wiki-cafe/member-console
0
0
Fork 0
Code Issues Pull Requests Packages Projects 1 Releases Activity
Files
8065d4837aff
member-console/internal/provisioning
History
Christian Galo 751bae7768 Use plan ladder for org defaults 
Add default_plan_ladder_id with a forward data migration and update
the runtime to resolve the ladder's rank-0 tier at use-time. Regenerate
sqlc, update auto-provisioning, ReapplyDefaultsForPool, operator UI and
tests; add GetTierByLadderRank and pool/provision query helpers. Add a
CSP-safe confirm-action modal and wire operator actions to it. Close
plan-sole-writer safety gaps and serialize IssueGrant with a FOR UPDATE
pool lock to prevent ladder races.
2026-04-27 01:57:17 -05:00
..
provisioning_test.go
Use plan ladder for org defaults
2026-04-27 01:57:17 -05:00
provisioning.go
Use plan ladder for org defaults
2026-04-27 01:57:17 -05:00
README.md
Grants management!
2026-03-24 17:35:14 -05:00

README.md

Provisioning Module

The provisioning module orchestrates first-login auto-provisioning. When a user authenticates via OIDC for the first time, AutoProvision creates all governance and resource structures within a single database transaction:

  1. User — identity record linked to the OIDC subject
  2. Person — profile record (display name, email)
  3. Organization — personal org (org_type = 'personal')
  4. OrgMember — membership with the owner system role
  5. Workspace — default workspace within the org
  6. Role Assignment — org-scoped role assignment for the owner
  7. Resource Pool — default pool (pool_type = 'default', is_auto_managed = true)
  8. Pool Assignment — primary link between workspace and pool (is_primary = true)

If any step fails, the entire transaction rolls back — no partial structures exist.