ScreenTinker 4c38536cc6 feat(ui): edit-designations for agency tokens (#73) ... Settings → API Tokens: each agency token gets an "Edit playlists" control that opens the playlist picker pre-checked with the token's CURRENT designations (from the list GET's tok.targets), lets the admin add/remove, and calls the existing PUT /:id/targets to atomically re-designate. Reuses the creation picker pattern; common.save/cancel reused; edit_targets + targets_updated i18n across all 5 locales. No security-model change - the endpoint was already proven. Test (integration): PUT /:id/targets re-designates (add + remove) and the confinement follows the NEW set - a re-designated token reaches only its new playlists (router.param 403s the removed one). 148 suite green. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>		2026-06-14 17:04:07 -05:00
..
admin-users.test.js	feat(admin): Delete Organization + Workspace with cascade (#36)	2026-06-09 09:22:21 -05:00
agency-digest.test.js	feat(api): batched email digest for agency uploads (#73)	2026-06-14 13:59:37 -05:00
agency-gate.test.js	feat(api): agency portal endpoints + router.param target seam (#73)	2026-06-13 22:48:42 -05:00
agency-layouts.test.js	feat(api): GET /api/agency/layouts - device-free layout geometry (#73)	2026-06-14 13:53:30 -05:00
agency-list.test.js	feat(api): GET /api/agency/playlists - a token's designated targets (#73)	2026-06-14 13:08:07 -05:00
agency-scope.test.js	feat(api): agency-token security primitive - off-ladder scope + agencyGate (#73)	2026-06-13 21:30:38 -05:00
agency.test.js	feat(ui): edit-designations for agency tokens (#73)	2026-06-14 17:04:07 -05:00
ai-design.test.js	fix(ai): de-overlap generated text + layer shapes behind text (#41)	2026-06-09 12:57:41 -05:00
api.test.js	test(api): close #92 follow-up coverage gaps	2026-06-12 20:10:36 -05:00
apitoken-unit.test.js	test(api): close #92 follow-up coverage gaps	2026-06-12 20:10:36 -05:00
branding.test.js	feat(branding): instance-level default white-label branding (#15)	2026-06-08 16:55:22 -05:00
config-paths.test.js	chore(version): single-source VERSION, env-configurable data paths, bump tooling	2026-06-10 12:56:03 -05:00
i18n-tokens.test.js	test(api): close #92 follow-up coverage gaps	2026-06-12 20:10:36 -05:00
openapi-contract.test.js	test(api): fix spec scope drift + guard it in CI; Redoc provenance	2026-06-12 18:45:09 -05:00
operator-permissions.test.js	fix(roles): make platform_operator assignable + add deny/assign regression tests	2026-06-05 12:44:39 -05:00
pair-lockout.test.js	fix(api): harden device pairing against brute-force (#87)	2026-06-12 20:16:12 -05:00
provisioning.test.js	fix(api): consolidate device pairing to /pair, remove vestigial bare endpoint (#90)	2026-06-12 20:13:16 -05:00
schedule-eval.test.js	feat(scheduling): per-item schedule blocks (#74 dayparting, #75 auto-expire)	2026-06-11 15:46:41 -05:00
schema-check.test.js	fix(db): observable migrations + fail-fast schema verification (#37)	2026-06-09 09:31:52 -05:00
security-fixes.test.js	fix(security): patch quick-win findings from the codebase review	2026-06-08 19:02:19 -05:00
tenant-cascade-migration.test.js	fix(db): cascade tenant resources on workspace/org delete (#18 follow-up)	2026-06-08 16:01:52 -05:00
tizen-eval-drift.test.js	feat(scheduling): per-item schedule blocks (#74 dayparting, #75 auto-expire)	2026-06-11 15:46:41 -05:00
totp-keyrotation.test.js	test(server): TOTP - bite, lockout, replay, recovery, st_ bypass, key-rotation (#100)	2026-06-13 20:48:55 -05:00
totp-unit.test.js	test(server): TOTP - bite, lockout, replay, recovery, st_ bypass, key-rotation (#100)	2026-06-13 20:48:55 -05:00
totp.test.js	fix(server): strip totp_secret_enc/totp_last_step from login responses (#100)	2026-06-13 20:48:55 -05:00
user-deletion.test.js	feat(admin): Delete Organization + Workspace with cascade (#36)	2026-06-09 09:22:21 -05:00
widget-render-xss.test.js	fix(security): sanitize public widget render to close stored XSS	2026-06-08 19:11:14 -05:00