Feat/deleteaccount command#28
Merged
Merged
Conversation
…f-service data removal Implements a new slash command that lets users permanently delete all their stored data from the bot with a confirmation step. Changes - src/bot/commands/deleteaccount.ts (new): slash command with a 30-second Yes/Cancel button confirmation. On confirm deletes credentials, all redeemed code records (reports count), and audit log entries. Handles no-account, timeout, cancel, and error cases with ephemeral embeds. - src/bot/bot.ts: import and register deleteaccount command. - src/bot/commands/help.ts: add /deleteaccount entry to help embed. - src/bot/database/codeManager.ts: add deleteUserRedeemedCodes(discordId) — deletes all redeemed_codes rows for a user, returns the count removed. - src/bot/database/auditManager.ts: add deleteUserAuditLog(discordId) — purges all audit_log rows belonging to a user. - IDEAS/TODO.md (new): feature ideas file with end-user priority ratings; /deleteaccount marked as implemented. Tests (125 pass, 0 fail) - src/bot/database/auditManager.test.ts (new): 23 tests covering logAction, getUserAuditLog, getAllAuditLog, getAuditLogSince, getAuditLogByAction, and deleteUserAuditLog. auditManager.ts now at 100% line coverage. - src/bot/database/codeManager.test.ts: 4 new tests for deleteUserRedeemedCodes (empty user, count returned, user isolation, shared-code safety). Signed-off-by: Michael Cramer <michael@bigmichi1.de>
Updated files: - README.md: add /deleteaccount to slash commands list, add GDPR bullet - docs/full-documentation.md: add to features list, command table, and new full command section under Account Management - docs/api-reference.md: bump total commands 11→12, add full command 12 section with flow/error codes/example, add to /help embed example, add to throttling table, update OSPS compliance count - docs/structure.md: bump command count 11→12, add deleteaccount.ts entry - docs/system-design.md: add to user actions list and command reference table Signed-off-by: Michael Cramer <michael@bigmichi1.de>
There was a problem hiding this comment.
Pull request overview
Adds a self-service /deleteaccount Discord slash command for removing a user's stored bot data, and updates command registration, help text, documentation, and database tests around deletion helpers.
Changes:
- Adds
/deleteaccountwith ephemeral confirmation buttons before deleting credentials, redeemed code history, and audit logs. - Adds database helpers/tests for deleting user redeemed code rows and audit log entries.
- Updates README and docs to include the new command.
Reviewed changes
Copilot reviewed 13 out of 13 changed files in this pull request and generated 1 comment.
Show a summary per file
| File | Description |
|---|---|
src/bot/commands/deleteaccount.ts |
Implements the new account deletion command and confirmation flow. |
src/bot/bot.ts |
Registers the new command. |
src/bot/commands/help.ts |
Adds /deleteaccount to the help embed. |
src/bot/database/codeManager.ts |
Adds deletion helper for a user's redeemed codes. |
src/bot/database/codeManager.test.ts |
Tests redeemed-code deletion behavior. |
src/bot/database/auditManager.ts |
Adds deletion helper for a user's audit log entries. |
src/bot/database/auditManager.test.ts |
Adds audit manager coverage, including user audit deletion. |
README.md |
Documents the new command in the feature list. |
docs/system-design.md |
Updates command listings and system design docs. |
docs/structure.md |
Updates command count and command file list. |
docs/full-documentation.md |
Adds account deletion usage documentation. |
docs/api-reference.md |
Adds API reference entry and command count updates. |
IDEAS/TODO.md |
Marks /deleteaccount as implemented. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Runs on push to main and PRs targeting main: - Sets up Bun 1.3.14 and installs frozen lockfile deps - Type-checks with tsc - Runs tests with LCOV coverage output - Uploads coverage/lcov.info as an artifact (retained 90 days) On pull requests: - Downloads the latest coverage artifact from main - Posts a per-file coverage diff comment via romeovs/lcov-reporter-action (shows +/- change vs main, or full report if no base artifact exists yet) - Old coverage comments are deleted and replaced on each new push No secrets required — ENCRYPTION_KEY is set by src/test/setup.ts Signed-off-by: Michael Cramer <michael@bigmichi1.de>
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
Signed-off-by: Michael Cramer <michael@bigmichi1.de>
romeovs/lcov-reporter-action carries a maintenance warning and has not been updated since 2024. Replace with pento/lcov-coverage-check v3.1.0 which is actively maintained and handles baseline artifact management internally, eliminating the need for the separate dawidd6/action-download-artifact step. Changes: - Add actions: read permission (needed to download baseline artifacts) - Drop the upload-artifact, download-artifact, and two conditional romeovs steps (4 steps -> 1 step) - pento/lcov-coverage-check automatically: * stores lcov-baseline artifact on main-branch pushes * retrieves baseline and posts a per-file diff comment on PRs * writes a summary to GITHUB_STEP_SUMMARY * falls back to summary-only mode on first run or fork PRs Signed-off-by: Michael Cramer <michael@bigmichi1.de>
Signed-off-by: Michael Cramer <michael@bigmichi1.de>
- deleteaccount: clear pending_codes before deleting the users row pending_codes.discord_id has a FK to users.discord_id with no ON DELETE CASCADE; any pending row would cause deleteCredentials() to fail and leave the account in a partially-deleted state. clearPendingCodes() is now called first, matching the FK dependency order. - deleteaccount: remove PII from post-deletion log message The logger previously emitted interaction.user.tag and interaction.user.id after all database records had been erased, which re-persists the user's identity in log files. The message now only records the count of deleted code records \u2014 no user-identifying data. - ci: pin pento/lcov-coverage-check to full commit SHA (v3.1.0) Matches the repository convention of pinning all GitHub Actions to a specific commit hash for supply-chain integrity. Signed-off-by: Michael Cramer <michael@bigmichi1.de>
- crypto.ts: type-assert array destructuring after parts.length guard - autoRedeemer.ts: fix Promise<void|Logger> by wrapping catch in block, cast newServer/generic.newServer as string after guards, add non-null assertion on allUsers index access - autoRedeemer.test.ts: fix setTimeout mock type with unknown cast, add non-null assertion on mock.calls index access - auditManager.test.ts, codeManager.test.ts, userManager.test.ts: add non-null assertions on all direct array index accesses Signed-off-by: Michael Cramer <michael@bigmichi1.de>
… deletion - Add hasUserBackfillOperations() and deleteUserBackfillOperations() to BackfillManager so callers can detect and remove backfill rows by user - Update /deleteaccount existence check to also detect users who only have backfill_operations rows (no credentials) and would otherwise be told 'nothing to delete' - Delete the user's backfill_operations rows as part of the deletion flow - Update confirmation and success embeds to list backfill history - Update log message to include backfill operation count Signed-off-by: Michael Cramer <michael@bigmichi1.de>
… deletion - Add hasUserBackfillOperations() and hasUserActiveBackfill() to BackfillManager - Refuse /deleteaccount while an in_progress backfill exists for the user - Delete backfill_operations rows as part of account deletion flow - Update confirmation and success embeds to list backfill history - Update api-reference.md and full-documentation.md to document the deletion Signed-off-by: Michael Cramer <michael@bigmichi1.de>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.