Oak Flats UI Primitives Catalogue

When the answer to 'can Jordan approve a quote' isn't a simple yes/no — show the resolution. Each node names the source (direct grant, role, group, workspace default), the principal who issued it, and the effective state at that layer.

Production answer

Permission inheritance tree is a reusable Oak Flats Muffler Men UI primitive with documented states, accessibility expectations, theme behavior, and implementation evidence.

Primary CTAReview Permission inheritance tree states

Generative search brief

Permission inheritance tree: When the answer to 'can Jordan approve a quote' isn't a simple yes/no — show the resolution. Each node names the source (direct grant, role, group, workspace default), the principal who issued it, and the effective state at that layer.

quotes.approve · effective ALLOW

Resolvingquotes.approveAllowed

Direct grantAllowed
Jordan Mitchell
via Direct grant by Marcus Wells
Granted for the Oak Flats fleet rollout — expires 30 May.
InheritedAllowed
Workshop Manager role
via Role 'Workshop Manager'
Role default — applies workshop-wide.
Group ruleInherited
Albion Park bay leads
via Group 'AP bay leads'
Group rule passes through — no override.
Workspace defaultDenied
Workspace default
via Workspace 'Oak Flats Mufflermen'
Workspace default would deny without the higher-priority grants.

users.delete · effective DENY

Resolvingusers.deleteDenied

Direct grantInherited
Jordan Mitchell
via Direct — never granted
InheritedDenied
Workshop Manager role
via Role 'Workshop Manager'
Role default forbids destructive user operations.
Workspace defaultDenied
Workspace default
via Workspace 'Oak Flats Mufflermen'
Only owners can delete users in this workspace.