c/ietf-draft-analyzer
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Enforce public/private visibility for web UI pages

Browse Source 
Dev-only pages (sources, trends, complexity, idea-analysis, false-positives,
similarity, landscape, export) now require @admin_required and are hidden
from nav in production mode. Citations page keeps the graph public but
hides influence/BCP tabs behind --dev flag.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Christian Nennemann
2026-03-08 20:52:43 +01:00
parent dec8667193
commit ae5e5f8cbf
4 changed files with 85 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

38
CLAUDE.md
View File

@@ -84,6 +84,44 @@ All agents should:
- Use `rich` for console output
- Save multi-step workflows as scripts in `scripts/`
## Web UI: Public vs Dev-Only Pages
The web dashboard runs in two modes: production (default) and dev (`--dev` flag).
**When adding new pages, always decide which mode they belong to.**
Use `@admin_required` decorator on dev-only routes, and `{% if is_admin %}` in `base.html` nav links.
### Public pages (visible to everyone)
Pages showing **publicly available data** or **high-level results** that are defensible:
- Overview, Draft Explorer, Draft Detail — browsable catalog
- Authors — public data from Datatracker
- Citations — public citation data
- Ratings — score distributions (aggregate, not per-draft methodology)
- Timeline — submission trends (factual)
- Search — search functionality
- About, Impressum, Datenschutz — legal/info pages
### Dev-only pages (`@admin_required`, `--dev` mode)
Pages exposing **internal methodology**, **LLM judgments**, **cost data**, or **debatable analysis**:
- Gap Explorer, Gap Generation — internal gap analysis, draft generation
- Monitor — pipeline health, API costs, token usage
- Analytics — pageview tracking
- Compare — side-by-side draft comparison (uses Claude)
- AI Ask/Synthesize — Claude-powered Q&A (costs tokens)
- Annotations — internal notes
- False Positives — exposes filtering methodology, raw LLM judgment calls
- Complexity — correlations between LLM ratings and structural metrics (methodologically debatable)
- Idea Analysis — LLM-generated novelty scores could be challenged
- Trends — safety ratio uses internal category mappings
- Sources — rating comparisons across standards bodies (could offend orgs)
- Similarity — embedding-based methodology
- Landscape — t-SNE map (methodology-dependent)
- Obsidian Export — internal tool
### Decision criteria for new pages
- **Public if**: data comes from public sources (Datatracker, standards body websites), or shows aggregate statistics without exposing LLM methodology
- **Dev-only if**: page reveals how Claude rates/classifies things, shows internal cost/token data, compares organizations in potentially sensitive ways, or uses methodology that could be questioned without full context
## Current Status (2026-03-03)
- v0.2.0, 361 drafts (101 new, unprocessed)