MOPC/MOPC-Portal
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
331b67dae0080b11bfd96e9730771f5898cc7ddf
MOPC-Portal/docs/round-redesign-architecture-docs/mixed-round-design-implementation-docs/shared/authz-matrix.md
Matt 331b67dae0 Round system redesign: Phases 1-7 complete 
Full pipeline/track/stage architecture replacing the legacy round system.

Schema: 11 new models (Pipeline, Track, Stage, StageTransition,
ProjectStageState, RoutingRule, Cohort, CohortProject, LiveProgressCursor,
OverrideAction, AudienceVoter) + 8 new enums.

Backend: 9 new routers (pipeline, stage, routing, stageFiltering,
stageAssignment, cohort, live, decision, award) + 6 new services
(stage-engine, routing-engine, stage-filtering, stage-assignment,
stage-notifications, live-control).

Frontend: Pipeline wizard (17 components), jury stage pages (7),
applicant pipeline pages (3), public stage pages (2), admin pipeline
pages (5), shared stage components (3), SSE route, live hook.

Phase 6 refit: 23 routers/services migrated from roundId to stageId,
all frontend components refitted. Deleted round.ts (985 lines),
roundTemplate.ts, round-helpers.ts, round-settings.ts, round-type-settings.tsx,
10 legacy admin pages, 7 legacy jury pages, 3 legacy dialogs.

Phase 7 validation: 36 tests (10 unit + 8 integration files) all passing,
TypeScript 0 errors, Next.js build succeeds, 13 integrity checks,
legacy symbol sweep clean, auto-seed on first Docker startup.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-13 13:57:09 +01:00

1.5 KiB
Raw Blame History

Authorization Matrix

Roles:

  • SUPER_ADMIN
  • PROGRAM_ADMIN
  • AWARD_MASTER
  • JURY_MEMBER
  • APPLICANT
  • OBSERVER
  • AUDIENCE (public voting context)
Capability Super Admin Program Admin Award Master Jury Applicant Observer Audience
Create/Edit Pipeline Yes Yes (scoped) No No No No No
Publish Pipeline Yes Yes (scoped) No No No No No
Configure Stage Rules Yes Yes (scoped) No No No No No
Execute Manual Transition Yes Yes (scoped) Limited (award scoped) No No No No
Override Decision Yes Yes (scoped) Limited (award scoped) No No No No
View Audit Timeline Yes Yes (scoped) Award scoped Own actions No Read-only scoped No
Assign Jurors Yes Yes (scoped) Award scoped No No No No
Submit Evaluation No No Optional (if configured) Yes (assigned only) No No No
Upload Intake Docs No No No No Yes No No
Control Live Cursor Yes Yes (scoped) No No No No No
Cast Audience Vote No No No No Optional No Yes

Policy Notes

  1. Program scoping applies to all admin operations.
  2. AWARD_MASTER permissions are explicitly award-scoped and only active when governance mode allows it.
  3. Jury endpoints always enforce assignment ownership and window constraints.
  4. Audience endpoints enforce cohort membership + window state + dedupe key policy.
Reference in New Issue View Git Blame Copy Permalink