john/tractatus
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
tractatus/src/routes
History
TheFlow 79a280a403 feat(security): implement document publish workflow with safe defaults 
SECURITY IMPROVEMENTS:
- Change default visibility from 'public' to 'internal' (prevents accidental exposure)
- Add visibility validation (public/internal/confidential/archived)
- Require valid category for public documents
- Add workflow_status tracking (draft/review/published)

PUBLISH WORKFLOW:
- New Document.publish(id, options) method with comprehensive validation
- New Document.unpublish(id, reason) method with audit trail
- New Document.listByWorkflowStatus(status) for workflow management

API ENDPOINTS (Admin only):
- POST /api/documents/:id/publish - Explicit publish with category validation
- POST /api/documents/:id/unpublish - Revert to internal with reason
- GET /api/documents/drafts - List unpublished documents

WORLD-CLASS UX:
- Clear validation messages with actionable guidance
- Lists available categories in error messages
- Tracks publish/unpublish history for audit trail

BACKWARD COMPATIBLE:
- Existing public documents unaffected
- Migration scripts automatically use safer defaults

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-10-19 12:34:51 +13:00
..
admin.routes.js feat: add API routes, controllers, and migration tools 2025-10-07 00:36:40 +13:00
audit.routes.js feat: enhance framework services and format architectural documentation 2025-10-11 00:50:47 +13:00
auth.routes.js security: comprehensive security audit and hardening 2025-10-10 05:34:40 +13:00
blog.routes.js feat: comprehensive accessibility improvements (WCAG 2.1 AA) 2025-10-12 07:08:40 +13:00
cases.routes.js feat: add case submission portal admin interface and i18n support 2025-10-16 14:50:47 +13:00
demo.routes.js feat: comprehensive accessibility improvements (WCAG 2.1 AA) 2025-10-12 07:08:40 +13:00
documents.routes.js feat(security): implement document publish workflow with safe defaults 2025-10-19 12:34:51 +13:00
governance.routes.js feat(infra): semantic versioning and systemd service implementation 2025-10-09 09:16:22 +13:00
hooks-metrics.routes.js fix: correct auth middleware imports in hooks metrics route 2025-10-15 21:03:32 +13:00
index.js feat: enhance hooks with metrics tracking and admin dashboard 2025-10-15 20:17:11 +13:00
koha.routes.js feat(koha): implement Stripe Customer Portal integration 2025-10-18 22:19:08 +13:00
media.routes.js security: complete Phase 0 Quick Wins implementation 2025-10-14 15:32:54 +13:00
newsletter.routes.js security: complete Phase 0 Quick Wins implementation 2025-10-14 15:32:54 +13:00
projects.routes.js feat: implement Rule Manager and Project Manager admin systems 2025-10-11 17:16:51 +13:00
rules.routes.js feat: implement Rule Manager and Project Manager admin systems 2025-10-11 17:16:51 +13:00
test.routes.js feat: complete file security testing with production-ready malware detection 2025-10-14 18:03:56 +13:00