feat(arch): implement soft delete for business-critical models

Adds SoftDeleteMixin (deleted_at + deleted_by_id) with automatic query
filtering via do_orm_execute event. Soft-deleted records are invisible
by default; bypass with execution_options={"include_deleted": True}.

Models: User, Merchant, Store, StoreUser, Customer, Order, Product,
LoyaltyProgram, LoyaltyCard.

Infrastructure:
- SoftDeleteMixin in models/database/base.py
- Auto query filter registered on SessionLocal and test sessions
- soft_delete(), restore(), soft_delete_cascade() in app/core/soft_delete.py
- Alembic migration adding columns to 9 tables
- Partial unique indexes on users.email/username, stores.store_code/subdomain

Service changes:
- admin_service: delete_user, delete_store → soft_delete/soft_delete_cascade
- merchant_service: delete_merchant → soft_delete_cascade (stores→children)
- store_team_service: remove_team_member → soft_delete (fixes is_active bug)
- product_service: delete_product → soft_delete
- program_service: delete_program → soft_delete_cascade

Admin API:
- include_deleted/only_deleted query params on admin list endpoints
- PUT restore endpoints for users, merchants, stores

Tests: 9 unit tests for soft-delete infrastructure.
Docs: docs/backend/soft-delete.md + follow-up proposals.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
2026-03-28 21:08:07 +01:00
parent 332960de30
commit 9bceeaac9c
26 changed files with 1069 additions and 51 deletions

View File

@@ -322,8 +322,10 @@ class AdminService:
owned_count=len(user.owned_merchants),
)
from app.core.soft_delete import soft_delete
username = user.username
db.delete(user)
soft_delete(db, user, deleted_by_id=current_admin_id)
logger.info(f"Admin {current_admin_id} deleted user {username}")
return f"User {username} deleted successfully"
@@ -477,12 +479,20 @@ class AdminService:
is_active: bool | None = None,
is_verified: bool | None = None,
merchant_id: int | None = None,
include_deleted: bool = False,
only_deleted: bool = False,
) -> tuple[list[Store], int]:
"""Get paginated list of all stores with filtering."""
try:
# Eagerly load merchant relationship to avoid N+1 queries
query = db.query(Store).options(joinedload(Store.merchant))
# Soft-delete visibility
if include_deleted or only_deleted:
query = query.execution_options(include_deleted=True)
if only_deleted:
query = query.filter(Store.deleted_at.isnot(None))
# Filter by merchant
if merchant_id is not None:
query = query.filter(Store.merchant_id == merchant_id)
@@ -506,6 +516,10 @@ class AdminService:
# Get total count (without joinedload for performance)
count_query = db.query(Store)
if include_deleted or only_deleted:
count_query = count_query.execution_options(include_deleted=True)
if only_deleted:
count_query = count_query.filter(Store.deleted_at.isnot(None))
if merchant_id is not None:
count_query = count_query.filter(Store.merchant_id == merchant_id)
if search:
@@ -596,17 +610,16 @@ class AdminService:
store = self._get_store_by_id_or_raise(db, store_id)
try:
from app.core.soft_delete import soft_delete_cascade
store_code = store.store_code
# TODO: Delete associated data in correct order
# - Delete orders
# - Delete customers
# - Delete products
# - Delete team members
# - Delete roles
# - Delete import jobs
db.delete(store)
soft_delete_cascade(db, store, deleted_by_id=None, cascade_rels=[
("products", []),
("customers", []),
("orders", []),
("store_users", []),
])
logger.warning(f"Store {store_code} and all associated data deleted")
return f"Store {store_code} successfully deleted"