ZDDC
cb46c2ef8c
Replaces the super-admin-only /.admin/ surface with a public-by-default /.profile/ page that layers admin tools server-side based on the caller's effective access: - Universal (everyone, anonymous included): identity card, effective access summary, theme picker, localStorage utilities (export / import / clear, landing-presets viewer). - Subtree admins additionally see: editable .zddc files list (linking to the existing form-based editor) and a "Create new project folder" form. - Super-admins additionally see: server config, log viewer, whoami headers (the old /.admin/ JSON endpoints, repointed under /.profile/). Project creation is gated on CanEditZddc(newDir) — the same strict- ancestor rule that already governs .zddc writes — so no new authority concept is introduced. ValidateProjectName mirrors the existing reserved-prefix policy (no leading '.' or '_', no path separators). /.admin/* is hard-cut: no redirect shim. Old URLs fall through to the existing dot-prefix guard and 404. Custom CSS file rename: prefer <root>/.profile.css, fall back to legacy <root>/.admin.css. Per-resource 404 leakage gates preserved on whoami / config / logs / zddc / projects so non-admin callers cannot detect the existence of admin-only sub-resources. Tree-wide gofmt -w applied as a side-effect. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> |
||
|---|---|---|
| .. | ||
| archivehandler.go | ||
| archivehandler_test.go | ||
| cors.go | ||
| cors_test.go | ||
| directory.go | ||
| logring.go | ||
| logring_test.go | ||
| middleware.go | ||
| profilehandler.go | ||
| profilehandler_test.go | ||
| profilepage.go | ||
| profileprojects.go | ||
| projectshandler.go | ||
| projectshandler_test.go | ||
| static.go | ||
| zddc_assets.go | ||
| zddceditor.go | ||
| zddchandler.go | ||
| zddchandler_test.go | ||