PostsDocsImplementationBLOG VIEW AS HOMETasksTask Blogviewas Home 003 Apply RBAC Hiding To Homepage Visible Items

Blog View As Home Tasks

Detailed Task ListURL copied

TASK-BLOG_VIEW_AS_HOME-003: Apply RBAC hiding to homepage-visible itemsURL copied

  • Type: Task
  • Epic: BLOG_VIEW_AS_HOME
  • Sprint: Sprint 1
  • Points: 3
  • Assignee: Mid
  • Assigned to:
  • Depends on: TASK-BLOG_VIEW_AS_HOME-001
  • Description: Wire the homepage feed to the existing RBAC helpers so unauthorized items are filtered out before render. Follow §Security Design and keep the policy hide-only, with no placeholder cards or denied-state labels.
  • Decision budget:
    • Junior can decide: where the filter sits in the feed pipeline and how the filtered collection is represented internally.
    • Escalate to TL/PTL: any change that would surface denied items, placeholders, or counts for hidden content.
  • Acceptance criteria:
    • Task
      Logged-in users only see items allowed by RBAC.
    • Task
      Unauthorized items do not appear as placeholders.
    • Task
      Public browsing still works when auth is absent.
  • Definition of Done:
    • Task
      Jira ticket updated to Done
    • Task
      Tests passing per §Testing Strategy
    • Task
      PR reviewed and merged to module branch
    • Task
      Relevant doc section updated if behavior changed