chore(autonomous-session): consolidate uncommitted work from prior session
Bundles the prior autonomous-session output that was sitting unstaged: - Em-dash sweep across src/ + tests/ (en-dash/em-dash to hyphen, ~2280 instances) - country-flag-icons rollout (CountryFlag component, replaces emoji glyphs that never rendered on Windows; lazy-loads the 3x2 SVG index as a single chunk after the per-subpath dynamic-import approach silently failed in webpack) - Admin IA Phase 1+2: 7-domain regroup, 41 to 38 pages, /admin/berths index, redirects (ocr to ai, reports to dashboard, invitations to users), docs/admin-ia-proposal.md - Per-template email tester (registry + endpoint + UI on Email admin page) - Cancel-document mode picker (delete-from-Documenso vs keep-for-audit) - Dashboard PDF report: 25 widgets, SVG charts, date-range picker, 11 resolvers - Customize-widgets per-region sortables at xl+ (charts/rails/feed); single flat sortable below xl when the layout stacks; per-viewport saved orders - Audit doc updates capturing each shipped item - Lint fixes: react-compiler immutability in DonutChart (reduce instead of let-reassign), set-state-in-effect disables in CountryFlag and UploadForSigning preview-bytes effect, unused 'confirm' destructures in interest contract + reservation tabs, unescaped apostrophe in test-template card copy
This commit is contained in:
@@ -18,7 +18,7 @@
|
||||
*
|
||||
* The DB cascade story:
|
||||
* - cascade FKs handle: companies, addresses, contacts, notes, tags,
|
||||
* portal users, GDPR records — see ON DELETE CASCADE on the FK
|
||||
* portal users, GDPR records - see ON DELETE CASCADE on the FK
|
||||
* definitions in src/lib/db/schema/clients.ts.
|
||||
* - non-cascade nullable FKs (files, documents, form_submissions,
|
||||
* email_messages, reminders, document_sends) get cleared inline so
|
||||
@@ -203,7 +203,7 @@ export async function hardDeleteClient(args: {
|
||||
if (!locked.archivedAt) throw new ConflictError('Client must be archived');
|
||||
|
||||
// Read email contacts BEFORE the cascade so we can wipe matching
|
||||
// website_submissions rows — that table has no clientId FK (raw
|
||||
// website_submissions rows - that table has no clientId FK (raw
|
||||
// inquiry-form data, pre-promotion), matched only by email in the
|
||||
// JSONB payload. Article-17 requires removing the data subject's
|
||||
// submitted form data too.
|
||||
@@ -225,7 +225,7 @@ export async function hardDeleteClient(args: {
|
||||
);
|
||||
}
|
||||
|
||||
// A.7 RTBF wipe — Article-17 erasure of PII-bearing fields, not just FK
|
||||
// A.7 RTBF wipe - Article-17 erasure of PII-bearing fields, not just FK
|
||||
// detach. The previous code merely nullified clientId, which left:
|
||||
// - email_messages.{body_html, body_text, subject, from/to/cc} intact
|
||||
// - document_sends.recipient_email intact
|
||||
@@ -257,7 +257,7 @@ export async function hardDeleteClient(args: {
|
||||
// (b) Redact email_messages content for threads owned by this client.
|
||||
// Threads themselves stay (we detach via clientId=null below) so the
|
||||
// audit log "a thread existed" remains; the message bodies, subjects,
|
||||
// and address arrays — all PII — get wiped.
|
||||
// and address arrays - all PII - get wiped.
|
||||
const threadRows = await tx
|
||||
.select({ id: emailThreads.id })
|
||||
.from(emailThreads)
|
||||
@@ -288,7 +288,7 @@ export async function hardDeleteClient(args: {
|
||||
.where(eq(emailThreads.clientId, args.clientId));
|
||||
await tx.update(reminders).set({ clientId: null }).where(eq(reminders.clientId, args.clientId));
|
||||
|
||||
// (c) document_sends — redact recipient_email when detaching. The row
|
||||
// (c) document_sends - redact recipient_email when detaching. The row
|
||||
// stays (audit log "a doc was sent") but the recipient identity is wiped.
|
||||
await tx
|
||||
.update(documentSends)
|
||||
@@ -319,7 +319,7 @@ export async function hardDeleteClient(args: {
|
||||
|
||||
// G-C3 / A7: demote the system-managed folder so the partial unique
|
||||
// index `uniq_document_folders_entity` releases its slot. Done as a
|
||||
// post-commit fire-and-forget — folder hygiene is non-essential to the
|
||||
// post-commit fire-and-forget - folder hygiene is non-essential to the
|
||||
// delete being durable, and we don't want a folder-table glitch to
|
||||
// un-delete the client by aborting the outer transaction.
|
||||
void demoteSystemFolderOnEntityDelete(args.portId, 'client', args.clientId).catch((err) => {
|
||||
@@ -378,7 +378,7 @@ export async function hardDeleteClient(args: {
|
||||
// ─── Bulk hard delete ───────────────────────────────────────────────────────
|
||||
|
||||
function hashIds(ids: string[]): string {
|
||||
// Stable hash so the same set always produces the same key — order
|
||||
// Stable hash so the same set always produces the same key - order
|
||||
// independent. SHA-1 is more than enough for collision-avoidance on
|
||||
// a per-user keyspace.
|
||||
|
||||
@@ -499,7 +499,7 @@ export async function bulkHardDeleteClients(args: {
|
||||
const idsHash = hashIds(args.clientIds);
|
||||
const key = bulkCodeKey(args.requesterUserId, idsHash);
|
||||
const stored = await redis.get(key);
|
||||
// Same error for both cases — see single-client variant for rationale.
|
||||
// Same error for both cases - see single-client variant for rationale.
|
||||
// Code is tied to the exact set hash so a wrong-set probe fails here too.
|
||||
if (!stored || !safeEqualStr(stored, args.code.trim())) {
|
||||
throw new ValidationError('Invalid or expired confirmation code');
|
||||
|
||||
Reference in New Issue
Block a user