36 lines
904 B
Markdown
36 lines
904 B
Markdown
# Domain Glossary
|
|
|
|
## Core Terms
|
|
|
|
### Owner
|
|
|
|
Highest-privilege admin role. Exactly one canonical owner must exist at all times.
|
|
|
|
### Support User
|
|
|
|
Hidden technical support account used for break-glass access and operational recovery.
|
|
|
|
### Admin Registration Policy
|
|
|
|
Runtime policy controlling whether `/register` can create additional admin users after owner bootstrap.
|
|
|
|
### Protected Account
|
|
|
|
Account that cannot be deleted/demoted through self-service flows (support + canonical owner).
|
|
|
|
### CRUD Service
|
|
|
|
Shared `@cms/crud` service abstraction combining schema validation, repository orchestration, and audit hooks.
|
|
|
|
### Permission Scope
|
|
|
|
RBAC access scope granularity: `own`, `team`, `global`.
|
|
|
|
### Roadmap Source Of Truth
|
|
|
|
`TODO.md` in repository root. Rendered in admin via `/todo`.
|
|
|
|
### Header Banner
|
|
|
|
Public-site announcement strip configured through `system_setting` key `public.header_banner`.
|