Access Control
Role lattice × permission scopes. Deny by default — an absent grant is a refusal.
| 4 roles × 10 scopes | coreARLEGIS CORE | legalARTON | financeARLEGIS CORE | |||||||
|---|---|---|---|---|---|---|---|---|---|---|
| users:admin | audit:read | access:admin | telemetry:read | directory:admin | data:admin | analytics:read | billing:admin | revenue:read | subscriptions:admin | |
| super admin10/10 scopes | ||||||||||
| legal admin3/10 scopes | ||||||||||
| finance admin3/10 scopes | ||||||||||
| auditor4/10 scopes | ||||||||||
granted directlyinherited from the role latticeempty — denied by default
The lattice is code-owned in @arlegis/domain-registry and versioned through git. Database-backed per-user grants and editing land with the entitlement wave; this matrix is the authoritative read.