Add flash alert UX improvements, User_Model fetch security, and SCSS-SCOPE-01 BEM guidance

🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-12-26 20:46:18 +00:00
parent fd7d3340f4
commit 0ea0341aeb
5 changed files with 229 additions and 5 deletions
--- a/app/RSpade/Core/Models/User_Model.php
+++ b/app/RSpade/Core/Models/User_Model.php
@@ -466,4 +466,37 @@ class User_Model extends Rsx_Site_Model_Abstract
        // Default: invitation is pending
        return self::INVITATION_PENDING;
    }
+
+    // =========================================================================
+    // AJAX FETCH
+    // =========================================================================
+
+    /**
+     * Ajax model fetch - allows JavaScript to load user records
+     * Filters out invite_* fields for security
+     */
+    #[Ajax_Endpoint_Model_Fetch]
+    public static function fetch($id)
+    {
+        $user = static::withTrashed()->find($id);
+
+        if (!$user) {
+            return false;
+        }
+
+        $data = $user->toArray();
+
+        // Filter out invite_* fields - these contain sensitive invitation data
+        foreach (array_keys($data) as $key) {
+            if (str_starts_with($key, 'invite_')) {
+                unset($data[$key]);
+            }
+        }
+
+        // Augment with computed properties
+        $data['get_full_name'] = $user->get_full_name();
+        $data['get_display_name'] = $user->get_display_name();
+
+        return $data;
+    }
 }