feat(compliance): add content compliance detection across tenant, ops, and clients
Implements the Revision 8/9 compliance design: tenant + ops backends, ops-web content-safety pages, admin-web editor/publish gate integration, desktop publish block surfacing, and supporting migrations / shared types / config plumbing. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
+17
@@ -245,3 +245,20 @@
|
||||
- Offline packages must include `edoburu/pgbouncer:v1.24.1-p1` alongside the existing infra images.
|
||||
- Postgres passwords are passed through environment placeholders instead of hard-coded in deploy configs. The Go DSN builder now URL-escapes credentials so strong passwords containing `@`, `:`, `/`, or `?` remain valid.
|
||||
- Local smoke validation used the existing `server/docker-compose.yaml` Postgres containers on `server_default`; PgBouncer successfully returned `SELECT 1` through the pooler and the temporary test container was removed.
|
||||
|
||||
## Compliance Detection Implementation - 2026-05-05
|
||||
- Source of truth is `docs/superpowers/specs/2026-04-28-compliance-detection-design.md`, Revision 8 dated 2026-05-05.
|
||||
- The current repo has no `server/internal/tenant/compliance` or `server/internal/ops/compliance` packages, no compliance routes, no compliance config, and no compliance migrations yet.
|
||||
- Current `PublishJobService.Create()` validates desktop account liveness and creates desktop publish jobs/tasks directly; it does not resolve `article_version_id`, does not pass target platform sets through a compliance gate, and `CreatePublishJobRequest` lacks `article_version_id` / `ack_record_id`.
|
||||
- `ArticleDetailResponse` internally reads `articles.current_version_id` but does not expose it to the frontend; shared TS `ArticleDetail` also lacks `current_version_id`.
|
||||
- Article version storage is diff-based; `repository.LoadArticleVersionContent` reconstructs history. The compliance design requires `article_versions.plaintext_snapshot` for O(1) gate reads, so new writes must populate that snapshot and old rows need fallback/backfill support.
|
||||
- Ops API currently has account/admin/KOL/audit/site-domain modules only; content safety pages and APIs need to be added without disrupting existing auth middleware.
|
||||
- Existing frontend publish flow is centralized through `apps/admin-web/src/components/PublishArticleModal.vue`, which is the right integration point for runtime status, check, ack, and manual-review states.
|
||||
- Tenant compliance is now implemented with runtime status, article/plain checks, latest records, ack creation/consumption, manual review submit/latest/cancel, tenant whitelist/blacklist terms, publish-gate integration, scheduler-time recheck, RabbitMQ review jobs, and LLM review AI-point billing.
|
||||
- Ops compliance is now implemented with dictionary/term CRUD, batch import, publish/rollback, singleton global policy, master switch, manual reviews, records, and stats under `/api/ops/compliance`.
|
||||
- Ops-web now has content-safety navigation and pages for global policy, dictionaries/editing, records, stats, manual-review list, and manual-review detail.
|
||||
- Per-tenant compliance policy customization was removed before launch: ops-web now only exposes global policy pages/APIs, and `ops.compliance_policies` is an `id=1` global singleton without per-tenant columns.
|
||||
- Admin-web now has compliance API helpers, an editor-side compliance check drawer with locate/highlight and whitelist actions, and a publish modal that handles pass / needs_ack / block / manual-review flows before creating publish jobs.
|
||||
- Desktop publish management now surfaces scheduled-publish compliance recheck blocks through publish job metadata: `publish_job_status`, `compliance_blocked_record_id`, `compliance_blocked_at`, and summarized `compliance_blocked_reason`.
|
||||
- Verification passed on 2026-05-05: targeted compliance Go tests, full `go test ./...`, admin-web typecheck/build, ops-web typecheck/build, desktop-client typecheck/build, and `git diff --check`.
|
||||
- Residual risk: build output still reports large Ant Design / Milkdown chunks, but this is an existing bundle-size warning rather than a functional failure.
|
||||
|
||||
Reference in New Issue
Block a user