ember/continuwuity
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1

feat/space-permission-cascading #2

Merged
ember merged 6 commits from feat/space-permission-cascading into deployment 2026-03-20 08:03:11 +00:00
Conversation 0 Commits 6 Files changed 19 +3688 -1

6 commits

Author SHA1 Message Date
ember33
1f91a74b27 feat(spaces): wire up enforcement hooks in join, append, and build paths
Some checks failed
Documentation / Build and Deploy Documentation (pull_request) Has been skipped
Details
Checks / Prek / Pre-commit & Formatting (pull_request) Failing after 5s
Details
Checks / Prek / Clippy and Cargo Tests (pull_request) Failing after 6s
Details
Update flake hashes / update-flake-hashes (pull_request) Failing after 6s
Details 
Add minimal integration points in existing files:
- append.rs: call on_pdu_appended for event-driven enforcement
- build.rs: call validate_pl_change to protect space-managed PLs
- join.rs: call check_join_allowed to gate joins on role requirements
- timeline/mod.rs: add roles service dependency
 2026-03-20 08:52:23 +01:00
ember33
5f901a560b feat(spaces): add admin commands for space role management 
Add !admin space roles subcommands: list, add, remove, assign, revoke,
require, unrequire, user, room, enable, disable, status. The remove
command uses cascade_remove_role macro to deduplicate member and room
cleanup loops. Role definitions, assignments, and room requirements
are managed via state events.
 2026-03-20 08:52:13 +01:00
ember33
59401e1786 feat(spaces): add space roles service with enforcement and caching 
Implement the roles service with well-factored helper methods:
- Cache population via load_user_roles, load_room_requirements,
  load_child_rooms_index helpers
- Enforcement dispatch via enforce_roles_change, enforce_member_change,
  enforce_room_change, enforce_cascading_toggle
- Child management via handle_child_added, handle_child_removed
- Kick logic via user_qualifies_in_any_parent, kick_user_from_room
- PL computation via compute_effective_pl (highest-wins across spaces)
- Per-space enable/disable, graceful shutdown guards
 2026-03-20 08:52:05 +01:00
ember33
95fa3b022a feat(spaces): add custom state event types and config for space permission cascading 
Add four custom Matrix state event content types for space role
management: space roles definitions, per-user role assignments,
per-room role requirements, and per-space cascading override.

Add server config options: space_permission_cascading (default false)
as the server-wide toggle, and space_roles_cache_flush_threshold
(default 1000) for cache management.
 2026-03-20 08:51:57 +01:00
ember33
3bfd10efab docs: add implementation plan for space permission cascading 
15-task plan covering config flag, custom event types, service layer,
cache, enforcement hooks, admin commands, and testing.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-17 15:04:32 +01:00
ember33
835d434d92 docs: add design doc for space permission cascading 
Covers power level cascading from Spaces to child rooms, role-based
room access control, continuous enforcement, and admin room commands.
Feature will be behind a server-wide config flag.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
 2026-03-17 14:59:48 +01:00