OrganizationRepository
Component Detail
Data Layer
medium complexity
backend
0
Dependencies
0
Dependents
0
Entities
0
Integrations
Description
Persistence layer for organization settings records and support access grant entries. Handles atomic updates to organization configuration and maintains the append-only audit log of every settings mutation. Provides query methods for retrieving active grants and full settings history.
organization-repository
Sources & reasoning
Explicitly listed in the MVP Admin Web Portal scope (line 325) as a required day-one capability. The support-access grant detail (line 258-259) adds a compliance-critical dimension that belongs in this feature rather than a separate security feature, since it is surfaced inside Organization Settings.
-
docs/source/likeperson.md · line 325-328Organisasjonsinnstillinger og terminologikonfigurasjon Aktivitetsoversikt og grunnleggende statistikk 2 innloggede brukerroller: Organisasjonsadministrator, Global Administrator.
-
docs/source/likeperson.md · line 258-259Orgs can grant a Global Admin *time-bounded* support access via a flag in Organization Settings (e.g. "Allow Norse support access until {date}"); revoking the flag or hitting the expiry immediately removes access.
Responsibilities
- Read and write organization settings rows with optimistic concurrency control
- Persist support access grant records with expiry timestamps
- Query active (non-expired, non-revoked) support grants for an organization
- Append immutable audit entries for every settings change and grant event
- Expose settings history for audit review queries
Interfaces
findByOrgId(orgId: string): Promise<OrganizationSettings | null>
upsert(orgId: string, data: Partial<OrganizationSettings>): Promise<OrganizationSettings>
createSupportGrant(grant: NewSupportAccessGrant): Promise<SupportAccessGrant>
revokeGrant(grantId: string, revokedAt: Date): Promise<void>
findActiveGrants(orgId: string): Promise<SupportAccessGrant[]>
appendAuditEntry(entry: AuditEntry): Promise<void>