brief sprint C3.b+c+d+e: share-post Line+Brief async, magic-link / invalid-link banners use Brief styling, .alert-* retired — TDD

Closes the C3 brief sprint. Three event sources (note unlock, share invite, login messages) now route through the Brief slide-down, & the legacy .alert-success/.alert-warning rendering in base.html is retired. C3.b — share-post async Line + Brief: - billboard.share_post detects Accept: application/json. JSON path appends a Line (text="Shared with X at <isoformat>", isoformat carries microseconds so two rapid shares of the same email don't collide on Line.unique_together(post,text)), spawns a Brief(kind=SHARE_INVITE) for the sharer, and returns {brief: brief.to_banner_dict() | None, line_text, recipient_display}. Sharer-shares-with-themselves stays a silent no-op (response carries brief: null). Legacy form-submit path preserved for non-AJAX (still redirects + flashes the privacy-safe message — kept for older FTs / no-JS fallback). - billboard.Brief.to_banner_dict() (moved from dashboard.views helper to a model method) shapes the JSON the banner JS consumes. - post.html: share form intercepted by JS — fetches POST w. Accept:application/json, then appends `data.line_text` as the next row in #id_post_table, calls Brief.showBanner(data.brief), and (when registered) appends a fresh `<span class="post-recipient">` to the new #id_post_recipients box. No page reload — the alert-success flash is gone. - 10 new ITs (SharePostAsyncTest + SharePostLegacyRedirectTest) cover the JSON path, line append, brief creation w. SHARE_INVITE kind, registered/unregistered recipient behaviour, sharer-self skip, line dedupe via timestamp, and that the legacy form-submit redirect path still works. - functional_tests.test_sharing line numbering updated: the share now records its own Line so the alice-reply lands at row 3 instead of 2. C3.c+d — magic-link confirmation + invalid-link error use Brief banner styling: - base.html's {% if messages %} block stops rendering .alert-success/.alert-warning divs. Instead each message renders as a transient Brief-styled banner: <div class="note-banner note-banner--message note-banner--{{level_tag}}"> with .note-banner__body / __description carrying the message text and a .btn-cancel NVM that removes the banner via inline onclick. No DB Brief row; no FYI; no square. Same Gaussian-glass look as note-unlock + share-invite Briefs. - _note.scss adds the note-banner--message variant (full-opacity description) + note-banner--error/--warning border-color override (priRd 0.6) so the invalid-link banner reads as red/abandon. C3.e — .alert-success/.alert-warning retired in markup; the SCSS class blocks aren't referenced anywhere else in templates so they sit dormant (left in place — base form styling keeps .form-control etc. working; no need to ripple into _base.scss). Banner JS (note.js / Brief module) was untouched in C3.b+c+d — the Brief.showBanner contract from C3.a already handles all three kinds (NOTE_UNLOCK / USER_POST / SHARE_INVITE) by reading kind off the brief; the message-banner path doesn't go through showBanner because there's no Brief row. Tests: 218 dashboard+billboard+api ITs + 322 lyric+dashboard+billboard ITs + 2 sharing FTs + 9 my_notes FTs + 1 Jasmine FT all green. Existing lyric.test_views login message-text assertions unchanged (they pull from messages framework — not the rendered HTML — so the markup swap doesn't affect them). Code architected by Disco DeDisco <discodedisco@outlook.com> Git commit message Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-05-08 18:15:43 -04:00
parent fa53bf561a
commit 14bab444ff
8 changed files with 288 additions and 40 deletions
--- a/src/templates/apps/billboard/post.html
+++ b/src/templates/apps/billboard/post.html
@@ -25,7 +25,7 @@
    <div class="row justify-content-center">
        <div class="col-lg-6">

-            <form method="POST" action="{% url "billboard:share_post" post.id %}">
+            <form id="id_share_form" method="POST" action="{% url "billboard:share_post" post.id %}">
                {% csrf_token %}
                <input
                    id="id_recipient"
@@ -44,9 +44,11 @@
                <button type="submit" class="btn btn-primary">Share</button>
            </form>
            <small>Post shared with:
-                {% for user in post.shared_with.all %}
-                    <span class="post-recipient">{{ user|display_name }}</span>
-                {% endfor %}
+                <span id="id_post_recipients">
+                    {% for user in post.shared_with.all %}
+                        <span class="post-recipient">{{ user|display_name }}</span>
+                    {% endfor %}
+                </span>
            </small>
        </div>
    </div>
@@ -54,4 +56,64 @@

 {% block scripts %}
    {% include "apps/dashboard/_partials/_scripts.html" %}
+    <script>
+    // Async share: intercepts the share form, POSTs w. Accept:application/json,
+    // then slide-downs the SHARE_INVITE Brief banner under the navbar h2 + appends
+    // the freshly-recorded Line into #id_post_table. No page reload — the legacy
+    // alert-success flash is gone.
+    (function () {
+        'use strict';
+        var form = document.getElementById('id_share_form');
+        var input = document.getElementById('id_recipient');
+        var table = document.getElementById('id_post_table');
+        var recipientsBox = document.getElementById('id_post_recipients');
+        if (!form || !input || !table) return;
+
+        function _csrf() {
+            var m = document.cookie.match(/csrftoken=([^;]+)/);
+            return m ? m[1] : '';
+        }
+
+        function _appendLine(text) {
+            var n = table.querySelectorAll('tr').length + 1;
+            var tr = document.createElement('tr');
+            var td = document.createElement('td');
+            td.textContent = n + '. ' + text;
+            tr.appendChild(td);
+            table.appendChild(tr);
+        }
+
+        form.addEventListener('submit', function (e) {
+            e.preventDefault();
+            var fd = new FormData(form);
+            fetch(form.action, {
+                method: 'POST',
+                credentials: 'same-origin',
+                headers: {
+                    'Accept':       'application/json',
+                    'X-CSRFToken':  _csrf(),
+                },
+                body: fd,
+            })
+                .then(function (r) { return r.ok ? r.json() : Promise.reject(r.status); })
+                .then(function (data) {
+                    if (data.line_text) _appendLine(data.line_text);
+                    if (window.Brief && data.brief) Brief.showBanner(data.brief);
+                    if (data.recipient_display && recipientsBox) {
+                        var span = document.createElement('span');
+                        span.className = 'post-recipient';
+                        span.textContent = data.recipient_display;
+                        recipientsBox.appendChild(document.createTextNode(' '));
+                        recipientsBox.appendChild(span);
+                    }
+                    input.value = '';
+                })
+                .catch(function () {
+                    // No-op for now — the privacy-safe response shape means
+                    // even an unregistered recipient is a 200 w. brief data;
+                    // a true error path (5xx) silently swallows.
+                });
+        });
+    }());
+    </script>
 {% endblock scripts %}