chore: promote dev → uat (GRO-1036 security fixes) #386

Merged

the-dogfather-cto[bot] merged 2 commits from dev into uat

2026-05-04 22:53:59 +00:00

Author	SHA1	Message	Date
the-dogfather-cto[bot]	9363929f32	Merge pull request #385 from groombook/fix/GRO-1036-security-findings fix(GRO-1036): secure stats endpoint + restore refund preconditions	2026-05-04 22:43:41 +00:00
Chris Farhood	2c2a69f20b	fix(GRO-1036): secure /api/invoices/stats/summary and refund endpoint - Add requireRole('manager') auth middleware to /stats/summary handler (was completely unauthenticated, exposing revenue/PII stats) - Restore stripePaymentIntentId pre-condition check on refund: return 422 when invoice has no Stripe payment intent (prevents manual_ refund abuse) - Remove groomer from refund role check (CTO ruling: manager-only) - Remove manual refund branch since precondition now guarantees Stripe ID - Move processRefund import to top of file Fixes GRO-1036/GRO-1035 security findings. Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-05-04 22:37:23 +00:00

Author

SHA1

Message

Date

the-dogfather-cto[bot]

9363929f32

Merge pull request #385 from groombook/fix/GRO-1036-security-findings

fix(GRO-1036): secure stats endpoint + restore refund preconditions

2026-05-04 22:43:41 +00:00

Chris Farhood

2c2a69f20b

fix(GRO-1036): secure /api/invoices/stats/summary and refund endpoint

- Add requireRole('manager') auth middleware to /stats/summary handler
  (was completely unauthenticated, exposing revenue/PII stats)
- Restore stripePaymentIntentId pre-condition check on refund: return 422
  when invoice has no Stripe payment intent (prevents manual_ refund abuse)
- Remove groomer from refund role check (CTO ruling: manager-only)
- Remove manual refund branch since precondition now guarantees Stripe ID
- Move processRefund import to top of file

Fixes GRO-1036/GRO-1035 security findings.

Co-Authored-By: Paperclip <noreply@paperclip.ing>

2026-05-04 22:37:23 +00:00

chore: promote dev → uat (GRO-1036 security fixes) #386

2 Commits