fix(ui): hide write/edit controls from READ_ALL (read-only) users (#696) #699

Merged

marcel merged 4 commits from feat/issue-696-hide-write-controls into main 2026-05-31 11:31:35 +02:00

Conversation 7 Commits 4 Files Changed 3 +34 -1

4 Commits

Author	SHA1	Message	Date
Marcel	944370dcfd	refactor(layout): extract canUpload derived for the upload-button gate (#696) ... Move the inline {#if data?.user && data.canWrite} condition into a named $derived, matching the existing isAdmin / isAuthPage derivations in the same file. No behaviour change — the 11 layout specs stay green. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-05-31 11:22:09 +02:00
Marcel	5edefdd082	test(document): document READ_ALL -> 403 on document write endpoints (#696) ... Hiding the header upload button is UI polish; the real control is endpoint authz. Add explicit READ_ALL-only 403 boundary tests for POST /api/documents and POST /api/documents/quick-upload, matching the reader-only convention already used elsewhere in this suite. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-05-31 11:11:17 +02:00
Marcel	97274beba0	test(layout): lock upload-button gate against ANNOTATE_ALL-only users (#696) ... Documents that the gate keys on lack of WRITE_ALL, not on being READ_ALL: an ANNOTATE_ALL-only user (canWrite=false) must still not see the upload link. The writer-sees-it contract is already covered by the existing upload-link tests. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-05-31 11:08:51 +02:00
Marcel	c3652f5b57	fix(ui): hide header upload button from non-writers (#696) ... The header "Hochladen" link was gated only on {#if data?.user}, so a reader without WRITE_ALL saw it, clicked it, and got bounced by the server-side redirect in documents/new — confusing friction on the main read journey. Gate it on data.canWrite (already on the layout data). Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-05-31 11:07:35 +02:00