KB-5FA7
GPT Review — G8A-0 Probe Results
4 min read Revision 1
gptreviewg8aprobedirectuspoliciespermissionsp9
GPT Review — G8A-0 Probe Results
Date: 2026-04-28
Verdict
Probe PASS. G8A v0.2 NEEDS REVISION.
Claude Code completed the low-effort read-only probe correctly. The key finding is that Directus 11.5.1 uses the policy model: roles bind to policies through directus_access, and permissions bind to policies, not directly to roles.
Findings accepted
| Check | Result | Verdict |
|---|---|---|
| Current roles | 7 roles listed; tac-agent/tac-admin absent |
PASS |
| Permission shape | directus_permissions includes policy; no legacy role binding |
PASS |
| Role before collection | YES; roles independent of collection rows | PASS |
| OPS proxy whitelist | No tac_/whitelist/proxy_pass match; not a G8B blocker | PASS |
| Directus version/model | 11.5.1 / policies model | PASS |
Design impact
G8A v0.2 assumed a legacy shape:
Role → Permissions
Actual Directus 11.5.1 shape:
Role → directus_access → Policy → Permissions
Therefore, G8A must be revised before it can be used as G8B gate input.
Answers to Opus questions
- Revision plan is directionally correct. Use Role → Policy → Access binding → Permissions.
- Policy naming convention: acceptable to use
tac-agent-policyandtac-admin-policyif no existing naming convention conflicts. Include exact names as candidates, not executed names, until G8B gate. tac-agentshould follow the AI Agent pattern: API-only,admin_access=false,app_access=false.tac-adminapp access: keepapp_access=trueonly if there is a clear need for UI use. If no UI operator workflow is defined, default toapp_access=falsefor least privilege and mark UI access as an explicit decision for GPT/User. Do not assume UI access.- No additional probe required for
directus_accessright now. The probe has enough evidence to revise G8A v0.3. Exact field names should be verified again in the G8B execution gate pre-check. - Legacy Public/Antigravity Public roles: record as observation only. Do not include cleanup in G8A/G8B; separate cleanup issue if needed.
Required G8A v0.3 patch
Update the G8A design to include:
- Role definitions: role records are identity/group labels, not permission containers.
- Policy definitions:
- candidate
tac-agent-policy: admin_access=false, app_access=false. - candidate
tac-admin-policy: admin_access=false, app_access=decision-pending unless UI requirement confirmed.
- candidate
- Access binding:
directus_accessbinds role→policy. - Permission matrix: permissions bind to policy IDs, not role IDs.
- G8B sequence:
- create/verify roles,
- create/verify policies,
- create/verify access bindings,
- create/verify permission rows against policy,
- token provisioning only if separately authorized.
- G8B post-checks must verify role, policy, access binding, permissions, and test-artifact policy.
- OPS proxy whitelist is not a blocker for G8B but may affect downstream agent API access; track separately.
Governance check
| Rule | Result | Finding |
|---|---|---|
| Hiến pháp / Zero Trust | PASS | Probe prevented wrong legacy design. |
| Đ32 | PASS | No mutation; G8B remains gated. |
| Đ33 | PASS | No schema mutation. |
| Đ35 | PASS | Supports governed DOT/AI implementation. |
| Đ24 | PASS | No labels/entity-label mutation. |
Direction
Opus should patch P9-G8A-directus-roles-readiness-design.md to v0.3 using the Directus 11 Role→Policy→Permission model, upload to KB, and stop for GPT/User review. Do not start G8B, create roles, create policies, create permissions, provision tokens, create collections, or start G11/P9.