docs(adr-0025): promote to accepted + sync persona matrix with test tenant
CI / scan (pull_request) Failing after 2m31s
CI / commits (pull_request) Successful in 2m56s
CI / check (pull_request) Successful in 3m10s
CI / a11y (pull_request) Successful in 2m46s
Docs site / build (pull_request) Successful in 2m56s
CI / perf (pull_request) Successful in 7m6s
CI / scan (pull_request) Failing after 2m31s
CI / commits (pull_request) Successful in 2m56s
CI / check (pull_request) Successful in 3m10s
CI / a11y (pull_request) Successful in 2m46s
Docs site / build (pull_request) Successful in 2m56s
CI / perf (pull_request) Successful in 7m6s
The test tenant (apfrd.onmicrosoft.com) has been provisioned with the full role / user matrix. ADR-0025 was accepted as the implementation reference; this commit aligns the document with what is actually in place. Changes: - Frontmatter status: proposed -> accepted; date unchanged (decision was already final on 2026-05-20). - Privilege catalogue: expanded from 1 to 4 entries. Portal.Auditor, Portal.SecurityOfficer and Portal.DPO were anticipated future entries; they are now provisioned in the test tenant alongside Portal.Admin and ride the catalogue while their consuming surfaces land in subsequent PRs. - Test-tenant personas: rewritten from 10 to 19 entries so every one of the 24 functional-role groups carries at least one user (apf-role-partenaire remains intentionally empty as a placeholder per the existing rationale). The four privileges each have an assigned user. - New 'Provisioned in the test tenant' subsection records the Entra app-role GUIDs (kept in-repo because they are stable IDs the implementation will reference; group GUIDs stay gitignored). - README.md index: status row flipped to accepted. - CLAUDE.md: roll-up extended from '0001 -> 0024 accepted' to '0001 -> 0025 accepted', Architecture list grows an 'Authorization model' bullet.
This commit is contained in:
@@ -68,4 +68,4 @@ ADRs are listed in numerical order. To slice by topic, filter on the `Tags` colu
|
||||
| [0022](0022-docs-site-vitepress.md) | Documentation site — VitePress + Mermaid plugin, separate static deployment | accepted | `process`, `infrastructure` | 2026-05-15 |
|
||||
| [0023](0023-charts-d3-observable-plot.md) | Charts + dashboards — D3 + Observable Plot wrapped in `libs/shared/charts` | accepted | `frontend`, `accessibility`, `performance` | 2026-05-16 |
|
||||
| [0024](0024-ai-service-relay-grpc-sse-bridge.md) | AI service relay — vendored gRPC protos, NestJS gRPC client, SSE bridge to the SPA, POC unsigned principal | accepted | `backend`, `security`, `observability` | 2026-05-19 |
|
||||
| [0025](0025-authorization-model-privileges-roles-scopes.md) | Authorization model — three orthogonal axes (privileges × functional roles × scopes), Entra-backed | proposed | `security`, `backend`, `data` | 2026-05-20 |
|
||||
| [0025](0025-authorization-model-privileges-roles-scopes.md) | Authorization model — three orthogonal axes (privileges × functional roles × scopes), Entra-backed | accepted | `security`, `backend`, `data` | 2026-05-20 |
|
||||
|
||||
Reference in New Issue
Block a user