giles
1eec131101
Posts ARE SX source, so expose it: a public raw-source view and a guarded in-browser source editor. - GET /<slug>/source — raw sx_content as text/plain (public; a published post's source isn't secret). - GET /<slug>/edit — edit form pre-filled with the post's title, raw source (in a textarea, render-to-html-escaped so it shows verbatim), and status (current value pre-selected). Guarded (editor only). Slug is preserved. - POST /<slug>/edit — save the edited source; same write-time validation as create (unparseable body -> 400, post left intact); 303 back to the post. - post page gains "view source · edit · all posts" footer links. Routing: /:slug/source + /:slug/edit are two-segment patterns; the router consumes :param as exactly one segment and requires a full match, so /:slug does not shadow them (asserted). 14 new blog tests cover view (200/text-plain/ raw body/404/no-shadow) and edit (401 unauth GET+POST, 200 form, source shown, 303 save, persisted, slug preserved, 400 malformed, 404 missing). Verified live on blog.rose-ash.com: view source, guarded edit form, save round-trip (rendered post + source both reflect the edit). Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
18 KiB
18 KiB