fix(access): verify subscription readiness with real user keys
When subscription access is requested with an explicit access_api_key, assign the subscription to the real target user, bind that user's API key to the subscription group, and probe readiness with the same key instead of falling back to a managed synthetic user. Update the runtime/reconcile flows, adapter tests, and source-of-truth docs so subscription_ready now reflects user-visible host access rather than managed-key-only closure success.
This commit is contained in:
@@ -151,6 +151,7 @@ type AssignSubscriptionRequest struct {
|
||||
type EnsureSubscriptionAccessRequest struct {
|
||||
UserSelector string
|
||||
GroupID string
|
||||
ProbeAPIKey string
|
||||
}
|
||||
|
||||
type SubscriptionAccessRef struct {
|
||||
|
||||
Reference in New Issue
Block a user