in server/TenantManagementService/user-management.py [0:0]
def disable_users_by_tenant(event, context):
logger.info("Request received to disable users by tenant")
logger.info(event)
tenantid_to_update = event['tenantId']
tenant_user_pool_id = event['userPoolId']
user_role = event['userRole']
requesting_tenant_id = event['requestingTenantId']
tracer.put_annotation(key="TenantId", value=tenantid_to_update)
if ((auth_manager.isTenantAdmin(user_role) and tenantid_to_update == requesting_tenant_id) or auth_manager.isSystemAdmin(user_role)):
filtering_exp = Key('tenantId').eq(tenantid_to_update)
response = table_tenant_user_map.query(KeyConditionExpression=filtering_exp)
users = response.get('Items')
for user in users:
response = client.admin_disable_user(
Username=user['userName'],
UserPoolId=tenant_user_pool_id
)
logger.info(response)
logger.info("Request completed to disable users")
return utils.create_success_response("Users disabled")
else:
logger.info("Request completed as unauthorized. Only tenant admin or system admin can update!")
return utils.create_unauthorized_response()