From fb112bf0d48e62c9d1d1776ce9e731cea85deddc Mon Sep 17 00:00:00 2001
From: Wes Appler <wes@opentech.fund>
Date: Tue, 17 Feb 2026 11:23:24 -0500
Subject: [PATCH 1/7] Implemented the option to anonymize or delete user
 applications in both wagtail & submission views

---
 hypha/apply/activity/models.py                |   4 +-
 hypha/apply/activity/options.py               |   1 +
 hypha/apply/funds/forms.py                    |  23 ++++
 hypha/apply/funds/models/__init__.py          |   3 +-
 hypha/apply/funds/models/submissions.py       | 123 +++++++++++++++++-
 .../applicationsubmission_confirm_delete.html |  25 +++-
 .../funds/applicationsubmission_detail.html   |   2 +-
 .../funds/includes/admin_primary_actions.html |   1 +
 .../modal_skeleton_submission_confirm.html    |  33 +++++
 .../templates/funds/submissions_result.html   |   9 +-
 hypha/apply/funds/views/results.py            |   7 +-
 hypha/apply/funds/views/submission_delete.py  |  14 +-
 hypha/apply/funds/views/submission_edit.py    |   4 +-
 hypha/apply/users/models.py                   |  46 +++++++
 .../wagtailusers/users/confirm_delete.html    |  38 ++++++
 hypha/apply/users/templatetags/users_tags.py  |   7 +
 hypha/apply/users/wagtail_hooks.py            |  23 ++++
 hypha/core/context_processors.py              |   1 +
 hypha/settings/base.py                        |   2 +
 hypha/templates/cotton/modal/confirm.html     |   8 +-
 20 files changed, 348 insertions(+), 26 deletions(-)
 create mode 100644 hypha/apply/funds/templates/funds/includes/modal_skeleton_submission_confirm.html
 create mode 100644 hypha/apply/users/templates/wagtailusers/users/confirm_delete.html

diff --git a/hypha/apply/activity/models.py b/hypha/apply/activity/models.py
index c3d8cae455..13d1c81132 100644
--- a/hypha/apply/activity/models.py
+++ b/hypha/apply/activity/models.py
@@ -197,7 +197,7 @@ def get_absolute_url(self):
 class Activity(models.Model):
     timestamp = models.DateTimeField()
     type = models.CharField(choices=ACTIVITY_TYPES.items(), max_length=30)
-    user = models.ForeignKey(settings.AUTH_USER_MODEL, on_delete=models.PROTECT)
+    user = models.ForeignKey(settings.AUTH_USER_MODEL, on_delete=models.CASCADE)
 
     source_content_type = models.ForeignKey(
         ContentType,
@@ -373,7 +373,7 @@ class Event(models.Model):
     when = models.DateTimeField(auto_now_add=True)
     type = models.CharField(_("verb"), choices=MESSAGES.choices, max_length=50)
     by = models.ForeignKey(
-        settings.AUTH_USER_MODEL, on_delete=models.PROTECT, null=True
+        settings.AUTH_USER_MODEL, on_delete=models.CASCADE, null=True
     )
     content_type = models.ForeignKey(
         ContentType, blank=True, null=True, on_delete=models.CASCADE
diff --git a/hypha/apply/activity/options.py b/hypha/apply/activity/options.py
index 8798979e86..548bad5323 100644
--- a/hypha/apply/activity/options.py
+++ b/hypha/apply/activity/options.py
@@ -34,6 +34,7 @@ class MESSAGES(TextChoices):
     OPENED_SEALED = "OPENED_SEALED", _("opened sealed submission")
     REVIEW_OPINION = "REVIEW_OPINION", _("reviewed opinion")
     DELETE_SUBMISSION = "DELETE_SUBMISSION", _("deleted submission")
+    ANONYMIZE_SUBMISSION = "ANONYMIZE_SUBMISSION", _("anonymized submission")
     DELETE_REVIEW = "DELETE_REVIEW", _("deleted review")
     DELETE_REVIEW_OPINION = "DELETE_REVIEW_OPINION", _("deleted review opinion")
     CREATED_PROJECT = "CREATED_PROJECT", _("created project")
diff --git a/hypha/apply/funds/forms.py b/hypha/apply/funds/forms.py
index cab7bb1c0a..06e12112f3 100644
--- a/hypha/apply/funds/forms.py
+++ b/hypha/apply/funds/forms.py
@@ -5,6 +5,7 @@
 
 import nh3
 from django import forms
+from django.conf import settings
 from django.db.models import Q
 from django.utils.safestring import mark_safe
 from django.utils.translation import gettext_lazy as _
@@ -495,6 +496,28 @@ class Meta:
         fields = ["invited_user_email", "submission"]
 
 
+class DeleteSubmissionForm(forms.Form):
+    # Alpine.js code added as an attribute to update confirmation text (ie. when a user has to type `delete` to finalize deletion)
+    anon_or_delete = forms.ChoiceField(
+        choices=[
+            ("ANONYMIZE", "Anonymize submission"),
+            ("DELETE", "Delete submission"),
+        ],
+        widget=forms.RadioSelect(
+            attrs={
+                "class": "text-sm radio-sm",
+                "@click": "mode = $el.value.toLowerCase()",
+            }
+        ),
+        initial="ANONYMIZE",
+    )
+
+    def __init__(self, *args, **kwargs):
+        super().__init__(*args, **kwargs)
+        if not settings.SUBMISSION_SKELETONING_ENABLED:
+            del self.fields["anon_or_delete"]
+
+
 class EditCoApplicantForm(forms.ModelForm):
     role = forms.ChoiceField(
         choices=CoApplicantRole.choices, label="Role", required=False
diff --git a/hypha/apply/funds/models/__init__.py b/hypha/apply/funds/models/__init__.py
index 8a4bba9e17..1985175984 100644
--- a/hypha/apply/funds/models/__init__.py
+++ b/hypha/apply/funds/models/__init__.py
@@ -14,13 +14,14 @@
 from .reminders import Reminder
 from .reviewer_role import ReviewerRole, ReviewerSettings
 from .screening import ScreeningStatus
-from .submissions import ApplicationSubmission
+from .submissions import ApplicationSubmission, ApplicationSubmissionSkeleton
 
 __all__ = [
     "ApplicationForm",
     "ApplicationRevision",
     "ApplicationSettings",
     "ApplicationSubmission",
+    "ApplicationSubmissionSkeleton",
     "AssignedReviewers",
     "Reminder",
     "ReviewerRole",
diff --git a/hypha/apply/funds/models/submissions.py b/hypha/apply/funds/models/submissions.py
index 01112ec0f2..3096ff3ea1 100644
--- a/hypha/apply/funds/models/submissions.py
+++ b/hypha/apply/funds/models/submissions.py
@@ -1,12 +1,13 @@
 import operator
 from functools import partialmethod, reduce
-from typing import Optional, Self
+from typing import Any, Dict, Optional, Self
 
 from django.apps import apps
 from django.conf import settings
 from django.contrib.auth import get_user_model
 from django.contrib.auth.models import AbstractBaseUser, AnonymousUser, Group
 from django.contrib.contenttypes.fields import GenericRelation
+from django.contrib.postgres.fields import ArrayField
 from django.contrib.postgres.indexes import GinIndex
 from django.contrib.postgres.search import SearchVector, SearchVectorField
 from django.core.exceptions import PermissionDenied
@@ -486,7 +487,7 @@ class ApplicationSubmission(
         related_query_name="submission",
     )
     user = models.ForeignKey(
-        settings.AUTH_USER_MODEL, on_delete=models.SET_NULL, null=True
+        settings.AUTH_USER_MODEL, on_delete=models.CASCADE, null=True
     )
     search_data = models.TextField()
     search_document = SearchVectorField(null=True)
@@ -1081,3 +1082,121 @@ def log_status_update(self, descriptor, source, target, **kwargs):
                 user=by,
                 source=instance,
             )
+
+
+class ApplicationSubmissionSkeleton(models.Model):
+    """The class to be used for stripping PII from an application and making it minimal"""
+
+    user = models.ForeignKey(
+        settings.AUTH_USER_MODEL, on_delete=models.SET_NULL, null=True
+    )
+
+    value = models.FloatField(null=True)
+
+    status = models.CharField(
+        max_length=100,
+        choices=get_all_possible_states(),
+        default=INITIAL_STATE,
+    )
+
+    category = ArrayField(models.CharField(), null=True)
+
+    page = models.ForeignKey("wagtailcore.Page", on_delete=models.PROTECT)
+    round = models.ForeignKey(
+        "wagtailcore.Page",
+        on_delete=models.PROTECT,
+        related_name="skeleton_submissions",
+        null=True,
+    )
+
+    submit_time = models.DateTimeField(
+        verbose_name=_("submit time"), auto_now_add=False
+    )
+
+    screening_statuses = models.ManyToManyField(
+        "funds.ScreeningStatus", related_name="skeleton_submissions", blank=True
+    )
+
+    @classmethod
+    def from_dict(
+        cls, dict_submission: Dict[str, Any], save_user: bool = False
+    ) -> Self | None:
+        """Creates an ApplicationSubmissionSkeleton from a given dictionary
+
+        Attempts to pull values from keys of `form_data`, `page_id`, `round_id`, `status`, `submit_time` and optionally (save_user=True) `user_id`.
+
+        For convenience, it if values of previous keys are none will also try prepending `applicationsubmission__`.
+        ie. if `dict_submission.get("page_id") = None`, `dict_submission.get("applicationsubmission__page_id")` will be tried
+
+        Args:
+            dict_submission: The dictionary containing the expected keys to create a ApplicationSubmissionSkeleton from
+            save_user: bool to save the provided user ID in `dict_submission` to the ApplicationSubmissionSkeleton
+
+        Returns: Populated ApplicationSubmissionSkeleton if successful, None if not
+        """
+        # If all values of the application dictionary are none, don't create a new skeleton app
+        if all(x is None for x in dict_submission.values()):
+            return None
+
+        user = None
+        if save_user:
+            user = dict_submission.get("user_id") or dict_submission.get(
+                "applicationsubmission__user_id"
+            )
+
+        value = None
+        if form_data := dict_submission.get("form_data") or dict_submission.get(
+            "applicationsubmission__form_data"
+        ):
+            value = form_data.get("value")
+
+        skeleton = ApplicationSubmissionSkeleton.objects.create(
+            user_id=user,
+            page_id=dict_submission.get("page_id")
+            or dict_submission.get("applicationsubmission__page_id"),
+            round_id=dict_submission.get("round_id")
+            or dict_submission.get("applicationsubmission__round_id"),
+            value=value,
+            status=dict_submission.get("status")
+            or dict_submission.get("applicationsubmission__status"),
+            submit_time=dict_submission.get("submit_time")
+            or dict_submission.get("applicationsubmission__submit_time"),
+        )
+
+        return skeleton
+
+    @classmethod
+    def from_submission(
+        cls, submission: ApplicationSubmission, save_user: bool = False
+    ) -> Self:
+        """Creates an ApplicationSubmissionSkeleton from a given ApplicationSubmission object
+
+        Note that this will NOT delete the provided ApplicationSubmission, just creates a ApplicationSubmissionSkeleton.
+
+        Args:
+            submission: The ApplicationSubmission to create a ApplicationSubmissionSkeleton from
+            save_user: bool to save the user associated on the ApplicationSubmission to the ApplicationSubmissionSkeleton
+
+        Returns: Populated ApplicationSubmissionSkeleton
+        """
+
+        user = None
+        if save_user:
+            user = submission.user
+
+        skeleton = ApplicationSubmissionSkeleton.objects.create(
+            user=user,
+            page=submission.page,
+            round=submission.round,
+            value=submission.form_data.get("value", None),
+            status=submission.status,
+            submit_time=submission.submit_time,
+        )
+
+        # TODO: Handle categories here
+
+        skeleton.screening_statuses.set(submission.screening_statuses.all())
+
+        skeleton.save()
+
+        return skeleton
diff --git a/hypha/apply/funds/templates/funds/applicationsubmission_confirm_delete.html b/hypha/apply/funds/templates/funds/applicationsubmission_confirm_delete.html
index cc40d9484f..22ca126583 100644
--- a/hypha/apply/funds/templates/funds/applicationsubmission_confirm_delete.html
+++ b/hypha/apply/funds/templates/funds/applicationsubmission_confirm_delete.html
@@ -1,11 +1,22 @@
 {% load i18n %}
 
 <c-modal.confirm title="{% trans 'Delete application' %}">
-    <p class="text-sm text-fg-muted">
-        {% blocktranslate trimmed %}
-            Are you sure you want to delete this application? All of your data for
-            this application will be permanently removed from our servers forever.
-            This action cannot be undone.
-        {% endblocktranslate %}
-    </p>
+    {% if SUBMISSION_SKELETONING_ENABLED %}
+        <p class="pb-2 text-sm text-fg-muted">
+            {% blocktranslate trimmed %}
+                If deleted, all of the data for this application will be permanently removed from our servers. Alternatively, the application can be anonymized resulting in identifying user information being removed while statistical information will be preserved. <strong>Neither action can be undone.</strong>
+            {% endblocktranslate %}
+        </p>
+        <div x-init="mode = 'anonymize'">
+            {% for field in form.visible_fields %}
+                {{field}}
+            {% endfor %}
+        </div>
+    {% else %}
+        <p class="pb-2 text-sm text-fg-muted">
+            {% blocktranslate trimmed %}
+                If deleted, all of the data for this application will be permanently removed from our servers. <strong>This action cannot be undone.</strong>
+            {% endblocktranslate %}
+        </p>
+    {% endif %}
 </c-modal.confirm>
diff --git a/hypha/apply/funds/templates/funds/applicationsubmission_detail.html b/hypha/apply/funds/templates/funds/applicationsubmission_detail.html
index 1149290e39..4073ed3a15 100644
--- a/hypha/apply/funds/templates/funds/applicationsubmission_detail.html
+++ b/hypha/apply/funds/templates/funds/applicationsubmission_detail.html
@@ -120,7 +120,7 @@ <h5>{% blocktrans with stage=object.previous.stage %}Your {{ stage }} applicatio
                                     href="{% url 'funds:submissions:delete' object.id %}"
                                     hx-get="{% url 'funds:submissions:delete' object.id %}"
                                     hx-target="#htmx-modal"
-                                    aria-label="{% trans "Delete Submission" %}"
+                                    aria-label="{% trans 'Delete Submission' %}"
                                 >
                                     {% heroicon_micro "trash" class="size-4" aria_hidden=true %}
                                     <span class="sr-only">{% trans "Delete" %}</span>
diff --git a/hypha/apply/funds/templates/funds/includes/admin_primary_actions.html b/hypha/apply/funds/templates/funds/includes/admin_primary_actions.html
index bc377fbf4e..c80a18e730 100644
--- a/hypha/apply/funds/templates/funds/includes/admin_primary_actions.html
+++ b/hypha/apply/funds/templates/funds/includes/admin_primary_actions.html
@@ -1,5 +1,6 @@
 {% load i18n %}
 {% load heroicons primaryactions_tags translate_tags %}
+{% load can from permission_tags %}
 
 <h2 class="mb-2 card-title">{% trans "Actions to take" %}</h2>
 
diff --git a/hypha/apply/funds/templates/funds/includes/modal_skeleton_submission_confirm.html b/hypha/apply/funds/templates/funds/includes/modal_skeleton_submission_confirm.html
new file mode 100644
index 0000000000..5652c1b5bd
--- /dev/null
+++ b/hypha/apply/funds/templates/funds/includes/modal_skeleton_submission_confirm.html
@@ -0,0 +1,33 @@
+{% load i18n static heroicons %}
+
+<form class="px-4 pt-5 pb-4 sm:p-6 form" action="{{ request.path }}" method="post" x-data="{value: ''}">
+    {% csrf_token %}
+
+    <div class="sm:flex sm:items-start">
+        <div class="flex justify-center items-center mx-auto w-12 h-12 rounded-full sm:mx-0 sm:w-10 sm:h-10 bg-error/10 shrink-0">
+            {% heroicon_outline "exclamation-triangle" class="w-6 h-6 text-error" stroke_width="1.5" aria_hidden="true" %}
+        </div>
+        <div class="mt-3 text-center sm:mt-0 sm:ml-4 sm:text-left">
+            <h3 class="text-base font-semibold leading-6 text-base-content" id="modal-title">Anonymize Submission</h3>
+            <div class="mt-2">
+                <p class="text-sm text-fg-muted">
+                    {% blocktrans %}
+                        Are you sure you want to anonymize this submission? Anonymizing submissions makes them inacccesible except via statistics in the "Results" view.
+                    {% endblocktrans %}
+                </p>
+            </div>
+        </div>
+    </div>
+
+    <div class="mt-5 sm:flex-row-reverse sm:mt-4 card-actions">
+        <button
+            type="submit"
+            class="w-full sm:w-auto btn btn-warning"
+        >{% trans "Anonymize" %}</button>
+        <button
+            type="button"
+            class="w-full sm:w-auto btn btn-secondary btn-outline btn-soft"
+            @click="show = false"
+        >{% trans "Cancel" %}</button>
+    </div>
+</form>
diff --git a/hypha/apply/funds/templates/funds/submissions_result.html b/hypha/apply/funds/templates/funds/submissions_result.html
index 012bf1001d..133e6fffd0 100644
--- a/hypha/apply/funds/templates/funds/submissions_result.html
+++ b/hypha/apply/funds/templates/funds/submissions_result.html
@@ -48,7 +48,6 @@ <h3 id="submissions-heading" class="section-header">{% trans "Submissions" %}</h
                             <dd class="stat-value">
                                 {{ submission_count }}
                             </dd>
-
                         </dl>
                         <dl role="list" aria-label="{% trans 'Accepted submissions' %}" class="stat">
                             <dt class="stat-title">
@@ -66,6 +65,14 @@ <h3 id="submissions-heading" class="section-header">{% trans "Submissions" %}</h
                                 {{ submission_undetermined_count|default:"0" }}
                             </dd>
                         </dl>
+                        <dl role="list" aria-label="{% trans 'Anonymized submissions' %}" class="stat">
+                            <dt class="stat-title">
+                                {% trans "Anonymized" %}
+                            </dt>
+                            <dd class="stat-value">
+                                {{ skeleton_count }}
+                            </dd>
+                        </dl>
                     </div>
                 </section>
 
diff --git a/hypha/apply/funds/views/results.py b/hypha/apply/funds/views/results.py
index 6f3d1a467f..10be092993 100644
--- a/hypha/apply/funds/views/results.py
+++ b/hypha/apply/funds/views/results.py
@@ -9,9 +9,7 @@
     staff_required,
 )
 
-from ..models import (
-    ApplicationSubmission,
-)
+from ..models import ApplicationSubmission, ApplicationSubmissionSkeleton
 from ..tables import (
     SubmissionFilterAndSearch,
 )
@@ -50,12 +48,15 @@ def get_context_data(self, **kwargs):
         review_count = reviews.count()
         review_my_score = reviews.by_user(user).score()
 
+        skeleton_count = skeletons.count()
+
         return super().get_context_data(
             submission_undetermined_count=submission_undetermined_count,
             review_my_count=review_my_count,
             submission_sum=submission_sum,
             submission_accepted_count=submission_accepted_count,
             submission_accepted_sum=submission_accepted_sum,
+            skeleton_count=skeleton_count,
             review_count=review_count,
             review_my_score=review_my_score,
             **kwargs,
diff --git a/hypha/apply/funds/views/submission_delete.py b/hypha/apply/funds/views/submission_delete.py
index 644befa402..5e673650de 100644
--- a/hypha/apply/funds/views/submission_delete.py
+++ b/hypha/apply/funds/views/submission_delete.py
@@ -5,8 +5,9 @@
 
 from hypha.apply.activity.messaging import MESSAGES, messenger
 from hypha.apply.activity.models import Event
+from hypha.apply.funds.forms import DeleteSubmissionForm
 
-from ..models import ApplicationSubmission
+from ..models import ApplicationSubmission, ApplicationSubmissionSkeleton
 from ..workflows.constants import DRAFT_STATE
 
 
@@ -21,6 +22,7 @@ class SubmissionDeleteView(LoginRequiredMixin, UserPassesTestMixin, DeleteView):
     """
 
     model = ApplicationSubmission
+    form_class = DeleteSubmissionForm
 
     def test_func(self):
         return has_object_permission(
@@ -33,12 +35,20 @@ def get_success_url(self):
         return reverse_lazy("funds:submissions:list")
 
     def form_valid(self, form):
+        print(form.cleaned_data)
+
         submission = self.get_object()
 
+        message = MESSAGES.DELETE_SUBMISSION
+
+        if form.cleaned_data.get("anon_or_delete") == "ANONYMIZE":
+            ApplicationSubmissionSkeleton.from_submission(submission)
+            message = MESSAGES.ANONYMIZE_SUBMISSION
+
         # Notify unless author delete own draft.
         if submission.status != DRAFT_STATE and submission.user != self.request.user:
             messenger(
-                MESSAGES.DELETE_SUBMISSION,
+                message,
                 user=self.request.user,
                 request=self.request,
                 source=submission,
diff --git a/hypha/apply/funds/views/submission_edit.py b/hypha/apply/funds/views/submission_edit.py
index 241b40c18e..a1a529fc4e 100644
--- a/hypha/apply/funds/views/submission_edit.py
+++ b/hypha/apply/funds/views/submission_edit.py
@@ -56,9 +56,7 @@
     UpdateReviewersForm,
     UpdateSubmissionLeadForm,
 )
-from ..models import (
-    ApplicationSubmission,
-)
+from ..models import ApplicationSubmission
 from ..permissions import (
     has_permission,
 )
diff --git a/hypha/apply/users/models.py b/hypha/apply/users/models.py
index 32d7471ccc..4c1fd71e48 100644
--- a/hypha/apply/users/models.py
+++ b/hypha/apply/users/models.py
@@ -1,3 +1,4 @@
+from django.apps import apps
 from django.conf import settings
 from django.contrib.auth.hashers import make_password
 from django.contrib.auth.models import AbstractUser, BaseUserManager
@@ -64,6 +65,30 @@ def finances(self):
     def contracting(self):
         return self.filter(groups__name=CONTRACTING_GROUP_NAME, is_active=True)
 
+    def delete(self, create_skeleton_submissions: bool = False):
+        submissions_to_skeleton = []
+        if create_skeleton_submissions and settings.SUBMISSION_SKELETONING_ENABLED:
+            ApplicationSubmissionSkeleton = apps.get_model(
+                "funds", "ApplicationSubmissionSkeleton"
+            )
+            submissions_to_skeleton = list(
+                self.values(
+                    "applicationsubmission__form_data",
+                    "applicationsubmission__page_id",
+                    "applicationsubmission__round_id",
+                    "applicationsubmission__status",
+                    "applicationsubmission__submit_time",
+                )
+            )
+
+        delete_return = super().delete()
+
+        # Ensure account deletes successfully before skeletoning applications
+        for submission_dict in submissions_to_skeleton:
+            ApplicationSubmissionSkeleton.from_dict(submission_dict)
+
+        return delete_return
+
 
 class UserManager(BaseUserManager.from_queryset(UserQuerySet)):
     use_in_migrations = True
@@ -326,6 +351,27 @@ def get_absolute_url(self):
         """
         return reverse("wagtailusers_users:edit", args=[self.id])
 
+    def delete(
+        self, create_skeleton_submissions: bool = False, using=None, keep_parents=False
+    ):
+        submissions_to_skeleton = []
+        if create_skeleton_submissions and settings.SUBMISSION_SKELETONING_ENABLED:
+            ApplicationSubmissionSkeleton = apps.get_model(
+                "funds", "ApplicationSubmissionSkeleton"
+            )
+            submissions_to_skeleton = list(
+                self.applicationsubmission_set.values(
+                    "form_data", "page_id", "round_id", "status", "submit_time"
+                )
+            )
+
+        delete_return = super().delete(using, keep_parents)
+
+        for submission_dict in submissions_to_skeleton:
+            ApplicationSubmissionSkeleton.from_dict(submission_dict)
+
+        return delete_return
+
     class Meta:
         ordering = ("full_name", "email")
 
diff --git a/hypha/apply/users/templates/wagtailusers/users/confirm_delete.html b/hypha/apply/users/templates/wagtailusers/users/confirm_delete.html
new file mode 100644
index 0000000000..f080589a07
--- /dev/null
+++ b/hypha/apply/users/templates/wagtailusers/users/confirm_delete.html
@@ -0,0 +1,38 @@
+{% extends "wagtailadmin/generic/confirm_delete.html" %}
+{% load i18n static users_tags wagtailadmin_tags %}
+
+{% block main_content %}
+    <p>{% trans "Are you sure you want to delete this user?" %}</p>
+    {% get_user_submission_count user as submission_count %}
+    {% if submission_count %}
+        <div class="deletion-warning">
+            {% icon name="warning" classname="" title="warning icon" %}
+            <span>
+                {% if SUBMISSION_SKELETONING_ENABLED %}
+                    <strong>{% blocktrans %}This will result in the user's {{submission_count}} associated submissions being deleted or anonymized!{% endblocktrans %}</strong>
+                {% else %}
+                    <strong>{% blocktrans %}This will result in the user's {{submission_count}} associated submissions being deleted!{% endblocktrans %}</strong>
+                {% endif %}
+            </span>
+        </div>
+    {% endif %}
+    <form action="{% url 'wagtailusers_users:delete' user.pk %}" method="POST">
+        {% csrf_token %}
+        <div style="padding-bottom: 1rem;">
+            <div style="display: flex; align-content: center; padding-bottom: 0.25rem;">
+                <input type="radio" id="anon" name="handle_subs" value="anon" required checked>
+                <label for="anon">Anonymize all user submissions</label>
+            </div>
+            <div style="display: flex; align-content: center;">
+                <input type="radio" id="delete" name="handle_subs" value="delete">
+                <label for="delete">Delete all user submissions</label>
+            </div>
+        </div>
+        <input type="submit" value="{% trans 'Yes, delete' %}" class="button serious" />
+    </form>
+{% endblock %}
+
+
+{% block extra_css %}
+    <link rel="stylesheet" href="{% static 'css/wagtail_user_confirm_delete.css' %}">
+{% endblock %}
diff --git a/hypha/apply/users/templatetags/users_tags.py b/hypha/apply/users/templatetags/users_tags.py
index ecf44478bc..b8b65f1da9 100644
--- a/hypha/apply/users/templatetags/users_tags.py
+++ b/hypha/apply/users/templatetags/users_tags.py
@@ -1,4 +1,5 @@
 from django import template
+from django.apps import apps
 from django.utils.safestring import SafeString
 from django_otp import devices_for_user
 
@@ -50,3 +51,9 @@ def tokens_text(token_set):
 @register.simple_tag()
 def user_image(identifier: str, size=20):
     return SafeString(get_identicon(identifier, size=size))
+
+
+@register.simple_tag()
+def get_user_submission_count(user):
+    ApplicationSubmission = apps.get_model("funds", "ApplicationSubmission")
+    return ApplicationSubmission.objects.filter(user=user).count()
diff --git a/hypha/apply/users/wagtail_hooks.py b/hypha/apply/users/wagtail_hooks.py
index db12f370ab..b689c7e469 100644
--- a/hypha/apply/users/wagtail_hooks.py
+++ b/hypha/apply/users/wagtail_hooks.py
@@ -1,3 +1,5 @@
+from django.apps import apps
+from django.conf import settings
 from wagtail import hooks
 from wagtail.models import Site
 
@@ -35,6 +37,27 @@ def notify_after_edit_user(request, user):
         )
 
 
+@hooks.register("before_delete_user")
+def anonymize_delete_user_submissions(request, user):
+    if (
+        settings.SUBMISSION_SKELETONING_ENABLED
+        and request.method == "POST"
+        and request.POST.get("handle_subs") == "anon"
+    ):
+        ApplicationSubmissionSkeleton = apps.get_model(
+            "funds", "ApplicationSubmissionSkeleton"
+        )
+
+        submissions_to_skeleton = list(
+            user.applicationsubmission_set.values(
+                "form_data", "page_id", "round_id", "status", "submit_time"
+            )
+        )
+
+        for submission_dict in submissions_to_skeleton:
+            ApplicationSubmissionSkeleton.from_dict(submission_dict)
+
+
 # Handle setting of `is_staff` after updating a user
 hooks.register("after_create_user", update_is_staff)
 hooks.register("after_edit_user", update_is_staff)
diff --git a/hypha/core/context_processors.py b/hypha/core/context_processors.py
index 5300a707be..479d040655 100644
--- a/hypha/core/context_processors.py
+++ b/hypha/core/context_processors.py
@@ -23,4 +23,5 @@ def global_vars(request):
         "SUBMISSIONS_TABLE_EXCLUDED_FIELDS": settings.SUBMISSIONS_TABLE_EXCLUDED_FIELDS,
         "HIJACK_ENABLE": settings.HIJACK_ENABLE,
         "LANGUAGE_SWITCHER": settings.LANGUAGE_SWITCHER,
+        "SUBMISSION_SKELETONING_ENABLED": settings.SUBMISSION_SKELETONING_ENABLED,
     }
diff --git a/hypha/settings/base.py b/hypha/settings/base.py
index e4feb55237..2fda59a7af 100644
--- a/hypha/settings/base.py
+++ b/hypha/settings/base.py
@@ -90,6 +90,8 @@
 # Enable Projects in Hypha. Contracts and invoicing that comes after a submission is approved.
 PROJECTS_ENABLED = env.bool("PROJECTS_ENABLED", False)
 
+SUBMISSION_SKELETONING_ENABLED = True
+
 # Auto create projects for approved applications.
 PROJECTS_AUTO_CREATE = env.bool("PROJECTS_AUTO_CREATE", False)
 
diff --git a/hypha/templates/cotton/modal/confirm.html b/hypha/templates/cotton/modal/confirm.html
index 682f865974..72043313f0 100644
--- a/hypha/templates/cotton/modal/confirm.html
+++ b/hypha/templates/cotton/modal/confirm.html
@@ -4,7 +4,7 @@
     class="px-4 pt-5 pb-4 sm:p-6"
     action="{{ request.path }}"
     method="post"
-    x-data="{userConfirmationInput: ''}"
+    x-data="{userConfirmationInput: '', delConfirmText: `{% trans 'delete' %}`, anonConfirmText: `{% trans 'anonymize' %}`, mode: 'delete'}"
 >
     {% csrf_token %}
 
@@ -21,7 +21,7 @@ <h3 class="text-base font-semibold leading-6 text-base-content" id="modal-title"
             </div>
             <fieldset class="fieldset">
                 <legend class="fieldset-legend">
-                    Type <em>delete</em> below to confirm
+                    Type <pre class="badge badge-soft badge-neutral" x-text="mode == 'delete' ? delConfirmText : anonConfirmText"></pre> below to confirm
                 </legend>
                 <input
                     type="text"
@@ -37,9 +37,9 @@ <h3 class="text-base font-semibold leading-6 text-base-content" id="modal-title"
     <div class="mt-5 sm:flex-row-reverse sm:mt-4 card-actions">
         <button
             type="submit"
-            x-bind:disabled="userConfirmationInput !== 'delete'"
+            x-bind:disabled="mode == 'delete' ? userConfirmationInput !== delConfirmText : userConfirmationInput !== anonConfirmText"
             class="w-full sm:w-auto btn btn-error"
-        >{% trans "Delete" %}</button>
+        >{% trans "Confirm" %}</button>
         <button
             type="button"
             class="w-full sm:w-auto btn btn-secondary btn-outline btn-soft"

From 59defe61391c535b637ec26951c18cbc3fa05195 Mon Sep 17 00:00:00 2001
From: Wes Appler <wes@opentech.fund>
Date: Wed, 18 Feb 2026 15:45:09 -0500
Subject: [PATCH 2/7] Added management command for anonymizing submissions &
 only show wagtail form if enabled

---
 .../management/commands/drafts_cleanup.py     |  89 ------------
 .../management/commands/submission_cleanup.py | 134 ++++++++++++++++++
 .../wagtailusers/users/confirm_delete.html    |  20 +--
 3 files changed, 145 insertions(+), 98 deletions(-)
 delete mode 100644 hypha/apply/funds/management/commands/drafts_cleanup.py
 create mode 100644 hypha/apply/funds/management/commands/submission_cleanup.py

diff --git a/hypha/apply/funds/management/commands/drafts_cleanup.py b/hypha/apply/funds/management/commands/drafts_cleanup.py
deleted file mode 100644
index c9eb48566b..0000000000
--- a/hypha/apply/funds/management/commands/drafts_cleanup.py
+++ /dev/null
@@ -1,89 +0,0 @@
-import argparse
-from datetime import timedelta
-
-from django.core.management.base import BaseCommand
-from django.db import transaction
-from django.utils import timezone
-
-from hypha.apply.funds.models.submissions import ApplicationSubmission
-from hypha.apply.funds.workflows import DRAFT_STATE
-
-
-def check_not_negative(value) -> int:
-    """Used to validate `older_than_days` argument
-
-    Args:
-        value: Argument to be validated
-
-    Returns:
-        int: Valid non-negative value
-
-    Raises:
-        argparse.ArgumentTypeError: if not non-negative integer
-    """
-    try:
-        ivalue = int(value)
-    except ValueError:
-        ivalue = -1
-
-    if ivalue < 0:
-        raise argparse.ArgumentTypeError(
-            f'"{value}" is an invalid non-negative integer value'
-        )
-    return ivalue
-
-
-class Command(BaseCommand):
-    help = (
-        "Delete all drafts that haven't been modified in the specified time (in days)"
-    )
-
-    def add_arguments(self, parser):
-        parser.add_argument(
-            "older_than_days",
-            action="store",
-            type=check_not_negative,
-            help="Time in days to delete drafts older than",
-        )
-        parser.add_argument(
-            "--noinput",
-            "--no-input",
-            action="store_false",
-            dest="interactive",
-            help="Do not prompt the user for confirmation",
-            required=False,
-        )
-
-    @transaction.atomic
-    def handle(self, *args, **options):
-        interactive = options["interactive"]
-        older_than = options["older_than_days"]
-
-        older_than_date = timezone.now() - timedelta(days=older_than)
-
-        old_drafts = ApplicationSubmission.objects.filter(
-            status=DRAFT_STATE, draft_revision__timestamp__date__lte=older_than_date
-        )
-
-        draft_count = old_drafts.count()
-
-        if not (draft_count := old_drafts.count()):
-            self.stdout.write(
-                f"No drafts older than {older_than} day{'s' if older_than > 1 else ''} exist."
-            )
-            return
-
-        if interactive:
-            confirm = input(
-                f"This action will permanently delete {draft_count} draft{'s' if draft_count != 1 else ''}.\nAre you sure you want to do this?\n\nType 'yes' to continue, or 'no' to cancel: "
-            )
-        else:
-            confirm = "yes"
-
-        if confirm == "yes":
-            old_drafts.delete()
-            self.stdout.write(
-                f"{draft_count} draft{'s' if draft_count != 1 else ''} deleted."
-            )
-        else:
-            self.stdout.write("Deletion cancelled.")
diff --git a/hypha/apply/funds/management/commands/submission_cleanup.py b/hypha/apply/funds/management/commands/submission_cleanup.py
new file mode 100644
index 0000000000..5c2d01ce52
--- /dev/null
+++ b/hypha/apply/funds/management/commands/submission_cleanup.py
@@ -0,0 +1,134 @@
+import argparse
+from datetime import timedelta
+
+from django.core.management.base import BaseCommand
+from django.db import transaction
+from django.utils import timezone
+
+from hypha.apply.funds.models.submissions import ApplicationSubmission
+from hypha.apply.funds.workflows import DRAFT_STATE
+
+
+def check_not_negative_or_zero(value) -> int:
+    """Used to validate a provided days argument
+
+    Args:
+        value: Argument to be validated
+
+    Returns:
+        int: value that is > 0
+
+    Raises:
+        argparse.ArgumentTypeError: if not non-negative integer or 0
+    """
+    try:
+        ivalue = int(value)
+    except ValueError:
+        ivalue = -1
+
+    if ivalue <= 0:
+        raise argparse.ArgumentTypeError(
+            f'"{value}" is an invalid non-negative integer value'
+        )
+    return ivalue
+
+
+class Command(BaseCommand):
+    help = "Clean up submissions by deleting or anonymizing them. NOTE: Drafts will only be deleted if specified."
+
+    def add_arguments(self, parser):
+        parser.add_argument(
+            "--drafts",
+            action="store",
+            type=check_not_negative_or_zero,
+            help="Delete drafts that were created before the provided day threshold",
+            required=False,
+        )
+
+        parser.add_argument(
+            "--submissions",
+            action="store",
+            type=check_not_negative_or_zero,
+            help="Anonymize submissions that haven't seen activity after the provided day threshold",
+            required=False,
+        )
+
+        parser.add_argument(
+            "--delete",
+            action="store_false",
+            dest="interactive",
+            help="Delete submissions instead of anonymizing them. NOTE: Drafts will always be deleted, not anonymized",
+        )
+
+        parser.add_argument(
+            "--noinput",
+            "--no-input",
+            action="store_false",
+            dest="interactive",
+            help="Do not prompt the user for confirmation",
+        )
+
+    @transaction.atomic
+    def handle(self, *args, **options):
+        interactive = options["interactive"]
+
+        if not options["drafts"] and not options["submissions"]:
+            self.stdout.write(
+                "Please use either --drafts [days] OR --submissions [days]"
+            )
+
+        if drafts_time_threshold := options["drafts"]:
+            older_than_date = timezone.now() - timedelta(days=drafts_time_threshold)
+
+            old_drafts = ApplicationSubmission.objects.filter(
+                status=DRAFT_STATE, draft_revision__timestamp__date__lte=older_than_date
+            )
+
+            if draft_count := old_drafts.count():
+                if interactive:
+                    confirm = input(
+                        f"This action will permanently delete {draft_count} draft{'s' if draft_count != 1 else ''}.\nAre you sure you want to do this?\n\nType 'yes' to continue, or 'no' to cancel: "
+                    )
+                else:
+                    confirm = "yes"
+
+                if confirm == "yes":
+                    old_drafts.delete()
+                    self.stdout.write(
+                        f"{draft_count} draft{'s' if draft_count != 1 else ''} deleted."
+                    )
+                else:
+                    self.stdout.write("Draft deletion cancelled.")
+            else:
+                self.stdout.write(
+                    f"No drafts older than {drafts_time_threshold} day{'s' if drafts_time_threshold > 1 else ''} exist. Skipping!"
+                )
+
+        if sub_time_threshold := options["submissions"]:
+            older_than_date = timezone.now() - timedelta(days=sub_time_threshold)
+
+            old_subs = (
+                ApplicationSubmission.objects.with_latest_update()
+                .filter(last_update__date__lte=older_than_date)
+                .exclude(status=DRAFT_STATE)
+            )
+
+            if sub_count := old_subs.count():
+                if interactive:
+                    confirm = input(
+                        f"This action will permanently anonymize {sub_count} submission{'s' if sub_count != 1 else ''}.\nAre you sure you want to do this?\n\nType 'yes' to continue, or 'no' to cancel: "
+                    )
+                else:
+                    confirm = "yes"
+
+                if confirm == "yes":
+                    old_subs.delete()
+                    self.stdout.write(
+                        f"{sub_count} submission{'s' if sub_count != 1 else ''} anonymized."
+                    )
+                else:
+                    self.stdout.write("Submission deletion cancelled.")
+            else:
+                self.stdout.write(
+                    f"No submissions older than {sub_time_threshold} day{'s' if sub_time_threshold > 1 else ''} exist. Skipping!"
+                )
diff --git a/hypha/apply/users/templates/wagtailusers/users/confirm_delete.html b/hypha/apply/users/templates/wagtailusers/users/confirm_delete.html
index f080589a07..3dca6e06a3 100644
--- a/hypha/apply/users/templates/wagtailusers/users/confirm_delete.html
+++ b/hypha/apply/users/templates/wagtailusers/users/confirm_delete.html
@@ -18,16 +18,18 @@
     {% endif %}
     <form action="{% url 'wagtailusers_users:delete' user.pk %}" method="POST">
         {% csrf_token %}
-        <div style="padding-bottom: 1rem;">
-            <div style="display: flex; align-content: center; padding-bottom: 0.25rem;">
-                <input type="radio" id="anon" name="handle_subs" value="anon" required checked>
-                <label for="anon">Anonymize all user submissions</label>
+        {% if SUBMISSION_SKELETONING_ENABLED %}
+            <div style="padding-bottom: 1rem;">
+                <div style="display: flex; align-content: center; padding-bottom: 0.25rem;">
+                    <input type="radio" id="anon" name="handle_subs" value="anon" required checked>
+                    <label for="anon">Anonymize all user submissions</label>
+                </div>
+                <div style="display: flex; align-content: center;">
+                    <input type="radio" id="delete" name="handle_subs" value="delete">
+                    <label for="delete">Delete all user submissions</label>
+                </div>
             </div>
-            <div style="display: flex; align-content: center;">
-                <input type="radio" id="delete" name="handle_subs" value="delete">
-                <label for="delete">Delete all user submissions</label>
-            </div>
-        </div>
+        {% endif %}
         <input type="submit" value="{% trans 'Yes, delete' %}" class="button serious" />
     </form>
 {% endblock %}

From a8d0758fba17be32d57b06ad8a0634b6c6150304 Mon Sep 17 00:00:00 2001
From: Wes Appler <wes@opentech.fund>
Date: Wed, 25 Feb 2026 11:31:23 -0500
Subject: [PATCH 3/7] Added handling for wagtail bulk actions

---
 .../delete_user_submissions_form.html         | 21 ++++++++++
 .../bulk_actions/confirm_bulk_delete.html     | 41 +++++++++++++++++++
 .../wagtailusers/users/confirm_delete.html    | 18 +-------
 hypha/apply/users/templatetags/users_tags.py  | 24 +++++++++--
 hypha/apply/users/wagtail_hooks.py            | 32 ++++++++++++++-
 5 files changed, 115 insertions(+), 21 deletions(-)
 create mode 100644 hypha/apply/users/templates/includes/delete_user_submissions_form.html
 create mode 100644 hypha/apply/users/templates/wagtailusers/bulk_actions/confirm_bulk_delete.html

diff --git a/hypha/apply/users/templates/includes/delete_user_submissions_form.html b/hypha/apply/users/templates/includes/delete_user_submissions_form.html
new file mode 100644
index 0000000000..b3bff53dc8
--- /dev/null
+++ b/hypha/apply/users/templates/includes/delete_user_submissions_form.html
@@ -0,0 +1,21 @@
+{% load i18n %}
+{% comment %}
+Fragment to handle the the deletion of user submissions. If SUBMISSION_SKELETONING_ENABLED, 
+will rely on wagtail's default behavior and not display the form, only the submit button.
+{% endcomment %}
+<form action="{{ post_url }}" method="POST">
+    {% csrf_token %}
+    {% if SUBMISSION_SKELETONING_ENABLED and submission_count %}
+        <div style="padding-bottom: 1rem;">
+            <div style="display: flex; align-content: center; padding-bottom: 0.25rem;">
+                <input type="radio" id="anon" name="handle_subs" value="anon" required checked>
+                <label for="anon">Anonymize all user submissions</label>
+            </div>
+            <div style="display: flex; align-content: center;">
+                <input type="radio" id="delete" name="handle_subs" value="delete">
+                <label for="delete">Delete all user submissions</label>
+            </div>
+        </div>
+    {% endif %}
+    <input type="submit" value="{% trans 'Yes, delete' %}" class="button serious" />
+</form>
\ No newline at end of file
diff --git a/hypha/apply/users/templates/wagtailusers/bulk_actions/confirm_bulk_delete.html b/hypha/apply/users/templates/wagtailusers/bulk_actions/confirm_bulk_delete.html
new file mode 100644
index 0000000000..71ecdc5f3f
--- /dev/null
+++ b/hypha/apply/users/templates/wagtailusers/bulk_actions/confirm_bulk_delete.html
@@ -0,0 +1,41 @@
+{% extends 'wagtailusers/bulk_actions/confirm_bulk_delete.html' %}
+{% load i18n static wagtailusers_tags wagtailadmin_tags users_tags %}
+
+{% block items_with_access %}
+    {% if items %}
+        <p>{% trans "Are you sure you want to delete these users?" %}</p>
+        <ul>
+            {% for user in items %}
+                <li>
+                    <a href="{% url 'wagtailusers_users:edit' user.item.pk %}" target="_blank" rel="noreferrer">{{user.item|user_display_name }}</a>
+                </li>
+            {% endfor %}
+        </ul>
+        {% with submission_count=items|get_user_submission_count %}
+            {% if submission_count %}
+                <div class="deletion-warning">
+                    {% icon name="warning" classname="" title="warning icon" %}
+                    <span>
+                        {% if SUBMISSION_SKELETONING_ENABLED %}
+                            <strong>{% blocktrans %}This will result in {{submission_count}} associated submissions being deleted or anonymized!{% endblocktrans %}</strong>
+                        {% else %}
+                            <strong>{% blocktrans %}This will result in {{submission_count}} associated submissions being deleted!{% endblocktrans %}</strong>
+                        {% endif %}
+                    </span>
+                </div>
+            {% endif %}
+        {% endwith %}
+    {% endif %}
+{% endblock items_with_access %}
+
+{% block form_section %}
+    {% if items %}
+        {% include "includes/delete_user_submissions_form.html" with post_url=submit_url submission_count=items|get_user_submission_count %}
+    {% else %}
+        {% include 'wagtailadmin/bulk_actions/confirmation/go_back.html' %}
+    {% endif %}
+{% endblock form_section %}
+
+{% block extra_css %}
+    <link rel="stylesheet" href="{% static 'css/wagtail_user_confirm_delete.css' %}">
+{% endblock %}
\ No newline at end of file
diff --git a/hypha/apply/users/templates/wagtailusers/users/confirm_delete.html b/hypha/apply/users/templates/wagtailusers/users/confirm_delete.html
index 3dca6e06a3..c8e091465b 100644
--- a/hypha/apply/users/templates/wagtailusers/users/confirm_delete.html
+++ b/hypha/apply/users/templates/wagtailusers/users/confirm_delete.html
@@ -16,22 +16,8 @@
             </span>
         </div>
     {% endif %}
-    <form action="{% url 'wagtailusers_users:delete' user.pk %}" method="POST">
-        {% csrf_token %}
-        {% if SUBMISSION_SKELETONING_ENABLED %}
-            <div style="padding-bottom: 1rem;">
-                <div style="display: flex; align-content: center; padding-bottom: 0.25rem;">
-                    <input type="radio" id="anon" name="handle_subs" value="anon" required checked>
-                    <label for="anon">Anonymize all user submissions</label>
-                </div>
-                <div style="display: flex; align-content: center;">
-                    <input type="radio" id="delete" name="handle_subs" value="delete">
-                    <label for="delete">Delete all user submissions</label>
-                </div>
-            </div>
-        {% endif %}
-        <input type="submit" value="{% trans 'Yes, delete' %}" class="button serious" />
-    </form>
+    {% url 'wagtailusers_users:delete' user.pk as post_url %}
+    {% include "includes/delete_user_submissions_form.html" with post_url=post_url %}
 {% endblock %}
 
 
diff --git a/hypha/apply/users/templatetags/users_tags.py b/hypha/apply/users/templatetags/users_tags.py
index b8b65f1da9..67b90beff0 100644
--- a/hypha/apply/users/templatetags/users_tags.py
+++ b/hypha/apply/users/templatetags/users_tags.py
@@ -1,9 +1,13 @@
+from collections import abc
+from typing import Iterable
+
 from django import template
 from django.apps import apps
 from django.utils.safestring import SafeString
 from django_otp import devices_for_user
 
 from hypha.apply.users.identicon import get_identicon
+from hypha.apply.users.models import User
 
 from ..utils import can_use_oauth_check
 
@@ -48,12 +52,24 @@ def tokens_text(token_set):
     return tokens_string
 
 
-@register.simple_tag()
+@register.simple_tag
 def user_image(identifier: str, size=20):
     return SafeString(get_identicon(identifier, size=size))
 
 
-@register.simple_tag()
-def get_user_submission_count(user):
+@register.filter
+def get_user_submission_count(user: User | Iterable[User]):
     ApplicationSubmission = apps.get_model("funds", "ApplicationSubmission")
-    return ApplicationSubmission.objects.filter(user=user).count()
+    if isinstance(user, User):
+        return ApplicationSubmission.objects.filter(user=user).count()
+    elif isinstance(user, abc.Iterable):
+        if all(isinstance(x, User) for x in user):
+            return ApplicationSubmission.objects.filter(user__in=user).count()
+        elif (items_extract := [x.get("item") for x in user]) and all(
+            isinstance(x, User) for x in items_extract
+        ):
+            return ApplicationSubmission.objects.filter(user__in=items_extract).count()
+
+    raise TypeError(
+        "User instance or iterable of users not provided to get_user_submission_count!"
+    )
diff --git a/hypha/apply/users/wagtail_hooks.py b/hypha/apply/users/wagtail_hooks.py
index b689c7e469..c52586c500 100644
--- a/hypha/apply/users/wagtail_hooks.py
+++ b/hypha/apply/users/wagtail_hooks.py
@@ -4,6 +4,8 @@
 from wagtail.models import Site
 
 from hypha.apply.activity.messaging import MESSAGES, messenger
+from hypha.apply.funds.workflows.constants import DRAFT_STATE
+from hypha.apply.users.models import User
 
 from .utils import send_activation_email, update_is_staff
 
@@ -49,7 +51,7 @@ def anonymize_delete_user_submissions(request, user):
         )
 
         submissions_to_skeleton = list(
-            user.applicationsubmission_set.values(
+            user.applicationsubmission_set.exclude(status=DRAFT_STATE).values(
                 "form_data", "page_id", "round_id", "status", "submit_time"
             )
         )
@@ -58,6 +60,34 @@ def anonymize_delete_user_submissions(request, user):
             ApplicationSubmissionSkeleton.from_dict(submission_dict)
 
 
+@hooks.register("before_bulk_action")
+def bulk_anonymize_delete_user_submissions(
+    request, action_type, objects, action_class_instance
+):
+    # Handling for bulk deletion of users when anonymization is selected
+    if (
+        settings.SUBMISSION_SKELETONING_ENABLED
+        and action_type == "delete"
+        and request.method == "POST"
+        and request.POST.get("handle_subs") == "anon"
+        and all(isinstance(x, User) for x in objects)
+    ):
+        ApplicationSubmission = apps.get_model("funds", "ApplicationSubmission")
+
+        ApplicationSubmissionSkeleton = apps.get_model(
+            "funds", "ApplicationSubmissionSkeleton"
+        )
+
+        submissions_to_skeleton = list(
+            ApplicationSubmission.objects.filter(user__in=objects)
+            .exclude(status=DRAFT_STATE)
+            .values("form_data", "page_id", "round_id", "status", "submit_time")
+        )
+
+        for submission_dict in submissions_to_skeleton:
+            ApplicationSubmissionSkeleton.from_dict(submission_dict)
+
+
 # Handle setting of `is_staff` after updating a user
 hooks.register("after_create_user", update_is_staff)
 hooks.register("after_edit_user", update_is_staff)

From 8f8063f8c23d025c92712a4a84e4f6d778b1fc89 Mon Sep 17 00:00:00 2001
From: Wes Appler <wes@opentech.fund>
Date: Thu, 26 Feb 2026 11:39:29 -0500
Subject: [PATCH 4/7] Added bulk anonymization, fixed some previous copy/paste
 typos

---
 hypha/apply/activity/options.py               |  4 ++
 hypha/apply/funds/models/submissions.py       |  9 +++
 hypha/apply/funds/services.py                 | 62 ++++++++++++++++++-
 .../funds/templates/submissions/all.html      |  9 +++
 hypha/apply/funds/urls.py                     |  2 +
 hypha/apply/funds/views/all.py                | 21 +++++++
 hypha/apply/funds/views/submission_delete.py  | 32 +++++++---
 hypha/apply/users/wagtail_hooks.py            |  5 +-
 8 files changed, 129 insertions(+), 15 deletions(-)

diff --git a/hypha/apply/activity/options.py b/hypha/apply/activity/options.py
index 548bad5323..4833012534 100644
--- a/hypha/apply/activity/options.py
+++ b/hypha/apply/activity/options.py
@@ -67,6 +67,10 @@ class MESSAGES(TextChoices):
     REPORT_NOTIFY = "REPORT_NOTIFY", _("notified report")
     REVIEW_REMINDER = "REVIEW_REMINDER", _("reminder to review")
     BATCH_DELETE_SUBMISSION = "BATCH_DELETE_SUBMISSION", _("batch deleted submissions")
+    BATCH_SKELETON_SUBMISSION = (
+        "BATCH_SKELETON_SUBMISSION",
+        _("batch anonymized submissions"),
+    )
     BATCH_ARCHIVE_SUBMISSION = (
         "BATCH_ARCHIVE_SUBMISSION",
         _("batch archive submissions"),
diff --git a/hypha/apply/funds/models/submissions.py b/hypha/apply/funds/models/submissions.py
index 3096ff3ea1..52e517453d 100644
--- a/hypha/apply/funds/models/submissions.py
+++ b/hypha/apply/funds/models/submissions.py
@@ -1084,6 +1084,15 @@ def log_status_update(self, descriptor, source, target, **kwargs):
             )
 
 
+class ApplicationSubmissionSkeletonQueryset(models.QuerySet):
+    def current_accepted(self):
+        # Applications which have the current stage active (have not been progressed)
+        return self.filter(status__in=PHASES_MAPPING["accepted"]["statuses"]).current()
+
+    def value(self):
+        return self.aggregate(Count("value"), Avg("value"), Sum("value"))
+
+
 class ApplicationSubmissionSkeleton(models.Model):
     """The class to be used for stripping PII from an application and making it minimal"""
 
diff --git a/hypha/apply/funds/services.py b/hypha/apply/funds/services.py
index 0e23ffbeff..09e2088a27 100644
--- a/hypha/apply/funds/services.py
+++ b/hypha/apply/funds/services.py
@@ -16,11 +16,13 @@
 from django.db.models.functions import Coalesce
 from django.http import HttpRequest
 from django.utils.translation import gettext as _
+from django.utils.translation import ngettext
 
 from hypha.apply.activity.messaging import MESSAGES, messenger
 from hypha.apply.activity.models import Activity, Event
 from hypha.apply.funds.models.assigned_reviewers import AssignedReviewers
 from hypha.apply.funds.workflows import INITIAL_STATE
+from hypha.apply.funds.workflows.constants import DRAFT_STATE
 from hypha.apply.review.options import DISAGREE, MAYBE
 
 
@@ -59,8 +61,8 @@ def bulk_delete_submissions(
     """Permanently deletes submissions and generate action log.
 
     Args:
-        submissions: queryset of submissions to archive
-        user: user who is archiving the submissions
+        submissions: queryset of submissions to delete
+        user: user who is deleting the submissions
         request: django request object
 
     Returns:
@@ -87,6 +89,62 @@ def bulk_delete_submissions(
     return submissions
 
 
+def bulk_covert_to_skeleton_submissions(
+    submissions: QuerySet, user, request: HttpRequest
+) -> QuerySet:
+    """Converts submissions to skeleton submissions, deletes draft submissions and generates action log.
+
+    Args:
+        submissions: queryset of submissions to convert to skeleton applications
+        user: user who is archiving the submissions
+        request: django request object
+
+    Returns:
+        QuerySet of submissions that have been archived
+    """
+    ApplicationSubmission = apps.get_model("funds", "ApplicationSubmission")
+    ApplicationSubmissionSkeleton = apps.get_model(
+        "funds", "ApplicationSubmissionSkeleton"
+    )
+
+    # delete NEW_SUBMISSION events for all submissions
+    submission_dict_list = submissions.values(
+        "id", "form_data", "page_id", "round_id", "status", "submit_time"
+    )
+
+    submission_ids = [x["id"] for x in submission_dict_list]
+
+    Event.objects.filter(
+        type=MESSAGES.NEW_SUBMISSION, object_id__in=submission_ids
+    ).delete()
+
+    for submission_dict in submission_dict_list:
+        if submission_dict["status"] != DRAFT_STATE:
+            ApplicationSubmissionSkeleton.from_dict(submission_dict)
+
+    # delete submissions
+    submissions = ApplicationSubmission.objects.filter(id__in=submission_ids)
+    submissions.delete()
+
+    messages.success(
+        request,
+        ngettext(
+            "{sub_number} submission anonymized",
+            "{sub_number} submissions anonymized",
+            len(submission_ids),
+        ).format(sub_number=len(submission_ids)),
+    )
+
+    messenger(
+        MESSAGES.BATCH_SKELETON_SUBMISSION,
+        request=request,
+        user=user,
+        sources=submissions,
+    )
+
+    return submissions
+
+
 def bulk_update_lead(
     submissions: QuerySet, user, request: HttpRequest, lead
 ) -> QuerySet:
diff --git a/hypha/apply/funds/templates/submissions/all.html b/hypha/apply/funds/templates/submissions/all.html
index a594daf4a4..2645d24d27 100644
--- a/hypha/apply/funds/templates/submissions/all.html
+++ b/hypha/apply/funds/templates/submissions/all.html
@@ -500,6 +500,15 @@
                         {% heroicon_outline "trash" aria_hidden="true" size=14 class="stroke-base-content/80" %}
                         {% trans "Delete" %}
                     </button>
+                    <button
+                        hx-post="{% url 'apply:submissions:bulk-skeleton' %}"
+                        hx-include="[name='selectedSubmissionIds']"
+                        hx-confirm="{% trans 'Are you sure you want to anonymize the selected submissions? All draft submission will be deleted. This action cannot be undone.' %}"
+                        class="btn btn-sm"
+                    >
+                        {% heroicon_outline "user-minus" aria_hidden="true" size=14 class="stroke-base-content/80" %}
+                        {% trans "Anonymize" %}
+                    </button>
                 {% endif %}
             </section>
         </header>
diff --git a/hypha/apply/funds/urls.py b/hypha/apply/funds/urls.py
index 1241bfb168..69f137f568 100644
--- a/hypha/apply/funds/urls.py
+++ b/hypha/apply/funds/urls.py
@@ -12,6 +12,7 @@
 from .views.all import (
     bulk_archive_submissions,
     bulk_delete_submissions,
+    bulk_skeleton_submissions,
     bulk_update_submissions_status,
     submissions_all,
 )
@@ -99,6 +100,7 @@
         path("all/", submissions_all, name="list"),
         path("all/bulk_archive/", bulk_archive_submissions, name="bulk-archive"),
         path("all/bulk_delete/", bulk_delete_submissions, name="bulk-delete"),
+        path("all/bulk_skeleton/", bulk_skeleton_submissions, name="bulk-skeleton"),
         path(
             "all/bulk_update_status/",
             bulk_update_submissions_status,
diff --git a/hypha/apply/funds/views/all.py b/hypha/apply/funds/views/all.py
index f83753cce9..bebad1ebd5 100644
--- a/hypha/apply/funds/views/all.py
+++ b/hypha/apply/funds/views/all.py
@@ -337,6 +337,7 @@ def submissions_all(
         "can_access_drafts": can_access_drafts,
         "can_bulk_archive": permissions.can_bulk_archive_submissions(request.user),
         "can_bulk_delete": permissions.can_bulk_delete_submissions(request.user),
+        "can_bulk_skeleton": permissions.can_bulk_delete_submissions(request.user),
         "can_export_submissions": permissions.can_export_submissions(request.user),
         "enable_selection": permissions.can_bulk_update_submissions(request.user),
     } | screening_decision_context(selected_screening_statuses)
@@ -379,6 +380,26 @@ def bulk_delete_submissions(request):
     return HttpResponseClientRefresh()
 
 
+@login_required
+@require_http_methods(["POST"])
+def bulk_skeleton_submissions(request):
+    if not permissions.can_bulk_delete_submissions(request.user):
+        return HttpResponseForbidden()
+
+    submission_ids = request.POST.getlist("selectedSubmissionIds")
+    submissions = ApplicationSubmission.objects.filter(id__in=submission_ids).values(
+        "id", "form_data", "page_id", "round_id", "status", "submit_time"
+    )
+
+    services.bulk_covert_to_skeleton_submissions(
+        submissions=submissions,
+        user=request.user,
+        request=request,
+    )
+
+    return HttpResponseClientRefresh()
+
+
 @login_required
 @user_passes_test(is_apply_staff)
 @require_http_methods(["POST"])
diff --git a/hypha/apply/funds/views/submission_delete.py b/hypha/apply/funds/views/submission_delete.py
index 5e673650de..53251620d6 100644
--- a/hypha/apply/funds/views/submission_delete.py
+++ b/hypha/apply/funds/views/submission_delete.py
@@ -1,5 +1,7 @@
+from django.contrib import messages
 from django.contrib.auth.mixins import LoginRequiredMixin, UserPassesTestMixin
 from django.urls import reverse_lazy
+from django.utils.translation import gettext as _
 from django.views.generic import DeleteView
 from rolepermissions.checkers import has_object_permission
 
@@ -35,16 +37,32 @@ def get_success_url(self):
         return reverse_lazy("funds:submissions:list")
 
     def form_valid(self, form):
-        print(form.cleaned_data)
 
         submission = self.get_object()
 
         message = MESSAGES.DELETE_SUBMISSION
 
-        if form.cleaned_data.get("anon_or_delete") == "ANONYMIZE":
+        success_popup_message = _("Submission deleted.")
+
+        if (
+            form.cleaned_data.get("anon_or_delete") == "ANONYMIZE"
+            and submission.status != DRAFT_STATE
+        ):
             ApplicationSubmissionSkeleton.from_submission(submission)
             message = MESSAGES.ANONYMIZE_SUBMISSION
+            success_popup_message = _("Submission anonymized.")
 
+        # Delete NEW_SUBMISSION & COMMENT events for this particular submission, if any.
+        # Otherwise, the submission deletion will fail.
+        Event.objects.filter(
+            type__in=[MESSAGES.NEW_SUBMISSION, MESSAGES.COMMENT],
+            object_id=submission.id,
+        ).delete()
+
+        # delete submission and redirect to success url
+        response = super().form_valid(form)
+
+        # Handle messaging last to ensure everything is successful
         # Notify unless author delete own draft.
         if submission.status != DRAFT_STATE and submission.user != self.request.user:
             messenger(
@@ -54,12 +72,6 @@ def form_valid(self, form):
                 source=submission,
             )
 
-        # Delete NEW_SUBMISSION & COMMENT events for this particular submission, if any.
-        # Otherwise, the submission deletion will fail.
-        Event.objects.filter(
-            type__in=[MESSAGES.NEW_SUBMISSION, MESSAGES.COMMENT],
-            object_id=submission.id,
-        ).delete()
+        messages.success(self.request, success_popup_message)
 
-        # delete submission and redirect to success url
-        return super().form_valid(form)
+        return response
diff --git a/hypha/apply/users/wagtail_hooks.py b/hypha/apply/users/wagtail_hooks.py
index c52586c500..8109002daa 100644
--- a/hypha/apply/users/wagtail_hooks.py
+++ b/hypha/apply/users/wagtail_hooks.py
@@ -4,7 +4,6 @@
 from wagtail.models import Site
 
 from hypha.apply.activity.messaging import MESSAGES, messenger
-from hypha.apply.funds.workflows.constants import DRAFT_STATE
 from hypha.apply.users.models import User
 
 from .utils import send_activation_email, update_is_staff
@@ -51,7 +50,7 @@ def anonymize_delete_user_submissions(request, user):
         )
 
         submissions_to_skeleton = list(
-            user.applicationsubmission_set.exclude(status=DRAFT_STATE).values(
+            user.applicationsubmission_set.exclude_draft().values(
                 "form_data", "page_id", "round_id", "status", "submit_time"
             )
         )
@@ -80,7 +79,7 @@ def bulk_anonymize_delete_user_submissions(
 
         submissions_to_skeleton = list(
             ApplicationSubmission.objects.filter(user__in=objects)
-            .exclude(status=DRAFT_STATE)
+            .exclude_draft()
             .values("form_data", "page_id", "round_id", "status", "submit_time")
         )
 

From 0bc0caf1dfcfe4b816707056f3655a378e08269c Mon Sep 17 00:00:00 2001
From: Wes Appler <wes@opentech.fund>
Date: Tue, 3 Mar 2026 10:39:26 -0500
Subject: [PATCH 5/7] Added missing migration, fixed/added docstrings, inital
 implementation of unit tests

---
 ...ty_user_alter_event_by_alter_event_type.py | 104 ++++++++++
 ...ter_applicationsubmission_user_and_more.py | 177 ++++++++++++++++++
 hypha/apply/funds/models/submissions.py       |  16 +-
 hypha/apply/funds/services.py                 |  20 +-
 hypha/apply/funds/tests/test_models.py        | 166 +++++++++++++++-
 hypha/apply/funds/tests/test_services.py      |  43 +++++
 hypha/apply/users/models.py                   |  28 ++-
 .../wagtailusers/users/confirm_delete.html    |  31 +--
 hypha/apply/users/templatetags/users_tags.py  |  19 +-
 hypha/apply/users/wagtail_hooks.py            |  16 +-
 10 files changed, 589 insertions(+), 31 deletions(-)
 create mode 100644 hypha/apply/activity/migrations/0089_alter_activity_user_alter_event_by_alter_event_type.py
 create mode 100644 hypha/apply/funds/migrations/0132_alter_applicationsubmission_user_and_more.py
 create mode 100644 hypha/apply/funds/tests/test_services.py

diff --git a/hypha/apply/activity/migrations/0089_alter_activity_user_alter_event_by_alter_event_type.py b/hypha/apply/activity/migrations/0089_alter_activity_user_alter_event_by_alter_event_type.py
new file mode 100644
index 0000000000..7d23587996
--- /dev/null
+++ b/hypha/apply/activity/migrations/0089_alter_activity_user_alter_event_by_alter_event_type.py
@@ -0,0 +1,104 @@
+# Generated by Django 5.2.11 on 2026-02-27 16:14
+
+import django.db.models.deletion
+from django.conf import settings
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+    dependencies = [
+        ("activity", "0088_activity_deleted"),
+        migrations.swappable_dependency(settings.AUTH_USER_MODEL),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name="activity",
+            name="user",
+            field=models.ForeignKey(
+                on_delete=django.db.models.deletion.CASCADE, to=settings.AUTH_USER_MODEL
+            ),
+        ),
+        migrations.AlterField(
+            model_name="event",
+            name="by",
+            field=models.ForeignKey(
+                null=True,
+                on_delete=django.db.models.deletion.CASCADE,
+                to=settings.AUTH_USER_MODEL,
+            ),
+        ),
+        migrations.AlterField(
+            model_name="event",
+            name="type",
+            field=models.CharField(
+                choices=[
+                    ("UPDATE_LEAD", "updated lead"),
+                    ("BATCH_UPDATE_LEAD", "batch updated lead"),
+                    ("EDIT_SUBMISSION", "edited submission"),
+                    ("APPLICANT_EDIT", "edited applicant"),
+                    ("NEW_SUBMISSION", "submitted new submission"),
+                    ("DRAFT_SUBMISSION", "submitted new draft submission"),
+                    ("SCREENING", "screened"),
+                    ("TRANSITION", "transitioned"),
+                    ("BATCH_TRANSITION", "batch transitioned"),
+                    ("DETERMINATION_OUTCOME", "sent determination outcome"),
+                    ("BATCH_DETERMINATION_OUTCOME", "sent batch determination outcome"),
+                    ("INVITED_TO_PROPOSAL", "invited to proposal"),
+                    ("REVIEWERS_UPDATED", "updated reviewers"),
+                    ("BATCH_REVIEWERS_UPDATED", "batch updated reviewers"),
+                    ("PARTNERS_UPDATED", "updated partners"),
+                    ("PARTNERS_UPDATED_PARTNER", "partners updated partner"),
+                    ("READY_FOR_REVIEW", "marked ready for review"),
+                    ("BATCH_READY_FOR_REVIEW", "marked batch ready for review"),
+                    ("NEW_REVIEW", "added new review"),
+                    ("COMMENT", "added comment"),
+                    ("PROPOSAL_SUBMITTED", "submitted proposal"),
+                    ("OPENED_SEALED", "opened sealed submission"),
+                    ("REVIEW_OPINION", "reviewed opinion"),
+                    ("DELETE_SUBMISSION", "deleted submission"),
+                    ("ANONYMIZE_SUBMISSION", "anonymized submission"),
+                    ("DELETE_REVIEW", "deleted review"),
+                    ("DELETE_REVIEW_OPINION", "deleted review opinion"),
+                    ("CREATED_PROJECT", "created project"),
+                    ("UPDATE_PROJECT_LEAD", "updated project lead"),
+                    ("UPDATE_PROJECT_TITLE", "updated project title"),
+                    ("EDIT_REVIEW", "edited review"),
+                    ("SEND_FOR_APPROVAL", "sent for approval"),
+                    ("APPROVE_PROJECT", "approved project"),
+                    ("ASSIGN_PAF_APPROVER", "assign project form approver"),
+                    ("APPROVE_PAF", "approved project form"),
+                    ("PROJECT_TRANSITION", "transitioned project"),
+                    ("REQUEST_PROJECT_CHANGE", "requested project change"),
+                    ("SUBMIT_CONTRACT_DOCUMENTS", "submitted contract documents"),
+                    ("UPLOAD_DOCUMENT", "uploaded document to project"),
+                    ("UPLOAD_CONTRACT", "uploaded contract to project"),
+                    ("APPROVE_CONTRACT", "approved contract"),
+                    ("CREATE_INVOICE", "created invoice for project"),
+                    ("UPDATE_INVOICE_STATUS", "updated invoice status"),
+                    ("APPROVE_INVOICE", "approve invoice"),
+                    ("DELETE_INVOICE", "deleted invoice"),
+                    ("SENT_TO_COMPLIANCE", "sent project to compliance"),
+                    ("UPDATE_INVOICE", "updated invoice"),
+                    ("SUBMIT_REPORT", "submitted report"),
+                    ("SKIPPED_REPORT", "skipped report"),
+                    ("REPORT_FREQUENCY_CHANGED", "changed report frequency"),
+                    ("DISABLED_REPORTING", "disabled reporting"),
+                    ("REPORT_NOTIFY", "notified report"),
+                    ("REVIEW_REMINDER", "reminder to review"),
+                    ("BATCH_DELETE_SUBMISSION", "batch deleted submissions"),
+                    ("BATCH_SKELETON_SUBMISSION", "batch anonymized submissions"),
+                    ("BATCH_ARCHIVE_SUBMISSION", "batch archive submissions"),
+                    ("BATCH_INVOICE_STATUS_UPDATE", "batch update invoice status"),
+                    ("STAFF_ACCOUNT_CREATED", "created new account"),
+                    ("STAFF_ACCOUNT_EDITED", "edited account"),
+                    ("ARCHIVE_SUBMISSION", "archived submission"),
+                    ("UNARCHIVE_SUBMISSION", "unarchived submission"),
+                    ("REMOVE_TASK", "remove task"),
+                    ("INVITE_COAPPLICANT", "invite co-applicant"),
+                ],
+                max_length=50,
+                verbose_name="verb",
+            ),
+        ),
+    ]
diff --git a/hypha/apply/funds/migrations/0132_alter_applicationsubmission_user_and_more.py b/hypha/apply/funds/migrations/0132_alter_applicationsubmission_user_and_more.py
new file mode 100644
index 0000000000..a15c0707e0
--- /dev/null
+++ b/hypha/apply/funds/migrations/0132_alter_applicationsubmission_user_and_more.py
@@ -0,0 +1,177 @@
+# Generated by Django 5.2.11 on 2026-02-27 16:55
+
+import django.contrib.postgres.fields
+import django.db.models.deletion
+from django.conf import settings
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+    dependencies = [
+        ("funds", "0131_delete_orphaned_attachments"),
+        ("wagtailcore", "0094_alter_page_locale"),
+        migrations.swappable_dependency(settings.AUTH_USER_MODEL),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name="applicationsubmission",
+            name="user",
+            field=models.ForeignKey(
+                null=True,
+                on_delete=django.db.models.deletion.CASCADE,
+                to=settings.AUTH_USER_MODEL,
+            ),
+        ),
+        migrations.CreateModel(
+            name="ApplicationSubmissionSkeleton",
+            fields=[
+                (
+                    "id",
+                    models.AutoField(
+                        auto_created=True,
+                        primary_key=True,
+                        serialize=False,
+                        verbose_name="ID",
+                    ),
+                ),
+                ("value", models.FloatField(null=True)),
+                (
+                    "status",
+                    models.CharField(
+                        choices=[
+                            ("accepted", "Accepted"),
+                            ("almost", "Accepted but additional info required"),
+                            ("com_accepted", "Accepted"),
+                            ("com_almost", "Accepted but additional info required"),
+                            ("com_community_review", "Community Review"),
+                            ("com_determination", "Ready for Determination"),
+                            ("com_external_review", "External Review"),
+                            ("com_internal_review", "Internal Review"),
+                            ("com_more_info", "More information required"),
+                            ("com_open_call", "Open Call (public)"),
+                            (
+                                "com_post_external_review_discussion",
+                                "Ready For Discussion",
+                            ),
+                            (
+                                "com_post_external_review_more_info",
+                                "More information required",
+                            ),
+                            ("com_post_review_discussion", "Ready For Discussion"),
+                            ("com_post_review_more_info", "More information required"),
+                            ("com_rejected", "Dismissed"),
+                            (
+                                "concept_determination",
+                                "Ready for Preliminary Determination",
+                            ),
+                            ("concept_internal_review", "Internal Review"),
+                            ("concept_more_info", "More information required"),
+                            ("concept_rejected", "Dismissed"),
+                            ("concept_review_discussion", "Ready For Discussion"),
+                            ("concept_review_more_info", "More information required"),
+                            ("determination", "Ready for Determination"),
+                            ("draft", "Draft"),
+                            ("draft_proposal", "Invited for Proposal"),
+                            ("ext_accepted", "Accepted"),
+                            ("ext_almost", "Accepted but additional info required"),
+                            ("ext_determination", "Ready for Determination"),
+                            ("ext_external_review", "External Review"),
+                            ("ext_internal_review", "Internal Review"),
+                            ("ext_more_info", "More information required"),
+                            (
+                                "ext_post_external_review_discussion",
+                                "Ready For Discussion",
+                            ),
+                            (
+                                "ext_post_external_review_more_info",
+                                "More information required",
+                            ),
+                            ("ext_post_review_discussion", "Ready For Discussion"),
+                            ("ext_post_review_more_info", "More information required"),
+                            ("ext_rejected", "Dismissed"),
+                            ("external_review", "External Review"),
+                            ("in_discussion", "Need screening"),
+                            ("internal_review", "Internal Review"),
+                            ("invited_to_proposal", "Concept Accepted"),
+                            ("more_info", "More information required"),
+                            ("post_external_review_discussion", "Ready For Discussion"),
+                            (
+                                "post_external_review_more_info",
+                                "More information required",
+                            ),
+                            ("post_proposal_review_discussion", "Ready For Discussion"),
+                            (
+                                "post_proposal_review_more_info",
+                                "More information required",
+                            ),
+                            ("post_review_discussion", "Ready For Discussion"),
+                            ("post_review_more_info", "More information required"),
+                            ("proposal_accepted", "Accepted"),
+                            (
+                                "proposal_almost",
+                                "Accepted but additional info required",
+                            ),
+                            ("proposal_determination", "Ready for Final Determination"),
+                            ("proposal_discussion", "Proposal Received"),
+                            ("proposal_internal_review", "Internal Review"),
+                            ("proposal_more_info", "More information required"),
+                            ("proposal_rejected", "Dismissed"),
+                            ("rejected", "Dismissed"),
+                            ("same_accepted", "Accepted"),
+                            ("same_almost", "Accepted but additional info required"),
+                            ("same_determination", "Ready for Determination"),
+                            ("same_internal_review", "Review"),
+                            ("same_more_info", "More information required"),
+                            ("same_post_review_discussion", "Ready For Discussion"),
+                            ("same_post_review_more_info", "More information required"),
+                            ("same_rejected", "Dismissed"),
+                        ],
+                        default="in_discussion",
+                        max_length=100,
+                    ),
+                ),
+                (
+                    "category",
+                    django.contrib.postgres.fields.ArrayField(
+                        base_field=models.CharField(), null=True, size=None
+                    ),
+                ),
+                ("submit_time", models.DateTimeField(verbose_name="submit time")),
+                (
+                    "page",
+                    models.ForeignKey(
+                        on_delete=django.db.models.deletion.PROTECT,
+                        to="wagtailcore.page",
+                    ),
+                ),
+                (
+                    "round",
+                    models.ForeignKey(
+                        null=True,
+                        on_delete=django.db.models.deletion.PROTECT,
+                        related_name="skeleton_submissions",
+                        to="wagtailcore.page",
+                    ),
+                ),
+                (
+                    "screening_status",
+                    models.ForeignKey(
+                        blank=True,
+                        null=True,
+                        on_delete=django.db.models.deletion.PROTECT,
+                        related_name="skeleton_submissions",
+                        to="funds.screeningstatus",
+                    ),
+                ),
+                (
+                    "user",
+                    models.ForeignKey(
+                        null=True,
+                        on_delete=django.db.models.deletion.SET_NULL,
+                        to=settings.AUTH_USER_MODEL,
+                    ),
+                ),
+            ],
+        ),
+    ]
diff --git a/hypha/apply/funds/models/submissions.py b/hypha/apply/funds/models/submissions.py
index 52e517453d..3e88ebb7d1 100644
--- a/hypha/apply/funds/models/submissions.py
+++ b/hypha/apply/funds/models/submissions.py
@@ -1122,8 +1122,12 @@ class ApplicationSubmissionSkeleton(models.Model):
         verbose_name=_("submit time"), auto_now_add=False
     )
 
-    screening_statuses = models.ManyToManyField(
-        "funds.ScreeningStatus", related_name="skeleton_submissions", blank=True
+    screening_status = models.ForeignKey(
+        "funds.ScreeningStatus",
+        related_name="skeleton_submissions",
+        null=True,
+        blank=True,
+        on_delete=models.PROTECT,
     )
 
     @classmethod
@@ -1168,8 +1172,9 @@ def from_dict(
             value=value,
             status=dict_submission.get("status")
             or dict_submission.get("applicationsubmission__status"),
-            submit_time=dict_submission.get("submit_time")
-            or dict_submission.get("applicationsubmission__submit_time"),
+            submit_time=dict_submission.get("submit_time"),
+            screening_status_id=dict_submission.get("screening_statuses")
+            or dict_submission.get("applicationsubmission__screening_statuses"),
         )
 
         return skeleton
@@ -1200,12 +1205,11 @@ def from_submission(
             value=submission.form_data.get("value", None),
             status=submission.status,
             submit_time=submission.submit_time,
+            screening_status=submission.get_current_screening_status(),
         )
 
         # TODO: Handle categories here
 
-        skeleton.screening_statuses.set(submission.screening_statuses.all())
-
         skeleton.save()
 
         return skeleton
diff --git a/hypha/apply/funds/services.py b/hypha/apply/funds/services.py
index 09e2088a27..d95312da72 100644
--- a/hypha/apply/funds/services.py
+++ b/hypha/apply/funds/services.py
@@ -96,12 +96,14 @@ def bulk_covert_to_skeleton_submissions(
 
     Args:
         submissions: queryset of submissions to convert to skeleton applications
-        user: user who is archiving the submissions
+        user: user who is anonymizing the submissions
         request: django request object
 
     Returns:
         QuerySet of submissions that have been archived
     """
+    print("REQUEST PATH")
+    print(request.path)
     ApplicationSubmission = apps.get_model("funds", "ApplicationSubmission")
     ApplicationSubmissionSkeleton = apps.get_model(
         "funds", "ApplicationSubmissionSkeleton"
@@ -109,7 +111,14 @@ def bulk_covert_to_skeleton_submissions(
 
     # delete NEW_SUBMISSION events for all submissions
     submission_dict_list = submissions.values(
-        "id", "form_data", "page_id", "round_id", "status", "submit_time"
+        "id",
+        "form_data",
+        "page_id",
+        "round_id",
+        "status",
+        "submit_time",
+        "user_id",
+        "screening_statuses",
     )
 
     submission_ids = [x["id"] for x in submission_dict_list]
@@ -118,9 +127,12 @@ def bulk_covert_to_skeleton_submissions(
         type=MESSAGES.NEW_SUBMISSION, object_id__in=submission_ids
     ).delete()
 
+    skeletons = []
     for submission_dict in submission_dict_list:
         if submission_dict["status"] != DRAFT_STATE:
-            ApplicationSubmissionSkeleton.from_dict(submission_dict)
+            skeletons.append(
+                ApplicationSubmissionSkeleton.from_dict(submission_dict, save_user=True)
+            )
 
     # delete submissions
     submissions = ApplicationSubmission.objects.filter(id__in=submission_ids)
@@ -142,7 +154,7 @@ def bulk_covert_to_skeleton_submissions(
         sources=submissions,
     )
 
-    return submissions
+    return skeletons
 
 
 def bulk_update_lead(
diff --git a/hypha/apply/funds/tests/test_models.py b/hypha/apply/funds/tests/test_models.py
index fd3d4a9035..0163600e5f 100644
--- a/hypha/apply/funds/tests/test_models.py
+++ b/hypha/apply/funds/tests/test_models.py
@@ -12,7 +12,13 @@
 from django.urls import reverse
 
 from hypha.apply.funds.blocks import EmailBlock, FullNameBlock
-from hypha.apply.funds.models import ApplicationSubmission, AssignedReviewers, Reminder
+from hypha.apply.funds.models import (
+    ApplicationSubmission,
+    ApplicationSubmissionSkeleton,
+    AssignedReviewers,
+    Reminder,
+)
+from hypha.apply.funds.tests.factories.models import ScreeningStatusFactory
 from hypha.apply.funds.workflows.constants import DRAFT_STATE
 from hypha.apply.funds.workflows.registry import Request
 from hypha.apply.review.options import AGREE, MAYBE, NO
@@ -542,6 +548,164 @@ def test_in_final_stage(self):
         self.assertTrue(submission.in_final_stage)
 
 
+class TestApplicationSubmissionSkeleton(TestCase):
+    def test_create_from_submission_no_user(self):
+        screening_outcome = ScreeningStatusFactory()
+        screening_outcome.yes = True
+        screening_outcome.default = True
+        screening_outcome.save()
+
+        submission = ApplicationSubmissionFactory()
+        submission.screening_statuses.add(screening_outcome)
+        submission.save()
+
+        skeleton = ApplicationSubmissionSkeleton.from_submission(submission)
+        submission_values_dict = {
+            "value": submission.form_data["value"],
+            "page": submission.page.id,
+            "status": submission.status,
+            "round": submission.round.id,
+            "submit_time": submission.submit_time,
+            "screening_status": submission.get_current_screening_status(),
+        }
+        skeleton_values_dict = {
+            "value": skeleton.value,
+            "page": skeleton.page.id,
+            "status": skeleton.status,
+            "round": skeleton.round.id,
+            "submit_time": skeleton.submit_time,
+            "screening_status": skeleton.screening_status,
+        }
+        self.assertDictEqual(submission_values_dict, skeleton_values_dict)
+        self.assertIsNone(skeleton.user)
+
+    def test_create_from_submission_with_user(self):
+        screening_outcome = ScreeningStatusFactory()
+        screening_outcome.yes = True
+        screening_outcome.default = True
+        screening_outcome.save()
+
+        submission = ApplicationSubmissionFactory()
+        submission.screening_statuses.add(screening_outcome)
+        submission.save()
+
+        skeleton = ApplicationSubmissionSkeleton.from_submission(
+            submission, save_user=True
+        )
+        submission_values_dict = {
+            "value": submission.form_data["value"],
+            "page": submission.page.id,
+            "status": submission.status,
+            "round": submission.round.id,
+            "submit_time": submission.submit_time,
+            "screening_status": submission.get_current_screening_status(),
+            "user": submission.user,
+        }
+        skeleton_values_dict = {
+            "value": skeleton.value,
+            "page": skeleton.page.id,
+            "status": skeleton.status,
+            "round": skeleton.round.id,
+            "submit_time": skeleton.submit_time,
+            "screening_status": skeleton.screening_status,
+            "user": skeleton.user,
+        }
+        self.assertDictEqual(submission_values_dict, skeleton_values_dict)
+
+    def test_create_from_dict_no_user(self):
+        screening_outcome = ScreeningStatusFactory()
+        screening_outcome.yes = True
+        screening_outcome.default = True
+        screening_outcome.save()
+
+        submission = ApplicationSubmissionFactory()
+        submission.screening_statuses.add(screening_outcome)
+        submission.save()
+
+        submission_dict = dict(
+            ApplicationSubmission.objects.filter(id=submission.id)
+            .values(
+                "form_data",
+                "page_id",
+                "round_id",
+                "status",
+                "submit_time",
+                "screening_statuses",
+                "user_id",
+            )
+            .first()
+        )
+
+        skeleton = ApplicationSubmissionSkeleton.from_dict(
+            submission_dict, save_user=False
+        )
+        submission_values_dict = {
+            "value": submission.form_data["value"],
+            "page": submission.page.id,
+            "status": submission.status,
+            "round": submission.round.id,
+            "submit_time": submission.submit_time,
+            "screening_status": submission.get_current_screening_status(),
+        }
+        skeleton_values_dict = {
+            "value": skeleton.value,
+            "page": skeleton.page.id,
+            "status": skeleton.status,
+            "round": skeleton.round.id,
+            "submit_time": skeleton.submit_time,
+            "screening_status": skeleton.screening_status,
+        }
+        self.assertDictEqual(submission_values_dict, skeleton_values_dict)
+        self.assertIsNone(skeleton.user)
+
+    def test_create_from_dict_with_user(self):
+        screening_outcome = ScreeningStatusFactory()
+        screening_outcome.yes = True
+        screening_outcome.default = True
+        screening_outcome.save()
+
+        submission = ApplicationSubmissionFactory()
+        submission.screening_statuses.add(screening_outcome)
+        submission.save()
+
+        submission_dict = dict(
+            ApplicationSubmission.objects.filter(id=submission.id)
+            .values(
+                "form_data",
+                "page_id",
+                "round_id",
+                "status",
+                "submit_time",
+                "screening_statuses",
+                "user_id",
+            )
+            .first()
+        )
+
+        skeleton = ApplicationSubmissionSkeleton.from_dict(
+            submission_dict, save_user=True
+        )
+        submission_values_dict = {
+            "value": submission.form_data["value"],
+            "page": submission.page.id,
+            "status": submission.status,
+            "round": submission.round.id,
+            "submit_time": submission.submit_time,
+            "screening_status": submission.get_current_screening_status(),
+            "user": submission.user,
+        }
+        skeleton_values_dict = {
+            "value": skeleton.value,
+            "page": skeleton.page.id,
+            "status": skeleton.status,
+            "round": skeleton.round.id,
+            "submit_time": skeleton.submit_time,
+            "screening_status": skeleton.screening_status,
+            "user": skeleton.user,
+        }
+        self.assertDictEqual(submission_values_dict, skeleton_values_dict)
+
+
 class TestSubmissionRenderMethods(TestCase):
     def test_named_blocks_not_included_in_answers(self):
         submission = ApplicationSubmissionFactory()
diff --git a/hypha/apply/funds/tests/test_services.py b/hypha/apply/funds/tests/test_services.py
new file mode 100644
index 0000000000..3096ff7efb
--- /dev/null
+++ b/hypha/apply/funds/tests/test_services.py
@@ -0,0 +1,43 @@
+from django.contrib.messages.storage.fallback import FallbackStorage
+from django.contrib.sessions.middleware import SessionMiddleware
+from django.test import RequestFactory, TestCase
+
+from hypha.apply.funds.models.submissions import ApplicationSubmission
+from hypha.apply.funds.services import bulk_covert_to_skeleton_submissions
+from hypha.apply.funds.tests.factories import ApplicationSubmissionFactory
+from hypha.apply.users.tests.factories import StaffFactory
+
+
+class BulkActions(TestCase):
+    def dummy_request(self, path):
+        request = RequestFactory().get(path)
+        middleware = SessionMiddleware(lambda x: x)
+        middleware.process_request(request)
+        request.session.save()
+        request.user = StaffFactory()
+        request._messages = FallbackStorage(request)
+        return request
+
+    def test_bulk_skeleton_submissions(self):
+        self.maxDiff = None
+        request = self.dummy_request("/apply/submissions/all/bulk_skeleton/")
+        user = StaffFactory()
+        submissions = ApplicationSubmissionFactory.create_batch(4)
+        submission_values = [
+            {
+                "id": submission.id,
+                "value": submission.form_data["value"],
+                "page": submission.page.id,
+                "status": submission.status,
+                "round": submission.round.id,
+                "submit_time": submission.submit_time,
+                "screening_status": submission.get_current_screening_status(),
+            }
+            for submission in submissions
+        ]
+        submission_qs = ApplicationSubmission.objects.filter(
+            id__in=[submission["id"] for submission in submission_values]
+        )
+
+        skeletons = bulk_covert_to_skeleton_submissions(submission_qs, user, request)
+        self.assertEqual(len(submission_values), len(skeletons))
diff --git a/hypha/apply/users/models.py b/hypha/apply/users/models.py
index 4c1fd71e48..452e940fe1 100644
--- a/hypha/apply/users/models.py
+++ b/hypha/apply/users/models.py
@@ -66,6 +66,16 @@ def contracting(self):
         return self.filter(groups__name=CONTRACTING_GROUP_NAME, is_active=True)
 
     def delete(self, create_skeleton_submissions: bool = False):
+        """Handling the deletion of users
+
+        Deletes the user and deletes/anonymizes their submissions depending on the provided argument
+
+        NOTE: if global setting `SUBMISSION_SKELETONING_ENABLED` is not enabled no submissions will be anonymized
+
+        Args:
+            create_skeleton_submissions: whether or not to anonymize all the user's submissions that aren't drafts.
+
+        """
         submissions_to_skeleton = []
         if create_skeleton_submissions and settings.SUBMISSION_SKELETONING_ENABLED:
             ApplicationSubmissionSkeleton = apps.get_model(
@@ -78,6 +88,7 @@ def delete(self, create_skeleton_submissions: bool = False):
                     "applicationsubmission__round_id",
                     "applicationsubmission__status",
                     "applicationsubmission__submit_time",
+                    "applicationsubmission__screening_statuses",
                 )
             )
 
@@ -354,6 +365,16 @@ def get_absolute_url(self):
     def delete(
         self, create_skeleton_submissions: bool = False, using=None, keep_parents=False
     ):
+        """Handling the deletion of a user
+
+        Deletes the user and deletes/anonymizes their submissions depending on the provided argument
+
+        NOTE: if global setting `SUBMISSION_SKELETONING_ENABLED` is not enabled no submissions will be anonymized
+
+        Args:
+            create_skeleton_submissions: whether or not to anonymize all the user's submissions that aren't drafts.
+
+        """
         submissions_to_skeleton = []
         if create_skeleton_submissions and settings.SUBMISSION_SKELETONING_ENABLED:
             ApplicationSubmissionSkeleton = apps.get_model(
@@ -361,7 +382,12 @@ def delete(
             )
             submissions_to_skeleton = list(
                 self.applicationsubmission_set.values(
-                    "form_data", "page_id", "round_id", "status", "submit_time"
+                    "form_data",
+                    "page_id",
+                    "round_id",
+                    "status",
+                    "submit_time",
+                    "screening_statuses",
                 )
             )
 
diff --git a/hypha/apply/users/templates/wagtailusers/users/confirm_delete.html b/hypha/apply/users/templates/wagtailusers/users/confirm_delete.html
index c8e091465b..e46758bec3 100644
--- a/hypha/apply/users/templates/wagtailusers/users/confirm_delete.html
+++ b/hypha/apply/users/templates/wagtailusers/users/confirm_delete.html
@@ -3,21 +3,22 @@
 
 {% block main_content %}
     <p>{% trans "Are you sure you want to delete this user?" %}</p>
-    {% get_user_submission_count user as submission_count %}
-    {% if submission_count %}
-        <div class="deletion-warning">
-            {% icon name="warning" classname="" title="warning icon" %}
-            <span>
-                {% if SUBMISSION_SKELETONING_ENABLED %}
-                    <strong>{% blocktrans %}This will result in the user's {{submission_count}} associated submissions being deleted or anonymized!{% endblocktrans %}</strong>
-                {% else %}
-                    <strong>{% blocktrans %}This will result in the user's {{submission_count}} associated submissions being deleted!{% endblocktrans %}</strong>
-                {% endif %}
-            </span>
-        </div>
-    {% endif %}
-    {% url 'wagtailusers_users:delete' user.pk as post_url %}
-    {% include "includes/delete_user_submissions_form.html" with post_url=post_url %}
+    {% with submission_count=user|get_user_submission_count %}
+        {% if submission_count %}
+            <div class="deletion-warning">
+                {% icon name="warning" classname="" title="warning icon" %}
+                <span>
+                    {% if SUBMISSION_SKELETONING_ENABLED %}
+                        <strong>{% blocktrans %}This will result in the user's {{submission_count}} associated submissions being deleted or anonymized!{% endblocktrans %}</strong>
+                    {% else %}
+                        <strong>{% blocktrans %}This will result in the user's {{submission_count}} associated submissions being deleted!{% endblocktrans %}</strong>
+                    {% endif %}
+                </span>
+            </div>
+        {% endif %}
+        {% url 'wagtailusers_users:delete' user.pk as post_url %}
+        {% include "includes/delete_user_submission_form.html" with post_url=post_url %}
+    {% endwith %}
 {% endblock %}
 
 
diff --git a/hypha/apply/users/templatetags/users_tags.py b/hypha/apply/users/templatetags/users_tags.py
index 67b90beff0..03109e2115 100644
--- a/hypha/apply/users/templatetags/users_tags.py
+++ b/hypha/apply/users/templatetags/users_tags.py
@@ -1,5 +1,5 @@
 from collections import abc
-from typing import Iterable
+from typing import Dict, Iterable, Literal
 
 from django import template
 from django.apps import apps
@@ -58,7 +58,22 @@ def user_image(identifier: str, size=20):
 
 
 @register.filter
-def get_user_submission_count(user: User | Iterable[User]):
+def get_user_submission_count(
+    user: User | Iterable[User | Dict[Literal["item"], User]],
+) -> int:
+    """Get the number of submissions associated to either one user or a list of users
+
+    Also handles Wagtail's user deletion view where a list of dicts containing {"item": <User Object>} gets passed
+
+    Args:
+        user: A user object OR an iterable containing either User objects/dictionaries of {"item": <User Object>}
+
+    Returns:
+        Count of all submissions associated to the user(s)
+
+    Raises:
+        TypeError: when none of the previously specified types are provided in `user`
+    """
     ApplicationSubmission = apps.get_model("funds", "ApplicationSubmission")
     if isinstance(user, User):
         return ApplicationSubmission.objects.filter(user=user).count()
diff --git a/hypha/apply/users/wagtail_hooks.py b/hypha/apply/users/wagtail_hooks.py
index 8109002daa..9f81f48f1e 100644
--- a/hypha/apply/users/wagtail_hooks.py
+++ b/hypha/apply/users/wagtail_hooks.py
@@ -51,7 +51,12 @@ def anonymize_delete_user_submissions(request, user):
 
         submissions_to_skeleton = list(
             user.applicationsubmission_set.exclude_draft().values(
-                "form_data", "page_id", "round_id", "status", "submit_time"
+                "form_data",
+                "page_id",
+                "round_id",
+                "status",
+                "submit_time",
+                "screening_statuses",
             )
         )
 
@@ -80,7 +85,14 @@ def bulk_anonymize_delete_user_submissions(
         submissions_to_skeleton = list(
             ApplicationSubmission.objects.filter(user__in=objects)
             .exclude_draft()
-            .values("form_data", "page_id", "round_id", "status", "submit_time")
+            .values(
+                "form_data",
+                "page_id",
+                "round_id",
+                "status",
+                "submit_time",
+                "screening_statuses",
+            )
         )
 
         for submission_dict in submissions_to_skeleton:

From 372bf62dacf39fdfa410ef84f5ce17effaa6242b Mon Sep 17 00:00:00 2001
From: Wes Appler <wes@opentech.fund>
Date: Tue, 3 Mar 2026 11:21:48 -0500
Subject: [PATCH 6/7] Test fixes and rebasing onto main

---
 hypha/apply/funds/forms.py                                | 1 +
 hypha/apply/funds/services.py                             | 2 --
 hypha/apply/funds/templates/funds/submissions_result.html | 8 --------
 hypha/apply/funds/views/results.py                        | 5 +----
 hypha/apply/funds/views/submission_delete.py              | 1 -
 5 files changed, 2 insertions(+), 15 deletions(-)

diff --git a/hypha/apply/funds/forms.py b/hypha/apply/funds/forms.py
index 06e12112f3..89492d0b77 100644
--- a/hypha/apply/funds/forms.py
+++ b/hypha/apply/funds/forms.py
@@ -510,6 +510,7 @@ class DeleteSubmissionForm(forms.Form):
             }
         ),
         initial="ANONYMIZE",
+        required=False,
     )
 
     def __init__(self, *args, **kwargs):
diff --git a/hypha/apply/funds/services.py b/hypha/apply/funds/services.py
index d95312da72..cbd7f074a5 100644
--- a/hypha/apply/funds/services.py
+++ b/hypha/apply/funds/services.py
@@ -102,8 +102,6 @@ def bulk_covert_to_skeleton_submissions(
     Returns:
         QuerySet of submissions that have been archived
     """
-    print("REQUEST PATH")
-    print(request.path)
     ApplicationSubmission = apps.get_model("funds", "ApplicationSubmission")
     ApplicationSubmissionSkeleton = apps.get_model(
         "funds", "ApplicationSubmissionSkeleton"
diff --git a/hypha/apply/funds/templates/funds/submissions_result.html b/hypha/apply/funds/templates/funds/submissions_result.html
index 133e6fffd0..2876ed081d 100644
--- a/hypha/apply/funds/templates/funds/submissions_result.html
+++ b/hypha/apply/funds/templates/funds/submissions_result.html
@@ -65,14 +65,6 @@ <h3 id="submissions-heading" class="section-header">{% trans "Submissions" %}</h
                                 {{ submission_undetermined_count|default:"0" }}
                             </dd>
                         </dl>
-                        <dl role="list" aria-label="{% trans 'Anonymized submissions' %}" class="stat">
-                            <dt class="stat-title">
-                                {% trans "Anonymized" %}
-                            </dt>
-                            <dd class="stat-value">
-                                {{ skeleton_count }}
-                            </dd>
-                        </dl>
                     </div>
                 </section>
 
diff --git a/hypha/apply/funds/views/results.py b/hypha/apply/funds/views/results.py
index 10be092993..d8e3fad40f 100644
--- a/hypha/apply/funds/views/results.py
+++ b/hypha/apply/funds/views/results.py
@@ -9,7 +9,7 @@
     staff_required,
 )
 
-from ..models import ApplicationSubmission, ApplicationSubmissionSkeleton
+from ..models import ApplicationSubmission
 from ..tables import (
     SubmissionFilterAndSearch,
 )
@@ -48,15 +48,12 @@ def get_context_data(self, **kwargs):
         review_count = reviews.count()
         review_my_score = reviews.by_user(user).score()
 
-        skeleton_count = skeletons.count()
-
         return super().get_context_data(
             submission_undetermined_count=submission_undetermined_count,
             review_my_count=review_my_count,
             submission_sum=submission_sum,
             submission_accepted_count=submission_accepted_count,
             submission_accepted_sum=submission_accepted_sum,
-            skeleton_count=skeleton_count,
             review_count=review_count,
             review_my_score=review_my_score,
             **kwargs,
diff --git a/hypha/apply/funds/views/submission_delete.py b/hypha/apply/funds/views/submission_delete.py
index 53251620d6..dd64a6080c 100644
--- a/hypha/apply/funds/views/submission_delete.py
+++ b/hypha/apply/funds/views/submission_delete.py
@@ -37,7 +37,6 @@ def get_success_url(self):
         return reverse_lazy("funds:submissions:list")
 
     def form_valid(self, form):
-
         submission = self.get_object()
 
         message = MESSAGES.DELETE_SUBMISSION

From 8e4a1112d4677d8409fb9c918cc0421957ccbea1 Mon Sep 17 00:00:00 2001
From: Wes Appler <wes@opentech.fund>
Date: Wed, 4 Mar 2026 12:53:42 -0500
Subject: [PATCH 7/7] Added more tests, fixed settings

---
 .../funds/templates/submissions/all.html      | 20 ++++---
 .../tests/views/test_submission_delete.py     | 60 ++++++++++++++++++-
 hypha/apply/funds/views/all.py                | 34 +++++++----
 hypha/settings/base.py                        |  2 +-
 4 files changed, 92 insertions(+), 24 deletions(-)

diff --git a/hypha/apply/funds/templates/submissions/all.html b/hypha/apply/funds/templates/submissions/all.html
index 2645d24d27..0d2e770fd5 100644
--- a/hypha/apply/funds/templates/submissions/all.html
+++ b/hypha/apply/funds/templates/submissions/all.html
@@ -500,15 +500,17 @@
                         {% heroicon_outline "trash" aria_hidden="true" size=14 class="stroke-base-content/80" %}
                         {% trans "Delete" %}
                     </button>
-                    <button
-                        hx-post="{% url 'apply:submissions:bulk-skeleton' %}"
-                        hx-include="[name='selectedSubmissionIds']"
-                        hx-confirm="{% trans 'Are you sure you want to anonymize the selected submissions? All draft submission will be deleted. This action cannot be undone.' %}"
-                        class="btn btn-sm"
-                    >
-                        {% heroicon_outline "user-minus" aria_hidden="true" size=14 class="stroke-base-content/80" %}
-                        {% trans "Anonymize" %}
-                    </button>
+                    {% if SUBMISSION_SKELETONING_ENABLED %}
+                        <button
+                            hx-post="{% url 'apply:submissions:bulk-skeleton' %}"
+                            hx-include="[name='selectedSubmissionIds']"
+                            hx-confirm="{% trans 'Are you sure you want to anonymize the selected submissions? All draft submission will be deleted. This action cannot be undone.' %}"
+                            class="btn btn-sm"
+                        >
+                            {% heroicon_outline "user-minus" aria_hidden="true" size=14 class="stroke-base-content/80" %}
+                            {% trans "Anonymize" %}
+                        </button>
+                    {% endif %}
                 {% endif %}
             </section>
         </header>
diff --git a/hypha/apply/funds/tests/views/test_submission_delete.py b/hypha/apply/funds/tests/views/test_submission_delete.py
index 6b8119d8e0..039475fc35 100644
--- a/hypha/apply/funds/tests/views/test_submission_delete.py
+++ b/hypha/apply/funds/tests/views/test_submission_delete.py
@@ -1,5 +1,7 @@
+from django.test import override_settings
 from django.urls import reverse
 
+from hypha.apply.funds.models.submissions import ApplicationSubmissionSkeleton
 from hypha.apply.funds.tests.factories.models import ApplicationSubmissionFactory
 from hypha.apply.funds.workflows import DRAFT_STATE
 from hypha.apply.users.tests.factories import AdminFactory, ApplicantFactory
@@ -26,8 +28,9 @@ def test_submission_delete_by_admin(db, client):
     assert res.status_code == 200
     assert "<form" in res.content.decode()
     assert f'action="{delete_url}"' in res.content.decode()
+    assert "id_anon_or_delete" not in res.content.decode()
 
-    res = client.post(delete_url, data={"delete": "delete"})
+    res = client.post(delete_url, data={"delete": "delete", "anon_or_delete": "DELETE"})
     assert res.status_code == 302
     assert res.url == "/apply/submissions/all/"
 
@@ -36,6 +39,61 @@ def test_submission_delete_by_admin(db, client):
     assert res.status_code == 404
 
 
+@override_settings(SUBMISSION_SKELETONING_ENABLED=True)
+def test_submission_delete_by_admin_skeleton_enabled(db, client):
+    # Check admin can delete submission
+    user = AdminFactory()
+    submission = ApplicationSubmissionFactory()
+
+    client.force_login(user)
+    delete_url = reverse("apply:submissions:delete", kwargs={"pk": submission.pk})
+    res = client.get(delete_url)
+    assert res.status_code == 200
+    assert "<form" in res.content.decode()
+    assert f'action="{delete_url}"' in res.content.decode()
+
+    res = client.post(delete_url, data={"delete": "delete", "anon_or_delete": "DELETE"})
+    assert res.status_code == 302
+    assert res.url == "/apply/submissions/all/"
+
+    # Check submission is deleted
+    res = client.get(delete_url)
+    assert res.status_code == 404
+
+    # Ensure no skeleton submission was created
+    assert ApplicationSubmissionSkeleton.objects.all().count() == 0
+
+
+@override_settings(SUBMISSION_SKELETONING_ENABLED=True)
+def test_submission_skeleton_by_admin_skeleton_enabled(db, client):
+    user = AdminFactory()
+    submission = ApplicationSubmissionFactory()
+
+    client.force_login(user)
+    delete_url = reverse("apply:submissions:delete", kwargs={"pk": submission.pk})
+    res = client.get(delete_url)
+    assert res.status_code == 200
+    assert "<form" in res.content.decode()
+    assert f'action="{delete_url}"' in res.content.decode()
+
+    # Add the skeleton option to the delete form
+    res = client.post(
+        delete_url, data={"delete": "delete", "anon_or_delete": "ANONYMIZE"}
+    )
+    assert res.status_code == 302
+    assert res.url == "/apply/submissions/all/"
+
+    # Check submission is deleted
+    res = client.get(delete_url)
+    assert res.status_code == 404
+
+    # Ensure a new skeleton submission was created
+    assert ApplicationSubmissionSkeleton.objects.all().count() == 1
+
+    last_skeleton = ApplicationSubmissionSkeleton.objects.last()
+    assert last_skeleton.value == submission.form_data["value"]
+
+
 def test_submission_delete_by_applicant(db, client):
     user = ApplicantFactory()
     submission = ApplicationSubmissionFactory(user=user, status=DRAFT_STATE)
diff --git a/hypha/apply/funds/views/all.py b/hypha/apply/funds/views/all.py
index bebad1ebd5..a99a2c1298 100644
--- a/hypha/apply/funds/views/all.py
+++ b/hypha/apply/funds/views/all.py
@@ -9,7 +9,12 @@
 from django.core.exceptions import PermissionDenied
 from django.core.paginator import Paginator
 from django.db import models
-from django.http import HttpRequest, HttpResponse, HttpResponseForbidden
+from django.http import (
+    HttpRequest,
+    HttpResponse,
+    HttpResponseForbidden,
+    HttpResponseNotAllowed,
+)
 from django.shortcuts import render
 from django.urls import reverse_lazy
 from django.utils.translation import gettext as _
@@ -383,21 +388,24 @@ def bulk_delete_submissions(request):
 @login_required
 @require_http_methods(["POST"])
 def bulk_skeleton_submissions(request):
-    if not permissions.can_bulk_delete_submissions(request.user):
-        return HttpResponseForbidden()
+    if settings.SUBMISSION_SKELETONING_ENABLED:
+        if not permissions.can_bulk_delete_submissions(request.user):
+            return HttpResponseForbidden()
 
-    submission_ids = request.POST.getlist("selectedSubmissionIds")
-    submissions = ApplicationSubmission.objects.filter(id__in=submission_ids).values(
-        "id", "form_data", "page_id", "round_id", "status", "submit_time"
-    )
+        submission_ids = request.POST.getlist("selectedSubmissionIds")
+        submissions = ApplicationSubmission.objects.filter(
+            id__in=submission_ids
+        ).values("id", "form_data", "page_id", "round_id", "status", "submit_time")
 
-    services.bulk_covert_to_skeleton_submissions(
-        submissions=submissions,
-        user=request.user,
-        request=request,
-    )
+        services.bulk_covert_to_skeleton_submissions(
+            submissions=submissions,
+            user=request.user,
+            request=request,
+        )
 
-    return HttpResponseClientRefresh()
+        return HttpResponseClientRefresh()
+
+    return HttpResponseNotAllowed()
 
 
 @login_required
diff --git a/hypha/settings/base.py b/hypha/settings/base.py
index 2fda59a7af..95ea95c5a7 100644
--- a/hypha/settings/base.py
+++ b/hypha/settings/base.py
@@ -90,7 +90,7 @@
 # Enable Projects in Hypha. Contracts and invoicing that comes after a submission is approved.
 PROJECTS_ENABLED = env.bool("PROJECTS_ENABLED", False)
 
-SUBMISSION_SKELETONING_ENABLED = True
+SUBMISSION_SKELETONING_ENABLED = env.bool("SUBMISSION_SKELETONING_ENABLED", False)
 
 # Auto create projects for approved applications.
 PROJECTS_AUTO_CREATE = env.bool("PROJECTS_AUTO_CREATE", False)