- requireAdmin() guard (mirrors catalog/actions.ts pattern), throws "Non autorizzato" before any DB access - updateLeadField: EDITABLE_FIELDS allowlist, name/status validated server-side (LEAD_STAGES.includes), nullable fields cleared on empty - addLeadTag/removeLeadTag/renameLeadTag: polymorphic tags table scoped to entity_type="leads" (LEADS_TAG_ENTITY), never touches entity_type="services" rows - All four actions call revalidatePath for /admin/leads (+ detail page where a single leadId applies) - Log pre-existing lint issues (unrelated to this task) to deferred-items.md per scope-boundary rule
1.1 KiB
Deferred Items — Phase 14
Items discovered during execution that are out of scope for the current task (per Scope Boundary rule — pre-existing issues in unrelated code paths).
14-01
-
src/app/admin/leads/actions.ts:54— pre-existing@typescript-eslint/no-explicit-anyerror onconst updateData: Record<string, any> = { updated_at: new Date() };insideupdateLead(). This function predates Phase 14 and is unchanged by 14-01 (Task 2 only appendsupdateLeadField/addLeadTag/removeLeadTag/renameLeadTagafter it).npx eslint src/app/admin/leads/actions.tsexits 1 solely due to this pre-existing line; the four new actions added in 14-01 introduce zero new lint errors/warnings. Fix: replaceRecord<string, any>with a properly typed partial update object (e.g.Partial<typeof leads.$inferInsert>or an explicit interface). -
src/lib/admin-queries.ts— pre-existing@typescript-eslint/no-unused-varswarnings (4x) for importssettings,ServiceCatalog,ProjectOffer,OfferPhaseService— these predate Phase 14 and are unrelated to thegetLeadsWithTags/getLeadFieldOptionsadditions in Task 1.