marketing-shibata50/multica
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
multica/server/internal/handler
History
Jiayuan f4a6e7c475 refactor(server): consolidate workspace permission checks into middleware 
Move workspace membership and role validation from individual handlers
into dedicated Chi middleware. The new middleware resolves workspace ID
(from query param, X-Workspace-ID header, or URL param), validates
membership via DB, and injects the member into request context.

Handlers now read workspace ID and member from context instead of
calling requireWorkspaceMember/requireWorkspaceRole directly. This
eliminates ~17 duplicated permission checks across handlers and makes
it harder to accidentally omit access control on new routes.
2026-03-30 03:40:20 +08:00
..
activity.go feat(activity): unified activity timeline with comment reply support 2026-03-28 21:53:08 +08:00
activity_test.go feat(activity): unified activity timeline with comment reply support 2026-03-28 21:53:08 +08:00
agent.go refactor(server): consolidate workspace permission checks into middleware 2026-03-30 03:40:20 +08:00
auth.go fix(auth): reduce verification code rate limit from 60s to 10s 2026-03-26 15:44:05 +08:00
comment.go fix(handler): attribute agent CLI actions to agent identity 2026-03-30 02:41:51 +08:00
daemon.go merge: resolve conflicts with main (workdir reuse) 2026-03-29 19:42:51 +08:00
daemon_pairing.go feat(runtime): add local codex daemon pairing 2026-03-24 12:03:14 +08:00
handler.go refactor(server): consolidate workspace permission checks into middleware 2026-03-30 03:40:20 +08:00
handler_test.go feat(issues): add human-readable issue identifiers (e.g. JIA-1) 2026-03-29 16:49:55 +08:00
inbox.go feat(inbox): scope all inbox queries by workspace_id 2026-03-29 17:42:45 +08:00
issue.go refactor(server): consolidate workspace permission checks into middleware 2026-03-30 03:40:20 +08:00
personal_access_token.go feat(auth): email verification login and personal access tokens 2026-03-26 14:32:30 +08:00
runtime.go refactor(server): consolidate workspace permission checks into middleware 2026-03-30 03:40:20 +08:00
runtime_ping.go feat(runtimes): add Runtimes tab with usage tracking and connection test 2026-03-26 18:28:36 +08:00
skill.go refactor(server): consolidate workspace permission checks into middleware 2026-03-30 03:40:20 +08:00
subscriber.go fix(subscribers): pass user_type to subscribe/unsubscribe API for correct agent handling 2026-03-28 20:56:37 +08:00
subscriber_test.go feat(notifications): replace hardcoded inbox notifications with subscriber-driven model 2026-03-28 19:33:20 +08:00
workspace.go refactor(server): consolidate workspace permission checks into middleware 2026-03-30 03:40:20 +08:00