Hartmut/CapaKraken
1
0
Fork 0
Code Issues 10 Pull Requests 1 Actions Packages Projects Releases Wiki Activity

feat(admin): hard-delete resources (admin-only)

Browse Source 
Adds a transactional hard-delete procedure behind adminProcedure that
removes a resource's assignments and vacations first, then the record
itself, and writes an audit log entry.  The ResourceModal exposes a
"Delete Resource" button (edit mode, ADMIN role only) with an inline
confirm step before the mutation fires.

Co-Authored-By: claude-flow <ruv@ruv.net>
This commit is contained in:
Hartmut Nörenberg
2026-04-03 15:23:30 +02:00
parent 3979d342c8
commit 0d0707264d
2 changed files with 93 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files
apps/web/src/components/resources/ResourceModal.tsx
+50 -2
View File
@@ -6,6 +6,7 @@ import type { Resource, SkillEntry } from "@capakraken/shared";
import { GERMAN_FEDERAL_STATES, inferStateFromPostalCode, ResourceType } from "@capakraken/shared"; import { GERMAN_FEDERAL_STATES, inferStateFromPostalCode, ResourceType } from "@capakraken/shared";
import { trpc } from "~/lib/trpc/client.js"; import { trpc } from "~/lib/trpc/client.js";
import { InfoTooltip } from "~/components/ui/InfoTooltip.js"; import { InfoTooltip } from "~/components/ui/InfoTooltip.js";
import { usePermissions } from "~/hooks/usePermissions.js";
interface RoleAssignment { interface RoleAssignment {
roleId: string; roleId: string;
@@ -193,10 +194,12 @@ export function ResourceModal({ mode, resource, onClose }: ResourceModalProps) {
resource ? resourceToFormState(resource) : defaultFormState(), resource ? resourceToFormState(resource) : defaultFormState(),
); );
const [errorMsg, setErrorMsg] = useState<string | null>(null); const [errorMsg, setErrorMsg] = useState<string | null>(null);
const [confirmDelete, setConfirmDelete] = useState(false);
const panelRef = useRef<HTMLDivElement>(null); const panelRef = useRef<HTMLDivElement>(null);
useFocusTrap(panelRef, true); useFocusTrap(panelRef, true);
const { canManageUsers } = usePermissions();
const utils = trpc.useUtils(); const utils = trpc.useUtils();
const { data: availableRoles } = trpc.role.list.useQuery( const { data: availableRoles } = trpc.role.list.useQuery(
@@ -225,8 +228,17 @@ export function ResourceModal({ mode, resource, onClose }: ResourceModalProps) {
const createMutation = trpc.resource.create.useMutation(); const createMutation = trpc.resource.create.useMutation();
const updateMutation = trpc.resource.update.useMutation(); const updateMutation = trpc.resource.update.useMutation();
const hardDeleteMutation = trpc.resource.hardDelete.useMutation({
onSuccess: () => {
void utils.resource.invalidate();
onClose();
},
onError: (err) => {
setErrorMsg(err.message);
},
});
const isMutating = createMutation.isPending || updateMutation.isPending; const isMutating = createMutation.isPending || updateMutation.isPending || hardDeleteMutation.isPending;
function setField<K extends keyof FormState>(key: K, value: FormState[K]) { function setField<K extends keyof FormState>(key: K, value: FormState[K]) {
setForm((prev) => ({ ...prev, [key]: value })); setForm((prev) => ({ ...prev, [key]: value }));
@@ -955,7 +967,42 @@ export function ResourceModal({ mode, resource, onClose }: ResourceModalProps) {
</div> </div>
{/* Footer */} {/* Footer */}
<div className="flex items-center justify-end gap-3 px-6 py-4 border-t border-gray-200 dark:border-gray-700 bg-gray-50 dark:bg-gray-900 rounded-b-xl"> <div className="flex items-center justify-between gap-3 px-6 py-4 border-t border-gray-200 dark:border-gray-700 bg-gray-50 dark:bg-gray-900 rounded-b-xl">
<div>
{mode === "edit" && canManageUsers && resource && (
confirmDelete ? (
<div className="flex items-center gap-2">
<span className="text-xs text-red-600 dark:text-red-400 font-medium">Permanently delete this resource?</span>
<button
type="button"
onClick={() => void hardDeleteMutation.mutateAsync({ id: resource.id })}
disabled={isMutating}
className="px-3 py-1.5 text-xs font-medium text-white bg-red-600 hover:bg-red-700 rounded-lg disabled:opacity-50 transition-colors"
>
{hardDeleteMutation.isPending ? "Deleting…" : "Yes, delete"}
</button>
<button
type="button"
onClick={() => setConfirmDelete(false)}
disabled={isMutating}
className="px-3 py-1.5 text-xs font-medium text-gray-600 dark:text-gray-400 hover:text-gray-800 dark:hover:text-gray-200 disabled:opacity-50"
>
Cancel
</button>
</div>
) : (
<button
type="button"
onClick={() => setConfirmDelete(true)}
disabled={isMutating}
className="px-3 py-1.5 text-xs font-medium text-red-600 dark:text-red-400 hover:text-red-800 dark:hover:text-red-200 border border-red-300 dark:border-red-700 rounded-lg disabled:opacity-50 transition-colors"
>
Delete Resource
</button>
)
)}
</div>
<div className="flex items-center gap-3">
<button <button
type="button" type="button"
onClick={onClose} onClick={onClose}
@@ -969,6 +1016,7 @@ export function ResourceModal({ mode, resource, onClose }: ResourceModalProps) {
{isMutating ? "Saving…" : "Save"} {isMutating ? "Saving…" : "Save"}
</button> </button>
</div> </div>
</div>
</form> </form>
</div> </div>
</div> </div>
packages/api/src/router/resource-mutations.ts
+31 -1
View File
@@ -3,7 +3,7 @@ import { TRPCError } from "@trpc/server";
import { z } from "zod"; import { z } from "zod";
import { findUniqueOrThrow } from "../db/helpers.js"; import { findUniqueOrThrow } from "../db/helpers.js";
import { ROLE_BRIEF_SELECT } from "../db/selects.js"; import { ROLE_BRIEF_SELECT } from "../db/selects.js";
import { managerProcedure, requirePermission } from "../trpc.js"; import { adminProcedure, managerProcedure, requirePermission } from "../trpc.js";
import { assertBlueprintDynamicFields } from "./blueprint-validation.js"; import { assertBlueprintDynamicFields } from "./blueprint-validation.js";
export const resourceMutationProcedures = { export const resourceMutationProcedures = {
@@ -259,4 +259,34 @@ export const resourceMutationProcedures = {
return { updated: input.ids.length }; return { updated: input.ids.length };
}), }),
hardDelete: adminProcedure
.input(z.object({ id: z.string() }))
.mutation(async ({ ctx, input }) => {
const resource = await ctx.db.resource.findUnique({
where: { id: input.id },
select: { id: true, displayName: true, eid: true },
});
if (!resource) {
throw new TRPCError({ code: "NOT_FOUND", message: "Resource not found" });
}
await ctx.db.$transaction([
ctx.db.assignment.deleteMany({ where: { resourceId: input.id } }),
ctx.db.vacation.deleteMany({ where: { resourceId: input.id } }),
ctx.db.resource.delete({ where: { id: input.id } }),
]);
await ctx.db.auditLog.create({
data: {
entityType: "Resource",
entityId: input.id,
action: "DELETE",
userId: ctx.dbUser?.id,
changes: { before: resource } as unknown as import("@capakraken/db").Prisma.InputJsonValue,
},
});
return { deleted: true };
}),
}; };