permissionTemplate (attik-backend/src/models/permissionTemplateSchema.ts) and managed under Admin → Instance Management → Permission Templates (attik-frontend/src/app/admin/settings/instance-management/permission-templates/).PermissionPresetSelect.tsx), the app copies template.permissions into the edit form only (onApplyPermissions(t.permissions)); saving writes that array to the membership or global permissions endpoint. There is no stored association between a user/membership and a template id.membership.permissions in membershipSchema.ts, user.permissions / user.adminPermissions in userSchema.ts)—for example route gates in instanceManagement.ts, permissions.ts, and hasAdminPerm.ts for Attik admin permissions. Templates are not consulted at check time.PATCH instance-management/permission-templates/:templateId in instanceManagement.ts) only changes the template document; no users or memberships are updated.attik-frontend/src/app/tools/settings/users/[id]/DataForm.tsx) and Admin instance user management (UserEditClient.tsx — global permissions and per-membership forms).attik-backend/src/models/permissionTemplateSchema.ts — template definition (permissions, type standard/brand, _companyIds).attik-backend/src/models/membershipSchema.ts — today stores permissions: string[] only; decision needed whether assignment is membership-scoped (likely) via a new field (e.g. template reference + optional override mode) or sync-on-save only.attik-backend/src/routes/instanceManagement.ts — template CRUD (GET/POST/PATCH/DELETE permission-templates), POST /users/:userId/global-permissions, user admin permissions patch; any template-update propagation or resolve-at-read logic would touch this area.attik-backend/src/routes/membership.ts — membership PATCH for per-company permissions; session cache invalidation via invalidateUserSessionCache after permission changes.attik-backend/src/routes/permissions.ts — lists templates for callers with settings-admin (company settings context).user.adminPermissions, AdminPermissionsSection.tsx) are separate from company permission templates today—decision needed whether admin template linking is in scope or only company membership templates.attik-frontend/src/components/permissions/PermissionPresetSelect.tsx — “Saved templates” dropdown applies a one-time copy; UX may need linked vs custom modes and visible assignment state.PermissionTemplatesClient.tsx, UserEditClient.tsx (GlobalPermissionsForm, MembershipPermissionsForm).attik-frontend/src/app/tools/settings/users/[id]/DataForm.tsx — membership permissions + template picker.membership.permissions when template changes (requires tracking assignments going forward + migration story for existing users)._companyIds scoping on templates should still govern which templates appear per company when assigning.attik-backend/src/models/permissionTemplateSchema.tsattik-backend/src/models/membershipSchema.tsattik-backend/src/routes/instanceManagement.tsattik-backend/src/routes/membership.tsattik-frontend/src/components/permissions/PermissionPresetSelect.tsxattik-frontend/src/app/admin/settings/instance-management/user-management/[userId]/UserEditClient.tsxattik-frontend/src/app/tools/settings/users/[id]/DataForm.tsxPlease authenticate to join the conversation.
Planned
Main App
About 2 months ago
Linear
Get notified by email when there are changes.
Planned
Main App
About 2 months ago
Linear
Get notified by email when there are changes.