User Account and Item Lifecycle States

This state diagram illustrates the lifecycle and states of User Accounts and Items within the system.

The User Account state is primarily governed by two boolean flags: is_active and is_superuser.

Active: The default state for new users (via signup or admin creation). Active users can log in, manage their own items, and reset their passwords.
Inactive: A state where the user account exists but is disabled. Inactive users are blocked from logging in or performing any actions, including password recovery.
Superuser: A privileged state that allows the user to access administrative routes, manage other users, and view all items in the system.

The Item Model lifecycle follows a standard CRUD pattern but is tightly coupled with the User who owns it.

Created: The initial state when an item is added to the system.
Updated: Items can be modified multiple times by their owner or a superuser.
Deleted: Items can be removed explicitly or automatically via a cascade delete if the owner's account is removed.

Authentication Guard: The is_active flag is checked during every authenticated request.
Self-Deletion Protection: Superusers are prevented from deleting their own accounts to ensure at least one administrator remains.
Cascade Deletion: Deleting a user automatically transitions all their associated items to the deleted state.

Key Architectural Findings:

User accounts have three primary states based on is_active and is_superuser flags.
The is_active flag serves as a global guard; inactive users cannot authenticate or reset passwords.
Superusers have a distinct state allowing them to manage other users and all items.
Items follow a simple lifecycle of Created -> Updated -> Deleted.
Item deletion is linked to the User lifecycle via SQLAlchemy cascade deletes.
Superusers are restricted from self-deletion to prevent system lockout.

Loading diagram...