MasterMito/work-club-manager
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases 1 Wiki Activity
55 Commits 4 Branches 1 Tag
f8f3e0f01ea82113fd01b4391f792af17deae0f9
Commit Graph

2 Commits

Author SHA1 Message Date
WorkClub Automation
ffc4062eba fix: exempt /api/clubs/me from tenant validation 
- Add path exemption in TenantValidationMiddleware for /api/clubs/me
- Change authorization policy from RequireMember to RequireViewer
- Fix KEYCLOAK_CLIENT_ID in docker-compose.yml (workclub-app not workclub-api)
- Endpoint now works without X-Tenant-Id header as intended
- Other endpoints still protected by tenant validation

This fixes the chicken-and-egg problem where frontend needs to call
/api/clubs/me to discover available clubs before selecting a tenant.
 2026-03-05 21:32:37 +01:00
WorkClub Automation
5fb148a9eb chore(evidence): add QA evidence and notepads from debugging sessions 
Add comprehensive QA evidence including manual testing reports, RLS isolation
tests, API CRUD verification, JWT decoded claims, and auth evidence files.
Include updated notepads with decisions, issues, and learnings from full-stack
debugging sessions.

Co-authored-by: Sisyphus <clio-agent@sisyphuslabs.ai>
 2026-03-05 19:22:55 +01:00