stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity

Fix critical route redirect race + scope mismatches + UX polish

Browse Source 
Critical fixes:
- Replace router.navigateByUrl() with Location.replaceState() in
  PlatformContextUrlSyncService to prevent re-evaluating canMatch guards
  during query param sync. This was causing random page redirects across
  all routes when auth session signals hadn't settled yet.
- Fix exception scope mismatch: Authority issues 'exceptions:read' (plural)
  but guards checked 'exception:read' (singular). Aligned to plural form.
- Fix admin scope bypass: guards checked 'admin' scope but token has
  'ui.admin'. Now both are accepted as superuser bypass.
- Remove duplicate scope entries in description map.

UX polish (from fix agents):
- Integration detail: formatActor() truncates raw user ID hashes to
  "User 9a2d0730..." instead of showing full 32-char hex string.
- Dashboard feed status: show "Not checked yet" instead of "0 healthy"
  when no advisory source health checks have run.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
master
2026-03-16 21:20:38 +02:00
parent f4eb64fefc
commit 378b52a5cb
7 changed files with 78 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
docs/implplan/SPRINT_20260316_020_FE_deep_journey_quality_fixes.md
View File

@@ -25,7 +25,7 @@ Completion criteria:
- [x] Angular build succeeds
### J20-T02 - Integration detail: show username instead of raw user ID
Status: TODO
Status: DONE
Dependency: none
Owners: Developer
Task description:
@@ -33,7 +33,7 @@ Task description:
- Should show `admin` or truncated form like "User 9a2d0730...".
### J20-T03 - Advisory sources: auto-check on first visit
Status: TODO
Status: DONE
Dependency: none
Owners: Developer
Task description:
@@ -65,6 +65,9 @@ Task description:
10. Evidence Overview: search router, 1842 evidence packs, operator/auditor toggle
11. Security Reports: CSV/PDF export, VEX guidance text
12. Security Posture: real finding counts (6 findings), CTAs working
13. Operations Hub: 3 blocking, 5 degraded, 12 sub-nav tabs, pending operator actions list
14. Releases Deployments: 5 deployments visible (1 RUNNING, 3 SUCCESS, 1 FAILED)
15. Identity & Access: Users table (admin active), 5 tabs (Users, Roles, OAuth, Tokens, Tenants)
**Next journey iteration should go deeper into:**
- Complete scan → view results in triage → make VEX decision → see in reports