Ownership and security model

This project standardizes staff authorization around five canonical security groups while still allowing security groups and avatars to model ownership for user-facing records. Ownable in apps/core/models/ownable.py provides the shared user/group ownership layer, and profile-style models extend that pattern with avatar ownership when a specific avatar must hold the record.

Security group model

Arthexis centers staff permissions around five canonical security groups:

1. Site Operator — staff with physical access to node hardware.
2. Network Operator — staff who can coordinate or execute multi-node actions.
3. Product Developer — staff who can submit codebase changes.
4. Release Manager — staff who can merge changes and authorize releases.
5. External Agent — minimal-access staff accounts for third-party collaborators.

These groups are the default staff grouping model for the suite. App-specific staff access should be expressed by assigning permissions to one or more of these groups instead of creating a new staff taxonomy for each subsystem. In the Django admin security-group changelist, the canonical five should be shown distinctly from other user-facing security groups so administrators can tell apart staff authorization groups from domain ownership groups.