Skip to content

Improve validation for sibling pages security #3

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Jun 24, 2025
Merged

Improve validation for sibling pages security #3

merged 2 commits into from
Jun 24, 2025

Conversation

lenverstijnen
Copy link
Collaborator

@lenverstijnen lenverstijnen commented Jun 24, 2025
edited
Loading

Ticket:

Description of changes

In the past, if you had a parent page with that was not published, and you've added children to it, you weren't able to publish it anymore, due to the validation. This is now fixed. You are now able to publish parent pages that have not been published before. After the page has been published, you can't change the slug anymore if it has children. This is how it should work.

How to validate the changes

Tobias and I tested this in the British Library project.

  • Make a new page and don't publish it.
  • Make children pages.
  • Try to publish the parent page, this should work.
  • After that, publish the children.
  • After that you shouldn't be able to change the slug of the parent page anymore.

✅ Definition of Done

This checklist helps with risk management during software development. It is not a mandatory list to fully check off, but a basis for thinking about quality, safety, and best practices. Feel free to adapt it for your own project — as long as the risks are consciously managed.

📄 Documentation & Knowledge Sharing

  • Changes are documented in the code and/or README.md
  • Relevant Notion pages are updated

🧪 Testing & Quality

  • Changes are covered by unit/integration/end-to-end tests
  • GitHub Actions (CI/CD) pass successfully
  • Reviewer has tested and verified the changes locally

📊 Monitoring & Performance

  • Relevant metrics (e.g. in Datadog) are added or updated
  • Performance and scalability have been considered and tested if needed

🔐 Security & Privacy

  • The changes comply with our Secure software development policy
  • No personal data or privacy-sensitive information is affected
  • Input validation, authentication, and authorization are properly handled

🧩 Traceability & Readiness

  • A Jira ticket is linked, and the ticket number is in the PR title (e.g. [R2025-1234] Meaningful title)
  • No unresolved TODOs remain in the code (unless followed up with a Jira ticket)

🤝 Review & Collaboration

  • Code is reviewed by at least one team member
  • Merge responsibility and timing are agreed upon
  • Team members are informed (e.g. via Slack or daily stand-up)

@lenverstijnen lenverstijnen requested a review from tstikvoort June 24, 2025 13:20
@lenverstijnen lenverstijnen merged commit 25cc260 into main Jun 24, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@tstikvoort tstikvoort tstikvoort approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@lenverstijnen @tstikvoort