pop
/
vibed
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
main
quotesdb
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'ab76d35bd5'
${ noResults }
vibed/quotesdb/.nbd/tickets/8a7fba.md

1.3 KiB
Raw Blame History

+++ title = "quotesdb/api: hidden flag for quotes (schema migration + endpoints)" priority = 5 status = "todo" ticket_type = "feature" dependencies = [] +++

Summary

Add a boolean hidden flag to quotes. Hidden quotes are excluded from listing endpoints and require direct URL access. Changing a quote from hidden to public requires the auth code.

Schema Migration

Add column to quotes table:

ALTER TABLE quotes ADD COLUMN hidden INTEGER NOT NULL DEFAULT 0;

API Changes

  • GET /api/quotes — filter out hidden=1 quotes by default
  • GET /api/quotes/random — exclude hidden quotes
  • GET /api/quotes/:id — return hidden quotes (direct access allowed)
  • PUT /api/quotes — new quotes default to hidden=0 (not hidden)
  • POST /api/quotes/:id — allow toggling hidden field; requires X-Auth-Code header
    • Changing hidden=1 → hidden=0 (unhide) requires valid auth code
    • Changing hidden=0 → hidden=1 (hide) also requires valid auth code
  • The quote response body should include the hidden field

Acceptance Criteria

  • Schema migration applied
  • Listing endpoints exclude hidden quotes
  • Direct quote access (/api/quotes/:id) works for hidden quotes
  • Toggle hidden requires valid X-Auth-Code (403 on mismatch)
  • All existing tests pass

Validation

cargo fmt && cargo check && cargo clippy && cargo test