janpeter/Scrum4Me
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
Scrum4Me/actions
History
Exact
Madhura68 95eff4087c fix(demo): close 3 demo-policy gaps in mutation actions (before-launch) 
Audit van alle Server Actions revealed drie mutation-paden zonder
isDemo-check, terwijl de demo-policy zegt "demo-user is read-only":

- toggleTodoAction: demo kon eigen todos done/undone toggelen
- archiveCompletedTodosAction: demo kon todos archiveren (bulk)
- leaveProductAction: demo kon productMembership verlaten

Fix: standaard `if (session.isDemo) return { error: 'Niet beschikbaar in
demo-modus' }` toegevoegd, conform de andere mutation-actions.

Andere claim/unclaim/reassign/updateTaskPlan-actions zijn al gedekt via
requireProductWriter() → requireWriter() → demo-throw — nu code-side
geverifieerd voor de hele actions/-tree.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-04 14:14:01 +02:00
..
active-product.ts feat(M9): active product backlog — persistent active PB, NavBar splits, sprint card styling (#10) 2026-04-27 20:25:13 +02:00
api-tokens.ts feat(rate-limit): per-user mutation-rate-limiting (v1-readiness #3) 2026-05-04 13:48:59 +02:00
auth.ts feat(ST-1135): UA-redirect bij login — phone naar /m/* (T-322/T-323/T-324) 2026-05-04 10:09:09 +02:00
claude-jobs.ts feat(rate-limit): per-user mutation-rate-limiting (v1-readiness #3) 2026-05-04 13:48:59 +02:00
pairing.ts M10: Password-loze inlog via QR-pairing (ST-1001..ST-1008) (#12) 2026-04-28 00:01:04 +02:00
pbis.ts feat(rate-limit): per-user mutation-rate-limiting (v1-readiness #3) 2026-05-04 13:48:59 +02:00
products.ts fix(demo): close 3 demo-policy gaps in mutation actions (before-launch) 2026-05-04 14:14:01 +02:00
profile.ts feat(ST-507): persist email in updateProfileAction with Zod validation 2026-04-26 19:37:49 +02:00
questions.ts feat(rate-limit): per-user mutation-rate-limiting (v1-readiness #3) 2026-05-04 13:48:59 +02:00
sprints.ts feat(rate-limit): per-user mutation-rate-limiting (v1-readiness #3) 2026-05-04 13:48:59 +02:00
stories.ts feat(rate-limit): per-user mutation-rate-limiting (v1-readiness #3) 2026-05-04 13:48:59 +02:00
tasks.ts feat(rate-limit): per-user mutation-rate-limiting (v1-readiness #3) 2026-05-04 13:48:59 +02:00
todos.ts fix(demo): close 3 demo-policy gaps in mutation actions (before-launch) 2026-05-04 14:14:01 +02:00