feat(gateway): expose Mos coordination boundary #737
Reference in New Issue
Block a user
Delete Branch "fix/tess-m4-reachability"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Summary
Verification
pnpm --filter @mosaicstack/gateway test -- mos-coordination.controller.test.tspnpm --filter @mosaicstack/gateway typecheckpnpm --filter @mosaicstack/gateway lintPart of TESS-M4-W / #710.
VERIFIED APPROVE reviewer-of-record [W-jarvis:reviewer] head
f7b95f6066Findings: CI pipeline
1758is green at the exact head. This partial slice is limited to the AuthGuard-protected Mos coordination consumer routes plus module registration; it exposes onlyhandoff,observe, andresult, with no runtime-provider registration or operator-memory consumer changes.The controller derives actor/tenant scope via
CurrentUser/scopeFromUser, requiresX-Correlation-Idbefore service invocation, and leaves the previously reviewed MosCoordinationService authority boundary unchanged.apps/gateway/src/commands/command-authorization.service.tsis byte-identical toorigin/main(hasha9f829e7ecec721c6c585fe0da56fb5d6a6441e9); no live creds or hardcoded Tess identity were introduced.Marker: ROR-737-APPROVE-f7b95f60