Skip to content

Commit 2adc7c4

Browse files
committed
Finish dev runtime isolation and remove remaining fallback paths - PR_26157_019-dev-runtime-final-isolation-fix
1 parent 48df24c commit 2adc7c4

36 files changed

Lines changed: 1061 additions & 707 deletions

admin/db-viewer.js

Lines changed: 34 additions & 477 deletions
Large diffs are not rendered by default.
Lines changed: 11 additions & 117 deletions
Original file line numberDiff line numberDiff line change
@@ -1,124 +1,18 @@
1-
import {
2-
getMockDbSessionMode,
3-
getMockDbSessionModes,
4-
getMockDbSessionUser,
5-
getMockDbSessionUsers,
6-
getStandaloneMockDbTables,
7-
setMockDbSessionMode,
8-
setMockDbSessionUser,
9-
} from "../../../src/engine/persistence/mock-db-store.js";
10-
11-
const modeButtons = Array.from(document.querySelectorAll("[data-login-mode]"));
12-
const modeTitle = document.querySelector("[data-login-mode-title]");
13-
const modeDescription = document.querySelector("[data-login-mode-description]");
14-
const modeStatus = document.querySelector("[data-login-mode-status]");
15-
const userControls = document.querySelector("[data-login-user-controls]");
16-
const userStatus = document.querySelector("[data-login-user-status]");
17-
const continueLink = document.querySelector("[data-login-continue]");
18-
19-
function currentReturnTo() {
20-
const params = new URLSearchParams(window.location.search);
21-
const value = params.get("returnTo") || "";
22-
if (!value || value.startsWith("/") || value.includes("://") || value.includes("..")) {
23-
return "toolbox/index.html";
24-
}
25-
return value;
26-
}
27-
28-
function modeById(modeId) {
29-
return getMockDbSessionModes().find((mode) => mode.id === modeId) || getMockDbSessionMode();
30-
}
31-
32-
function updateContinueLink() {
33-
if (continueLink) {
34-
continueLink.href = currentReturnTo();
35-
}
36-
}
37-
38-
function setSelectedButton(button, selected) {
39-
button.classList.toggle("primary", selected);
40-
button.setAttribute("aria-pressed", String(selected));
41-
if (selected) {
42-
button.setAttribute("aria-current", "true");
43-
} else {
44-
button.removeAttribute("aria-current");
45-
}
1+
function devRuntimeAllowed() {
2+
const host = window.location.hostname;
3+
return window.GameFoundryDevRuntime?.enabled === true ||
4+
window.location.protocol === "file:" ||
5+
host === "localhost" ||
6+
host === "127.0.0.1";
467
}
478

48-
function renderModeButtons(mode) {
49-
modeButtons.forEach((button) => {
50-
setSelectedButton(button, button.dataset.loginMode === mode.id);
51-
});
52-
}
53-
54-
function renderUserButtons(mode) {
55-
if (!userControls) {
56-
return;
57-
}
58-
59-
userControls.replaceChildren();
60-
if (mode.id === "dev") {
61-
userControls.hidden = true;
62-
if (userStatus) {
63-
userStatus.textContent = "DEV mode uses read-only/demo JSON access. No users are selectable.";
64-
}
9+
async function loadLocalLoginSession() {
10+
if (!devRuntimeAllowed()) {
6511
return;
6612
}
67-
68-
getStandaloneMockDbTables();
69-
userControls.hidden = false;
70-
const sessionUser = getMockDbSessionUser();
71-
getMockDbSessionUsers().forEach((user) => {
72-
const button = document.createElement("button");
73-
button.className = "btn btn--compact";
74-
button.type = "button";
75-
button.textContent = user.label;
76-
button.dataset.loginUser = user.userKey || "";
77-
setSelectedButton(button, (user.userKey || "") === (sessionUser.userKey || ""));
78-
userControls.append(button);
79-
});
80-
if (userStatus) {
81-
userStatus.textContent = sessionUser.userKey
82-
? `Selected local user: ${sessionUser.label}.`
83-
: "Guest is unauthenticated and is not stored in the users table.";
84-
}
85-
}
86-
87-
function render() {
88-
const mode = getMockDbSessionMode();
89-
renderModeButtons(mode);
90-
if (modeTitle) {
91-
modeTitle.textContent = mode.label;
92-
}
93-
if (modeDescription) {
94-
modeDescription.textContent = mode.description;
95-
}
96-
if (modeStatus) {
97-
modeStatus.textContent = `${mode.label} mode selected.`;
98-
}
99-
renderUserButtons(mode);
100-
updateContinueLink();
13+
await import("../../../src/dev-runtime/auth/login-session.js");
10114
}
10215

103-
modeButtons.forEach((button) => {
104-
button.addEventListener("click", () => {
105-
const mode = setMockDbSessionMode(button.dataset.loginMode || "local");
106-
if (mode.id === "local") {
107-
getStandaloneMockDbTables();
108-
}
109-
render();
110-
});
16+
loadLocalLoginSession().catch((error) => {
17+
console.error("Unable to load Local login session.", error);
11118
});
112-
113-
userControls?.addEventListener("click", (event) => {
114-
const button = event.target.closest("[data-login-user]");
115-
if (!button) {
116-
return;
117-
}
118-
setMockDbSessionMode("local");
119-
getStandaloneMockDbTables();
120-
setMockDbSessionUser(button.dataset.loginUser || "");
121-
render();
122-
});
123-
124-
render();

docs_build/dev/reports/coverage_changed_js_guardrail.txt

Lines changed: 6 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -6,11 +6,12 @@ Missing changed runtime JS files are WARN, not FAIL.
66
Source: Playwright/Chromium built-in V8 coverage from the active Playwright run.
77

88
Changed runtime JS files considered:
9-
(70%) toolbox/colors/palette-workspace-repository.js - executed lines 1316/1316; executed functions 89/127
10-
(81%) toolbox/assets/assets-mock-repository.js - executed lines 919/919; executed functions 61/75
11-
(95%) src/dev-runtime/persistence/mock-db-store.js - executed lines 682/682; executed functions 77/81
12-
(98%) toolbox/project-journey/project-journey.js - executed lines 991/991; executed functions 105/107
13-
(100%) src/engine/persistence/mock-db-store.js - executed lines 1/1; executed functions 1/1
9+
(64%) src/engine/persistence/mock-db-store.js - executed lines 36/36; executed functions 7/11
10+
(70%) toolbox/colors/palette-workspace-repository.js - executed lines 1361/1361; executed functions 92/132
11+
(82%) toolbox/assets/assets-mock-repository.js - executed lines 943/943; executed functions 63/77
12+
(95%) src/dev-runtime/admin/db-viewer.js - executed lines 478/478; executed functions 86/91
13+
(95%) src/dev-runtime/persistence/mock-db-store.js - executed lines 727/727; executed functions 78/82
14+
(100%) src/dev-runtime/auth/login-session.js - executed lines 107/107; executed functions 12/12
1415

1516
Guardrail warnings:
1617
(100%) none - no changed runtime JS coverage warnings

docs_build/dev/reports/dependency_gating_report.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
# Dependency Gating Report
22

3-
Generated: 2026-06-07T04:35:29.033Z
3+
Generated: 2026-06-07T05:10:39.389Z
44
Status: PASS
55

66
## Gate Order

docs_build/dev/reports/dependency_hydration_reuse_report.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
# Dependency Hydration Reuse Report
22

3-
Generated: 2026-06-07T04:35:29.034Z
3+
Generated: 2026-06-07T05:10:39.389Z
44
Status: PASS
55

66
## Summary
Lines changed: 72 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,72 @@
1+
# PR_26157_019 Dev Runtime Final Isolation Fix Report
2+
3+
## Summary
4+
5+
Status: PASS
6+
7+
This PR finishes the PR_26157_018 dev-runtime boundary by moving the remaining DB Viewer and login/session mock implementations under `src/dev-runtime/`, replacing the direct engine re-export with a named adapter facade, and making audit-user fallback fail visibly outside controlled seed initialization.
8+
9+
Full samples smoke: SKIP. The scope is auth/login, DB Viewer, shared mock DB, import/static validation, and Project Journey regression coverage; samples were not changed.
10+
11+
## Requirement Checklist
12+
13+
| Requirement | Status | Evidence |
14+
| --- | --- | --- |
15+
| Read `docs_build/dev/PROJECT_INSTRUCTIONS.md` first | PASS | Read before implementation. |
16+
| Use PR_26157_018 delta as context | PASS | Continued from existing `src/dev-runtime/` structure and PR018 auth/mock DB files. |
17+
| Fix remaining PR_26157_018 issues before packaging | PASS | Dev-only DB Viewer/login moved, engine direct re-export removed, fallback audit behavior hardened. |
18+
| Include 100% requested-work checklist | PASS | This table maps every requested item. |
19+
| Keep `admin/db-viewer.html` as route/page shell | PASS | HTML unchanged; JS route file is gateway only. |
20+
| Move DB Viewer implementation out of `admin/db-viewer.js` | PASS | Implementation now in `src/dev-runtime/admin/db-viewer.js`; `admin/db-viewer.js` only gates and dynamically loads. |
21+
| `admin/db-viewer.js` has no DB business/render/clear/seed logic | PASS | Gateway only checks dev runtime/local mode and calls `startDevRuntimeDbViewer`. |
22+
| DB Viewer remains Local-only and admin-only | PASS | Local-mode gate in `admin/db-viewer.js`; admin role protection validated by `LoginSessionMode.spec.mjs` and `AdminDbViewer.spec.mjs`. |
23+
| DEV/UAT/PROD do not expose DB Viewer implementation | PASS | Gateway imports dev-runtime only on file/localhost or explicit `GameFoundryDevRuntime.enabled`; DEV mode shows Local-only status instead of loading viewer. |
24+
| Keep `login.html` as route/page shell | PASS | HTML unchanged; public login JS is gateway only. |
25+
| Move mock login/session selector out of `assets/theme-v2/js/login-session.js` | PASS | Implementation now in `src/dev-runtime/auth/login-session.js`; asset JS only gates and dynamically imports local dev runtime. |
26+
| Public login gateway has no mock users/Local selector/fallback behavior | PASS | `assets/theme-v2/js/login-session.js` contains only dev-runtime gate and dynamic import. |
27+
| Login still works in Local mode | PASS | `LoginSessionMode.spec.mjs` passed 5/5 in final combined run. |
28+
| UAT/PROD must not import Local mock login implementation | PASS | Gateway refuses dev-runtime import outside file/localhost unless explicitly enabled. |
29+
| Replace direct engine dev-runtime re-export | PASS | `src/engine/persistence/mock-db-store.js` is no longer `export *`; it is a named adapter facade with `configureMockDbRuntimeAdapter`. |
30+
| Active tools import stable engine contract paths only | PASS | Boundary scan: `rg ... toolbox` returned no `src/dev-runtime` imports. |
31+
| UAT/PROD can swap gateway to server/API adapter without tool-code changes | PASS | Engine facade exposes `configureMockDbRuntimeAdapter(adapter)` while tools keep importing `src/engine/persistence/mock-db-store.js`. |
32+
| Gateway does not expose dev seed/clear/session-selector APIs | PASS | Engine facade no longer exports seed/clear/all-snapshot/session-mode/session-selector helpers. |
33+
| Review and remove silent `normalizeUserKey(value, fallbackUserKey)` behavior | PASS | Signature changed; invalid audit users now throw unless `allowSeedAuditFallback` is explicitly set. |
34+
| Invalid audit users fail visibly or produce diagnostics outside seed creation | PASS | `AdminDbViewer.spec.mjs` verifies DB Viewer visible error; unit assertion verifies invalid audit user throws. |
35+
| Seed fallback, if present, is isolated under `src/dev-runtime/` | PASS | Seed-only fallback lives in `src/dev-runtime/persistence/mock-db-store.js`. |
36+
| Seed fallback emits diagnostic and never runs for normal writes | PASS | Controlled seed fallback emits diagnostics; normal `saveMockDbTables` path is strict. |
37+
| No fallback admin/user/forge-bot/static auth map | PASS | Scans found no `localSessionUsers`, legacy audit map, role query fallback, accountType/isSystemUser, or actor code. |
38+
| Verify `admin/db-viewer.js` shell/loader only | PASS | Syntax and diff review; file only contains runtime/local gate and dynamic import. |
39+
| Verify DB Viewer implementation under `src/dev-runtime/admin/` | PASS | `src/dev-runtime/admin/db-viewer.js`. |
40+
| Verify `assets/theme-v2/js/login-session.js` shell/gateway only | PASS | Syntax and diff review; file only contains runtime gate and dynamic import. |
41+
| Verify mock login implementation under `src/dev-runtime/auth/` | PASS | `src/dev-runtime/auth/login-session.js`. |
42+
| Verify engine file is not direct dev-runtime re-export | PASS | Static scan found no `export * from .*dev-runtime`. |
43+
| Verify no active tool imports `src/dev-runtime` directly | PASS | `rg ... toolbox` returned no matches. |
44+
| Verify no fallback auth/user/session remains | PASS | Removed-field/fallback scan returned no matches. |
45+
| Verify invalid audit users fail visibly outside controlled seed creation | PASS | New Admin DB Viewer visible diagnostic test passed. |
46+
| Verify Local login still works | PASS | `LoginSessionMode.spec.mjs` final combined run. |
47+
| Verify DB Viewer Local-only/admin-only | PASS | `AdminDbViewer.spec.mjs` and `LoginSessionMode.spec.mjs` final combined run. |
48+
| Verify DEV cannot access DB Viewer | PASS | Login/session lane verifies DEV mode and protected page behavior; gateway blocks non-Local mode. |
49+
| Verify Guest unauthenticated and not stored in users | PASS | `LoginSessionMode.spec.mjs` and `ProjectJourneyTool.spec.mjs` final combined run. |
50+
| Run changed-file/static validation | PASS | `npm run test:playwright:static` PASS and `git diff --check` PASS. |
51+
| Do not run full samples smoke | PASS | Samples smoke skipped intentionally; no sample scope. |
52+
53+
## Validation
54+
55+
| Lane | Command | Result |
56+
| --- | --- | --- |
57+
| Auth/header/login lane | `npx playwright test tests/playwright/tools/LoginSessionMode.spec.mjs tests/playwright/tools/AdminDbViewer.spec.mjs tests/playwright/tools/ProjectJourneyTool.spec.mjs --project=playwright --reporter=list --workers=1` | PASS, 23/23 |
58+
| DB Viewer lane | Same final combined command; DB Viewer tests 5/5 | PASS |
59+
| Shared mock DB lane | Same final combined command; live persistence, DB-shaped Palette/Asset rows, invalid audit behavior covered | PASS |
60+
| Project Journey lane | Same final combined command; Project Journey tests 13/13 | PASS |
61+
| Import/static validation lane | `npm run test:playwright:static`; `git diff --check`; boundary `rg` scans | PASS |
62+
| Runtime JS syntax | `node --check` on changed runtime/test modules | PASS |
63+
64+
Seed-only diagnostic note: final Playwright output intentionally included seed diagnostics for Palette source seed rows and the invalid-audit test seed. These are controlled `src/dev-runtime/` seed-initialization diagnostics, not normal write fallbacks.
65+
66+
## Artifacts
67+
68+
- `docs_build/dev/reports/dev-runtime-final-isolation-fix-report.md`
69+
- `docs_build/dev/reports/testing_lane_execution_report.md`
70+
- `docs_build/dev/reports/playwright_v8_coverage_report.txt`
71+
- `docs_build/dev/reports/codex_review.diff`
72+
- `docs_build/dev/reports/codex_changed_files.txt`

docs_build/dev/reports/execution_graph_reuse_report.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
# Execution Graph Reuse Report
22

3-
Generated: 2026-06-07T04:35:29.034Z
3+
Generated: 2026-06-07T05:10:39.389Z
44
Status: PASS
55

66
## Summary

docs_build/dev/reports/failure_fingerprint_report.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
# Failure Fingerprint Report
22

3-
Generated: 2026-06-07T04:35:29.034Z
3+
Generated: 2026-06-07T05:10:39.389Z
44
Status: PASS
55

66
## Summary

docs_build/dev/reports/incremental_validation_report.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
# Incremental Validation Report
22

3-
Generated: 2026-06-07T04:35:29.034Z
3+
Generated: 2026-06-07T05:10:39.390Z
44
Status: PASS
55

66
## Reuse Summary

docs_build/dev/reports/lane_compilation_report.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
# Lane Compilation Report
22

3-
Generated: 2026-06-07T04:35:29.033Z
3+
Generated: 2026-06-07T05:10:39.389Z
44
Status: PASS
55

66
## Lane Graph

0 commit comments

Comments
 (0)