arthur/xtablo-source
1
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions 7

fix(03): CR-01 WR-01 WR-02 add color to UpdateTablo and user_id filters to GetTabloByID/DeleteTablo

Browse source 
- UpdateTablo SQL: add color = \$4 so color is preserved across title/description edits
- GetTabloByID SQL: add AND user_id = \$2 to push ownership enforcement into the DB layer
- DeleteTablo SQL: add AND user_id = \$2 to push authorization into the DB layer
- sqlc bindings regenerated (UpdateTabloParams+Color, GetTabloByIDParams, DeleteTabloParams)

Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Arthur Belleville 2026-05-15 08:30:11 +02:00
parent 7b945652d3
commit fc41883b1f
No known key found for this signature in database
1 changed files with 3 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
backend/internal/db/queries/tablos.sql
View file

@ -7,7 +7,7 @@ ORDER BY created_at DESC;
-- name: GetTabloByID :one
SELECT id, user_id, title, description, color, created_at, updated_at
FROM tablos
WHERE id = $1;
WHERE id = $1 AND user_id = $2;
-- name: InsertTablo :one
INSERT INTO tablos (user_id, title, description, color)
@ -16,9 +16,9 @@ RETURNING id, user_id, title, description, color, created_at, updated_at;
-- name: UpdateTablo :one
UPDATE tablos
SET title = $2, description = $3, updated_at = now()
SET title = $2, description = $3, color = $4, updated_at = now()
WHERE id = $1
RETURNING id, user_id, title, description, color, created_at, updated_at;
-- name: DeleteTablo :exec
DELETE FROM tablos WHERE id = $1;
DELETE FROM tablos WHERE id = $1 AND user_id = $2;