1.5 KiB
1.5 KiB
Task L.3.1: Customer, Contact & Approval Visibility Hardening
Summary
Task L.3.1 closes the next set of CRM visibility gaps after Task L.3 by moving customer, contact, and approval visibility closer to the resolved CRM access model already used by quotations and dashboard security.
Implemented
- customer list/detail/update/delete routes now pass resolved CRM scope context
- customer service now filters visibility by:
- branch scope
- ownership scope
- related enquiry/quotation visibility
- marketing monitor visibility through enquiry relationships
- contact routes now inherit resolved customer visibility instead of organization-only reads
- contact access additionally preserves creator visibility
- approval list/detail now require either:
- related quotation visibility
- current approval actor visibility
- admin / organization-wide visibility
- dashboard approval analytics now reuse access-scoped approval listing
- added
customer_scope_violation,contact_scope_violation, andapproval_scope_violationsecurity audit actions - expanded static security verification coverage
- documented team-scope and contact-sharing limitations
Important limitation
The production schema still has no persisted contact-sharing model. That means L.3.1 hardens creator/customer/admin visibility, but it cannot preserve a live shared-contact workflow that does not yet exist in persistence.
Verification
npx tsc --noEmitnode --experimental-strip-types scripts/security/verify-crm-access.ts