Access control
Permissions
Who can do what. v0.1 ships schema for all four permission primitives; the evaluator pipeline and UI controls land with the proxy implementation (Phase 2 territory).
Status
- stub User × action grants — schema present, UI pending
- stub Role-based grants — schema present, UI pending
- stub Hard denies (admin pins) — schema present, UI pending
- stub Per-agent overrides — schema present, UI pending
- stub Pinned/required permissions — schema present, UI pending
The permission evaluator pipeline is security-critical
(see CLAUDE.md → "CRITICAL: DO NOT TOUCH"). It composes:
(1) hard denies, (2) ceiling-and-subset from admin grants, (3) user
per-agent overrides, (4) pinned/required permissions. v0.1 deploys with
the evaluator stubbed at /proxy/* returning 501. Implementation
lands in Phase 2.