PR L: persistent participant registry (plans_participants + API) #16

Open

nsatoshi wants to merge 1 commits from devin/1776881508-pr-l-participants into main

pull from: devin/1776881508-pr-l-participants

merge into: d-bis:main

d-bis:main

d-bis:devin/1776919187-responsive-uiux-system

d-bis:devin/1776918348-pr-ab-complete-phoenix-scaffolding

d-bis:sync/currencicombo-phoenix-e2e

d-bis:devin/1776898782-pr-aa-phoenix-migration

d-bis:devin/1776896284-pr-z-deploy-sandbox

d-bis:devin/1776890754-pr-t-evaluator-consolidation

d-bis:devin/1776883227-pr-s-obligations

d-bis:devin/1776883027-pr-r-fin-sandbox

d-bis:devin/1776882556-pr-q-e2e

d-bis:devin/1776882394-pr-p-rules-engine

d-bis:devin/1776882169-pr-o-eip712

d-bis:devin/1776881860-pr-n-swift-msgid

d-bis:devin/1776881763-pr-m-role-binding

d-bis:devin/1776881375-pr-k-phase-timeouts

d-bis:devin/1776881249-pr-j-redis-event-bus

d-bis:devin/1776880983-pr-i-boot-assertions-ci

d-bis:devin/1776533597-fix-undo-redo-history

d-bis:develop

Conversation 0 Commits 1 Files Changed 6 +454

nsatoshi commented 2026-04-22 18:15:41 +00:00

Owner

Copy Link

Closes gap-analysis v2 §4 + §10.9 (Participant Registry marked "missing").

What

• Migration 005 — plans_participants(plan_id, participant_id, role, lei, did, created_at) with composite UNIQUE(plan_id, role, participant_id) and CHECK on the role vocabulary matching types/plan.ts.
• services/participants.ts — idempotent add() / bulkAdd() / listForPlan() / listByRole() / remove(). The SoD layer resolves the authorised actor set for a transition by calling listByRole().
• api/participants.ts + wiring in index.ts:
  • GET /api/plans/:planId/participants
  • POST /api/plans/:planId/participants → emits participants.authorized
  • DELETE /api/plans/:planId/participants/:role/:participantId
• 7 unit tests against a Map-backed query stub.

Why

The Participant Registry is one of the canonical data objects in arch §4 and the source of truth for segregation-of-duties decisions (arch §13). Until this PR participants lived only on the in-flight Plan object and were discarded on restart.

Verification

• npx tsc --noEmit clean.
• npx jest 87/87 green.

Closes gap-analysis v2 §4 + §10.9 (Participant Registry marked "missing"). ## What - **Migration 005** — `plans_participants(plan_id, participant_id, role, lei, did, created_at)` with composite `UNIQUE(plan_id, role, participant_id)` and CHECK on the role vocabulary matching `types/plan.ts`. - **services/participants.ts** — idempotent `add()` / `bulkAdd()` / `listForPlan()` / `listByRole()` / `remove()`. The SoD layer resolves the authorised actor set for a transition by calling `listByRole()`. - **api/participants.ts + wiring in index.ts:** - `GET /api/plans/:planId/participants` - `POST /api/plans/:planId/participants` → emits `participants.authorized` - `DELETE /api/plans/:planId/participants/:role/:participantId` - 7 unit tests against a Map-backed query stub. ## Why The Participant Registry is one of the canonical data objects in arch §4 and the source of truth for segregation-of-duties decisions (arch §13). Until this PR participants lived only on the in-flight Plan object and were discarded on restart. ## Verification - `npx tsc --noEmit` clean. - `npx jest` 87/87 green.

nsatoshi added 1 commit 2026-04-22 18:15:42 +00:00

Persistent participant registry (plans_participants + API) ... 5741fd5d9b

Closes gap-analysis v2 §4 + §10.9.

- Migration 005 adds plans_participants (plan_id, participant_id, role,
  lei, did, created_at) with a composite UNIQUE(plan_id, role,
  participant_id) and CHECK on role vocabulary matching types/plan.ts.
- services/participants.ts: idempotent add() / bulkAdd() / listForPlan() /
  listByRole() / remove() — the SoD layer reads listByRole() to resolve
  the authorised actor set for a transition.
- api/participants.ts + wiring in index.ts:
    GET    /api/plans/:planId/participants
    POST   /api/plans/:planId/participants          -> participants.authorized
    DELETE /api/plans/:planId/participants/:role/:participantId
- 7 unit tests against a Map-backed query stub; full suite 87/87 green.

Some checks failed

Hide all checks

CI / Frontend Lint (pull_request) Failing after 7s

Details

CI / Frontend Type Check (pull_request) Failing after 7s

Details

CI / Frontend Build (pull_request) Failing after 7s

Details

CI / Frontend E2E Tests (pull_request) Failing after 10s

Details

CI / Orchestrator Build (pull_request) Failing after 6s

Details

CI / Contracts Compile (pull_request) Failing after 7s

Details

CI / Contracts Test (pull_request) Failing after 5s

Details

Code Quality / SonarQube Analysis (pull_request) Failing after 20s

Details

Code Quality / Code Quality Checks (pull_request) Failing after 7s

Details

Security Scan / Dependency Vulnerability Scan (pull_request) Failing after 4s

Details

Security Scan / OWASP ZAP Scan (pull_request) Failing after 4s

Details

This pull request can be merged automatically.

This branch is out-of-date with the base branch

You are not authorized to merge this pull request.

View command line instructions

Checkout

From your project repository, check out a new branch and test the changes.

git fetch -u origin devin/1776881508-pr-l-participants:devin/1776881508-pr-l-participants

git checkout devin/1776881508-pr-l-participants

Sign in to join this conversation.

Reviewers

No Reviewers

Labels

No items

No Label

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

70rn4710n A.r.yavari SEG nsatoshi

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: d-bis/CurrenciCombo#16