MyVideoGameList/myvideogamelist.com
MyVideoGameList/myvideogamelist.com
3
0
Fork 0
Code Issues 45 Pull requests Projects 3 Releases Activity Actions

Define account deletion cascade for user and admin deletes #355

New issue
Closed
opened 2026-06-03 15:56:06 -05:00 by Codex · 1 comment
Codex commented 2026-06-03 15:56:06 -05:00
Member
Copy link

Account deletion currently needs a consistent backend workflow so self-service deletion and admin soft-deletion clean up the same user-owned data without leaving active records behind.

Self-service deletion should mark the account as user-deleted, invalidate the user's session, soft-delete the user row, and soft-delete the related user-owned rows listed below. Admin deletion should use the same cascade and session invalidation behavior, but should not set users.user_deleted = 'Y'.

Scope

  • Add a shared account deletion service/action that can be called from the settings delete-account flow and the admin user flow.
  • For self-service deletion, set users.user_deleted = 'Y'.
  • For admin deletion, do not set users.user_deleted = 'Y'; only soft-delete the user and related records.
  • Soft-delete all related records with both deleted_at = now() and updated_at = now():
    • blog_comments where user_id matches the deleted user.
    • blog_entries where user_id matches the deleted user.
    • console_lists for the deleted user.
    • favorites for the deleted user.
    • user_friends where either user_id or friend_id matches the deleted user.
    • game_comments where user_id matches the deleted user.
    • game_lists where user_id matches the deleted user.
    • user_gamer_tags for the deleted user.
    • user_infos for the deleted user.
    • user_notification_settings for the deleted user.
    • user_site_settings for the deleted user.
    • users row for the deleted user.
  • Invalidate the deleted user's active session after self-service deletion and when an admin deletes the account.
  • Keep the workflow idempotent so rerunning it for an already soft-deleted user does not fail or resurrect data.
  • Keep issue #46 separate; this issue covers app database/session cleanup, while #46 covers the Fider-side account state.

Acceptance Criteria

  • When a user deletes their own account, their related rows listed in scope are soft-deleted and have updated_at refreshed to the deletion time.
  • Self-service deletion sets users.user_deleted = 'Y', soft-deletes the user row, and logs the user out.
  • When an admin soft-deletes a user account, the same related rows are soft-deleted and have updated_at refreshed to the deletion time.
  • Admin deletion soft-deletes the user row but does not change users.user_deleted to Y.
  • Friend rows are removed from active friendship views regardless of whether the deleted user is stored in user_id or friend_id.
  • Deleted user content no longer appears in active blog, comment, console-list, favorite, game-list, profile, or notification/settings queries that already filter soft-deleted rows.
  • The workflow is wrapped so partial deletion does not leave the account in an inconsistent state.
  • Existing admin/profile delete UI continues to follow the current Laravel/Tailwind patterns.

Test Coverage Required

  • Feature test for self-service account deletion covering users.user_deleted = 'Y', user soft-delete, session invalidation, and every related table in scope.
  • Feature test for admin account deletion covering user soft-delete and related-table cascade without setting users.user_deleted = 'Y'.
  • Regression test confirming user_friends rows are soft-deleted when the deleted user is either user_id or friend_id.
  • Regression test confirming all touched rows receive a refreshed updated_at.
  • Authorization test confirming non-admin users cannot trigger admin deletion.
  • Idempotency test confirming rerunning deletion for an already soft-deleted user does not fail.
  • Run the focused affected tests, then run vendor/bin/pint --dirty before closing the issue.

Progress Checklist

  • Add shared account deletion service/action
  • Wire self-service delete-account flow to the shared deletion workflow
  • Wire admin user soft-delete flow to the shared deletion workflow
  • Cascade soft-delete blog comments and blog entries
  • Cascade soft-delete console lists, favorites, game comments, and game-list rows
  • Cascade soft-delete friend rows from both friendship columns
  • Cascade soft-delete gamer tags, user info, notification settings, and site settings
  • Soft-delete the user row and refresh updated_at
  • Set users.user_deleted = 'Y' only for self-service deletion
  • Invalidate the deleted user's session
  • Add focused Pest coverage for both deletion paths and the cascade
Account deletion currently needs a consistent backend workflow so self-service deletion and admin soft-deletion clean up the same user-owned data without leaving active records behind. Self-service deletion should mark the account as user-deleted, invalidate the user's session, soft-delete the user row, and soft-delete the related user-owned rows listed below. Admin deletion should use the same cascade and session invalidation behavior, but should not set `users.user_deleted = 'Y'`. ## Scope - Add a shared account deletion service/action that can be called from the settings delete-account flow and the admin user flow. - For self-service deletion, set `users.user_deleted = 'Y'`. - For admin deletion, do not set `users.user_deleted = 'Y'`; only soft-delete the user and related records. - Soft-delete all related records with both `deleted_at = now()` and `updated_at = now()`: - `blog_comments` where `user_id` matches the deleted user. - `blog_entries` where `user_id` matches the deleted user. - `console_lists` for the deleted user. - `favorites` for the deleted user. - `user_friends` where either `user_id` or `friend_id` matches the deleted user. - `game_comments` where `user_id` matches the deleted user. - `game_lists` where `user_id` matches the deleted user. - `user_gamer_tags` for the deleted user. - `user_infos` for the deleted user. - `user_notification_settings` for the deleted user. - `user_site_settings` for the deleted user. - `users` row for the deleted user. - Invalidate the deleted user's active session after self-service deletion and when an admin deletes the account. - Keep the workflow idempotent so rerunning it for an already soft-deleted user does not fail or resurrect data. - Keep issue #46 separate; this issue covers app database/session cleanup, while #46 covers the Fider-side account state. ## Acceptance Criteria - When a user deletes their own account, their related rows listed in scope are soft-deleted and have `updated_at` refreshed to the deletion time. - Self-service deletion sets `users.user_deleted = 'Y'`, soft-deletes the user row, and logs the user out. - When an admin soft-deletes a user account, the same related rows are soft-deleted and have `updated_at` refreshed to the deletion time. - Admin deletion soft-deletes the user row but does not change `users.user_deleted` to `Y`. - Friend rows are removed from active friendship views regardless of whether the deleted user is stored in `user_id` or `friend_id`. - Deleted user content no longer appears in active blog, comment, console-list, favorite, game-list, profile, or notification/settings queries that already filter soft-deleted rows. - The workflow is wrapped so partial deletion does not leave the account in an inconsistent state. - Existing admin/profile delete UI continues to follow the current Laravel/Tailwind patterns. ## Test Coverage Required - Feature test for self-service account deletion covering `users.user_deleted = 'Y'`, user soft-delete, session invalidation, and every related table in scope. - Feature test for admin account deletion covering user soft-delete and related-table cascade without setting `users.user_deleted = 'Y'`. - Regression test confirming `user_friends` rows are soft-deleted when the deleted user is either `user_id` or `friend_id`. - Regression test confirming all touched rows receive a refreshed `updated_at`. - Authorization test confirming non-admin users cannot trigger admin deletion. - Idempotency test confirming rerunning deletion for an already soft-deleted user does not fail. - Run the focused affected tests, then run `vendor/bin/pint --dirty` before closing the issue. ## Progress Checklist - [x] Add shared account deletion service/action - [x] Wire self-service delete-account flow to the shared deletion workflow - [x] Wire admin user soft-delete flow to the shared deletion workflow - [x] Cascade soft-delete blog comments and blog entries - [x] Cascade soft-delete console lists, favorites, game comments, and game-list rows - [x] Cascade soft-delete friend rows from both friendship columns - [x] Cascade soft-delete gamer tags, user info, notification settings, and site settings - [x] Soft-delete the user row and refresh `updated_at` - [x] Set `users.user_deleted = 'Y'` only for self-service deletion - [x] Invalidate the deleted user's session - [x] Add focused Pest coverage for both deletion paths and the cascade
jimmyb self-assigned this 2026-06-03 21:40:04 -05:00
Codex commented 2026-06-03 22:07:20 -05:00
Author
Member
Copy link

Implemented and pushed to dev in commit df1eaff (Implement account deletion cascade).

Notes:

  • Added App\Actions\DeleteUserAccount as the shared transactional cascade used by both self-service and admin deletion.
  • Self-service deletion sets users.user_deleted = 'Y'; admin deletion soft-deletes the account and scoped related rows without changing user_deleted.
  • The cascade refreshes deleted_at and updated_at for every scoped table, handles user_friends from both user_id and friend_id, removes database-backed sessions for the deleted user, and supports idempotent reruns via withTrashed().
  • Added an admin delete route/control on the existing admin user edit screen.

Verification:

  • php artisan test --compact tests/Feature/AccountDeletionCascadeTest.php - 4 passed, 51 assertions
  • php artisan test --compact tests/Feature/Settings/ProfileUpdateTest.php --filter='delete account' - 4 passed, 27 assertions
  • php artisan test --compact tests/Feature/AdminUserProfileInfoTest.php - 1 passed, 11 assertions
  • vendor/bin/pint --dirty --format agent - passed
Implemented and pushed to `dev` in commit `df1eaff` (`Implement account deletion cascade`). Notes: - Added `App\Actions\DeleteUserAccount` as the shared transactional cascade used by both self-service and admin deletion. - Self-service deletion sets `users.user_deleted = 'Y'`; admin deletion soft-deletes the account and scoped related rows without changing `user_deleted`. - The cascade refreshes `deleted_at` and `updated_at` for every scoped table, handles `user_friends` from both `user_id` and `friend_id`, removes database-backed sessions for the deleted user, and supports idempotent reruns via `withTrashed()`. - Added an admin delete route/control on the existing admin user edit screen. Verification: - `php artisan test --compact tests/Feature/AccountDeletionCascadeTest.php` - 4 passed, 51 assertions - `php artisan test --compact tests/Feature/Settings/ProfileUpdateTest.php --filter='delete account'` - 4 passed, 27 assertions - `php artisan test --compact tests/Feature/AdminUserProfileInfoTest.php` - 1 passed, 11 assertions - `vendor/bin/pint --dirty --format agent` - passed
Codex 2026-06-03 22:07:34 -05:00
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
dev
No results found.
Labels
Clear labels   
automated

   
code-quality

   
component: admin dashboard
The issue is related to the admin dashboard functionality.

  
component: backend
The issue is related to the backend code.

  
component: billing
The issue is related to our billing and payment system functionality.

  
component: content management
The issue is related to site content and moderation functionality.

  
component: faqs
The issue relates to our frequency asked questions and their categories.

  
component: game genres
The issue is related to genres in relation to games.

  
component: game lists
The issue is related to user-facing game list functionality.

  
component: game reviews
The issue relates to the game reviews functionality.

  
component: game search
The issue is related to the user-facing game search functionality.

  
component: games
The issue relates to games in our database.

  
component: internal notifications
The issue is related to the functionality of notifications sent for internal usage.

  
component: platforms
The issue is related to platform functionality.

  
component: security
The issue relates to the security issues within the app.

  
component: tests
The issue relates to unit and feature tests.

  
component: user api
The issue relates to the user-facing API.

  
component: user badges
The issue is related to our badge/achievements functionality.

  
component: user blogs
The issue is related to blogging functionality.

  
component: user consoles
The issue is related to user console lists functionality.

  
component: user favorites
This is issue is related to the favorites functionality.

  
component: user friends
The issue relates to the friending functionality.

  
component: user notifications
The issue is related to user-facing notifications functionality.

  
component: user profiles
The issue is related to user profile functionality.

  
component: user site notifications
The issue relates to the functionality of notifications shown to users directly on the website.

  
component: user wishlists
This issue is related to the wishlists functionality.

  
component: web design
This issue is related to the design of the website.

  
dependencies
Pull requests that update a dependency file.

  
php
Pull requests that update PHP code.

  
priority
high
 The issue is considered a high priority.

  
priority
low
 This issue is considered a low priority.

  
priority
medium
 This issue is considered a medium priority.

  
security-hotspot

   
source: codex

   
source: sonarqube
  
status
awaiting feedback
 The issue is awaiting feedback from others.

  
status
backlog
 Issues that are in a backlog status.

  
status
done
 The issue has been completed and closed out.

  
status
in progress
 The issue is in progress and being actively worked on.

  
status
in queue
 The issue is in queue and will be worked on shortly.

  
status
in review
 The issue work has been completed and now the work needs to be reviewed.

  
status
needs codex review
 Use this tag to have Codex spiffy up your issue.

  
status
needs investigation
 The issue describes a problem which needs further investigation.

  
status
wontfix
 This issue will not be worked on.

  
type: bug
The issue describes something working the way it wasn't intended too.

  
type: documentation
Improvements or additions to site documentation.

  
type: feature
A new feature for the website.

  
type: improvement
An improvement on an existing feature.

  
type: regression
The issue describes a function that previously worked and no longer does.

  
type: task
A small-ish task.

No labels
automated
code-quality
component: admin dashboard
component: backend
component: billing
component: content management
component: faqs
component: game genres
component: game lists
component: game reviews
component: game search
component: games
component: internal notifications
component: platforms
component: security
component: tests
component: user api
component: user badges
component: user blogs
component: user consoles
component: user favorites
component: user friends
component: user notifications
component: user profiles
component: user site notifications
component: user wishlists
component: web design
dependencies
php
priority
high
priority
low
priority
medium
security-hotspot
source: codex
source: sonarqube
status
awaiting feedback
status
backlog
status
done
status
in progress
status
in queue
status
in review
status
needs codex review
status
needs investigation
status
wontfix
type: bug
type: documentation
type: feature
type: improvement
type: regression
type: task
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Laravel 13 + TailwindCSS
Assignees
Clear assignees
No assignees
jimmyb
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
MyVideoGameList/myvideogamelist.com#355
No description provided.