feat: anonymize audit logs on user hard-delete and fix host audit log team assignment

Anonymize audit logs when soft-deleted users are purged after 15 days: actor_name set to 'deleted-user', actor_id and resource_id nulled, email stripped from member metadata. Per-user delete ensures no user is removed without successful anonymization. Frontend renders deleted-user as a styled red badge in audit log view. Fix shared host create/delete audit logs landing in admin's personal team — now correctly assigned to PlatformTeamID.
2026-04-21 14:42:09 +06:00
parent 6a6b489471
commit ebbbde9cd1
7 changed files with 103 additions and 30 deletions
--- a/db/queries/users.sql
+++ b/db/queries/users.sql
@ -91,8 +91,8 @@ WHERE ut.user_id = $1
      WHERE ut2.team_id = ut.team_id AND ut2.user_id <> $1
  );

-- name: HardDeleteExpiredUsers :exec
-DELETE FROM users WHERE deleted_at IS NOT NULL AND deleted_at < NOW() - INTERVAL '15 days';
+-- name: ListExpiredSoftDeletedUsers :many
+SELECT id FROM users WHERE deleted_at IS NOT NULL AND deleted_at < NOW() - INTERVAL '15 days';

 -- name: HardDeleteUser :exec
 DELETE FROM users WHERE id = $1;