fix(gate): typed search response + correct PIN-throttle doc#1068
Merged
Conversation
Addresses two review findings on the Gate admissions PRs (#1066, promoted in nobodies-collective#903): - /Gate/Search returned anonymous objects, violating memory/code/search-endpoint-response-shape.md. Return the existing typed HumanLookupSearchResult record — the same shape /api/profiles/search already feeds this picker (Detail omitted; the kiosk search is name-only). - GatePinThrottle's class summary still described the removed dual-key (user-id + device/IP) contract. Updated to the current per-target-user-only design and the reason the device key was dropped (shared reverse-proxy IP → gate-wide DoS lockout). GateControllerClaimTests.Search now asserts the typed result directly instead of re-serializing with default (PascalCase) options that don't match the MVC pipeline. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
|
Reviewed commit a38fc4e — no issues found. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Follow-up to the Gate admissions feature (#1066), addressing two valid automated-review findings raised on the production promotion PR nobodies-collective#903.
Fixes
/Gate/Searchreturned anonymous objects → violatesmemory/code/search-endpoint-response-shape.md("search JSON endpoints use stable typed records; reuse shared models across endpoints feeding the same client"). Now returns the existingHumanLookupSearchResultrecord — the exact shape/api/profiles/searchalready feeds thehuman-searchpicker (Detail omitted; the kiosk search is name-only).GatePinThrottlesummary was stale → it still described the removed dual-key (user-id + device/IP) throttle. Updated to the current per-target-user-only contract and the reason the device key was dropped (shared reverse-proxy IP would freeze the whole terminal — gate-wide DoS).Not changed (deliberately)
gate_scan_events— is a pre-existing design judgment (record-decisions vs record-every-scan) and is being tracked as a design question, not bundled here.Verification
dotnet buildclean;dotnet format --verify-no-changesclean.GateControllerClaimTestsgreen (the search test now asserts the typed result directly).🤖 Generated with Claude Code