docs(developer): rewrite Architecture, Provider-State-Management, Adding-a-Provider for 4.0.0 seam
These three docs predated the User/Credential domain model (#1222),
the BaseLock User->Credential seam (#1225), and the user-tag identity
model (#1239/#1240/#1242). The old contract described
async_set_usercode/async_clear_usercode at the provider boundary and
dict[int, str | None] coordinator data, neither of which match
current code. Rewrites pin the 4.0.0 contract:
Architecture.md:
- Adds the domain model section (User, Credential, CredentialRef,
SlotCredential, LockCapabilities).
- Updates coordinator data shape to dict[int, SlotCredential].
- Documents the user-tag identity model and persistent-user-anchor
lifecycle for native-user providers.
- Replaces the provider-boundary description with the two-tier split
(slot-only vs native-user) and the @final seam methods + the
_set_credential/_delete_credential/_build_tagged_user_name
orchestration helpers.
- Updates exception hierarchy to include LockOperationFailed,
LockCodeManagerProviderError, and the seam's routing per
subclass.
Provider-State-Management.md:
- New section on slot-only vs native-user providers and how the
seam routes each.
- Method surface updated to async_get_users/async_set_credential/
async_delete_credential/async_set_user/async_delete_user/
async_get_capabilities.
- Push updates use coordinator.push_update({slot: SlotCredential}).
- Documents the LCM-slot-from-tag pattern for push handlers under
the user-tag identity model.
- Exception routing table per subclass.
- Adds the async_release_managed_slot slot-teardown hook.
Adding-a-Provider.md:
- Reorganized around the slot-only vs native-user split.
- All code examples rewritten against the current contract,
including the find-or-create-by-tag pattern with legacy adoption
for native-user providers.
- Updated complete minimal example.
- Manual + automated test guidance updated for the new fixtures.
Add Architecture page from repo