Files
govoplan-postbox/README.md
2026-07-11 16:49:04 +02:00

1.8 KiB

govoplan-postbox

Repository type: module (domain).

GovOPlaN Postbox provides platform-owned postboxes for internal work, portals, campaign flows, and role-bound organizational communication.

Ownership

This repository owns:

  • backend module manifest postbox
  • postbox permissions and policy checks
  • postbox, binding, message, participant, attachment-reference, and audit-facing data models
  • role-organization-bound access resolution for postboxes
  • API routes for postbox directory, messages, access checks, and administration
  • optional integration capabilities for campaign, files, portal, notification, and mail-facing workflows
  • future WebUI package @govoplan/postbox-webui

Core owns auth, tenants, RBAC evaluation, database/session primitives, module discovery, migrations, CSRF/API helpers, and shell layout. Access owns identities, users, groups, roles, memberships, and administrative RBAC surfaces.

Role-bound postboxes

A role-bound postbox is linked to an organizational unit and one or more roles. A person can access that postbox while their identity has an effective matching role in that organizational unit. Access is not tied to a login mailbox, personal email address, or static user assignment.

When the role assignment changes, postbox access changes with it. The postbox keeps durable message and evidence history, while authorization remains derived from current platform role state.

Module integration

Backend entry point:

[project.entry-points."govoplan.modules"]
postbox = "govoplan_postbox.backend.manifest:get_manifest"

Frontend package:

@govoplan/postbox-webui

Platform RBAC, module capability contracts, and governance rules are documented in govoplan-core/docs/.