jeffemmett
/
canvas-website
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update task task-052

This commit is contained in:
Jeff Emmett 2025-12-15 13:32:12 -05:00
parent 3f71222bf9
commit bfacc55486
1 changed files with 33 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

44
backlog/tasks/task-052 - Flip-permissions-model-everyone-edits-by-default,-protected-boards-opt-in.md
View File

@ -4,7 +4,7 @@ title: 'Flip permissions model: everyone edits by default, protected boards opt-
status: Done
assignee: []
created_date: '2025-12-15 17:23'
updated_date: '2025-12-15 17:45'
updated_date: '2025-12-15 18:32'
labels: []
dependencies: []
priority: high
@ -26,24 +26,46 @@ Key changes:
## Acceptance Criteria
<!-- AC:BEGIN -->
- [ ] #1 Anonymous users can edit unprotected boards
- [ ] #2 Protected boards are view-only for non-editors
- [ ] #3 Global admin (jeffemmett@gmail.com) has admin on all boards
- [ ] #4 Settings dropdown shows view-only toggle for admins
- [ ] #5 Can add/remove editors on protected boards
- [x] #1 Anonymous users can edit unprotected boards
- [x] #2 Protected boards are view-only for non-editors
- [x] #3 Global admin (jeffemmett@gmail.com) has admin on all boards
- [x] #4 Settings dropdown shows view-only toggle for admins
- [x] #5 Can add/remove editors on protected boards
- [ ] #6 Admin request button sends email
<!-- AC:END -->
## Implementation Notes
<!-- SECTION:NOTES:BEGIN -->
Pushed to dev branch (commit 2fe96fa)
## Implementation Complete (Dec 15, 2025)
Backend: schema.sql, boardPermissions.ts, types.ts, worker.ts updated
### Backend Changes (commit 2fe96fa)
- **worker/schema.sql**: Added `is_protected` column to boards, created `global_admins` table
- **worker/types.ts**: Added `GlobalAdmin` interface, extended `PermissionCheckResult`
- **worker/boardPermissions.ts**: Rewrote `getEffectivePermission()` with new logic, added `isGlobalAdmin()`, new API handlers
- **worker/worker.ts**: Added routes for `/boards/:boardId/info`, `/boards/:boardId/editors`, `/admin/request`
- **worker/migrations/001_add_protected_boards.sql**: Migration script created
Frontend: BoardSettingsDropdown.tsx created, AuthContext.tsx and Board.tsx updated
### D1 Migration (executed manually)
```sql
ALTER TABLE boards ADD COLUMN is_protected INTEGER DEFAULT 0;
CREATE INDEX IF NOT EXISTS idx_boards_protected ON boards(is_protected);
CREATE TABLE IF NOT EXISTS global_admins (email TEXT PRIMARY KEY, added_at TEXT, added_by TEXT);
INSERT OR IGNORE INTO global_admins (email) VALUES ('jeffemmett@gmail.com');
```
Migration script created at worker/migrations/001_add_protected_boards.sql
### Frontend Changes (commit 3f71222)
- **src/ui/components.tsx**: Integrated board protection settings into existing settings dropdown
- Protection toggle (view-only mode)
- Editor list management (add/remove)
- Global Admin badge display
- **src/context/AuthContext.tsx**: Changed default permission to 'edit' for everyone
- **src/routes/Board.tsx**: Updated `isReadOnly` logic for new permission model
- **src/components/BoardSettingsDropdown.tsx**: Created standalone component (kept for reference)
NEXT STEPS: Run D1 migration on Cloudflare, add BoardSettingsDropdown to UI, test
### Worker Deployment
- Deployed to Cloudflare Workers (version 5ddd1e23-d32f-459f-bc5c-cf3f799ab93f)
### Remaining
- [ ] AC #6: Admin request email flow (Resend integration needed)
<!-- SECTION:NOTES:END -->