curo/kite
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
kite/.planning/phases/06.2-close-v1-sharing-cloud-delete-csv-export-gaps/06.2-DISCUSSION-LOG.md
T
curo1305 7be48266ae docs(06.2): capture phase context + fix admin user creation 500 
- Phase 6.2 CONTEXT.md: cloud-delete propagation, SHARE-03/05, audit
  log CSV export fix, daily export UI, user handle display
- Fix: admin create_user missing session.flush() before write_audit_log
  caused FK violation on PostgreSQL (silent on SQLite)
- Regression test: test_create_user_writes_audit_log in test_admin_api.py

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-05-31 11:00:45 +02:00

2.7 KiB
Raw Permalink Blame History

Phase 6.2 Discussion Log

Date: 2026-05-31 Areas discussed: Cloud-delete propagation, Sharing gaps scope, CSV export gap

Area 1: Cloud-delete propagation

Q: Should delete propagate to the cloud provider? A: Yes, default delete deletes from provider. A separate "Remove from app" action keeps the cloud file.

Q: How should the two delete actions be surfaced? A: Default delete button = delete from provider. New "Remove download" button = removes app record only.

Q: If cloud provider delete fails, what should happen? A: Warn the user with a modal. Let them decide whether to remove from app anyway.

Q: Should cloud docs decrement MinIO quota on delete? A: No, cloud docs don't touch MinIO quota. But user noted future desire for quota tracking if cloud docs are cached locally — deferred.

Area 2: Sharing gaps scope

Context discovered: Admin user creation was returning HTTP 500. Root cause: write_audit_log flushed the AuditLog INSERT before the new User was in the DB, causing FK violation on PostgreSQL (silent on SQLite). Fixed by adding await session.flush() before write_audit_log in admin.py:create_user. Regression test added.

User context: Could not test sharing manually because admin create-user was broken.

Q: What share behaviors should Phase 6.2 address? A: Both the is_shared badge fix (SHARE-05) and permission level control (SHARE-03).

Q: Should permission be set at share time or editable after? A: Both — dropdown in ShareModal at creation AND View/Edit toggle per share row after creation (requires new PATCH endpoint).

Area 3: CSV export gap

User reported issues:

  1. Export button redirects to URL → 401 "Not authenticated" (access token is in Pinia memory, not sent on browser navigation)
  2. Applying filters shows nothing (user_id filter accepts any text; backend expects UUID; 422 silently swallowed)
  3. Daily exports not accessible from UI (they go to MinIO audit-logs bucket)
  4. Audit log shows raw UUIDs instead of user handles

Q: How should admins filter by user? A: Admin sees users in the Users tab with handles. Audit log should show handles, not UUIDs. Filter by handle (backend resolves to UUID).

Q: Daily export UI? A: Add a searchable dropdown in the audit tab to select which daily export to download, plus a download button.

Deferred Ideas

  • Persistent Celery local cache in MinIO for cloud docs with quota tracking — requires architectural changes; future phase.

Claude's discretion items: exact API shape for "remove from app" endpoint; PATCH /api/shares/{id} body shape; cloud delete error response format; MinIO list_objects pagination.

Reference in New Issue View Git Blame Copy Permalink