Back to docs

Mnueron Meet

Foundation checklist for teams and commercial customers

This page documents the controls we expect customers and internal admins to verify before broad rollout: security boundaries, connector health, auditability, retention, and project permissions.

Tenant scoped
Secrets encrypted
Admin preview gated

Security baseline

  • Tenant-scoped Postgres access using app.current_org_id and the authenticated role.
  • Meeting tables use org_id and RLS tenant isolation.
  • Provider secrets are encrypted at rest and never returned to the browser after save.
  • Secret access is logged through secret_access_log.
  • Meet admin-preview pages are hidden from non-admin users while the feature is in development.
Built

Connector health

  • meeting_sources tracks sync_status, last sync start/finish, last error, next sync, and consecutive failures.
  • The connector UI shows healthy, syncing, error, disabled, and never-synced states.
  • Granola sync records health on manual and scheduled sync paths.
Built

Audit trail

  • meet_audit_events records uploads, connector changes, retention edits, and meeting edits.
  • Audit events include actor, entity kind, linked meeting/source/project ids, metadata, and timestamp.
  • The Meet connector page surfaces recent events for admin review.
Built

Retention policy

  • Org-level retention policy table exists with project override support.
  • Transcript policy supports keep, delete-after-days, and summary-only modes.
  • Summary retention, local-only mode, and AI-processing permission are captured.
  • The connector page exposes the org default policy.
Built

Project permissions

  • meet_project_members supports owner, admin, member, and viewer roles.
  • New projects assign the creator as owner.
  • Meeting list/detail APIs enforce project visibility when explicit project members exist.
  • Next step: add a UI to manage project members and role assignments.
In progress

Production readiness

  • Apply migrations through 059 in hosted Supabase.
  • Set ARCHIVE_ENC_KEY, DATABASE_URL, ADMIN_DATABASE_URL, CRON_SECRET, and provider keys.
  • Configure scheduled sync and monitor connector health.
  • Document data processing and retention choices for customer IT/security review.
Required before GA

Operator checklist

  1. Run all migrations through 059_meet_foundation_controls.sql.
  2. Verify `/dashboard/integrations/meet` shows connector health and retention policy.
  3. Upload a transcript and confirm a `meeting.uploaded` audit event appears.
  4. Run a connector sync and confirm status changes from Syncing to Healthy or Error.
  5. For enterprise pilots, create project members before inviting non-admin users into the workspace.