Skip to content

fix(schedule): allow explicit label visibility bypass#1475

Open
JohnVillalovos wants to merge 1 commit into
developfrom
jlvillal/fiu-02-01
Open

fix(schedule): allow explicit label visibility bypass#1475
JohnVillalovos wants to merge 1 commit into
developfrom
jlvillal/fiu-02-01

Conversation

@JohnVillalovos

Copy link
Copy Markdown
Collaborator

Add an explicit skipVisibilityChecks argument to
SlotLabelFactory::Format for callers that have already authorized reservation details. Keep the default path unchanged and keep NullSlotLabelFactory fail-closed.

Assisted-by: Codex:GPT-5

Add an explicit skipVisibilityChecks argument to
SlotLabelFactory::Format for callers that have already authorized
reservation details. Keep the default path unchanged and keep
NullSlotLabelFactory fail-closed.

Co-Authored-By: John L. Villalovos <john@sodarock.com>
Assisted-by: Codex:GPT-5
Copilot AI review requested due to automatic review settings June 11, 2026 03:11

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR extends the schedule label formatting API by adding an explicit skipVisibilityChecks argument to SlotLabelFactory::Format() for trusted callers that have already authorized access to reservation details (e.g., authenticated subscription feeds). The default behavior remains unchanged, and NullSlotLabelFactory continues to return an empty label.

Changes:

  • Add skipVisibilityChecks (default false) to SlotLabelFactory::Format() and to NullSlotLabelFactory::Format().
  • Keep user-detail redaction enforced when privacy.hide.user.details is enabled (now applies to {email}, {phone}, {organization}, {position}, {participants}, {invitees} as well).
  • Add PHPUnit coverage ensuring the bypass works when explicitly requested, while still redacting user tokens and keeping NullSlotLabelFactory fail-closed.

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated no comments.

File Description
lib/Application/Schedule/SlotLabelFactory.php Adds the skipVisibilityChecks parameter and ensures user-detail redaction is consistently applied across all user-related tokens.
tests/Presenters/CalendarExportPresenterTest.php Adds tests validating explicit visibility bypass behavior and fail-closed behavior for NullSlotLabelFactory.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants