Incomex AI Portal
KB-94FD

dot-iu-cutter v0.3 — Read-Observability PRODUCTION Command-Review Package (COMMAND REVIEW ONLY; nothing executed) (2026-05-16)

16 min read Revision 1
dot-iu-cutterdieu44v0.3read-observabilitycommand-reviewproductionexecution-blockedpass-with-notes

dot-iu-cutter v0.3 — Read-Observability PRODUCTION Command-Review Package

document_path: knowledge/dev/laws/dieu44-trien-khai/v0.3-execution/dot-iu-cutter-v0.3-read-observability-production-command-review-package-2026-05-16.md
revision: r1
date: 2026-05-16
author: Agent (Claude Code CLI, Opus 4.7 1M)
sovereign: User / anh Huyền
verifier: GPT (PENDING)
phase: v0.3 — read-observability PRODUCTION COMMAND-REVIEW (authoring only)
authorization: GPT dry-run re-run verdict = PASS_WITH_NOTES;
  command-review phase explicitly opened; production execution FORBIDDEN
status: command_review_authored_for_gpt_review
production_executed: false
mutation_performed: false
self_advance: PROHIBITED

COMMAND REVIEW ONLY — NOTHING EXECUTED. No production SQL run. No role created. No view created. No GRANT/REVOKE run. No Directus change. No RLS. No deploy. No CUT/VERIFY. This document is the proposed production command plan for GPT review only. Execution remains BLOCKED and requires a separate, explicit GPT authorization + sovereign prompt. Agent self-advance PROHIBITED.

§0 — Provenance & Pinned Artefacts

upstream_dry_run_rerun: PASS_WITH_NOTES (GPT, 2026-05-16)
  VERIFY_FAIL_COUNT: 0
  all_4_false_negatives_resolved: true
  production_touched: false (read-only inspection + read-only pg_dump only)
gpt_review_doc: knowledge/dev/laws/dieu44-trien-khai/reviews/dot-iu-cutter-v0.3-read-observability-dry-run-rerun-gpt-review-2026-05-16.md
ddl_artefact:
  source_path: knowledge/dev/laws/dieu44-trien-khai/v0.3-ddl-authoring/dot-iu-cutter-v0.3-read-observability-ddl-draft-2026-05-16.sql.md
  sha256: 065ee6d3f1aac760715cb6cc1bc8aa243d680fa20128a3c05e2b679f318e3b04
  status: UNCHANGED — GPT-pinned; dry-run-proven; byte-stable
rollback_artefact:
  source_path: knowledge/dev/laws/dieu44-trien-khai/v0.3-ddl-authoring/dot-iu-cutter-v0.3-read-observability-rollback-draft-2026-05-16.md
  sha256: 059f1dcf0154eac260a0b47c08c161ee45ecb7a8b60d634349da894d7e611a5c
  status: UNCHANGED — GPT-pinned; dry-run-proven; byte-stable
production_target:
  host: VPS 38.242.240.89
  container: postgres   db: directus
  system_identifier: 7611578671664259111
  baseline: cutter_governance = 12 base tables, 0 rows, PK 12, FK 19;
    no cutter_ro; no v0.3 views; no RLS on cg; directus_collections=164,
    directus_permissions=1173 (authz snapshot captured at C-04 / C-05)
view_owner_at_execution: workflow_admin (migration superuser; already reads
  base tables — DEFAULT view semantics, security_invoker=false → cutter_ro
  needs NO base-table privilege)

§1 — Scope (this production phase, if/when authorized)

in_scope:
  - CREATE PG role cutter_ro (NOLOGIN group; no member binding)
  - CREATE 12 cutter_governance.v_<table>_observe read-only views
  - GRANT USAGE ON SCHEMA cutter_governance TO cutter_ro
  - GRANT SELECT on the 12 observe views TO cutter_ro (12 grants)
  - exactly 13 grants total (1 USAGE + 12 view SELECT)
explicitly_NOT_in_scope:
  - NO base-table SELECT grant (views only)
  - NO write grant anywhere (no INSERT/UPDATE/DELETE/TRUNCATE/REFERENCES/TRIGGER)
  - NO Directus change of any kind
  - NO RLS create/enable/disable
transaction: single BEGIN … COMMIT, psql -v ON_ERROR_STOP=1
artefact: the exact dry-run-proven DDL (sha 065ee6d3…) — verbatim, no edits
the_12_base_tables:
  1  canonical_address_alias        7  decision_backlog_sweep_log
  2  cut_change_set                 8  dot_pair_signature
  3  cut_change_set_affected_row    9  manifest_envelope
  4  decision_backlog_dependency   10  manifest_unit_block
  5  decision_backlog_entry        11  review_decision
  6  decision_backlog_history      12  verify_result
the_12_views: v_<base>_observe (one per base table, same order)
visible_columns_per_view: 7,19,6,6,4,7,9,11,11,9,22,23  (total 134)
redacted_columns_total: 30 (absent from every view by construction)

§2 — Non-Scope (hard exclusions)

- NO Directus collection registration of cutter_governance tables/views
- NO Directus role / policy / permission / access creation or edit
- NO tightening of the existing `directus` app role (B-5 — separate workstream)
- NO RLS (create / enable / disable / policy) on any object
- NO cutter_ro login enablement or member/group binding (B-4 — deferred)
- NO cutter_ro_full role
- NO ALTER DEFAULT PRIVILEGES (grants are exactly-enumerated; no auto-grant)
- NO app / service deploy or restart
- NO CUT / VERIFY operation
- NO Qdrant / vector / embedding write
- NO data write, seed, INSERT, backfill, or row mutation
- NO ALTER / DROP of any pre-existing object (12 base tables untouched)

§3 — Production Command Plan (8 commands; PROPOSED — NOT RUN)

All commands are authored for review. None has been executed. C-01..C-07 are the forward path; C-08 is conditional (rollback) and runs ONLY on a TRUE post-verification failure. Command hygiene: every psql invocation runs non-interactively with stdin redirected from /dev/null (never -i), inside the proven script-artefact pattern (scp'd, sha256-gated, identity-guarded, logged) — no complex inline SSH heredoc.

C-01  Fresh production backup
  action: pg_dump (read-only) of db `directus` as workflow_admin (rolsuper)
  out:    /opt/incomex/backups/dieu44_v0_3_readobs_prod_<TS>/prod-directus-<TS>.sql
  nature: READ-ONLY; does not mutate production
  gate ref: G-01

C-02  Backup checksum + age stamp
  action: sha256sum the dump → SHA256SUMS; record backup_completed_at (UTC)
  purpose: integrity proof + freshness anchor for the ≤60-min window
  gate ref: G-01, G-02

C-03  Pre-migration schema / role snapshot
  action (READ-ONLY catalog SELECT):
    - system_identifier, current_database()
    - cutter_governance base-table list + count + per-table column count
    - PK count, FK count (catalog: pg_constraint structural — NOT rendered text)
    - existence of role cutter_ro (expect absent)
    - existence of the 12 v_*_observe views (expect 0)
    - relrowsecurity across cg tables (expect 0)
  store: snapshot file under the work dir
  gate ref: G-05, G-06, G-07, G-08

C-04  Pre-migration authz snapshot
  action (READ-ONLY): count directus_collections (expect 164),
    directus_permissions (expect 1173), directus_roles, directus_policies,
    directus_access; capture cutter_ro privilege baseline (none — role absent)
  store: authz snapshot file
  gate ref: G-10

C-05  Preflight (ABORT-on-any; nothing created before this passes)
  asserts:
    - production identity: system_identifier = 7611578671664259111 AND
      current_database() = directus                                   [G-05]
    - DDL sha256 == 065ee6d3f1aac760715cb6cc1bc8aa243d680fa20128a3c05e2b679f318e3b04   [G-03]
    - rollback sha256 == 059f1dcf0154eac260a0b47c08c161ee45ecb7a8b60d634349da894d7e611a5c [G-04]
    - cutter_governance has exactly 12 base tables                     [G-08]
    - total cutter_governance rows = 0 (all 12 tables empty)           [G-09]
    - role cutter_ro ABSENT (CREATE ROLE has no IF NOT EXISTS)         [G-06]
    - all 12 v_*_observe views ABSENT                                  [G-07]
    - no RLS baseline: 0 cg tables with relrowsecurity                 [G-05]
    - backup present, checksum verified, age ≤ 60 min                  [G-01,G-02]
    - Directus authz counts == C-04 snapshot (164 / 1173 / …)          [G-10]
  on_any_fail: ABORT before BEGIN — nothing created

C-06  Execute DDL
  action: psql -v ON_ERROR_STOP=1 -f v0_3_read_observability.sql < /dev/null
  properties:
    - single transaction (BEGIN … COMMIT inside the artefact)
    - EXACT dry-run-proven DDL only (sha 065ee6d3…) — verbatim, no edits
    - expected: CREATE ROLE / COMMENT / CREATE VIEW ×12 / GRANT ×13 / COMMIT
    - rc must be 0; any non-zero → transaction aborts atomically, go C-08

C-07  Post-execution verification (catalog-based; ALL must PASS)
  - cutter_ro exists
  - cutter_ro flags structural-scalar PASS: NOLOGIN, NOSUPERUSER,
    NOCREATEDB, NOCREATEROLE, NOREPLICATION, NOBYPASSRLS
    (structural CASE→PASS scalar; raw booleans echoed as INFO — NOT a
     rendered-string compare; FN-1 lesson)
  - cutter_ro membership of any role = 0
  - 12 v_*_observe views exist (exact names match spec)
  - cutter_ro has SELECT on EACH of the 12 views (has_table_privilege ×12)
  - cutter_ro has NO SELECT on ANY of the 12 base tables (×12 false)
  - cutter_ro has NO write (INSERT/UPDATE/DELETE/TRUNCATE) on 24 rels (96 false)
  - 30 redacted columns ABSENT across the 12 views (information_schema.columns)
  - 134 visible columns PRESENT; per-view counts exact
    (7,19,6,6,4,7,9,11,11,9,22,23)
  - no viewdef leak: pg_get_viewdef contains no redacted base column name
  - 12 base tables intact; per-base column count == C-03 snapshot
  - PK count = 12, FK count = 19 (catalog structural — schema-qualified-safe;
    pg_get_constraintdef lesson honored: structural compare, not string prefix)
  - every cg base table still 0 rows; every view 0 rows
  - Directus authz counts unchanged vs C-04 (collections 164 / permissions 1173)
  - no RLS (0 cg tables with relrowsecurity)
  - production system_identifier unchanged = 7611578671664259111
  on_any_fail: TRUE failure → C-08 (NOT a string-prefix false-negative;
    the harness false-negative class was eliminated in the re-run)

C-08  Rollback (CONDITIONAL — only on a TRUE C-07 failure or explicit prompt)
  action: psql -v ON_ERROR_STOP=1 -f v0_3_read_observability_rollback.sql < /dev/null
  artefact: EXACT dry-run-proven rollback only (sha 059f1dcf…) — verbatim
  order: REVOKE 13 grants → DROP 12 views (NO CASCADE) → DROP ROLE cutter_ro
         (only if memberless AND owns nothing — deptype='o' guard)
  guards:
    - pre-DROP ROLE: pg_auth_members members = 0
    - pre-DROP ROLE: pg_shdepend ownership filtered to deptype='o' = 0
      (ACL deps deptype='a' are NOT ownership — must NOT block; FN-4 lesson)
    - NO CASCADE on DROP VIEW / DROP ROLE; unexpected dependent → STOP/ESCALATE
    - NEVER DROP/ALTER any of the 12 base tables; never touch Directus/RLS
  expected_post_rollback: pre-v0.3 baseline exactly (role gone, 12 views gone,
    13 grants gone, base 12/PK12/FK19 intact, 0 rows, Directus 164/1173
    unchanged, no RLS, sysid 7611578671664259111)

§4 — Safety Gates (11; ABORT semantics)

G-01  ABORT if the fresh backup (C-01) fails or is missing/zero-byte
G-02  ABORT if backup age > 60 minutes at the C-06 execution point
G-03  ABORT if DDL sha256 ≠ 065ee6d3f1aac760715cb6cc1bc8aa243d680fa20128a3c05e2b679f318e3b04
G-04  ABORT if rollback sha256 ≠ 059f1dcf0154eac260a0b47c08c161ee45ecb7a8b60d634349da894d7e611a5c
G-05  ABORT if production identity unclear (sysid ≠ 7611578671664259111
      OR db ≠ directus OR RLS baseline non-zero)
G-06  ABORT if role cutter_ro already exists (no IF NOT EXISTS in CREATE ROLE)
G-07  ABORT if ANY of the 12 v_*_observe views already exists
G-08  ABORT if cutter_governance base-table count ≠ 12
G-09  ABORT if any base table row count changes unexpectedly (baseline = 0)
G-10  ABORT if any Directus authz count changes unexpectedly vs snapshot
      (collections 164 / permissions 1173 / roles / policies / access)
G-11  ABORT (→ conditional rollback C-08) if any C-07 post-verification fails
gate_count: 11
abort_principle: any G-01..G-10 trips BEFORE BEGIN (nothing created);
  G-11 trips AFTER COMMIT and routes to the proven rollback (C-08)

§5 — Carry Note N-1 (public schema USAGE)

N-1_public_schema_USAGE:
  fact: cutter_ro inherits PostgreSQL's cluster-default PUBLIC USAGE on
    schema `public`
  class: PostgreSQL default — true for ALL roles cluster-wide
  not_v0_3_introduced: true (pre-existing cluster default, not created here)
  data_access_granted: NONE (USAGE on `public` grants no table/data access;
    v0.3 grants no object privileges in `public`)
  disposition_this_phase:
    - do NOT revoke in this phase (cluster-wide + out of scope)
    - MUST NOT be treated as a fail gate (acknowledged NOTE only)
    - explicitly acknowledged here per GPT review §4 (carry_to_command_review)

§6 — Rollback Specification

artefact: v0_3_read_observability_rollback.sql
  source_path: knowledge/dev/laws/dieu44-trien-khai/v0.3-ddl-authoring/dot-iu-cutter-v0.3-read-observability-rollback-draft-2026-05-16.md
  sha256: 059f1dcf0154eac260a0b47c08c161ee45ecb7a8b60d634349da894d7e611a5c
  status: dry-run-proven (rc=0, baseline fully restored); UNCHANGED
properties:
  - single transaction, ON_ERROR_STOP=1
  - NO CASCADE on DROP VIEW / DROP ROLE (no v0.3 dependents exist; an
    unexpected dependent → STOP/ESCALATE, never force CASCADE)
  - role ownership guard MUST use pg_shdepend deptype='o' (true ownership);
    ACL grant deps (deptype='a') are NOT ownership deps and must NOT block
    the DROP ROLE (FN-4 corrected-harness lesson)
  - member guard: pg_auth_members count for cutter_ro must be 0 (B-4 binding
    deferred → expected memberless); if non-zero → skip DROP ROLE, STOP/ESCALATE
  - NEVER DROP/ALTER the 12 base tables; never touch Directus; never toggle RLS
restores: exact pre-v0.3 baseline (role absent, 12 views absent, 13 grants
  gone, base 12 tables / PK 12 / FK 19 intact, 0 rows, Directus 164/1173
  unchanged, no RLS, sysid 7611578671664259111, zero data delta)

§7 — Output Summary

production_command_count: 8
  forward_always_run: 7 (C-01 … C-07)
  conditional_rollback: 1 (C-08 — only on a TRUE C-07 failure / explicit prompt)
ddl_source_path: knowledge/dev/laws/dieu44-trien-khai/v0.3-ddl-authoring/dot-iu-cutter-v0.3-read-observability-ddl-draft-2026-05-16.sql.md
ddl_sha256: 065ee6d3f1aac760715cb6cc1bc8aa243d680fa20128a3c05e2b679f318e3b04
rollback_source_path: knowledge/dev/laws/dieu44-trien-khai/v0.3-ddl-authoring/dot-iu-cutter-v0.3-read-observability-rollback-draft-2026-05-16.md
rollback_sha256: 059f1dcf0154eac260a0b47c08c161ee45ecb7a8b60d634349da894d7e611a5c
safety_gates_count: 11 (G-01 … G-11)
execution_still_blocked: TRUE — no production SQL run; no role/view/grant
  change; no Directus change; no RLS; no deploy; no CUT/VERIFY
ready_for_gpt_review: TRUE (command-review package only; production execution
  requires a separate explicit GPT authorization + sovereign prompt)

§8 — Hard Boundaries (honored by this document)

command_review_only: TRUE
production_execution: NONE          production_SQL_run: NONE
role_created: NONE                  view_created: NONE
GRANT/REVOKE_run: NONE              directus_change: NONE
RLS_change: NONE                    deploy: NONE
CUT_or_VERIFY: NONE                 data_write: NONE
ddl_rollback_sha_pinned_to_GPT_values: TRUE
self_advance_to_execution: PROHIBITED
next_step: GPT review of THIS command-review package. Production execution
  remains FORBIDDEN until GPT explicitly authorizes AND the sovereign prompts.
  No self-advance.

End of v0.3 read-observability PRODUCTION command-review package (authored for GPT review; nothing executed; execution BLOCKED).

Back to Knowledge Hub knowledge/dev/laws/dieu44-trien-khai/v0.3-execution/dot-iu-cutter-v0.3-read-observability-production-command-review-package-2026-05-16.md