Sync Repo-docs-ACCESS-EXTRACTION-PLAN from project files
@@ -1,4 +1,4 @@
|
|||||||
<!-- codex-wiki-sync:eb135ed3ebf2894e28841e36 -->
|
<!-- codex-wiki-sync:db830bc22c5217ad6fedc13a -->
|
||||||
|
|
||||||
> Mirrored from `/mnt/DATA/git/govoplan-core/docs/ACCESS_EXTRACTION_PLAN.md`.
|
> Mirrored from `/mnt/DATA/git/govoplan-core/docs/ACCESS_EXTRACTION_PLAN.md`.
|
||||||
> Origin: `repository`.
|
> Origin: `repository`.
|
||||||
@@ -83,25 +83,11 @@ WebUI contributions without changing the core shell route wiring again.
|
|||||||
|
|
||||||
### Current Module Consumers
|
### Current Module Consumers
|
||||||
|
|
||||||
Feature modules currently depend on core compatibility access surfaces:
|
Feature modules no longer import core auth dependency wrappers or access-owned
|
||||||
|
ORM models. Backend routers import the access-published FastAPI dependency API
|
||||||
- `govoplan-files`
|
from `govoplan_access.backend.auth.dependencies`; runtime cooperation uses
|
||||||
- imports `govoplan_core.auth.dependencies`
|
kernel capabilities such as `access.directory`, `campaigns.access`,
|
||||||
- imports `Group` and `UserGroupMembership` for ACL decisions
|
`campaigns.mailPolicyContext`, and `campaigns.deliveryTasks`.
|
||||||
- imports `Group`, `Tenant`, and `User` for file storage ownership/audit
|
|
||||||
- `govoplan-mail`
|
|
||||||
- imports `govoplan_core.auth.dependencies`
|
|
||||||
- imports `Group`, `Tenant`, `User`, and `UserGroupMembership` for mail
|
|
||||||
profile policy resolution
|
|
||||||
- imports core settings and secret helpers
|
|
||||||
- `govoplan-campaign`
|
|
||||||
- imports `govoplan_core.auth.dependencies`
|
|
||||||
- imports `Group`, `Tenant`, `User`, and `UserGroupMembership` for ownership
|
|
||||||
relationships and access decisions
|
|
||||||
- imports `govoplan_core.security.time.utc_now`
|
|
||||||
|
|
||||||
These imports are valid compatibility dependencies today. They are also the
|
|
||||||
main extraction debt to remove.
|
|
||||||
|
|
||||||
## Target Ownership
|
## Target Ownership
|
||||||
|
|
||||||
@@ -286,15 +272,17 @@ Tasks:
|
|||||||
- Move `/api/v1/auth/*` implementation to access.
|
- Move `/api/v1/auth/*` implementation to access.
|
||||||
- Move session/API-key services to access.
|
- Move session/API-key services to access.
|
||||||
- Keep core route compatibility only if required by clients.
|
- Keep core route compatibility only if required by clients.
|
||||||
- Replace feature-module imports of core auth dependencies with stable kernel
|
- Replace feature-module imports of core auth dependencies with the
|
||||||
contracts or access-provided capabilities.
|
access-published FastAPI dependency API.
|
||||||
- Add tests for login, session refresh, tenant selection, API-key auth, and
|
- Add tests for login, session refresh, tenant selection, API-key auth, and
|
||||||
missing access capability failures.
|
missing access capability failures.
|
||||||
|
|
||||||
Acceptance criteria:
|
Acceptance criteria:
|
||||||
|
|
||||||
- Auth behavior works through the access module.
|
- Auth behavior works through the access module.
|
||||||
- Feature modules do not import access internals.
|
- Feature modules do not import access internals except the published
|
||||||
|
`govoplan_access.backend.auth.dependencies` dependency API used by FastAPI
|
||||||
|
routers.
|
||||||
- Core can explain startup failure clearly if auth-required routes are enabled
|
- Core can explain startup failure clearly if auth-required routes are enabled
|
||||||
without the access capability.
|
without the access capability.
|
||||||
|
|
||||||
@@ -391,12 +379,15 @@ Acceptance criteria:
|
|||||||
- [x] Move `govoplan_core/access` seed package into `govoplan-access`.
|
- [x] Move `govoplan_core/access` seed package into `govoplan-access`.
|
||||||
- [x] Add compatibility wrappers in core for old import paths.
|
- [x] Add compatibility wrappers in core for old import paths.
|
||||||
- [x] Route existing auth dependency wrappers through access principal/evaluator capabilities.
|
- [x] Route existing auth dependency wrappers through access principal/evaluator capabilities.
|
||||||
|
- [x] Move FastAPI auth dependency wrappers out of core and into
|
||||||
|
`govoplan-access`.
|
||||||
- [x] Move session, API-key, and password helper services into `govoplan-access`.
|
- [x] Move session, API-key, and password helper services into `govoplan-access`.
|
||||||
- [x] Move interactive auth/session routes behind access module manifest.
|
- [x] Move interactive auth/session routes behind access module manifest.
|
||||||
- [x] Move legacy admin/API-key routes behind access module manifest.
|
- [x] Move legacy admin/API-key routes behind access module manifest.
|
||||||
- [x] Move access-owned legacy admin service helpers into `govoplan-access`.
|
- [x] Move access-owned legacy admin service helpers into `govoplan-access`.
|
||||||
- [x] Move governance-template CRUD/materialization helpers and routes into
|
- [x] Move governance-template CRUD helpers and routes into `govoplan-admin`.
|
||||||
`govoplan-admin`.
|
- [x] Move governance-template materialization of access-owned groups and roles
|
||||||
|
behind the `access.governanceMaterializer` capability.
|
||||||
- [x] Replace legacy access-to-files/campaign admin lookups with module
|
- [x] Replace legacy access-to-files/campaign admin lookups with module
|
||||||
tenant-summary and group-delete veto providers.
|
tenant-summary and group-delete veto providers.
|
||||||
- [x] Split legacy admin route contribution across `govoplan-admin`,
|
- [x] Split legacy admin route contribution across `govoplan-admin`,
|
||||||
@@ -424,6 +415,10 @@ Acceptance criteria:
|
|||||||
depends on `govoplan-tenancy`, and the registry inserts tenancy before access.
|
depends on `govoplan-tenancy`, and the registry inserts tenancy before access.
|
||||||
- [x] Replace tenancy-to-access default role seeding with an access
|
- [x] Replace tenancy-to-access default role seeding with an access
|
||||||
tenant-provisioner capability.
|
tenant-provisioner capability.
|
||||||
|
- [x] Replace tenancy-to-access owner candidate and owner membership handling
|
||||||
|
with the access tenant-provisioner capability.
|
||||||
|
- [x] Replace admin overview counts and audit actor lookup/filtering with the
|
||||||
|
`access.administration` capability.
|
||||||
- [x] Replace feature-module direct user/group/tenant model imports.
|
- [x] Replace feature-module direct user/group/tenant model imports.
|
||||||
- [x] `govoplan-files`
|
- [x] `govoplan-files`
|
||||||
- [x] `govoplan-mail`
|
- [x] `govoplan-mail`
|
||||||
|
|||||||
Reference in New Issue
Block a user