VARASYS/ZDDC
1
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
ZDDC/zddc/internal/handler
History
ZDDC 72c0552750 feat(browse): "Show hidden" toggle — list .-prefixed and _-prefixed entries 
Adds a UI checkbox next to the existing Sort dropdown that surfaces
hidden entries when ACL would otherwise allow read. Default off
(matches today's filtered behavior). On toggle, browse re-fetches
the current directory with ?hidden=1 and re-renders.

  ┌─ browse toolbar ─────────────────────────────────────────────┐
  │  Sort: [Name (A→Z) ▾]    ☐ Show hidden                       │
  └──────────────────────────────────────────────────────────────┘

Server-side surface:

  - internal/fs/tree.go ListDirectory gains an `includeHidden bool`
    parameter. The .-prefix filter (previously hard-coded) now also
    drops _-prefix entries (matches dispatch's reserved-prefix guard)
    and honors the new flag.
  - internal/handler/directory.go reads `?hidden=1` from the request
    and threads it through.
  - cmd/zddc-server/main.go dispatcher relaxes its dot-prefix and
    _-prefix guards for GET/HEAD when `?hidden=1` is set, so clicking
    a hidden entry's link works. `_app/` (apps cache) stays
    unconditionally reserved — those bytes must go through the apps
    resolver. Writes to hidden paths stay blocked (the file API has
    its own segment check that the flag does NOT relax).
  - internal/listing/listing.go: signature parity (the lower-level
    helper that's used by tests + non-cascade listing paths).

Security model unchanged: the ACL chain on the parent dir is the only
real gate. Whoever can read the dir can see its contents — toggling
"Show hidden" just stops the client-side filter from masking
.-prefixed and _-prefixed entries. Hidden paths today:

  • <dir>/.zddc                ACL YAML — already exposed via /.profile/zddc
  • <dir>/.converted/<base>    cached MD→DOCX/HTML/PDF, same sensitivity as source
  • <root>/.zddc.d/tokens/     per-token metadata; filename = sha256(token)
                               so not bearer-usable. Default root ACL
                               restricts to admins; matches /.tokens UI.
  • <root>/.zddc.d/logs/       access logs; same admins-only audience
  • <root>/_app/               cached upstream tool HTML (public)
  • <root>/_template/          install.zip scaffolding (public)

None of these contain bearer credentials or secret material that the
existing ACL doesn't already gate. The walls are still the cascade.
2026-05-13 14:45:41 -05:00
..
archivehandler.go refactor(zddc-server): demote routing-shape redirects from 301 to 302 2026-05-10 14:37:02 -05:00
archivehandler_test.go feat(archive): canonicalize deep .archive URLs + permissions follow the file 2026-05-07 06:28:07 -05:00
authcheck.go feat(zddc-server): /.auth/admin forward_auth endpoint 2026-05-01 21:08:39 -05:00
authcheck_test.go feat(zddc-server): /.auth/admin forward_auth endpoint 2026-05-01 21:08:39 -05:00
converthandler.go feat(zddc): MD→{docx,html,pdf} server-side conversion via stock pandoc + chromium containers 2026-05-13 10:33:56 -05:00
cors.go feat(server): authenticated CRUD + verb-based RBAC with WORM archive folders 2026-05-05 15:58:04 -05:00
cors_test.go feat(zddc-server): admin debug page + X-Auth-Request-Email default + hidden-segment guard 2026-04-28 14:02:06 -05:00
default-mdl.form.yaml feat(mdl): default columns mirror tracking-number components + customizable 2026-05-09 11:09:31 -05:00
default-mdl.table.yaml feat(mdl): default columns mirror tracking-number components + customizable 2026-05-09 11:09:31 -05:00
directory.go feat(browse): "Show hidden" toggle — list .-prefixed and _-prefixed entries 2026-05-13 14:45:41 -05:00
directory_test.go fix(zddc-server): mdl slash form serves browse; .zddc viewable at every depth 2026-05-11 12:45:16 -05:00
fileapi.go feat(zddc): MD→{docx,html,pdf} server-side conversion via stock pandoc + chromium containers 2026-05-13 10:33:56 -05:00
fileapi_test.go refactor(zddc): worm: is a list of principals, not a {principal: verbs} map 2026-05-12 09:40:15 -05:00
formhandler.go refactor(tables): in-dir convention + unified table+form HTML bundle 2026-05-09 09:15:26 -05:00
formhandler_test.go refactor(tables): in-dir convention + unified table+form HTML bundle 2026-05-09 09:15:26 -05:00
logring.go feat(zddc-server): user profile page replaces /.admin/ 2026-04-29 16:32:02 -05:00
logring_test.go feat(zddc-server): admin debug page + X-Auth-Request-Email default + hidden-segment guard 2026-04-28 14:02:06 -05:00
middleware.go feat(server): case-insensitive URL canonicalization at dispatch 2026-05-09 09:09:47 -05:00
middleware_test.go feat(server): self-issued bearer tokens + --no-auth flag 2026-05-08 07:40:28 -05:00
profilehandler.go feat(handler): expose inherit fence in /.profile/effective-policy 2026-05-07 11:02:33 -05:00
profilehandler_test.go feat(handler): expose inherit fence in /.profile/effective-policy 2026-05-07 11:02:33 -05:00
profilepage.go feat: lockstep release infra + cascade/.archive fixes + profile perf + page redesign 2026-05-01 20:11:38 -05:00
profileprojects.go feat(zddc-server): user profile page replaces /.admin/ 2026-04-29 16:32:02 -05:00
projecthandler.go refactor(zddc-server): demote routing-shape redirects from 301 to 302 2026-05-10 14:37:02 -05:00
projecthandler_test.go refactor(landing): project landing is now a single-file SPA, not server-rendered 2026-05-10 07:57:30 -05:00
projectshandler.go feat(server): reference Rego, parity test, decision cache, listing ETags 2026-05-04 17:46:24 -05:00
projectshandler_test.go feat(zddc-server): user profile page replaces /.admin/ 2026-04-29 16:32:02 -05:00
reviewinghandler.go chore: retire mdedit tool — markdown editor lives in browse now 2026-05-13 10:34:31 -05:00
reviewinghandler_test.go Round of UX fixes: tool strip removed, MDL routing, browse markdown layout, reviewing depth-2 2026-05-11 12:30:34 -05:00
singleflight.go feat(zddc): MD→{docx,html,pdf} server-side conversion via stock pandoc + chromium containers 2026-05-13 10:33:56 -05:00
static.go Initial commit 2026-04-27 11:05:47 -05:00
subtreezip.go feat(zddc): GET /dir/?zip=1 — stream an ACL-filtered .zip of a subtree 2026-05-12 12:59:17 -05:00
subtreezip_test.go feat(zddc): GET /dir/?zip=1 — stream an ACL-filtered .zip of a subtree 2026-05-12 12:59:17 -05:00
tablehandler.go chore(zddc): remove dead canonical-folder predicates 2026-05-11 16:01:43 -05:00
tablehandler_test.go refactor(tables): in-dir convention + unified table+form HTML bundle 2026-05-09 09:15:26 -05:00
tables.html chore(embedded): cut v0.0.17-beta 2026-05-13 13:48:52 -05:00
tokenhandler.go feat(server): self-issued bearer tokens + --no-auth flag 2026-05-08 07:40:28 -05:00
tokenhandler_test.go feat(server): self-issued bearer tokens + --no-auth flag 2026-05-08 07:40:28 -05:00
zddc_assets.go feat(zddc-server): user profile page replaces /.admin/ 2026-04-29 16:32:02 -05:00
zddceditor.go feat(handler): per-directory <dir>/.zddc.html editor URL 2026-05-07 11:37:36 -05:00
zddcfile.go fix(zddc-server): mdl slash form serves browse; .zddc viewable at every depth 2026-05-11 12:45:16 -05:00
zddcfile_test.go fix(zddc-server): mdl slash form serves browse; .zddc viewable at every depth 2026-05-11 12:45:16 -05:00
zddchandler.go feat(zddc-server): apps section in .zddc editor 2026-05-01 15:25:42 -05:00
zddchandler_test.go chore: retire mdedit tool — markdown editor lives in browse now 2026-05-13 10:34:31 -05:00
ziphandler.go feat(zddc): serve a .zip as a virtual directory (zipfs + dispatch intercept) 2026-05-12 12:17:47 -05:00
ziphandler_test.go feat(zddc): serve a .zip as a virtual directory (zipfs + dispatch intercept) 2026-05-12 12:17:47 -05:00