← Back to Kontasks

Architecture Decision: Users as Access Control Only

Decision to remove user concepts from core gvFlow/gvSession/gvTurn - users are purely access control

Completed
on 9 Jan 2026, 8:59 pm

Output

Architecture Decision: Users as Access Control Only

KEY DECISION
Users are purely an access control mechanism. The core work model (gvFlow, gvSession, gvTurn) is user-agnostic.

Rationale

Claude Doesn't know or care about users - it's one conversation
Source code Files don't belong to users - they're just files
Git Commits are by authors, not konui "users"
Dashboard One session, multiple viewers/controllers
Turns Anonymous prompts - source device matters, not identity

New Mental Model

OLD: User → Session → Turns
NEW: Session → Viewers[] → Turns[]

OLD: User "johnathon" owns session, user "stephanie" can't see it
NEW: Session has viewers [johnathon, stephanie] with roles

OLD: targetUser on kontask = "who should see this"
NEW: kontask.visibility = "all" | role-based

Where Users DO Belong

  • Authentication - login, password, JWT tokens
  • Authorization - who can control the session (admin/viewer)
  • Audit log - who submitted this prompt (for accountability)
  • Notifications - who to notify about changes

Code to Refactor

Location Current Refactor To
GvViewer.userId userId: string Remove - use viewerId only
GvFlow.assignees assignees: string[] Keep - but means "notifiers", not owners
GvTurn.prompt.source viewerId: string Good - device/viewer, not user
kontask.targetUser targetUser?: string Rename to notifyViewers?: string[]
session.ts Full user model Keep - auth layer only
session-context.ts isNewUser Rename to isNewViewer or remove

konui_turn_context Integration

The unified turn context tool should NOT include user info:

{
  // ✓ Include
  "session": { id, turnCount, fullness },
  "flow": { id, title, type, status },
  "recentKontasks": [...],
  "git": { branch, uncommitted },
  
  // ✗ Do NOT include
  "user": { username, role }  // Irrelevant to Claude
}

Refactor Phases

  1. Phase 1: Update gv-flow-types.ts - remove userId from GvViewer
  2. Phase 2: Rename targetUser → visibility/notifyViewers in kontask-types.ts
  3. Phase 3: Update CLAUDE.md to remove user references from flow docs
  4. Phase 4: Create konui_turn_context without user data
  5. Phase 5: Audit session-briefing.ts for isNewUser → isFirstSession
Hook Injection Note: When injecting context, no user info needed. Viewers are just numbered devices: viewer_1, viewer_2

Quick Actions

View Turn
Original Request

No layout configured

Details

Type General
Status Completed
Scope vibetools
Tags architecturegvflowgvsessiondecision
Created 9 Jan 2026, 8:59 pm
Updated 9 Jan 2026, 8:59 pm
Timing
⏱️ 118.4s
0 tools
TTFE 0% Thinking 100% Tools 0%
Created By claude

📋 Claude's Context

Session ses_d3abe491...

Raw Data

{
  "id": "eba18ef6-49f7-450e-90c1-dcc0412c71dc",
  "type": "general",
  "status": "completed",
  "title": "Architecture Decision: Users as Access Control Only",
  "description": "Decision to remove user concepts from core gvFlow/gvSession/gvTurn - users are purely access control",
  "context": {
    "output": "<div style=\"background:#1e1e1e;color:#e0e0e0;padding:20px;border-radius:8px;font-family:'Consolas','Monaco',monospace;\">\n<h2 style=\"font-family:sans-serif;color:#fff;margin:0 0 16px 0;\">Architecture Decision: Users as Access Control Only</h2>\n\n<div style=\"background:#2d4a2d;padding:12px;border-radius:6px;border-left:4px solid #22c55e;margin-bottom:16px;\">\n<strong style=\"color:#22c55e;\">KEY DECISION</strong><br/>\n<span style=\"color:#98c379;\">Users are purely an access control mechanism. The core work model (gvFlow, gvSession, gvTurn) is user-agnostic.</span>\n</div>\n\n<h3 style=\"font-family:sans-serif;color:#61afef;margin:16px 0 8px 0;\">Rationale</h3>\n\n<table style=\"width:100%;border-collapse:collapse;margin-bottom:16px;\">\n<tr style=\"border-bottom:1px solid #444;\">\n<td style=\"padding:8px;color:#c678dd;font-weight:bold;width:30%;\">Claude</td>\n<td style=\"padding:8px;\">Doesn't know or care about users - it's one conversation</td>\n</tr>\n<tr style=\"border-bottom:1px solid #444;\">\n<td style=\"padding:8px;color:#c678dd;font-weight:bold;\">Source code</td>\n<td style=\"padding:8px;\">Files don't belong to users - they're just files</td>\n</tr>\n<tr style=\"border-bottom:1px solid #444;\">\n<td style=\"padding:8px;color:#c678dd;font-weight:bold;\">Git</td>\n<td style=\"padding:8px;\">Commits are by authors, not konui \"users\"</td>\n</tr>\n<tr style=\"border-bottom:1px solid #444;\">\n<td style=\"padding:8px;color:#c678dd;font-weight:bold;\">Dashboard</td>\n<td style=\"padding:8px;\">One session, multiple viewers/controllers</td>\n</tr>\n<tr>\n<td style=\"padding:8px;color:#c678dd;font-weight:bold;\">Turns</td>\n<td style=\"padding:8px;\">Anonymous prompts - source device matters, not identity</td>\n</tr>\n</table>\n\n<h3 style=\"font-family:sans-serif;color:#98c379;margin:16px 0 8px 0;\">New Mental Model</h3>\n\n<div style=\"background:#2d2d2d;padding:16px;border-radius:6px;margin-bottom:16px;\">\n<pre style=\"margin:0;color:#e0e0e0;line-height:1.8;\"><span style=\"color:#c678dd;\">OLD:</span> User → Session → Turns\n<span style=\"color:#98c379;\">NEW:</span> Session → Viewers[] → Turns[]\n\n<span style=\"color:#c678dd;\">OLD:</span> User \"johnathon\" owns session, user \"stephanie\" can't see it\n<span style=\"color:#98c379;\">NEW:</span> Session has viewers [johnathon, stephanie] with roles\n\n<span style=\"color:#c678dd;\">OLD:</span> targetUser on kontask = \"who should see this\"\n<span style=\"color:#98c379;\">NEW:</span> kontask.visibility = \"all\" | role-based</pre>\n</div>\n\n<h3 style=\"font-family:sans-serif;color:#e5c07b;margin:16px 0 8px 0;\">Where Users DO Belong</h3>\n\n<ul style=\"margin:0 0 16px 0;line-height:1.8;\">\n<li><span style=\"color:#22c55e;\">Authentication</span> - login, password, JWT tokens</li>\n<li><span style=\"color:#22c55e;\">Authorization</span> - who can control the session (admin/viewer)</li>\n<li><span style=\"color:#22c55e;\">Audit log</span> - who submitted this prompt (for accountability)</li>\n<li><span style=\"color:#22c55e;\">Notifications</span> - who to notify about changes</li>\n</ul>\n\n<h3 style=\"font-family:sans-serif;color:#f43f5e;margin:16px 0 8px 0;\">Code to Refactor</h3>\n\n<table style=\"width:100%;border-collapse:collapse;margin-bottom:16px;font-size:13px;\">\n<tr style=\"border-bottom:1px solid #444;background:#2d2d2d;\">\n<th style=\"padding:8px;text-align:left;color:#7f848e;\">Location</th>\n<th style=\"padding:8px;text-align:left;color:#7f848e;\">Current</th>\n<th style=\"padding:8px;text-align:left;color:#7f848e;\">Refactor To</th>\n</tr>\n<tr style=\"border-bottom:1px solid #333;\">\n<td style=\"padding:8px;color:#e5c07b;\">GvViewer.userId</td>\n<td style=\"padding:8px;\"><code>userId: string</code></td>\n<td style=\"padding:8px;color:#98c379;\">Remove - use <code>viewerId</code> only</td>\n</tr>\n<tr style=\"border-bottom:1px solid #333;\">\n<td style=\"padding:8px;color:#e5c07b;\">GvFlow.assignees</td>\n<td style=\"padding:8px;\"><code>assignees: string[]</code></td>\n<td style=\"padding:8px;color:#98c379;\">Keep - but means \"notifiers\", not owners</td>\n</tr>\n<tr style=\"border-bottom:1px solid #333;\">\n<td style=\"padding:8px;color:#e5c07b;\">GvTurn.prompt.source</td>\n<td style=\"padding:8px;\"><code>viewerId: string</code></td>\n<td style=\"padding:8px;color:#98c379;\">Good - device/viewer, not user</td>\n</tr>\n<tr style=\"border-bottom:1px solid #333;\">\n<td style=\"padding:8px;color:#e5c07b;\">kontask.targetUser</td>\n<td style=\"padding:8px;\"><code>targetUser?: string</code></td>\n<td style=\"padding:8px;color:#f97316;\">Rename to <code>notifyViewers?: string[]</code></td>\n</tr>\n<tr style=\"border-bottom:1px solid #333;\">\n<td style=\"padding:8px;color:#e5c07b;\">session.ts</td>\n<td style=\"padding:8px;\">Full user model</td>\n<td style=\"padding:8px;color:#98c379;\">Keep - auth layer only</td>\n</tr>\n<tr>\n<td style=\"padding:8px;color:#e5c07b;\">session-context.ts</td>\n<td style=\"padding:8px;\"><code>isNewUser</code></td>\n<td style=\"padding:8px;color:#98c379;\">Rename to <code>isNewViewer</code> or remove</td>\n</tr>\n</table>\n\n<h3 style=\"font-family:sans-serif;color:#56b6c2;margin:16px 0 8px 0;\">konui_turn_context Integration</h3>\n\n<p style=\"line-height:1.6;margin:0 0 12px 0;\">The unified turn context tool should NOT include user info:</p>\n\n<div style=\"background:#2d2d2d;padding:16px;border-radius:6px;margin-bottom:16px;\">\n<pre style=\"margin:0;color:#98c379;font-size:13px;\">{\n  <span style=\"color:#7f848e;\">// ✓ Include</span>\n  <span style=\"color:#c678dd;\">\"session\"</span>: { id, turnCount, fullness },\n  <span style=\"color:#c678dd;\">\"flow\"</span>: { id, title, type, status },\n  <span style=\"color:#c678dd;\">\"recentKontasks\"</span>: [...],\n  <span style=\"color:#c678dd;\">\"git\"</span>: { branch, uncommitted },\n  \n  <span style=\"color:#7f848e;\">// ✗ Do NOT include</span>\n  <span style=\"color:#f43f5e;text-decoration:line-through;\">\"user\": { username, role }</span>  <span style=\"color:#7f848e;\">// Irrelevant to Claude</span>\n}</pre>\n</div>\n\n<h3 style=\"font-family:sans-serif;color:#c678dd;margin:16px 0 8px 0;\">Refactor Phases</h3>\n\n<ol style=\"margin:0 0 16px 0;line-height:1.8;\">\n<li><span style=\"color:#e5c07b;\">Phase 1:</span> Update gv-flow-types.ts - remove userId from GvViewer</li>\n<li><span style=\"color:#e5c07b;\">Phase 2:</span> Rename targetUser → visibility/notifyViewers in kontask-types.ts</li>\n<li><span style=\"color:#e5c07b;\">Phase 3:</span> Update CLAUDE.md to remove user references from flow docs</li>\n<li><span style=\"color:#e5c07b;\">Phase 4:</span> Create konui_turn_context without user data</li>\n<li><span style=\"color:#e5c07b;\">Phase 5:</span> Audit session-briefing.ts for isNewUser → isFirstSession</li>\n</ol>\n\n<div style=\"margin-top:20px;padding:12px;background:#3d2d4a;border-radius:6px;border-left:4px solid #c678dd;\">\n<strong style=\"color:#c678dd;\">Hook Injection Note:</strong> When injecting context, no user info needed. Viewers are just numbered devices: <code>viewer_1</code>, <code>viewer_2</code>\n</div>\n\n</div>",
    "requestedAt": "2026-01-09T00:00:00.000Z",
    "requestId": "0470ce84-50ca-4a84-be5b-83f9287511b9",
    "choices": [
      {
        "label": "Start Phase 1: Types",
        "value": "Start Phase 1 - update gv-flow-types.ts to remove userId from GvViewer and document the architectural decision",
        "primary": true
      },
      {
        "label": "Implement konui_turn_context",
        "value": "Implement the unified konui_turn_context MCP tool without user data"
      },
      {
        "label": "Add to backlog",
        "value": "Add this refactor to the VIBE.md backlog for later implementation"
      }
    ],
    "turnTiming": {
      "totalMs": 118438,
      "ttfeMs": 387,
      "thinkingMs": 118051,
      "toolExecutionMs": 0,
      "toolCallCount": 0,
      "thinkingPct": 100,
      "toolsPct": 0,
      "ttfePct": 0
    }
  },
  "createdBy": "claude",
  "createdAt": "2026-01-09T10:59:42.105Z",
  "updatedAt": "2026-01-09T10:59:52.733Z",
  "targetUser": "claude",
  "requestId": "0470ce84-50ca-4a84-be5b-83f9287511b9",
  "scope": "vibetools",
  "tags": [
    "architecture",
    "gvflow",
    "gvsession",
    "decision"
  ],
  "sessionId": "ses_d3abe491-395",
  "flowId": "flow_01KEGVRXHHK7E25VFSX4HCV289",
  "flowLinks": [
    {
      "flowId": "flow_01KEGVRXHHK7E25VFSX4HCV289",
      "edgeType": "evidence",
      "createdAt": "2026-01-09T10:59:42.105Z"
    }
  ]
}
DashboardReportsKontasksFlowsDecisionsSessionsTelemetryLogs + Go