Difficulty: Advanced
Type: Feature
Summary
Extend role handling so roles can have hierarchy and optional expiry timestamps. This supports time-limited contributors, elevated admins, and richer access rules.
Current Behaviour
Roles are treated as simple assignments such as member, contributor, and admin. There is no visible support for role hierarchy or temporary role assignment expiry.
Expected Behaviour
The policy engine and API should understand hierarchical roles and ignore expired role assignments when resolving effective permissions.
Suggested Implementation
Add optional expiresAt to role assignments and define role hierarchy semantics. Update resolveEffectiveRoles and policy evaluation to consider active role windows and inherited permissions.
Files or Areas Likely Affected
apps/access-api/prisma/schema.prisma
packages/policy-engine/src/index.ts
packages/shared-types/src/index.ts
apps/access-api/src/services/memberService.ts
packages/policy-engine/test/
Acceptance Criteria
Additional Notes
Keep hierarchy explicit and predictable. Do not introduce arbitrary role graphs unless maintainers approve that model.
Difficulty: Advanced
Type: Feature
Summary
Extend role handling so roles can have hierarchy and optional expiry timestamps. This supports time-limited contributors, elevated admins, and richer access rules.
Current Behaviour
Roles are treated as simple assignments such as member, contributor, and admin. There is no visible support for role hierarchy or temporary role assignment expiry.
Expected Behaviour
The policy engine and API should understand hierarchical roles and ignore expired role assignments when resolving effective permissions.
Suggested Implementation
Add optional
expiresAtto role assignments and define role hierarchy semantics. UpdateresolveEffectiveRolesand policy evaluation to consider active role windows and inherited permissions.Files or Areas Likely Affected
apps/access-api/prisma/schema.prismapackages/policy-engine/src/index.tspackages/shared-types/src/index.tsapps/access-api/src/services/memberService.tspackages/policy-engine/test/Acceptance Criteria
Additional Notes
Keep hierarchy explicit and predictable. Do not introduce arbitrary role graphs unless maintainers approve that model.