8 Commits

Author	SHA1	Message	Date
Flea Flicker	1f888ac716	security(audit): log owner-bypass reads in GET /pets/:id/profile-summary (GRO-2062) ... Adds a defense-in-depth audit row to impersonationAuditLogs when the staff-side owner-bypass path fires. Mirrors the failure-isolation pattern in src/middleware/portalAudit.ts: insert failures are logged and swallowed so a working read can never turn into a 500. - New writeOwnerBypassAudit helper called only when isOwner === true. - No DB migration; petId + actorStaffId go inside metadata jsonb. - resolveImpersonationClientId stays pure (no audit side effects). - Positive + negative tests + a cross-tenant regression test. - UAT_PLAYBOOK.md §3.19d: TC-API-3.19d documents the audit assertion. Parent tracking: GRO-2062 (Paperclip). Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>	2026-06-02 04:10:58 +00:00
Flea Flicker	91eb2ccf71	fix(rbac): port Better-Auth user auto-provision into legacy ./src tree (GRO-2052) (#143) ... fix(rbac): port Better-Auth user auto-provision into legacy ./src tree (GRO-2052) Ports the Better-Auth user-table auto-provision branch from canonical apps/api into the deployed ./src/middleware/rbac.ts so the owner-bypass in pets.ts is reachable for Better-Auth email/password customers. OIDC account branch retained as backward-compat fallback. Adds 5 rbac.test.ts cases and UAT_PLAYBOOK pre-condition docs. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> Co-authored-by: Flea Flicker <flea@groombook.dev> Co-committed-by: Flea Flicker <flea@groombook.dev>	2026-06-02 02:40:43 +00:00
The Dogfather	a2b09ba502	fix(pets): port owner-bypass into deployed tree (GRO-2013) (#139)	2026-06-01 20:06:24 +00:00
Flea Flicker	fee62c895d	fix(api): GRO-2014 — profile-summary 500 → 404/401/JSON-500 (#137)	2026-06-01 18:16:29 +00:00
Flea Flicker	280c699d0d	fix(seed): add uat-customer client record for SSO bridge UAT (GRO-1935) (#104)	2026-05-30 03:10:48 +00:00
Flea Flicker	b96b6c06fc	fix: add missing getAuth import and fix db.insert() mock chain ... Fixes two bugs found in QA review: - ReferenceError: getAuth not defined in beforeEach - add import - TypeError: wrong mock chain insert().into().values() vs insert().values() Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-05-28 15:59:41 +00:00
Flea Flicker	7e329ff72f	fix(gro-1866): add session-from-auth portal endpoint and role scope ... Adds POST /api/portal/session-from-auth which bridges a valid Better Auth customer session (from SSO login) to a portal impersonation session, so real SSO customers can access the client portal. The endpoint is registered before the validatePortalSession catch-all so it is not subject to that middleware. It validates the Better Auth session from request cookies, looks up the client by email, creates an active impersonation session, and returns { sessionId, clientId, clientName }. Also adds "role" to the genericOAuth scopes so Authentik propagates the role claim into Better Auth user objects (GRO-1862 root cause fix). Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-05-28 15:00:15 +00:00
Chris Farhood	abac9dfe6c	Extract groombook/api from monorepo with CI workflow ... - Add source code from apps/api - Add packages/db and packages/types workspace dependencies - Add GitHub Actions CI workflow (lint, typecheck, test, docker) - Generate pnpm-lock.yaml - Add .gitignore Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-05-11 01:26:56 +00:00