Merge pull request #164 from flocko-motion/feat/progress

feat: progress

Author: janosbrodbeck

server/api/httpx/response.go

@@ -106,7 +106,7 @@ func ErrorCodeToStatus(code string) int {
 		return http.StatusForbidden
 	case obj.ErrCodeNotFound:
 		return http.StatusNotFound
-	case obj.ErrCodeConflict, obj.ErrCodeDuplicateName:
+	case obj.ErrCodeConflict, obj.ErrCodeDuplicateName, obj.ErrCodeLastHead:
 		return http.StatusConflict
 	case obj.ErrCodeServerError:
 		return http.StatusInternalServerError

server/db/institution.go

@@ -270,14 +270,22 @@ func DeleteInstitution(ctx context.Context, id uuid.UUID, deletedBy uuid.UUID) e
 		_ = DeleteUser(ctx, participantID)
 	}
 
-	// 3. Clean up remaining FK references before hard-delete
+	// 3. Collect non-participant members (head/staff) before removing roles
+	memberIDs, _ := queries().GetNonParticipantUserIDsByInstitution(ctx, uuid.NullUUID{UUID: id, Valid: true})
+
+	// 4. Clean up remaining FK references before hard-delete
 	_ = queries().DeleteInvitesByInstitution(ctx, id)
 	_ = queries().DeleteApiKeySharesByInstitution(ctx, uuid.NullUUID{UUID: id, Valid: true})
 	_ = queries().DeleteUserRolesByInstitution(ctx, uuid.NullUUID{UUID: id, Valid: true})
 	_ = queries().HardDeleteWorkshopsByInstitution(ctx, id)
 	_ = queries().ClearInstitutionFreeUseApiKeyShare(ctx, id)
 
-	// 4. Hard-delete the institution
+	// 5. Assign individual role to former members so they aren't left without a role
+	for _, memberID := range memberIDs {
+		_ = assignDefaultIndividualRole(ctx, memberID)
+	}
+
+	// 6. Hard-delete the institution
 	if err := queries().HardDeleteInstitution(ctx, id); err != nil {
 		return obj.ErrServerError("failed to delete institution")
 	}

server/db/permissions.go

@@ -113,11 +113,6 @@ func canAccessInstitutionMembers(ctx context.Context, userID uuid.UUID, operatio
 			// If target is a head, apply additional validations
 			if targetUser.Role != nil && targetUser.Role.Role == obj.RoleHead &&
 				targetUser.Role.Institution != nil && targetUser.Role.Institution.ID == institutionID {
-				// Heads cannot remove themselves
-				if *targetUserID == userID {
-					return obj.ErrForbidden("heads cannot remove themselves from an institution")
-				}
-
 				// Count heads in this institution
 				members, err := GetInstitutionMembers(ctx, institutionID, userID)
 				if err != nil {
@@ -131,9 +126,9 @@ func canAccessInstitutionMembers(ctx context.Context, userID uuid.UUID, operatio
 					}
 				}
 
-				// Prevent removing the last head
+				// Prevent removing the last head (whether self or other)
 				if headCount <= 1 {
-					return obj.ErrForbidden("cannot remove the last head from an institution")
+					return obj.NewAppError(obj.ErrCodeLastHead, "you are the last head of this organization — please contact the site administrators to leave")
 				}
 			}
 

server/db/queries/game.sql

@@ -289,6 +289,9 @@ UPDATE app_user SET private_share_game_id = NULL WHERE private_share_game_id = $
 -- name: HardDeleteGamesByCreator :exec
 DELETE FROM game WHERE created_by = $1;
 
+-- name: UnlinkGamesFromWorkshop :exec
+UPDATE game SET workshop_id = NULL WHERE workshop_id = $1;
+
 
 -- game_tag -------------------------------------------------------------
 

server/db/queries/institution.sql

@@ -52,6 +52,14 @@ WHERE r.institution_id = $1
   AND r.role = 'participant'
   AND u.deleted_at IS NULL;
 
+-- name: GetNonParticipantUserIDsByInstitution :many
+SELECT DISTINCT u.id
+FROM app_user u
+JOIN user_role r ON u.id = r.user_id
+WHERE r.institution_id = $1
+  AND r.role != 'participant'
+  AND u.deleted_at IS NULL;
+
 -- name: DeleteInvitesByInstitution :exec
 DELETE FROM user_role_invite WHERE institution_id = $1;
 

server/db/sqlc/game.sql.go

@@ -697,6 +697,9 @@ func DeleteWorkshop(ctx context.Context, id uuid.UUID, deletedBy uuid.UUID) erro
 		_ = DeleteUser(ctx, uid)
 	}
 
+	// Unlink remaining games from this workshop (member games stay with their creator)
+	_ = queries().UnlinkGamesFromWorkshop(ctx, wsNullUUID)
+
 	err = queries().DeleteWorkshop(ctx, id)
 	if err != nil {
 		return obj.ErrServerError("failed to delete workshop")

server/db/sqlc/institution.sql.go

@@ -75,12 +75,16 @@ func (s *InstitutionDeletionTestSuite) TestAdminCanDeleteInstitutionWithCascade(
 	s.T().Logf("Users after deletion: %d", len(usersAfter))
 	s.Equal(len(usersBefore)-1, len(usersAfter), "only participant should be removed")
 
-	// Head and staff should still exist
+	// Head and staff should still exist with individual roles
 	headMe := Must(head.GetMe())
 	s.Equal(head.Name, headMe.Name, "head should still exist")
+	s.Require().NotNil(headMe.Role, "head should have a role")
+	s.Equal(obj.RoleIndividual, headMe.Role.Role, "head should become individual")
 	staffMe := Must(staff.GetMe())
 	s.Equal(staff.Name, staffMe.Name, "staff should still exist")
-	s.T().Logf("Head and staff survived institution deletion")
+	s.Require().NotNil(staffMe.Role, "staff should have a role")
+	s.Equal(obj.RoleIndividual, staffMe.Role.Role, "staff should become individual")
+	s.T().Logf("Head and staff survived institution deletion with individual roles")
 
 	// Participant's game should be gone
 	games := Must(admin.ListGames())
@@ -175,6 +179,125 @@ func (s *InstitutionDeletionTestSuite) TestAdminDeleteOrgMultipleUsersAndWorksho
 	s.T().Logf("All participant games deleted, all non-participants survived")
 }
 
+// TestDeleteInstitutionUnlinksMemberGamesDeletesParticipantGames tests that when an institution
+// is deleted, participant games are removed but head/staff games are preserved (unlinked from workshop).
+func (s *InstitutionDeletionTestSuite) TestDeleteInstitutionUnlinksMemberGamesDeletesParticipantGames() {
+	admin := s.DevUser()
+
+	inst := Must(admin.CreateInstitution("Game Unlink Org"))
+	instIDStr := inst.ID.String()
+
+	head := s.CreateUser("gu-head")
+	headInvite := Must(admin.InviteToInstitution(instIDStr, "head", head.ID))
+	Must(head.AcceptInvite(headInvite.ID.String()))
+
+	staff := s.CreateUser("gu-staff")
+	staffInvite := Must(head.InviteToInstitution(instIDStr, "staff", staff.ID))
+	Must(staff.AcceptInvite(staffInvite.ID.String()))
+
+	// Create workshop with a participant
+	workshop := Must(head.CreateWorkshop(instIDStr, "Game Unlink Workshop"))
+	wsIDStr := workshop.ID.String()
+
+	invite := Must(head.CreateWorkshopInvite(wsIDStr, string(obj.RoleParticipant)))
+	resp, err := s.AcceptWorkshopInviteAnonymously(*invite.InviteToken)
+	s.NoError(err)
+	participant := s.CreateUserWithToken(*resp.AuthToken)
+
+	// Head creates a game (member game — should be preserved)
+	headGame := Must(head.UploadGame("alien-first-contact"))
+	s.T().Logf("Head created game: %s (ID: %s)", headGame.Name, headGame.ID)
+
+	// Staff creates a game (member game — should be preserved)
+	staffGame := Must(staff.UploadGame("alien-first-contact"))
+	s.T().Logf("Staff created game: %s (ID: %s)", staffGame.Name, staffGame.ID)
+
+	// Participant creates a game (should be deleted)
+	participantGame := Must(participant.UploadGame("alien-first-contact"))
+	s.T().Logf("Participant created game: %s (ID: %s)", participantGame.Name, participantGame.ID)
+
+	// Delete the institution
+	MustSucceed(admin.DeleteInstitution(instIDStr))
+	s.T().Logf("Admin deleted institution")
+
+	// Head's game should still exist (unlinked from workshop)
+	fetchedHeadGame, err := head.GetGameByID(headGame.ID.String())
+	s.NoError(err, "head's game should survive institution deletion")
+	s.Equal(headGame.ID, fetchedHeadGame.ID)
+	s.Nil(fetchedHeadGame.WorkshopID, "head's game should be unlinked from workshop")
+	s.T().Logf("Head's game survived and is unlinked")
+
+	// Staff's game should still exist (unlinked from workshop)
+	fetchedStaffGame, err := staff.GetGameByID(staffGame.ID.String())
+	s.NoError(err, "staff's game should survive institution deletion")
+	s.Equal(staffGame.ID, fetchedStaffGame.ID)
+	s.Nil(fetchedStaffGame.WorkshopID, "staff's game should be unlinked from workshop")
+	s.T().Logf("Staff's game survived and is unlinked")
+
+	// Participant's game should be gone (participant user deleted)
+	_, err = admin.GetGameByID(participantGame.ID.String())
+	s.Error(err, "participant's game should be deleted with institution")
+	s.T().Logf("Participant's game correctly deleted")
+
+	// Head and staff should now have individual roles (not left without a role)
+	headMe := Must(head.GetMe())
+	s.Require().NotNil(headMe.Role, "head should still have a role after institution deletion")
+	s.Equal(obj.RoleIndividual, headMe.Role.Role, "head should become individual after institution deletion")
+	s.Nil(headMe.Role.Institution, "head should have no institution after institution deletion")
+	s.T().Logf("Head has individual role")
+
+	staffMe := Must(staff.GetMe())
+	s.Require().NotNil(staffMe.Role, "staff should still have a role after institution deletion")
+	s.Equal(obj.RoleIndividual, staffMe.Role.Role, "staff should become individual after institution deletion")
+	s.Nil(staffMe.Role.Institution, "staff should have no institution after institution deletion")
+	s.T().Logf("Staff has individual role")
+}
+
+// TestDeleteWorkshopUnlinksMemberGames tests that deleting a single workshop
+// unlinks member games and deletes participant games.
+func (s *InstitutionDeletionTestSuite) TestDeleteWorkshopUnlinksMemberGames() {
+	admin := s.DevUser()
+
+	inst := Must(admin.CreateInstitution("WS Del Org"))
+	instIDStr := inst.ID.String()
+
+	head := s.CreateUser("wsd-head")
+	headInvite := Must(admin.InviteToInstitution(instIDStr, "head", head.ID))
+	Must(head.AcceptInvite(headInvite.ID.String()))
+
+	workshop := Must(head.CreateWorkshop(instIDStr, "WS Del Workshop"))
+	wsIDStr := workshop.ID.String()
+
+	invite := Must(head.CreateWorkshopInvite(wsIDStr, string(obj.RoleParticipant)))
+	resp, err := s.AcceptWorkshopInviteAnonymously(*invite.InviteToken)
+	s.NoError(err)
+	participant := s.CreateUserWithToken(*resp.AuthToken)
+
+	// Head creates a game in the workshop context
+	headGame := Must(head.UploadGame("alien-first-contact"))
+	s.T().Logf("Head created game: %s", headGame.ID)
+
+	// Participant creates a game
+	participantGame := Must(participant.UploadGame("alien-first-contact"))
+	s.T().Logf("Participant created game: %s", participantGame.ID)
+
+	// Delete the workshop (not the institution)
+	MustSucceed(head.DeleteWorkshop(wsIDStr))
+	s.T().Logf("Head deleted workshop")
+
+	// Head's game should still exist (unlinked)
+	fetchedHeadGame, err := head.GetGameByID(headGame.ID.String())
+	s.NoError(err, "head's game should survive workshop deletion")
+	s.Equal(headGame.ID, fetchedHeadGame.ID)
+	s.Nil(fetchedHeadGame.WorkshopID, "head's game should be unlinked from workshop")
+	s.T().Logf("Head's game survived and is unlinked")
+
+	// Participant's game should be gone
+	_, err = admin.GetGameByID(participantGame.ID.String())
+	s.Error(err, "participant's game should be deleted with workshop")
+	s.T().Logf("Participant's game correctly deleted")
+}
+
 // TestHeadCannotDeleteInstitution tests that a head cannot delete their own institution.
 func (s *InstitutionDeletionTestSuite) TestHeadCannotDeleteInstitution() {
 	admin := s.DevUser()

server/db/workshop.go

@@ -353,13 +353,13 @@ func (s *MultiUserTestSuite) TestInstitutionManagementLeadership() {
 	s.Equal(2, len(instWithBothHeads.Members), "should have 2 members")
 	s.T().Logf("Institution has 2 heads again")
 
-	// Charlie cannot remove himself - the validation prevents self-removal
-	MustFail(clientCharlie.RemoveMember(institution.ID.String(), clientCharlie.ID))
-	s.T().Logf("Charlie cannot remove himself (expected - validation prevents self-removal)")
+	// Charlie CAN remove himself (leave) since Diana is also a head
+	MustSucceed(clientCharlie.RemoveMember(institution.ID.String(), clientCharlie.ID))
+	s.T().Logf("Charlie left the institution (Diana remains as head)")
 
-	// Diana also cannot remove herself
+	// Diana is now the last head — she cannot leave
 	MustFail(clientDiana.RemoveMember(institution.ID.String(), clientDiana.ID))
-	s.T().Logf("Diana cannot remove herself (expected - validation prevents self-removal)")
+	s.T().Logf("Diana cannot leave (expected - she is the last head)")
 }
 
 // TestInstitutionManagementLeadershipSteal creates two institutions with one head each
@@ -457,22 +457,19 @@ func (s *MultiUserTestSuite) TestInstitutionManagementLeadershipSteal() {
 	s.Equal(obj.RoleHead, inst2AfterFrankLeft.Members[0].Role)
 	s.T().Logf("Institution2 now has 1 head: grace (Frank left)")
 
-	// Frank cannot remove himself from institution1 (self-removal validation)
-	MustFail(clientFrank.RemoveMember(institution1.ID.String(), clientFrank.ID))
-	s.T().Logf("Frank cannot remove himself from institution1 (validation prevents self-removal)")
-
-	// Eve can remove Frank from institution1 (since there are 2 heads)
-	MustSucceed(clientEve.RemoveMember(institution1.ID.String(), clientFrank.ID))
-	s.T().Logf("Eve removed Frank from institution1")
+	// Frank CAN remove himself from institution1 (there are 2 heads: eve and frank)
+	MustSucceed(clientFrank.RemoveMember(institution1.ID.String(), clientFrank.ID))
+	s.T().Logf("Frank left institution1 (Eve remains as head)")
 
 	// Verify Frank was removed from institution1
 	inst1AfterRemoval := Must(clientEve.GetInstitution(institution1.ID.String()))
 	s.Equal(1, len(inst1AfterRemoval.Members), "institution1 should have 1 member")
 	s.Equal("eve", inst1AfterRemoval.Members[0].Name)
 	s.T().Logf("Institution1 back to 1 head: eve")
 
-	// Frank now has no role in any institution
-	s.T().Logf("Frank has no role in any institution")
+	// Eve is now the last head — she cannot leave
+	MustFail(clientEve.RemoveMember(institution1.ID.String(), clientEve.ID))
+	s.T().Logf("Eve cannot leave institution1 (she is the last head)")
 }
 
 // TestInviteByEmail tests email-based invitations