feat(auth): restrict financial routes to GERENTE role (US00)#57
Conversation
…ate in effects (US1)
- Add requireRole() helper in src/lib/auth.ts with 5 unit tests (TDD) - Add FINANCIAL_ROUTES constant in src/lib/constants.ts (single source of truth) - Block RECEPCIONISTA/INSTRUTOR from /dashboard/financeiro and /dashboard/planos - Update DashboardLayout to fetch role and pass to DashboardNav - Hide financial nav items for non-GERENTE users in DashboardNav - Add server-side requireRole(Role.GERENTE) guard to financeiro and planos pages - Add GERENTE and RECEPCIONISTA funcionarios to prisma/seed.ts Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
|
Caution Review failedPull request was closed or merged during review 📝 WalkthroughWalkthroughThis PR strengthens TypeScript type safety across server actions and data fetchers by removing unsafe Changes
Estimated code review effort🎯 3 (Moderate) | ⏱️ ~20 minutes Poem
🚥 Pre-merge checks | ❌ 3❌ Failed checks (3 warnings)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches📝 Generate docstrings
🧪 Generate unit tests (beta)
Comment |
Fixes defu prototype pollution (GHSA-737v-mqg7-c878) and Vite path traversal issues (GHSA-4w7w-66w2-5vf9, GHSA-v2wj-q39q-566r, GHSA-p9ff-h696-f583). Remaining 3 moderate vulnerabilities in @hono/node-server require a Prisma breaking change and are out of scope. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Description
Implements US00: restricts
/dashboard/financeiroand/dashboard/planostoGERENTErole only via 3-layer enforcement (middleware + nav + page guards). Also fixes Portal do Aluno login being inaccessible due to middleware blocking/aluno/loginfor unauthenticated users.Type of Change
feat— New featurefix— Bug fixrefactor— Code refactor (no behavior change)test— Tests onlydocs— Documentation onlychore— Build, config, toolingci— CI/CD pipelineperf— Performance improvementRelated Documents
specs/003-002-us00-financial/spec.mdspecs/003-002-us00-financial/plan.mdspecs/003-002-us00-financial/tasks.mdChecklist
npm run typecheck— zero errorsnpm run lint— zero errorsnpm run format:check— no formatting issuesnpm run test:coverage— all tests pass (5 new unit tests forrequireRole)npx prisma migrate dev) — N/A (no schema changes)Layers of Enforcement (US00)
/dashboardbefore page rendersrequireRole(Role.GERENTE)as secondary guard before any Prisma queryTest Plan
/dashboard/financeiroand/dashboard/planosrender normally/dashboard/dashboard/aluno/login(bug fix verification)🤖 Generated with Claude Code