Benjamin_Boenisch/breakpilot-compliance
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(proxy): add default X-User-ID and X-Tenant-ID headers to API proxies
All checks were successful
CI / go-lint (push) Has been skipped
Details
CI / python-lint (push) Has been skipped
Details
CI / nodejs-lint (push) Has been skipped
Details
CI / test-go-ai-compliance (push) Successful in 39s
Details
CI / test-python-backend-compliance (push) Successful in 37s
Details
CI / test-python-document-crawler (push) Successful in 28s
Details
CI / test-python-dsms-gateway (push) Successful in 23s
Details

Browse Source 
Both academy and training proxy routes now set default identity headers
so the Go backend RBAC middleware can set the tenant context. Without
these defaults, the browser doesn't send X-User-ID and modules/courses
return empty.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Benjamin Admin
2026-02-26 12:05:08 +01:00
parent 66988d1304
commit 759c725793
2 changed files with 10 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
admin-compliance/app/api/sdk/v1/academy/[[...path]]/route.ts
View File

@@ -29,10 +29,12 @@ async function proxyRequest(
headers['Authorization'] = authHeader
}
// Forward identity headers for RBAC context
const userHeader = request.headers.get('x-user-id')
headers['X-User-ID'] = userHeader || '00000000-0000-0000-0000-000000000001'
const tenantHeader = request.headers.get('x-tenant-id')
if (tenantHeader) {
headers['X-Tenant-Id'] = tenantHeader
}
headers['X-Tenant-ID'] = tenantHeader || (process.env.DEFAULT_TENANT_ID || '9282a473-5c95-4b3a-bf78-0ecc0ec71d3e')
const fetchOptions: RequestInit = {
method,

6
admin-compliance/app/api/sdk/v1/training/[[...path]]/route.ts
View File

@@ -24,7 +24,7 @@ async function proxyRequest(
'Content-Type': 'application/json',
}
const headerNames = ['authorization', 'x-tenant-id', 'x-user-id', 'x-namespace-id', 'x-tenant-slug']
const headerNames = ['authorization', 'x-namespace-id', 'x-tenant-slug']
for (const name of headerNames) {
const value = request.headers.get(name)
if (value) {
@@ -32,6 +32,10 @@ async function proxyRequest(
}
}
// Forward identity headers with defaults for RBAC context
headers['X-User-ID'] = request.headers.get('x-user-id') || '00000000-0000-0000-0000-000000000001'
headers['X-Tenant-ID'] = request.headers.get('x-tenant-id') || (process.env.DEFAULT_TENANT_ID || '9282a473-5c95-4b3a-bf78-0ecc0ec71d3e')
const fetchOptions: RequestInit = {
method,
headers,