Problem
/api/project GET filters by user_id, but /api/data GET fetches by id only. This is inconsistent for data visibility and ownership checks.
Scope
- Add
user_id filter in /api/data reads to align with project endpoint behavior.
- Ensure not-found vs unauthorized behavior is explicit and consistent.
Acceptance Criteria
- Data API returns only rows owned by active/default user context.
- Project-list and data-detail endpoints enforce consistent visibility rules.
Suggested Files
app/api/data/route.tsapp/api/project/route.ts
Problem
/api/projectGET filters byuser_id, but/api/dataGET fetches byidonly. This is inconsistent for data visibility and ownership checks.Scope
user_idfilter in/api/datareads to align with project endpoint behavior.Acceptance Criteria
Suggested Files
app/api/data/route.tsapp/api/project/route.ts