jwed
8769308dfd
Bundled stable cut for prod. Contents since 1.7.0: * feat(access): strict allowlist enforcement. A unifi page with NO grants is now visible only to super-admins — previously it fell back to "open for anyone with the route permission". Matches the new dashboard-wide access model. * feat(access): the Access tab now adds groups by typeahead search, mirroring the user-search flow. Only granted groups + super-admin groups appear in the matrix; other groups are added on demand. * fix(access): ungranted users hitting a unifi URL get 404 instead of 403 so the page doesn't leak its existence. Breaking note: super-admins continue to see everything. Non-super users that previously accessed a unifi page via permission alone now need an explicit grant in the Access tab. Configure grants before relying on existing permission-based access. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>