alkdev/hub
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
2b63cda1c76446ac4662aa2be9ddad6d90cc4bfe
hub/tasks/architecture/storage/resolve-audit-logs-ownerid-cascade.md
glm-5.1 2b63cda1c7 Setup repo: migrate architecture specs, code stubs, and tasks from alkhub_ts 
Copy architecture docs, ADRs, storage domain specs, research, reviews,
and 56 storage architecture tasks from the alkhub_ts monorepo. Adapt for
standalone @alkdev/hub repo structure (src/ not packages/hub/).

Sanitize all sensitive information:
- Replace private IPs (10.0.0.1) with localhost defaults
- Remove internal server hostnames (dev1, ns528096)
- Replace /workspace/ private paths with npm package references
- Remove hardcoded credentials from examples
- Rewrite infrastructure.md without private network details

Add Deno project scaffolding: deno.json (pinned deps), .gitignore,
AGENTS.md, entry point. Migrate existing code stubs (crypto, config
types, logger) with updated import paths.
2026-05-25 10:56:32 +00:00

41 lines
1.7 KiB
Markdown
Raw Blame History

---
id: resolve-audit-logs-ownerid-cascade
name: Resolve audit_logs.ownerId NOT NULL + SET NULL contradiction
status: completed
depends_on: []
scope: narrow
risk: critical
impact: component
level: implementation
---
## Description
`audit_logs.ownerId` is declared `text NOT NULL` in `identity.md:112` but has `onDelete: SET NULL` in `table-reference.md:71`. PostgreSQL will reject the DELETE because it cannot nullify a NOT NULL column.
## Decision (D1)
**Change cascade to RESTRICT**. Audit trails should prevent account deletion — this follows the "audit/traceability data: RESTRICT" cascade pattern. Accounts with audit entries cannot be hard-deleted. Account deactivation (via the new `status` column, D5) is the path for handling departed users.
## Acceptance Criteria
- [ ] `audit_logs.ownerId` cascade is changed from `SET NULL` to `RESTRICT` in `table-reference.md:71`
- [ ] `identity.md` documents that `ownerId` is NOT NULL with RESTRICT cascade, explaining that accounts with audit entries cannot be deleted
- [ ] The rationale is documented: "audit trails must preserve accountability; RESTRICT prevents data integrity violations and ensures audit completeness"
- [ ] Note about operational implication: "accounts with audit entries are deactivated (status: suspended/deactivated) rather than deleted"
- [ ] Cross-reference to D5 (account deactivation via status column)
## References
- docs/reviews/storage-architecture-review-2026-04-21.md#C01
- docs/decisions/storage-spec-phase1-resolutions.md#D1
- docs/architecture/storage/identity.md:112
- docs/architecture/storage/table-reference.md:71
## Notes
> To be filled by implementation agent
## Summary
> To be filled on completion
Reference in New Issue View Git Blame Copy Permalink