profit/llm-team-ui
1
0
Fork 0
Code Issues Pull Requests 2 Actions Packages Projects Releases Wiki Activity

Fix NameError: ADMIN_WRITE_ROUTES renamed to DEMO_BLOCKED_POSTS

Browse Source 
before_request handler still referenced old variable name.
Updated to use DEMO_BLOCKED_POSTS with simpler path-in-set check.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
root 2026-03-26 05:23:01 -05:00
parent 9f48a050c8
commit f0cf69b4bd
1 changed files with 4 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
llm_team_ui.py
View File

@ -174,11 +174,10 @@ def security_checks():
if path.startswith("/static"): if path.startswith("/static"):
return return
# In demo mode, block admin write routes for non-admins # In demo mode, block destructive writes for non-admins
if is_demo() and not is_admin(): if is_demo() and not is_admin() and request.method == "POST":
for route, methods in ADMIN_WRITE_ROUTES.items(): if path in DEMO_BLOCKED_POSTS:
if path == route and request.method in methods: return jsonify({"error": "demo mode: read-only", "demo": True}), 403
return jsonify({"error": "demo mode: admin settings are read-only", "demo": True}), 403
@app.after_request @app.after_request