In this episode, we tackle a specific issue: preventing users from deleting the very first (parent) post in a discussion. Previously, it was possible to remove the main post, which didn't make sense because it could leave orphaned replies and break the discussion flow.
We start by reviewing how deleting works and then look at our authorization rules. You'll see that a parent post is easily identified in our database—a parent_id
of null
means it's the original post. So, we simply update our delete logic to check for this: if the post is a parent, the delete option won't appear, and even if someone tries to bypass the UI, our authorization rule has it covered.
To make sure everything works as expected, we walk through a test where we create a new discussion, reply to it, and notice that the delete button is missing on the original post but still available for replies. That’s all it takes—a small change makes our discussions much more robust!