Scott.Idem/OSIT-AE-App-Svelte
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(badges): allow trusted staff to edit name without enabling edit mode

Browse Source 
Trusted users can already edit title/affiliations in regular mode via the
auth_editable list. Name was locked to trusted+edit_mode only. Staff at the
badge table frequently need to fix a misspelled name mid-queue without
toggling the full edit mode for the whole app.

Added a targeted guard in field_editable(): is_trusted && field === 'name'
passes before the auth_editable list check, so trusted users get the edit
pencil for name in normal mode. Regular authenticated users (attendees)
are unaffected.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Scott Idem
2026-06-09 09:38:48 -04:00
parent 3122725610
commit 868b4017f2
1 changed files with 7 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
src/routes/events/[event_id]/(badges)/badges/[badge_id]/ae_comp__badge_print_controls.svelte
View File

@@ -8,7 +8,8 @@
* Access levels: * Access levels:
* Basic authenticated → can edit professional_title_override, affiliations_override, * Basic authenticated → can edit professional_title_override, affiliations_override,
* location_override only; all fields have font controls. * location_override only; all fields have font controls.
* Trusted / Admin → can edit all fields (same scope as Badge Review page). * Trusted (no edit mode) → can also edit full_name_override without enabling edit mode.
* Trusted / Admin + edit mode → can edit all fields (same scope as Badge Review page).
* *
* Font sizes flow back to the parent via $bindable() props so the badge render * Font sizes flow back to the parent via $bindable() props so the badge render
* (ae_comp__badge_obj_view.svelte) stays in sync without prop-drilling through * (ae_comp__badge_obj_view.svelte) stays in sync without prop-drilling through
@@ -175,12 +176,16 @@ function field_shown(field: string): boolean {
/** /**
* Can the current user edit this field? * Can the current user edit this field?
* - No authenticated_access → never (display only). * - No authenticated_access → never (display only).
* - trusted + edit_mode → always. * - trusted + edit_mode → always (all fields).
* - trusted (no edit_mode) → name always editable; other fields follow auth_editable list.
* - authenticated only → field must be in template's auth_editable list (or defaults). * - authenticated only → field must be in template's auth_editable list (or defaults).
*/ */
function field_editable(field: string): boolean { function field_editable(field: string): boolean {
if (!is_auth) return false; if (!is_auth) return false;
if (is_trusted && is_global_edit_mode) return true; if (is_trusted && is_global_edit_mode) return true;
// Trusted staff can fix a name without enabling full edit mode —
// same visibility as title/affiliations but scoped to trusted only.
if (is_trusted && field === 'name') return true;
const auth_editable = const auth_editable =
template_controls_cfg?.auth_editable ?? DEFAULT_AUTH_EDITABLE; template_controls_cfg?.auth_editable ?? DEFAULT_AUTH_EDITABLE;
return auth_editable.includes(field); return auth_editable.includes(field);