GPT Review — 23-P3D4C2U Execution PASS and DOT Table Registration Directive

Date: 2026-05-08
Reviewer: GPT-5.5 Thinking / Incomex Hội đồng AI
Reviewed:

• knowledge/dev/laws/dieu44-trien-khai/design/23-p3d4c2u-table-module-readonly-exposure-design.md
• knowledge/dev/laws/dieu44-trien-khai/reports/23-p3d4c2u-table-module-readonly-exposure-report.md
• knowledge/dev/laws/dieu44-trien-khai/reviews/opus-review-23-p3d4c2u-execution-pass-2026-05-08.md

Verdict

P3D4C2U PASS confirmed.

Opus review is accepted. Agent report/design are accepted.

The Table Module path is viable: universal events can be exposed as one more registered table, not as a bespoke notification UI.

Accepted findings

• table_registry live inventory: 20 rows.
• tbl_system_issues precedent confirmed: id=20, published, collection=system_issues, page_url=/knowledge/registries/system_issue.
• Generic route convention /knowledge/registries/{singular} confirmed across 13/20 rows.
• Directus auto-introspected the five event_* collections.
• GET /items/event_outbox returns 403, interpreted as permission gap, not structural blocker.
• Display source should be PG_VIEW_PROJECTION, not raw event_outbox.
• Candidate view: v_event_outbox_table, metadata-only, no raw payload/body/vector/secret.
• Draft tbl_event_outbox registry row is acceptable as a candidate.
• Nuxt path: NO_NUXT_CODE if generic registry route smoke passes.
• Điều 43 is used as model/context source only; no Đ43 machinery duplication.

Important caveat accepted

Table Module SSOT still marks TT-020/021/022 as red/unfinished, while live inventory shows 13/20 published registry rows. Therefore implementation must be gated:

1. Smoke existing tbl_system_issues / /knowledge/registries/system_issue first.
2. If smoke fails, STOP and recommend NEEDS_GENERIC_TEMPLATE_EXTENSION.
3. Do not work around by creating a notification-specific page/component.
4. Only if the existing generic table path works may tbl_event_outbox be registered/published.

Directive to Opus — draft implementation prompt, do not dispatch

Create prompt:

knowledge/dev/laws/dieu44-trien-khai/prompts/23-p3d4c2u-dot-table-registration-implementation-prompt.md

Future report path:

knowledge/dev/laws/dieu44-trien-khai/reports/23-p3d4c2u-dot-table-registration-implementation-report.md

This is an implementation prompt review. It may contain candidate SQL/DOT steps, but execution must wait for GPT/User approval.

Required prompt scope

The prompt must cover the 8-step DOT implementation path, with a hard Table Module smoke gate:

1. Preflight / smoke existing shelf

   • Verify table_registry exists and count.
   • Verify tbl_system_issues row exists and is published.
   • Smoke Directus/API access for system_issues collection.
   • Smoke generic route convention if tool access allows; otherwise report route smoke as limited and require manual/user verification before publish.
   • If existing Table Module path fails, STOP with NEEDS_GENERIC_TEMPLATE_EXTENSION.

2. PG view projection

   • Create v_event_outbox_table as metadata-only read projection.
   • Include only allowlisted fields from design note.
   • Preserve live schema deviations:
     • event_subject_ref text;
     • read_status_source IN ('explicit','implicit_self') if read state is included later.
   • Do not expose payload/raw/body/vector/secret.

3. PG grant

   • Identify Directus PG role used for existing collections/views.
   • Grant SELECT only on v_event_outbox_table.
   • No write grants.

4. Directus DOT metadata

   • Register/verify collection metadata for v_event_outbox_table via DOT/API path, not click UI.
   • Register only 12 visible fields or fewer if smoke requires narrowing.
   • Field meta must be read-only display-friendly.

5. Directus read permission

   • Seed read-only permission for the appropriate readonly role.
   • Assert no create/update/delete permissions for this collection.
   • Do not expose mark-read/write.

6. table_registry row

   • Insert/update tbl_event_outbox row modeled on tbl_system_issues.
   • Start as draft if smoke must run before publish.
   • Flip to published only after smoke passes.
   • Use existing Table Module schema exactly; do not invent fields outside registry convention.

7. Smoke tests

   • Existing shelf smoke: tbl_system_issues still renders/reads.
   • New collection smoke: GET /items/v_event_outbox_table?limit=1 returns 200.
   • Registry smoke: GET /items/table_registry?filter[table_id][_eq]=tbl_event_outbox returns one row.
   • Permission smoke: read allowed, write denied.
   • Unsafe field smoke: payload/body/vector/secret absent.
   • Nuxt/code smoke: no repository code changed.

8. Rollback

   • If fail before publish, remove draft registry row, revoke read permission, drop view if safe.
   • If published and smoke later fails, unpublish/remove registry row first, then revoke/drop.
   • Do not touch P3D4C1U event core tables/triggers/functions.
   • Do not touch IU runtime.

Specialized-law guard

Prompt must explicitly state:

• If Table Module is not ready, the correct next pack is TABLE_MODULE_GENERIC_EXTENSION_PROMPT_REVIEW, not a notification workaround.
• If Directus/DOT convention is insufficient, stop and repair DOT/Directus convention, not local hack.
• If Điều 43 relationship/graphic data is needed, use or amend Điều 43, not duplicate.

Hard boundaries for Opus/Agent

• Do not dispatch implementation after drafting prompt.
• No PG mutation while drafting prompt.
• No Directus mutation while drafting prompt.
• No Nuxt code.
• No bespoke notification UI.
• No notification-specific page/component.
• No Directus click-config.
• No Directus write/mark-read.
• No body/raw payload/vector/secret exposure.
• No IU runtime change.
• No worker/cron.
• No Điều 43 machinery change.

Required report fields for future execution

phase_status=PASS|FAIL|BLOCKED|NEEDS_GENERIC_TEMPLATE_EXTENSION
table_registry_preflight=PASS|FAIL
tbl_system_issues_found=PASS|FAIL
system_issues_smoke=PASS|FAIL|LIMITED_MANUAL_REQUIRED
generic_route_smoke=PASS|FAIL|LIMITED_MANUAL_REQUIRED
pg_view_created=PASS|FAIL|ALREADY_PRESENT
pg_view_name=v_event_outbox_table
unsafe_fields_exposed=false
event_subject_ref_type=text
read_status_source_values=explicit,implicit_self
directus_collection_registered=PASS|FAIL|ALREADY_PRESENT
directus_read_permission=PASS|FAIL
directus_write_permissions_absent=PASS|FAIL
table_registry_row_created=PASS|FAIL|ALREADY_PRESENT
table_registry_status=draft|published
published_after_smoke=true|false
new_collection_smoke=PASS|FAIL
registry_smoke=PASS|FAIL
no_nuxt_code=true
no_bespoke_ui=true
no_directus_click_config=true
no_mark_read_ui=true
no_iu_runtime_change=true
rollback_plan=PASS|FAIL
rollback_executed=NO_ON_SUCCESS|YES_ON_FAIL
recommendation=P3D4C2U_PASS_READY_FOR_USER_VIEW|NEEDS_GENERIC_TEMPLATE_EXTENSION|REVISION_REQUIRED|BLOCKED
next_required_pack=<based_on_result>

Current GPT recommendation

Proceed to have Opus draft the P3D4C2U DOT/Table Registration implementation prompt.

Do not run implementation yet. The next prompt must be reviewed before dispatch.