33 lines
1.5 KiB
Markdown
33 lines
1.5 KiB
Markdown
# Authorization Matrix
|
|
|
|
Roles:
|
|
|
|
- `SUPER_ADMIN`
|
|
- `PROGRAM_ADMIN`
|
|
- `AWARD_MASTER`
|
|
- `JURY_MEMBER`
|
|
- `APPLICANT`
|
|
- `OBSERVER`
|
|
- `AUDIENCE` (public voting context)
|
|
|
|
| Capability | Super Admin | Program Admin | Award Master | Jury | Applicant | Observer | Audience |
|
|
|---|---|---|---|---|---|---|---|
|
|
| Create/Edit Pipeline | Yes | Yes (scoped) | No | No | No | No | No |
|
|
| Publish Pipeline | Yes | Yes (scoped) | No | No | No | No | No |
|
|
| Configure Stage Rules | Yes | Yes (scoped) | No | No | No | No | No |
|
|
| Execute Manual Transition | Yes | Yes (scoped) | Limited (award scoped) | No | No | No | No |
|
|
| Override Decision | Yes | Yes (scoped) | Limited (award scoped) | No | No | No | No |
|
|
| View Audit Timeline | Yes | Yes (scoped) | Award scoped | Own actions | No | Read-only scoped | No |
|
|
| Assign Jurors | Yes | Yes (scoped) | Award scoped | No | No | No | No |
|
|
| Submit Evaluation | No | No | Optional (if configured) | Yes (assigned only) | No | No | No |
|
|
| Upload Intake Docs | No | No | No | No | Yes | No | No |
|
|
| Control Live Cursor | Yes | Yes (scoped) | No | No | No | No | No |
|
|
| Cast Audience Vote | No | No | No | No | Optional | No | Yes |
|
|
|
|
## Policy Notes
|
|
|
|
1. Program scoping applies to all admin operations.
|
|
2. `AWARD_MASTER` permissions are explicitly award-scoped and only active when governance mode allows it.
|
|
3. Jury endpoints always enforce assignment ownership and window constraints.
|
|
4. Audience endpoints enforce cohort membership + window state + dedupe key policy.
|