feat(PBI-80): demo-user mag eigen UI-voorkeuren wijzigen (#194)

* feat(PBI-80): SprintSwitcher demo-fork (ST-1345) Demo-sessies navigeren bij sprint-wissel direct via router.push, zonder de geblokkeerde setActiveSprintAction aan te roepen. De server-action behoudt zijn 403-guard als defense in depth. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> * feat(PBI-80): NavBar demo-fork + URL-derived actief product (ST-1346) Demo: product-switch in de NavBar navigeert direct via router.push zonder setActiveProductAction. Voor de weergave (label + dropdown-highlight + nav-links) leiden we voor demo de actieve product af uit pathname, zodat de UI consistent is met de URL — de server-render houdt de seed-default prop maar die wordt voor demo overschreven. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> * docs(PBI-80): ADR-0006 addendum + demo-client-state patroon (ST-1347) ADR-0006 krijgt een "Updated 2026-05-12"-sectie die de PBI-80-uitzondering documenteert: client-side UI-prefs (filters, sort, layout, scope-keuze) zijn voor demo toegestaan via in-memory store, terwijl alle data-mutaties three-layer beschermd blijven. Patroon-doc beschrijft wanneer en hoe `isDemo` te gebruiken in nieuwe componenten. CLAUDE.md quickref + docs/INDEX.md ge-update. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-12 20:03:40 +02:00 · 2026-05-12 20:03:40 +02:00 · 2b4b5bf719
commit 2b4b5bf719
parent 2bef1a4c20
9 changed files with 667 additions and 8 deletions
--- a/docs/adr/0006-demo-user-three-layer-policy.md
+++ b/docs/adr/0006-demo-user-three-layer-policy.md
@ -28,3 +28,24 @@ Write protection for the demo user is enforced at **three independent layers**:

 - Three enforcement sites for every new write operation — easy to miss one when adding a new feature.
 - Mitigation: the `DemoTooltip` pattern is documented in `docs/patterns/` and enforced in code review.
+
+## Updated 2026-05-12 — Exception for client-side UI preferences
+
+PBI-80 relaxes the policy *for client-side UI preferences only*:
+
+- **Allowed for demo:** product-switch and sprint-switch via URL navigation,
+  filters/sort, layout state (split-panes, collapsed PBIs, selections) —
+  routed through the in-memory `useUserSettingsStore`.
+- **Why this is safe:** none of these touch the database. The demo user is a
+  single shared row, but each visitor's browser holds its own Zustand store
+  and URL state. A refresh resets to seed defaults; visitors never see each
+  other's choices.
+- **Unchanged — three-layer enforcement still applies to:** all data mutations
+  (PBI/story/task/sprint create/update/delete/reorder), account fields
+  (username, password, email), role assignment, QR-pairing, web-push, and any
+  cron/webhook secrets.
+- **Pattern for new demo-friendly features:** if it is UI state, route it
+  through `useUserSettingsStore.setPref` (which already has a demo-fork at
+  [stores/user-settings/store.ts:80](../../stores/user-settings/store.ts)) or
+  pure URL navigation via `router.push`. Never call a server action for demo.
+  See [docs/patterns/demo-client-state.md](../patterns/demo-client-state.md).