ZDDC
0d21c16102
Replace the project-level working/<email> "personal workspace" idea (too much complexity for too little) with a simpler model on the virtual <project>/working/: - EnsureCanonicalAncestors now materialises the working/ slot dir on disk the first time real content is created beneath it (it stays a plain dir, never auto-owned). ssr/mdl/rsk/staging/reviewing keep rejecting physical writes. - Each <project>/working/<folder>/ a user creates gets an unfenced auto-own .zddc (creator rwcda; the team inherits read+create-new, not w/d). history: true still inherits in, so markdown drafts there are versioned. - defaults grant project_team rc + document_controller rwc at working/ so users can create their folders and the DC has authority throughout. - A bare file DIRECTLY at the working/ root is reserved for the document_controller: serveFilePut and serveFileMove reject non-DC writes/moves there (isProjectWorkingRootFile + zddc.IsRoleMemberAt), independent of the ACL verb since mkdir and file-PUT both authorise as ActionCreate. Users work inside a folder; the DC creates files at the root or promotes one up with a MOVE. Tests: ensure_test materialisation + plain-slot cases; fileapi_test DC-gate for PUT and MOVE. The generic dispatch-routing test moves its ops into working/drafts/. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> |
||
|---|---|---|
| .. | ||
| apps | ||
| archive | ||
| auth | ||
| cache | ||
| config | ||
| convert | ||
| fs | ||
| handler | ||
| jsonschema | ||
| listing | ||
| policy | ||
| tlsutil | ||
| zddc | ||
| zipfs | ||