chore(release): 3.6.3 [skip ci]

## [3.6.3](https://github.com/antialias/soroban-abacus-flashcards/compare/v3.6.2...v3.6.3) (2025-10-14) ### Bug Fixes * update locked room terminology and allow existing members ([1ddf985](1ddf985938))
fix: update locked room terminology and allow existing members
2025-10-14 12:50:45 +00:00 · 2025-10-14 07:49:52 -05:00
4 changed files with 26 additions and 10 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,10 @@
+## [3.6.3](https://github.com/antialias/soroban-abacus-flashcards/compare/v3.6.2...v3.6.3) (2025-10-14)
+
+
+### Bug Fixes
+
+* update locked room terminology and allow existing members ([1ddf985](https://github.com/antialias/soroban-abacus-flashcards/commit/1ddf985938d9542fe26e44da58234f3d4e3c9543))
+
 ## [3.6.2](https://github.com/antialias/soroban-abacus-flashcards/compare/v3.6.1...v3.6.2) (2025-10-14)


--- a/apps/web/src/app/api/arcade/rooms/[roomId]/join/route.ts
+++ b/apps/web/src/app/api/arcade/rooms/[roomId]/join/route.ts
@@ -1,13 +1,13 @@
+import bcrypt from 'bcryptjs'
 import { type NextRequest, NextResponse } from 'next/server'
-import { getRoomById, touchRoom } from '@/lib/arcade/room-manager'
-import { addRoomMember, getRoomMembers } from '@/lib/arcade/room-membership'
 import { getActivePlayers, getRoomActivePlayers } from '@/lib/arcade/player-manager'
-import { isUserBanned } from '@/lib/arcade/room-moderation'
 import { getInvitation } from '@/lib/arcade/room-invitations'
 import { getJoinRequest } from '@/lib/arcade/room-join-requests'
-import { getViewerId } from '@/lib/viewer'
+import { getRoomById, touchRoom } from '@/lib/arcade/room-manager'
+import { addRoomMember, getRoomMembers } from '@/lib/arcade/room-membership'
+import { isUserBanned } from '@/lib/arcade/room-moderation'
 import { getSocketIO } from '@/lib/socket-io'
-import bcrypt from 'bcryptjs'
+import { getViewerId } from '@/lib/viewer'

 type RouteContext = {
  params: Promise<{ roomId: string }>
@@ -38,10 +38,21 @@ export async function POST(req: NextRequest, context: RouteContext) {
      return NextResponse.json({ error: 'You are banned from this room' }, { status: 403 })
    }

+    // Check if user is already a member (for locked room access)
+    const members = await getRoomMembers(roomId)
+    const isExistingMember = members.some((m) => m.userId === viewerId)
+
    // Validate access mode
    switch (room.accessMode) {
      case 'locked':
-        return NextResponse.json({ error: 'This room is locked' }, { status: 403 })
+        // Allow existing members to continue using the room, but block new members
+        if (!isExistingMember) {
+          return NextResponse.json(
+            { error: 'This room is locked and not accepting new members' },
+            { status: 403 }
+          )
+        }
+        break

      case 'retired':
        return NextResponse.json({ error: 'This room has been retired' }, { status: 410 })
@@ -86,8 +97,6 @@ export async function POST(req: NextRequest, context: RouteContext) {
        }
        break
      }
-
-      case 'open':
      default:
        // No additional checks needed
        break
--- a/apps/web/src/components/nav/ModerationPanel.tsx
+++ b/apps/web/src/components/nav/ModerationPanel.tsx
@@ -1352,7 +1352,7 @@ export function ModerationPanel({
                          label: 'Restricted',
                          desc: 'Invite only',
                        },
-                        { value: 'locked', emoji: '🔒', label: 'Locked', desc: 'No members' },
+                        { value: 'locked', emoji: '🔒', label: 'Locked', desc: 'No new members' },
                        { value: 'retired', emoji: '🏁', label: 'Retired', desc: 'Closed' },
                      ].map((mode) => (
                        <button
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
  "name": "soroban-monorepo",
-  "version": "3.6.2",
+  "version": "3.6.3",
  "private": true,
  "description": "Beautiful Soroban Flashcard Generator - Monorepo",
  "workspaces": [