Fix/user deletion

[digmunhoz]

Description

Fixes for user deletion and profile sync on social login:

User deletion

• Delete user_social_accounts before deleting the user (avoids NOT NULL violation on user_id).
• Block deletion when the user is owner of an organization: return an error with organization names and instruct to transfer ownership.
• Delete organization_members (and related group_members) for the user before deletion to avoid FK violation on organization_members.

Social login (OAuth)

• Update user full_name and avatar_url from provider data when:
  • the user already has a linked social account and logs in again, or
  • an existing user (by email) links social login for the first time.

Tests

• In the integration conftest, normalize User.uuid (string → uuid.UUID) in before_flush for SQLite so test_delete_user_success passes when a commit() runs in the middle of the delete flow.

Related Issue

Closes #

Type of Change

• 🐛 Bug fix (non-breaking change that fixes an issue)
• ✨ New feature (non-breaking change that adds functionality)
• 💥 Breaking change (fix or feature that would cause existing functionality to change)
• 📚 Documentation update
• 🔧 Refactoring (no functional changes)
• 🧪 Tests (adding or updating tests)
• 🏗️ Infrastructure/CI changes

Component Affected

• API (backend)
• Portal (frontend)
• Documentation
• CI/CD
• Other:

Checklist

General

• I have read the CONTRIBUTING.md guidelines
• My code follows the project's code style
• I have performed a self-review of my code
• I have commented my code in hard-to-understand areas
• My changes generate no new warnings or errors

Testing

• I have added tests that prove my fix/feature works
• New and existing unit tests pass locally with my changes
• I have tested my changes manually

Documentation

• I have updated the documentation accordingly
• I have updated the README if needed

Screenshots (if applicable)

N/A

Test Plan

1. User deletion: Create a user and delete via DELETE /users/{uuid} (admin); user without org and without social accounts is removed successfully.
2. Deletion blocked for owner: Try to delete a user who is owner of an organization; expect 400 with message listing organizations and asking to transfer ownership.
3. Deletion with org member: User is a member (not owner) of an organization; on delete, memberships (and group members) are removed and the user is deleted.
4. Social login: Existing user in the DB logs in with a social provider; confirm full_name and avatar_url are updated on the user (and in /auth/me).
5. Tests: Run make api-test and confirm all 365 tests pass (including test_delete_user_success).

Additional Notes

• New exception: UserIsOrganizationOwnerError (in user_validators); use of OrganizationMemberRepository.delete_by_user_id and UserSocialAccountRepository.delete_by_user_id.
• Conftest change (UUID on SQLite) avoids AttributeError: 'str' object has no attribute 'hex' on flush during commit() inside delete_by_user_id.