josh/YesChef
1
0
Fork 0
Code Pull Requests Actions Packages Projects Releases Activity

Scope all data access by FamilyId for multi-tenant isolation

Browse Source 
Adds FamilyMembership join (UserId, FamilyId, Role) and a non-null
FamilyId FK on Store, ShoppingList, ShoppingListItem, Recipe, and
RecipeIngredient. FamilyId is denormalized on items/ingredients so the
tenant filter is a single column predicate without joins. Store name
uniqueness is now scoped per family.

JWT issuance stamps a family_id claim; ClaimsPrincipalExtensions exposes
GetFamilyId(). Register validates the supplied invite code against
Family.InviteCode (replacing the env-var equality check) and writes a
FamilyMembership row. OnTokenValidated rejects requests whose user has
been removed from the claimed family since login.

Every endpoint filters by FamilyId on read and stamps it on write.
Cross-family storeId references on list create/update return 400. The
SignalR hub verifies list ownership on JoinList and uses a per-family
overview group, so cross-tenant fan-out is structurally impossible.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
Josh Rogers
2026-05-07 23:05:23 -05:00
parent 7c1cfd62e6
commit 9b2db931ee
25 changed files with 1057 additions and 90 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/backend/YesChef.Api/Data/YesChefDb.cs
+18 -1
View File
@@ -6,6 +6,7 @@ namespace YesChef.Api.Data;
public class YesChefDb(DbContextOptions<YesChefDb> options) : DbContext(options)
{
public DbSet<Family> Families => Set<Family>();
public DbSet<FamilyMembership> FamilyMemberships => Set<FamilyMembership>();
public DbSet<User> Users => Set<User>();
public DbSet<Store> Stores => Set<Store>();
public DbSet<ShoppingList> ShoppingLists => Set<ShoppingList>();
@@ -22,6 +23,14 @@ public class YesChefDb(DbContextOptions<YesChefDb> options) : DbContext(options)
e.Property(f => f.InviteCode).HasMaxLength(100);
});
modelBuilder.Entity<FamilyMembership>(e =>
{
e.HasKey(m => new { m.UserId, m.FamilyId });
e.HasOne(m => m.User).WithMany().HasForeignKey(m => m.UserId).OnDelete(DeleteBehavior.Cascade);
e.HasOne(m => m.Family).WithMany().HasForeignKey(m => m.FamilyId).OnDelete(DeleteBehavior.Cascade);
e.Property(m => m.Role).HasConversion<int>();
});
modelBuilder.Entity<User>(e =>
{
e.HasIndex(u => u.Name).IsUnique();
@@ -30,36 +39,44 @@ public class YesChefDb(DbContextOptions<YesChefDb> options) : DbContext(options)
modelBuilder.Entity<Store>(e =>
{
e.HasIndex(s => s.Name).IsUnique();
e.HasOne(s => s.Family).WithMany().HasForeignKey(s => s.FamilyId).OnDelete(DeleteBehavior.Cascade);
e.HasIndex(s => new { s.FamilyId, s.Name }).IsUnique();
e.Property(s => s.Name).HasMaxLength(100);
});
modelBuilder.Entity<ShoppingList>(e =>
{
e.Property(l => l.Name).HasMaxLength(200);
e.HasOne(l => l.Family).WithMany().HasForeignKey(l => l.FamilyId).OnDelete(DeleteBehavior.Cascade);
e.HasOne(l => l.Store).WithMany().HasForeignKey(l => l.StoreId);
e.HasOne(l => l.CreatedByUser).WithMany().HasForeignKey(l => l.CreatedByUserId);
e.HasMany(l => l.Items).WithOne(i => i.ShoppingList).HasForeignKey(i => i.ShoppingListId).OnDelete(DeleteBehavior.Cascade);
e.HasIndex(l => l.FamilyId);
});
modelBuilder.Entity<ShoppingListItem>(e =>
{
e.Property(i => i.Name).HasMaxLength(300);
e.HasOne(i => i.Family).WithMany().HasForeignKey(i => i.FamilyId).OnDelete(DeleteBehavior.Cascade);
e.HasOne(i => i.CheckedByUser).WithMany().HasForeignKey(i => i.CheckedByUserId).OnDelete(DeleteBehavior.SetNull);
e.HasOne(i => i.Recipe).WithMany().HasForeignKey(i => i.RecipeId).OnDelete(DeleteBehavior.SetNull);
e.HasIndex(i => i.FamilyId);
});
modelBuilder.Entity<Recipe>(e =>
{
e.Property(r => r.Title).HasMaxLength(300);
e.HasOne(r => r.Family).WithMany().HasForeignKey(r => r.FamilyId).OnDelete(DeleteBehavior.Cascade);
e.HasOne(r => r.CreatedByUser).WithMany().HasForeignKey(r => r.CreatedByUserId);
e.HasMany(r => r.Ingredients).WithOne(i => i.Recipe).HasForeignKey(i => i.RecipeId).OnDelete(DeleteBehavior.Cascade);
e.HasIndex(r => r.FamilyId);
});
modelBuilder.Entity<RecipeIngredient>(e =>
{
e.Property(i => i.Name).HasMaxLength(200);
e.Property(i => i.Quantity).HasMaxLength(50);
e.HasOne(i => i.Family).WithMany().HasForeignKey(i => i.FamilyId).OnDelete(DeleteBehavior.Cascade);
});
}
}