janpeter/Scrum4Me
0
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
Scrum4Me/__tests__/api
History
Janpeter Visser 1cb5772edd
M12 / ST-1110: Demo gebruiker read-only (#17) 
* feat(ST-1110.3): add proxy.ts demo-guard for non-GET API routes

* feat(ST-1110.3+4): demo-guard proxy + block demo in QR-pairing

- proxy.ts: gebruik unsealData ipv getIronSession (middleware-compatibel)
- pair/start: isDemo-check via cookies() guard
- pair/claim: check pairing.user.is_demo na DB-read; 403 + clearPairCookie

* feat(ST-1110.5): unify demo write-button pattern to disabled+tooltip

Convert all !isDemo && <Button> patterns to <DemoTooltip show={isDemo}>
<Button disabled={isDemo}> so demo visitors see app capabilities.
Affects: pbi-list, story-panel, story-dialog, task-list, sprint-backlog,
token-manager, product-list, activate-product-button, leave-product-button,
settings page.

* test(ST-1110.6): proxy demo-guard coverage — 403 for demo+non-GET on /api/*

* docs(ST-1110.7): document three-layer demo-readonly policy and mirror plan
2026-04-29 18:44:14 +02:00
..
cron-expire-questions.test.ts M11: Claude vraagt, gebruiker antwoordt (ST-1101..ST-1108) (#13) 2026-04-29 11:38:23 +02:00
next-story.test.ts Todo description, entity codes, REST API extensions and Claude Code hardening (ST-509/511/512/513) (#2) 2026-04-26 23:40:54 +02:00
notifications-stream.test.ts M11: Claude vraagt, gebruiker antwoordt (ST-1101..ST-1108) (#13) 2026-04-29 11:38:23 +02:00
pair-claim.test.ts M12 / ST-1110: Demo gebruiker read-only (#17) 2026-04-29 18:44:14 +02:00
pair-start.test.ts M12 / ST-1110: Demo gebruiker read-only (#17) 2026-04-29 18:44:14 +02:00
pair-stream.test.ts M10: Password-loze inlog via QR-pairing (ST-1001..ST-1008) (#12) 2026-04-28 00:01:04 +02:00
products.test.ts test(products): add unit tests for GET /api/products 2026-04-25 18:31:35 +02:00
reorder.test.ts Todo description, entity codes, REST API extensions and Claude Code hardening (ST-509/511/512/513) (#2) 2026-04-26 23:40:54 +02:00
security.test.ts Todo description, entity codes, REST API extensions and Claude Code hardening (ST-509/511/512/513) (#2) 2026-04-26 23:40:54 +02:00
sprint-tasks.test.ts Todo description, entity codes, REST API extensions and Claude Code hardening (ST-509/511/512/513) (#2) 2026-04-26 23:40:54 +02:00
story-log.test.ts Todo description, entity codes, REST API extensions and Claude Code hardening (ST-509/511/512/513) (#2) 2026-04-26 23:40:54 +02:00
tasks.test.ts Todo description, entity codes, REST API extensions and Claude Code hardening (ST-509/511/512/513) (#2) 2026-04-26 23:40:54 +02:00
todos.test.ts Todo description, entity codes, REST API extensions and Claude Code hardening (ST-509/511/512/513) (#2) 2026-04-26 23:40:54 +02:00