Add GDPR removal customer detail extension to anonymizer#2380
Merged
Conversation
Adds a "GDPR removal" action mounted on the Dashboard customer detail page (CUSTOMER_DETAILS_MORE_ACTIONS, POPUP). The popup resolves the customer by the id the Dashboard passes, then runs a staged flow: scan orders/checkouts/gift cards, preview the exact list, confirm via a red gate, execute the existing anonymize/delete mutations (customer deleted last), and re-scan to verify with a per-type pass/fail summary. Staff accounts are blocked. Reuses the existing pure helpers and GraphQL documents; the email-based single-customer page is left unchanged. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
🦋 Changeset detectedLatest commit: 10a5dd3 The changes in this PR will be included in the next version bump. This PR includes changesets to release 1 package
Not sure what this means? Click here to learn what changesets are. Click here if you're a maintainer who wants to add another changeset to this PR |
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## main #2380 +/- ##
==========================================
- Coverage 38.15% 37.97% -0.18%
==========================================
Files 1048 1044 -4
Lines 67116 66831 -285
Branches 3598 3554 -44
==========================================
- Hits 25605 25379 -226
+ Misses 41121 41063 -58
+ Partials 390 389 -1
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Harness. 🚀 New features to boost your workflow:
|
The Dashboard's AppBridge reserves the `id` query param for the app's own id (e.g. `App:1076`), so reading `id` resolved the active app instead of the customer. The customer id is passed under `customerId` (e.g. `User:1503`) for CUSTOMER_DETAILS_MORE_ACTIONS extensions. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
The customer detail page the popup was opened from no longer exists once the account is deleted. The done screen now shows a "Finish" button that dispatches an AppBridge redirect to /customers so the operator lands on a valid page. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
mirekm
approved these changes
Jun 22, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Adds a "GDPR removal" action mounted on the Dashboard customer detail page (CUSTOMER_DETAILS_MORE_ACTIONS, POPUP). The popup resolves the customer by the id the Dashboard passes, then runs a staged flow: scan orders/checkouts/gift cards, preview the exact list, confirm via a red gate, execute the existing anonymize/delete mutations (customer deleted last), and re-scan to verify with a per-type pass/fail summary. Staff accounts are blocked.
Reuses the existing pure helpers and GraphQL documents; the email-based single-customer page is left unchanged.
Scope of the PR
Related issues
Checklist