Sync Repo-docs-MODULE-ARCHITECTURE from project files
@@ -1,4 +1,4 @@
|
|||||||
<!-- codex-wiki-sync:ac612f4a103c52d994713144 -->
|
<!-- codex-wiki-sync:bb7422b551349eda3e934059 -->
|
||||||
|
|
||||||
> Mirrored from `/mnt/DATA/git/govoplan-core/docs/MODULE_ARCHITECTURE.md`.
|
> Mirrored from `/mnt/DATA/git/govoplan-core/docs/MODULE_ARCHITECTURE.md`.
|
||||||
> Origin: `repository`.
|
> Origin: `repository`.
|
||||||
@@ -86,18 +86,27 @@ Known access-related capability names are defined in
|
|||||||
- `access.permissionEvaluator`
|
- `access.permissionEvaluator`
|
||||||
- `access.resourceAccess`
|
- `access.resourceAccess`
|
||||||
- `access.tenantProvisioner`
|
- `access.tenantProvisioner`
|
||||||
|
- `access.administration`
|
||||||
|
- `access.governanceMaterializer`
|
||||||
- `tenancy.tenantResolver`
|
- `tenancy.tenantResolver`
|
||||||
- `security.secretProvider`
|
- `security.secretProvider`
|
||||||
- `audit.sink`
|
- `audit.sink`
|
||||||
|
|
||||||
`govoplan-access` currently registers `access.principalResolver`,
|
`govoplan-access` currently registers `access.principalResolver`,
|
||||||
`access.permissionEvaluator`, `access.directory`, and
|
`access.permissionEvaluator`, `access.directory`, `access.tenantProvisioner`,
|
||||||
`access.tenantProvisioner`. `govoplan-tenancy` registers
|
`access.administration`, and `access.governanceMaterializer`.
|
||||||
`tenancy.tenantResolver`. The minimal authenticated platform set is now
|
`govoplan-tenancy` registers `tenancy.tenantResolver`. The minimal
|
||||||
`tenancy` plus `access`; the registry inserts `tenancy` before `access` when
|
authenticated platform set is now `tenancy` plus `access`; the registry
|
||||||
only feature modules are requested. Feature modules should prefer these
|
inserts `tenancy` before `access` when only feature modules are requested.
|
||||||
capabilities over direct reads of access/tenant ORM models when they need
|
Feature modules should prefer these capabilities over direct reads of
|
||||||
labels, group membership, default access provisioning, or tenant metadata.
|
access/tenant ORM models when they need labels, group membership, default
|
||||||
|
access provisioning, counts, audit actor labels, or tenant metadata.
|
||||||
|
|
||||||
|
FastAPI route dependencies for authenticated endpoints are access-owned and
|
||||||
|
published from `govoplan_access.backend.auth.dependencies`. Routers may import
|
||||||
|
that dependency module directly until a more generic request-principal adapter
|
||||||
|
exists; they must not import access ORM models or other access implementation
|
||||||
|
internals.
|
||||||
|
|
||||||
Current live table ownership:
|
Current live table ownership:
|
||||||
|
|
||||||
@@ -115,7 +124,10 @@ Current admin route ownership follows the same boundary: access contributes
|
|||||||
users, groups, roles, system accounts/roles, auth, sessions, and API-key
|
users, groups, roles, system accounts/roles, auth, sessions, and API-key
|
||||||
administration; tenancy contributes tenant registry/settings routes; admin
|
administration; tenancy contributes tenant registry/settings routes; admin
|
||||||
contributes system settings, overview, and governance-template routes; audit
|
contributes system settings, overview, and governance-template routes; audit
|
||||||
contributes audit-log routes.
|
contributes audit-log routes. Governance template metadata and assignment
|
||||||
|
routes live in `govoplan-admin`; materializing those templates into
|
||||||
|
access-owned groups and roles is performed by the
|
||||||
|
`access.governanceMaterializer` capability.
|
||||||
|
|
||||||
Current admin WebUI ownership mirrors that route split. `govoplan-access`
|
Current admin WebUI ownership mirrors that route split. `govoplan-access`
|
||||||
contributes the `/admin` route shell and admin nav item. Other platform modules
|
contributes the `/admin` route shell and admin nav item. Other platform modules
|
||||||
@@ -314,6 +326,8 @@ The repository includes `scripts/check_dependency_boundaries.py`. It enforces th
|
|||||||
- access source may not import files/mail/campaign internals
|
- access source may not import files/mail/campaign internals
|
||||||
- feature modules may not import access implementation internals
|
- feature modules may not import access implementation internals
|
||||||
- feature modules may not add new direct imports of sibling feature modules
|
- feature modules may not add new direct imports of sibling feature modules
|
||||||
|
- FastAPI routers may import the published
|
||||||
|
`govoplan_access.backend.auth.dependencies` dependency API
|
||||||
- the transitional allowlist is expected to stay empty
|
- the transitional allowlist is expected to stay empty
|
||||||
|
|
||||||
Any future exception is extraction debt and must be temporary, documented in the
|
Any future exception is extraction debt and must be temporary, documented in the
|
||||||
|
|||||||
Reference in New Issue
Block a user