search

zenstackhq / zenstack

Fullstack TypeScript toolkit that enhances Prisma ORM with flexible Authorization layer for RBAC/ABAC/PBAC/ReBAC, offering auto-generated type-safe APIs and frontend hooks.
https://zenstack.dev
MIT License
2.07k stars 89 forks source link

[Feature Request] A real soft-delete feature #520

Open ymc9 opened 1 year ago

ymc9 commented 1 year ago

Background

Current pattern: https://zenstack.dev/blog/soft-delete

But it has some limitations:

Proposed Solution

The thought is to make it as simple as:

model Foo {
    ...
    deletedAt DateTime? @softDelete
}

And the enhance() API can have an option to opt-in for it:

const db = enhance(prisma, { user: ..., softDelete: true });

When enabled, the enhanced client has additional behavior:

  1. delete and deleteMany (including nested ones) become soft delete
  2. onDelete: Cascade propagate soft-delete to related entities
  3. Read APIs (findXXX, count, aggregate, groupBy) automatically exclude soft-deleted entities

More Context

Context from chat with ikishan on discord:

image
nahtnam commented 7 months ago

const db = enhance(prisma, { user: ..., softDelete: true });

It would be specifically cool if we can have softDelete without enhance/an alternative function that doesn't use the authorization layer

I have a global export of prisma and I use that in my webhooks and cron jobs. I would love if they could also have soft deletes, but there is no "user" in those contexts so enchance wouldn't make sense. Would also be nice if they can respect the validations as well.

ymc9 commented 7 months ago

const db = enhance(prisma, { user: ..., softDelete: true });

It would be specifically cool if we can have softDelete without enhance/an alternative function that doesn't use the authorization layer

I have a global export of prisma and I use that in my webhooks and cron jobs. I would love if they could also have soft deletes, but there is no "user" in those contexts so enchance wouldn't make sense. Would also be nice if they can respect the validations as well.

With the new unified enhance API in V2, it's probably going to look like:

const dbSoftDelete = enhance(prisma, undefined, { kinds: ['soft-delete'] });

Data validation is also part of access control today. It'll be a separate task to spin it out 😄

eqqe commented 2 days ago

Someone seems to have implemented a resursive soft delete extension in Prisma. https://github.com/prisma/prisma/issues/3398#issuecomment-2310457180 What do you think?