Skip to content

Fix public-launch review blockers (P1 demo write hole, P2 toolbar)#30

Merged
bnz183 merged 2 commits into
feature/public-ready-studio-editor-finalfrom
fix/public-launch-review-blockers
Jun 16, 2026
Merged

Fix public-launch review blockers (P1 demo write hole, P2 toolbar)#30
bnz183 merged 2 commits into
feature/public-ready-studio-editor-finalfrom
fix/public-launch-review-blockers

Conversation

@bnz183

@bnz183 bnz183 commented Jun 16, 2026

Copy link
Copy Markdown
Owner

Addresses the pre-launch review blockers on PR #27, routed into the feature branch via PR per the branch ruleset. Supersedes the lint-only PR #28 (includes its commit).

P1 — security/behavior (demo must stay read/demo-only)

  • /api/setup/generate-config writes a real sourcedraft.config.json but only had requireAuth, so a demo session could mutate real files. Added requireNonDemo (rejects forced-demo deployments and demo sessions with 403) and applied it to that route.
  • The guard deliberately uses isHardDemoRequest (forced demo OR actual demo session), not isRequestDemoSession — so a real authenticated user can still generate config before a publisher is configured.
  • Centralized client publish gating in canSubmitPublish/isRealPublish: a real publish requires a connected, non-demo Studio; demo mode only simulates. Unauthenticated/demo can never trigger a real publish (server is authoritative; demo routes to simulation).

P2 — toolbar

  • Disabled toolbar controls now route both their disabled attribute and their click handler through one isToolbarButtonEnabled predicate, so a disabled control can never run its command even if the native disabled state is bypassed.

Tests

  • requireNonDemo.test.ts — forced demo and demo sessions blocked; real authenticated (even pre-publisher) allowed.
  • publishGate.test.ts — demo never real-publishes; configured non-demo can; invalid/in-flight blocked.
  • toolbarButton.test.ts — disabled/source-mode controls are not runnable.
  • e2e — source-mode controls absent; undo stays disabled under a forced click.

Also folds in the earlier lint cleanup (insertFileLink, slash-extension latest-ref pattern).

Local results: pnpm build ✅, pnpm test ✅ (studio 115, 0 fail), pnpm test:e2e ✅ 16/16, pnpm lint ✅.

🤖 Generated with Claude Code

bnz183 and others added 2 commits June 16, 2026 21:02
Drop unused initializers in insertFileLink and scope an eslint-disable
around the intentional latest-ref slash-extension pattern. No behavior
change; build, unit tests, and e2e all pass.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
P1: add requireNonDemo guard so demo sessions and forced-demo deployments
cannot trigger real writes; apply it to /api/setup/generate-config (which
writes sourcedraft.config.json). The guard blocks genuine demo only, so a
real authenticated user can still generate config before a publisher is
configured. Centralize client publish gating (canSubmitPublish/isRealPublish):
a real publish requires a connected, non-demo Studio; demo only simulates.

P2: route toolbar disabled state and click handling through a single
isToolbarButtonEnabled predicate so a disabled control can never run its
command even if the native disabled state is bypassed.

Adds regression tests: requireNonDemo (server), publish gating and
isToolbarButtonEnabled (unit), and source-mode/disabled toolbar e2e.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
@bnz183 bnz183 merged commit c17d2b8 into feature/public-ready-studio-editor-final Jun 16, 2026
8 checks passed
@bnz183 bnz183 deleted the fix/public-launch-review-blockers branch June 16, 2026 22:04
bnz183 added a commit that referenced this pull request Jun 16, 2026
* feat: improve setup detection, config generation, and Studio editor polish

Add content-root detection, frontmatter inference, and server-side config generation while hardening auth, rate limits, and writer-facing Studio workflows.

* fix: finish demo mode toggle from login and exit banner

Allow demo by default unless disabled, remove misleading unavailable copy, and wire Exit demo mode back to the login screen.

* feat: finalize public Studio onboarding and editor polish

Add Underline to the editor toolbar (already-loaded extension that
round-trips to <u> HTML passthrough), clarify the disabled file-link
copy, and align editor docs with shipped behavior.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

* Fix public-launch review blockers (P1 demo write hole, P2 toolbar) (#30)

* fix: clear pre-existing Studio editor lint errors

Drop unused initializers in insertFileLink and scope an eslint-disable
around the intentional latest-ref slash-extension pattern. No behavior
change; build, unit tests, and e2e all pass.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

* fix: close demo write hole and harden disabled toolbar controls

P1: add requireNonDemo guard so demo sessions and forced-demo deployments
cannot trigger real writes; apply it to /api/setup/generate-config (which
writes sourcedraft.config.json). The guard blocks genuine demo only, so a
real authenticated user can still generate config before a publisher is
configured. Centralize client publish gating (canSubmitPublish/isRealPublish):
a real publish requires a connected, non-demo Studio; demo only simulates.

P2: route toolbar disabled state and click handling through a single
isToolbarButtonEnabled predicate so a disabled control can never run its
command even if the native disabled state is bypassed.

Adds regression tests: requireNonDemo (server), publish gating and
isToolbarButtonEnabled (unit), and source-mode/disabled toolbar e2e.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

---------

Co-authored-by: bnz183 <bnz183@users.noreply.github.com>
Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>

---------

Co-authored-by: bnz183 <bnz183@users.noreply.github.com>
Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant