Protect against allocation deletions

Author: wtripp180901

coral_credits/api/db_exceptions.py

@@ -20,3 +20,8 @@ class NoResourceClass(Exception):
     """Raised when there is no resource class matching the query"""
 
     pass
+
+class ActiveConsumersInAllocation(Exception):
+    """Raised when trying to delete an allocation with active consumers"""
+
+    pass

coral_credits/api/models.py

@@ -101,8 +101,10 @@ def __str__(self) -> str:
 class Consumer(models.Model):
     consumer_ref = models.CharField(max_length=200)
     consumer_uuid = models.UUIDField()
+    # Should protect against deletion with on_delete=models.DO_NOTHING but means can't
+    # delete accounts with expired consumers so protected against in API instead
     resource_provider_account = models.ForeignKey(
-        ResourceProviderAccount, on_delete=models.DO_NOTHING
+        ResourceProviderAccount, on_delete=models.CASCADE
     )
     user_ref = models.UUIDField()
     created = models.DateTimeField(auto_now_add=True)

coral_credits/api/views.py

@@ -21,6 +21,18 @@ class CreditAllocationViewSet(viewsets.ModelViewSet):
     serializer_class = serializers.CreditAllocationSerializer
     permission_classes = [permissions.IsAuthenticated]
 
+    def destroy(self, request, pk=None):
+        allocation = get_object_or_404(self.queryset, pk=pk)
+        active_consumers = models.Consumer.objects.filter(
+            resource_provider_account__account__pk=allocation.account.pk
+        )
+        current_time = make_aware(datetime.now())
+        for consumer in active_consumers:
+            if current_time < consumer.end:
+                return _http_403_forbidden(repr(db_exceptions.ActiveConsumersInAllocation))
+        else:
+            return super().destroy(request)
+
 
 class CreditAllocationResourceViewSet(viewsets.ModelViewSet):
     serializer_class = serializers.CreditAllocationResourceSerializer