Loading module
Resolving locale, route permissions, and workspace projection.
Resolving locale, route permissions, and workspace projection.
Current scope: Guest
Category: 10_normative | Version: v1.0.0
Owner: DOCUMENT_CUSTODIAN | Review cycle: 90 days
Approval authority: GOVERNANCE_ADMIN
Documentation portal is read-only. Editing and mutation endpoints are disabled.
Kvary platformu aslen Gürcüce oluşturulmuştur. Gürcüce bir sürüm mevcut olduğunda platform arayüzü, dokümantasyon ve hukuki yorum bakımından yetkili dil Gürcücedir.
Diğer dillere yapılan çeviriler kolaylık sağlamak amacıyla sunulur. Bazı kayıtlar belirli bir akış için farklı bir kaynak veya hukuki yerel ayar taşıyabilir; ancak Gürcüce bir sürüm mevcut olduğunda platform düzeyindeki ifadeler ve yorum bakımından öncelik Gürcüce sürümdedir.
Metadata incomplete: Document ID, Version, Status, Owner Role, Last Review Date, Next Review Date, Change Log
This document freezes the permission vocabulary used by gateway and auth flows in Phase A. It is a governance control to keep permission naming deterministic before Tender/Auction domain expansion.
No runtime behavior is introduced by this document.
authrolesstakeholderadminuserfuture: tender, auction, stakeworkreadwritesubmitreviewapproverejectverifyactivatesuspendaccessblacklisted_account.auth:me.read/auth/me and gateway equivalent).ACTIVE.UNVERIFIED or higher (no KYC hard gate in Phase A).roles:request.reviewACTIVE.admin:accessACTIVE.stakeholder:submitACTIVE.UNVERIFIED or higher in Phase A.stakeholder:verifyACTIVE.tender:submitDRAFT -> SUBMITTED).ACTIVE.tender:read.meGET /tenders/me).ACTIVE.tender:review.queueACTIVE.tender:approveSUBMITTED -> APPROVED) with reviewer attribution.ACTIVE.VERIFIED.verificationStatus MUST be VERIFIED.tender:rejectSUBMITTED -> REJECTED) with reviewer attribution and reason.ACTIVE.VERIFIED.verificationStatus MUST be VERIFIED.risk:recalculate.anyACTIVE.VERIFIED.verificationStatus MUST be VERIFIED.emailVerified SHOULD be treated as baseline for privileged gateway operations.Any new permission token MUST:
@kvary/rbac-domain permission catalog.${resource}:${action} taxonomy.