docs: OGAR der Türsteher — ActionHandler as classes, RBAC hardcoded, Rung as Flughöhe#115
Merged
Merged
Conversation
…Rung as Flughöhe DOCTRINE v0 carving the operator's pin into canon: (1) the ActionHandler lives as OGAR classes (the shipped lance-graph-ogar::OgarActionProvider — per-class const ActionDef manifests, auth_store 0x0B01 / auth_zitadel 0x0B02), so HIRO/Bardioc dock native; (2) RBAC is a compile-time const (required_role) on those classes — the Türsteher legible to compliance, no roleless mutating action; (3) the Rung 1-9 Flughöhe is hot-path cognition altitude (ElevationLevel::from_rung calibration, Csikszentmihalyi Flow channel tuning), bounded by the cold-path commit gate it cannot lower; (4) containment by structure, not trust — capability-bounding via a closed const DO surface + an unforgeable commit gate (the move/ownership Firewall). 'OGAR kriegt sie alle.' Grounded inline in shipped code (mostly [G]); cross-refs HIRO-IN-CLASSES, HIRO-DO-ARM-LIFT, CLASSID-RBAC-KEYSTONE-SPEC, ada-docs COLD_PATH_MUL_ACTIONHANDLER. Co-Authored-By: Claude <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01EYvNjD8M8LMNYbRy3gq2FP
|
You have reached your Codex usage limits for code reviews. You can see your limits in the Codex usage dashboard. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
DOCTRINE v0 —
docs/ACTIONHANDLER-TURSTEHER.mdCarves the operator's pin into canon, grounded inline in shipped code (mostly
[G]):lance-graph-ogar::OgarActionProvider(per-classconst ActionDefmanifests;
auth_store 0x0B01/auth_zitadel 0x0B02witheffective_actionsinheritance). HIRO/Bardioc dock native — they are OGAR,not a wrapper.
required_roleis a compile-timeconston the class.A compliance reviewer reads the grant surface off the source; no roleless
mutating action; an override cannot silently widen access.
{ RBAC · Libet do/don't · Rubikon@MUL }via
contract::action::ActionInvocation::commit; the kgV executor isgraph-flow-action, the outer cyclegraph-flow-kanban.(
ElevationLevel::from_rungcalibration; Csíkszentmihályi Flow channeltuning), bounded by the cold-path gate it cannot lower. Altitude does not buy
authority.
constDO surface + an unforgeablecommitgate (the move/ownershipFirewall, ADR-022/023). "OGAR kriegt sie alle."
Pairs with
HIRO-IN-CLASSES.md,HIRO-DO-ARM-LIFT.md,CLASSID-RBAC-KEYSTONE-SPEC.md, and ada-docsarchitecture/COLD_PATH_MUL_ACTIONHANDLER.md. Docs-only; append-only canon.🤖 Generated with Claude Code
Generated by Claude Code