generated from coulomb/repo-seed
Add implementation workplans and integration boundaries
This commit is contained in:
103
workplans/USER-WP-0002-isolated-mvp.md
Normal file
103
workplans/USER-WP-0002-isolated-mvp.md
Normal file
@@ -0,0 +1,103 @@
|
||||
---
|
||||
id: USER-WP-0002
|
||||
type: workplan
|
||||
title: "User Engine Isolated MVP"
|
||||
domain: netkingdom
|
||||
repo: user-engine
|
||||
status: ready
|
||||
owner: codex
|
||||
topic_slug: netkingdom
|
||||
planning_priority: high
|
||||
planning_order: 2
|
||||
created: "2026-05-22"
|
||||
updated: "2026-05-22"
|
||||
depends_on:
|
||||
- USER-WP-0001
|
||||
state_hub_workstream_id: "780ce3bb-9af0-43dc-85cd-a9288e3d74c7"
|
||||
---
|
||||
|
||||
# USER-WP-0002 - User Engine Isolated MVP
|
||||
|
||||
## Goal
|
||||
|
||||
Implement the smallest useful headless service in isolation: users, accounts,
|
||||
identity links, one application, one catalog, profile values, effective
|
||||
profile resolution, projections, audit, outbox, and tests.
|
||||
|
||||
## Tasks
|
||||
|
||||
```task
|
||||
id: USER-WP-0002-T1
|
||||
status: todo
|
||||
priority: high
|
||||
state_hub_task_id: "0b43c19e-7ca4-4d32-93f4-3c083a200092"
|
||||
```
|
||||
|
||||
Implement the domain model and local persistence migrations.
|
||||
|
||||
```task
|
||||
id: USER-WP-0002-T2
|
||||
status: todo
|
||||
priority: high
|
||||
state_hub_task_id: "d6404f5c-292f-4eb5-819b-42fe8c237c60"
|
||||
```
|
||||
|
||||
Implement IAM Profile-compatible fixture actor handling and local identity
|
||||
linking by `(issuer, subject)`.
|
||||
|
||||
```task
|
||||
id: USER-WP-0002-T3
|
||||
status: todo
|
||||
priority: high
|
||||
state_hub_task_id: "b0b0ad70-d590-4faf-916e-41dbf25d6c5f"
|
||||
```
|
||||
|
||||
Implement the authorization check port with a deterministic local test
|
||||
adapter.
|
||||
|
||||
```task
|
||||
id: USER-WP-0002-T4
|
||||
status: todo
|
||||
priority: high
|
||||
state_hub_task_id: "ce310565-75e3-4fb4-9358-0aaff14a8ada"
|
||||
```
|
||||
|
||||
Implement headless APIs for health, readiness, `me`, users, account lifecycle,
|
||||
identity links, applications, catalogs, profiles, projections, and audit.
|
||||
|
||||
```task
|
||||
id: USER-WP-0002-T5
|
||||
status: todo
|
||||
priority: high
|
||||
state_hub_task_id: "4ebb8649-e3ff-4da8-80cd-eef8b1488129"
|
||||
```
|
||||
|
||||
Implement catalog validation, profile value validation, defaults, global plus
|
||||
application profile layers, and inspectable effective profile resolution.
|
||||
|
||||
```task
|
||||
id: USER-WP-0002-T6
|
||||
status: todo
|
||||
priority: high
|
||||
state_hub_task_id: "a238bbd8-95bb-499a-85f4-744acce188d4"
|
||||
```
|
||||
|
||||
Persist audit records and outbox events atomically with mutations.
|
||||
|
||||
```task
|
||||
id: USER-WP-0002-T7
|
||||
status: todo
|
||||
priority: high
|
||||
state_hub_task_id: "a9826644-1fea-4ada-bc21-7c545e790ffc"
|
||||
```
|
||||
|
||||
Add tests for lifecycle, identity linking, catalog validation, profile update
|
||||
authorization, projections, redaction, audit/outbox atomicity, and deny paths.
|
||||
|
||||
## Acceptance Criteria
|
||||
|
||||
- A demo application can register, publish a catalog, write profile values,
|
||||
and read an effective projection.
|
||||
- Self-service and admin-style operations work through the local auth adapter.
|
||||
- Sensitive values are redacted in non-eligible projections.
|
||||
- MVP tests cover positive and negative use cases.
|
||||
Reference in New Issue
Block a user