You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
* fix(permissions): authenticated fetch + authenticated-only fail-closed FLS (framework#2926 ④)
/me/permissions was fetched with the cookie-only global fetch, so a token-only
session (localStorage, no better-auth cookie) resolved as anonymous and FLS
rendering fell open — restricted fields rendered editable and user input was
silently stripped by the data layer. MePermissionsProvider now accepts a
fetcher and the console injects createAuthenticatedFetch() (root cause), and
the unknown-object default is authentication-gated: authenticated sessions
fail closed on unconfigured objects, anonymous sessions keep the permissive
default so guest/public forms keep working.
Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_017bJWtKmZ2mFpRFAmmmoeqe
* fix(fields): honor display_field in LookupCellRenderer (framework#2926 ⑧)
ObjectGrid forwards display_field on the column meta, but the read cell
ignored it and always ran the hardcoded name-first heuristics — lookup
columns showed the raw API name instead of the configured display/label
field. Thread the preferred field through every render path and the
useLookupName fetch, keying the name cache by display field so two columns
over the same record never serve each other's cached name.
Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_017bJWtKmZ2mFpRFAmmmoeqe
---------
Co-authored-by: Claude <noreply@anthropic.com>
fix(fields): LookupCellRenderer honors the target object's configured `display_field` (framework#2926 ⑧). ObjectGrid already forwarded `display_field` on the column meta, but the read cell ignored it and always ran the hardcoded heuristics (`name` first), so lookup columns showed the raw API name instead of the configured display/label field. The preferred field now threads through every render path (expanded objects, arrays, JSON strings, and the on-demand `useLookupName` fetch, whose cache key includes the display field to prevent cross-column stale names).
fix(permissions): close the console FLS fail-open for token-only sessions (framework#2926 ④). Two halves: `MePermissionsProvider` gains a `fetcher` prop and the console passes `createAuthenticatedFetch()` so `/me/permissions` carries the Bearer token like every other data call (the cookie-only default fetch resolved token-only sessions as anonymous); and the unknown-object default is now authentication-gated — authenticated sessions fail CLOSED when an object has no resolved perms (fields render read-only instead of inviting input the data layer strips), while anonymous sessions keep the permissive default so guest/public forms keep working. Pairing note: with an older framework whose `/me/permissions` returns sparse objects for authenticated users, unconfigured objects now render read-only.
0 commit comments