ccopeland/red
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(signing): filter fields by signer on sign page — was passing all fields unfiltered

Browse Source
This commit is contained in:
Chandler Copeland
2026-04-03 18:14:46 -06:00
parent 4fe7913d7e
commit bc0495dea9
1 changed files with 12 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
teressa-copeland-homes/src/app/sign/[token]/page.tsx
View File

@@ -1,7 +1,7 @@
import { verifySigningToken } from '@/lib/signing/token';
import { logAuditEvent } from '@/lib/signing/audit';
import { db } from '@/lib/db';
import { signingTokens, documents } from '@/lib/db/schema';
import { signingTokens, documents, isClientVisibleField } from '@/lib/db/schema';
import { eq } from 'drizzle-orm';
import { headers } from 'next/headers';
import { SigningPageClientWrapper } from './_components/SigningPageClientWrapper';
@@ -57,11 +57,21 @@ export default async function SignPage({ params }: Props) {
db.update(documents).set({ status: 'Viewed' }).where(eq(documents.id, payload.documentId)),
]);
// Filter fields to this signer's fields only (same logic as GET /api/sign/[token])
const allFields = doc.signatureFields ?? [];
const visibleFields = allFields.filter((field) => {
if (!isClientVisibleField(field)) return false;
if (tokenRow.signerEmail !== null) {
return field.signerEmail === tokenRow.signerEmail;
}
return true; // legacy null-signer token: show all client-visible fields
});
return (
<SigningPageClientWrapper
token={token}
documentName={doc.name}
signatureFields={doc.signatureFields ?? []}
signatureFields={visibleFields}
/>
);
}