Skip to content

docs(m109-004): operator-UI scope migration — changelog + retire UZ-AUTH-021#119

Merged
indykish merged 2 commits into
mainfrom
chore/m109-cross-surface-hygiene-changelog
Jul 3, 2026
Merged

docs(m109-004): operator-UI scope migration — changelog + retire UZ-AUTH-021#119
indykish merged 2 commits into
mainfrom
chore/m109-cross-surface-hygiene-changelog

Conversation

@indykish

@indykish indykish commented Jul 3, 2026

Copy link
Copy Markdown
Contributor

Documents the M109_004 operator-UI scope migration (product repo branch feat/m109-004-cross-surface-hygiene).

Changes

  • changelog.mdx — new Jul 03, 2026 entry: the operator dashboard (runner fleet + model catalogue) is now gated on the same resource:action scopes the API enforces, not a separate platform-admin flag; UZ-AUTH-021 retired → UZ-AUTH-022 (Insufficient scope); downward scope hierarchy (model:adminmodel:read, runner:writerunner:read) applies on the dashboard as at the API.
  • api-reference/error-codes.mdx — retire the UZ-AUTH-021 row (the backend registry never defined it; §4 removed the last minter, the dashboard's platform_admin gate) with a note pointing to UZ-AUTH-022.

Notes

  • Changelog voice: headline states the change, load-bearing facts (error codes, scope names) kept, internal refactor (route method-check dedup) trimmed to one line.
  • Pairs with product PR for feat/m109-004-cross-surface-hygiene (operator UI gates on scopes, platform_admin boolean removed).

🤖 Generated with Claude Code

Greptile Summary

Documents the M109_004 operator-UI scope migration: the runner fleet and model catalogue surfaces now enforce the same resource:action scopes as the API, replacing the old independent platform_admin boolean flag.

  • changelog.mdx — inserts a Jul 03 2026 entry describing the scope-gated dashboard, the UZ-AUTH-021UZ-AUTH-022 transition, and the downward scope hierarchy; also closes a pre-existing missing </Update> tag on the earlier Jul 03 UI block.
  • api-reference/error-codes.mdx — converts the UZ-AUTH-021 table row to a visible struck-through historical record with a redirect note to UZ-AUTH-022, which is already defined at line 67.

Confidence Score: 5/5

Documentation-only change with no runtime code; safe to merge.

Both files are purely documentation. The error-codes table correctly uses strikethrough to preserve discoverability of the retired code while redirecting readers to UZ-AUTH-022. The changelog entry accurately matches the stated product behaviour. The only structural fix (closing the missing </Update> tag) is a corrective improvement.

No files require special attention.

Important Files Changed

Filename Overview
api-reference/error-codes.mdx Retires the UZ-AUTH-021 row in-place with strikethrough formatting and a historical redirect note pointing to UZ-AUTH-022; UZ-AUTH-022 is already defined at line 67 in the Bearer-auth section.
changelog.mdx Adds a Jul 03 2026 "Improvements / API" entry documenting the operator-UI scope migration and UZ-AUTH-021 retirement; also closes a pre-existing missing </Update> tag on the preceding Jul 03 UI entry.

Flowchart

%%{init: {'theme': 'neutral'}}%%
flowchart TD
    A[Operator dashboard request] --> B{Before M109_004}
    A --> C{After M109_004}

    B --> D{platform_admin flag set?}
    D -- No --> E[403 UZ-AUTH-021\nPlatform-admin privileges required]
    D -- Yes --> F[Access granted\n- runner fleet\n- model catalogue]

    C --> G{Token has required\nresource:action scope?}
    G -- No --> H[403 UZ-AUTH-022\nInsufficient scope\ndetail: Requires scope X]
    G -- Yes --> I[Access granted\nmodel:admin ⊇ model:read\nrunner:write ⊇ runner:read]

    style E fill:#f88,color:#000
    style H fill:#faa,color:#000
    style F fill:#8f8,color:#000
    style I fill:#8f8,color:#000
Loading
%%{init: {'theme': 'base', 'themeVariables': {"darkMode": true, "background": "#0d1117", "primaryColor": "#21262d", "primaryTextColor": "#e6edf3", "primaryBorderColor": "#8b949e", "lineColor": "#8b949e", "textColor": "#e6edf3", "edgeLabelBackground": "#161b22", "actorBkg": "#21262d", "actorBorder": "#8b949e", "actorTextColor": "#e6edf3", "actorLineColor": "#8b949e", "signalColor": "#8b949e", "signalTextColor": "#e6edf3", "noteBkgColor": "#373320", "noteBorderColor": "#d4a72c", "noteTextColor": "#f0e6c0", "labelBoxBkgColor": "#21262d", "labelBoxBorderColor": "#8b949e", "labelTextColor": "#e6edf3", "loopTextColor": "#e6edf3", "activationBkgColor": "#30363d", "activationBorderColor": "#8b949e"}}}%%
flowchart TD
    A[Operator dashboard request] --> B{Before M109_004}
    A --> C{After M109_004}

    B --> D{platform_admin flag set?}
    D -- No --> E[403 UZ-AUTH-021\nPlatform-admin privileges required]
    D -- Yes --> F[Access granted\n- runner fleet\n- model catalogue]

    C --> G{Token has required\nresource:action scope?}
    G -- No --> H[403 UZ-AUTH-022\nInsufficient scope\ndetail: Requires scope X]
    G -- Yes --> I[Access granted\nmodel:admin ⊇ model:read\nrunner:write ⊇ runner:read]

    style E fill:#f88,color:#000
    style H fill:#faa,color:#000
    style F fill:#8f8,color:#000
    style I fill:#8f8,color:#000
Loading

Reviews (3): Last reviewed commit: "docs(api): keep retired UZ-AUTH-021 visi..." | Re-trigger Greptile

@mintlify

mintlify Bot commented Jul 3, 2026

Copy link
Copy Markdown

Preview deployment for your docs. Learn more about Mintlify Previews.

Project Status Preview Updated (UTC)
agentsfleet 🟢 Ready View Preview Jul 3, 2026, 4:01 AM

💡 Tip: Enable Workflows to automatically generate PRs for you.

Comment thread api-reference/error-codes.mdx Outdated
indykish and others added 2 commits July 3, 2026 12:57
…UTH-021

- changelog: operator dashboard (runners, model catalogue) now gated on the
  same resource:action scopes the API enforces, not a separate platform-admin
  flag; UZ-AUTH-021 retired → UZ-AUTH-022 (insufficient scope); downward scope
  hierarchy applies on the dashboard as at the API.
- error-codes: retire the UZ-AUTH-021 row (backend registry never defined it;
  §4 removed the last minter) with a note pointing to UZ-AUTH-022.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
@indykish indykish force-pushed the chore/m109-cross-surface-hygiene-changelog branch from 809eb34 to f64e20c Compare July 3, 2026 07:28
@indykish indykish merged commit 630beef into main Jul 3, 2026
4 checks passed
@indykish indykish deleted the chore/m109-cross-surface-hygiene-changelog branch July 3, 2026 07:32
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant