Lifts role_templates / role_template_fields / user_role_assignments from
fewo-webapp into oatpp-authkit, exposed via the declarative SchemaContract
introduced in PR 0.
New files (all in oatpp-authkit):
- dto/RoleTemplateDto.hpp — RoleTemplateDto, RoleTemplateFieldDto,
UserRoleAssignmentDto. UserWithPermissionsDto stays in fewo (fewo-
specific /api/auth/me response shape).
- db/RoleTemplateDb.hpp — DbClient with all queries (CRUD + cascade
soft-delete + getEffectiveFieldPermissions). RoleTemplateSchema struct
declares the three tables' columns/indexes/sidecar tables in the new
declarative form. TemporalRepository overlays valid_until + the
composite UNIQUE(entity_id, valid_until) index.
- repo/ConcreteRoleTemplateRepository.hpp — Repository<RoleTemplateDto>
inner adapter; makeRoleTemplateRepository helper composes the stack.
- docs/MIGRATIONS.md — Atlas workflow for consumers (atlasgo.io as the
diff-driven migration tool; SchemaBuilder produces desired state, Atlas
generates versioned SQL, SchemaContract::verify asserts at runtime).
- test/test_role_template_schema.cpp — verifies SchemaBuilder<
RoleTemplateSchema, TemporalRepository<RoleTemplateDto>> emits the
expected 5 DDL statements (2 sidecars + entity table + 2 indexes) with
composite-FK + ON UPDATE CASCADE on both sidecars.
11 of 11 tests pass. RoleTemplateDto is registered as temporal via
OATPP_AUTHKIT_REGISTER_TEMPORAL so TemporalRepository compiles cleanly.
Atlas binary integration in CI is documented but not yet wired — owner
deferred to a follow-up after the first concrete consumer migration. The
shipped role_templates stack itself is fully consumable today; fewo-
webapp's switch from local copies to oatpp-authkit-shipped headers is
the natural next PR.
Bumped 0.9.0 → 0.10.0.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
