curo/kite
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
b2488c91c8b57448256082405162c34ac4e059a6
kite/.planning/phases/06.2-close-v1-sharing-cloud-delete-csv-export-gaps/06.2-DISCUSSION-LOG.md
T
curo1305 7be48266ae docs(06.2): capture phase context + fix admin user creation 500 
- Phase 6.2 CONTEXT.md: cloud-delete propagation, SHARE-03/05, audit
  log CSV export fix, daily export UI, user handle display
- Fix: admin create_user missing session.flush() before write_audit_log
  caused FK violation on PostgreSQL (silent on SQLite)
- Regression test: test_create_user_writes_audit_log in test_admin_api.py

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-05-31 11:00:45 +02:00

61 lines
2.7 KiB
Markdown
Raw Blame History

# Phase 6.2 Discussion Log
**Date:** 2026-05-31
**Areas discussed:** Cloud-delete propagation, Sharing gaps scope, CSV export gap
---
## Area 1: Cloud-delete propagation
**Q:** Should delete propagate to the cloud provider?
**A:** Yes, default delete deletes from provider. A separate "Remove from app" action keeps the cloud file.
**Q:** How should the two delete actions be surfaced?
**A:** Default delete button = delete from provider. New "Remove download" button = removes app record only.
**Q:** If cloud provider delete fails, what should happen?
**A:** Warn the user with a modal. Let them decide whether to remove from app anyway.
**Q:** Should cloud docs decrement MinIO quota on delete?
**A:** No, cloud docs don't touch MinIO quota. But user noted future desire for quota tracking if cloud docs are cached locally — deferred.
---
## Area 2: Sharing gaps scope
**Context discovered:** Admin user creation was returning HTTP 500. Root cause: `write_audit_log` flushed the AuditLog INSERT before the new User was in the DB, causing FK violation on PostgreSQL (silent on SQLite). Fixed by adding `await session.flush()` before `write_audit_log` in `admin.py:create_user`. Regression test added.
**User context:** Could not test sharing manually because admin create-user was broken.
**Q:** What share behaviors should Phase 6.2 address?
**A:** Both the `is_shared` badge fix (SHARE-05) and permission level control (SHARE-03).
**Q:** Should permission be set at share time or editable after?
**A:** Both — dropdown in ShareModal at creation AND View/Edit toggle per share row after creation (requires new PATCH endpoint).
---
## Area 3: CSV export gap
**User reported issues:**
1. Export button redirects to URL → 401 "Not authenticated" (access token is in Pinia memory, not sent on browser navigation)
2. Applying filters shows nothing (user_id filter accepts any text; backend expects UUID; 422 silently swallowed)
3. Daily exports not accessible from UI (they go to MinIO audit-logs bucket)
4. Audit log shows raw UUIDs instead of user handles
**Q:** How should admins filter by user?
**A:** Admin sees users in the Users tab with handles. Audit log should show handles, not UUIDs. Filter by handle (backend resolves to UUID).
**Q:** Daily export UI?
**A:** Add a searchable dropdown in the audit tab to select which daily export to download, plus a download button.
---
## Deferred Ideas
- Persistent Celery local cache in MinIO for cloud docs with quota tracking — requires architectural changes; future phase.
---
*Claude's discretion items: exact API shape for "remove from app" endpoint; PATCH /api/shares/{id} body shape; cloud delete error response format; MinIO list_objects pagination.*
Reference in New Issue View Git Blame Copy Permalink