access

Demo Manufacturing BV

Source intake runs stored source-traceable

human-approval-required

Access readiness

Role, tenant, and data-action gates that must be accepted before real CLMBS material or live OpenAI credentials are used.

Role matrix

human-approval-required

PitchAI consultant

decision needed
Intended access
Create cases, ingest sources, run retrieval, draft canvas blocks, and prepare workshop output.
Current demo control
Unrestricted local demo access.
Production decision
Map to named users/groups and restrict case access by tenant/customer.

Reviewer / engagement lead

decision needed
Intended access
Approve, edit, or reject canvas claims, prompt overrides, exports, and archive readiness.
Current demo control
Reviewer actions are stored as local feedback and prompt override records.
Production decision
Define approval authority and whether approvals are required before live generation/export.

System administrator

decision needed
Intended access
Configure model, OpenAI key, prompt registry releases, retention, and tenant settings.
Current demo control
Environment variables and git-tracked prompt files are edited outside the app.
Production decision
Separate operator privileges from reviewer/consultant workflow privileges.

Client-facing observer

decision needed
Intended access
View selected workshop/advisory output after PitchAI review.
Current demo control
No client-facing role or sanitized-share mode is implemented.
Production decision
Decide whether CLMBS needs client login, read-only share packs, or consultant-led screenshare only.

Tenant boundary checks

Tenant identity

Demo: Absent; only case_id is available.

Required: Attach every case, source, run, prompt override, validation row, feedback item, and export to a tenant id.

Per-tenant authorization

Demo: Absent; local app trusts the operator.

Required: Enforce user/group membership before source intake, live runs, exports, and archives.

Cross-tenant learning

Demo: Not implemented.

Required: Record explicit approval or default to no reusable learning data.

Secret handling

Demo: OPENAI_API_KEY is read from process environment only.

Required: Provision secrets outside git and define who may rotate or inspect them.