Sync Repo-docs-ACCESS-EXTRACTION-PLAN from project files
@@ -1,4 +1,4 @@
|
||||
<!-- codex-wiki-sync:65899b8e3865e9d7a6839d82 -->
|
||||
<!-- codex-wiki-sync:1cf44edce1c7499eac1e8e1e -->
|
||||
|
||||
> Mirrored from `/mnt/DATA/git/govoplan-core/docs/ACCESS_EXTRACTION_PLAN.md`.
|
||||
> Origin: `repository`.
|
||||
@@ -349,8 +349,20 @@ Acceptance criteria:
|
||||
- [x] Add access capability registry names.
|
||||
- [x] Register live access directory and tenant resolver capability
|
||||
implementations backed by the current compatibility tables.
|
||||
- [x] Register an access tenant-provisioner capability so tenancy can seed
|
||||
access-owned default roles without importing access service internals.
|
||||
- [x] Replace `govoplan-files` direct user/group/tenant model imports with the
|
||||
`access.directory` capability for group membership and share-target checks.
|
||||
- [x] Replace `govoplan-files` direct campaign model imports with the
|
||||
`campaigns.access` capability for campaign share/existence checks.
|
||||
- [x] Replace `govoplan-mail` direct user/group/tenant model imports with
|
||||
mail-owned policy storage plus access-directory validation and legacy-read
|
||||
fallback.
|
||||
- [x] Replace `govoplan-mail` direct campaign model imports with the
|
||||
`campaigns.mailPolicyContext` capability for campaign-scoped mail policy and
|
||||
owner context.
|
||||
- [x] Replace `govoplan-campaign` runtime user/group/tenant model imports with
|
||||
access-directory lookups and string-based ORM relationships.
|
||||
- [x] Create `govoplan-access` repository workspace and issue workflow scaffold.
|
||||
- [x] Create `govoplan-access` repository/package skeleton.
|
||||
- [x] Move `govoplan_core/access` seed package into `govoplan-access`.
|
||||
@@ -373,16 +385,19 @@ Acceptance criteria:
|
||||
- [ ] Move legacy admin service and model ownership out of the access
|
||||
compatibility implementation into access, tenancy, policy, audit, and core
|
||||
settings modules.
|
||||
- [ ] Replace tenancy-to-access default role seeding with a tenant-created
|
||||
lifecycle/event contract.
|
||||
- [ ] Replace feature-module direct user/group/tenant model imports.
|
||||
- [x] Replace tenancy-to-access default role seeding with an access
|
||||
tenant-provisioner capability.
|
||||
- [x] Replace feature-module direct user/group/tenant model imports.
|
||||
- [x] `govoplan-files`
|
||||
- [ ] `govoplan-mail`
|
||||
- [ ] `govoplan-campaign`
|
||||
- [x] `govoplan-mail`
|
||||
- [x] `govoplan-campaign`
|
||||
- [ ] Replace direct cross-module SQL lookups with provider/event contracts.
|
||||
- [ ] Move access admin WebUI pages to module route contributions.
|
||||
- [ ] Remove transitional boundary checker allowlist entries as each contract
|
||||
lands.
|
||||
- [ ] Move campaign-scoped mail policy ownership fully behind an API/event
|
||||
workflow if direct synchronous capability calls become too tight for later
|
||||
deployment boundaries.
|
||||
|
||||
## Open Decisions
|
||||
|
||||
|
||||
Reference in New Issue
Block a user