groombook/app
Archived
13
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
This repository has been archived on 2026-05-24. You can view files and clone it. You cannot open issues or pull requests or push a commit.
Files
57e9670410b252b582cc23ca2e2ada7070db1107
app/apps
T
History
groombook-engineer[bot] 57e9670410 fix(rbac): fallback lookup for staff records predating Better-Auth userId 
GRO-153: /api/staff returned 403 for all staff because resolveStaffMiddleware
looked up by staff.userId (Better-Auth ID) but dev login sent staff.id (PK),
and existing staff records had userId=NULL.

Changes:
- resolveStaffMiddleware: try userId first, fall back to staff.id (dev mode)
- resolveStaffMiddleware: try userId first, fall back to oidcSub (production)
- GET /api/dev/users: include userId field for DevLoginSelector
- DevLoginSelector: send userId (not staff.id) as X-Dev-User-Id
- Migration 0018: backfill userId for known demo staff

Co-Authored-By: Paperclip <noreply@paperclip.ing>
2026-03-28 01:48:25 +00:00
..
api
fix(rbac): fallback lookup for staff records predating Better-Auth userId
2026-03-28 01:48:25 +00:00
e2e
fix(e2e): add dev/config, dev/users, and branding mocks to navigation.spec.ts
2026-03-27 22:33:40 +00:00
web
fix(rbac): fallback lookup for staff records predating Better-Auth userId
2026-03-28 01:48:25 +00:00