Closed zoey-kaiser closed 6 months ago
I am also facing this issue. @zoey-kaiser have you found any method or approach to dealing with this issue?
Released in: https://github.com/omar-dulaimi/trpc-shield/releases/tag/0.4.4
Let me know how it goes.
Also, if you can, please consider supporting me to allocate time for this project and others. I have stepped away from Open Source for a few months now, but would love to comeback. The lacking nature of open source support doesn't help me and others to stay motivated for continued work. Hope this changes soon.
Bug report
Describe the bug
The
fallbackRule
option is not working on nested routers.To Reproduce
Steps to reproduce the behavior, please provide code snippets or a repository:
Expected behavior
Routes that do not have any permissions set, should fallback to the
fallbackRule
in a namespaced router setup.behavior
fallbackRule
does not apply and all routes are unprotectedAdditional context
This issue was first raised in https://github.com/omar-dulaimi/trpc-shield/issues/23. The issue has been closed without any context provided as to if the bug was resolved or if the author went with another approach.
A fix for this bug was already pushed in https://github.com/omar-dulaimi/trpc-shield/pull/22 a while ago. It would be great to receive a review on this to merge and publish this fix soon. If the orignal PR author does not respond, I also do not mind opening a new PR!
Fixing this is critical to our project, as it makes using trpc-shield with namespaced routes super unsafe. If you forget to properly add a route to the shield config or have a small spelling mistake, it can compromise your entire application.