restic-manager

steve/restic-manager

Fork 0

Commit Graph

Author	SHA1	Message	Date
steve	282258e837	spec: P4-03/04 — RBAC + user management design Brainstormed shape locked: chi route-group middleware, fail-closed admin default; setup-token flow with 1h single-use tokens (sha256-hashed at rest, raw shown to admin once); disable-only user lifecycle with last-admin guard; self-service /settings/account password change for every role; email field on users (metadata v1); session re-validation on every authenticated request so disable / role change land immediately. Locked decisions captured in §Role taxonomy, §Schema changes, §Setup-token flow, §RBAC enforcement, §Last-admin self-protection. Deferred items in §Out of scope (OIDC, SMTP email-the-link, hard delete, lockout). Migrations 0017 (users extensions) + 0018 (user_setup_tokens) both column-level ALTERs per CLAUDE.md preference.	2026-05-05 10:57:24 +01:00

Author

SHA1

Message

Date

steve

282258e837

spec: P4-03/04 — RBAC + user management design

Brainstormed shape locked: chi route-group middleware, fail-closed
admin default; setup-token flow with 1h single-use tokens
(sha256-hashed at rest, raw shown to admin once); disable-only user
lifecycle with last-admin guard; self-service /settings/account
password change for every role; email field on users (metadata
v1); session re-validation on every authenticated request so
disable / role change land immediately.

Locked decisions captured in §Role taxonomy, §Schema changes,
§Setup-token flow, §RBAC enforcement, §Last-admin self-protection.
Deferred items in §Out of scope (OIDC, SMTP email-the-link,
hard delete, lockout).

Migrations 0017 (users extensions) + 0018 (user_setup_tokens)
both column-level ALTERs per CLAUDE.md preference.

2026-05-05 10:57:24 +01:00

1 Commits