Paperclip
7fe578aeef
When a customer (e.g. uat-customer@groombook.dev) signs in via Better Auth and calls GET /api/pets/{ownPetId}/profile-summary with their portal session header, the staff RBAC middleware auto-provisions a 'groomer' staff row for them (rbac.ts) and the profile-summary route's groomerLinkageCheck then denies the request with 403 Forbidden, because the auto-provisioned customer-as-groomer has no appointment linkage. This adds an owner-bypass: when a groomer-role staff row is making the request with a valid X-Impersonation-Session-Id header, and the resolved impersonation session's clientId matches the pet's clientId, we treat the caller as the pet's owner and skip the groomerLinkageCheck. The bypass is intentionally scoped to the profile-summary endpoint and to the existing portal session mechanism (no new roles, no staff-row shape changes). Cross-tenant access is still blocked because the bypass requires session.clientId === pet.clientId. Co-Authored-By: Paperclip <noreply@paperclip.ing>
GroomBook API
GroomBook API service — extracted from the groombook/app monorepo.
Overview
This repository contains the GroomBook API service, including:
- REST API endpoints
- Database schema and migrations (via Drizzle ORM)
- Authentication (via Better Auth)
- Background job handlers
Structure
src/ # API service source
packages/db/ # Database schema, migrations, and utilities
packages/types/ # Shared TypeScript types
Setup
pnpm install
cp .env.example .env # Fill in required environment variables
pnpm --filter @groombook/api dev
Docker
docker build -t ghcr.io/groombook/api:latest .
docker run -p 3000:3000 ghcr.io/groombook/api:latest
License
AGPL-3.0-only