docs: adjust delete technical user documentation (#393)

eclipse-tractusx/portal-backend#950
eclipse-tractusx · Sep 11, 2024 · df9ab78 · df9ab78
1 parent 572a47c
commit df9ab78
Showing 1 changed file with 28 additions and 30 deletions.
diff --git a/docs/developer/03. User Management/03. Technical User/04. Delete Technical User.md b/docs/developer/03. User Management/03. Technical User/04. Delete Technical User.md
@@ -5,55 +5,53 @@ To delete an user, just open up the user details and click the "delete" button.
 
 <img width="558" alt="image" src="https://raw.githubusercontent.com/eclipse-tractusx/portal-assets/main/docs/static/delete-technical-user.png">
 
-<br>
-<br>
-<br>
-<br>
-
 #### Currently not supported:
 
 update technical user secret
 
-<br>
-<br>
-
 ### Delete Service Account
 
 Delete an existing service account  
 Only service accounts of the own company can get deleted.
 Permission: "delete_tech_user_management"
-<br>
-<br>
+
 As part of the deletion API, the following tasks get executed:
 
-- Delete service account inside the central identity provider
-- Technical user record is set to "INACTIVE"
+```mermaid
+flowchart TD
+    A(API delete call) -->|Pass the service account id| B["`Receive service account
+     for company`"]
+    B --> C{Service account exists is active and user has access}
+    C --> |true| D{"`Linked to active/pending connector`"}
+    C --> |false| E("Error 404 - serviceAccount {serviceAccountId} not found for company {companyId}")
+    D --> |false| F{"`Linked to active
+     offer subscription`"}
+    D --> |true| G("`Error 409 - Technical User is linked to an active connector. Change the link or deactivate the connector to delete the technical user.`")
+    F --> |false| H{Is external user}
+    F --> |true| I("`Error 409 - Technical User is linked to an active subscription. Deactivate the subscription to delete the technical user.`")
+    H --> |true| J{"`Create process still
+     in progress`"}
+    J --> |true| K("`Error 409 - Technical user can't be deleted because the creation progress is still running`")
+    J --> |false| L("`Create delete process
+    set state to PENDING_DELETION`")
+    H --> |false| M{has clientClientId}
+    M --> |true| N(Delete client from keycloak)
+    M --> |false| O(set state to DELETE)
+    N --> O
+```
+
+Endpoint can be called via:
 
 ```diff
 ! DELETE: api/administration/owncompany/serviceaccounts/{serviceAccountId}
 ```
 
 Validation:
 
-- only owned or managed service account can get deleted
-- the deletion is not possible if the user is linked to an active subscription
-
-<br>
-
-<br>
-
-Request body
-
-    	n/a
-    	managed via endpoint path
-
-<br>
-<br>
-
-> **_NOTE:_** Technical user owner as well as provider (managed tech user owner) can run the delete endpoint - however deletion is not possible if subscription/connector are still active.
+- only owned or managed service account that are active can get deleted
+- the deletion is not possible if the user is linked to an `active` offer subscription or an connector in state `active` or `pending`
 
-<br>
-<br>
+> **_NOTE:_** Technical user owner as well as provider (managed tech user owner) can run the delete endpoint.
 
 ## NOTICE