marcel/familienarchiv
1
0
Fork 0
Code Issues 119 Pull Requests 1 Actions Packages Projects Releases Wiki Activity

fix(geschichte): stop exposing author email in the list projection

Browse Source 
GET /api/geschichten shipped every author's AppUser email to all readers via
GeschichteSummary.AuthorSummary — contradicting the documented rule that
author projections never expose email or group memberships. The frontend
only used it as a display-name fallback; it now falls back to [Unbekannt],
matching the server-side rule in GeschichteService.toView.

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
This commit is contained in:
Marcel
2026-06-10 07:25:11 +02:00
parent b3d54a12c4
commit e077dba595
9 changed files with 28 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
frontend/src/lib/geschichte/GeschichtenCard.svelte
View File

@@ -27,7 +27,7 @@ function authorName(g: GeschichteSummary): string {
const a = g.author;
if (!a) return '';
const full = [a.firstName, a.lastName].filter(Boolean).join(' ').trim();
return full || a.email || '';
return full || '[Unbekannt]';
}
</script>