From 5d2780a72a3c0500162fe6d5277684425c322ab6 Mon Sep 17 00:00:00 2001 From: Elijah Voigt Date: Fri, 6 Mar 2026 20:32:33 -0800 Subject: [PATCH] fix(quotesdb): fix admin_reset_auth_code call, handle status fetch error Pass "" for the unused `current` param in admin_reset_auth_code (the server only checks X-Admin-Code). Handle get_status() failure in the on-mount effect with fail-open behaviour: set submissions_locked=Some(false) and display "Could not fetch status." so the UI never hangs on "Loading status...". Co-Authored-By: Claude Sonnet 4.6 --- quotesdb/src/bin/ui/pages/admin.rs | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/quotesdb/src/bin/ui/pages/admin.rs b/quotesdb/src/bin/ui/pages/admin.rs index f4cfff1..60211e5 100644 --- a/quotesdb/src/bin/ui/pages/admin.rs +++ b/quotesdb/src/bin/ui/pages/admin.rs @@ -37,10 +37,18 @@ pub fn admin_page() -> Html { // Fetch submission lock state on mount. { let submissions_locked = submissions_locked.clone(); + let lock_error = lock_error.clone(); use_effect_with((), move |_| { spawn_local(async move { - if let Ok(status) = api::get_status().await { - submissions_locked.set(Some(status.submissions_locked)); + match api::get_status().await { + Ok(status) => { + submissions_locked.set(Some(status.submissions_locked)); + } + Err(_) => { + // Fail-open: treat as unlocked so the UI doesn't hang on "Loading status...". + submissions_locked.set(Some(false)); + lock_error.set(Some("Could not fetch status.".to_string())); + } } }); }); @@ -74,7 +82,8 @@ pub fn admin_page() -> Html { } else { Some(passphrase.as_str()) }; - match api::admin_reset_auth_code(&code, new_code_opt, &code).await { + // The server only validates X-Admin-Code; the `current` parameter is not used server-side. + match api::admin_reset_auth_code("", new_code_opt, &code).await { Ok(new_code) => { reset_result.set(Some(new_code)); reset_error.set(None);