You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
37 lines
1.3 KiB
Markdown
37 lines
1.3 KiB
Markdown
+++
|
|
title = "quotesdb/api: hidden flag for quotes (schema migration + endpoints)"
|
|
priority = 5
|
|
status = "todo"
|
|
ticket_type = "feature"
|
|
dependencies = []
|
|
+++
|
|
## Summary
|
|
Add a boolean hidden flag to quotes. Hidden quotes are excluded from listing endpoints and require direct URL access. Changing a quote from hidden to public requires the auth code.
|
|
|
|
## Schema Migration
|
|
Add column to quotes table:
|
|
```sql
|
|
ALTER TABLE quotes ADD COLUMN hidden INTEGER NOT NULL DEFAULT 0;
|
|
```
|
|
|
|
## API Changes
|
|
- GET /api/quotes — filter out hidden=1 quotes by default
|
|
- GET /api/quotes/random — exclude hidden quotes
|
|
- GET /api/quotes/:id — return hidden quotes (direct access allowed)
|
|
- PUT /api/quotes — new quotes default to hidden=0 (not hidden)
|
|
- POST /api/quotes/:id — allow toggling hidden field; requires X-Auth-Code header
|
|
- Changing hidden=1 → hidden=0 (unhide) requires valid auth code
|
|
- Changing hidden=0 → hidden=1 (hide) also requires valid auth code
|
|
- The quote response body should include the hidden field
|
|
|
|
## Acceptance Criteria
|
|
- [ ] Schema migration applied
|
|
- [ ] Listing endpoints exclude hidden quotes
|
|
- [ ] Direct quote access (/api/quotes/:id) works for hidden quotes
|
|
- [ ] Toggle hidden requires valid X-Auth-Code (403 on mismatch)
|
|
- [ ] All existing tests pass
|
|
|
|
## Validation
|
|
```sh
|
|
cargo fmt && cargo check && cargo clippy && cargo test
|
|
``` |