{ "metadata": { "generated_at": "2026-05-26T18:04:21+08:00", "source_reports": [ "/root/.openclaw/workspace/talent-review-system/docs/roadmap/ALGORITHM_CONTROLLED_REFACTOR_GATE_REGISTRY_APPLY_PREP.md", "/root/.openclaw/workspace/talent-review-system/docs/roadmap/algorithm_controlled_refactor_gate_registry_apply_prep.json", "/root/.openclaw/workspace/talent-review-system/docs/roadmap/ALGORITHM_CONTROLLED_REFACTOR_GATE_DESIGN.md", "/root/.openclaw/workspace/talent-review-system/docs/roadmap/algorithm_controlled_refactor_gate_design.json", "/var/www/talent-review/outputs/algorithm_config_center_summary_v1.json", "/var/www/talent-review/outputs/algorithm_schema_registry_v1.json", "/var/www/talent-review/outputs/algorithm_permission_policy_registry_v1.json", "/var/www/talent-review/outputs/algorithm_hardcoded_rules_registry_v1.json", "/var/www/talent-review/outputs/algorithm_impact_registry_v1.json", "/var/www/talent-review/outputs/algorithm_shadow_validation_sample_pack_v1.json", "/var/www/talent-review/outputs/algorithm_shadow_validation_registry_v1.json" ], "stage": "P0_ALGORITHM_CONTROLLED_REFACTOR_GATE_REGISTRY", "purpose": "沉淀算法 controlled refactor gate 的适用范围、前置条件、输入模型、输出模型、状态机、强阻断条件、候选条件、分阶段路线、registry 关系和 validation rules。", "warning": "Readonly registry only. It does not execute refactor, algorithm, shadow validation, permission apply, Feishu writeback, or production switch.", "gate_design_only": true, "executes_refactor": false, "executes_algorithm": false, "executes_shadow_validation": false, "writes_database": false, "modifies_code": false, "replaces_hardcoded_logic": false, "modifies_active_algorithm": false, "modifies_assessment_results": false, "modifies_profile_or_cadre": false, "modifies_org_capability_score": false, "modifies_people_action": false, "expands_permission": false, "generates_business_effective_conclusion": false, "feishu_writeback_required": false }, "registry_summary": { "gate_applicability_action_count": 14, "prerequisite_group_count": 8, "gate_input_field_count": 24, "gate_output_field_count": 18, "gate_state_count": 12, "blocking_condition_count": 21, "controlled_refactor_candidate_condition_count": 16, "phase_count": 5, "linked_algorithm_schema_registry": "/outputs/algorithm_schema_registry_v1.json", "linked_algorithm_permission_policy_registry": "/outputs/algorithm_permission_policy_registry_v1.json", "linked_algorithm_hardcoded_rules_registry": "/outputs/algorithm_hardcoded_rules_registry_v1.json", "linked_algorithm_impact_registry": "/outputs/algorithm_impact_registry_v1.json", "linked_algorithm_shadow_validation_sample_pack": "/outputs/algorithm_shadow_validation_sample_pack_v1.json", "linked_algorithm_shadow_validation_registry": "/outputs/algorithm_shadow_validation_registry_v1.json" }, "gate_applicability": [ { "applicability_id": "hardcoded_algorithm_logic_replacement", "action_type": "replace_hardcoded_logic", "description": "替换任何 hardcoded algorithm logic", "why_gate_required": "会改变既有算法结果与解释边界,必须先通过 schema、impact、shadow validation、审批、审计与回滚 gate。", "high_risk_default": true, "direct_apply_allowed": false, "required_gate_mode": "controlled_refactor_gate", "required_registries": [ "/outputs/algorithm_schema_registry_v1.json", "/outputs/algorithm_permission_policy_registry_v1.json", "/outputs/algorithm_hardcoded_rules_registry_v1.json", "/outputs/algorithm_impact_registry_v1.json", "/outputs/algorithm_shadow_validation_registry_v1.json" ], "required_reviews": [ "HR review", "risk owner review" ], "required_approvals": [ "Boss / Executive approval for high risk", "Permission Admin if permission affected", "Security / Audit if critical or external affected" ] }, { "applicability_id": "registry_logic_execution_path_connection", "action_type": "connect_registry_runtime", "description": "将 registry 逻辑接入实际算法执行路径", "why_gate_required": "会让 registry 从治理资产进入运行路径,必须阻断绕过 shadow validation 的接入。", "high_risk_default": true, "direct_apply_allowed": false, "required_gate_mode": "controlled_refactor_gate", "required_registries": [ "/outputs/algorithm_schema_registry_v1.json", "/outputs/algorithm_permission_policy_registry_v1.json", "/outputs/algorithm_hardcoded_rules_registry_v1.json", "/outputs/algorithm_impact_registry_v1.json", "/outputs/algorithm_shadow_validation_registry_v1.json" ], "required_reviews": [ "HR review", "risk owner review" ], "required_approvals": [ "Boss / Executive approval for high risk", "Permission Admin if permission affected", "Security / Audit if critical or external affected" ] }, { "applicability_id": "active_algorithm_config_change", "action_type": "modify_active_algorithm_config", "description": "修改 active algorithm config", "why_gate_required": "会影响线上算法引用和结果解释,必须先审批与可回滚。", "high_risk_default": true, "direct_apply_allowed": false, "required_gate_mode": "controlled_apply_gate", "required_registries": [ "/outputs/algorithm_schema_registry_v1.json", "/outputs/algorithm_permission_policy_registry_v1.json", "/outputs/algorithm_hardcoded_rules_registry_v1.json", "/outputs/algorithm_impact_registry_v1.json", "/outputs/algorithm_shadow_validation_registry_v1.json" ], "required_reviews": [ "HR review", "risk owner review" ], "required_approvals": [ "Boss / Executive approval for high risk", "Permission Admin if permission affected", "Security / Audit if critical or external affected" ] }, { "applicability_id": "weight_threshold_nine_box_veto_change", "action_type": "modify_weight_threshold_nine_box_veto", "description": "修改权重、阈值、九宫格、一票否决", "why_gate_required": "会影响分数、格位、一票否决和推荐动作,默认高风险。", "high_risk_default": true, "direct_apply_allowed": false, "required_gate_mode": "controlled_refactor_gate", "required_registries": [ "/outputs/algorithm_schema_registry_v1.json", "/outputs/algorithm_permission_policy_registry_v1.json", "/outputs/algorithm_hardcoded_rules_registry_v1.json", "/outputs/algorithm_impact_registry_v1.json", "/outputs/algorithm_shadow_validation_registry_v1.json" ], "required_reviews": [ "HR review", "risk owner review" ], "required_approvals": [ "Boss / Executive approval for high risk", "Permission Admin if permission affected", "Security / Audit if critical or external affected" ] }, { "applicability_id": "talent_review_tag_rule_change", "action_type": "modify_talent_review_tag_rule", "description": "修改 Talent Review 标签规则", "why_gate_required": "会影响人才标签和业务解释,需 HR 复核与影响预览。", "high_risk_default": true, "direct_apply_allowed": false, "required_gate_mode": "controlled_refactor_gate", "required_registries": [ "/outputs/algorithm_schema_registry_v1.json", "/outputs/algorithm_permission_policy_registry_v1.json", "/outputs/algorithm_hardcoded_rules_registry_v1.json", "/outputs/algorithm_impact_registry_v1.json", "/outputs/algorithm_shadow_validation_registry_v1.json" ], "required_reviews": [ "HR review", "risk owner review" ], "required_approvals": [ "Boss / Executive approval for high risk", "Permission Admin if permission affected", "Security / Audit if critical or external affected" ] }, { "applicability_id": "risk_tag_rule_change", "action_type": "modify_risk_tag_rule", "description": "修改风险标签规则", "why_gate_required": "会影响风险识别、干部与组织能力判断,需影响预览。", "high_risk_default": true, "direct_apply_allowed": false, "required_gate_mode": "controlled_refactor_gate", "required_registries": [ "/outputs/algorithm_schema_registry_v1.json", "/outputs/algorithm_permission_policy_registry_v1.json", "/outputs/algorithm_hardcoded_rules_registry_v1.json", "/outputs/algorithm_impact_registry_v1.json", "/outputs/algorithm_shadow_validation_registry_v1.json" ], "required_reviews": [ "HR review", "risk owner review" ], "required_approvals": [ "Boss / Executive approval for high risk", "Permission Admin if permission affected", "Security / Audit if critical or external affected" ] }, { "applicability_id": "recommended_action_rule_change", "action_type": "modify_recommended_action_rule", "description": "修改推荐动作规则", "why_gate_required": "会影响晋升、培养、保留、调岗等建议,需 HR/Boss 复核。", "high_risk_default": true, "direct_apply_allowed": false, "required_gate_mode": "controlled_refactor_gate", "required_registries": [ "/outputs/algorithm_schema_registry_v1.json", "/outputs/algorithm_permission_policy_registry_v1.json", "/outputs/algorithm_hardcoded_rules_registry_v1.json", "/outputs/algorithm_impact_registry_v1.json", "/outputs/algorithm_shadow_validation_registry_v1.json" ], "required_reviews": [ "HR review", "risk owner review" ], "required_approvals": [ "Boss / Executive approval for high risk", "Permission Admin if permission affected", "Security / Audit if critical or external affected" ] }, { "applicability_id": "result_mapping_change", "action_type": "modify_result_mapping", "description": "修改结果映射", "why_gate_required": "会改变测评结果进入画像、干部、组织能力、人事动作和权限信号的路径。", "high_risk_default": true, "direct_apply_allowed": false, "required_gate_mode": "controlled_refactor_gate", "required_registries": [ "/outputs/algorithm_schema_registry_v1.json", "/outputs/algorithm_permission_policy_registry_v1.json", "/outputs/algorithm_hardcoded_rules_registry_v1.json", "/outputs/algorithm_impact_registry_v1.json", "/outputs/algorithm_shadow_validation_registry_v1.json" ], "required_reviews": [ "HR review", "risk owner review" ], "required_approvals": [ "Boss / Executive approval for high risk", "Permission Admin if permission affected", "Security / Audit if critical or external affected" ] }, { "applicability_id": "org_capability_scoring_change", "action_type": "modify_org_capability_scoring", "description": "修改组织能力评分规则", "why_gate_required": "会影响组织健康和 critical 风险评分。", "high_risk_default": true, "direct_apply_allowed": false, "required_gate_mode": "controlled_refactor_gate", "required_registries": [ "/outputs/algorithm_schema_registry_v1.json", "/outputs/algorithm_permission_policy_registry_v1.json", "/outputs/algorithm_hardcoded_rules_registry_v1.json", "/outputs/algorithm_impact_registry_v1.json", "/outputs/algorithm_shadow_validation_registry_v1.json" ], "required_reviews": [ "HR review", "risk owner review" ], "required_approvals": [ "Boss / Executive approval for high risk", "Permission Admin if permission affected", "Security / Audit if critical or external affected" ] }, { "applicability_id": "people_action_constraint_change", "action_type": "modify_people_action_constraint", "description": "修改人事动作约束", "why_gate_required": "会影响晋升、调岗、转正、淘汰、干部任用和组织画布约束。", "high_risk_default": true, "direct_apply_allowed": false, "required_gate_mode": "controlled_apply_gate", "required_registries": [ "/outputs/algorithm_schema_registry_v1.json", "/outputs/algorithm_permission_policy_registry_v1.json", "/outputs/algorithm_hardcoded_rules_registry_v1.json", "/outputs/algorithm_impact_registry_v1.json", "/outputs/algorithm_shadow_validation_registry_v1.json" ], "required_reviews": [ "HR review", "risk owner review" ], "required_approvals": [ "Boss / Executive approval for high risk", "Permission Admin if permission affected", "Security / Audit if critical or external affected" ] }, { "applicability_id": "permission_signal_mapping_change", "action_type": "modify_permission_signal_mapping", "description": "修改权限信号映射", "why_gate_required": "会影响字段可见性、动作权限和 reviewer scope。", "high_risk_default": true, "direct_apply_allowed": false, "required_gate_mode": "controlled_refactor_gate", "required_registries": [ "/outputs/algorithm_schema_registry_v1.json", "/outputs/algorithm_permission_policy_registry_v1.json", "/outputs/algorithm_hardcoded_rules_registry_v1.json", "/outputs/algorithm_impact_registry_v1.json", "/outputs/algorithm_shadow_validation_registry_v1.json" ], "required_reviews": [ "HR review", "risk owner review" ], "required_approvals": [ "Boss / Executive approval for high risk", "Permission Admin if permission affected", "Security / Audit if critical or external affected" ] }, { "applicability_id": "external_or_feishu_mapping_change", "action_type": "modify_external_or_feishu_mapping", "description": "修改 external mapping / Feishu writeback mapping", "why_gate_required": "会影响外部系统映射和潜在反写,需 Security/Audit。", "high_risk_default": true, "direct_apply_allowed": false, "required_gate_mode": "controlled_apply_gate", "required_registries": [ "/outputs/algorithm_schema_registry_v1.json", "/outputs/algorithm_permission_policy_registry_v1.json", "/outputs/algorithm_hardcoded_rules_registry_v1.json", "/outputs/algorithm_impact_registry_v1.json", "/outputs/algorithm_shadow_validation_registry_v1.json" ], "required_reviews": [ "HR review", "risk owner review" ], "required_approvals": [ "Boss / Executive approval for high risk", "Permission Admin if permission affected", "Security / Audit if critical or external affected" ] }, { "applicability_id": "business_effective_impact_change", "action_type": "business_effective_impact", "description": "任何可能影响 business-effective 结论的算法变更", "why_gate_required": "涉及正式结论边界,不能基于 preview 自动生效。", "high_risk_default": true, "direct_apply_allowed": false, "required_gate_mode": "controlled_apply_gate", "required_registries": [ "/outputs/algorithm_schema_registry_v1.json", "/outputs/algorithm_permission_policy_registry_v1.json", "/outputs/algorithm_hardcoded_rules_registry_v1.json", "/outputs/algorithm_impact_registry_v1.json", "/outputs/algorithm_shadow_validation_registry_v1.json" ], "required_reviews": [ "HR review", "risk owner review" ], "required_approvals": [ "Boss / Executive approval for high risk", "Permission Admin if permission affected", "Security / Audit if critical or external affected" ] }, { "applicability_id": "cadre_validation_org_canvas_people_action_impact_change", "action_type": "cadre_org_canvas_people_action_impact", "description": "任何可能影响干部 validation、组织画布或人事动作的算法变更", "why_gate_required": "涉及干部档案、组织动作和人事约束,默认 critical。", "high_risk_default": true, "direct_apply_allowed": false, "required_gate_mode": "controlled_apply_gate", "required_registries": [ "/outputs/algorithm_schema_registry_v1.json", "/outputs/algorithm_permission_policy_registry_v1.json", "/outputs/algorithm_hardcoded_rules_registry_v1.json", "/outputs/algorithm_impact_registry_v1.json", "/outputs/algorithm_shadow_validation_registry_v1.json" ], "required_reviews": [ "HR review", "risk owner review" ], "required_approvals": [ "Boss / Executive approval for high risk", "Permission Admin if permission affected", "Security / Audit if critical or external affected" ] } ], "prerequisites": [ { "prerequisite_id": "schema_registry_ready", "prerequisite_name": "Schema Registry Ready", "required_evidence": [ "algorithm schema registry exists", "target schema object specified", "target schema mapping completed" ], "blocking_if_missing": true, "validation_method": "JSON load and target_schema_object check", "related_registry": "/outputs/algorithm_schema_registry_v1.json", "exit_criteria": "目标 schema object 与 mapping 完整。" }, { "prerequisite_id": "permission_policy_ready", "prerequisite_name": "Permission Policy Ready", "required_evidence": [ "permission policy registry exists", "field sensitivity specified", "role policy specified", "high risk approval roles specified" ], "blocking_if_missing": true, "validation_method": "JSON load and policy count check", "related_registry": "/outputs/algorithm_permission_policy_registry_v1.json", "exit_criteria": "字段敏感级别、角色、审批边界完整。" }, { "prerequisite_id": "hardcoded_registry_ready", "prerequisite_name": "Hardcoded Registry Ready", "required_evidence": [ "hardcoded rules registry exists", "hardcoded type classified", "direct_refactor_allowed=false", "target schema object specified" ], "blocking_if_missing": true, "validation_method": "JSON load and direct_refactor_allowed check", "related_registry": "/outputs/algorithm_hardcoded_rules_registry_v1.json", "exit_criteria": "硬编码类型已分类且禁止直接替换。" }, { "prerequisite_id": "impact_preview_ready", "prerequisite_name": "Impact Preview Ready", "required_evidence": [ "impact registry exists", "impact dimensions evaluated", "risk level assigned", "critical risk detectable" ], "blocking_if_missing": true, "validation_method": "JSON load and impact model check", "related_registry": "/outputs/algorithm_impact_registry_v1.json", "exit_criteria": "影响维度、风险等级和 gate rule 明确。" }, { "prerequisite_id": "shadow_validation_ready", "prerequisite_name": "Shadow Validation Ready", "required_evidence": [ "sample pack exists", "shadow validation registry exists", "planned or verified safe samples defined", "pass and blocking criteria defined" ], "blocking_if_missing": true, "validation_method": "JSON load and sample/diff count check", "related_registry": [ "/outputs/algorithm_shadow_validation_sample_pack_v1.json", "/outputs/algorithm_shadow_validation_registry_v1.json" ], "exit_criteria": "样本、diff、通过和阻断标准完整。" }, { "prerequisite_id": "approval_ready", "prerequisite_name": "Approval Ready", "required_evidence": [ "HR review rule", "Boss / Executive approval rule", "Permission Admin review if permission affected", "Security / Audit review if critical or external affected" ], "blocking_if_missing": true, "validation_method": "approval chain reference check", "related_registry": "/outputs/algorithm_permission_policy_registry_v1.json", "exit_criteria": "审批链完整。" }, { "prerequisite_id": "rollback_ready", "prerequisite_name": "Rollback Ready", "required_evidence": [ "rollback plan", "rollback target", "rollback owner", "rollback acceptance checks" ], "blocking_if_missing": true, "validation_method": "rollback plan reference required", "related_registry": "future rollback plan", "exit_criteria": "回滚目标、owner 和验收方式清晰。" }, { "prerequisite_id": "audit_ready", "prerequisite_name": "Audit Ready", "required_evidence": [ "audit fields", "change reason", "diff summary", "reviewer approver applier records" ], "blocking_if_missing": true, "validation_method": "audit reference required", "related_registry": "future audit record", "exit_criteria": "审计字段、原因、diff、复核/审批/执行记录完整。" } ], "gate_input_model": [ { "field": "gate_id", "type": "string", "required": true }, { "field": "refactor_candidate_id", "type": "string", "required": true }, { "field": "source_asset_id", "type": "string", "required": true }, { "field": "source_hardcoded_type", "type": "string", "required": true }, { "field": "target_schema_object", "type": "string", "required": true }, { "field": "target_registry_object", "type": "string", "required": true }, { "field": "proposed_change_summary", "type": "object", "required": true }, { "field": "legacy_logic_reference", "type": "string", "required": true }, { "field": "registry_logic_reference", "type": "string", "required": true }, { "field": "affected_algorithm_type", "type": "array", "required": true }, { "field": "affected_centers", "type": "array", "required": true }, { "field": "impact_preview_ref", "type": "string", "required": true }, { "field": "shadow_validation_ref", "type": "string", "required": true }, { "field": "sample_pack_ref", "type": "string", "required": true }, { "field": "permission_policy_ref", "type": "string", "required": true }, { "field": "rollback_plan_ref", "type": "string", "required": true }, { "field": "audit_ref", "type": "string", "required": true }, { "field": "requested_by", "type": "string", "required": true }, { "field": "review_roles", "type": "array", "required": true }, { "field": "approval_roles", "type": "array", "required": true }, { "field": "risk_level", "type": "enum", "allowed_values": [ "low", "medium", "high", "critical" ], "required": true }, { "field": "gate_mode", "type": "enum", "allowed_values": [ "design_only", "dry_run_gate", "controlled_apply_gate" ], "required": true }, { "field": "business_effective_requested", "type": "boolean", "required": true, "must_be_false_in_p0": true }, { "field": "feishu_writeback_requested", "type": "boolean", "required": true, "must_be_false_in_p0": true } ], "gate_output_model": [ { "field": "gate_id", "type": "string" }, { "field": "gate_status", "type": "enum", "allowed_values": [ "blocked", "review_required", "approved_for_dry_run", "approved_for_shadow_parallel", "approved_for_controlled_refactor" ] }, { "field": "blocking_reasons", "type": "array" }, { "field": "required_reviews", "type": "array" }, { "field": "required_approvals", "type": "array" }, { "field": "risk_level", "type": "enum", "allowed_values": [ "low", "medium", "high", "critical" ] }, { "field": "shadow_validation_required", "type": "boolean" }, { "field": "additional_sample_required", "type": "boolean" }, { "field": "permission_approval_required", "type": "boolean" }, { "field": "boss_approval_required", "type": "boolean" }, { "field": "security_audit_required", "type": "boolean" }, { "field": "rollback_required", "type": "boolean" }, { "field": "audit_required", "type": "boolean" }, { "field": "allowed_next_action", "type": "array" }, { "field": "forbidden_actions", "type": "array" }, { "field": "expiry_time", "type": "datetime" }, { "field": "generated_at", "type": "datetime" }, { "field": "generated_by", "type": "string" } ], "gate_state_machine": [ { "state_id": "draft_refactor_candidate", "state_name": "Draft Refactor Candidate", "entry_conditions": [ "候选被提出但证据未完整。" ], "exit_conditions": [ "补齐输入模型与 registry 引用。" ], "allowed_actions": [ "edit_design_metadata" ], "forbidden_actions": [ "execute_algorithm", "replace_logic", "modify_active" ], "writes_database_allowed": false, "executes_algorithm_allowed": false, "modifies_active_allowed": false, "business_effective_allowed": false }, { "state_id": "impact_preview_required", "state_name": "Impact Preview Required", "entry_conditions": [ "候选涉及任何算法结果、权限或业务边界。" ], "exit_conditions": [ "完成 impact preview。" ], "allowed_actions": [ "prepare_impact_preview" ], "forbidden_actions": [ "apply_change", "write_results" ], "writes_database_allowed": false, "executes_algorithm_allowed": false, "modifies_active_allowed": false, "business_effective_allowed": false }, { "state_id": "shadow_validation_required", "state_name": "Shadow Validation Required", "entry_conditions": [ "涉及硬编码替换、权重、阈值、结果映射或高风险对象。" ], "exit_conditions": [ "完成 shadow validation 设计或未来授权校验。" ], "allowed_actions": [ "prepare_shadow_validation" ], "forbidden_actions": [ "replace_logic_directly" ], "writes_database_allowed": false, "executes_algorithm_allowed": false, "modifies_active_allowed": false, "business_effective_allowed": false }, { "state_id": "manual_review_required", "state_name": "Manual Review Required", "entry_conditions": [ "存在业务口径或解释差异。" ], "exit_conditions": [ "HR / Business Owner 确认。" ], "allowed_actions": [ "manual_review" ], "forbidden_actions": [ "auto_approve" ], "writes_database_allowed": false, "executes_algorithm_allowed": false, "modifies_active_allowed": false, "business_effective_allowed": false }, { "state_id": "permission_review_required", "state_name": "Permission Review Required", "entry_conditions": [ "涉及字段可见性、动作权限或权限信号。" ], "exit_conditions": [ "Permission Admin 复核。" ], "allowed_actions": [ "permission_review" ], "forbidden_actions": [ "permission_expansion_without_review" ], "writes_database_allowed": false, "executes_algorithm_allowed": false, "modifies_active_allowed": false, "business_effective_allowed": false }, { "state_id": "boss_approval_required", "state_name": "Boss Approval Required", "entry_conditions": [ "涉及干部、晋升、一票否决、九宫格关键格位、组织能力或人事动作。" ], "exit_conditions": [ "Boss / Executive 审批。" ], "allowed_actions": [ "executive_review" ], "forbidden_actions": [ "system_admin_single_apply" ], "writes_database_allowed": false, "executes_algorithm_allowed": false, "modifies_active_allowed": false, "business_effective_allowed": false }, { "state_id": "security_audit_required", "state_name": "Security Audit Required", "entry_conditions": [ "涉及 critical 字段、外部映射、飞书或敏感数据。" ], "exit_conditions": [ "Security / Audit 复核。" ], "allowed_actions": [ "security_audit" ], "forbidden_actions": [ "expose_sensitive_payload", "feishu_writeback" ], "writes_database_allowed": false, "executes_algorithm_allowed": false, "modifies_active_allowed": false, "business_effective_allowed": false }, { "state_id": "rollback_plan_required", "state_name": "Rollback Plan Required", "entry_conditions": [ "候选可能进入 controlled refactor。" ], "exit_conditions": [ "回滚计划完整。" ], "allowed_actions": [ "prepare_rollback_plan" ], "forbidden_actions": [ "refactor_without_rollback" ], "writes_database_allowed": false, "executes_algorithm_allowed": false, "modifies_active_allowed": false, "business_effective_allowed": false }, { "state_id": "blocked", "state_name": "Blocked", "entry_conditions": [ "命中强阻断条件。" ], "exit_conditions": [ "阻断条件解决后重新进入 gate。" ], "allowed_actions": [ "revise_candidate" ], "forbidden_actions": [ "apply_change", "execute_algorithm", "generate_business_effective" ], "writes_database_allowed": false, "executes_algorithm_allowed": false, "modifies_active_allowed": false, "business_effective_allowed": false }, { "state_id": "approved_for_dry_run", "state_name": "Approved For Dry-run", "entry_conditions": [ "输入完整且未请求业务生效。" ], "exit_conditions": [ "dry-run gate 通过。" ], "allowed_actions": [ "dry_run_integrity_check" ], "forbidden_actions": [ "write_database", "modify_active" ], "writes_database_allowed": false, "executes_algorithm_allowed": false, "modifies_active_allowed": false, "business_effective_allowed": false }, { "state_id": "approved_for_shadow_parallel", "state_name": "Approved For Shadow Parallel", "entry_conditions": [ "样本安全、审批链和回滚边界齐备。" ], "exit_conditions": [ "shadow parallel diff 达标。" ], "allowed_actions": [ "shadow_parallel_future" ], "forbidden_actions": [ "switch_production_read_path" ], "writes_database_allowed": false, "executes_algorithm_allowed": false, "modifies_active_allowed": false, "business_effective_allowed": false }, { "state_id": "approved_for_controlled_refactor_candidate", "state_name": "Approved For Controlled Refactor Candidate", "entry_conditions": [ "低风险或可解释差异且审批、审计、回滚完整。" ], "exit_conditions": [ "另开 controlled refactor apply gate。" ], "allowed_actions": [ "prepare_controlled_refactor_candidate" ], "forbidden_actions": [ "auto_production_switch", "business_effective_from_preview" ], "writes_database_allowed": false, "executes_algorithm_allowed": false, "modifies_active_allowed": false, "business_effective_allowed": false } ], "blocking_conditions": [ { "condition_id": "unresolved_critical_diff", "description": "unresolved critical diff", "blocking_level": "critical", "required_resolution": "Resolve evidence, approval, validation, rollback, or audit gap before any controlled refactor candidate can proceed.", "allowed_next_action": "blocked_until_resolved" }, { "condition_id": "one_vote_veto_diff", "description": "one vote veto diff", "blocking_level": "critical", "required_resolution": "Resolve evidence, approval, validation, rollback, or audit gap before any controlled refactor candidate can proceed.", "allowed_next_action": "blocked_until_resolved" }, { "condition_id": "key_nine_box_position_diff", "description": "key nine box position diff", "blocking_level": "critical", "required_resolution": "Resolve evidence, approval, validation, rollback, or audit gap before any controlled refactor candidate can proceed.", "allowed_next_action": "blocked_until_resolved" }, { "condition_id": "cadre_validation_diff", "description": "cadre validation diff", "blocking_level": "critical", "required_resolution": "Resolve evidence, approval, validation, rollback, or audit gap before any controlled refactor candidate can proceed.", "allowed_next_action": "blocked_until_resolved" }, { "condition_id": "people_action_constraint_diff", "description": "people action constraint diff", "blocking_level": "critical", "required_resolution": "Resolve evidence, approval, validation, rollback, or audit gap before any controlled refactor candidate can proceed.", "allowed_next_action": "blocked_until_resolved" }, { "condition_id": "org_canvas_constraint_diff", "description": "org canvas constraint diff", "blocking_level": "critical", "required_resolution": "Resolve evidence, approval, validation, rollback, or audit gap before any controlled refactor candidate can proceed.", "allowed_next_action": "blocked_until_resolved" }, { "condition_id": "org_capability_critical_score_diff", "description": "org capability critical score diff", "blocking_level": "critical", "required_resolution": "Resolve evidence, approval, validation, rollback, or audit gap before any controlled refactor candidate can proceed.", "allowed_next_action": "blocked_until_resolved" }, { "condition_id": "permission_signal_diff", "description": "permission signal diff", "blocking_level": "critical", "required_resolution": "Resolve evidence, approval, validation, rollback, or audit gap before any controlled refactor candidate can proceed.", "allowed_next_action": "blocked_until_resolved" }, { "condition_id": "critical_field_exposure_risk", "description": "critical field exposure risk", "blocking_level": "critical", "required_resolution": "Resolve evidence, approval, validation, rollback, or audit gap before any controlled refactor candidate can proceed.", "allowed_next_action": "blocked_until_resolved" }, { "condition_id": "business_effective_risk", "description": "business effective risk", "blocking_level": "critical", "required_resolution": "Resolve evidence, approval, validation, rollback, or audit gap before any controlled refactor candidate can proceed.", "allowed_next_action": "blocked_until_resolved" }, { "condition_id": "external_or_feishu_mapping_risk", "description": "external or feishu mapping risk", "blocking_level": "critical", "required_resolution": "Resolve evidence, approval, validation, rollback, or audit gap before any controlled refactor candidate can proceed.", "allowed_next_action": "blocked_until_resolved" }, { "condition_id": "missing_shadow_validation", "description": "missing shadow validation", "blocking_level": "critical", "required_resolution": "Resolve evidence, approval, validation, rollback, or audit gap before any controlled refactor candidate can proceed.", "allowed_next_action": "blocked_until_resolved" }, { "condition_id": "missing_impact_preview", "description": "missing impact preview", "blocking_level": "critical", "required_resolution": "Resolve evidence, approval, validation, rollback, or audit gap before any controlled refactor candidate can proceed.", "allowed_next_action": "blocked_until_resolved" }, { "condition_id": "missing_rollback_plan", "description": "missing rollback plan", "blocking_level": "critical", "required_resolution": "Resolve evidence, approval, validation, rollback, or audit gap before any controlled refactor candidate can proceed.", "allowed_next_action": "blocked_until_resolved" }, { "condition_id": "missing_audit", "description": "missing audit", "blocking_level": "critical", "required_resolution": "Resolve evidence, approval, validation, rollback, or audit gap before any controlled refactor candidate can proceed.", "allowed_next_action": "blocked_until_resolved" }, { "condition_id": "missing_manual_confirmation", "description": "missing manual confirmation", "blocking_level": "critical", "required_resolution": "Resolve evidence, approval, validation, rollback, or audit gap before any controlled refactor candidate can proceed.", "allowed_next_action": "blocked_until_resolved" }, { "condition_id": "missing_permission_approval", "description": "missing permission approval", "blocking_level": "critical", "required_resolution": "Resolve evidence, approval, validation, rollback, or audit gap before any controlled refactor candidate can proceed.", "allowed_next_action": "blocked_until_resolved" }, { "condition_id": "missing_boss_approval", "description": "missing boss approval", "blocking_level": "critical", "required_resolution": "Resolve evidence, approval, validation, rollback, or audit gap before any controlled refactor candidate can proceed.", "allowed_next_action": "blocked_until_resolved" }, { "condition_id": "direct_code_replacement_attempt", "description": "direct code replacement attempt", "blocking_level": "critical", "required_resolution": "Resolve evidence, approval, validation, rollback, or audit gap before any controlled refactor candidate can proceed.", "allowed_next_action": "blocked_until_resolved" }, { "condition_id": "system_admin_single_apply_attempt", "description": "system admin single apply attempt", "blocking_level": "critical", "required_resolution": "Resolve evidence, approval, validation, rollback, or audit gap before any controlled refactor candidate can proceed.", "allowed_next_action": "blocked_until_resolved" }, { "condition_id": "preview_result_to_formal_conclusion_attempt", "description": "preview result to formal conclusion attempt", "blocking_level": "critical", "required_resolution": "Resolve evidence, approval, validation, rollback, or audit gap before any controlled refactor candidate can proceed.", "allowed_next_action": "blocked_until_resolved" } ], "controlled_refactor_candidate_conditions": [ { "condition_id": "low_risk_or_explainable_diff", "description": "low risk or explainable diff", "required": true, "blocking_if_missing": true }, { "condition_id": "shadow_validation_passed", "description": "shadow validation passed", "required": true, "blocking_if_missing": true }, { "condition_id": "no_critical_diff", "description": "no critical diff", "required": true, "blocking_if_missing": true }, { "condition_id": "no_one_vote_veto_diff", "description": "no one vote veto diff", "required": true, "blocking_if_missing": true }, { "condition_id": "no_cadre_validation_diff", "description": "no cadre validation diff", "required": true, "blocking_if_missing": true }, { "condition_id": "no_people_action_constraint_diff", "description": "no people action constraint diff", "required": true, "blocking_if_missing": true }, { "condition_id": "no_permission_signal_diff", "description": "no permission signal diff", "required": true, "blocking_if_missing": true }, { "condition_id": "no_org_capability_critical_score_diff", "description": "no org capability critical score diff", "required": true, "blocking_if_missing": true }, { "condition_id": "impact_preview_completed", "description": "impact preview completed", "required": true, "blocking_if_missing": true }, { "condition_id": "approval_chain_complete", "description": "approval chain complete", "required": true, "blocking_if_missing": true }, { "condition_id": "rollback_plan_complete", "description": "rollback plan complete", "required": true, "blocking_if_missing": true }, { "condition_id": "audit_complete", "description": "audit complete", "required": true, "blocking_if_missing": true }, { "condition_id": "grayscale_possible", "description": "grayscale possible", "required": true, "blocking_if_missing": true }, { "condition_id": "rollback_possible", "description": "rollback possible", "required": true, "blocking_if_missing": true }, { "condition_id": "acceptance_criteria_clear", "description": "acceptance criteria clear", "required": true, "blocking_if_missing": true }, { "condition_id": "no_auto_production_read_path_switch", "description": "no auto production read path switch", "required": true, "blocking_if_missing": true } ], "controlled_refactor_phases": [ { "phase_id": "Phase_0", "phase_name": "Gate Design", "goal": "只读设计,不执行任何 refactor。", "writes_database": false, "executes_algorithm": false, "modifies_code": false, "replaces_logic": false, "affects_active_algorithm": false, "production_read_path_switch_allowed": false, "requires_manual_gate": true, "rollback_requirement": "design artifact only", "exit_criteria": "设计报告和 registry JSON 完成。", "p0_in_scope": true }, { "phase_id": "Phase_1", "phase_name": "Dry-run Gate", "goal": "使用 planned sample,只检查 gate 输入完整性。", "writes_database": false, "executes_algorithm": false, "modifies_code": false, "replaces_logic": false, "affects_active_algorithm": false, "production_read_path_switch_allowed": false, "requires_manual_gate": true, "rollback_requirement": "rollback plan reference required", "exit_criteria": "输入和证据完整。", "p0_in_scope": true }, { "phase_id": "Phase_2", "phase_name": "Shadow Parallel Gate", "goal": "legacy / registry 并行,不替换生产逻辑,输出 diff。", "writes_database": false, "executes_algorithm": "future_gate_only", "modifies_code": false, "replaces_logic": false, "affects_active_algorithm": false, "production_read_path_switch_allowed": false, "requires_manual_gate": true, "rollback_requirement": "rollback plan reference required", "exit_criteria": "diff 达到通过标准。", "p0_in_scope": false }, { "phase_id": "Phase_3", "phase_name": "Controlled Refactor Candidate", "goal": "小范围、低风险、审批通过,但不直接切 production read path。", "writes_database": "future_gate_only", "executes_algorithm": "future_gate_only", "modifies_code": "future_gate_only", "replaces_logic": "future_gate_only", "affects_active_algorithm": "future_gate_only", "production_read_path_switch_allowed": false, "requires_manual_gate": true, "rollback_requirement": "rollback executable", "exit_criteria": "另开 apply gate。", "p0_in_scope": false }, { "phase_id": "Phase_4", "phase_name": "Controlled Production Switch", "goal": "更高 gate 下才允许生产读取路径切换,P0 不包含。", "writes_database": "future_high_gate_only", "executes_algorithm": "future_high_gate_only", "modifies_code": "future_high_gate_only", "replaces_logic": "future_high_gate_only", "affects_active_algorithm": "future_high_gate_only", "production_read_path_switch_allowed": "future_high_gate_only", "requires_manual_gate": true, "rollback_requirement": "full rollback drill required", "exit_criteria": "充分审计、灰度和回滚后才允许。", "p0_in_scope": false } ], "registry_relationships": { "algorithm_schema_registry_usage": "识别目标 schema object、字段依赖和输出边界。", "algorithm_permission_policy_registry_usage": "判断字段敏感级别、动作权限、审批角色和权限扩张风险。", "algorithm_hardcoded_rules_registry_usage": "确认硬编码类型、direct_refactor_allowed=false、P0 优先级和目标 schema 映射。", "algorithm_impact_registry_usage": "判断影响维度、风险等级、gate rule 和 critical 风险。", "algorithm_shadow_validation_sample_pack_usage": "提供 planned placeholder 或安全样本边界。", "algorithm_shadow_validation_registry_usage": "提供 diff type、diff severity、通过标准和阻断标准。", "assessment_template_registry_usage": "校验测评 result_mapping、维度、subject_type、risk rule 和 permission signal 完整性。", "config_governance_center_usage": "承接配置治理生命周期、审批、审计和回滚边界。" }, "p0_vs_saas_boundary": { "p0_manual_gate_design_items": [ "只读 registry。", "人工 gate。", "不执行 refactor。", "不执行算法。", "不执行 shadow validation。", "不切 production read path。" ], "saas_online_gate_items": [ "在线 refactor gate。", "自动影响预览。", "自动 shadow validation。", "自动审批路由。", "自动 rollback plan。", "租户级算法发布。", "算法版本灰度。", "API / Webhook gate。", "多租户隔离。" ] }, "validation_rules": { "registry_is_readonly": true, "gate_design_only": true, "no_refactor_execution": true, "no_algorithm_execution": true, "no_shadow_validation_execution": true, "no_database_write": true, "no_code_change": true, "no_logic_replacement": true, "no_active_algorithm_change": true, "no_assessment_result_change": true, "no_profile_or_cadre_change": true, "no_org_capability_change": true, "no_people_action_change": true, "no_permission_expansion": true, "no_business_effective_conclusion": true, "no_feishu_writeback": true, "gate_applicability_action_count_must_be_14": true, "prerequisite_group_count_must_be_8": true, "gate_state_count_must_be_12": true, "blocking_condition_count_must_be_21": true, "phase_count_must_be_5": true } }