sirily/nroxy
1
0
Fork 0
Code Issues 11 Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Stop leaking exact quota numbers from GET /api/account #1

New Issue
Closed
opened 2026-03-10 14:40:53 +03:00 by sirily · 1 comment
sirily commented 2026-03-10 14:40:53 +03:00
Owner
Copy Link

Problem
GET /api/account currently returns usedSuccessfulRequests and monthlyRequestLimit to normal users via packages/db/src/account-store.ts and apps/web/src/main.ts.

Why this matters
The product contract is explicit: normal users should only see approximate quota buckets (100/80/60/40/20/0). Exact usage should stay admin-only.

Acceptance criteria

  • Normal user account responses expose only the approximate bucket.
  • Exact usage remains available only on admin surfaces.
  • Add regression coverage for the approximate quota display contract.
Problem `GET /api/account` currently returns `usedSuccessfulRequests` and `monthlyRequestLimit` to normal users via `packages/db/src/account-store.ts` and `apps/web/src/main.ts`. Why this matters The product contract is explicit: normal users should only see approximate quota buckets (`100/80/60/40/20/0`). Exact usage should stay admin-only. Acceptance criteria - Normal user account responses expose only the approximate bucket. - Exact usage remains available only on admin surfaces. - Add regression coverage for the approximate quota display contract.
sirily commented 2026-03-10 15:46:35 +03:00
Author
Owner
Copy Link

Linked implementation PR: #16 (#16). This issue will be closed automatically on merge via Closes #1 in PR body.

Linked implementation PR: #16 (http://git.shararam.party/sirily/nroxy/pulls/16). This issue will be closed automatically on merge via `Closes #1` in PR body.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
No items
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
sirily
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: sirily/nroxy#1
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?