Resolving locale, route permissions, and workspace projection.
Current scope: Guest
Category: 10_normative | Version: v1.0.0
Owner: DOCUMENT_CUSTODIAN | Review cycle: 90 days
Approval authority: GOVERNANCE_ADMIN
Documentation portal is read-only. Editing and mutation endpoints are disabled.
Kvary platform is originally created in Georgian. Where a Georgian version exists, Georgian is authoritative for platform UI, documentation, and legal interpretation.
Translations into other languages are provided for convenience. Some records may originate in other languages and carry their own source or legal locale for a specific flow, but where a Georgian version is available, the Georgian version prevails for platform-level wording and interpretation.
Metadata incomplete: Document ID, Version, Status, Owner Role, Last Review Date, Next Review Date, Change Log
This layer adds declarative governance checks on top of existing permission guards. It does not replace RBAC and does not change JWT/auth flow.
roles:request.review).permissionrequiresActiveAccountrequiresVerifiedIdentityPolicy is a higher-level contract. Permission is one input to policy.
@kvary/policy-domain
PolicyDefinitionPOLICIES frozen setevaluatePolicy(...)@kvary/rbac-domain permission catalog.packages/policy-domain/src/policies.ts.requirePolicy(POLICIES.XYZ) in gateway route.AUTHORIZATION_MATRIX.md.When KYC enforcement is required, policy can enable:
requiresVerifiedIdentity: trueThis keeps route code unchanged while policy definition evolves declaratively.