Merge PR #257: compliance

Author: Calebux

backend/package.json

@@ -26,6 +26,7 @@
     "@types/cookie-parser": "^1.4.10",
     "@types/multer": "^2.1.0",
     "@types/uuid": "^10.0.0",
+    "archiver": "^7.0.1",
     "bcryptjs": "^2.4.3",
     "cookie-parser": "^1.4.7",
     "csv-parse": "^6.2.1",
@@ -48,6 +49,8 @@
     "zod": "^3.23.8"
   },
   "devDependencies": {
+    "@stellar/stellar-sdk": "^14.5.0",
+    "@types/archiver": "^7.0.0",
     "@types/bcryptjs": "^2.4.6",
     "@types/express": "^5.0.6",
     "@types/express-rate-limit": "^5.1.3",

backend/scripts/018_gdpr_compliance.sql

@@ -0,0 +1,44 @@
+-- 018_gdpr_compliance.sql
+-- GDPR compliance: account_deletions table + audit_logs FK change
+
+-- 1. Create account_deletions table
+CREATE TABLE IF NOT EXISTS account_deletions (
+  id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
+  user_id UUID NOT NULL UNIQUE REFERENCES auth.users(id),
+  requested_at TIMESTAMPTZ NOT NULL DEFAULT now(),
+  scheduled_deletion_at TIMESTAMPTZ NOT NULL,
+  cancelled_at TIMESTAMPTZ,
+  completed_at TIMESTAMPTZ,
+  reason TEXT,
+  status TEXT NOT NULL DEFAULT 'pending' CHECK (status IN ('pending', 'cancelled', 'completed')),
+  CONSTRAINT valid_scheduled_date CHECK (scheduled_deletion_at > requested_at)
+);
+
+CREATE INDEX idx_account_deletions_status ON account_deletions(status);
+CREATE INDEX idx_account_deletions_scheduled ON account_deletions(scheduled_deletion_at) WHERE status = 'pending';
+
+ALTER TABLE account_deletions ENABLE ROW LEVEL SECURITY;
+
+CREATE POLICY "Users can view own deletion status"
+  ON account_deletions FOR SELECT
+  USING (auth.uid() = user_id);
+
+CREATE POLICY "Users can request own deletion"
+  ON account_deletions FOR INSERT
+  WITH CHECK (auth.uid() = user_id);
+
+CREATE POLICY "Users can cancel own deletion"
+  ON account_deletions FOR UPDATE
+  USING (auth.uid() = user_id);
+
+-- 2. Make audit_logs.user_id nullable and change FK to SET NULL
+-- This ensures audit logs survive user deletion (anonymized, not deleted)
+ALTER TABLE audit_logs ALTER COLUMN user_id DROP NOT NULL;
+
+ALTER TABLE audit_logs DROP CONSTRAINT IF EXISTS audit_logs_user_id_fkey;
+ALTER TABLE audit_logs
+  ADD CONSTRAINT audit_logs_user_id_fkey
+  FOREIGN KEY (user_id) REFERENCES auth.users(id) ON DELETE SET NULL;
+
+-- 3. Index for efficient data export queries
+CREATE INDEX IF NOT EXISTS idx_audit_logs_user_id ON audit_logs(user_id);

backend/src/index.ts

@@ -20,6 +20,7 @@ import merchantRoutes from './routes/merchants';
 import teamRoutes from './routes/team';
 import auditRoutes from './routes/audit';
 import webhookRoutes from './routes/webhooks';
+import complianceRoutes from './routes/compliance';
 import tagsRoutes from './routes/tags';
 import { createExchangeRatesRouter } from './routes/exchange-rates';
 import { ExchangeRateService } from './services/exchange-rate/exchange-rate-service';
@@ -84,6 +85,7 @@ app.use('/api/audit', auditRoutes);
 app.use('/api/integrations/gmail', authenticate, gmailRouter)
 app.use('/api/integrations/outlook', authenticate, outlookRouter)
 app.use('/api/webhooks', webhookRoutes);
+app.use('/api/compliance', complianceRoutes);
 app.use('/api/tags', tagsRoutes);
 app.use('/api', tagsRoutes); // handles /api/subscriptions/:id/notes and /api/subscriptions/:id/tags
 app.use('/api/exchange-rates', createExchangeRatesRouter(exchangeRateService));