refactor(#184): consistent account menu via a single shared user-menu fragment#185
Merged
Conversation
… navbar fragment Account actions are now presented identically across both portals, per best practice (account actions live in the top-right user menu) and DRY. - New shared `userMenu` fragment (username dropdown -> Change Password -> Logout). Change Password resolves to the role-appropriate page via sec:authorize (/custodian/password for ROLE_CUSTODIAN, else /customer/password); Logout is the CSRF POST. Shown only when authenticated. - header, customerHeader, and custodianHeader now all th:replace this one fragment instead of each hand-rolling its own dropdown. - Removed the customer's top-level "Change Password" nav link (now in the dropdown, matching admin). Verified live: customer and admin dropdowns both show Change Password (role-correct path) + Logout; the customer top-level link is gone; /customer/password and /custodian/password reachable. datacustodian suite 160/0. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Presents account actions (Change Password, Logout) identically in both portals, and removes the per-navbar duplication. Closes #184.
Previously the admin navbar had both in the top-right user dropdown, but the customer navbar had Logout in the dropdown and Change Password as a top-level link — inconsistent.
Changes
userMenufragment: username ▾ → Change Password → Logout. Change Password resolves to the role-appropriate page viasec:authorize(/custodian/passwordforROLE_CUSTODIAN, else/customer/password); Logout is the CSRF POST; rendered only when authenticated.header,customerHeader,custodianHeaderallth:replacethis single fragment (DRY) instead of hand-rolling their own dropdowns.Verification
Live: both customer and admin dropdowns show Change Password (role-correct path) + Logout; the customer top-level link is gone; both password pages reachable (200).
datacustodiansuite 160/0.🤖 Generated with Claude Code