fix: clean up project-level policies on project deletion#1530
fix: clean up project-level policies on project deletion#1530
Conversation
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
|
No actionable comments were generated in the recent review. 🎉 ℹ️ Recent review info⚙️ Run configurationConfiguration used: Path: .coderabbit.yaml Review profile: CHILL Plan: Pro Run ID: 📒 Files selected for processing (1)
✅ Files skipped from review due to trivial changes (1)
📝 WalkthroughSummary by CodeRabbit
WalkthroughService.DeleteProject now lists and deletes project-level policies before deleting resources and the project model. Many autogenerated testify/mock mocks were added under Changes
Estimated code review effort🎯 3 (Moderate) | ⏱️ ~25 minutes Possibly related PRs
Suggested reviewers
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
Coverage Report for CI Build 24237674629Warning Build has drifted: This PR's base is out of sync with its target branch, so coverage data may include unrelated changes. Coverage increased (+0.3%) to 41.606%Details
Uncovered ChangesNo uncovered changes found. Coverage Regressions58 previously-covered lines in 2 files lost coverage.
Coverage Stats
💛 - Coveralls |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 1
🧹 Nitpick comments (1)
core/deleter/service_test.go (1)
50-63: Add explicit ordering assertions to enforce cascade sequence intent.The test name and structure imply a strict deletion order (policies → resources → project), but the mock expectations don't enforce this constraint. Without
InOrder()or sequence assertions, testify allows expectations to be satisfied in any order. If the implementation is later refactored (e.g., to concurrent deletes), this test would still pass even if the order changes. Usemock.InOrder()to wrap the expectations and make the ordering requirement explicit.Also applies to: 122-131
ℹ️ Review info
⚙️ Run configuration
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Pro
Run ID: d11c6266-92f3-4259-a387-6ba0e4f4a711
📒 Files selected for processing (12)
core/deleter/mocks/customer_service.gocore/deleter/mocks/group_service.gocore/deleter/mocks/invitation_service.gocore/deleter/mocks/invoice_service.gocore/deleter/mocks/organization_service.gocore/deleter/mocks/policy_service.gocore/deleter/mocks/project_service.gocore/deleter/mocks/resource_service.gocore/deleter/mocks/role_service.gocore/deleter/mocks/subscription_service.gocore/deleter/mocks/user_service.gocore/deleter/service_test.go
✅ Files skipped from review due to trivial changes (2)
- core/deleter/mocks/user_service.go
- core/deleter/mocks/subscription_service.go
3 participants
Summary
The fix adds a policyService.List + policyService.Delete loop to DeleteProject, matching the existing pattern used in DeleteOrganization for org-level policies.
What was orphaned (before fix)
rolebinding:X → bearer → user/serviceuser/pat ← orphaned in SpiceDB + Postgres
rolebinding:X → role → role:Y ← orphaned in SpiceDB + Postgres
policies table row (resource_id=projectID) ← orphaned in Postgres
Test plan