oys/oysqn.app
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(edge-fn): replace getClaims with adminClient.auth.getUser(token)

Browse Source 
fix(edge-fn): use user.id instead of claims.sub; fixes 500s and false cert_required
fix(migrations): drop broad reservations SELECT policy; add reservation_slots view with security_invoker=false
fix(tests): correct weekSlot() keys from start/end to start_time/end_time
fix(tests): spread overlap test slots across separate ISO weeks
fix(tests): update e2e assertion to match actual authenticated home text
fix(app): hide IonMenu before user is authenticated
feat(dx): add test:all script running unit, integration, and e2e in sequence
docs(claude-md): document SELinux fix, Edge Function auth pattern, security_invoker behaviour
This commit is contained in:
Patrick Toal
2026-04-20 14:32:37 -04:00
parent d07a02c9dc
commit 108c042921
33 changed files with 2745 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
tests/e2e/auth.spec.ts
View File

@@ -35,7 +35,7 @@ test.describe('Auth flow', () => {
// Auth callback redirects to home (authenticated state)
await expect(page).toHaveURL('/')
await expect(page.getByText('Welcome to OYS Borrow a Boat')).toBeVisible()
await expect(page.getByText('Upcoming Reservations')).toBeVisible()
})
test('unauthenticated access to protected route redirects to splash', async ({ page }) => {