45 lines
1.8 KiB
Markdown
45 lines
1.8 KiB
Markdown
# govoplan-postbox
|
|
|
|
<!-- govoplan-repository-type:start -->
|
|
**Repository type:** module (domain).
|
|
<!-- govoplan-repository-type:end -->
|
|
|
|
GovOPlaN Postbox provides platform-owned postboxes for internal work, portals, campaign flows, and role-bound organizational communication.
|
|
|
|
## Ownership
|
|
|
|
This repository owns:
|
|
|
|
- backend module manifest `postbox`
|
|
- postbox permissions and policy checks
|
|
- postbox, binding, message, participant, attachment-reference, and audit-facing data models
|
|
- role-organization-bound access resolution for postboxes
|
|
- API routes for postbox directory, messages, access checks, and administration
|
|
- optional integration capabilities for campaign, files, portal, notification, and mail-facing workflows
|
|
- future WebUI package `@govoplan/postbox-webui`
|
|
|
|
Core owns auth, tenants, RBAC evaluation, database/session primitives, module discovery, migrations, CSRF/API helpers, and shell layout. Access owns identities, users, groups, roles, memberships, and administrative RBAC surfaces.
|
|
|
|
## Role-bound postboxes
|
|
|
|
A role-bound postbox is linked to an organizational unit and one or more roles. A person can access that postbox while their identity has an effective matching role in that organizational unit. Access is not tied to a login mailbox, personal email address, or static user assignment.
|
|
|
|
When the role assignment changes, postbox access changes with it. The postbox keeps durable message and evidence history, while authorization remains derived from current platform role state.
|
|
|
|
## Module integration
|
|
|
|
Backend entry point:
|
|
|
|
```toml
|
|
[project.entry-points."govoplan.modules"]
|
|
postbox = "govoplan_postbox.backend.manifest:get_manifest"
|
|
```
|
|
|
|
Frontend package:
|
|
|
|
```text
|
|
@govoplan/postbox-webui
|
|
```
|
|
|
|
Platform RBAC, module capability contracts, and governance rules are documented in `govoplan-core/docs/`.
|