chihlasm/resolutionflow
1
0
Fork 0
Code Issues 23 Pull Requests 1 Actions Packages Projects Releases Wiki Activity

feat(l1): add l1_tech role to permissions docstring

Browse Source 
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
This commit is contained in:
Michael Chihlas
2026-05-28 12:09:27 -04:00
parent d40cb834b1
commit 8cf6a66154
1 changed files with 4 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
backend/app/core/permissions.py
View File

@@ -1,11 +1,12 @@
""" """
Centralized permission checks for ResolutionFlow. Centralized permission checks for ResolutionFlow.
Role hierarchy: super_admin > owner > engineer > viewer Role hierarchy: super_admin > owner > engineer > l1_tech > viewer
- super_admin: is_super_admin=True, full system access - super_admin: is_super_admin=True, full system access
- owner: account_role='owner', manage account resources - owner: account_role='owner', manage account resources
- engineer: account_role='engineer' (default), CRUD own trees/steps - engineer: account_role='engineer' (default), CRUD own trees/steps
- l1_tech: account_role='l1_tech', use /l1/* surface only — walk flows, resolve/escalate
- viewer: account_role='viewer', read-only (can browse, run sessions, rate steps) - viewer: account_role='viewer', read-only (can browse, run sessions, rate steps)
""" """
from __future__ import annotations from __future__ import annotations
@@ -23,7 +24,8 @@ ROLE_HIERARCHY = {
"super_admin": 4, "super_admin": 4,
"owner": 3, "owner": 3,
"engineer": 2, "engineer": 2,
"viewer": 1, "l1_tech": 1,
"viewer": 0,
} }