Split platform admin routes into module contributions #61

Closed
opened 2026-07-06 13:03:14 +02:00 by zemion · 2 comments
Owner

Scope

Track the composition-first route split for platform admin surfaces so access, admin shell, tenancy, policy, and audit can be enabled independently before the deeper model/service split.

Acceptance criteria

  • govoplan-access contributes auth and access-admin route slices only.
  • govoplan-admin, govoplan-tenancy, govoplan-policy, and govoplan-audit are discoverable backend modules.
  • Existing public admin API paths remain stable.
  • Access-only runtime does not expose tenancy, policy, audit, or admin-shell routes.
  • Focused backend and WebUI checks pass.

Follow-up

Move handler, service, and model ownership out of the legacy access compatibility implementation into the owning modules.

## Scope Track the composition-first route split for platform admin surfaces so access, admin shell, tenancy, policy, and audit can be enabled independently before the deeper model/service split. ## Acceptance criteria - `govoplan-access` contributes auth and access-admin route slices only. - `govoplan-admin`, `govoplan-tenancy`, `govoplan-policy`, and `govoplan-audit` are discoverable backend modules. - Existing public admin API paths remain stable. - Access-only runtime does not expose tenancy, policy, audit, or admin-shell routes. - Focused backend and WebUI checks pass. ## Follow-up Move handler, service, and model ownership out of the legacy access compatibility implementation into the owning modules.
Author
Owner

Codex State: progress

Summary

  • Implemented composition-first platform admin route split: access keeps auth/access-admin routes, while admin, tenancy, policy, and audit now contribute their own route slices.
  • Added new backend module packages and default module enablement for admin, tenancy, policy, and audit.
  • Updated workspace discovery, dependency boundaries, focused checks, and access extraction docs.

Changed Files

  • govoplan-access/src/govoplan_access/backend/api/v1/admin_slices.py
  • govoplan-access/src/govoplan_access/backend/manifest.py
  • govoplan-admin/
  • govoplan-tenancy/
  • govoplan-policy/
  • govoplan-audit/
  • govoplan-core/src/govoplan_core/settings.py
  • govoplan-core/requirements-dev.txt
  • govoplan-core/tests/test_module_system.py
  • govoplan-core/scripts/check-focused.sh
  • govoplan-core/scripts/check_dependency_boundaries.py

Verification

  • ./.venv/bin/python -m unittest tests.test_module_system
  • ./.venv/bin/python -m unittest tests.test_access_contracts
  • ./.venv/bin/python -m unittest tests.test_api_v1.AdminApiIntegrationTests.test_tenant_user_group_role_and_api_key_administration tests.test_api_v1.AdminApiIntegrationTests.test_profile_refresh_and_system_role_protection_model tests.test_api_v1.HealthEndpointTests.test_health_schema_and_dev_mailbox_gates
  • ./scripts/check-focused.sh

Next / Blocked

  • Move handler, service, and model ownership out of the legacy access compatibility implementation into the owning modules.

Suggested status label: status/in-progress

## Codex State: progress ### Summary - Implemented composition-first platform admin route split: access keeps auth/access-admin routes, while admin, tenancy, policy, and audit now contribute their own route slices. - Added new backend module packages and default module enablement for admin, tenancy, policy, and audit. - Updated workspace discovery, dependency boundaries, focused checks, and access extraction docs. ### Changed Files - `govoplan-access/src/govoplan_access/backend/api/v1/admin_slices.py` - `govoplan-access/src/govoplan_access/backend/manifest.py` - `govoplan-admin/` - `govoplan-tenancy/` - `govoplan-policy/` - `govoplan-audit/` - `govoplan-core/src/govoplan_core/settings.py` - `govoplan-core/requirements-dev.txt` - `govoplan-core/tests/test_module_system.py` - `govoplan-core/scripts/check-focused.sh` - `govoplan-core/scripts/check_dependency_boundaries.py` ### Verification - `./.venv/bin/python -m unittest tests.test_module_system` - `./.venv/bin/python -m unittest tests.test_access_contracts` - `./.venv/bin/python -m unittest tests.test_api_v1.AdminApiIntegrationTests.test_tenant_user_group_role_and_api_key_administration tests.test_api_v1.AdminApiIntegrationTests.test_profile_refresh_and_system_role_protection_model tests.test_api_v1.HealthEndpointTests.test_health_schema_and_dev_mailbox_gates` - `./scripts/check-focused.sh` ### Next / Blocked - Move handler, service, and model ownership out of the legacy access compatibility implementation into the owning modules. Suggested status label: `status/in-progress`
Author
Owner

Codex State: done

Summary

  • Completed the route-handler split: access, admin, tenancy, policy, and audit now each expose native routers through their manifests.
  • Moved admin, tenancy, policy, and audit DTOs into module-owned schema files; access admin schemas remain as compatibility for access-owned surfaces.
  • Prepared issue workflow templates locally across all cloned GovOPlaN repos, synced minimal template labels to each remote repo, and synced the full shared taxonomy to core.
  • Updated release requirements and tag helper support for the packaged platform modules.

Changed Files

  • govoplan-access/src/govoplan_access/backend/api/v1/routes.py
  • govoplan-access/src/govoplan_access/backend/api/v1/admin_common.py
  • govoplan-access/src/govoplan_access/backend/api/v1/admin.py
  • govoplan-admin/src/govoplan_admin/backend/api/v1/routes.py
  • govoplan-admin/src/govoplan_admin/backend/api/v1/schemas.py
  • govoplan-tenancy/src/govoplan_tenancy/backend/api/v1/routes.py
  • govoplan-tenancy/src/govoplan_tenancy/backend/api/v1/schemas.py
  • govoplan-policy/src/govoplan_policy/backend/api/v1/routes.py
  • govoplan-policy/src/govoplan_policy/backend/api/v1/schemas.py
  • govoplan-audit/src/govoplan_audit/backend/api/v1/routes.py
  • govoplan-audit/src/govoplan_audit/backend/api/v1/schemas.py
  • govoplan-core/scripts/push-release-tag.sh
  • govoplan-core/requirements-release.txt
  • govoplan-core/docs/gitea-labels.json

Verification

  • ./.venv/bin/python -m unittest tests.test_module_system
  • ./.venv/bin/python -m unittest tests.test_access_contracts
  • ./.venv/bin/python -m unittest tests.test_api_smoke.ApiSmokeTests.test_tenant_user_group_role_and_api_key_administration tests.test_api_smoke.ApiSmokeTests.test_profile_refresh_and_system_role_protection_model tests.test_api_smoke.ApiSmokeTests.test_health_schema_and_dev_mailbox_gates
  • ./scripts/push-release-tag.sh --version 0.1.5 --skip-release-lock --dry-run --yes
  • ./scripts/check-focused.sh

Next / Blocked

  • Follow-up service/model ownership split is tracked in govoplan-core#63.
## Codex State: done ### Summary - Completed the route-handler split: access, admin, tenancy, policy, and audit now each expose native routers through their manifests. - Moved admin, tenancy, policy, and audit DTOs into module-owned schema files; access admin schemas remain as compatibility for access-owned surfaces. - Prepared issue workflow templates locally across all cloned GovOPlaN repos, synced minimal template labels to each remote repo, and synced the full shared taxonomy to core. - Updated release requirements and tag helper support for the packaged platform modules. ### Changed Files - `govoplan-access/src/govoplan_access/backend/api/v1/routes.py` - `govoplan-access/src/govoplan_access/backend/api/v1/admin_common.py` - `govoplan-access/src/govoplan_access/backend/api/v1/admin.py` - `govoplan-admin/src/govoplan_admin/backend/api/v1/routes.py` - `govoplan-admin/src/govoplan_admin/backend/api/v1/schemas.py` - `govoplan-tenancy/src/govoplan_tenancy/backend/api/v1/routes.py` - `govoplan-tenancy/src/govoplan_tenancy/backend/api/v1/schemas.py` - `govoplan-policy/src/govoplan_policy/backend/api/v1/routes.py` - `govoplan-policy/src/govoplan_policy/backend/api/v1/schemas.py` - `govoplan-audit/src/govoplan_audit/backend/api/v1/routes.py` - `govoplan-audit/src/govoplan_audit/backend/api/v1/schemas.py` - `govoplan-core/scripts/push-release-tag.sh` - `govoplan-core/requirements-release.txt` - `govoplan-core/docs/gitea-labels.json` ### Verification - `./.venv/bin/python -m unittest tests.test_module_system` - `./.venv/bin/python -m unittest tests.test_access_contracts` - `./.venv/bin/python -m unittest tests.test_api_smoke.ApiSmokeTests.test_tenant_user_group_role_and_api_key_administration tests.test_api_smoke.ApiSmokeTests.test_profile_refresh_and_system_role_protection_model tests.test_api_smoke.ApiSmokeTests.test_health_schema_and_dev_mailbox_gates` - `./scripts/push-release-tag.sh --version 0.1.5 --skip-release-lock --dry-run --yes` - `./scripts/check-focused.sh` ### Next / Blocked - Follow-up service/model ownership split is tracked in govoplan-core#63.
Sign in to join this conversation.
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: add-ideas/govoplan-core#61
No description provided.