Security Infrastructure
Schema & Policy
An overview of the project-centric Firestore structure and the granular security policies that ensure 100% data isolation.
Firestore Topology
| Collection Path | Operational Context |
|---|---|
| /users/{userId} | Basic identity and preferences registry. |
| /projects/{projectId} | Top-level infrastructure node. Controls all downstream access via memberUids. |
| /projects/{projectId}/tasks/{taskId} | Atomic unit of work. Stores EPS scores and AI tactical history. |
| /projects/{projectId}/members/{memberGid} | Complete professional profile and project-specific roles. |
| /projects/{projectId}/assets | Knowledge graph connecting tasks to Data Sources, Pipelines, and Tools. |
| /syncRequests/{syncRequestId} | On-demand execution queue for background synchronization workers. |
| /dailyAnalysisRequests/{id} | Automated queue for daily autonomous sync and snapshots. |
Collaborative Policy
The memberUids Map
Access is not global. Every project document maintains a memberUids map where keys are User IDs and values are Role IDs.
"memberUids": {
"USER_ID_1": "Admin",
"USER_ID_2": "Editor",
"USER_ID_3": "Member"
}
"USER_ID_1": "Admin",
"USER_ID_2": "Editor",
"USER_ID_3": "Member"
}
Permission Hierarchy
- Admin
Full infrastructure control. Management of project members, API anchors, and core settings.
- Editor
Strategic management. Definition of Verticals, Assets, and Organizational Units.
- Member
Tactical visibility. Real-time access to task risk analysis and morning briefs.