2026-05-14 Gate 2 on prod. Final slice of the POS Section Rework arc SHIPPED (Narong spec items 8 & 9): the Registers relocation + section permission gating. The registers admin now lives fully under the Point of Sale section, and the nav rail is permission-aware. No migration. This closes the arc — all 5 slices shipped.
registers-client.tsx moved (git mv, history preserved) to /pos/registers/; /cafe/pos/registers is now the real page; /cafe/settings/registers redirects there (verified on prod — the multi-hop server redirect lands cleanly); the Settings nav no longer lists "Registers".requirePermission is still the real guard — the rail is the UX layer that prevents 403-on-click. PosShell drops the rail entirely for a pure cashier who can only reach Dashboard.settings.view / reports.view / orders.view for those surfaces); the rail handles visibility. No access was widened.50e5992 — 8 files (1 git-mv, 2 new-content, 5 edited), no migration.
✓ get-coffee (Pro) — SSO login ✓ get-coffee (Pro) — /cafe/pos rail renders all 4 items for the owner ✓ get-coffee (Pro) — /cafe/settings/registers redirects to /cafe/pos/registers (admin works there) ✓ get-coffee (Pro) — Settings nav no longer lists "Registers" ✓ lumiere-coffee (Starter) — SSO login ✓ lumiere-coffee (Starter) — /cafe/pos rail renders all 4 items for the owner ✓ lumiere-coffee (Starter) — /cafe/settings/registers redirects to /cafe/pos/registers (admin works there) ✓ lumiere-coffee (Starter) — Settings nav no longer lists "Registers"
| test-phase1-prod.mjs — route/SSO smoke | 11/11 |
| test-phase2-sso-outdoor-prod.mjs | 6/6 |
| test-phase2-cafe-multishop-prod.mjs | 6/6 |
| test-m1-prod.mjs — shop scoping | 10/10 |
| test-r7-prod.mjs — dashboard + manager-live drawer | 14/14 |
| test-r8-prod.mjs — auth/security | 4/4 |
| test-r1-2-landing-prod.mjs — POS landing | 8/8 |
/ not
/cafe/dashboard) — green on solo retry; the same cold-start flake seen in Slices 2–4, and
Slice 5 touched only pos/* + settings-nav.tsx + registers.ts —
nothing near /dashboard or SSO. (Now 4/4 slices — phase1's SSO-hop assertion is genuinely
flaky and due a stabilisation pass of its own.)
nix-cafe (8 files, no migration):
app/(authed)/settings/registers/registers-client.tsx
→ app/(authed)/pos/registers/registers-client.tsx git mv (history preserved)
app/(authed)/pos/registers/page.tsx re-export → the real registers page
app/(authed)/settings/registers/page.tsx real page → redirect stub (preserves ?shop=)
app/(authed)/settings/_components/settings-nav.tsx dropped the Registers row
lib/actions/registers.ts revalidatePath x4 → /pos/registers
app/(authed)/pos/_components/pos-nav.tsx + requires gates + visiblePosNav export
app/(authed)/pos/_components/pos-shell.tsx + permissions prop, rail-hide logic
app/(authed)/pos/layout.tsx resolves + passes permissions
Narong spec items 8 & 9, scoped + shipped over 2026-05-14 as 5 gated slices: Slice 1 ✅ session-scoped landing-summary data layer 3459a9e Slice 2 ✅ 4-slot adaptive landing cards + sold/bank rename 94324b9 Slice 3 ✅ master-detail "Point of Sale" submenu shell 3219301 Slice 4 ✅ Sessions history page 1a73e77 Slice 5 ✅ Registers relocation + permission gating 50e5992 No schema migration anywhere in the arc. Each slice ran a full local→prod gate cycle. The /cafe/pos section now has: session-scoped Odoo-parity landing cards, a master-detail rail (Dashboard / Registers / Sessions / Orders), a paginated session history, and the registers admin relocated under it — all permission-aware. Out of scope (noted in the scoping memo, not done): the top-level "Orders" sidebar item stays in both places (Open Q3 default).