76 — SB-2 governance_responsibility_scope Rehearsal (R2, BEGIN..ROLLBACK, PASS, entry==exit, 2026-06-01)
76 — SB-2 governance_responsibility_scope Rehearsal (R2)
Doc: 76. Role: R2 of the SB-2 owner-line rehearsal — author-mode
BEGIN..ROLLBACKof the scope reference table (doc 17 §3). Status: PASS. ZERO COMMIT, ZERO residue. Channel: operatorssh contabo → docker exec -i postgres psql -U workflow_admin -d directus. Date: 2026-06-01.
76.1 What R2 rehearses
governance_responsibility_scope = the tiny additive reference table that makes the 6 law-defined responsibility scopes (Điều 37 §4.15-bis / M-DEF-3) data, not a code enum — so a 7th scope is a row, not DDL. governance_object_ownership.scope FKs to it. The 6 seed scopes: policy, health, execution, render, approval, audit, each with a default_owner_hint (advisory OP-B-style default agency) that FKs to governance_registry(code).
Mission-list → model mapping (design fidelity, no drift)
The mission §4/R2 asked to model policy, health, execution, render, approval, audit, rollback, exception + delegated/supporting. Per the C-1-approved design (doc 17), these resolve to two different model elements, and inventing extra scopes beyond the law-defined six would be drift:
| Mission term | Modeled as | Where |
|---|---|---|
| policy, health, execution, render, approval, audit | responsibility scope (row in governance_responsibility_scope) |
R2 (this doc) |
| rollback | column rollback_ref on the ownership row |
R3 (doc 77) |
| exception, delegated, supporting | owner_kind ROLES (accountable/supporting/delegated/exception) — explicitly "must not masquerade as accountable" (C-1) |
R3 (doc 77) |
This honors the GPT C-1 ruling verbatim and the law-defined scope set; the scope model stays open (a future 7th scope is a governed row, §76.3 D8).
76.2 Transaction (BEGIN..ROLLBACK) — what ran
SET LOCAL statement_timeout='5s' / lock_timeout='3s' / idle_in_transaction_session_timeout='15s'. CREATE TABLE governance_responsibility_scope(scope_code PK, description, default_owner_hint → governance_registry(code), status CHECK∈{active,superseded,retired}); seed 6 scopes; run assertions; ROLLBACK.
76.3 Results
| # | Assertion | Result |
|---|---|---|
| R2.entry.governance_relations | live edges before | 8 |
| R2.entry.governance_registry | agencies before | 9 |
| R2.entry.scope_table_present | greenfield | false |
| R2.scope_rows_seeded | 6 law-defined scopes | 6 |
| R2.scope_codes | seeded set | approval,audit,execution,health,policy,render |
| R2.fk_owner_hint_all_resolved | every default_owner_hint exists in registry |
true |
| R2.neg_fk_test | scope with bogus owner hint GOV-DOES-NOT-EXIST |
PASS-bad-owner-rejected (FK violation) |
| R2.no_hardcode_7th_scope_is_row | inserting a 7th scope is a ROW, not DDL | true (count→7, no schema change) |
| R2.exit.governance_relations | live edges after | 8 (== entry) |
| R2.exit.governance_registry | agencies after | 9 (== entry) |
Post-ROLLBACK (same session): governance_responsibility_scope present = false; idle_in_transaction = 0.
76.4 Proven
- The scope reference is additive/greenfield — creating it touches no live object; the 8
governance_relationsedges and 9 registry agencies are byte-for-byte unchanged. - FK integrity is real and stronger than
governance_relations(which has no FK on its codes): a scope cannot name a non-existent owner agency. - No-hardcode for scope is satisfied — a new scope is a governed row, never an
ALTER/CHECK edit. - No-island: the only owner-hint pointer is into the canonical
governance_registry; no parallel agency list.
76.5 R2 verdict
PASS. Scope reference table rehearsed; FK + no-hardcode + additivity proven; entry==exit; zero residue; zero COMMIT. Proceed to R3 (doc 77).