From a1f5127e9866e9f20e78fd106d3f77dbeb7a7341 Mon Sep 17 00:00:00 2001 From: Michael Chihlas Date: Wed, 11 Feb 2026 21:52:13 -0500 Subject: [PATCH] docs: update CLAUDE.md with invite API path and deps signature Co-Authored-By: Claude Opus 4.6 --- CLAUDE.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/CLAUDE.md b/CLAUDE.md index 8550359b..47424eb0 100644 --- a/CLAUDE.md +++ b/CLAUDE.md @@ -204,7 +204,7 @@ author = relationship("User", foreign_keys=[author_id], back_populates="trees") SELECT 'tag', 'slug', NULL::uuid as team_id -- Must cast NULL to uuid ``` -**7. API Path Gotcha:** Frontend `apiClient` baseURL is `http://localhost:8000/api/v1` — use relative paths WITHOUT `/api/v1/` prefix (e.g., `/admin/users` not `/api/v1/admin/users`). +**7. API Path Gotcha:** Frontend `apiClient` baseURL is `http://localhost:8000/api/v1` — use relative paths WITHOUT `/api/v1/` prefix (e.g., `/admin/users` not `/api/v1/admin/users`). Invite codes endpoint is `/invites` (NOT `/invite-codes`). **8. CORS errors can mask 500s:** Check backend logs first. Also run `alembic upgrade head` after pulling changes. @@ -222,7 +222,7 @@ navigate(`/trees/${newTree.id}/edit`) - **Role hierarchy:** super_admin > team_admin > engineer > viewer - **Team Admin:** `role='engineer'` + `is_team_admin=True` + valid `team_id` -- **Backend deps:** `get_current_active_user` (any active), `require_engineer_or_admin` (blocks viewers), `require_admin` (super admin only) +- **Backend deps:** `get_current_active_user(user, db)` (any active + auto-downgrades expired trials), `require_engineer_or_admin` (blocks viewers), `require_admin` (super admin only) - **Never use** `role == "admin"` — use `is_super_admin` instead - **Frontend:** `usePermissions()` hook for all permission checks - **Centralized:** `backend/app/core/permissions.py`, `frontend/src/hooks/usePermissions.ts`