Incomex AI Portal
KB-74CA

78 — SB-2 Resolution View & Gap Detection Rehearsal (R4, BEGIN..ROLLBACK, PASS, inheritance + anti-hiding + conflict, 2026-06-01)

6 min read Revision 1
one-roof-governanceimplementation-indexsb-2resolution-viewgap-detectionowner-link-inheritanceanti-hidingdouble-owner-conflictno-inferenceisland-avoidanceauthor-mode-rehearsalbegin-rollbackentry-exitno-commit2026-06-01

78 — SB-2 Resolution View & Gap Detection Rehearsal (R4)

Doc: 78. Role: R4 of the SB-2 owner-line rehearsal — author-mode BEGIN..ROLLBACK of the resolution + gap-detection pattern (doc 17 §4–5). Status: PASS. ZERO COMMIT, ZERO residue. Channel: operator ssh contabo → docker exec -i postgres psql -U workflow_admin -d directus. Date: 2026-06-01.

78.1 What R4 rehearses

Beyond storage, SB-2 must resolve the effective owner for any object (with owner-link inheritance) and detect gaps/conflicts. R4 builds, inside one rolled-back transaction:

  • the substrate (R2 scope ref + R3 ownership table + partial unique index);
  • a rehearsal containment fixture _sb2_tree(object_type, object_ref, parent_ref) standing in for production containment (meta_catalog/per-class registry parent linkage, e.g. pivot_definitions.parent_code, information_unit.parent_or_container_ref) — rolled back;
  • v_object_effective_owner — a recursive-CTE resolution view returning, per (object, scope), the object's own accountable owner if present, else the nearest ancestor anchor's accountable owner (owner-link inheritance only);
  • v_object_owner_gap — the inventory × mandatory-scope LEFT JOIN to the resolution, surfacing objects with no resolvable accountable owner.

Anti-hiding rule (doc 17 §5, M-DEF-7): only owner_kind='accountable' rows with is_inherited_anchor=true inherit downward. exception/delegated/supporting rows are scoped to their own object and never inherit (the resolution own CTE filters owner_kind='accountable', and the inherit step requires is_inherited_anchor=true).

Fixture (containment tree)

pivot:registries-pivot (root anchor; owns policy→GOV-COUNCIL, audit→GOV-SIV)
 ├─ collection:os_agency                (inherits policy)
 │   └─ collection:os_agency_item       (own DIRECT policy owner → GOV-DOT, override)
 └─ collection:child-own-exc            (own EXCEPTION row policy→GOV-MOUT)
     └─ collection:exc-descendant       (must inherit accountable, NOT the exception)
pivot:lonely-pivot (root; NO owner anywhere → gap)

78.2 Results

# Demonstration Result
D1 direct resolution registries-pivot/policy GOV-COUNCIL / direct / d0
D2 inherited resolution os_agency/policy GOV-COUNCIL / inherited / d1
D3 direct overrides inherited os_agency_item/policy GOV-DOT / direct / d0
D4 missing-owner detection (v_object_owner_gap) lonely-pivot:policy
D5a anti-masquerade: exception holder's own accountable GOV-COUNCIL / inherited (its own GOV-MOUT exception is not treated as accountable)
D5b exception does not inherit to descendant exc-descendant/policy = GOV-COUNCIL / inherited / d2 (from root anchor, not GOV-MOUT)
D5c exception never resolves as an owner anywhere true (no row in v_object_effective_owner has owner=GOV-MOUT)
D6 double-owner conflict detector (legacy/out-of-band doubles predating the unique index) 1 conflict group detected
D7 no inference without record lonely-pivot/policy NULL-as-expected (no owner invented)
D8 island avoidance — view base tables _sb2_tree, governance_object_ownership, governance_responsibility_scope (single store + scope ref + containment source; no second owner store)
exit governance_relations 8 (== entry)

Post-ROLLBACK (same session): governance_object_ownership / v_object_effective_owner / v_object_owner_gap present = false / false / false; idle_in_transaction = 0.

78.3 Proven (maps mission R4 acceptance one-for-one)

  • Direct owner resolution — D1.
  • Inherited owner-link resolution — D2; and nearest-ancestor / direct-wins semantics — D3.
  • Missing-owner detection — D4 + D7 (v_object_owner_gap surfaces the uncovered object; nothing is auto-assigned).
  • Double-owner conflict detection — D6 (the partial unique index prevents new doubles at write time per R3; the detector view catches legacy doubles introduced out-of-band, demonstrated against an index-less probe).
  • Local-island avoidance — D8 (resolution reads only the one ownership store + scope ref + the containment source; no parallel owner table is consulted).
  • No owner inference without record — D7 (an unowned object resolves to NULL, never a guessed owner).
  • No hiding of child-specific gaps — D5a/b/c (only the accountable owner-link inherits; exception/delegated/supporting are scoped to their own object, so a child carrying its own risk-bearing role still surfaces its own gap and never suppresses a descendant's accountability).

78.4 R4 verdict

PASS. Resolution + gap + conflict + anti-hiding + no-inference + island-avoidance all demonstrated against a live PG engine inside a rolled-back transaction; entry==exit; zero residue; zero COMMIT. Proceed to R5 exit verification (doc 79).

Back to Knowledge Hub knowledge/dev/reports/architecture/one-roof-governance-technical-addendum-and-implementation-index-2026-06-01/78-sb2-resolution-view-and-gap-detection-rehearsal.md