Skip to content

Finalize public Studio onboarding and editor polish#27

Merged
bnz183 merged 4 commits into
mainfrom
feature/public-ready-studio-editor-final
Jun 16, 2026
Merged

Finalize public Studio onboarding and editor polish#27
bnz183 merged 4 commits into
mainfrom
feature/public-ready-studio-editor-final

Conversation

@bnz183

@bnz183 bnz183 commented Jun 16, 2026

Copy link
Copy Markdown
Owner

Final public-readiness pass for SourceDraft Studio. Improves first-install demo access, protected publishing states, navigability, editor toolbar polish, setup clarity, and honest public docs.

Highlights

  • First install opens an onboarding/welcome screen (no hard password block); "Try demo mode" is primary and works without credentials.
  • Real publish, repo writes, and secret-bearing settings stay protected; demo publish is simulated only.
  • Editor toolbar adds Underline (already-loaded Tiptap extension; round-trips to <u> passthrough) and clearer disabled file-link copy.
  • Docs updated to match shipped behavior (docs/editor.md, docs/editor-parity.md): Underline shipped; text alignment and tables remain not-shipped/planned (no portable Markdown output).

Validation

  • pnpm build
  • pnpm test ✅ (0 failures across all packages; studio 104)
  • pnpm test:e2e ✅ 14/14 (demo mode, no credentials)

🤖 Generated with Claude Code

bnz183 and others added 3 commits June 16, 2026 19:02
…olish

Add content-root detection, frontmatter inference, and server-side config generation while hardening auth, rate limits, and writer-facing Studio workflows.
Allow demo by default unless disabled, remove misleading unavailable copy, and wire Exit demo mode back to the login screen.
Add Underline to the editor toolbar (already-loaded extension that
round-trips to <u> HTML passthrough), clarify the disabled file-link
copy, and align editor docs with shipped behavior.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 7c9e6560c7

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

}

return !isPublisherConfigured();
return true;

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P1 Badge Do not let demo mode authenticate protected setup routes

When a configured Studio is reachable without SOURCEDRAFT_DEMO_MODE=false, this default true lets any visitor call /api/auth/demo and receive a valid session. requireAuth then accepts that demo session for non-demo-routed endpoints such as /api/setup/detect and /api/setup/generate-config, so an unauthenticated visitor can inspect the server project layout and, when no config exists, trigger config generation. Either keep demo unavailable once a publisher is configured, or ensure demo sessions are rejected from setup/diagnostic write routes.

Useful? React with 👍 / 👎.

Comment on lines +117 to +118
if (flag === "false") {
return false;

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Badge Honor demo-off flag in request routing

In instances with SOURCEDRAFT_DEMO_MODE=false and an incomplete publisher, this branch makes the sign-in screen report that demo mode is disabled, but after a password login isRequestDemoSession() still returns true from !isPublisherConfigured() and routes /api/config, /api/posts, and /api/publish to fixture data and simulated writes. The false flag needs to be consulted by the request-routing helpers too, otherwise operators cannot actually disable demo mode while finishing setup.

Useful? React with 👍 / 👎.

* fix: clear pre-existing Studio editor lint errors

Drop unused initializers in insertFileLink and scope an eslint-disable
around the intentional latest-ref slash-extension pattern. No behavior
change; build, unit tests, and e2e all pass.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

* fix: close demo write hole and harden disabled toolbar controls

P1: add requireNonDemo guard so demo sessions and forced-demo deployments
cannot trigger real writes; apply it to /api/setup/generate-config (which
writes sourcedraft.config.json). The guard blocks genuine demo only, so a
real authenticated user can still generate config before a publisher is
configured. Centralize client publish gating (canSubmitPublish/isRealPublish):
a real publish requires a connected, non-demo Studio; demo only simulates.

P2: route toolbar disabled state and click handling through a single
isToolbarButtonEnabled predicate so a disabled control can never run its
command even if the native disabled state is bypassed.

Adds regression tests: requireNonDemo (server), publish gating and
isToolbarButtonEnabled (unit), and source-mode/disabled toolbar e2e.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

---------

Co-authored-by: bnz183 <bnz183@users.noreply.github.com>
Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
@bnz183 bnz183 merged commit 4165bda into main Jun 16, 2026
7 checks passed
@bnz183 bnz183 deleted the feature/public-ready-studio-editor-final branch June 16, 2026 22:08
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant