groombook/api
13
0
Fork 0
Code Issues 2 Pull Requests Actions Packages Projects Releases Wiki Activity

fix(gro-1866): address QA review failures — portalSession null-guard,
CI / Test (push) Successful in 32s
Details
CI / Lint & Typecheck (push) Successful in 34s
Details
CI / Build & Push Docker Images (push) Successful in 2m34s
Details

Browse Source 
email null-dereference guard, externalize DEMO_STAFF_ID

1. portal.ts:138 — add null guard for portalSession before accessing .id
   (TS18048: 'portalSession' is possibly 'undefined')
2. rbac.ts:130 — guard jwt.email before split() to prevent runtime throw
3. portal.ts:39,105 — externalize DEMO_STAFF_ID as env var
   (process.env.DEMO_STAFF_ID ?? "00000000-...")

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
This commit is contained in:
Flea Flicker
2026-05-28 19:50:14 +00:00
parent 7bdb92999a
commit 2e0d63f7f6
2 changed files with 10 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/routes/portal.ts
+6 -2
View File
@@ -36,7 +36,7 @@ portalRouter.post(
return c.json({ error: "Client not found" }, 404);
}
const DEMO_STAFF_ID = "00000000-0000-0000-0000-000000000001";
const DEMO_STAFF_ID = process.env.DEMO_STAFF_ID ?? "00000000-0000-0000-0000-000000000001";
let staffId = DEMO_STAFF_ID;
const [demoStaff] = await db
@@ -102,7 +102,7 @@ portalRouter.post("/session-from-auth", async (c) => {
return c.json({ error: "No client record found for this user" }, 404);
}
const DEMO_STAFF_ID = "00000000-0000-0000-0000-000000000001";
const DEMO_STAFF_ID = process.env.DEMO_STAFF_ID ?? "00000000-0000-0000-0000-000000000001";
let staffId = DEMO_STAFF_ID;
const [demoStaff] = await db
@@ -133,6 +133,10 @@ portalRouter.post("/session-from-auth", async (c) => {
})
.returning();
if (!portalSession) {
return c.json({ error: "Failed to create session" }, 500);
}
return c.json(
{
sessionId: portalSession.id,