till/managarten
1
0
Fork 0
mirror of https://github.com/Memo-2023/mana-monorepo.git synced 2026-05-15 18:39:40 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 4
managarten/packages/shared-privacy/src/defaults.ts
Till JS 259f6fb316 fix(shared-privacy): default all new records to 'space', not 'private' 
Regression reported in testing: tasks and calendar events created via
the Workbench homepage widgets appeared there but vanished from their
respective module sub-routes (/todo, /calendar).

Root cause: my M4.b + M4.a shipped `defaultVisibilityFor('personal') →
'private'` based on the original plan ("personal space default is
private"). That collides with the pre-existing 2-tier visibility filter
in `apps/mana/apps/web/src/lib/data/scope/visibility.ts`, which treats
'private' records as "only the authorId sees them, even inside the
same space". Its applyVisibility() drops any 'private' record whose
authorId doesn't exactly match getCurrentUserId() — and the homepage-
widget cross-app queries in cross-app-queries.ts don't run that filter
while /todo/useAllTasks() does, creating the asymmetry the user saw.

Why the match can fail in practice: during auth bootstrap,
getEffectiveUserId() returns the 'guest' sentinel (which the Dexie
creating-hook stamps onto authorId), while getCurrentUserId() can
already resolve to the real user id by the time /todo's query runs.
authorId='guest' !== currentUserId=<real> → record filtered out.

Fix: defaultVisibilityFor() now returns 'space' regardless of space
type. Rationale:
- In a personal space there's exactly one member, so 'space' and
  'private' are effectively equivalent — both mean "only the owner
  sees it".
- In a multi-member space, 'space' is the desired default (otherwise
  every collaborative record would need a manual toggle).
- 'private' becomes an *active* user decision for drafts in shared
  spaces — click the VisibilityPicker to enable it.
- The parameter is retained (as `_spaceType`) for forward-compat so
  future space types can differentiate without touching call sites.

Impact on shipped modules: all 8 consumers (Library, Picture,
Calendar, Todo, Goals, Places, Recipes, Wardrobe) call
defaultVisibilityFor(activeSpace.type) at create time — they inherit
the fix automatically. No store edits required.

Existing records with visibility='private' from the testing window
stay as they are; user can flip them to 'Bereich' via the
VisibilityPicker, or reset the local Dexie to pick up the new default.

Plan doc updated with the full rationale (docs/plans/
visibility-system.md §Entscheidung).

Verified:
- pnpm test @mana/shared-privacy: 15/15 (defaults.test.ts updated)
- pnpm check (web): 7464 files, 0 errors

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-24 14:46:48 +02:00

30 lines
1.4 KiB
TypeScript
Raw Blame History

import type { VisibilityLevel } from './types';
/**
* Default visibility for newly-created records — always 'space'.
*
* Why not 'private' for personal spaces even though the original plan
* read "personal → private": it would fight the existing 2-tier
* visibility filter in `apps/mana/apps/web/src/lib/data/scope/
* visibility.ts`, which treats `'private'` records as "only the author
* sees them, even inside the same space". That's the semantic the
* broader codebase already depends on — queries like `useAllTasks()`
* apply it at read time. Stamping `'private'` as the default here
* causes records to disappear from module sub-routes during auth
* bootstrap (authorId stamped with the guest-sentinel, later filtered
* out once the real user id resolves).
*
* In a personal space there's only one member, so 'space' and 'private'
* are equivalent in effect — both mean "only you see it". In
* multi-member spaces, 'space' means "fellow members can see it"
* which is the desired default for collaboration. Users who want a
* genuine "draft, hide from fellow members" state flip explicitly
* to `'private'` via the VisibilityPicker.
*
* The parameter is retained for forward-compatibility — a future
* space type (e.g. 'restricted' invite-only) might want a different
* default without changing every call site.
*/
export function defaultVisibilityFor(_spaceType: string | null | undefined): VisibilityLevel {
return 'space';
}
Reference in a new issue View git blame Copy permalink