Activity Approval Service
Component Detail
Description
Backend service responsible for processing approve and reject actions on activity submissions. Validates that the requesting user holds Coordinator or Org Admin role claims for the activity's organization, updates the activity status enum, and writes an immutable event record to audit_logs for every state transition.
activity-approval-service
Sources & reasoning
Core business logic component required by the feature. Approval actions must be server-side validated against role claims and every state transition must be audit-logged - concerns that must not live in the UI layer. This service enforces correctness, multi-tenant isolation, and the accountability trail required for grant compliance.
No source references — this artifact was included based on reasoning alone (see above).
Responsibilities
- Validate role claims (Coordinator or Org Admin) before any state change
- Update activity status enum (pending → approved or pending → rejected)
- Write approval or rejection event to audit_logs with actor, timestamp, and reason
- Enforce multi-tenant scoping so only the activity's org can approve it
Interfaces
approveActivity(activityId: string, actorId: string): Promise<void>
rejectActivity(activityId: string, actorId: string, reason: string): Promise<void>
getActivities(filters: ActivityFilterParams, orgId: string): Promise<PaginatedActivities>
getActivityDetail(activityId: string, orgId: string): Promise<ActivityDetail>
Related Data Entities (5)
Data entities managed by this component