Context
Multi-author KBs need permission enforcement. We needed a model that works at both the application layer and the git layer without complex ACL infrastructure.
Decision
Use a folder-per-author convention: `writeups/alice/my-essay.md`. This gives two enforcement layers: 1. App layer: hooks check `before_save` that the author matches the folder 2. Git layer: branch protection rules can restrict who pushes to which paths
Single-author KBs (Zettelkasten) don't need this. Shared-namespace content (Encyclopedia published articles) uses flat layout with drafts per-author.