Codex 5.3 Refactor Note: Canonical refactor plan: docs/CODEX-5.3-REFACTOR-PLAN.md. This document is retained for historical and implementation context during the refactor.
RBAC & Permissions
Current source of truth
- Access rules in code:
src/lib/auth/rbac.ts - Current role-flow audit: docs/ROLE-FLOW-CHECK-2026-04-26.md
- Operational summary: docs/PROJECT_CONTEXT_FULL.md
Role summary
HR- works intake, HR screening, manager assignment, and supporting candidate operations
- can access upload flow and parts of org/admin-style tooling in the current worktree
MANAGER- candidate access is assignment-based
- can also review through
/manager-review/[token]when a valid link exists
SMO- handles final review workflows, interview artifacts, deep-dive answer review, and final decisions
ADMIN- owns system settings, governance, access requests, user administration, and org configuration
Important current caveats
- Manager dashboard still surfaces some unassigned
HR_SCREENEDitems even though detail access remains assignment-locked. Settingsis visible in the shared nav, but the main settings APIs are admin-only.- HR can open the users list, but user-detail access is currently narrower than the list permission.