Behaviour for host-owned admin access decisions.
Host apps must answer two questions explicitly:
- does this scope have platform-wide admin access?
- which organization ids may this scope administer?
Sigra does not infer either answer from signup order, email domain, or any other hidden default.
Hosts that derive org-admin access from organization memberships can call
admin_org_ids_from_memberships/2 explicitly from their policy module.
The helper is opt-in and never runs automatically.
Summary
Functions
Extracts admin organization ids from a membership list.
Callbacks
Functions
Extracts admin organization ids from a membership list.
This helper is intentionally explicit. Host policy modules choose whether to call it and which membership roles count as org-admin access.