SuperBundle — 07 Human-Org-Role / Permission Law Pack (DRAFT)
07 — Human-Org-Role / Permission Law Pack (Branch G)
Verdict: REVIEWABLE LAW DRAFT. Đ37 governance_registry (5 rows, all council/system, output_target NULL) has zero human-org roles — confirmed live. Human roles must live in a NEW law layer that maps to Directus policies, without conflicting with Đ37 (Đ37 governs factory/system agencies; humans are a parallel actor axis).
A. Live confirmation
governance_registry schema: code/name/gov_type/gov_group/output_target/domain/primary_collection/created_by_law/health_dot/status. Rows: GOV-COUNCIL(council), GOV-DOT/GOV-KG-SYS/GOV-NRM-SYS/GOV-SIV(system). No gov_type='human', no person roles. This is the D-1 divergence recorded in Rev5 (Đ37 has no human roles → Directus + Đ32 layer + future human-org-role law). This pack IS that law draft.
B. Role taxonomy (proposed)
| Role code | Tier | Scope | Description |
|---|---|---|---|
ROLE-STAFF |
1 | unit | author/edit drafts, propose |
ROLE-DEPT-LEAD |
2 | collection | approve dept scope, delegate |
ROLE-ARCH-COUNCIL |
3 | system | cross-sign, approve design/law |
ROLE-SUPER-ADMIN |
4 | system | platform admin (no law approval) |
ROLE-SOVEREIGN |
5 | system | final authority, never-flip custody |
ROLE-AGENT |
0 | bounded | automated; propose only, never approve |
C. Verb matrix (5 verbs × roles)
| Role | view | edit | approve | delegate | escalate |
|---|---|---|---|---|---|
| STAFF | own+collection | own drafts | ✗ | ✗ | ✓ |
| DEPT-LEAD | dept | dept | dept scope | to staff | ✓ |
| ARCH-COUNCIL | all | design/law | design/law (cross-sign) | to dept-lead | ✓ |
| SUPER-ADMIN | all | config/non-law | ✗ (law) | ✓ ops | ✓ |
| SOVEREIGN | all | all | all + never-flip | ✓ | n/a |
| AGENT | scoped | scoped drafts | ✗ (hard) | ✗ | ✓ (flag) |
Rule: approve is human-only; AGENT approve is structurally forbidden (ties to doc 06 proposed-builder).
D. Visibility matrix (read)
- STAFF: own units + own collection + published.
- DEPT-LEAD: department collections.
- COUNCIL/SOVEREIGN: all.
- SUPER-ADMIN: all metadata, but law-approval surfaces read-only.
- AGENT: scoped to assigned macro; production review surfaces read-only.
E. Directus policy mapping
- Each role → one Directus policy (role+permissions).
tier_registry(doc 01) supplies tier_level;authority_rolecolumn maps role → policy. - Field-level: edit allowlists per collection from
field_registry(doc 01) × role. - Đ32 approval actions gated by policy + cross-sign (doc 06).
- No role grants direct INSERT to
information_unit(gateway-canonical only) or tocutter_governance.review_decisionapprove (human path only).
F. Nuxt / template impact (Đ28)
- Every role-aware surface = a
design_templatesrow (Đ28); no bespoke Nuxt. - Login → policy → visible templates resolved from role × design_templates.
- Input forms (
input_form_registry) filtered by role edit-allowlist.
G. MOW / MOT / MOIT / MOUT impact
- MOW (workflow): roles assign/claim tasks; approve transitions need DEPT-LEAD+.
- MOT (task): task ownership by STAFF; review by DEPT-LEAD.
- MOIT (info/table): output_table writes governed by role + Đ36.
- MOUT (UI): surface visibility by role × design_templates. Each Mother consults this law for who-can-do-what at runtime (blocked until law enacted = gate G2).
H. Governance Cockpit impact
- Cockpit shows role-scoped governance state; approve/delegate/escalate actions gated by verb matrix.
- Never-flip custody (vector_sync, allow_no_review_decision) = SOVEREIGN only, surfaced read-only to all others.
I. AI / Agent role boundary
- AGENT (ROLE-AGENT, tier 0): propose/draft/read-scoped only. Cannot approve, cannot delegate, cannot flip gates, cannot mint terminal review_decision. Escalation = raise a flag to a human role.
- This boundary is the law-level statement of the system-wide "no Agent self-approval / no self-mint" rules.
J. No conflict with Đ37
- Đ37 = factory/system agency axis (gov_type council/system/factory). This law = human person axis. They are orthogonal: a human role may act on behalf of a governance agency (cross-sign for GOV-COUNCIL) but is not itself a governance_registry row.
- Implementation: either a new
human_role_registrytable (parallel to governance_registry) ORgov_type='human'rows in governance_registry — recommend separate table to keep Đ37 factory-pure (avoids overloading factory semantics). This is a law-design decision for council.
K. Status & next
DRAFT law pack — needs council review + enactment (not done here; no law enacted, per forbidden rules). Enactment = 4-Mothers gate G2. Promote to knowledge/dev/laws/ as a numbered article after council review (doc 10 Prompt 7).