[Task] Move legacy admin handler, service, and model ownership out of the access compatibility implementation into access, tenancy, policy, audit, and core settings modules #62

Closed
opened 2026-07-06 13:27:46 +02:00 by zemion · 4 comments
Owner

Imported from the GovOPlaN access extraction plan immediate backlog.

  • Source: /mnt/DATA/git/govoplan-core/docs/ACCESS_EXTRACTION_PLAN.md
  • Line: 357
  • Section: Immediate Backlog
  • Source status: open

Imported backlog item:

- [ ] Move legacy admin handler, service, and model ownership out of the access compatibility implementation into access, tenancy, policy, audit, and core settings modules.
<!-- codex-backlog-fingerprint:10194a287471739b64cd2c6e --> Imported from the GovOPlaN access extraction plan immediate backlog. - Source: `/mnt/DATA/git/govoplan-core/docs/ACCESS_EXTRACTION_PLAN.md` - Line: `357` - Section: `Immediate Backlog` - Source status: `open` Imported backlog item: ```markdown - [ ] Move legacy admin handler, service, and model ownership out of the access compatibility implementation into access, tenancy, policy, audit, and core settings modules. ```
zemion added this to the Access Extraction milestone 2026-07-06 13:30:01 +02:00
zemion added the
module/access
label 2026-07-07 23:43:23 +02:00
Author
Owner

Codex State: checked 2026-07-09

This is not a clean implementation close as written. Much of the imported backlog item was delivered under #63, but the remaining ownership cleanup is still real: core tenancy/bootstrap/retention code still has direct access-model touch points, and access still owns broad legacy admin/service/API handler pieces.

Recommendation: keep this open only as the umbrella for those remaining cleanup slices, or close it as superseded after #63/#82 are narrowed into concrete follow-up tickets.

## Codex State: checked 2026-07-09 This is not a clean implementation close as written. Much of the imported backlog item was delivered under #63, but the remaining ownership cleanup is still real: core tenancy/bootstrap/retention code still has direct access-model touch points, and access still owns broad legacy admin/service/API handler pieces. Recommendation: keep this open only as the umbrella for those remaining cleanup slices, or close it as superseded after #63/#82 are narrowed into concrete follow-up tickets.
Author
Owner

Review 2026-07-10: keeping this open for now, but it is mostly an umbrella/superseded tracker after the recent ownership split work. The boundary checker is clean and much of the old access compatibility surface has moved, but the same remaining cleanup called out in #63/#82/#50 is still real: tenant lifecycle/switching, core bootstrap/access seed paths, tenant counts, and policy/audit/admin service boundaries. Recommendation: keep this as the umbrella while those narrower issues remain open; close as superseded once the remaining work is fully represented by focused module-owned issues.

Review 2026-07-10: keeping this open for now, but it is mostly an umbrella/superseded tracker after the recent ownership split work. The boundary checker is clean and much of the old access compatibility surface has moved, but the same remaining cleanup called out in #63/#82/#50 is still real: tenant lifecycle/switching, core bootstrap/access seed paths, tenant counts, and policy/audit/admin service boundaries. Recommendation: keep this as the umbrella while those narrower issues remain open; close as superseded once the remaining work is fully represented by focused module-owned issues.
Author
Owner

Progress 2026-07-10: reduced the legacy compatibility surface further. Access now owns access counts/settings/bootstrap behavior that core was previously performing directly, and audit owns SQL recording/retention behavior that core previously performed through audit models. Tenancy also gained a non-destructive tenant retirement orchestration path. Keeping this umbrella open for now: remaining cleanup includes the core auth compatibility re-export, policy/retention service placement, and any follow-up split that should be represented by narrower module-owned issues before this umbrella closes.

Progress 2026-07-10: reduced the legacy compatibility surface further. Access now owns access counts/settings/bootstrap behavior that core was previously performing directly, and audit owns SQL recording/retention behavior that core previously performed through audit models. Tenancy also gained a non-destructive tenant retirement orchestration path. Keeping this umbrella open for now: remaining cleanup includes the core auth compatibility re-export, policy/retention service placement, and any follow-up split that should be represented by narrower module-owned issues before this umbrella closes.
Author
Owner

Implemented the remaining ownership cleanup slice: core auth is now a capability-backed facade, access provides the API principal and tenant-context switch capabilities, policy owns the retention implementation behind policy.privacyRetention, and tenant lifecycle no longer reaches into access/audit models directly. Focused tests and dependency boundary checks pass. Closing; historical migration squashing and the broader provider-only fallback cleanup remain tracked separately (#78/#50).

Implemented the remaining ownership cleanup slice: core auth is now a capability-backed facade, access provides the API principal and tenant-context switch capabilities, policy owns the retention implementation behind `policy.privacyRetention`, and tenant lifecycle no longer reaches into access/audit models directly. Focused tests and dependency boundary checks pass. Closing; historical migration squashing and the broader provider-only fallback cleanup remain tracked separately (#78/#50).
Sign in to join this conversation.
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: add-ideas/govoplan-core#62
No description provided.