From 7b20694a311c7107cf3e31702b4825cb61c81915 Mon Sep 17 00:00:00 2001 From: Daniel Harvey Date: Mon, 18 May 2026 15:43:00 -0400 Subject: [PATCH] Fix W3-T4 review: log+sanitize catch messages, add validation attrs to CmsTrackUpdateRequest, document T3 delete dependency --- DeepDrftCms/Pages/Tracks/TrackEdit.razor | 9 +++++++-- DeepDrftCms/_Imports.razor | 1 + DeepDrftWeb/Controllers/CmsEditController.cs | 9 +++++---- 3 files changed, 13 insertions(+), 6 deletions(-) diff --git a/DeepDrftCms/Pages/Tracks/TrackEdit.razor b/DeepDrftCms/Pages/Tracks/TrackEdit.razor index 1757f37..72344cc 100644 --- a/DeepDrftCms/Pages/Tracks/TrackEdit.razor +++ b/DeepDrftCms/Pages/Tracks/TrackEdit.razor @@ -1,4 +1,5 @@ @page "/cms/tracks/{Id:int}" +@* InteractiveServer: page injects ITrackService in-process; ITokenService reads localStorage via JS interop over the circuit. *@ @rendermode InteractiveServer @using AuthBlocksWeb.HierarchicalAuthorize @using AuthBlocksWeb.Services @@ -12,6 +13,7 @@ @inject ISnackbar Snackbar @inject IDialogService DialogService @inject NavigationManager Nav +@inject ILogger Logger Edit Track — DeepDrft CMS @@ -154,7 +156,8 @@ } catch (Exception ex) { - Snackbar.Add($"Save failed: {ex.Message}", Severity.Error); + Logger.LogError(ex, "Save failed for track {TrackId}", Id); + Snackbar.Add("Save failed — please try again.", Severity.Error); } finally { @@ -162,6 +165,7 @@ } } + // DELETE api/cms/track/{Id} is handled by CmsDeleteController (T3 branch). private async Task ConfirmDelete() { if (_track is null) return; @@ -194,7 +198,8 @@ } catch (Exception ex) { - Snackbar.Add($"Delete failed: {ex.Message}", Severity.Error); + Logger.LogError(ex, "Delete failed for track {TrackId}", Id); + Snackbar.Add("Delete failed — please try again.", Severity.Error); _busy = false; } } diff --git a/DeepDrftCms/_Imports.razor b/DeepDrftCms/_Imports.razor index cf3d836..5a87bee 100644 --- a/DeepDrftCms/_Imports.razor +++ b/DeepDrftCms/_Imports.razor @@ -5,6 +5,7 @@ @using Microsoft.AspNetCore.Components.Web @using Microsoft.AspNetCore.Components.Web.Virtualization @using static Microsoft.AspNetCore.Components.Web.RenderMode +@using Microsoft.Extensions.Logging @using Microsoft.JSInterop @using DeepDrftCms @using DeepDrftModels.Entities diff --git a/DeepDrftWeb/Controllers/CmsEditController.cs b/DeepDrftWeb/Controllers/CmsEditController.cs index d6f2ec2..d9d088b 100644 --- a/DeepDrftWeb/Controllers/CmsEditController.cs +++ b/DeepDrftWeb/Controllers/CmsEditController.cs @@ -1,3 +1,4 @@ +using System.ComponentModel.DataAnnotations; using DeepDrftModels.Entities; using DeepDrftWeb.Services; using Microsoft.AspNetCore.Authorization; @@ -51,8 +52,8 @@ public class CmsEditController : ControllerBase } public record CmsTrackUpdateRequest( - string TrackName, - string Artist, - string? Album, - string? Genre, + [Required, MaxLength(200)] string TrackName, + [Required, MaxLength(200)] string Artist, + [MaxLength(200)] string? Album, + [MaxLength(100)] string? Genre, DateOnly? ReleaseDate);