Feature: Financial Role Access Control — Phase 2 Foundational (TDD)
Implement after T004 tests are red.
Create src/lib/auth.ts with requireRole(allowedRole: Role): Promise<void>:
- Call
createClient(), get user via supabase.auth.getUser()
- Redirect to
/login if no user
- Query
supabase.from('funcionarios').select('role').eq('id', user.id).maybeSingle()
- Redirect to
/dashboard on DB error or if role !== allowedRole
- Import
Role from @prisma/client
Blocks: T009, T010
Feature: Financial Role Access Control — Phase 2 Foundational (TDD)
Create
src/lib/auth.tswithrequireRole(allowedRole: Role): Promise<void>:createClient(), get user viasupabase.auth.getUser()/loginif no usersupabase.from('funcionarios').select('role').eq('id', user.id).maybeSingle()/dashboardon DB error or ifrole !== allowedRoleRolefrom@prisma/clientBlocks: T009, T010