Sync Repo-docs-ACCESS-EXTRACTION-PLAN from project files

2026-07-07 01:00:21 +02:00
parent b8a5227ae4
commit 0c2489c79f

@@ -1,4 +1,4 @@
<!-- codex-wiki-sync:383d3d92109026630c5a40ed -->
<!-- codex-wiki-sync:eb135ed3ebf2894e28841e36 -->
> Mirrored from `/mnt/DATA/git/govoplan-core/docs/ACCESS_EXTRACTION_PLAN.md`.
> Origin: `repository`.
@@ -246,8 +246,9 @@ Acceptance criteria:
Move active identity/access models out of `govoplan_core.db.models`.
Current state: the stable table naming strategy is to keep legacy table names
and move SQLAlchemy class definitions under their platform owners. Core keeps
`govoplan_core.db.models` as a compatibility re-export. The earlier
and move SQLAlchemy class definitions under their platform owners. The old
`govoplan_core.db.models` compatibility re-export has been removed; callers
must import module-owned models or use kernel capabilities. The earlier
`access_*` candidate tables are not active metadata.
Current table ownership:
@@ -265,15 +266,16 @@ Tasks:
- [x] Map legacy model names to access-owned model classes.
- [x] Keep database table names where possible to avoid data migration churn.
- [x] Add Alembic migration metadata owned by the platform module owners.
- [x] Keep compatibility aliases in core while modules migrate.
- [x] Remove core model compatibility aliases after callers moved to
module-owned imports.
- [x] Update bootstrap/create-all compatibility paths.
Acceptance criteria:
- Existing development databases migrate without data loss.
- New databases initialize with module-owned metadata.
- Core no longer owns live account/user/group/role/session/API-key model
definitions except compatibility aliases.
- Core no longer owns or re-exports live account/user/group/role/session/API-key
model definitions.
### Stage 4: Move Auth Routes And Dependencies
@@ -433,6 +435,8 @@ Acceptance criteria:
them through the `admin.sections` UI capability.
- [x] Remove transitional boundary checker allowlist entries as each contract
lands.
- [x] Remove old core import shims for access models, access routes, admin
service helpers, and access-owned security services.
- [ ] Move campaign-scoped mail policy ownership fully behind an API/event
workflow if direct synchronous capability calls become too tight for later
deployment boundaries.