From 5f6e8968c7247cefd72e5862e12b9ee171a3007b Mon Sep 17 00:00:00 2001
From: David Kennedy <david.kennedy@associates.cisa.dhs.gov>
Date: Thu, 24 Oct 2024 16:27:40 -0400
Subject: [PATCH] minimal delete views for member and invitedmember

---
 src/registrar/assets/js/get-gov.js | 20 +++++++++-----------
 src/registrar/config/urls.py       | 10 ++++++++++
 src/registrar/views/portfolios.py  | 14 +++++++++-----
 3 files changed, 28 insertions(+), 16 deletions(-)

diff --git a/src/registrar/assets/js/get-gov.js b/src/registrar/assets/js/get-gov.js
index 129b92708..96c7929a5 100644
--- a/src/registrar/assets/js/get-gov.js
+++ b/src/registrar/assets/js/get-gov.js
@@ -2197,21 +2197,21 @@ class MembersTable extends LoadTableBase {
   */
   deleteMember(member_delete_url, pageToDisplay) {
     // Use to debug uswds modal issues
-    //console.log('deleteDomainRequest')
+    console.log(member_delete_url)
     
     // Get csrf token
     const csrfToken = getCsrfToken();
     // Create FormData object and append the CSRF token
-    const formData = `csrfmiddlewaretoken=${encodeURIComponent(csrfToken)}&delete-member=`;
+    const formData = `csrfmiddlewaretoken=${encodeURIComponent(csrfToken)}`;
 
     fetch(`${member_delete_url}`, {
-      method: 'DELETE',
+      method: 'POST',
       headers: {
-        'Content-Type': 'application/json',
+        'Content-Type': 'application/x-www-form-urlencoded',
         'X-CSRFToken': csrfToken,
       },
-      credentials: 'same-origin'
-      // body: formData
+      body: formData
+
     })
     .then(response => {
       if (!response.ok) {
@@ -2325,10 +2325,8 @@ class MembersTable extends LoadTableBase {
           }
 
           data.members.forEach(member => {
-            const member_source = member.source === "permissions" ? "member" : "invitedmember";
-            const member_id = member_source + member.id;
-            // member_id is actually the permission_id
-            const submit_delete_url = `/${member_source}/${member.id}`
+            const member_id = member.source + member.id;
+            const submit_delete_url = member.action_url + "/delete";
             const member_name = member.name;
             const member_display = member.member_display;
             const member_permissions = member.permissions;
@@ -2429,7 +2427,7 @@ class MembersTable extends LoadTableBase {
               // Pass member_delete_url in to delete
               // TODO: Use the PK to call a separate function that triggers a new backend AJAX call 
               // to delete their UserDomainRoles only for this portfolio + remove their UserPortfolioPermissions
-              alert('modal submit')
+              //alert('modal submit')
 
             });
           });
diff --git a/src/registrar/config/urls.py b/src/registrar/config/urls.py
index cb4e32c4d..1e9c5dbf3 100644
--- a/src/registrar/config/urls.py
+++ b/src/registrar/config/urls.py
@@ -91,6 +91,11 @@ urlpatterns = [
         views.PortfolioMemberView.as_view(),
         name="member",
     ),
+    path(
+        "member/<int:pk>/delete",
+        views.PortfolioMemberDeleteView.as_view(),
+        name="member-delete",
+    ),
     path(
         "member/<int:pk>/permissions",
         views.PortfolioMemberEditView.as_view(),
@@ -101,6 +106,11 @@ urlpatterns = [
         views.PortfolioInvitedMemberView.as_view(),
         name="invitedmember",
     ),
+    path(
+        "invitedmember/<int:pk>/delete",
+        views.PortfolioInvitedMemberDeleteView.as_view(),
+        name="invitedmember-delete",
+    ),
     path(
         "invitedmember/<int:pk>/permissions",
         views.PortfolioInvitedMemberEditView.as_view(),
diff --git a/src/registrar/views/portfolios.py b/src/registrar/views/portfolios.py
index c730f084c..7353e401b 100644
--- a/src/registrar/views/portfolios.py
+++ b/src/registrar/views/portfolios.py
@@ -15,6 +15,7 @@ from registrar.models import Portfolio, User
 from registrar.models.portfolio_invitation import PortfolioInvitation
 from registrar.models.user_portfolio_permission import UserPortfolioPermission
 from registrar.models.utility.portfolio_helper import UserPortfolioPermissionChoices, UserPortfolioRoleChoices
+from registrar.views.utility.mixins import PortfolioInvitedMemberPermission, PortfolioMemberPermission
 from registrar.views.utility.permission_views import (
     PortfolioDomainRequestsPermissionView,
     PortfolioDomainsPermissionView,
@@ -99,8 +100,9 @@ class PortfolioMemberView(PortfolioMemberPermissionView, View):
             },
         )
 
-    @csrf_exempt
-    def delete(self, request, pk):
+class PortfolioMemberDeleteView(PortfolioMemberPermission, View):    
+    
+    def post(self, request, pk):
         """
         Find and delete the portfolio member using the provided primary key (pk).
         Redirect to a success page after deletion (or any other appropriate page).
@@ -188,10 +190,12 @@ class PortfolioInvitedMemberView(PortfolioInvitedMemberPermissionView, View):
             },
         )
 
-    @csrf_exempt
-    def delete(self, request, pk):
+
+class PortfolioInvitedMemberDeleteView(PortfolioInvitedMemberPermission, View):    
+    
+    def post(self, request, pk):
         """
-        Find and delete the portfolio invitation using the provided primary key (pk).
+        Find and delete the portfolio invited member using the provided primary key (pk).
         Redirect to a success page after deletion (or any other appropriate page).
         """
         portfolio_invitation = get_object_or_404(PortfolioInvitation, pk=pk)