refactor(api): scope controllers through current_resource_owner (#2414)

Follow-up to #2405. Replace remaining API controller reads of
Current.user, Current.family, and Current.session with
current_resource_owner. Add an architecture guard test to prevent
regression.

Scope is limited to the Current sweep only:
- Revert balance_sheet user-scoping (moves to account-auth PR B).
- Revert provider_connections DebugLogEntry logging (separate PR).
- Remove UsersController#destroy attempt to destroy unsaved API session.
This commit is contained in:
Orange🍊
2026-06-29 03:59:44 +08:00
committed by GitHub
parent 1fdec91451
commit 30780a5961
8 changed files with 58 additions and 10 deletions

View File

@@ -41,6 +41,6 @@ class Api::V1::SyncsController < Api::V1::BaseController
end
def family_syncs_query
Sync.for_family(Current.family, resource_owner: Current.user)
Sync.for_family(current_resource_owner.family, resource_owner: current_resource_owner)
end
end