diff --git a/apps/web/messages/en.json b/apps/web/messages/en.json index 6a582821..21b8d063 100644 --- a/apps/web/messages/en.json +++ b/apps/web/messages/en.json @@ -2102,6 +2102,54 @@ "guard": "active runtime gates=0; action buttons=false" } } + }, + "hostOwnerDecisionRecordFormalCandidateReviewOutcomes": { + "title": "Host Owner Decision Record Formal Candidate Review Outcome Lanes", + "subtitle": "Formal candidate review outcome only shows next-step lanes after candidate review. This does not mark review passed, mark finalized, create decision records, mark accepted, create approval records, or open runtime gates.", + "laneLabel": "Outcome lane", + "nextLabel": "Next remains read-only", + "items": { + "readyForHumanRecordQueue": { + "title": "Ready for human record queue", + "body": "When candidate fields are readable, this can only show readiness for a human formal-record queue and does not create decision records.", + "next": "queue visible only; record created=false" + }, + "identityNeedsTrace": { + "title": "Record identity needs trace", + "body": "When candidate record id, version, owner, review scope, or trace source is missing, the item returns to identity trace collection.", + "next": "collect identity trace; review passed=0" + }, + "decisionSummaryNeedsClarification": { + "title": "Decision summary needs clarification", + "body": "When decision summary, risk acceptance boundary, or no-execution statement is unclear, the item remains a candidate.", + "next": "clarify decision summary; accepted=0" + }, + "scopeExpiryNeedsRefresh": { + "title": "Scope and expiry need refresh", + "body": "When host, network, service, exclusion, observation intent, or expiry is inconsistent, the item cannot enter a formal record.", + "next": "refresh scope / expiry; finalized=0" + }, + "scanLimitsAmbiguous": { + "title": "Scan limits remain ambiguous", + "body": "When active scan or credentialed scan limits could be misread, the lane stays locked as not authorized.", + "next": "clarify scan limits; scan authorized=false" + }, + "credentialBoundaryFailed": { + "title": "Credential boundary failed", + "body": "When credential metadata, retention, masking, or forbidden collection boundary is unclear, the lane remains quarantined.", + "next": "repair metadata-only boundary; secret collection=false" + }, + "maintenanceRollbackIncomplete": { + "title": "Maintenance and rollback incomplete", + "body": "When maintenance window, constraints, rollback owner, recovery path, or human contact is not traceable, approval semantics cannot be created.", + "next": "collect maintenance / rollback; host update=false" + }, + "runtimeGateStillRequired": { + "title": "Runtime gate still required", + "body": "Validation evidence or runtime gate pointer still requires a separate follow-up gate and cannot open from the outcome.", + "next": "active runtime gates=0; action buttons=false" + } + } } }, "tickets": { diff --git a/apps/web/messages/zh-TW.json b/apps/web/messages/zh-TW.json index 4d916e4b..8c202d43 100644 --- a/apps/web/messages/zh-TW.json +++ b/apps/web/messages/zh-TW.json @@ -2103,6 +2103,54 @@ "guard": "active runtime gates=0;action buttons=false" } } + }, + "hostOwnerDecisionRecordFormalCandidateReviewOutcomes": { + "title": "主機 Owner Decision Record Formal Candidate Review Outcome Lanes", + "subtitle": "Formal candidate review outcome 只呈現候選核對後的下一步分流。這裡不標記 review passed、不標記 finalized、不建立 decision record、不標記 accepted、不建立 approval record、不開 runtime gate。", + "laneLabel": "Outcome lane", + "nextLabel": "下一步仍只讀", + "items": { + "readyForHumanRecordQueue": { + "title": "Ready for human record queue", + "body": "候選欄位可讀時,只能顯示可送人工正式紀錄佇列,不會建立 decision record。", + "next": "queue visible only;record created=false" + }, + "identityNeedsTrace": { + "title": "Record identity needs trace", + "body": "candidate record id、版本、owner、review scope 或 trace source 不足時,回到身份追蹤補件。", + "next": "補 identity trace;review passed=0" + }, + "decisionSummaryNeedsClarification": { + "title": "Decision summary needs clarification", + "body": "decision summary、風險接受邊界或不執行聲明不清楚時,維持候選狀態。", + "next": "補 decision summary;accepted=0" + }, + "scopeExpiryNeedsRefresh": { + "title": "Scope and expiry need refresh", + "body": "host、network、service、exclusion、觀察目的或到期時間不一致時,不進入正式紀錄。", + "next": "補 scope / expiry;finalized=0" + }, + "scanLimitsAmbiguous": { + "title": "Scan limits remain ambiguous", + "body": "active scan 或 credentialed scan limits 可能被誤讀時,仍鎖在不授權狀態。", + "next": "補 scan limits;scan authorized=false" + }, + "credentialBoundaryFailed": { + "title": "Credential boundary failed", + "body": "credential metadata、retention、masking 或 forbidden collection 邊界不清楚時,直接隔離。", + "next": "補 metadata-only boundary;secret collection=false" + }, + "maintenanceRollbackIncomplete": { + "title": "Maintenance and rollback incomplete", + "body": "維護窗口、限制條件、rollback owner、復原路徑或人工聯絡點不可追時,不能建立批准語義。", + "next": "補 maintenance / rollback;host update=false" + }, + "runtimeGateStillRequired": { + "title": "Runtime gate still required", + "body": "validation evidence 或 runtime gate pointer 仍需要獨立 follow-up gate,不能由 outcome 開 gate。", + "next": "active runtime gates=0;action buttons=false" + } + } } }, "tickets": { diff --git a/apps/web/src/app/[locale]/iwooos/page.tsx b/apps/web/src/app/[locale]/iwooos/page.tsx index 5a98051a..533ef382 100644 --- a/apps/web/src/app/[locale]/iwooos/page.tsx +++ b/apps/web/src/app/[locale]/iwooos/page.tsx @@ -215,6 +215,13 @@ type HostOwnerDecisionRecordFormalCandidateReviewItem = { tone: 'steady' | 'warn' | 'locked' } +type HostOwnerDecisionRecordFormalCandidateReviewOutcomeLane = { + key: string + lane: string + icon: typeof ShieldCheck + tone: 'steady' | 'warn' | 'locked' +} + const postureMetrics: PostureMetric[] = [ { key: 'overall', value: '58%', tone: 'warn' }, { key: 'framework', value: '80-85%', tone: 'steady' }, @@ -506,6 +513,17 @@ const hostOwnerDecisionRecordFormalCandidateReviewItems: HostOwnerDecisionRecord { key: 'runtimeGateStillClosed', check: 'FR7', icon: ShieldCheck, tone: 'locked' }, ] +const hostOwnerDecisionRecordFormalCandidateReviewOutcomeLanes: HostOwnerDecisionRecordFormalCandidateReviewOutcomeLane[] = [ + { key: 'readyForHumanRecordQueue', lane: 'FV1', icon: CheckCircle2, tone: 'steady' }, + { key: 'identityNeedsTrace', lane: 'FV2', icon: FileText, tone: 'warn' }, + { key: 'decisionSummaryNeedsClarification', lane: 'FV3', icon: ClipboardCheck, tone: 'warn' }, + { key: 'scopeExpiryNeedsRefresh', lane: 'FV4', icon: Radar, tone: 'warn' }, + { key: 'scanLimitsAmbiguous', lane: 'FV5', icon: Activity, tone: 'locked' }, + { key: 'credentialBoundaryFailed', lane: 'FV6', icon: Lock, tone: 'locked' }, + { key: 'maintenanceRollbackIncomplete', lane: 'FV7', icon: Clock3, tone: 'warn' }, + { key: 'runtimeGateStillRequired', lane: 'FV8', icon: ShieldCheck, tone: 'locked' }, +] + const evidenceItems = [ 'iwooos-posture-projection.snapshot.json', 'security-rollout-policy.snapshot.json', @@ -1328,6 +1346,38 @@ function HostOwnerDecisionRecordFormalCandidateReviewCard({ ) } +function HostOwnerDecisionRecordFormalCandidateReviewOutcomeCard({ + item, +}: { + item: HostOwnerDecisionRecordFormalCandidateReviewOutcomeLane +}) { + const t = useTranslations('iwooos.hostOwnerDecisionRecordFormalCandidateReviewOutcomes') + const Icon = item.icon + return ( +
+
+
+ + {t('laneLabel')} +
+ {item.lane} +
+

+ {t(`items.${item.key}.title` as never)} +

+

+ {t(`items.${item.key}.body` as never)} +

+
+
{t('nextLabel')}
+
+ {t(`items.${item.key}.next` as never)} +
+
+
+ ) +} + export default function IwoooSPage({ params }: { params: { locale: string } }) { const t = useTranslations('iwooos') @@ -1800,6 +1850,26 @@ export default function IwoooSPage({ params }: { params: { locale: string } }) { +
+
+

{t('hostOwnerDecisionRecordFormalCandidateReviewOutcomes.title')}

+

+ {t('hostOwnerDecisionRecordFormalCandidateReviewOutcomes.subtitle')} +

+
+
+ {hostOwnerDecisionRecordFormalCandidateReviewOutcomeLanes.map(item => ( + + ))} +
+
+
None: "s2_31_iwooos_host_owner_decision_record_writeup_review_outcome_lanes", "s2_32_iwooos_host_owner_decision_record_formal_candidate_packets", "s2_33_iwooos_host_owner_decision_record_formal_candidate_review_checklist", + "s2_34_iwooos_host_owner_decision_record_formal_candidate_review_outcome_lanes", ] assert_equal( "progress_delta_ledger.delta_ids", @@ -528,6 +529,16 @@ def validate(root: Path) -> None: "host_decision_record_formal_candidate_maintenance_rollback_review_check", "host_decision_record_formal_candidate_runtime_gate_review_check", ] + expected_iwooos_host_owner_decision_record_formal_candidate_review_outcome_lane_ids = [ + "host_decision_record_formal_candidate_review_ready_for_record_queue_outcome_lane", + "host_decision_record_formal_candidate_review_identity_needs_trace_outcome_lane", + "host_decision_record_formal_candidate_review_summary_needs_clarification_outcome_lane", + "host_decision_record_formal_candidate_review_scope_expiry_needs_refresh_outcome_lane", + "host_decision_record_formal_candidate_review_scan_limits_ambiguous_outcome_lane", + "host_decision_record_formal_candidate_review_credential_boundary_failed_outcome_lane", + "host_decision_record_formal_candidate_review_maintenance_rollback_incomplete_outcome_lane", + "host_decision_record_formal_candidate_review_runtime_gate_required_outcome_lane", + ] assert_equal( "iwooos_projection.summary.frontend_surface_coverage_group_count", iwooos_projection["summary"]["frontend_surface_coverage_group_count"], @@ -648,6 +659,11 @@ def validate(root: Path) -> None: iwooos_projection["summary"]["host_owner_decision_record_formal_candidate_review_checklist_item_count"], len(expected_iwooos_host_owner_decision_record_formal_candidate_review_checklist_item_ids), ) + assert_equal( + "iwooos_projection.summary.host_owner_decision_record_formal_candidate_review_outcome_lane_count", + iwooos_projection["summary"]["host_owner_decision_record_formal_candidate_review_outcome_lane_count"], + len(expected_iwooos_host_owner_decision_record_formal_candidate_review_outcome_lane_ids), + ) iwooos_progress = iwooos_projection["progress"] assert_equal("iwooos_projection.progress.overall_percent", iwooos_progress["overall_percent"], progress["overall_percent"]) assert_equal( @@ -2250,6 +2266,92 @@ def validate(root: Path) -> None: f"iwooos_projection.host_owner_decision_record_formal_candidate_review_checklist_items.{item['check_id']}.not_authorization", item["not_authorization"], ) + iwooos_host_owner_decision_record_formal_candidate_review_outcome_lanes = iwooos_projection[ + "host_owner_decision_record_formal_candidate_review_outcome_lanes" + ] + assert_equal( + "iwooos_projection.host_owner_decision_record_formal_candidate_review_outcome_lanes.ids", + [item["lane_id"] for item in iwooos_host_owner_decision_record_formal_candidate_review_outcome_lanes], + expected_iwooos_host_owner_decision_record_formal_candidate_review_outcome_lane_ids, + ) + assert_equal( + "iwooos_projection.host_owner_decision_record_formal_candidate_review_outcome_lanes.display_order", + [item["display_order"] for item in iwooos_host_owner_decision_record_formal_candidate_review_outcome_lanes], + list(range(1, len(expected_iwooos_host_owner_decision_record_formal_candidate_review_outcome_lane_ids) + 1)), + ) + expected_iwooos_host_owner_decision_record_formal_candidate_review_outcome_states = [ + "ready_for_separate_human_record_queue", + "record_identity_trace_missing", + "decision_summary_needs_clarification", + "scope_expiry_needs_refresh", + "scan_limits_ambiguous_not_authorization", + "credential_boundary_failed", + "maintenance_rollback_incomplete", + "waiting_separate_runtime_gate", + ] + assert_equal( + "iwooos_projection.host_owner_decision_record_formal_candidate_review_outcome_lanes.outcome_states", + [item["outcome_state"] for item in iwooos_host_owner_decision_record_formal_candidate_review_outcome_lanes], + expected_iwooos_host_owner_decision_record_formal_candidate_review_outcome_states, + ) + for item in iwooos_host_owner_decision_record_formal_candidate_review_outcome_lanes: + assert_equal( + f"iwooos_projection.host_owner_decision_record_formal_candidate_review_outcome_lanes.{item['lane_id']}.display_mode", + item["display_mode"], + "owner_decision_record_formal_candidate_review_outcome_only", + ) + assert_equal( + f"iwooos_projection.host_owner_decision_record_formal_candidate_review_outcome_lanes.{item['lane_id']}.formal_record_candidate_review_passed_count", + item["formal_record_candidate_review_passed_count"], + 0, + ) + assert_equal( + f"iwooos_projection.host_owner_decision_record_formal_candidate_review_outcome_lanes.{item['lane_id']}.formal_record_candidate_finalized_count", + item["formal_record_candidate_finalized_count"], + 0, + ) + assert_false( + f"iwooos_projection.host_owner_decision_record_formal_candidate_review_outcome_lanes.{item['lane_id']}.decision_record_created", + item["decision_record_created"], + ) + assert_equal( + f"iwooos_projection.host_owner_decision_record_formal_candidate_review_outcome_lanes.{item['lane_id']}.owner_decision_received_count", + item["owner_decision_received_count"], + 0, + ) + assert_equal( + f"iwooos_projection.host_owner_decision_record_formal_candidate_review_outcome_lanes.{item['lane_id']}.owner_decision_accepted_count", + item["owner_decision_accepted_count"], + 0, + ) + assert_false( + f"iwooos_projection.host_owner_decision_record_formal_candidate_review_outcome_lanes.{item['lane_id']}.owner_approval_record_created", + item["owner_approval_record_created"], + ) + assert_false( + f"iwooos_projection.host_owner_decision_record_formal_candidate_review_outcome_lanes.{item['lane_id']}.runtime_gate_opened", + item["runtime_gate_opened"], + ) + assert_false( + f"iwooos_projection.host_owner_decision_record_formal_candidate_review_outcome_lanes.{item['lane_id']}.raw_payload_allowed", + item["raw_payload_allowed"], + ) + assert_false( + f"iwooos_projection.host_owner_decision_record_formal_candidate_review_outcome_lanes.{item['lane_id']}.secret_value_collection_allowed", + item["secret_value_collection_allowed"], + ) + assert_false( + f"iwooos_projection.host_owner_decision_record_formal_candidate_review_outcome_lanes.{item['lane_id']}.runtime_execution_authorized", + item["runtime_execution_authorized"], + ) + assert_false( + f"iwooos_projection.host_owner_decision_record_formal_candidate_review_outcome_lanes.{item['lane_id']}.action_buttons_allowed", + item["action_buttons_allowed"], + ) + assert_true( + f"iwooos_projection.host_owner_decision_record_formal_candidate_review_outcome_lanes.{item['lane_id']}.not_authorization", + item["not_authorization"], + ) assert_equal( "iwooos_projection.non_blocking_lane_ids", iwooos_projection["non_blocking_lane_ids"], @@ -2292,6 +2394,7 @@ def validate(root: Path) -> None: "display_host_owner_decision_record_writeup_review_outcome_lanes", "display_host_owner_decision_record_formal_candidate_packets", "display_host_owner_decision_record_formal_candidate_review_checklist", + "display_host_owner_decision_record_formal_candidate_review_outcome_lanes", "display_evidence_refs", "display_forbidden_actions", ]: @@ -2377,6 +2480,11 @@ def validate(root: Path) -> None: "mark_host_owner_decision_record_formal_candidate_review_finalized", "create_host_owner_decision_record_from_formal_candidate_review", "open_runtime_gate_from_owner_decision_record_formal_candidate_review", + "treat_host_owner_decision_record_formal_candidate_review_outcome_as_approval", + "mark_host_owner_decision_record_formal_candidate_review_outcome_passed", + "mark_host_owner_decision_record_formal_candidate_review_outcome_finalized", + "create_host_owner_decision_record_from_formal_candidate_review_outcome", + "open_runtime_gate_from_owner_decision_record_formal_candidate_review_outcome", "apply_runtime_blocking_control", "switch_github_primary", "production_deploy",