Clarify delete_user_data and get_user functions of gdpr api

City-of-Helsinki · Nov 19, 2024 · 4d1a10f · 4d1a10f
1 parent 8e63439
commit 4d1a10f
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 2 deletions.
diff --git a/gdpr/utils.py b/gdpr/utils.py
@@ -1,10 +1,13 @@
+from helsinki_gdpr.views import DryRunException
+
 from users.models import User
 
 
 def get_user(user: User) -> User:
     """
     Get the user provider, as User is the GDPR API root model. GDPR API implementation
     by default attempts to get it from the root models user attribute.
+    This function is used by defining it as the value for setting `GDPR_API_USER_PROVIDER`.
     """
     return user
 
@@ -13,4 +16,7 @@ def delete_user_data(user: User, dry_run: bool) -> None:
     """
     Delete user data.
     """
-    user.delete()
+    if dry_run:
+        raise DryRunException("Dry run. Rollback delete transaction.")
+    else:
+        user.delete()
diff --git a/mvj/settings.py b/mvj/settings.py
@@ -108,7 +108,7 @@ def get_git_revision_hash():
     GDPR_API_MODEL_LOOKUP=(str, "uuid"),
     GDPR_API_QUERY_SCOPE=(str, ""),
     GDPR_API_DELETE_SCOPE=(str, ""),
-    GDPR_API_USER_PROVIDER=(str, ""),
+    GDPR_API_USER_PROVIDER=(str, "gdpr.utils.get_user"),
     GDPR_API_DELETER=(str, "gdpr.utils.delete_user_data"),
 )