fix(qa): resolve UI bugs from #216 and #218

Public sharing (#218):
- Bind public-share content to the requested shareId. getSharedPage now
  enforces dto.shareId (forwarded from /share/:shareId/p/:slug): the page must
  be reachable THROUGH that exact share (its own share, or an includeSubPages
  ancestor that contains it). A forged/mismatched shareId 404s instead of
  rendering off the slug alone and no longer leaks the real canonical key via
  redirect. A request with no shareId keeps the legacy slug-capability path.
- Trim /shares/page-info: drop internal metadata (creatorId, spaceId,
  workspaceId, contributorIds, lastUpdated*, parent/position, lock/template
  flags, timestamps) from the anonymous payload.
- Default share-to-web includeSubPages to false (opt-in), so enabling a share
  no longer silently exposes the whole sub-tree (#216).

Editor (#218):
- Harden the new-page pre-sync window: the body editor is kept read-only until
  the collab provider is Connected and synced, so early keystrokes can't land
  only in local ProseMirror and then be clobbered by the server's empty doc.
- Surface a "Connecting… (read-only)" affordance during the static phase so
  input isn't silently swallowed.

Other:
- Breadcrumb: resolve from the page's own ancestor data (/pages/breadcrumbs)
  instead of waiting for the lazily-built sidebar tree, so deep pages don't
  render a blank breadcrumb for seconds.
- Pasting GitHub `> [!type]` callouts now converts to a callout node instead of
  a literal blockquote (new marked extension wired into markdownToHtml).

Tests: editor-sync-state gate (client), getSharedPage share-binding (server),
github-callout markdown conversion (editor-ext).

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
claude code agent 227
2026-06-27 05:54:06 +03:00
parent 904f7b4303
commit 22852be2e2
13 changed files with 540 additions and 27 deletions
+23 -1
View File
@@ -93,8 +93,30 @@ export class ShareController {
? await this.aiSettings.resolvePublicShareAssistantName(workspace.id)
: null;
// Trim the public payload to what the anonymous renderer actually needs
// (#218). Internal metadata — creatorId/lastUpdatedById/contributorIds,
// spaceId/workspaceId, AI/source bookkeeping, lock/template flags,
// parent/position, raw timestamps — must not leak to anonymous viewers.
const { page, share } = shareData;
const publicPage = {
id: page.id,
slugId: page.slugId,
title: page.title,
icon: page.icon,
content: page.content,
};
const publicShare = {
id: share.id,
key: share.key,
includeSubPages: share.includeSubPages,
searchIndexing: share.searchIndexing,
level: share.level,
sharedPage: share.sharedPage,
};
return {
...shareData,
page: publicPage,
share: publicShare,
aiAssistant,
aiAssistantName,
features: this.licenseCheckService.resolveFeatures(