284313f908
Some checks are pending
Bidi Control Character Guard / bidi-control-guard (push) Waiting to run
Circular Dependency Check / Check for new circular dependencies (push) Waiting to run
Citus Migration Smoke / Combined migrations on single-node Citus (push) Waiting to run
E2E Fresh Install Tests / fresh-install-e2e (push) Waiting to run
ext-v2 guardrails / Run ext-v2 guard and ESLint (push) Waiting to run
Integration Tests / Check for relevant changes (push) Waiting to run
Integration Tests / ${{ (github.event_name == 'schedule' || github.event.inputs.suite == 'full') && 'Full integration suite' || 'Tier-1 integration subset' }} (push) Blocked by required conditions
Mobile checks / Mobile lint + typecheck (push) Waiting to run
Mobile checks / Mobile unit tests (push) Waiting to run
Mobile checks / Mobile dependency audit (report) (push) Waiting to run
Mobile checks / Mobile reproducibility checks (push) Waiting to run
Secrets guard (env backups) / Ensure no tracked env backup files (push) Waiting to run
Temporal Readiness / fast-readiness (push) Waiting to run
Temporal Readiness / docker-parity (push) Waiting to run
TypeScript Type Check / Nx affected typecheck (push) Waiting to run
Unit Tests / Skipped-test budget (push) Waiting to run
Unit Tests / Nx affected unit tests (push) Waiting to run
Unit Tests / Server unit coverage (informational) (push) Waiting to run
Validate Tenant Management Schema / Check for relevant changes (push) Waiting to run
Validate Tenant Management Schema / Validate Tenant Management Schema (push) Blocked by required conditions
EE Workflows Build Guard / ee-workflows-build-guard (push) Waiting to run
Excluded: .git, node_modules, secrets/, compose.env, assemblyscript tgz Source: /opt/alga-psa on psa.joliet.tech
2.0 KiB
2.0 KiB
Recurring Service-Period Immutability
Purpose
F240 defines the first mutation-guard policy for persisted recurring service-period records once they become locked or billed.
The v1 rule is intentionally strict:
- future unlocked rows may still be edited, skipped, deferred, or regenerated through normal flows
- locked or billed rows are immutable in place
- only explicitly designed corrective flows remain available once a row is locked or billed
Authoritative Helper Surface
The shared v1 mutation guard now lives in:
shared/billingClients/recurringServicePeriodMutations.tsRECURRING_SERVICE_PERIOD_MUTATION_OPERATIONSevaluateRecurringServicePeriodMutationPermission(...)
Allowed Operations By State
generated, edited, skipped
Normal future mutations are still allowed:
edit_boundariesskipdeferregeneratearchive
invoice_linkage_repair is not valid yet because the row has not reached the linked locked/billed stage.
locked, billed
These rows are immutable except for explicitly allowed corrective flows:
invoice_linkage_repairarchive
They must reject:
edit_boundariesskipdeferregenerate
superseded, archived
These rows are historical only. No further mutation is allowed.
Corrective-Flow Boundary
The only corrective flow named in v1 is invoice_linkage_repair.
That means:
- once
F241lands invoice-detail linkage on persisted rows, repair tooling may correct bad linkage without reopening ordinary scheduling edits - the existence of a corrective flow does not make billed rows generally editable again
- billing support and finance tooling must treat billed coverage boundaries as audit history, not as mutable schedule drafts
Deliberate Non-Goals For F240
This checkpoint does not yet define:
- the persistence columns for invoice linkage
- operator UX for corrective flows
- whether archive is soft-delete, cold storage, or another later retention mechanism
Those remain later persistence and operational work.