Patrick Bass Area: Admin plane (audit p12) · Surface: /admin/learn/paths/{id}/edit · Dimension: law-1-polish · Severity: enhancement
Requiring an admin to know and type the internal numeric ID of a course/lesson/activity is rough and error-prone — it leaks internal identifiers into the workflow and brushes against Law 6 (users shouldn't deal with internal plumbing). Every other authoring surface uses pickers. A typo silently attaches the wrong item.
Evidence
platform/templates/learn/admin/paths/edit.php:178-179 — `Target id <input type="number" name="target_id" min="1" required ...>`. The form makes the admin pick a kind (course/lesson/activity) then type the raw internal database ID of the target.Suggested fix. Replace the numeric Target id input with a searchable picker (autocomplete by title, scoped to the selected kind) that resolves to the ID under the hood — reuse the items/picker pattern already present at /admin/learn/assessments/{id}/items/picker and /admin/learn/pools/{id}/items/picker.
Filed by the automated tenant-app audit and adversarially evidence-verified. Status: verified. Open — not yet actioned.
Patrick Bass
@mobieus
