ApronDEVELOPMENT COMPANION
VISION MAP

User roles & restricted access

IN PROGRESS

SPEC · /dev/spec/roles

Why it matters

Operator, planner and third-party each need a different, scoped view. Today everything is open (mock, no auth).

How we’d build it

  1. 01Clerk Organizations + roles: operator, planner, third_party, admin.
  2. 02Third-party accounts see only their assigned work orders.
  3. 03Drizzle middleware auto-scopes every query by org_id.

Dependencies

Clerk integrationNeon database
This is a planning page, not a built feature. It exists so the vision map stays honest — every line in Johan’s document leads somewhere.