3c2efae951
Plan task P2.6. Per the spec's "techs wear multiple hats" rule, lift
gates so technicians can do their work without permission walls:
fp.certificate operator: read → read+write
(flip draft→issued from tablet)
fp.thickness.reading operator: read → read+write+create
(capture Fischerscope readings from tablet)
fp.job.node.override operator: NEW read-only
(see opt-out badges on steps)
Supervisor-only operations (step Skip, hold Release, override
Re-include) remain enforced in workspace_controller, not ACL — so the
ACL stays minimal and the controller centralizes the gate logic.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
1.8 KiB
1.8 KiB
| 1 | id | name | model_id:id | group_id:id | perm_read | perm_write | perm_create | perm_unlink |
|---|---|---|---|---|---|---|---|---|
| 2 | access_fp_certificate_operator | fp.certificate.operator | model_fp_certificate | fusion_plating.group_fusion_plating_operator | 1 | 1 | 0 | 0 |
| 3 | access_fp_certificate_supervisor | fp.certificate.supervisor | model_fp_certificate | fusion_plating.group_fusion_plating_supervisor | 1 | 1 | 1 | 0 |
| 4 | access_fp_certificate_manager | fp.certificate.manager | model_fp_certificate | fusion_plating.group_fusion_plating_manager | 1 | 1 | 1 | 1 |
| 5 | access_fp_thickness_reading_operator | fp.thickness.reading.operator | model_fp_thickness_reading | fusion_plating.group_fusion_plating_operator | 1 | 1 | 1 | 0 |
| 6 | access_fp_thickness_reading_supervisor | fp.thickness.reading.supervisor | model_fp_thickness_reading | fusion_plating.group_fusion_plating_supervisor | 1 | 1 | 1 | 0 |
| 7 | access_fp_thickness_reading_manager | fp.thickness.reading.manager | model_fp_thickness_reading | fusion_plating.group_fusion_plating_manager | 1 | 1 | 1 | 1 |
| 8 | access_fp_cert_void_wiz_sup | fp.cert.void.wiz.supervisor | model_fp_cert_void_wizard | fusion_plating.group_fusion_plating_supervisor | 1 | 1 | 1 | 1 |
| 9 | access_fp_cert_void_wiz_mgr | fp.cert.void.wiz.manager | model_fp_cert_void_wizard | fusion_plating.group_fusion_plating_manager | 1 | 1 | 1 | 1 |
| 10 | access_fp_thickness_upload_wiz_sup | fp.thickness.upload.wiz.supervisor | model_fp_thickness_upload_wizard | fusion_plating.group_fusion_plating_supervisor | 1 | 1 | 1 | 1 |
| 11 | access_fp_thickness_upload_wiz_mgr | fp.thickness.upload.wiz.manager | model_fp_thickness_upload_wizard | fusion_plating.group_fusion_plating_manager | 1 | 1 | 1 | 1 |
| 12 | access_fp_thickness_upload_wiz_line_sup | fp.thickness.upload.wiz.line.supervisor | model_fp_thickness_upload_wizard_line | fusion_plating.group_fusion_plating_supervisor | 1 | 1 | 1 | 1 |
| 13 | access_fp_thickness_upload_wiz_line_mgr | fp.thickness.upload.wiz.line.manager | model_fp_thickness_upload_wizard_line | fusion_plating.group_fusion_plating_manager | 1 | 1 | 1 | 1 |