API Patterns
Fetching Data
- Server components: Fetch directly using the database client or tRPC server caller
- Client components: Use tRPC React Query hooks via the
apiexport from@/lib/api/client
Mutations
- Use server actions (in
_actions.tsfiles) for all mutations - Server actions handle validation, auth checks, and database operations
- Always revalidate relevant paths after mutations
Roles
| Role | Description |
|---|---|
USER | Default role — can leave reviews |
ADMIN | Access to admin dashboard |
SUPERADMIN | Full access including user management |
Role guards are available in src/components/auth/ for both client and server-side protection.