Use core auth and scope contracts
This commit is contained in:
@@ -53,9 +53,15 @@ importing access internals:
|
||||
- generic security helpers that are not access-state semantics, such as
|
||||
secret encryption and UTC time helpers
|
||||
|
||||
Feature modules should depend on these kernel contracts or the published
|
||||
`govoplan_access.auth` request dependency API, not on access ORM models or
|
||||
`govoplan_access.backend.*` implementation internals.
|
||||
Feature modules should depend on these kernel contracts or the core
|
||||
`govoplan_core.auth` request dependency facade, not on access ORM models or
|
||||
`govoplan_access.backend.*` implementation internals. The access package still
|
||||
exports `govoplan_access.auth` for compatibility, but new routers should use
|
||||
the core facade so auth can move behind provider-neutral capabilities.
|
||||
|
||||
Access declares tenancy as an optional module integration. It uses the
|
||||
core-owned `core_scopes` table as the scope table, but it must not import
|
||||
`govoplan_tenancy` or require the tenancy package to start.
|
||||
|
||||
## Principal Context Contract
|
||||
|
||||
@@ -115,7 +121,7 @@ selection are still follow-up work on top of these routes.
|
||||
## Removed Compatibility Paths
|
||||
|
||||
These legacy imports were removed from core. Use access-owned modules, the
|
||||
public `govoplan_access.auth` request dependency API, or kernel capabilities
|
||||
core `govoplan_core.auth` request dependency facade, or kernel capabilities
|
||||
instead:
|
||||
|
||||
- `govoplan_core.security.api_keys`
|
||||
|
||||
Reference in New Issue
Block a user