Zac ec026195eb feat(mam-api,web-ui): per-project RBAC (v2 auth layer) ... Adds per-project access control on top of the flat v1 auth. admin keeps global access; editor/viewer are scoped to projects granted to them (direct or via group) at view (read-only) or edit (read-write) level. - migration 026: project_access table + access_level enum - src/auth/authz.js: central isAdmin/accessibleProjectIds/projectLevel/ assertProjectAccess - requireAdmin middleware; admin-gate /users, /auth/users, /groups - enforce scoping on projects, assets, bins (list filter + per-resource view/edit + create checks); gate bulk asset maintenance + batch-trim - grant API: GET/POST/DELETE /projects/:id/access - web-ui: hide admin nav for non-admins, admin-route bounce, project "Manage access" modal, rewrite Policies tab - tests: authz, project-access, assets-access (node:test, skip w/o DB) - deferred routers carry TODO(authz) markers; .env.example documents the service-token-needs-admin/grants requirement Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>		2026-05-30 02:37:36 +00:00
..
capture	build(capture): nvenc-enabled ffmpeg Dockerfile (validated build)	2026-05-29 13:33:37 -04:00
mam-api	feat(mam-api,web-ui): per-project RBAC (v2 auth layer)	2026-05-30 02:37:36 +00:00
node-agent	feat(nvenc): GPU sidecar passthrough + All-Intra HEVC capture codec	2026-05-29 12:35:23 -04:00
premiere-plugin	diag(premiere-plugin): v1.2.5 — no-op IIFE writes to Documents/ + reports lf.open result	2026-05-28 03:59:40 +00:00
premiere-plugin-uxp	feat(uxp): ship the icon-rail panel redesign as v2.2.2 (recover from redesign branch)	2026-05-29 20:45:29 -04:00
web-ui	feat(mam-api,web-ui): per-project RBAC (v2 auth layer)	2026-05-30 02:37:36 +00:00
worker	fix(worker): YouTube importer prefers H.264 so originals import in Premiere	2026-05-29 21:21:44 -04:00