Add an anonymize path for the retention-bound audit trail (today the repo can only hard-delete).
Scope
AuditRepository.anonymizeByUser β new method: updateMany({ userId }, { $set: { userId: null, ip: '', userAgent: '', metadata: {} } }) (the repo exposes only deleteMany today).- Register in
audit.init.js, axis:'user', retention:'anonymize': export rows by userId only (never org-scoped β no co-member leak); erase = anonymizeByUser (keep action + timestamp; never delete the trail).
- Tolerate the audit model being absent when the module is deactivated.
DoD
Depends on: GDPR registry leaf.
Created via /dev:issue
Add an anonymize path for the retention-bound audit trail (today the repo can only hard-delete).
Scope
AuditRepository.anonymizeByUserβ new method:updateMany({ userId }, { $set: { userId: null, ip: '', userAgent: '', metadata: {} } })(the repo exposes onlydeleteManytoday).audit.init.js,axis:'user',retention:'anonymize': export rows byuserIdonly (never org-scoped β no co-member leak); erase =anonymizeByUser(keepaction+ timestamp; never delete the trail).DoD
anonymizeByUserrepo unit test.userId-scoped./verifygreen.Depends on: GDPR registry leaf.
Created via /dev:issue