simonfranken/timetracker
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: simonfranken:685a311001affaec253f1ea41fc9e6eedf0c65ac
Branches Tags
simonfranken:main simonfranken:feature/mcp-and-api-keys simonfranken:bugfix-timer-widget-blocks-dialogs simonfranken:feature/balance-ongoing-timer
simonfranken:latest
..
compare: simonfranken:1b0f5866a19adf4957ddc20f85e81ba658b683f0
Branches Tags
simonfranken:main simonfranken:feature/mcp-and-api-keys simonfranken:bugfix-timer-widget-blocks-dialogs simonfranken:feature/balance-ongoing-timer
simonfranken:latest

3 Commits
685a311001 ... 1b0f5866a1

Author SHA1 Message Date
simon.franken
1b0f5866a1 Restore onDelete: Cascade on Project->Client and TimeEntry->Project 
Direct database deletes should still cascade to avoid orphaned records.
The migration now only adds the three deleted_at columns without touching
the existing FK constraints.
 2026-02-23 15:32:31 +01:00
simon.franken
159022ef38 Exclude client targets for soft-deleted clients 
findAll and findById filter on client.deletedAt = null so targets
belonging to a soft-deleted client are invisible. The create guard
also rejects soft-deleted clients. The raw SQL balance query now
excludes soft-deleted time entries and projects from tracked totals.
 2026-02-23 15:24:58 +01:00
simon.franken
1a7d13d5b9 Implement soft-delete for clients, projects, and time entries 
Replace hard deletes with deletedAt timestamp flags on all three entities.
Deleting a client or project only sets its own deletedAt; child records are
excluded implicitly by filtering on parent deletedAt in every read query.
Raw SQL statistics queries also filter out soft-deleted parents.
FK ON DELETE CASCADE removed from Project→Client and TimeEntry→Project.
 2026-02-23 15:21:13 +01:00
7 changed files with 89 additions and 42 deletions
Expand all files Collapse all files

8
backend/prisma/migrations/20260223200000_add_soft_delete/migration.sql Normal file
View File

@@ -0,0 +1,8 @@
-- AlterTable: add deleted_at column to clients
ALTER TABLE "clients" ADD COLUMN "deleted_at" TIMESTAMP(3);
-- AlterTable: add deleted_at column to projects
ALTER TABLE "projects" ADD COLUMN "deleted_at" TIMESTAMP(3);
-- AlterTable: add deleted_at column to time_entries
ALTER TABLE "time_entries" ADD COLUMN "deleted_at" TIMESTAMP(3);

3
backend/prisma/schema.prisma
View File

@@ -30,6 +30,7 @@ model Client {
description String? @db.Text
createdAt DateTime @default(now()) @map("created_at")
updatedAt DateTime @updatedAt @map("updated_at")
deletedAt DateTime? @map("deleted_at")
userId String @map("user_id") @db.VarChar(255)
user User @relation(fields: [userId], references: [id], onDelete: Cascade)
@@ -47,6 +48,7 @@ model Project {
color String? @db.VarChar(7) // Hex color code
createdAt DateTime @default(now()) @map("created_at")
updatedAt DateTime @updatedAt @map("updated_at")
deletedAt DateTime? @map("deleted_at")
userId String @map("user_id") @db.VarChar(255)
user User @relation(fields: [userId], references: [id], onDelete: Cascade)
@@ -69,6 +71,7 @@ model TimeEntry {
description String? @db.Text
createdAt DateTime @default(now()) @map("created_at")
updatedAt DateTime @updatedAt @map("updated_at")
deletedAt DateTime? @map("deleted_at")
userId String @map("user_id") @db.VarChar(255)
user User @relation(fields: [userId], references: [id], onDelete: Cascade)

7
backend/src/services/client.service.ts
View File

@@ -5,14 +5,14 @@ import type { CreateClientInput, UpdateClientInput } from "../types";
export class ClientService {
async findAll(userId: string) {
return prisma.client.findMany({
where: { userId },
where: { userId, deletedAt: null },
orderBy: { name: "asc" },
});
}
async findById(id: string, userId: string) {
return prisma.client.findFirst({
where: { id, userId },
where: { id, userId, deletedAt: null },
});
}
@@ -43,8 +43,9 @@ export class ClientService {
throw new NotFoundError("Client not found");
}
await prisma.client.delete({
await prisma.client.update({
where: { id },
data: { deletedAt: new Date() },
});
}
}

10
backend/src/services/clientTarget.service.ts
View File

@@ -68,7 +68,7 @@ export interface ClientTargetWithBalance {
export class ClientTargetService {
async findAll(userId: string): Promise<ClientTargetWithBalance[]> {
const targets = await prisma.clientTarget.findMany({
where: { userId },
where: { userId, client: { deletedAt: null } },
include: {
client: { select: { id: true, name: true } },
corrections: { orderBy: { date: 'asc' } },
@@ -81,7 +81,7 @@ export class ClientTargetService {
async findById(id: string, userId: string) {
return prisma.clientTarget.findFirst({
where: { id, userId },
where: { id, userId, client: { deletedAt: null } },
include: {
client: { select: { id: true, name: true } },
corrections: { orderBy: { date: 'asc' } },
@@ -97,8 +97,8 @@ export class ClientTargetService {
throw new BadRequestError('startDate must be a Monday');
}
// Ensure the client belongs to this user
const client = await prisma.client.findFirst({ where: { id: data.clientId, userId } });
// Ensure the client belongs to this user and is not soft-deleted
const client = await prisma.client.findFirst({ where: { id: data.clientId, userId, deletedAt: null } });
if (!client) {
throw new NotFoundError('Client not found');
}
@@ -229,6 +229,8 @@ export class ClientTargetService {
AND p.client_id = ${target.clientId}
AND te.start_time >= ${periodStart}
AND te.start_time <= ${periodEnd}
AND te.deleted_at IS NULL
AND p.deleted_at IS NULL
GROUP BY DATE_TRUNC('week', te.start_time AT TIME ZONE 'UTC')
`);

20
backend/src/services/project.service.ts
View File

@@ -7,6 +7,8 @@ export class ProjectService {
return prisma.project.findMany({
where: {
userId,
deletedAt: null,
client: { deletedAt: null },
...(clientId && { clientId }),
},
orderBy: { name: "asc" },
@@ -23,7 +25,12 @@ export class ProjectService {
async findById(id: string, userId: string) {
return prisma.project.findFirst({
where: { id, userId },
where: {
id,
userId,
deletedAt: null,
client: { deletedAt: null },
},
include: {
client: {
select: {
@@ -36,9 +43,9 @@ export class ProjectService {
}
async create(userId: string, data: CreateProjectInput) {
// Verify the client belongs to the user
// Verify the client belongs to the user and is not soft-deleted
const client = await prisma.client.findFirst({
where: { id: data.clientId, userId },
where: { id: data.clientId, userId, deletedAt: null },
});
if (!client) {
@@ -70,10 +77,10 @@ export class ProjectService {
throw new NotFoundError("Project not found");
}
// If clientId is being updated, verify it belongs to the user
// If clientId is being updated, verify it belongs to the user and is not soft-deleted
if (data.clientId) {
const client = await prisma.client.findFirst({
where: { id: data.clientId, userId },
where: { id: data.clientId, userId, deletedAt: null },
});
if (!client) {
@@ -108,8 +115,9 @@ export class ProjectService {
throw new NotFoundError("Project not found");
}
await prisma.project.delete({
await prisma.project.update({
where: { id },
data: { deletedAt: new Date() },
});
}
}

44
backend/src/services/timeEntry.service.ts
View File

@@ -46,7 +46,11 @@ export class TimeEntryService {
COUNT(te.id)::bigint AS entry_count
FROM time_entries te
JOIN projects p ON p.id = te.project_id
JOIN clients c ON c.id = p.client_id
WHERE te.user_id = ${userId}
AND te.deleted_at IS NULL
AND p.deleted_at IS NULL
AND c.deleted_at IS NULL
${filterClause}
GROUP BY p.id, p.name, p.color
ORDER BY total_seconds DESC
@@ -69,6 +73,9 @@ export class TimeEntryService {
JOIN projects p ON p.id = te.project_id
JOIN clients c ON c.id = p.client_id
WHERE te.user_id = ${userId}
AND te.deleted_at IS NULL
AND p.deleted_at IS NULL
AND c.deleted_at IS NULL
${filterClause}
GROUP BY c.id, c.name
ORDER BY total_seconds DESC
@@ -81,7 +88,11 @@ export class TimeEntryService {
COUNT(te.id)::bigint AS entry_count
FROM time_entries te
JOIN projects p ON p.id = te.project_id
JOIN clients c ON c.id = p.client_id
WHERE te.user_id = ${userId}
AND te.deleted_at IS NULL
AND p.deleted_at IS NULL
AND c.deleted_at IS NULL
${filterClause}
`,
),
@@ -125,10 +136,11 @@ export class TimeEntryService {
const where: {
userId: string;
deletedAt: null;
startTime?: { gte?: Date; lte?: Date };
projectId?: string;
project?: { clientId?: string };
} = { userId };
project?: { deletedAt: null; clientId?: string; client: { deletedAt: null } };
} = { userId, deletedAt: null };
if (startDate || endDate) {
where.startTime = {};
@@ -140,9 +152,13 @@ export class TimeEntryService {
where.projectId = projectId;
}
if (clientId) {
where.project = { clientId };
}
// Always filter out entries whose project or client is soft-deleted,
// merging the optional clientId filter into the project relation filter.
where.project = {
deletedAt: null,
client: { deletedAt: null },
...(clientId && { clientId }),
};
const [entries, total] = await Promise.all([
prisma.timeEntry.findMany({
@@ -182,7 +198,12 @@ export class TimeEntryService {
async findById(id: string, userId: string) {
return prisma.timeEntry.findFirst({
where: { id, userId },
where: {
id,
userId,
deletedAt: null,
project: { deletedAt: null, client: { deletedAt: null } },
},
include: {
project: {
select: {
@@ -217,9 +238,9 @@ export class TimeEntryService {
throw new BadRequestError("Break time cannot exceed total duration");
}
// Verify the project belongs to the user
// Verify the project belongs to the user and is not soft-deleted (nor its client)
const project = await prisma.project.findFirst({
where: { id: data.projectId, userId },
where: { id: data.projectId, userId, deletedAt: null, client: { deletedAt: null } },
});
if (!project) {
@@ -288,10 +309,10 @@ export class TimeEntryService {
throw new BadRequestError("Break time cannot exceed total duration");
}
// If project changed, verify it belongs to the user
// If project changed, verify it belongs to the user and is not soft-deleted
if (data.projectId && data.projectId !== entry.projectId) {
const project = await prisma.project.findFirst({
where: { id: data.projectId, userId },
where: { id: data.projectId, userId, deletedAt: null, client: { deletedAt: null } },
});
if (!project) {
@@ -345,8 +366,9 @@ export class TimeEntryService {
throw new NotFoundError("Time entry not found");
}
await prisma.timeEntry.delete({
await prisma.timeEntry.update({
where: { id },
data: { deletedAt: new Date() },
});
}
}

3
frontend/src/types/index.ts
View File

@@ -11,6 +11,7 @@ export interface Client {
description: string | null;
createdAt: string;
updatedAt: string;
deletedAt: string | null;
}
export interface Project {
@@ -22,6 +23,7 @@ export interface Project {
client: Pick<Client, 'id' | 'name'>;
createdAt: string;
updatedAt: string;
deletedAt: string | null;
}
export interface TimeEntry {
@@ -36,6 +38,7 @@ export interface TimeEntry {
};
createdAt: string;
updatedAt: string;
deletedAt: string | null;
}
export interface OngoingTimer {