feat: add artist delete endpoint (#421)

[arpitgupta1214]

• feat: add artist delete endpoint

• refactor: validate artist delete access in request validator

---

---

Summary by cubic

Add DELETE /api/artists/{id} to let authenticated users unlink themselves from an artist and delete the artist if no owners remain. Includes validation, handler, Supabase helpers, CORS support, and tests.

• New Features

  • New API route with OPTIONS and DELETE; returns { success, artistId } on 200.
  • Validates UUID, auth, artist existence, and access; returns 400/401/403/404 with CORS.
  • Deletes account_artist_ids link, then deletes the artist if no links remain via deleteAccountById.
  • Unit tests for the handler and validator.

• Refactors

  • Moved access validation into the request validator to keep the handler lean.

^{Written for commit fc97310. Summary will update on new commits.}

Summary by CodeRabbit

• New Features
  • Artists can now be deleted from the system through a dedicated API endpoint
  • Implemented robust user authorization validation to restrict deletions to authorized users only
  • Added comprehensive error handling that returns appropriate HTTP status codes and messages for various failure scenarios
  • Includes cross-origin request support (CORS) for seamless API access

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
recoup-api	Ready	Preview	Apr 10, 2026 3:02am

[coderabbitai]

Caution

Review failed

Pull request was closed or merged during review

📝 Walkthrough

Walkthrough

This PR introduces a complete DELETE endpoint for artists at /api/artists/[id], including CORS preflight handling, request validation with authentication and authorization checks, conditional artist account deletion, and comprehensive error handling across multiple abstraction layers.

Changes

Cohort / File(s)	Summary
API Route Handler app/api/artists/[id]/route.ts	Added OPTIONS handler for CORS preflight requests and DELETE handler that delegates to deleteArtistHandler.
Request Handling & Validation lib/artists/deleteArtistHandler.ts, lib/artists/validateDeleteArtistRequest.ts	Added orchestration layer that validates delete requests (account params, authentication, artist existence, authorization) and returns early with appropriate error responses (401, 403, 404).
Deletion Business Logic lib/artists/deleteArtist.ts	Added core deletion logic that removes artist-account associations and optionally deletes the artist account if no associations remain.
Database Operations lib/supabase/account_artist_ids/deleteAccountArtistId.ts, lib/supabase/accounts/deleteAccountById.ts	Added Supabase delete operations for removing artist-account links and artist accounts with error handling.

Sequence Diagram

sequenceDiagram
    participant Client
    participant Route as API Route
    participant Validate as validateDeleteArtistRequest
    participant Handler as deleteArtistHandler
    participant Service as deleteArtist
    participant DB as Supabase

    Client->>Route: DELETE /api/artists/[id]
    Route->>Handler: deleteArtistHandler(request, params)
    Handler->>Validate: validateDeleteArtistRequest(request, id)
    
    Validate->>Validate: validateAccountParams(id)
    alt Param Invalid
        Validate-->>Handler: NextResponse (400/CORS)
    else Authenticated?
        Validate->>Validate: validateAuthContext(request)
        alt Auth Failed
            Validate-->>Handler: NextResponse (401/CORS)
        else Artist Exists?
            Validate->>DB: selectAccounts(artistId)
            alt Not Found
                Validate-->>Handler: NextResponse (404/CORS)
            else Authorized?
                Validate->>DB: checkAccountArtistAccess()
                alt Access Denied
                    Validate-->>Handler: NextResponse (403/CORS)
                else Valid
                    Validate-->>Handler: DeleteArtistRequest{artistId, requesterAccountId}
                end
            end
        end
    end

    Handler->>Service: deleteArtist({artistId, requesterAccountId})
    Service->>DB: deleteAccountArtistId(requesterAccountId, artistId)
    Service->>DB: getAccountArtistIds({artistIds: [artistId]})
    
    alt Remaining Associations?
        Service->>Service: Skip account deletion
    else No Associations
        Service->>DB: deleteAccountById(artistId)
    end
    
    Service-->>Handler: artistId
    Handler-->>Route: NextResponse.json({success: true, artistId}/CORS)
    Route-->>Client: 200 OK

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Possibly related PRs

• feat: add artist delete endpoint #421: Directly related—adds the same DELETE /api/artists/[id] endpoint and all associated handler, validation, and database deletion modules.
• revert: artist detail read endpoint #417: Related—modifies app/api/artists/[id]/route.ts to adjust handlers on the same artist endpoint route.
• feat: add artist detail read endpoint #416: Related—adds complementary handlers (OPTIONS and other methods) to the same app/api/artists/[id]/route.ts file.

Suggested reviewers

• sweetmantech

Poem

🎨 A delete endpoint blooms so bright,
With validation layers, auth done right,
Each function honed with SOLID care,
Artists vanish—handled fair! ✨

🚥 Pre-merge checks | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Solid & Clean Code	⚠️ Warning	Pull request violates SOLID principles: SRP violations in deleteArtist function coupling multiple concerns, non-atomic race conditions in database operations, inconsistent import paths breaking DRY, and error handling exposing internal details.	Update imports to canonical paths, return generic error messages to clients, refactor deleteArtist to atomic database operation, and add comprehensive route-level tests covering all success and error paths.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch test

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}