KB-6BF1
dot-iu-cutter v0.3 — Directus Read-Observability Design Report (rollup; ready for GPT review) (2026-05-16)
6 min read Revision 1
dot-iu-cutterdieu44v0.3designdesign-reportready-for-gpt-reviewdesign-only
dot-iu-cutter v0.3 — Directus Read-Observability Design Report (rollup)
document_path: knowledge/dev/laws/dieu44-trien-khai/v0.3-design/dot-iu-cutter-v0.3-directus-read-observability-design-report-2026-05-16.md
revision: r1
date: 2026-05-16
author: Agent (Claude Code CLI, Opus 4.7 1M)
sovereign: User / anh Huyền
verifier: GPT (PENDING)
phase: v0.3 — DESIGN ONLY rollup / report
status: ready_for_gpt_review
nothing_executed: true
⛔ DESIGN ONLY. Nothing executed. Production inspected READ-ONLY only. Execution gated on GPT review PASS + explicit User prompt + separate session.
§1 — Package (5 docs, all r1, v0.3-design/)
1. dot-iu-cutter-v0.3-directus-read-observability-design-master-2026-05-16.md
2. dot-iu-cutter-v0.3-directus-role-permission-matrix-design-2026-05-16.md
3. dot-iu-cutter-v0.3-directus-rls-read-policy-design-2026-05-16.md
4. dot-iu-cutter-v0.3-directus-risk-and-dry-run-plan-2026-05-16.md
5. dot-iu-cutter-v0.3-directus-read-observability-design-report-2026-05-16.md (this)
controlling_inputs: v0.2 handoff-status / structural-schema-inventory /
post-execution-backup-verification / v0.3 app-tooling routing note (2026-05-16)
§2 — Decisive Finding
the 12 cutter_governance tables are NOT registered as Directus collections (0)
⇒ today they are invisible to the Directus API/Data Studio entirely.
the app DB role `directus` ALREADY has SELECT on them at the PG layer
⇒ the real control plane for read observability is PostgreSQL privileges,
not the Directus permission system.
no RLS on any cg table; all 12 tables 0 rows.
§3 — Recommended Permission Model
recommendation: MODEL-C (hybrid, PG-first)
- NOW: a least-privilege PG role `cutter_ro` (NOLOGIN, NOSUPERUSER,
NOCREATEROLE, NOBYPASSRLS) with USAGE on schema + SELECT on 12 read VIEWS
(v_<t>_observe) that omit sensitive columns. NOTHING in Directus changes.
- DEFERRED (separate gate): Directus collection registration + a read-only
"cutter-readonly" policy bound to a "Cutter Observer" role (admin_access
false, never public) IF Data Studio visibility is actually required.
why: smallest reversible surface, on empty tables, outside the Directus authz
graph; satisfies "safe read-only observability" immediately; column
redaction is DB-enforced via views (Directus-independent).
§4 — Is PG RLS Needed?
answer: NO for v0.3. Requirement is read-ALL-rows; no per-row partition stated;
column sensitivity solved by view projection (RLS does not hide columns).
A CONDITIONAL SELECT-only RLS spec is documented as a forward option, gated
on a future row-scoping requirement (triggers R1–R3) — not now.
§5 — Sensitive Fields (default REDACTED in observer projection)
crypto/integrity: dot_pair_signature.{signature_payload, payload_envelope, payload_hash}
control_tokens: cut_change_set.{rollback_key, idempotency_key}
raw_state: cut_change_set_affected_row.{before_state_snapshot, after_state_snapshot}
identity_PII: review_decision.{reviewer_identity, reviewer_independence_evidence}
large_jsonb_default_hidden: decision_backlog_entry.payload, *.findings,
*.change_diff, manifest_unit_block.{source_span,payload_summary,candidate_edges,report_summary}
GPT_to_ratify: the "REVIEW" set (narrative rationale/scenario_ref, sweep findings).
§6 — Risks & Blockers
risk_class: STANDARD (empty tables + reversible + read-only ⇒ not HIGH;
touches shared auth infra ⇒ not LOW)
open_blockers (must be resolved before any execution):
B-1 consumer model (A/B/C) B-2 sensitive-field policy ratification
B-3 read-audit requirement B-4 consumer principal & credentials
B-5 leave existing app DB role as-is? (recommend YES; separate workstream)
B-6 redaction mechanism (recommend PG views)
all OPEN; owners = GPT/User; Agent did NOT self-resolve.
§7 — Rollback & Dry-Run (summary)
rollback: fully reversible — REVOKE + DROP VIEW×12 + DROP ROLE (PG); delete
policy/access/role + unregister collections (Directus). Tables empty ⇒ zero
data impact; no CASCADE; no pre-existing object dropped; rollback rehearsed
in dry-run step D-10.
dry_run: ephemeral isolated postgres:16 (restore v0.2 backup sha a432a86e…),
no published port, sysid ≠ prod; 11-step grid D-1..D-11 incl. read-OK,
write-denied, escalation-denied, redaction, additive-only, rollback, teardown,
prod-untouched. NOT yet provisioned (design only).
§8 — Readiness
ready_for_gpt_review: YES
nothing_executed: true
production_touched: read-only inspection only (sysid 7611578671664259111
unchanged; no DDL/DML/GRANT/role/policy/RLS; cg=12 rows=0)
next_step: GPT review of this 5-doc design package. If PASS → resolve B-1..B-6
→ (separate authorization) DDL/policy authoring → dry-run → command-review →
execution. Agent self-advance PROHIBITED.
§9 — Hard Boundaries (honored)
design_only: TRUE
no_directus_permission_change / no_role_create / no_policy_change: TRUE
no_PG_RLS / no_GRANT / no_REVOKE / no_view_create: TRUE
no_collection_registration / no_data_write / no_CUT / no_VERIFY: TRUE
no_Qdrant / no_deploy / no_existing_role_tightening: TRUE
production_sql: read-only inspection only
self_advance: PROHIBITED — awaiting GPT review
output_form: v0_3_directus_read_observability_design_report
End of v0.3 Directus read-observability design report (ready for GPT review).