marcel/familienarchiv
1
0
Fork 0
Code Issues 105 Pull Requests 1 Actions Packages Projects Releases Wiki Activity

feat(security): add BLOG_WRITE permission and GESCHICHTE_NOT_FOUND error code

Browse Source 
Foundation for the Geschichten (story) domain (issue #381). BLOG_WRITE gates
authoring of family memory stories; GESCHICHTE_NOT_FOUND is also returned for
DRAFTs requested by users without BLOG_WRITE so existence is not leaked.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
This commit is contained in:
Marcel
2026-05-02 17:23:03 +02:00
parent f662bd870e
commit 71b249bf31
2 changed files with 5 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
backend/src/main/java/org/raddatz/familienarchiv/exception/ErrorCode.java
View File

@@ -103,6 +103,10 @@ public enum ErrorCode {
/** A relationship with the same (person, relatedPerson, type) already exists. 409 */ /** A relationship with the same (person, relatedPerson, type) already exists. 409 */
DUPLICATE_RELATIONSHIP, DUPLICATE_RELATIONSHIP,
// --- Geschichten (Stories) ---
/** A Geschichte (story) with the given ID does not exist, or is a DRAFT and the caller lacks BLOG_WRITE. 404 */
GESCHICHTE_NOT_FOUND,
// --- Tags --- // --- Tags ---
/** A tag with the given ID does not exist. 404 */ /** A tag with the given ID does not exist. 404 */
TAG_NOT_FOUND, TAG_NOT_FOUND,

1
backend/src/main/java/org/raddatz/familienarchiv/security/Permission.java
View File

@@ -4,6 +4,7 @@ public enum Permission {
READ_ALL, READ_ALL,
WRITE_ALL, WRITE_ALL,
ANNOTATE_ALL, ANNOTATE_ALL,
BLOG_WRITE,
ADMIN, ADMIN,
ADMIN_USER, ADMIN_USER,
ADMIN_TAG, ADMIN_TAG,