Skip to content

feat(backend): implement comprehensive user deletion with authorization and safety checks (SCRUM-304) #212

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: dev
Choose a base branch
from
Open

feat(backend): implement comprehensive user deletion with authorization and safety checks (SCRUM-304) #212

wants to merge 1 commit into from

Conversation

@bernhaaard
Copy link
Contributor

@bernhaaard bernhaaard commented Jun 20, 2025

Changes

  • Added authorization logic (users delete own accounts, admins delete any, last admin protection)
  • Implemented transaction-based soft deletion preserving email/role/clerk_id while clearing PII
  • Added role-specific profile cleanup (student thesis_description, supervisor bio/spots)
  • Included enhanced logging with deletion statistics
  • Replaced hardcoded constants with configurable limits (User search limit)
  • Complete rewrite with comprehensive test coverage for deletion scenarios

@bernhaaard bernhaaard requested review from Mohammed87FS and nb159 June 20, 2025 22:47
@bernhaaard bernhaaard self-assigned this Jun 20, 2025
@bernhaaard bernhaaard requested a review from jb-cc as a code owner June 20, 2025 22:47
@bernhaaard
feat: implement comprehensive user deletion with authorization and sa…
8682552 
…fety checks

- Add authorization logic (users delete own accounts, admins delete any, last admin protection)
- Implement transaction-based soft deletion preserving email/role/clerk_id while clearing PII
- Add role-specific profile cleanup (student thesis_description, supervisor bio/spots)
- Include enhanced logging with deletion statistics
- Replace hardcoded constants with configurable limits (User search limit)
- Complete rewrite with comprehensive test coverage for all deletion scenarios
@bernhaaard bernhaaard force-pushed the SCRUM-304-backend-handle-user-deletion branch from 6ed4ccc to 8682552 Compare June 20, 2025 23:03
@bernhaaard
Copy link
Contributor Author

bernhaaard commented Jun 20, 2025

@nb159 let me know if you need any more info about how to use it in the frontend!

@bernhaaard bernhaaard changed the title feat(backend): implement comprehensive user deletion with authorization and safety checks feat(backend): implement comprehensive user deletion with authorization and safety checks (SCRUM-304) Jun 23, 2025
@bernhaaard bernhaaard changed the title feat(backend): implement comprehensive user deletion with authorization and safety checks (SCRUM-304) feat(backend): implement comprehensive user deletion with authorization and safety checks (SCRUM-304)(SCRUM-311) Jun 23, 2025
@bernhaaard bernhaaard changed the title feat(backend): implement comprehensive user deletion with authorization and safety checks (SCRUM-304)(SCRUM-311) feat(backend): implement comprehensive user deletion with authorization and safety checks (SCRUM-304) Jun 23, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@nb159 nb159 Awaiting requested review from nb159

@Mohammed87FS Mohammed87FS Awaiting requested review from Mohammed87FS

@jb-cc jb-cc Awaiting requested review from jb-cc jb-cc is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

@bernhaaard bernhaaard

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@bernhaaard