feat(admin): hide the entire admin panel from non-admins

The Admin tab previously showed everyone the table + (disabled) controls.
Actions were already gated server-side (is_admin re-check in every handler),
but the UI and the read-only table were visible to all, which looked
unprofessional and streamed submission rows to non-admins.

Wrap all admin UI in a Column that stays hidden unless the logged-in user
is in CADGENBENCH_ADMINS; non-admins (and logged-out visitors) now see only
the login/logout button and a status line. The table starts empty and the
load/refresh/timer handlers return an empty frame for non-admins, so no
submission data is sent behind the hidden panel. Server-side gating on the
mutating handlers is unchanged (defense in depth).

Co-authored-by: Cursor <cursoragent@cursor.com>

app.py

@@ -267,34 +267,41 @@ def _admin_selection_status(table_df: pd.DataFrame | None) -> str:
 def _gate_admin_controls(
     profile: gr.OAuthProfile | None,
 ) -> tuple[
-    gr.Dataframe, gr.Radio, gr.Button, gr.Button, gr.Checkbox, gr.Button,
-    gr.Button, gr.Checkbox, gr.Button, gr.Textbox, gr.Button, str,
+    gr.Column, gr.Dataframe, gr.Radio, gr.Button, gr.Button, gr.Checkbox,
+    gr.Button, gr.Button, gr.Checkbox, gr.Button, gr.Textbox, gr.Button, str,
 ]:
-    """Enable the admin controls only for a logged-in user in the admin set.
-
-    Runs on every page load and re-runs on LoginButton auth events, so
-    the table value is also refreshed from the live Hub data instead of
-    staying pinned to whatever rows existed when the Space process
-    booted. Non-admins and logged-out visitors get the tab with the
-    table read-only and every control disabled, mirroring the server-side
-    re-check in each handler. The armed-by-confirmation buttons (delete,
-    stop-and-delete, rescore-selected, rescore-all) always load disarmed:
-    they only enable once their confirm box is ticked / phrase typed.
+    """Reveal the admin panel only for a logged-in user in the admin set.
+
+    Runs on every page load and re-runs on LoginButton auth events. The
+    entire admin panel (table + every control) lives in a column that
+    stays hidden unless the visitor is logged in AND in the admin set, so
+    non-admins and logged-out visitors see only the login/logout button
+    and a status line -- no table, no buttons. For admins the panel is
+    shown, its controls enabled, and the table refreshed from live Hub
+    data. Data is only loaded into the table for admins, and a server-side
+    ``is_admin`` re-check still guards every handler. The armed-by-
+    confirmation buttons (delete, stop-and-delete, rescore-selected,
+    rescore-all) always load disarmed: they only enable once their confirm
+    box is ticked / phrase typed.
     """
-    admin_df, error = _safe_load_admin()
-    if error:
-        gr.Warning(f"Admin table unavailable: {error}")
     admin = is_admin(profile)
+    if admin:
+        admin_df, error = _safe_load_admin()
+        if error:
+            gr.Warning(f"Admin table unavailable: {error}")
+    else:
+        admin_df = _empty_admin_table()
     if profile is None:
-        status = "Log in with an admin account to enable the controls below."
+        status = "Log in with an admin account to access the controls."
     elif admin:
         status = f"Signed in as `{profile.username}`. Admin controls enabled."
     else:
         status = (
             f"Signed in as `{profile.username}`, which is not in the admin "
-            "set. Controls are disabled."
+            "set. You can log out with the button above."
         )
     return (
+        gr.Column(visible=admin),
         gr.Dataframe(value=admin_df, interactive=admin),
         gr.Radio(interactive=admin),
         gr.Button(interactive=admin),
@@ -322,13 +329,26 @@ def _arm_delete(
     return gr.Button(interactive=armed), gr.Button(interactive=armed)
 
 
-def _refresh_admin_table() -> pd.DataFrame:
+def _empty_admin_table() -> pd.DataFrame:
+    """An admin frame with headers but no rows -- what non-admins get.
+
+    The admin panel is hidden from non-admins, but the table refreshers
+    still run server-side; returning an empty frame ensures no submission
+    data is ever streamed into a non-admin's (hidden) table.
+    """
+    return pd.DataFrame(columns=list(ADMIN_COLUMNS))
+
+
+def _refresh_admin_table(profile: gr.OAuthProfile | None) -> pd.DataFrame:
     """Admin Refresh button handler: reload the admin table, toast on failure.
 
     Uses the no-crash :func:`_safe_load_admin` so a Hub read failure
     surfaces as a loud ``gr.Warning`` plus an empty table rather than an
-    uncaught exception.
+    uncaught exception. Returns an empty frame to non-admins so a tampered
+    client can't pull the table out from behind the hidden panel.
     """
+    if not is_admin(profile):
+        return _empty_admin_table()
     admin_df, error = _safe_load_admin()
     if error:
         gr.Warning(f"Admin table unavailable: {error}")
@@ -356,7 +376,10 @@ def _reapply_selection(
     return fresh
 
 
-def _auto_refresh_admin_table(current_df: pd.DataFrame | None) -> pd.DataFrame:
+def _auto_refresh_admin_table(
+    current_df: pd.DataFrame | None,
+    profile: gr.OAuthProfile | None,
+) -> pd.DataFrame:
     """Timer-tick handler: reload the admin table, preserving ticked rows.
 
     The leaderboard tables auto-refresh every 10s but the admin table did
@@ -365,7 +388,10 @@ def _auto_refresh_admin_table(current_df: pd.DataFrame | None) -> pd.DataFrame:
     Unlike the leaderboard handler it stays silent (no per-tick toast)
     and, on a Hub read failure, returns the current frame unchanged so a
     transient blip never blanks the table or drops the user's selection.
+    Non-admins get an empty frame so the (hidden) table is never fed data.
     """
+    if not is_admin(profile):
+        return _empty_admin_table()
     admin_df, error = _safe_load_admin()
     if error:
         return current_df if current_df is not None else admin_df
@@ -1123,116 +1149,124 @@ to publish the resulting row on the public leaderboard.
         gr.Markdown(ABOUT_MD)
 
     with gr.Tab("Admin"):
-        # Maintainer-only controls. The tab is visible to everyone (a
-        # hint the path exists); the table + buttons are gated to OAuth
-        # users in the CADGENBENCH_ADMINS set via the `blocks.load`
-        # handler below + a server-side re-check in every handler. See
-        # decisions/validation-policy.md.
-        gr.Markdown(
-            "## Admin\n"
-            "Tick rows in the **select** column, then promote them into the "
-            "**Validated** tier (recording an evidence type), demote them back "
-            "to **Unvalidated**, delete them, or rescore them against the "
-            "current ground truth. Actions apply to every ticked row at once. "
-            "Limited to maintainers in the admin set; everyone else sees the "
-            "tab with the controls disabled."
-        )
+        # Maintainer-only controls. The Admin *tab* is visible to everyone
+        # (a hint the path exists), but ALL admin UI -- the table, the
+        # actions, the danger zones -- lives in `admin_panel`, a column that
+        # stays hidden unless the logged-in user is in CADGENBENCH_ADMINS.
+        # The `blocks.load` handler below flips that column's visibility and
+        # only loads table data for admins; a server-side `is_admin` re-check
+        # still guards every handler. Non-admins (and logged-out visitors)
+        # see only the login/logout button + a status line, nothing else.
+        # See decisions/validation-policy.md.
         admin_login_btn = gr.LoginButton()
         admin_status = gr.Markdown(
-            "Log in with an admin account to enable the controls below."
-        )
-        # Only the leading `select` column is editable; the rest is
-        # read-only context. Click-to-tick drives every action below.
-        # `_safe_load_admin` keeps a Hub read failure from crashing the
-        # Space at boot (the admin table loads at construction time).
-        initial_admin_table, _ = _safe_load_admin()
-        admin_table = gr.Dataframe(
-            value=initial_admin_table,
-            datatype=[
-                "bool", "str", "str", "str", "str", "str", "str", "number",
-                "str",
-            ],
-            static_columns=list(range(1, len(ADMIN_COLUMNS))),
-            interactive=False,
-            label="Submissions (tick select to choose rows)",
-            wrap=True,
+            "Log in with an admin account to access the controls."
         )
-        admin_selection_md = gr.Markdown("_No rows selected._")
-        admin_method_radio = gr.Radio(
-            choices=list(VALID_METHODS),
-            value="manual",
-            label="validation_method (applied to all rows on promote)",
-            interactive=False,
-        )
-        with gr.Row():
-            promote_btn = gr.Button(
-                "Mark validated", variant="primary", interactive=False,
-            )
-            demote_btn = gr.Button("Mark unvalidated", interactive=False)
-        with gr.Accordion("Danger zone: delete", open=False):
+        # Everything below is admin-only: hidden by default, revealed by
+        # `_gate_admin_controls` only for a logged-in user in the admin set.
+        with gr.Column(visible=False) as admin_panel:
             gr.Markdown(
-                "Permanently deletes the ticked rows **and** their uploaded "
-                "zip + report files from the submissions dataset. This cannot "
-                "be undone (only a manual revert of the dataset commit).\n\n"
-                "**Stop & delete** additionally cancels any still-running "
-                "evaluation job(s) for the ticked rows before deleting — use "
-                "it for pending submissions whose GPU eval is in flight."
+                "## Admin\n"
+                "Tick rows in the **select** column, then promote them into "
+                "the **Validated** tier (recording an evidence type), demote "
+                "them back to **Unvalidated**, delete them, or rescore them "
+                "against the current ground truth. Actions apply to every "
+                "ticked row at once."
+            )
+            # Only the leading `select` column is editable; the rest is
+            # read-only context. Click-to-tick drives every action below.
+            # Starts empty; `_gate_admin_controls` loads rows on page load
+            # for admins only, so non-admins never receive the data.
+            admin_table = gr.Dataframe(
+                value=_empty_admin_table(),
+                datatype=[
+                    "bool", "str", "str", "str", "str", "str", "str",
+                    "number", "str",
+                ],
+                static_columns=list(range(1, len(ADMIN_COLUMNS))),
+                interactive=False,
+                label="Submissions (tick select to choose rows)",
+                wrap=True,
             )
-            delete_confirm = gr.Checkbox(
-                label=(
-                    "I understand this permanently deletes the selected "
-                    "submissions and their files."
-                ),
-                value=False,
+            admin_selection_md = gr.Markdown("_No rows selected._")
+            admin_method_radio = gr.Radio(
+                choices=list(VALID_METHODS),
+                value="manual",
+                label="validation_method (applied to all rows on promote)",
                 interactive=False,
             )
             with gr.Row():
-                delete_btn = gr.Button(
-                    "Delete selected", variant="stop", interactive=False,
+                promote_btn = gr.Button(
+                    "Mark validated", variant="primary", interactive=False,
                 )
-                stop_delete_btn = gr.Button(
-                    "Stop & delete selected", variant="stop",
+                demote_btn = gr.Button("Mark unvalidated", interactive=False)
+            with gr.Accordion("Danger zone: delete", open=False):
+                gr.Markdown(
+                    "Permanently deletes the ticked rows **and** their "
+                    "uploaded zip + report files from the submissions "
+                    "dataset. This cannot be undone (only a manual revert of "
+                    "the dataset commit).\n\n"
+                    "**Stop & delete** additionally cancels any still-running "
+                    "evaluation job(s) for the ticked rows before deleting — "
+                    "use it for pending submissions whose GPU eval is in "
+                    "flight."
+                )
+                delete_confirm = gr.Checkbox(
+                    label=(
+                        "I understand this permanently deletes the selected "
+                        "submissions and their files."
+                    ),
+                    value=False,
                     interactive=False,
                 )
-        with gr.Accordion("Danger zone: rescore", open=False):
-            gr.Markdown(
-                "Re-evaluates submissions against the **current** "
-                "ground truth + data: each row flips back to pending, the "
-                "gallery renders and the per-submission report HTML are "
-                "regenerated, and the score is recomputed. Use after a "
-                "ground-truth swap or a metric change that invalidates the "
-                "existing scores.\n\n"
-                "Rescoring is **re-runnable**: if a row's eval fails, mark it "
-                "and rescore again (or rescore all) — each run is "
-                "independent and converges.\n\n"
-                "- **Rescore selected** re-evaluates the ticked rows.\n"
-                f"- **Rescore all** re-evaluates every submission that has a "
-                f"stored zip and isn't already pending — type "
-                f"`{RESCORE_ALL_PHRASE}` to arm it."
-            )
-            rescore_confirm = gr.Checkbox(
-                label=(
-                    "I understand this flips the selected rows to pending and "
-                    "recomputes their scores."
-                ),
-                value=False,
-                interactive=False,
-            )
-            rescore_selected_btn = gr.Button(
-                "Rescore selected", variant="stop", interactive=False,
-            )
-            rescore_all_phrase = gr.Textbox(
-                label=(
-                    f"Type '{RESCORE_ALL_PHRASE}' to arm the board-wide "
-                    f"rescore"
-                ),
-                placeholder=RESCORE_ALL_PHRASE,
-                interactive=False,
-            )
-            rescore_all_btn = gr.Button(
-                "Rescore ALL submissions", variant="stop", interactive=False,
-            )
-        admin_refresh_btn = gr.Button("Refresh", size="sm")
+                with gr.Row():
+                    delete_btn = gr.Button(
+                        "Delete selected", variant="stop", interactive=False,
+                    )
+                    stop_delete_btn = gr.Button(
+                        "Stop & delete selected", variant="stop",
+                        interactive=False,
+                    )
+            with gr.Accordion("Danger zone: rescore", open=False):
+                gr.Markdown(
+                    "Re-evaluates submissions against the **current** "
+                    "ground truth + data: each row flips back to pending, the "
+                    "gallery renders and the per-submission report HTML are "
+                    "regenerated, and the score is recomputed. Use after a "
+                    "ground-truth swap or a metric change that invalidates "
+                    "the existing scores.\n\n"
+                    "Rescoring is **re-runnable**: if a row's eval fails, "
+                    "mark it and rescore again (or rescore all) — each run is "
+                    "independent and converges.\n\n"
+                    "- **Rescore selected** re-evaluates the ticked rows.\n"
+                    f"- **Rescore all** re-evaluates every submission that "
+                    f"has a stored zip and isn't already pending — type "
+                    f"`{RESCORE_ALL_PHRASE}` to arm it."
+                )
+                rescore_confirm = gr.Checkbox(
+                    label=(
+                        "I understand this flips the selected rows to pending "
+                        "and recomputes their scores."
+                    ),
+                    value=False,
+                    interactive=False,
+                )
+                rescore_selected_btn = gr.Button(
+                    "Rescore selected", variant="stop", interactive=False,
+                )
+                rescore_all_phrase = gr.Textbox(
+                    label=(
+                        f"Type '{RESCORE_ALL_PHRASE}' to arm the board-wide "
+                        f"rescore"
+                    ),
+                    placeholder=RESCORE_ALL_PHRASE,
+                    interactive=False,
+                )
+                rescore_all_btn = gr.Button(
+                    "Rescore ALL submissions", variant="stop",
+                    interactive=False,
+                )
+            admin_refresh_btn = gr.Button("Refresh", size="sm")
 
         admin_table.change(
             fn=_admin_selection_status,
@@ -1331,12 +1365,14 @@ to publish the resulting row on the public leaderboard.
     blocks.load(fn=_gallery_iframe_html, outputs=gallery_html)
     blocks.load(fn=_tasks_iframe_html, outputs=tasks_html)
 
-    # Same per-load OAuth read, gating the Admin tab's controls on
-    # membership in the CADGENBENCH_ADMINS set. Logged-out / non-admin
-    # visitors get the tab with everything disabled.
+    # Same per-load OAuth read, gating the Admin tab on membership in the
+    # CADGENBENCH_ADMINS set. Logged-out / non-admin visitors get the
+    # admin_panel hidden entirely (no table, no controls) -- just the
+    # login/logout button and a status line.
     blocks.load(
         fn=_gate_admin_controls,
         outputs=[
+            admin_panel,
             admin_table,
             admin_method_radio,
             promote_btn,

tests/test_proxy.py

@@ -185,13 +185,45 @@ def test_gate_admin_controls_refreshes_live_table(monkeypatch):
     monkeypatch.setattr(app, "_safe_load_admin", lambda: (live_df, None))
     monkeypatch.setattr(app, "is_admin", lambda profile: True)
 
-    table_update = app._gate_admin_controls(types.SimpleNamespace(username="michaelr27"))[0]
+    updates = app._gate_admin_controls(types.SimpleNamespace(username="michaelr27"))
+    # [0] is now the admin_panel Column (visible for admins); [1] is the table.
+    panel_update, table_update = updates[0], updates[1]
 
+    assert panel_update.visible is True
     assert table_update.value["headers"] == leaderboard.ADMIN_COLUMNS
     assert table_update.value["data"][0][3] == "UC3 e2e test 20260602-205316"
     assert table_update.interactive is True
 
 
+def test_gate_admin_controls_hides_panel_for_non_admin(monkeypatch):
+    """Non-admins get the panel hidden and no submission data in the table."""
+    live_df = pd.DataFrame(
+        [{"select": False, "submission_id": "secret-row"}],
+        columns=leaderboard.ADMIN_COLUMNS,
+    )
+
+    def _boom():
+        raise AssertionError("_safe_load_admin must not run for non-admins")
+
+    monkeypatch.setattr(app, "_safe_load_admin", _boom)
+    monkeypatch.setattr(app, "is_admin", lambda profile: False)
+
+    updates = app._gate_admin_controls(types.SimpleNamespace(username="someone"))
+    panel_update, table_update = updates[0], updates[1]
+
+    assert panel_update.visible is False
+    assert table_update.interactive is False
+    # No rows are streamed to a non-admin (empty frame, headers only).
+    assert table_update.value["data"] == []
+
+
+def test_gate_admin_controls_logged_out_hides_panel(monkeypatch):
+    """A logged-out visitor (profile=None) also gets the panel hidden."""
+    monkeypatch.setattr(app, "is_admin", lambda profile: False)
+    updates = app._gate_admin_controls(None)
+    assert updates[0].visible is False
+
+
 def test_admin_delete_refreshes_gallery(monkeypatch):
     """Deleting rows also replaces the Gallery iframe srcdoc."""
     table_df = pd.DataFrame(