Lars/shinkan-jinkendo
1
0
Fork 0
Code Issues 7 Pull Requests Actions Packages Projects Releases 3 Wiki Activity
5aee9c52fc
shinkan-jinkendo/.claude/docs/working/ACCESS_LAYER_ENDPOINT_AUDIT.md
Lars 5aee9c52fc
Some checks failed
Deploy Development / deploy (push) Successful in 37s
Details
Test Suite / lint-backend (push) Successful in 0s
Details
Test Suite / build-frontend (push) Successful in 6s
Details
Test Suite / playwright-tests (push) Failing after 34s
Details
feat: integrate tenant context across club-related APIs 
- Refactored club join requests, memberships, and clubs routers to utilize TenantContext for authentication and authorization, enhancing security and consistency.
- Updated session handling to replace direct session dictionary access with TenantContext, improving code clarity and maintainability.
- Ensured proper role and profile ID retrieval from TenantContext in various endpoints, streamlining access control for club management functionalities.
2026-05-05 22:05:10 +02:00

2.3 KiB
Raw Blame History

Endpoint-Audit: Mandanten & Governance

Fortlaufend gemäß ACCESS_LAYER_AND_GOVERNANCE_PLAN.md Stufe AC.

Router / Bereich Beispiel-Endpunkt tenant-relevant Depends(get_tenant_context) / Kontext Governance geprüft (Liste+Detail) Notizen
profiles GET /api/profiles/me ja resolve_tenant_context inline (invalid_header_policy=ignore) teils + effective_club_id; veralteter Header bricht Refresh nicht
profiles PUT /api/profiles/{id}, PUT /api/profile ja get_tenant_context active_club_id Mitgliedschaft Validiert X-Active-Club-Id konsistent zu Mitgliedschaft
clubs geschützte /api/clubs*, /divisions*, /groups* ja get_tenant_context Mitgliedschaft / can_manage_* Öffentlich: /clubs/public-directory ohne Auth
club_memberships /clubs/{id}/members* ja get_tenant_context ja
club_join_requests /me/club-join-requests, /clubs/{id}/join-requests* ja get_tenant_context ja
exercises alle geschützten /api/exercises* ja get_tenant_context ja
exercise_progression_graphs /api/exercise-progression-graphs* ja get_tenant_context Liste wie Bibliothek; Schreiben Ersteller/Plattform-Admin Kanten: Lesen wenn Graph lesbar
training_planning alle geschützten Endpoints ja get_tenant_context ja Vorlagen-Liste wie Übungen; POST Vorlage Default club_id
training_framework_programs alle geschützten Endpoints ja get_tenant_context ja Liste + POST Default club_id
admin_users GET /api/admin/users Plattform optional Admin-Rolle
Sonstige skills, methods, catalogs zu klären oft global Zeilen ergänzen

Legende: „zu klären“ = keine Vereinsdaten oder globales Lesen; bei neuem Bezug zu club_id/visibility nachziehen.

Letzte Änderung: 2026-05-05 — Vereins-/Mitgliedschafts-/Antrags-Router und Profil-PUT auf get_tenant_context; Progressionsgraphen Sichtbarkeit wie Bibliothek.

Hinweis GET /training-units

Kein impliziter Filter nach effective_club_id (Multi-Verein-Kalender); bei Bedarf club_id Query setzen.