3jLdZddlmZddlmZmZddlmZmZm Z m Z ddl m Z m Z mZmZddlmZmZddlmZdZd Zd Zd Zd Zd ZdZdZdZdZdZe hdZ!dZ"eGddZ#d dZ$d!dZ% d"dZ&ddd d#dZ'gdZ(y)$u anu_v3.proposal_authorization_gate — classify a +54 runtime-event-loop proposal candidate and decide the single bounded action the enactor is permitted to take (task-2553+55 §2.2~2.7 / §8). 회장 §2 verbatim 2~7: 2. proposal type 구분: consolidated_summary · closeout_candidate · next_dispatch_candidate · hold_packet. 3. 권한 있는 action만 enact. 4. 권한 없는 action은 proposal 상태로 유지. 5. closeout은 additive artifact로만 enact. 6. next dispatch는 ANU key + owner/key guard + callback mandatory contract 통과 시에만 candidate->actual dispatch 승격. 7. merge/PR/credential/branch write 기본 금지. This gate is the *authority boundary*. It NEVER enacts; it only classifies and authorizes. Every decision routes through the +49 single sources of truth (no rule re-implementation): * ``dispatch.callback_owner_enforcer.is_anu_key`` — ANU-key ownership. * ``anu_v3.callback_owner_validator.validate_callback_owner_runtime`` — callback owner/key/role fail-closed contract (§2.6). * ``anu_v3.self_collector_guard.guard_self_collector_session`` / ``anu_v3.authoritative_verdict_selector.select_authoritative_verdict`` — self-chain / non-ANU collector permanent quarantine (§8). * ``anu_v3.executor_callback_contract`` — the callback-mandatory doctrine (a next-dispatch candidate with no mandatory ANU callback is NOT promotable; §2.6). Track boundary (회장 §3 / §8): * consolidated_summary / closeout_candidate -> ``ENACT_ADDITIVE`` (Track A: additive artifact ONLY — zero merge/PR/branch/write to any existing file). * next_dispatch_candidate -> ``DISPATCH_READY`` *iff* the §2.6 triple passes — but Track B is **verify-only**: dispatch-ready is NOT execution; the actual candidate->dispatch promotion requires an explicit chair grant (``allow_actual_dispatch``) which this task never sets. Otherwise ``PROPOSAL_ONLY``. * hold_packet (self-chain / non-ANU / mismatch) -> ``HOLD_ROUTED`` (Track C: routing/safety-gate verification only). * any merge / PR / credential / OWNER_PAT / branch-write target -> ``BLOCKED`` (stays a proposal; 회장 §6/§7). Layer A / NO-CRON: pure classification. ZERO cron / dispatch / subprocess / cokacdir / merge / PR / branch / credential. ) annotations) dataclassfield)DictListOptionalSequence)AUTHORITATIVE_PASSCOLLECTOR_ROLE_ANU VerdictRecordselect_authoritative_verdict) is_anu_keyvalidate_callback_owner_runtime)guard_self_collector_sessionz%anu_v3.proposal_authorization_gate.v1consolidated_summarycloseout_candidatenext_dispatch_candidate hold_packetunknown_proposalENACT_ADDITIVEDISPATCH_READY PROPOSAL_ONLYBLOCKED HOLD_ROUTED> branch-writeprpatpushmergesecretgit_push owner_pat credential main_write pullrequest branch_write pull_request)requires_credentialrequires_branch_writerequires_merge requires_prrequires_owner_patrequires_main_writeceZdZUded<ded<ded<ded<ded<ded<ded <ded <ded <d ed <d ed<d ed<ded<eeZded<ddZy)AuthorizationDecisionstrschema proposal_typeactionbool authorizedenact_as_additivedispatch_readyblockedsource source_idzOptional[Dict[str, object]]owner_validationselector self_guardcallback_contract_ok)default_factoryz List[str]reasonscN|j|j|j|j|j|j |j |j|j|j|j|j|jt|jdS)Nr1r2r3r5r6r7r8r9r:r;r<r=r>r@)r1r2r3r5r6r7r8r9r:r;r<r=r>listr@)selfs 9/home/jay/workspace/anu_v3/proposal_authorization_gate.pyto_jsonzAuthorizationDecision.to_jsons}kk!//kk//!%!7!7"11||kk $ 5 5 //$($=$=DLL)  N)returnDict[str, object])__name__ __module__ __qualname____annotations__rrCr@rFrGrEr/r/ss_ K K M KN11))++t4GY4 rGr/ct|jdxsd}t|jdxsd}d|vs|dk(rtS|jds|jdrtSd|vs|jd r]|jd t t r6d j fd d Dj}d |vsd|vrtStStS)uMap a +54 candidate dict onto one of the §2.2 proposal types. * a consolidated-summary candidate schema / status -> consolidated_summary * a quarantined self-chain / non-ANU / mismatch packet -> hold_packet * a dispatch candidate whose declared next_phase is a *closeout* -> closeout_candidate (Track A target) * any other dispatch candidate -> next_dispatch_candidate r1statusr$CONSOLIDATED_SUMMARY_CANDIDATE_READY event_kindrdispatch_candidate next_phase c3ZK|]"}tj|xsd$yw)rPN)r0get).0knps rE z$classify_proposal..s*BFF1IO$s(+)phasekindintentr3closeoutzconsolidated closeout) r0rXPROPOSAL_CONSOLIDATED_SUMMARYPROPOSAL_HOLD_PACKET isinstancedictjoinlowerPROPOSAL_CLOSEOUT_CANDIDATE PROPOSAL_NEXT_DISPATCH_CANDIDATEPROPOSAL_UNKNOWN) candidater1rQblobr[s @rEclassify_proposalrlsx(.B /F x(.B /F'6.,-,}}\"immM&B##v%|)D ]]< ( b$ 88>eg T!%<%D22// rGc x|jd}t|tr|ni}tD]:}t |j|st |j|s8|cS|jd}t|t t fr|rddjd|DSdD]}t|j|xsdj}t|jdd jd d jd }|tz}|sud |d |d t|cSy)uvDetect a structurally forbidden enact target (§2.7/§6). Only structured fields are inspected (never note text).rUforbidden_actionszforbidden_actions:,c32K|]}t|yw)N)r0)rYxs rEr\z$_forbidden_target..s,@SV,@s)r^r3targetr_ operationrP/_-z next_phase.=z -> N)rXrcrdFORBIDDEN_REQUIREMENT_FLAGSr4rCtuplerer0rfsetreplacesplitFORBIDDEN_ACTION_TOKENSsorted)rjr[flagfakeyvaltokenshits rE_forbidden_targetrs" | $B"d#B+  d# $RVVD\(:K * +B"tUm$#CHH,@R,@$@#ABBB@"&&+#$**,S[[c*223<BB3GH..  QsgT&+? ? @ rGc0ttttddddt |j dxs|j dxsdt |j dxs(|j dxs|j dxsdddddd g S) NF schema_kindr9 quarantinetask_idr:event_idrPuhold_packet (self-chain / non-ANU / registry-mismatch) — Track C routing/safety-gate verification ONLY; never enacted, never dispatched, never auto-resolved (회장 §3.C/§8). Routed to the independent-ANU HOLD lane.rB)r/ GATE_SCHEMArbACTION_HOLD_ROUTEDr0rX)rjs rE_hold_packet_decisionrs !*!9==/Z9==3JZl[ MM) $ }}[) }}Z(   " ) ' rGrPF)executor_self_keyallow_actual_dispatchc t|}t|jdxs|jdxsd}t|jdxs(|jdxs|jdxsd}|tk(r t |St |}|&t t|tdddd ||ddddd |d g S|ttfvrt|jd }t|jd} |jd} t| tr<|xst| jd }| xst| jd} |r$| r"t t|td d dd||dddd dg St t|tdddd||dddddg S|jd} t| tr| ni} |jd} t| tr| ni} t| jdxs(| jdxs| jdxsd} |jd}t|t t"fr|r|Dcgc] }t|c}n t!|}| r t%| |nd}t| jdxsd}t| jdxs| }t| jdxst&}t|xr|| |fv}t)|r|n|xsd|xsd||rd nd}t+t-dd||xsd|xs| |t|xr||k(dd g||!}t| jd"xr| jd#d u}d}| r|rt/|xsd$||xs| | |t| jd"xsdxsdt| jd%xsdxsdt| jd&xsd't| jd(xsd|t| jd)* j1}t|xr|jd+}t|j2}|j4t6k(xr|j8d,k\}|xr|xr |xr|xr|}|sRt tt:tdddd||||j1|j1|d-|d.|d/|d0|d1|d2 g St tt:t<d dd d||||j1|j1d d3|d4g Scc}w)5uDecide the single bounded action for one proposal candidate. ``allow_actual_dispatch`` is the *explicit chair grant* for an actual candidate->dispatch promotion. task-2553+55 NEVER sets it (Track B is verify-only); even when a dispatch candidate passes the full §2.6 triple, the action is DISPATCH_READY (proposal stays a proposal until a future chair-granted session). r9r1rPr:batch_idrNFTz!forbidden enact target detected (u) — merge / PR / credential / OWNER_PAT / branch-write is BLOCKED by default; the proposal is retained as a proposal and never enacted (회장 §2.7/§6/§7).rB all_settledall_authoritative_pass gate_evidenceuall-settled & all-AUTHORITATIVE_PASS consolidated/closeout proposal — AUTHORIZED for an ADDITIVE artifact enact ONLY (Track A, 회장 §2.5/§3.A/§8: zero merge/PR/branch, zero modification of any existing artifact).uconsolidated/closeout proposal is NOT all-settled & all-AUTHORITATIVE_PASS — unauthorized for enact; retained as a proposal (회장 §2.4).rUcallback_contractcollector_owner_key collector_key owner_keyanu_keys executor_keycollector_roleunknown_executor)rrris_executor_self_sessioncollector_resultPASSindependent_anunext_dispatch_candidate_gate) r^verdictrrrrsession_is_executor_selfclaimed_origindetail)rrnormal_collector_cron_idcallback_mandatoryznext-dispatch-candidatefallback_callback_cron_iddispatch_cron_idzDG-nextchat_id no_fallback) rrrrrrrrrrrregistration_alloweduEnext_dispatch_candidate did NOT pass the §2.6 triple (anu_key_owner=z, owner_validation=z , self_guard=z, authoritative_selector=z, callback_mandatory_contract=u) — UNAUTHORIZED; retained as a proposal, zero dispatch (회장 §2.4/§2.6/§8). self-chain / non-ANU collector is permanently rejected via the +49 selector/guard.u'next_dispatch_candidate PASSED the §2.6 triple (ANU-key owner + +49 owner/key guard + callback-mandatory contract) — DISPATCH-READY. Track B is verify-only: NO actual dispatch is executed in this task; the candidate->dispatch promotion requires an explicit chair grant (allow_actual_dispatch=uI); not set here (회장 §3.B/§8/§10 — 자동 실 dispatch 승격 0).)rlr0rXrbrrr/rACTION_BLOCKEDrargr4rcrdACTION_ENACT_ADDITIVEACTION_PROPOSAL_ONLYrCryrr rr r rrFokclassificationr independent_anu_countrhACTION_DISPATCH_READY)rjrrrptyper9r:forbrall_apgate_evr[ccrraw_anurZdeclared_anu_keys anu_owner_okrrrself_key_taintguardselcontract_presentovowner_okguard_oksel_ok triple_oks rEauthorize_proposalrs! i (E x(IIMM(,CIr JF k"  == $  == #   I $$$Y// Y 'D $!# !!&3D6:22  , %#9==78 imm$<=>--0 gt $%Igkk-.H)IKJtGKK0H$IJF 6("#,"&$#!%%)K *%'# !!&0  . | $B"d#B * +B"d#B $%  66/ "  66+    I mmJ'G ge} -'!!AQ! (^ @I:i):;eLrvvn-34L/<9=M 01G5GHN +,1BG2N ) 4"4#+t%)7T E ' '!)?-?+8y-)-m)<*2!\105  "! C$ )* 1 FF' (D 0 B\ ,:!:%'49 ))%(128b&&&)239r'' (:!;!HyIy)/R0&RVVM23# $ ')% (B9266"89:HEHH~H 00 +  % % *           $:'# [[]}}!1""./B*M(489:J9KLCC  8 !6$==?! & '<%<=H  H  e "s*U)rrargrhrbrirrrrrr}r/rlrN)rjrIrHr0)rjrIrHz Optional[str])rjrIrHr/) rjrIrz Sequence[str]rr0rr4rHr/))__doc__ __future__r dataclassesrrtypingrrrr %anu_v3.authoritative_verdict_selectorr r r r anu_v3.callback_owner_validatorrranu_v3.self_collector_guardrrrargrhrbrirrrrr frozensetr}rxr/rlrrr__all__rNrGrErs.^#(11 6 !72#< $%)(&" $"       H<* F "' @ @@ @  @  @F rG