mosaic/stack
1
0
Fork 0
Code Issues 10 Pull Requests Actions Packages Projects Releases 2 Wiki Activity

chore: bootstrap MS21 Multi-Tenant RBAC Data Migration mission (#552)

Browse Source 
Co-authored-by: Jason Woltje <jason@diversecanvas.com>
Co-committed-by: Jason Woltje <jason@diversecanvas.com>
This commit was merged in pull request #552.
This commit is contained in:
Jason Woltje
2026-02-28 17:12:22 +00:00
committed by jason.woltje
parent 128431ba58
commit 8098504fb8
5 changed files with 421 additions and 133 deletions
Download Patch File Download Diff File Expand all files Collapse all files

49
docs/scratchpads/ms21-multi-tenant-rbac-data-migration-20260228.md Normal file
View File

@@ -0,0 +1,49 @@
# Mission Scratchpad — MS21 Multi-Tenant RBAC Data Migration
> Append-only log. NEVER delete entries. NEVER overwrite sections.
## Original Mission Prompt
```
Build multi-tenant user/workspace/team management with admin UI, break-glass
local authentication (bypass OIDC for emergencies), enforce RBAC across all
UI surfaces, and migrate jarvis-brain data (95 tasks, 106 projects) into
Mosaic Stack PostgreSQL. This unlocks multi-user access for Melanie and
USC employees.
```
## Planning Decisions
### 2026-02-28 — Initial Planning (Orchestrator: Jarvis/OpenClaw)
1. **Phase order**: Schema+API first, then break-glass auth, then data migration, then UI, then RBAC enforcement, then verification. Rationale: Backend must exist before frontend can wire to it; migration can run independently once schema is ready.
2. **Worker strategy**: Up to 6 parallel workers (2 Claude, 2 Codex, 2 GLM). Claude for complex multi-file implementations. Codex for targeted single-file tasks. GLM for documentation and test writing.
3. **Phase 1 parallelization plan**:
- Worker A (Claude): MS21-DB-001 (Prisma migration) — must complete first
- After DB-001 done:
- Worker B (Claude): MS21-API-001 + MS21-API-002 (AdminModule + user endpoints)
- Worker C (Codex): MS21-API-003 (workspace member management)
- Worker D (Codex): MS21-API-004 (team management)
- Worker E (Claude): MS21-API-005 (admin workspace endpoints)
- Worker F (GLM): MS21-TEST-001 (unit tests for admin module)
4. **PRD location**: docs/PRD-MS21.md (separate from main PRD.md to preserve history)
5. **Orchestrator is Jarvis (OpenClaw)** — not a Claude Code session. This is the first hybrid orchestration: OpenClaw manages mission, dispatches workers via mosaic yolo claude, codex exec, and OpenClaw subagents.
## Session Log
| Session | Date | Milestone | Tasks Done | Outcome |
| ------- | ---------- | --------- | ------------- | --------------------------------------------- |
| S1 | 2026-02-28 | Planning | MS21-PLAN-001 | PRD written, mission init, TASKS.md populated |
## Open Questions
- BetterAuth credential provider config alongside OIDC — needs verification in worker task
- Exact sidebar items to gate behind admin role — review during RBAC phase
## Corrections
(none yet)