Skip to content

feat(control): stamp owner.id on create; owner immutable on update#358

Merged
aaliboyev merged 1 commit into
mainfrom
feat/owner-id-stamping
Jul 2, 2026
Merged

feat(control): stamp owner.id on create; owner immutable on update#358
aaliboyev merged 1 commit into
mainfrom
feat/owner-id-stamping

Conversation

@aaliboyev

@aaliboyev aaliboyev commented Jul 2, 2026

Copy link
Copy Markdown
Member

User-owned rows now record which user created them: the create paths (generic CRUD factory + relay-key custom create) stamp owner.id from the actor in context. A client-supplied owner.id must match the caller — only the admin-token break-glass may set another one. Admin-token rows keep an empty owner.id and behave as operator rows. PUT preserves the existing row's owner, so updates cannot chown.

No read or authz behavior change — ownership is now recorded, nothing consumes it yet. Existing rows with empty owner.id are unaffected.

…able on update

User-owned rows now record which user created them (owner.id from the
actor in context). A client-supplied owner.id must match the caller;
only the admin-token break-glass may set another id. Admin-token rows
keep an empty owner.id (operator/shared). PUT preserves the existing
row's owner — updates cannot chown.
@aaliboyev aaliboyev force-pushed the feat/owner-id-stamping branch from c0db48d to 135a903 Compare July 2, 2026 00:45
@aaliboyev aaliboyev merged commit b72b453 into main Jul 2, 2026
2 checks passed
@aaliboyev aaliboyev deleted the feat/owner-id-stamping branch July 2, 2026 02:12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant