m/paliad
1
0
Fork 0
Code Issues 146 Pull Requests 8 Actions 3 Packages Projects Releases Wiki Activity
Files
b3401ec8acdcbd1ab45dfefd36f6e7ef8d73b7df
paliad/internal
History
m b3401ec8ac feat(t-paliad-138): migration 054 — dual-control approvals schema 
Schema-only commit (1 of 8) for the 4-Augen-Prüfung workflow per
docs/design-approvals-2026-05-06.md. No Go code reads these yet —
paliad behaves identically until commit 2 wires ApprovalService into
the mutation paths.

Migration 054 adds:

1. `senior_pa` to paliad.project_teams.role CHECK. Drops both the
   English `project_teams_role_check` and the German-legacy
   `projekt_teams_role_check` (live-DB constraint name carried over
   from migration 018's pre-rename era).

2. `paliad.approval_role_level(text) RETURNS int IMMUTABLE` — strict
   ladder helper: lead(5) > of_counsel(4) > associate(3) > senior_pa(2)
   > pa(1) > [local_counsel/expert/observer = 0 = ineligible]. Mirrors
   the upcoming Go `levelOf()`.

3. `paliad.approval_policies` (project_id, entity_type, lifecycle_event,
   required_role) — UNIQUE composite key gives at most 8 rows per
   project. RLS: SELECT via can_see_project; INSERT/UPDATE/DELETE only
   for global_admin (defence-in-depth; service-role pool bypasses RLS,
   so the actual gate is service-layer).

4. `paliad.approval_requests` — operational pending workflow.
   pre_image jsonb captures revert state; payload echoes the diff;
   required_role snapshots the policy at request time. CHECK
   `decided_by != requested_by` is the second layer of self-approval
   block. RLS = same can_see_project predicate as deadlines /
   appointments — anyone with project visibility sees pending requests.

5. `approval_status` (default 'approved'), `pending_request_id`,
   `approved_by`, `approved_at` columns on both deadlines and
   appointments. `appointments.completed_at` (new) lands the
   appointment:complete lifecycle event.

6. Backfill: every existing deadline + appointment row marked
   approval_status='legacy'. Per Q11, no retroactive approval; the
   next mutation on a legacy row that hits an active policy follows
   the normal flow.

Live-DB dry-run verified end-to-end: 20 deadlines + 5 appointments
backfill, both new tables instantiate cleanly, helper function returns
correct levels, self-approval CHECK fires on invalid INSERT, valid
pending insert succeeds.
2026-05-06 15:13:26 +02:00
..
auth
chore(t-paliad-081): doc + dead-code batch (F-5/F-10/F-11/F-15/F-16/F-17/F-18)
2026-04-30 03:42:25 +02:00
branding
feat(t-paliad-065): firm-agnostic branding via single FIRM_NAME constant
2026-04-28 22:44:06 +02:00
calc
fix(t-paliad-130): cap GKG/RVG Streitwert at €30M (§34 GKG / §22(2) RVG)
2026-05-04 20:58:08 +02:00
changelog
revert(t-paliad-100): trim changelog backfill — keep only Event-Typen + UPC-Fristen
2026-05-03 13:09:37 +02:00
checklists
refactor(rename): German→English for backend (tables, types, services, handler files)
2026-04-20 17:35:38 +02:00
db
feat(t-paliad-138): migration 054 — dual-control approvals schema
2026-05-06 15:13:26 +02:00
handlers
feat(t-paliad-122): GET /api/tools/courts + Fristenrechner court picker
2026-05-06 12:50:59 +02:00
models
feat(t-paliad-131): Phase A — concept layer + AnchorOverrides + click-to-edit dates
2026-05-05 00:05:12 +02:00
offices
feat(t-paliad-065): firm-agnostic branding via single FIRM_NAME constant
2026-04-28 22:44:06 +02:00
services
feat(t-paliad-122): country+regime aware HolidayService + CourtService
2026-05-06 12:47:12 +02:00
templates
feat(admin): /admin/email-templates editor (t-paliad-072)
2026-04-29 22:09:39 +02:00