Forem: Vigneshwaran16 The latest articles on Forem by Vigneshwaran16 (@oddcoder). https://forem.com/oddcoder https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F699185%2F04425f7d-5d4c-4e77-b3c8-a1fc30798092.png Forem: Vigneshwaran16 https://forem.com/oddcoder en Postgresql soft-delete strategies: balancing data retention Vigneshwaran16 Wed, 23 Apr 2025 08:21:29 +0000 https://forem.com/oddcoder/postgresql-soft-delete-strategies-balancing-data-retention-50lo https://forem.com/oddcoder/postgresql-soft-delete-strategies-balancing-data-retention-50lo <p>Usually, when we work in applications where the capacity is needed to restore deleted records at certain point in time, such as messaging systems where the user may have deleted messages/attachments but may be retained for moderation by admins that can be restored at a later point, or in a content management service where files are deleted by user and can be restored from trash.</p> <h3> Traditional soft-delete </h3> <p>We simply add a flag <code>is_deleted</code> or <code>is_active</code> or as a timestamp of deletion <code>deleted_at</code> and call it a day. And all the queries will have this flag in the <code>where</code> clause to differentiate deleted and active service data.</p> <p>Most popular ORMs provide such provision for soft-deletion(as paranoid tables). Here is an example of soft-deletion in action in <code>sequelize ORM</code><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="kd">class</span> <span class="nc">Post</span> <span class="kd">extends</span> <span class="nc">Model</span> <span class="p">{}</span> <span class="nx">Post</span><span class="p">.</span><span class="nf">init</span><span class="p">(</span> <span class="p">{</span> <span class="cm">/* attributes here */</span> <span class="p">},</span> <span class="p">{</span> <span class="nx">sequelize</span><span class="p">,</span> <span class="na">paranoid</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="c1">// If you want to give a custom name to the deletedAt column</span> <span class="na">deletedAt</span><span class="p">:</span> <span class="dl">'</span><span class="s1">destroyTime</span><span class="dl">'</span><span class="p">,</span> <span class="p">},</span> <span class="p">);</span> </code></pre> </div> <p>Soft-deletion and restoration happens as<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="k">await</span> <span class="nx">Post</span><span class="p">.</span><span class="nf">destroy</span><span class="p">({</span> <span class="na">where</span><span class="p">:</span> <span class="p">{</span> <span class="na">id</span><span class="p">:</span> <span class="mi">1</span><span class="p">,</span> <span class="p">},</span> <span class="p">});</span> <span class="c1">// UPDATE "posts" SET "deletedAt"=[timestamp] WHERE "deletedAt" IS NULL AND "id" = 1</span> <span class="c1">// Restoring every soft-deleted post with more than 100 likes</span> <span class="k">await</span> <span class="nx">Post</span><span class="p">.</span><span class="nf">restore</span><span class="p">({</span> <span class="na">where</span><span class="p">:</span> <span class="p">{</span> <span class="na">likes</span><span class="p">:</span> <span class="p">{</span> <span class="p">[</span><span class="nx">Op</span><span class="p">.</span><span class="nx">gt</span><span class="p">]:</span> <span class="mi">100</span><span class="p">,</span> <span class="p">},</span> <span class="p">},</span> <span class="p">});</span> </code></pre> </div> <h3> Row Level Security(RLS) in postgres </h3> <p>There may be inconsistent data if the developer forgets to add the <code>is_active</code> flag to the query, typically when we move specific high frequency APIs to different language or ecosystem. In such scenarios, we can let the database take of soft-deletion so it leaves less room for error for the developer.</p> <p>Using Row-Level Security (RLS) with soft deletes in PostgreSQL is a powerful way to ensure deleted data is automatically hidden from regular queries — without relying on every query writer to remember <code>WHERE is_deleted = false</code></p> <p>Let’s say you have a table like this:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight sql"><code><span class="k">CREATE</span> <span class="k">TABLE</span> <span class="n">tasks</span> <span class="p">(</span> <span class="n">id</span> <span class="nb">SERIAL</span> <span class="k">PRIMARY</span> <span class="k">KEY</span><span class="p">,</span> <span class="n">title</span> <span class="nb">TEXT</span><span class="p">,</span> <span class="n">is_deleted</span> <span class="nb">BOOLEAN</span> <span class="k">DEFAULT</span> <span class="k">FALSE</span><span class="p">,</span> <span class="n">owner_id</span> <span class="nb">INT</span> <span class="p">);</span> </code></pre> </div> <p>We can enforce the database to ignore deleted rows for select queries.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight sql"><code><span class="c1">-- Enable RLS</span> <span class="k">ALTER</span> <span class="k">TABLE</span> <span class="n">tasks</span> <span class="n">ENABLE</span> <span class="k">ROW</span> <span class="k">LEVEL</span> <span class="k">SECURITY</span><span class="p">;</span> <span class="c1">-- Create a RLS policy</span> <span class="k">CREATE</span> <span class="n">POLICY</span> <span class="n">only_active_tasks</span> <span class="k">ON</span> <span class="n">tasks</span> <span class="k">FOR</span> <span class="k">SELECT</span> <span class="k">USING</span> <span class="p">(</span> <span class="n">is_deleted</span> <span class="o">=</span> <span class="k">FALSE</span> <span class="p">);</span> <span class="c1">-- Enforce the policy</span> <span class="k">ALTER</span> <span class="k">TABLE</span> <span class="n">tasks</span> <span class="k">FORCE</span> <span class="k">ROW</span> <span class="k">LEVEL</span> <span class="k">SECURITY</span><span class="p">;</span> </code></pre> </div> <p>This can be extended for update and delete operations as well. Also ensure <strong>db admins</strong> have provision to bypass RLS policy for data restoration.</p> <p>All these are the default go to solution when it comes to soft-delete functionality for simple applications or internal tools. It is going to be a different game when it comes to enterprise (or) B2B (or) fintech applications where multiple policies, compliances must be followed. Eg., there may audti compliance to retain deleted data for 90 days; provision for the user to delete user-related data(including historic data) completely from the platform.</p> <p>Biggest concern when managing data is complex would be data leakage into backups, that is when data is to be deleted but may be retained in backups taken awhile ago. When large teams work on same table/database having <code>is_delete</code> will always have serious regressions.</p> <h3> Archive tables </h3> <p>One easier way is to maintain a separate archive table that holds the deleted records with supporting metadata like <code>table</code>,<code>deleted_by</code>, <code>deleted_at</code>. This way the active service data will look clean and devoid of any paranoid clauses. No additional attention is needed on data leakage into backups. This table can be ignored from the periodic service data backup and the archive table can have a specific backup of its own.</p> <p>A simple trigger can be written which catches the delete queries and moves them to the archive table.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight sql"><code><span class="k">CREATE</span> <span class="k">OR</span> <span class="k">REPLACE</span> <span class="k">FUNCTION</span> <span class="n">archive_deleted_rows</span><span class="p">()</span> <span class="k">RETURNS</span> <span class="k">TRIGGER</span> <span class="k">AS</span> <span class="err">$$</span> <span class="k">BEGIN</span> <span class="k">INSERT</span> <span class="k">INTO</span> <span class="n">archive_table</span> <span class="p">(</span> <span class="k">table_name</span><span class="p">,</span> <span class="n">deleted_data</span><span class="p">,</span> <span class="n">deleted_at</span><span class="p">,</span> <span class="n">deleted_by</span> <span class="p">)</span> <span class="k">VALUES</span> <span class="p">(</span> <span class="n">TG_TABLE_NAME</span><span class="p">,</span> <span class="n">to_jsonb</span><span class="p">(</span><span class="k">OLD</span><span class="p">),</span> <span class="n">now</span><span class="p">(),</span> <span class="n">current_setting</span><span class="p">(</span><span class="s1">'app.current_user'</span><span class="p">,</span> <span class="k">true</span><span class="p">)</span> <span class="c1">--user from session</span> <span class="p">);</span> <span class="k">RETURN</span> <span class="k">OLD</span><span class="p">;</span> <span class="k">END</span><span class="p">;</span> <span class="err">$$</span> <span class="k">LANGUAGE</span> <span class="n">plpgsql</span><span class="p">;</span> </code></pre> </div> <h3> Way forward </h3> <p>Soft-delete is one of such features which may seem harmless at face value, but need a thorough thought out plan at scale. In the end, everything boils down to the nature of the application, compliances involved, where adopting the right techniques will be helpful in the long run.</p> postgres database sql