4.21. Organisation Administrator - Delete organisation users

Id	4.21.
Description	As an Organisation Administrator, I want to be able to mark users of my organisation for deletion, So that I can ensure that users that do no longer require access to the System have their access revoked.
Priority	Medium
Actors	Organisation Administrator
API Calls	PUT /admin/api-users/<user-id> PATCH /admin/api-users/<user-id> DELETE /admin/api-users/<user-id>
Linked Processes
Status	Implemented

Preconditions

The User must be authenticated and have the Organisation Administrator role.
The user to be deleted must exist on the platform and belong to the Organisation Administrator’s organisation

Postconditions

The user is marked as “inactive”.
The user is disabled and can no longer login or use the system in any way.
After a period of X days (configurable by the Application Administrator), all personal data of that user is deleted (name, lastname, email) and replaced by generic data.
IMPORTANT: No data entries linked to the vertical cabling datasets that are linked to that user are deleted! The organisation information, to which that user was linked is kept.

Main flow

The Organisation Administrator retrieves a list of existing users that belong to his organisation with their details and roles (GET).
The Organisation Administrator uses an API to modify the existing user and the flag “active=false” (PUT/PATCH).
The system validates the input data.
The system saves the changes and updates the user list.
After the pre-defined period the system deletes all personal data linked to the inactive user.

Exceptions

[400 Bad Request] Invalid input:

If mandatory fields are missing or invalid, the system returns an error message.

[403 Forbidden] User cannot delete himself

If the Organisation Administrator attempts to delete his own user, an error will be returned.

[404 Not found] User not found

If the Organisation Administrator attempts to modify a user that does not exist or does not belong to his organisation, the system returns an error and prevents the action.

[500 Internal Server Error] System Error

If the system fails to save changes due to an internal error, it displays an appropriate message and logs the error for further investigation.

1.1. Change log

2.1. Context

2.2. Document purpose and scope

2.3. Targeted audience

3.1. User management

3.2. Roles

4.1. User - Profile management [canceled]

4.2. User - Change password

4.3. User - Manage user secrets [canceled]

4.4. Application Administrator - Create users

4.5. Application Administrator - Update users

4.6. Application Administrator - Delete users

4.7. Application Administrator - Recover users marked for deletion

4.8. Application Administrator - Create access tokens [new]

4.9. Application Administrator - Delete access tokens [new]

4.10. Application Administrator - View audit logs

4.11. Application Administrator - View all data on the platform

4.12. Application Administrator - Restore deleted records

4.13. Application Administrator - Un-reject/approve an approved/rejected record

4.14. Application Administrator - Export all

4.15. Application Administrator - Monitoring

4.16. Application Administrator - Alerting

4.17. Application Administrator - Lightweight Administration Panel

4.18. Application Administrator - Define webhooks [new]

4.19. Organisation Administrator - Create organisation users

4.20. Organisation Administrator - Update organisation users

4.21. Organisation Administrator - Delete organisation users

4.22. Organisation Approver - Recover organisation users marked for deletion

4.23. Organisation Administrator - Create organisation access tokens [new]

4.24. Organisation Administrator - Delete organisation access tokens [new]

4.25. Organisation Administrator - View organisation audit logs

4.26. Organisation Administrator - Un-reject/approve an approved/rejected record lined to organisation

4.27. Organisation Administrator - Restore records deleted by the organisation

4.28. Editor - Create temporary address

4.29. Editor - Create an additional temporary address for an existing site

4.30. Editor - Create an additional temporary address for an existing block

4.31. Editor - Add a site

4.32. Editor - Update a site

4.33. Editor - Delete a site

4.34. Editor - Add a block

4.35. Editor - Update a block

3.36. Editor - Delete a block

4.37. Editor - Add a unit

4.38. Editor - Update a unit

4.39. Editor - Delete a unit

4.40. Editor - Add an equipment

4.41. Editor - Update an equipment

4.42. Editor - Delete an equipment

4.43. Editor - Attach pictures [postponed]

4.44. Editor - Delete Pictures [postponed]

4.45. Editor - Search a site by address

4.46. Editor - Send an update vertical cabling request

4.47. Approver - Approve deleted site request

4.48. Approver - Approve deleted block request

4.49. Approver - Approve deleted unit request

4.50. Approver - Approve deleted equipment request

4.51. Approver - Approve or reject update vertical cabling request

4.52. Organisation Approver - Approve deleted site request for organisation

4.53. Organisation Approver - Approve deleted block request for organisation

4.54. Organisation Approver - Approve deleted unit request for organisation

4.55. Organisation Approver - Approve delete equipment request for organisation

4.56. Organisation Approver - Approve or reject update vertical cabling request for organisation

4.57. Analyst - Access to all data

4.58. Analyst - Querying data

4.59. Analyst - Query historical data

4.60. Analyst - Query audit logs

4.61. Analyst - Export data [to be reviewed]

4.62. Analyst - Integrate external applications [to be reviewed]

4.63. Analyst - Un-reject/approve an approved/rejected record

4.64. Viewer - Search sites/blocks/units/equipments by address

4.65. Viewer - Read single entries by ID

4.66. Viewer - Read different versions of connections

4.67. ETL - Retrieve addresses

4.68. ETL - Create and update addresses

6.1. User management

6.2. Address ingestion

6.3. Versioning, approvals and audit logs

6.4. Data privacy

6.5. Data quality

6.6. Data governance