 00:31:32 +05:30			`"board_webhook_payloads",`
			`"board_webhooks",`
feat: implement organization deletion with cascading cleanup of associated resources 2026-02-09 00:22:37 +05:30			`"board_onboarding_sessions",`
			`"organization_board_access",`
			`"organization_invite_board_access",`
			`"organization_board_access",`
			`"organization_invite_board_access",`
			`"tasks",`
			`"agents",`
			`"boards",`
			`"board_group_memory",`
			`"board_groups",`
			`"gateways",`
			`"organization_invites",`
			`"organization_members",`
			`"users",`
			`"organizations",`
			`]`
			`assert session.committed == 1`


			`@pytest.mark.asyncio`
			`async def test_delete_my_org_requires_owner_role() -> None:`
refactor: update module docstrings for clarity and consistency 2026-02-09 15:49:50 +05:30			`"""Delete flow should reject non-owner members with HTTP 403."""`
refactor: replace DefaultLimitOffsetPage with LimitOffsetPage in multiple files and update timezone handling to use UTC 2026-02-09 20:40:17 +05:30			`session: Any = _FakeSession()`
			`org_id = uuid4()`
			`ctx = OrganizationContext(`
			`organization=Organization(id=org_id, name=f"org-{org_id}"),`
			`member=OrganizationMember(`
			`organization_id=org_id,`
			`user_id=uuid4(),`
			`role="admin",`
			`),`
feat: implement organization deletion with cascading cleanup of associated resources 2026-02-09 00:22:37 +05:30			`)`

			`with pytest.raises(HTTPException) as exc_info:`
refactor: update module docstrings for clarity and consistency 2026-02-09 15:49:50 +05:30			`await organizations.delete_my_org(`
refactor: replace DefaultLimitOffsetPage with LimitOffsetPage in multiple files and update timezone handling to use UTC 2026-02-09 20:40:17 +05:30			`session=session,`
refactor: update module docstrings for clarity and consistency 2026-02-09 15:49:50 +05:30			`ctx=ctx,`
			`)`
feat: implement organization deletion with cascading cleanup of associated resources 2026-02-09 00:22:37 +05:30
			`assert exc_info.value.status_code == status.HTTP_403_FORBIDDEN`
			`assert session.executed == []`
			`assert session.committed == 0`