work-club-manager

MasterMito/work-club-manager

Fork 0

Commit Graph

Author	SHA1	Message	Date
WorkClub Automation	18be0fb183	fix: exempt /api/clubs/me from tenant validation - Add path exemption in TenantValidationMiddleware for /api/clubs/me - Change authorization policy from RequireMember to RequireViewer - Fix KEYCLOAK_CLIENT_ID in docker-compose.yml (workclub-app) - Resolves frontend chicken-and-egg problem for club discovery Verified: - /api/clubs/me returns 200 OK without X-Tenant-Id header - /api/tasks still requires X-Tenant-Id (400 Bad Request) - Other endpoints unaffected	2026-03-05 21:32:34 +01:00
WorkClub Automation	db880b3480	feat(clubs): add Club and Member API endpoints with auto-sync Implement Task 16: Club + Member API endpoints with MemberSyncService Services: - ClubService: GetMyClubsAsync (user's clubs), GetCurrentClubAsync (tenant club) - MemberService: GetMembersAsync (list), GetMemberByIdAsync, GetCurrentMemberAsync - MemberSyncService: Auto-creates Member records from JWT on first request Middleware: - MemberSyncMiddleware: Runs after auth, calls MemberSyncService Endpoints: - GET /api/clubs/me (list user's clubs) - GET /api/clubs/current (current tenant's club) - GET /api/members (list members, RLS filtered) - GET /api/members/{id} (member detail) - GET /api/members/me (current user's membership) Tests: 14 integration tests (6 club + 8 member) - Club filtering by user membership - Multi-tenant isolation via RLS - Member auto-sync on first request - Cross-tenant access blocked - Role-based authorization Build: 0 errors, all tests compile Pattern: TypedResults, RequireAuthorization policies, TDD approach	2026-03-03 19:41:01 +01:00

Author

SHA1

Message

Date

WorkClub Automation

18be0fb183

fix: exempt /api/clubs/me from tenant validation

- Add path exemption in TenantValidationMiddleware for /api/clubs/me
- Change authorization policy from RequireMember to RequireViewer
- Fix KEYCLOAK_CLIENT_ID in docker-compose.yml (workclub-app)
- Resolves frontend chicken-and-egg problem for club discovery

Verified:
- /api/clubs/me returns 200 OK without X-Tenant-Id header
- /api/tasks still requires X-Tenant-Id (400 Bad Request)
- Other endpoints unaffected

2026-03-05 21:32:34 +01:00

WorkClub Automation

db880b3480

feat(clubs): add Club and Member API endpoints with auto-sync

Implement Task 16: Club + Member API endpoints with MemberSyncService

Services:
- ClubService: GetMyClubsAsync (user's clubs), GetCurrentClubAsync (tenant club)
- MemberService: GetMembersAsync (list), GetMemberByIdAsync, GetCurrentMemberAsync
- MemberSyncService: Auto-creates Member records from JWT on first request

Middleware:
- MemberSyncMiddleware: Runs after auth, calls MemberSyncService

Endpoints:
- GET /api/clubs/me (list user's clubs)
- GET /api/clubs/current (current tenant's club)
- GET /api/members (list members, RLS filtered)
- GET /api/members/{id} (member detail)
- GET /api/members/me (current user's membership)

Tests: 14 integration tests (6 club + 8 member)
- Club filtering by user membership
- Multi-tenant isolation via RLS
- Member auto-sync on first request
- Cross-tenant access blocked
- Role-based authorization

Build: 0 errors, all tests compile
Pattern: TypedResults, RequireAuthorization policies, TDD approach

2026-03-03 19:41:01 +01:00

2 Commits