docs(04-rbac-02): complete portal RBAC integration plan
- 04-02-SUMMARY.md: Auth.js JWT + role nav + tenant switcher + impersonation banner + user pages - STATE.md: advanced to plan 3, metrics recorded, base-ui decisions added - ROADMAP.md: phase 4 updated to 2/3 plans complete - REQUIREMENTS.md: RBAC-05 marked complete
This commit is contained in:
@@ -53,7 +53,7 @@ Requirements for beta-ready release. Each maps to roadmap phases.
|
||||
- [x] **RBAC-02**: Customer admin role scoped to a single tenant with full control over agents, channels, billing, API keys, and user management
|
||||
- [x] **RBAC-03**: Customer operator role scoped to a single tenant with read-only access to agents, conversations, and usage dashboards
|
||||
- [x] **RBAC-04**: Customer admin can invite users (admin or operator) by email — invitee receives activation link to set password and enable access
|
||||
- [ ] **RBAC-05**: Portal navigation, pages, and UI elements adapt based on user role (platform admin sees tenant picker, customer admin sees their tenant, operator sees read-only views)
|
||||
- [x] **RBAC-05**: Portal navigation, pages, and UI elements adapt based on user role (platform admin sees tenant picker, customer admin sees their tenant, operator sees read-only views)
|
||||
- [x] **RBAC-06**: API endpoints enforce role-based authorization — unauthorized actions return 403 Forbidden, not just hidden UI
|
||||
|
||||
## v2 Requirements
|
||||
@@ -133,7 +133,7 @@ Which phases cover which requirements. Updated during roadmap creation.
|
||||
| RBAC-02 | Phase 4 | Complete |
|
||||
| RBAC-03 | Phase 4 | Complete |
|
||||
| RBAC-04 | Phase 4 | Complete |
|
||||
| RBAC-05 | Phase 4 | Pending |
|
||||
| RBAC-05 | Phase 4 | Complete |
|
||||
| RBAC-06 | Phase 4 | Complete |
|
||||
|
||||
**Coverage:**
|
||||
|
||||
Reference in New Issue
Block a user