vjS dZddlmZddlmZmZddlmZmZddl m Z m Z ddl m Z mZmZmZdZdZd ZeeehZeGd d Zdd Z dd Zddddd ddZddddddddd ddZddedddddd d dZddd d!dZdddddddddddd d"dZy)#udispatch.cron_dispatch_guard — cron-direct path callback fail-closed guard. task-2553+44 (구현목표 A). Standalone, pure stdlib + same-package imports of the existing (byte-0) executor_completion_contract / spec_template_validator. Problem (회장 §2.3 / diagnosis report_items.7/9): the +32 mandatory executor-completion-callback contract exists in code, but the ACTUAL dispatch entry used for +41/+42/+43 is the ``cokacdir --cron`` direct path (dispatch.py shim / dispatch.core.main is bypassed). The contract was never called there — §8 held only by task-md text + bot self-compliance, NOT by a code-level fail-closed gate. This guard is the fail-closed gate for BOTH paths: * ``dispatch.py`` / dispatch.core.main, and * the ``cokacdir --cron`` direct path (legacy/bot-driven). It validates the mandatory normal-completion-callback clause + the durable 4-tuple, records the 4-tuple to the durable ledger, and returns PASS / FAIL / HOLD_FOR_CHAIR. A cron-direct dispatch that bypasses the contract -> FAIL (regression 6). Layer A / NO-CRON (9-R.1): the guard VALIDATES, RECORDS (append-only ledger), and FAILs/HOLDs only. It performs ZERO cron register/remove, ZERO dispatch, ZERO ``cokacdir``/``subprocess`` exec. The executor's own normal completion callback (Layer B, §10) is a designed lifecycle signal — NOT a registry-added ad-hoc cron — and is therefore explicitly NOT a "cron 신규 등록" breach. ) annotations) dataclassfield)ListOptional)Callback4Tuplevalidate_4tuple)FAILHOLDPASSspec_has_normal_callback_clausez&dispatch.cron_dispatch_guard_result.v1zdispatch.core.maincokacdir_cron_directceZdZUded<ded<ded<ded<ded<ded<ded <ee Zd ed <edd ZddZ y)CronDispatchGuardResultstrschemaverdict entry_pathboolclause_present tuple_validno_fallback_contractrecorded_to_ledger)default_factory List[str]reasonsc(|jtk(S)N)rr selfs dispatch/cron_dispatch_guard.pyokzCronDispatchGuardResult.ok@s||t##c |j|j|j|j|j|j |j t|jdS)Nrrrrrrrr) rrrrrrrlistrrs r to_jsonzCronDispatchGuardResult.to_jsonDsQkk||//"11++$($=$="&"9"9DLL)  r"N)returnr)r'dict) __name__ __module__ __qualname____annotations__rr%rpropertyr!r&r"r rr5sO K LOt4GY4 $$  r"rc.d|xsdjvS)aA NO-CRON label applies to registry/checkpoint cron-ban ONLY. It does NOT exempt the executor's own normal completion callback (regression 5). This helper exists only to make the carve-out explicit; the clause requirement is enforced regardless of NO-CRON labelling. zNO-CRON)upper) spec_texts r #is_no_cron_registry_checkpoint_taskr3Qs b//1 11r"c Jg} ddlm} ||}|r|j d|D| |j}|j|j|j|jd }|jD]D\}} |j|| k7s|jd |d |j|d | d F|S#t$r |dgzcYSwxYw#t$r'}|dt |j dgzcYd}~Sd}~wwxYw#t$r |dgzcYSwxYw)a$Validate the durable record and reconcile it with the 4-tuple. Returns FAIL reasons (empty == consistent). Pure check: ZERO cron / process / dispatch (Layer A). The registry's own ``validate_record`` is imported lazily so this module keeps zero module-level anu_v3 coupling. r)validate_recorduwregistry validate_record unavailable — cannot fail-closed-verify ledger record; refusing durable write (fail-closed).z ledger record validation raised u> — treated as invalid, refusing durable write (fail-closed).Nc3&K|] }d| yw)zledger record invalid: Nr.).0xs r z+_reconcile_ledger_record..{sA04Asz#ledger record exposes no identity())task_iddispatch_cron_idnormal_collector_cron_idfallback_callback_cron_idzledger/4-tuple mismatch on z : record=z tuple=z (fail-closed).)anu_v3.callback_4tuple_registryr5 ImportError Exceptiontyper)extendidentityr:r;r<r=itemsgetappend) ledger_recordtuple_r_vrrrexcidentexpectedkvs r _reconcile_ledger_recordrP[srG       AbAA  E!**,E~~ & 7 7(.(G(G)/)I)I   NN$ DAqyy|q 1!5#iil-WQEJ  NA   J      .tCy/A/A.BCH I     ECDD D Es?CCDCC D &DD D D"!D"FTN)rspec_location_knownledgerrGc <g}|sttt|dd|ddgS|tvr|j d|dt |}|s|j dd} ||j dn6t |} |r| D cgc]} d| vr|  } } | r|j| nd } |s |r| rtnt} d} | tk(r=|;|9t||}|r|j|t} n|j |d } tt| ||| || |Scc} w) u5Fail-closed gate for an executor dispatch (any entry path). Verdict logic (§3.A): * spec/template location unresolvable -> HOLD_FOR_CHAIR (§8) * unknown / unrecognised entry path -> FAIL (cron-direct bypass, regression 6) * normal completion callback clause missing -> FAIL (regression 2) * 4-tuple absent -> FAIL * normal_collector_cron_id missing -> FAIL (regression 3) * fallback_callback_cron_id missing AND no explicit no-fallback contract -> FAIL (regression 4) * else -> PASS, and the 4-tuple is appended to the durable ledger. ``ledger`` (Callback4TupleRegistry) + ``ledger_record`` (Callback4TupleRecord) are optional; when both are supplied a PASS appends the durable record (§3.A / §3.B). The guard NEVER touches cron. Fu|dispatch/spec template location unresolvable — cannot code-enforce the cron-direct callback contract (§8 HOLD_FOR_CHAIR).r$z entry_path u not a recognised gated path — a cron-direct dispatch that bypasses the executor completion contract is FAIL (§3.A / regression 6).uexecutor normal completion callback clause MISSING — every executor dispatch (incl. the cokacdir --cron direct path) MUST carry it. NO-CRON does not exempt this (registry/checkpoint cron-ban only, regression 2/5).u callback 4-tuple absent (§3.A).r=T) r GUARD_SCHEMAr KNOWN_PATHSrFr r rBr r rP)r2rrHrrQrRrGrrr t_reasonsrrrecorded rec_reasonss r guard_dispatchrZsk:G &! !5$(  $*(7 7 5Y?N  . K ~9:#F+  $.a7I  NN9 %K ;  H$6--2K.}fE  NN; 'G MM- (H "%1#  7s Dr0)chat_idprompt_claims_anu_collectorrrQanu_keysanu_keys_resolvablerRrGcddlm}m}m}m}ddlm}t |||| | ||}|| |jnd|||||| || | || t|n t|| |}|jtk(s|j|k(rt}nct|j|jfvs|j|k(rt}n/|jtk(r|j|k(rt}nt}|||fS)utask-2553+49 §2/§8 composite fail-closed gate. Runs the byte-0 ``guard_dispatch`` (clause + 4-tuple + ledger integrity) AND the ``callback_owner_enforcer`` owner pin (owner == independent ANU key, collector_role == ANU, executor_key != collector_key, prompt-says- ANU-but-owner-is-executor, 4-tuple owner-valid). The composite verdict is the strictest of the two: any FAIL -> FAIL, any HOLD with no FAIL -> HOLD, else PASS. Returns ``(guard_result, owner_result, composite_verdict)``. Layer A: ZERO cron/dispatch/subprocess (both components are pure validation; the only optional write is the +44 append-only ledger via the existing guard, unchanged). r)r r r enforce_callback_ownerDEFAULT_ANU_KEYS)r2rrHrrQrRrGr0r: executor_key collector_keycollector_owner_keycollector_roler<r=r;r[r\rr] no_fallbackr^) dispatch.callback_owner_enforcerr r r r`rbrZr:tupler)r2rrHrdrerfrgr;r<r=r[r\rrQr]r^rRrG OWNER_FAIL OWNER_HOLD OWNER_PASSr`rbbaseowner composites r guard_dispatch_with_ownerrq sD  1/# D ##)#52!#/%!9";)$?'3E(O'((/# E& ||tu}} : $,, . .%--:2M  %--:"=   !!r")r[r\rr]rhr^ actor_keyis_executor_self_sessioncddlm}m}ddlm}ddlm}| t| n t|}||||||||||| | || | }||||||}|jtk(xr|jtk(}|jtk(r0|jtk7rddlm }|s|d|j|||||fS) u!§5.C callback registration helper guard — 등록 직전 fail-closed. The normal/fallback callback registration path MUST route through this gate before any ``cokacdir --cron`` is issued (9-R.1 mediated-call). It chains the anu_v3 runtime owner validator (owner/key/role) AND the self-collector runtime guard (executor self-session owning its own collector). On a non-PASS verdict it BOTH returns blocked AND raises ``CallbackRegistrationBlocked`` via ``assert_registration_permitted`` so a caller that ignores the return value still cannot register a self-owned callback (§5.C "mismatch -> 등록 안 함" — structural, not advisory). Returns ``(validation_result, self_guard_result, registration_allowed)``. Layer A: ZERO cron/dispatch/subprocess. r)assert_registration_permittedvalidate_callback_owner_runtime)guard_self_collector_sessionrarcrdrerrrgrs)CallbackRegistrationBlockedz7callback registration blocked by self-collector guard: ) anu_v3.callback_owner_validatorrurvanu_v3.self_collector_guardrwrirbrjrr ryclassification)r:rdrerfrgr;r<r=r[r\rr]rhr^rrrsrurvrwrbkeysval self_guardregistration_allowedrys r guard_callback_registrationrisBIA&25?>N8OD )!#/%!9";)$?/ C .!#%!9 J t: 2 2d : {{dz11T9 $-I,,-/ "#&  0 00r")r]r^cbddlm}ddlm}| t |n t |}|||||S)ur§5.D authoritative verdict selector 실 runtime 결선. Collector 회수단계가 verdict 를 확정하기 직전 반드시 경유한다. self-chain verdict 는 QUARANTINED·영구 비권위, independent ANU verdict 만 authoritative (회장 §2.5/§2.6/§5.D). Returns the ``AuthoritativeSelectionResult``. Layer A: ZERO cron/dispatch/subprocess. r)select_authoritative_verdictra)r:r]r^)%anu_v3.authoritative_verdict_selectorrrirbrj)recordsr:r]r^rrbr}s r $select_runtime_authoritative_verdictrs<B&25?>N8OD '/  r") r[r\rrQr]r^rRrGrrrsis_followup_dispatchcddlm}m}tdid|d|d|d|d|d|d |d |d |d | d | d| d| d| d|d|d|d|\}}}||||||}|||||}t||j |j fvrt}nL|t k(rt }n<|tk(r-|j tk(r|j tk(rt}nt}|||||fS)up§4 우선순위 2~5 통합 실 dispatch-path runtime gate. Chains: byte-0 ``guard_dispatch`` (clause+4-tuple+ledger) -> ``guard_dispatch_with_owner`` owner pin -> anu_v3 self-collector + self-dispatch runtime guards. Any FAIL -> FAIL; any HOLD w/o FAIL -> HOLD; else PASS. Returns ``(base, owner, self_collector, self_dispatch, composite)``. r)rwguard_self_dispatchr2rrHrdrerfrgr;r<r=r[r\rrQr]r^rRrGrx)rdrrrrsr.)r{rwrrqr rr r )r2rrHrdrerfrgr;r<r=r[r\rrQr]r^rRrGrrrsrrwrrnrorpscsdfinals r $guard_dispatch_runtime_authoritativersc@ 7"  $  0 &*":#<%@20 0!"#$$%D%( &!#%!9  B !1!9  B  2::rzz22 d  d rzzT1bjjD6H B %%r")r2rr'r)rHOptional[Callback4Tuple]r'r) r2rrrrHrrrrQrr'r)r2rrrrHrrdrrerrf Optional[str]rgrr;rr<rr=rr[rr\rrrrQrr^r)r:rrdrrerrfrrgrr;rr<rr=rr[rr\rrrrhrr^rrrrrsOptional[bool])r:rr^r)"r2rrrrdrrerrfrrgrr;rr<rr=rr[rr\rrrrQrr^rrrrrsrrr)__doc__ __future__r dataclassesrrtypingrr%dispatch.executor_completion_contractrr dispatch.spec_template_validatorr r r r rTPATH_DISPATCH_PYPATH_CRON_DIRECT frozensetrUrr3rPrZrqrrrr.r"r rs_6#(!8 ())+;<=      623333v"' $ kkk % k  k  kkL(-!& $  $ 'P"P"P" % P"  P"  P"'P"P"P",P" -P"P""&P"P"P""#P"P(-&  $#/3#O1 O1O1 O1 ' O1  O1O1,O1 -O1O1"&O1O1O1O1 !O1"-#O1l $   P(-!& $  $ #/3!&-N&N&N&  N&  N&'N&N&N&,N& -N&N&"&N&N&N&"#N&()N&*-+N&,-N&r"