MasterMito/work-club-manager
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases 1 Wiki Activity

fix: exempt /api/clubs/me from tenant validation

Browse Source 
- Add path exemption in TenantValidationMiddleware for /api/clubs/me
- Change authorization policy from RequireMember to RequireViewer
- Fix KEYCLOAK_CLIENT_ID in docker-compose.yml (workclub-app not workclub-api)
- Endpoint now works without X-Tenant-Id header as intended
- Other endpoints still protected by tenant validation

This fixes the chicken-and-egg problem where frontend needs to call
/api/clubs/me to discover available clubs before selecting a tenant.
This commit is contained in:
WorkClub Automation
2026-03-05 21:32:37 +01:00
parent 18be0fb183
commit ffc4062eba
45 changed files with 5519 additions and 579 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
.sisyphus/evidence/final-qa/s42-51-journey-task-complete.json Normal file
View File

@@ -0,0 +1,12 @@
{
"id": "bd0f0e4e-7af2-4dbd-ab55-44d3afe5cfad",
"title": "Replace court net",
"description": "Replace worn center court net with new professional-grade net",
"status": "Done",
"assigneeId": "5b95df8c-6425-4634-bb5e-f5240bc98b88",
"createdById": "0fae5846-067b-4671-9eb9-d50d21d18dfe",
"clubId": "00000000-0000-0000-0000-000000000000",
"dueDate": "2026-03-20T23:59:59+00:00",
"createdAt": "2026-03-05T20:08:44.837584+00:00",
"updatedAt": "2026-03-05T20:09:06.6351145+00:00"
}