pkartch/basil
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 6 Wiki Activity
Files
main
basil/packages/web
History
Paul R Kartchner c3e3d66fef
Some checks failed
Basil CI/CD Pipeline / Code Linting (push) Successful in 3m18s
Details
Basil CI/CD Pipeline / Web Tests (push) Successful in 3m31s
Details
Basil CI/CD Pipeline / Security Scanning (push) Has been cancelled
Details
Basil CI/CD Pipeline / API Tests (push) Failing after 3m56s
Details
Basil CI/CD Pipeline / Shared Package Tests (push) Successful in 3m11s
Details
Basil CI/CD Pipeline / Trigger Deployment (push) Has been cancelled
Details
Basil CI/CD Pipeline / Build All Packages (push) Has been cancelled
Details
Basil CI/CD Pipeline / E2E Tests (push) Has been cancelled
Details
Basil CI/CD Pipeline / Build & Push Docker Images (push) Has been cancelled
Details
feat: add family-based multi-tenant access control 
Introduces Family as the tenant boundary so recipes and cookbooks can be
scoped per household instead of every user seeing everything. Adds a
centralized access filter, an invite/membership UI, a first-login prompt
to create a family, and locks down the previously unauthenticated backup
routes to admin only.

- Family and FamilyMember models with OWNER/MEMBER roles; familyId on
  Recipe and Cookbook (ON DELETE SET NULL so deleting a family orphans
  content rather than destroying it).
- access.service.ts composes a single WhereInput covering owner, family,
  PUBLIC visibility, and direct share; admins short-circuit to full
  access.
- recipes/cookbooks routes now require auth, strip client-supplied
  userId/familyId on create, and gate mutations with canMutate checks.
  Auto-filter helpers scoped to the same family to prevent cross-tenant
  leakage via shared tag names.
- families.routes.ts exposes list/create/get/rename/delete plus
  add/remove member, with last-owner protection on removal.
- FamilyGate component blocks the authenticated UI with a modal if the
  user has zero memberships, prompting them to create their first
  family; Family page provides ongoing management.
- backup.routes.ts now requires admin; it had no auth at all before.
- Bumps version to 2026.04.008 and documents the monotonic PPP counter
  in CLAUDE.md.

Migration SQL is generated locally but not tracked (per existing
.gitignore); apply 20260416010000_add_family_tenant to prod during
deploy. Run backfill-family-tenant.ts once post-migration to assign
existing content to a default owner's family.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-04-17 08:08:10 -06:00
..
src
feat: add family-based multi-tenant access control
2026-04-17 08:08:10 -06:00
.env.example
feat: add frontend authentication with React context and protected routes
2025-11-25 05:54:26 +00:00
.eslintrc.json
first commit
2025-10-21 22:04:03 -06:00
Dockerfile
first commit
2025-10-21 22:04:03 -06:00
index.html
first commit
2025-10-21 22:04:03 -06:00
nginx.conf
fix: add CORS headers to nginx proxy configuration
2025-11-26 15:42:45 +00:00
package.json
feat: add CI/CD pipeline, backup system, and deployment automation
2025-12-08 05:04:39 +00:00
tsconfig.json
feat: upgrade recipe scraper to Python recipe-scrapers library (v2025.10.1)
2025-10-28 17:51:39 +00:00
tsconfig.node.json
first commit
2025-10-21 22:04:03 -06:00
vite.config.ts
first commit
2025-10-21 22:04:03 -06:00
vitest.config.ts
feat: add comprehensive testing infrastructure
2025-10-28 02:03:52 -06:00
vitest.setup.ts
feat: add comprehensive testing infrastructure
2025-10-28 02:03:52 -06:00