Documentation
¶
Index ¶
- func ApplySoftDeleteFilter(builder *query.QueryBuilder, showTrashed bool)
- func ForceDelete(ctx context.Context, db *sql.DB, table string, id string) error
- func Restore(ctx context.Context, db *sql.DB, table string, id string) error
- func SoftDelete(ctx context.Context, db *sql.DB, table string, id string) error
- func WithSoftDelete(ent *entity.Entity) *entity.Entity
- func WithTrashed(r *http.Request) bool
- type SoftDeleteScope
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func ApplySoftDeleteFilter ¶
func ApplySoftDeleteFilter(builder *query.QueryBuilder, showTrashed bool)
ApplySoftDeleteFilter adds a WHERE deleted_at IS NULL clause to the query unless showTrashed is true. Call this when building list/get queries for entities that have soft delete enabled.
func ForceDelete ¶
ForceDelete permanently removes a record from the database. This bypasses soft delete and performs a real DELETE.
SECURITY — UNSCOPED OPERATION: this function issues DELETE … WHERE id = $1 with NO tenant, owner, or access-control filter. Any id supplied will be permanently deleted regardless of which tenant or user owns it. Call this only after you have independently verified that the caller is authorised to permanently delete that specific record (e.g. behind an admin gate, or after an explicit ownership check). Using this helper in a user-facing endpoint without such a check creates a cross-tenant / IDOR vulnerability and irreversible data loss.
func Restore ¶
Restore clears the deleted_at field, making a soft-deleted record visible again.
SECURITY — UNSCOPED OPERATION: this function issues UPDATE … WHERE id = $1 with NO tenant, owner, or access-control filter. Any id supplied will be restored regardless of which tenant or user owns it. Call this only after you have independently verified that the caller is authorised to restore that specific record (e.g. behind an admin gate, or after an explicit ownership check). Using this helper in a user-facing endpoint without such a check creates a cross-tenant / IDOR vulnerability.
func SoftDelete ¶
SoftDelete marks a record as deleted by setting deleted_at to NOW(). The record remains in the database but will be excluded from normal queries.
func WithSoftDelete ¶
WithSoftDelete configures an entity for soft delete support. Sets the SoftDelete flag so the framework knows to use UPDATE instead of DELETE.
func WithTrashed ¶
WithTrashed checks whether the request asks to include soft-deleted records. Returns true when the query parameter ?trashed=true is present.
SECURITY — CALLER MUST AUTHORISE: this function only parses the request parameter; it performs no access-control check of its own. If you pass its result to ApplySoftDeleteFilter (or build your own query that omits the deleted_at IS NULL clause), you must first confirm that the caller has permission to view deleted records (e.g. admin-only). Exposing trashed records to unprivileged users leaks data that the application logically treats as deleted.
Types ¶
type SoftDeleteScope ¶
type SoftDeleteScope struct{}
SoftDeleteScope is a query scope that filters out soft-deleted records. When applied to a QueryBuilder, it adds WHERE deleted_at IS NULL.
Source Files