Audit

Audit permission notes

- `audits.view` - `audits.manage`

Use this when...

Use this when a safety, approval, permission, or governance decision is involved.

Permission keys

  • audits.view
  • audits.manage

View access

Users with audits.view can access:

  • /audits
  • /audits/[auditId]
  • /audits/[auditId]/load-items
  • /audits/[auditId]/findings

They can see related audit links from CRM records when they also have CRM access.

Manage access

Users with audits.manage can:

  • create audits
  • edit audit details, status, CRM links, and assumptions
  • create/edit load items
  • create manual findings
  • resolve findings

Every audit mutation is checked again in the server action. Navigation visibility is not treated as authorization.

Seeded role intent

Founder/Admin and General Manager receive full audit access. Engineer and Field Staff receive audit manage access for foundation workflows. Viewer receives audit view access only.

Developer Details
Source
apps/docs/content/audit/permissions.md
Owner
Module Owner
Status
Current
Module
Audit
Related route
/audits