Severity: Info / Hardening
Finding ID: I-10
Source: SECURITY.md
Description:
requireRole('org_admin'), requireSameOrg(session, resource) — to reduce the number of repeated (and repeatedly forgotten) checks.
Fix direction:
Build the helpers in apps/web/lib/auth/guards.ts; migrate actions over and add a lint rule that flags raw session comparisons.
This issue tracks a finding from the pre-pentest internal code audit.
Severity: Info / Hardening
Finding ID: I-10
Source: SECURITY.md
Description:
requireRole('org_admin'),requireSameOrg(session, resource)— to reduce the number of repeated (and repeatedly forgotten) checks.Fix direction:
Build the helpers in
apps/web/lib/auth/guards.ts; migrate actions over and add a lint rule that flags raw session comparisons.This issue tracks a finding from the pre-pentest internal code audit.