From c7ddc4648b74bfbbfeed6d974e2c045c79691d26 Mon Sep 17 00:00:00 2001
From: binarybeach <maxwell.pauly@binarybeach.tech>
Date: Thu, 30 Apr 2026 18:33:25 -1000
Subject: [PATCH] binarybeachio: expand customization inventory in
 BINARYBEACHIO.md

Restructure "What's customized" into three patch groups with full file
inventories:
  1. Zitadel OIDC (repurpose GitHub OAuth)
  2. Brand label + logo
  3. Presigned PUT for uploads (R2/B2 don't implement PostObject)

Each patch group is independently revertable; group 3 references
binarybeachio/docs/features/storage-upload-flow.md for the decision
record + rollback procedure.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
---
 BINARYBEACHIO.md | 25 ++++++++++++++++++++++---
 1 file changed, 22 insertions(+), 3 deletions(-)

diff --git a/BINARYBEACHIO.md b/BINARYBEACHIO.md
index 1ed428a13..8645bc958 100644
--- a/BINARYBEACHIO.md
+++ b/BINARYBEACHIO.md
@@ -39,12 +39,31 @@ Plane's backend has working **community-edition** GitHub OAuth (`/auth/github/..
 
 ## What's customized (the inventory — keep current)
 
-Touch surface is intentionally minimal. **Two files**, both narrowly scoped, designed to minimize merge conflict probability on every Plane upgrade.
+Touch surface is intentionally minimal. Three logical patch groups across the repo.
 
+### Patch 1: Zitadel OIDC (repurpose GitHub OAuth)
 | File | Change | Risk on upgrade |
 |---|---|---|
-| `apps/api/plane/authentication/provider/oauth/github.py` | Repurposed entire file: env-drive endpoint URLs (default to `$ZITADEL_DOMAIN`'s OIDC endpoints, fall back to GitHub when `ZITADEL_DOMAIN` unset). Switch claim mapping to OIDC standard. Drop `__get_email` (OIDC userinfo includes email). Fix upstream's `expires_in` epoch-vs-duration bug. Drop `is_user_in_organization` (Zitadel handles authz). | **Medium.** This file rarely changes upstream. If Plane refactors the OauthAdapter base class signatures, our patched constructor must follow. |
-| `apps/web/core/hooks/oauth/core.tsx` | Cosmetic: rename "GitHub" button text to "binarybeach.io". Backend ID/route/icon path unchanged. | **Low.** Pure cosmetic; rebases trivially. |
+| `apps/api/plane/authentication/provider/oauth/github.py` | Repurposed entire file: env-drive endpoint URLs (default to `$ZITADEL_DOMAIN`'s OIDC endpoints, fall back to GitHub when `ZITADEL_DOMAIN` unset). Switch claim mapping to OIDC standard. Drop `__get_email` (OIDC userinfo includes email). Fix upstream's `expires_in` epoch-vs-duration bug. Drop `is_user_in_organization` (Zitadel handles authz). Add `prompt=select_account` for explicit account chooser. | **Medium.** This file rarely changes upstream. If Plane refactors the OauthAdapter base class signatures, our patched constructor must follow. |
+
+### Patch 2: Brand label + logo
+| File | Change | Risk on upgrade |
+|---|---|---|
+| `apps/web/core/hooks/oauth/core.tsx` | Cosmetic: rename "GitHub" button text to "BinaryBeach.io"; swap GitHub light/dark logo imports for our brand mark. Backend ID/route unchanged. | **Low.** Pure cosmetic; rebases trivially. |
+| `apps/web/app/assets/logos/binarybeach-logo.png` | New asset. | **None.** |
+
+### Patch 3: Presigned PUT for uploads (R2/B2 don't implement PostObject)
+| File | Change | Risk on upgrade |
+|---|---|---|
+| `apps/api/plane/settings/storage.py` | `S3Storage.generate_presigned_post(...)` rewritten to mint a presigned PUT URL via `generate_presigned_url(HttpMethod="PUT")`. Method name preserved for caller compat. Returns `{url, method:"PUT", fields:{Content-Type, key}}`. | **Medium.** If Plane's upload flow changes upstream (e.g. refactors to per-app storage backends, switches away from POST), conflict surface grows. |
+| `apps/api/plane/utils/openapi/responses.py` | OpenAPI example response updated to reflect PUT shape. | **Low.** |
+| `apps/api/plane/tests/unit/settings/test_storage.py` | 2 tests retargeted to assert `generate_presigned_url` boto3 call instead of `generate_presigned_post`. | **Low.** |
+| `packages/types/src/file.ts` | `TFileSignedURLResponse.upload_data` adds `method?: "PUT" \| "POST"`, drops AWS POST-form-data fields. | **Low.** |
+| `packages/services/src/file/helper.ts` | `generateFileUploadPayload(...)` returns a `TFileUploadRequest` descriptor; dispatches PUT/POST. | **Medium.** |
+| `packages/services/src/file/file-upload.service.ts` + `apps/web/core/services/file-upload.service.ts` | `uploadFile(...)` signature changes from `(url, FormData, progress?)` to `(payload, progress?)`. Uses `axios.request({method, url, data, headers})`. | **Medium.** |
+| `apps/web/core/services/file.service.ts`, `apps/web/core/services/issue/issue_attachment.service.ts`, `packages/services/src/file/sites-file.service.ts` | 5 caller sites updated to pass `TFileUploadRequest` to `uploadFile`. | **Low.** |
+
+The full decision record (why we patched, tradeoffs accepted, rollback procedure) lives at `binarybeachio/docs/features/storage-upload-flow.md`. Patch 3 can be reverted independently of Patches 1 and 2 — find the commit titled "binarybeachio: presigned PUT for uploads" and `git revert <sha>`.
 
 Files **not** changed (deliberately):
 - `apps/api/plane/authentication/views/app/github.py` — view layer, unchanged. Routes still `/auth/github/`.