Skip to content

fix(web): restrict comment deletion to the author's own replies #1936

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
richiemcilroy merged 1 commit into from
Jun 19, 2026
Merged

fix(web): restrict comment deletion to the author's own replies #1936

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
13 changes: 9 additions & 4 deletions apps/web/app/api/video/comment/delete/route.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -41,13 +41,18 @@ export async function DELETE(request: NextRequest) {
);
}

// Delete the comment and all its replies
// Delete the comment and only the replies authored by the same user.
// Replies written by other users are preserved (never delete others'
// content), even though that can leave them visually orphaned.

@tembo tembo Bot Jun 19, 2026

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nit: this is only deleting direct replies (same as before), so the comment may read a bit stronger than the behavior. Also worth calling out that preserving other users’ replies means they’ll reference a deleted parent unless you soft-delete the parent or re-parent them.

Suggested change
// content), even though that can leave them visually orphaned.
// Delete the comment and only direct replies authored by the same user.
// Replies written by other users are preserved (never delete others' content),
// which can leave them visually orphaned unless you soft-delete the parent.

await db()
.delete(comments)
.where(
or(
eq(comments.id, commentId.value),
eq(comments.parentCommentId, commentId.value),
and(
eq(comments.authorId, user.id),
or(
eq(comments.id, commentId.value),
eq(comments.parentCommentId, commentId.value),
),
),
);
Comment on lines +44 to 57

@greptile-apps greptile-apps Bot Jun 19, 2026

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Orphaned replies may be invisible or error-prone in the UI

When the parent comment is deleted but other users' replies survive (with parentCommentId pointing to the now-deleted row), the frontend needs to handle this case explicitly. If the UI renders replies by first looking up the parent from local state or a cached result set, orphaned replies could either silently disappear or trigger a rendering error depending on how null/missing parents are handled. The code comment acknowledges this trade-off, but it's worth confirming the front-end comment list component guards against a missing parent before this ships.

Prompt To Fix With AI 
This is a comment left during a code review.
Path: apps/web/app/api/video/comment/delete/route.ts
Line: 44-57

Comment:
**Orphaned replies may be invisible or error-prone in the UI**

When the parent comment is deleted but other users' replies survive (with `parentCommentId` pointing to the now-deleted row), the frontend needs to handle this case explicitly. If the UI renders replies by first looking up the parent from local state or a cached result set, orphaned replies could either silently disappear or trigger a rendering error depending on how null/missing parents are handled. The code comment acknowledges this trade-off, but it's worth confirming the front-end comment list component guards against a missing parent before this ships.

How can I resolve this? If you propose a fix, please make it concise.

Note: If this suggestion doesn't match your team's coding style, reply to this and let me know. I'll remember it for next time!


Expand Down
Loading