datastore: Add unverify_user method

* Provides a programmatic way to revert user verification. * Avoids the need for direct database modifications. * Enables correction of verification errors from admin panel. * Partially closes <inveniosoftware/invenio-administration#202>
Samk13 · May 4, 2024 · e2f41e1 · e2f41e1
1 parent 345abfc
commit e2f41e1
Show file tree

Hide file tree

Showing 2 changed files with 36 additions and 0 deletions.
diff --git a/invenio_accounts/datastore.py b/invenio_accounts/datastore.py
@@ -2,6 +2,7 @@
 #
 # This file is part of Invenio.
 # Copyright (C) 2015-2024 CERN.
+# Copyright (C) 2024      KTH Royal Institute of Technology.
 #
 # Invenio is free software; you can redistribute it and/or modify it
 # under the terms of the MIT License; see LICENSE file for more details.
@@ -33,6 +34,16 @@ def verify_user(self, user):
             user.confirmed_at = now
         return True
 
+    def unverify_user(self, user):
+        """Unverify a user.
+
+        This method unverifying the user without changing their active status or session information,
+        differentiating it from `deactivate_user` which impacts session and active status.
+        """
+        if user.verified_at is not None:
+            user.verified_at = None
+        return True
+
     def block_user(self, user):
         """Verify a user."""
         now = datetime.utcnow()

diff --git a/tests/test_sessions.py b/tests/test_sessions.py
@@ -2,6 +2,7 @@
 #
 # This file is part of Invenio.
 # Copyright (C) 2015-2018 CERN.
+# Copyright (C) 2022      KTH Royal Institute of Technology.
 #
 # Invenio is free software; you can redistribute it and/or modify it
 # under the terms of the MIT License; see LICENSE file for more details.
@@ -288,3 +289,27 @@ def test_session_ip_no_country(app, users):
         [session] = SessionActivity.query.all()
         assert session.country is None
         assert session.ip == "139.191.247.1"
+
+
+def test_unverify_user(app):
+    """Test unverifying a user."""
+    with app.app_context():
+        now = datetime.datetime.now(datetime.timezone.utc)
+        user = testutils.create_test_user(
+            "[email protected]",
+            verified_at=now,
+            confirmed_at=now,
+            active=True,
+        )
+
+        assert user.confirmed_at is not None
+        assert user.verified_at is not None
+        assert user.active is True
+
+        _datastore.unverify_user(user)
+        db.session.commit()
+
+        # Ensure the user is no longer verified
+        assert user.confirmed_at is not None
+        assert user.active is True
+        assert user.verified_at is None