qzl/eryao
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
295dbc09ab8dc732fc9e0e2cd26d42847833eaaf
eryao/backend/alembic/versions/20260415_0001_anonymous_session_snapshots.py
T
qzl c2b726e7bd feat(agent): session deletion anonymization for iOS compliance 
Replace soft-delete with anonymize + hard-delete to meet iOS App Store
data retention requirements. Non-PII fields are preserved in
anonymous_session_snapshots for analytics.

- Add anonymous_session_snapshots table and ORM model
- Implement anonymizer to extract non-PII fields before deletion
- Remove points_ledger.biz_id FK constraint (snapshot-style reference)
- Preserve transaction history while allowing session deletion
- Add 14 unit tests + 1 integration test
2026-04-15 18:18:39 +08:00

112 lines
4.1 KiB
Python
Raw Blame History

"""add anonymous_session_snapshots table for iOS compliance
Revision ID: 20260415_0001
Revises: 20260413_0004
Create Date: 2026-04-15 00:10:00
"""
from typing import Sequence, Union
from alembic import op
import sqlalchemy as sa
from sqlalchemy.dialects import postgresql
revision: str = "20260415_0001"
down_revision: Union[str, Sequence[str], None] = "20260413_0004"
branch_labels: Union[str, Sequence[str], None] = None
depends_on: Union[str, Sequence[str], None] = None
def upgrade() -> None:
op.create_table(
"anonymous_session_snapshots",
sa.Column("id", sa.UUID(), nullable=False),
sa.Column("anonymous_id", sa.UUID(), nullable=False),
sa.Column("session_type", sa.String(length=20), nullable=False),
sa.Column("message_count", sa.Integer(), nullable=True),
sa.Column("status", sa.String(length=20), nullable=True),
sa.Column("question_type", sa.String(length=50), nullable=True),
sa.Column("tool_name", sa.String(length=100), nullable=True),
sa.Column("gua_name", sa.String(length=50), nullable=True),
sa.Column("gua_name_hant", sa.String(length=50), nullable=True),
sa.Column("target_gua_name", sa.String(length=50), nullable=True),
sa.Column("has_changing_yao", sa.Boolean(), nullable=True),
sa.Column("sign_level", sa.String(length=20), nullable=True),
sa.Column("keywords", postgresql.ARRAY(sa.Text()), nullable=True),
sa.Column("model_code", sa.String(length=50), nullable=True),
sa.Column("total_tokens", sa.Integer(), nullable=True),
sa.Column("total_cost", sa.Numeric(12, 6), nullable=True),
sa.Column("total_latency_ms", sa.Integer(), nullable=True),
sa.Column(
"created_at",
sa.DateTime(timezone=True),
nullable=False,
),
sa.Column("last_activity_at", sa.DateTime(timezone=True), nullable=True),
sa.Column(
"anonymized_at",
sa.DateTime(timezone=True),
server_default=sa.text("now()"),
nullable=False,
),
sa.PrimaryKeyConstraint("id"),
)
op.create_index(
"ix_anonymous_session_snapshots_anonymous_id",
"anonymous_session_snapshots",
["anonymous_id"],
unique=False,
)
op.create_index(
"ix_anonymous_session_snapshots_created_at",
"anonymous_session_snapshots",
["created_at"],
unique=False,
)
op.create_index(
"ix_anonymous_session_snapshots_question_type",
"anonymous_session_snapshots",
["question_type"],
unique=False,
)
_enable_service_role_only_rls("anonymous_session_snapshots")
def downgrade() -> None:
_drop_rls("anonymous_session_snapshots")
op.drop_index(
"ix_anonymous_session_snapshots_question_type",
table_name="anonymous_session_snapshots",
)
op.drop_index(
"ix_anonymous_session_snapshots_created_at",
table_name="anonymous_session_snapshots",
)
op.drop_index(
"ix_anonymous_session_snapshots_anonymous_id",
table_name="anonymous_session_snapshots",
)
op.drop_table("anonymous_session_snapshots")
def _enable_service_role_only_rls(table_name: str) -> None:
for role in ["anon", "authenticated"]:
for action in ["select", "insert", "update", "delete"]:
op.execute(
f"DROP POLICY IF EXISTS {role}_{action}_{table_name} ON {table_name}"
)
op.execute(f"ALTER TABLE {table_name} ENABLE ROW LEVEL SECURITY")
op.execute(
f"CREATE POLICY service_role_all_{table_name} ON {table_name} FOR ALL TO service_role USING (true) WITH CHECK (true)"
)
def _drop_rls(table_name: str) -> None:
for role in ["anon", "authenticated"]:
for action in ["select", "insert", "update", "delete"]:
op.execute(
f"DROP POLICY IF EXISTS {role}_{action}_{table_name} ON {table_name}"
)
op.execute(f"DROP POLICY IF EXISTS service_role_all_{table_name} ON {table_name}")
op.execute(f"ALTER TABLE {table_name} DISABLE ROW LEVEL SECURITY")
Reference in New Issue View Git Blame Copy Permalink