fix: allow third party to access their profile and settings

[martinzerty]

The third party representatives were not able to see their profile and access the settings to change password/set TOTP. Now they can.

Summary by CodeRabbit

• Bug Fixes
  • Improved redirect behavior for third-party users. These users can now access and navigate their profile section seamlessly without experiencing unnecessary redirects, enhancing overall usability and reducing navigation friction.
  • Backend routing context updated to stabilize navigation; no changes to visible user data or session handling.

[coderabbitai]

Important

Review skipped

Draft detected.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 2b22a65d-3518-49cd-98fa-914e4c623dc9

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

• 🔍 Trigger review

📝 Walkthrough

Walkthrough

The server-side load handler for the internal layout was updated to accept the url parameter in its signature; existing redirect logic based on locals.user.is_third_party and the returned { user: locals.user } remain unchanged.

Changes

Cohort / File(s)	Summary
Internal layout load handler frontend/src/routes/(app)/(internal)/+layout.server.ts	Updated exported load signature to include url (async ({ locals }) → async ({ locals, url })). Redirect logic and returned user payload unchanged.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

Poem

🐰 I found a tiny URL trail,
Poked my nose and checked the tail,
The same old hop, the same old guard,
Now I carry the path — not working hard! 🥕

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'fix: allow third party to access their profile and settings' directly describes the main change - enabling third-party users to access profile and settings pages. It accurately summarizes the primary objective of the PR.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch CA-1604-my-profile-page-is-not-accessible-for-a-third-party-user

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[monsieurswag]

Try to fix the problem by moving ./(app)/(internal)/my-profile/... stuff to ./(app)/(third-party)/ instead (if it doesn't work/create problems keep the current the solution).