initial: bootstrap from BukidBountyApp base
This commit is contained in:
Jonathan Sykes
59
.claude/plans/e2b7c6e2fbf042840b482563f920724d-complete.md
Normal file
59
.claude/plans/e2b7c6e2fbf042840b482563f920724d-complete.md
Normal file
@@ -0,0 +1,59 @@
|
||||
---
|
||||
task: Fix public marketplace /list-products-market showing 0 products for unauthenticated users — POST /Market/Products/List has auth middleware but the page is public
|
||||
cycles: 3
|
||||
context: true
|
||||
private: false
|
||||
started: 2026-05-16T16:02:42Z
|
||||
finished: 2026-05-16T16:03:15Z
|
||||
---
|
||||
|
||||
## files
|
||||
- routes/web.php [line ~412] — `POST /Market/Products/List` has `'middleware' => 'auth'` but the page is designed to be public
|
||||
- app/Http/Controllers/Market/ProductController.php [lines 561-607] — `listProductsData()` already has guest-safe fallback logic but it's never reached due to auth middleware
|
||||
- app/Http/Controllers/Support/VueRouteMap.php [line ~58] — `/list-products-market` has `loginRequired: false` (correctly public)
|
||||
|
||||
## steps
|
||||
1. In `routes/web.php`, on the `POST /Market/Products/List` route, remove `'middleware' => 'auth'` (or change it to optional auth that attaches user if present but doesn't block guests).
|
||||
- The controller already handles the guest case: `else { $products = Product::where('is_active', true)->get(); }` on line ~605.
|
||||
- With auth middleware removed, `Auth::user()` returns null for guests → `$UltOpsSupOps = false` → falls through to the `else` branch showing all active products. This is the correct behaviour.
|
||||
2. No changes needed to `ProductController::listProductsData()` — it already handles null user correctly.
|
||||
3. Verify: after removing auth middleware, visiting `/list-products-market` without login shows the full active product catalog.
|
||||
|
||||
## context
|
||||
Current state (confirmed by Playwright):
|
||||
- `/list-products-market` loads (loginRequired: false ✓)
|
||||
- Page calls `POST /Market/Products/List` → 401 Unauthenticated (auth middleware blocks guest)
|
||||
- Page shows "0 Products — No products found" for guests even though products exist
|
||||
|
||||
Controller fallback code (line ~602-607) already written for guests:
|
||||
```php
|
||||
if ($targetStore) {
|
||||
$products = $targetStore->products()->where('prd_str.is_active', true)->get();
|
||||
} elseif ($UltOpsSupOps) {
|
||||
$products = Product::select([...])->get();
|
||||
} else {
|
||||
// THIS runs for guests (no store, no big-3 role) — but currently unreachable due to auth middleware
|
||||
$products = Product::where('is_active', true)->get();
|
||||
}
|
||||
```
|
||||
|
||||
Route fix (web.php):
|
||||
```php
|
||||
// BEFORE (blocks guests):
|
||||
Route::post('/Market/Products/List', [
|
||||
'as' => 'products.list.data',
|
||||
'uses' => ProductController::class . '@listProductsData',
|
||||
'middleware' => 'auth',
|
||||
]);
|
||||
|
||||
// AFTER (allows guests):
|
||||
Route::post('/Market/Products/List', [
|
||||
'as' => 'products.list.data',
|
||||
'uses' => ProductController::class . '@listProductsData',
|
||||
]);
|
||||
```
|
||||
|
||||
## notes
|
||||
- dictionary: ai-docs/dictionary.md (products table = `prd_items`, product-store pivot = `prd_str`)
|
||||
- linters: none
|
||||
- constraints: The controller's `Auth::user()` returns null gracefully for guests in Hypervel — no additional null checks needed.
|
||||
Reference in New Issue
Block a user