janpeter/Scrum4Me
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix: sprint board accessible to product members, not only owners

Browse source 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Janpeter Visser 2026-04-26 17:25:10 +02:00
parent af4a357709
commit d27c55c7fc
1 changed files with 5 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

12
app/(app)/products/[id]/sprint/page.tsx
View file

@ -1,7 +1,6 @@
import { notFound, redirect } from 'next/navigation'
import { cookies } from 'next/headers'
import { getIronSession } from 'iron-session'
import { SessionData, sessionOptions } from '@/lib/session'
import { getSession } from '@/lib/auth'
import { getAccessibleProduct } from '@/lib/product-access'
import { prisma } from '@/lib/prisma'
import { SprintBoardClient } from '@/components/sprint/sprint-board-client'
import { SprintHeader } from '@/components/sprint/sprint-header'
@ -15,11 +14,10 @@ interface Props {
export default async function SprintBoardPage({ params }: Props) {
const { id } = await params
const session = await getIronSession<SessionData>(await cookies(), sessionOptions)
const session = await getSession()
if (!session.userId) redirect('/login')
const product = await prisma.product.findFirst({
where: { id, user_id: session.userId },
})
const product = await getAccessibleProduct(id, session.userId)
if (!product) notFound()
const sprint = await prisma.sprint.findFirst({