Darpan services resolve who is acting and which tenant or company scope is active before returning or mutating data.Documentation Index
Fetch the complete documentation index at: https://docs.drpn.ai/llms.txt
Use this file to discover all available pages before exploring further.
Active scope
The backend supports active company or active tenant context in the user session. Product records are scoped to the active context, not to every record the user could theoretically access. Common scoped fields include:ownerUserIdcreatedByUserIdcompanyUserGroupId- tenant user group IDs on tenant-specific records
Permission membership
Tenant permission membership is separate from tenant identity. A user can have one active tenant while their permission level for that tenant comes from membership records. The backend entity model includes:tenantUserGroupIduserIdpermissionUserGroupId- effective date fields
Service checks
Facade services check access before listing, opening, saving, running, or deleting scoped records. Client-side filtering is not the security boundary. Backend access helpers are responsible for:- Resolving the active tenant or company
- Checking read or write access
- Applying scope filters to entity queries
- Resolving tenant-scoped temp and output locations
Generated file isolation
Generated outputs have database metadata and file-system or object-location data. The backend resolves output paths from active scope so generated files follow the same access model as saved runs and output descriptors. Generated output behavior includes both sides:- The descriptor record users can list, open, or delete
- The scoped file location where the generated data is stored