Archive/screentinker

Fork 0

mirror of https://github.com/screentinker/screentinker.git synced 2026-06-15 10:43:36 -06:00

Commit graph

Author	SHA1	Message	Date
ScreenTinker	0d14db97a6	feat(admin): Delete Organization + Workspace with cascade (#36 ) Platform admins can now cleanly remove a customer org (account ends) or a stray workspace from the UI, instead of raw SQL that risks orphaning resources. The tenant cascade isn't pure DB CASCADE - workspace-scoped tables (devices, content, playlists, ...) are NO ACTION and must be purged before the workspace. Extracted that logic out of deleteUserCascade into shared deleteWorkspaceCascade / deleteOrgCascade helpers (one tested implementation; deleteUserCascade now reuses the purgeWorkspaces extraction). Backend (platform-admin only): GET /api/admin/orgs (list + owner + counts + workspaces), DELETE /api/admin/orgs/:id, DELETE /api/admin/workspaces/:id. UI: an Organizations section in Admin listing every org/workspace with a type-the-name confirmation before the irreversible delete. Tests: org/workspace cascade (real FKs) + endpoint gating/404. Suite 53/53.	2026-06-09 09:22:21 -05:00
ScreenTinker	05f9c20ecf	fix(admin): user deletion failed with FOREIGN KEY constraint (#18 ) DELETE /api/auth/users/:id ran a bare `DELETE FROM users`, but 23 columns reference users(id) and only 4 cascade, so with foreign_keys=ON the delete fails the moment the user is referenced anywhere - and a real user always is (owns an org, created a workspace, has login activity). Reproduces on a fresh DB, exactly as reported. The schema also lacks cascades from workspaces -> tenant resources, so the DB can't clean up on its own. New lib/user-deletion.js resolves every reference in one transaction (defer_foreign_keys=ON for forgiving order; table-existence guard for resilience): - Refuse (409) if the user OWNS an organization that has other members - don't nuke a shared tenant; transfer ownership first. - Hard-delete the organizations they SOLELY own (workspaces + all contents). - In orgs they don't own, PRESERVE resources: SET NULL the nullable creator/inviter columns, and reassign the NOT NULL legacy creator user_id to the resource's org owner (fallback: the acting admin). - Memberships (organization_members/workspace_members/team_members/ content_folders) cascade on the user delete; pending invites they sent and legacy teams they own are removed. The handler now 404s an unknown id and 409s the shared-org case. Tests (node:test): reproduces the FK failure, then verifies provisioned-member delete (resources preserved + unlinked/reassigned), solo-org-owner cascade, shared-org refusal (409), self-delete 400, non-superadmin 403, unknown 404. Full suite 22/22. Verified end-to-end on a copy of a real DB: deleted a user owning 2 solo orgs, foreign_key_check clean. Closes #18.	2026-06-08 10:51:32 -05:00

Author

SHA1

Message

Date

ScreenTinker

0d14db97a6

feat(admin): Delete Organization + Workspace with cascade (#36 )

Platform admins can now cleanly remove a customer org (account ends) or a stray
workspace from the UI, instead of raw SQL that risks orphaning resources.

The tenant cascade isn't pure DB CASCADE - workspace-scoped tables (devices,
content, playlists, ...) are NO ACTION and must be purged before the workspace.
Extracted that logic out of deleteUserCascade into shared deleteWorkspaceCascade /
deleteOrgCascade helpers (one tested implementation; deleteUserCascade now reuses
the purgeWorkspaces extraction).

Backend (platform-admin only): GET /api/admin/orgs (list + owner + counts +
workspaces), DELETE /api/admin/orgs/:id, DELETE /api/admin/workspaces/:id.
UI: an Organizations section in Admin listing every org/workspace with a
type-the-name confirmation before the irreversible delete.
Tests: org/workspace cascade (real FKs) + endpoint gating/404. Suite 53/53.

2026-06-09 09:22:21 -05:00

ScreenTinker

05f9c20ecf

fix(admin): user deletion failed with FOREIGN KEY constraint (#18 )

DELETE /api/auth/users/:id ran a bare `DELETE FROM users`, but 23 columns
reference users(id) and only 4 cascade, so with foreign_keys=ON the delete
fails the moment the user is referenced anywhere - and a real user always is
(owns an org, created a workspace, has login activity). Reproduces on a fresh
DB, exactly as reported.

The schema also lacks cascades from workspaces -> tenant resources, so the DB
can't clean up on its own. New lib/user-deletion.js resolves every reference in
one transaction (defer_foreign_keys=ON for forgiving order; table-existence
guard for resilience):
  - Refuse (409) if the user OWNS an organization that has other members -
    don't nuke a shared tenant; transfer ownership first.
  - Hard-delete the organizations they SOLELY own (workspaces + all contents).
  - In orgs they don't own, PRESERVE resources: SET NULL the nullable
    creator/inviter columns, and reassign the NOT NULL legacy creator user_id to
    the resource's org owner (fallback: the acting admin).
  - Memberships (organization_members/workspace_members/team_members/
    content_folders) cascade on the user delete; pending invites they sent and
    legacy teams they own are removed.

The handler now 404s an unknown id and 409s the shared-org case.

Tests (node:test): reproduces the FK failure, then verifies provisioned-member
delete (resources preserved + unlinked/reassigned), solo-org-owner cascade,
shared-org refusal (409), self-delete 400, non-superadmin 403, unknown 404.
Full suite 22/22. Verified end-to-end on a copy of a real DB: deleted a user
owning 2 solo orgs, foreign_key_check clean.

Closes #18.

2026-06-08 10:51:32 -05:00

2 commits