Remove local tenant creation, and soft delete functionality adn endpoints

Author: sonal-aot

extensions/m8flow-backend/src/m8flow_backend/api.yml

@@ -3,44 +3,6 @@ info:
   version: 1.0.0
   title: m8flow-backend-extension
 paths:
-  /create-tenant:
-    post:
-      summary: Create a new tenant
-      operationId: m8flow_backend.routes.tenant_controller.create_tenant
-      tags:
-        - Tenant
-      requestBody:
-        required: true
-        content:
-          application/json:
-            schema:
-              $ref: "#/components/schemas/CreateTenantRequest"
-      responses:
-        "201":
-          description: Tenant created successfully
-          content:
-            application/json:
-              schema:
-                $ref: "#/components/schemas/TenantResponse"
-        "400":
-          description: Bad request - missing required fields
-          content:
-            application/json:
-              schema:
-                $ref: "#/components/schemas/ErrorResponse"
-        "401":
-          description: Unauthorized - user not authenticated
-          content:
-            application/json:
-              schema:
-                $ref: "#/components/schemas/ErrorResponse"
-        "409":
-          description: Conflict - tenant with ID or slug already exists
-          content:
-            application/json:
-              schema:
-                $ref: "#/components/schemas/ErrorResponse"
-
   /tenant-login-url:
     get:
       summary: Get Keycloak login URL for a tenant realm (unauthenticated)
@@ -368,44 +330,6 @@ paths:
         "500":
           description: Internal server error
 
-    delete:
-      summary: Soft delete a tenant
-      description: Sets the tenant status to DELETED without removing from database
-      operationId: m8flow_backend.routes.tenant_controller.delete_tenant
-      tags:
-        - Tenant
-      parameters:
-        - name: tenant_id
-          in: path
-          required: true
-          schema:
-            type: string
-          description: Unique identifier of the tenant to delete
-      responses:
-        "200":
-          description: Tenant soft deleted successfully
-          content:
-            application/json:
-              schema:
-                $ref: "#/components/schemas/MessageResponse"
-        "400":
-          description: Bad request - tenant already deleted
-          content:
-            application/json:
-              schema:
-                $ref: "#/components/schemas/ErrorResponse"
-        "401":
-          description: Unauthorized - user not authenticated
-        "403":
-          description: Forbidden - cannot delete default tenant
-          content:
-            application/json:
-              schema:
-                $ref: "#/components/schemas/ErrorResponse"
-        "404":
-          description: Tenant not found
-        "500":
-          description: Internal server error
 
   /templates:
     get:

extensions/m8flow-backend/src/m8flow_backend/routes/tenant_controller.py

@@ -2,7 +2,6 @@
 from spiffworkflow_backend.exceptions.api_error import ApiError
 from m8flow_backend.services.tenant_service import TenantService
 from m8flow_backend.helpers.response_helper import success_response, handle_api_errors
-import uuid
 
 
 def _serialize_tenant(tenant):
@@ -40,27 +39,6 @@ def _require_authenticated_user():
     return user
 
 
-@handle_api_errors
-def create_tenant(body):
-    user = _require_authenticated_user()
-    body = body or {}
-
-    tenant_id = body.get('id', str(uuid.uuid4()))
-    name = body.get('name')
-    slug = body.get('slug')
-    status_str = "ACTIVE"
-
-    tenant = TenantService.create_tenant(
-        tenant_id=tenant_id,
-        name=name,
-        slug=slug,
-        status_str=status_str,
-        user_id=user.username
-    )
-    
-    return success_response(_serialize_tenant(tenant), 201)
-
-
 @handle_api_errors
 def get_tenant_by_id(tenant_id):
     """Fetch tenant by ID."""
@@ -81,16 +59,6 @@ def get_all_tenants():
     tenants = TenantService.get_all_tenants()
     return success_response([_serialize_tenant(t) for t in tenants], 200)
 
-@handle_api_errors
-def delete_tenant(tenant_id):
-    """Soft delete a tenant by setting status to DELETED."""
-    user = _require_authenticated_user()
-    tenant = TenantService.delete_tenant(tenant_id, user.username)
-    
-    return success_response({
-        "message": f"Tenant '{tenant.name}' has been successfully deleted."
-    }, 200)
-
 @handle_api_errors
 def update_tenant(tenant_id, body):
     """Update tenant name and status. Slug cannot be updated."""

extensions/m8flow-backend/src/m8flow_backend/services/authorization_service_patch.py

@@ -12,7 +12,6 @@
 M8FLOW_AUTH_EXCLUSION_ADDITIONS = [
     "m8flow_backend.routes.keycloak_controller.get_tenant_login_url",
     "m8flow_backend.routes.keycloak_controller.create_realm",
-    "m8flow_backend.routes.tenant_controller.create_tenant",
 ]
 M8FLOW_ROLE_GROUP_IDENTIFIERS = frozenset(
     {"super-admin", "tenant-admin", "editor", "viewer", "integrator", "reviewer"}

extensions/m8flow-backend/src/m8flow_backend/services/tenant_service.py

@@ -1,4 +1,3 @@
-from sqlalchemy.exc import IntegrityError
 from m8flow_backend.models.m8flow_tenant import M8flowTenantModel, TenantStatus
 from spiffworkflow_backend.models.db import db
 from spiffworkflow_backend.exceptions.api_error import ApiError
@@ -14,58 +13,6 @@ def _check_not_default_tenant(identifier: str):
                 status_code=403
             )
 
-    @staticmethod
-    def create_tenant(tenant_id: str, name: str, slug: str, status_str: str, user_id: str):
-        if not name:
-             raise ApiError(error_code="missing_name", message="Name is required", status_code=400)
-        if not slug:
-             raise ApiError(error_code="missing_slug", message="Slug is required", status_code=400)
-        
-        # Check if ID already exists
-        existing_id = M8flowTenantModel.query.filter_by(id=tenant_id).first()
-        if existing_id:
-            raise ApiError(
-                error_code="tenant_id_exists", 
-                message=f"Tenant with ID '{tenant_id}' already exists.", 
-                status_code=409
-            )
-
-        existing_slug = M8flowTenantModel.query.filter_by(slug=slug).first()
-        if existing_slug:
-            raise ApiError(
-                error_code="tenant_slug_exists", 
-                message=f"Tenant with slug '{slug}' already exists.", 
-                status_code=409
-            )
-
-        tenant = M8flowTenantModel(
-            id=tenant_id,
-            name=name,
-            slug=slug,
-            status=TenantStatus(status_str),
-            created_by=user_id,
-            modified_by=user_id
-        )
-        
-        try:
-            db.session.add(tenant)
-            db.session.commit()
-            return tenant
-        except IntegrityError:
-            db.session.rollback()
-            raise ApiError(
-                error_code="tenant_conflict", 
-                message="A tenant with this ID or slug already exists.", 
-                status_code=409
-            )
-        except Exception as e:
-            db.session.rollback()
-            raise ApiError(
-                error_code="database_error",
-                message=str(e),
-                status_code=500
-            )
-
     @staticmethod
     def get_tenant_by_id(tenant_id: str):
         TenantService._check_not_default_tenant(tenant_id)
@@ -130,40 +77,6 @@ def get_all_tenants():
                 status_code=500
             )
 
-    @staticmethod
-    def delete_tenant(tenant_id: str, user_id: str):
-        TenantService._check_not_default_tenant(tenant_id)
-        
-        tenant = M8flowTenantModel.query.filter_by(id=tenant_id).first()
-        
-        if not tenant:
-            raise ApiError(
-                error_code="tenant_not_found",
-                message=f"Tenant with ID '{tenant_id}' not found.",
-                status_code=404
-            )
-        
-        if tenant.status == TenantStatus.DELETED:
-            raise ApiError(
-                error_code="tenant_already_deleted",
-                message=f"Tenant with ID '{tenant_id}' is already deleted.",
-                status_code=400
-            )
-        
-        try:
-            tenant.status = TenantStatus.DELETED
-            tenant.modified_by = user_id
-            
-            db.session.commit()
-            return tenant
-        except Exception as e:
-            db.session.rollback()
-            raise ApiError(
-                error_code="database_error",
-                message=f"Error deleting tenant: {str(e)}",
-                status_code=500
-            )
-
     @staticmethod
     def update_tenant(tenant_id: str, name: str | None, status_str: str | None, user_id: str):
         TenantService._check_not_default_tenant(tenant_id)