GAP-01 Closure Review — Auth Migration (Professional)
Tanggal: 2026-06-11
Mode: server · workspace /home/scola/odoo
Paket scope: SC-CORE + SC-LEARN + SC-ASSESS + SC-LIB (go-live Professional)
Verdict: Closed (Professional scope) — residual dilacak sebagai backlog non-blocker
1. Latar belakang
GAP-01 menargetkan migrasi dari model otorisasi ganda (custom permission snapshot + Odoo groups) menuju:
- Odoo groups / ACL / record rules sebagai otoritas keamanan primer
- Permission snapshot di auth payload sebagai derived output untuk FE (bukan sumber kebenaran API)
- Registry eksplisit untuk gate
/api/* di ir.http
2. Checklist closure (slices 2–7)
| # |
Kriteria |
Bukti |
Status |
| C1 |
Role/capability di-gate oleh grup Odoo otoritatif |
role_capabilities_allowed(), resolve_authoritative_role_codes_from_groups() |
✅ |
| C2 |
Auth payload contract v1 (auth_contract_version=1) |
auth_payload_contract.py, fixtures FE/BE, live E2E 8/8 scoladev |
✅ |
| C3 |
Registry eksplisit API path → domain/flag/capability |
api_route_access.py + apiRouteAccessRegistry.js (≥43 rules, wave 3 leadership/subscription) |
✅ |
| C4 |
Runtime enforcement di ir.http (feature + capability) |
scola_core/models/ir_http.py slice 5 |
✅ |
| C5 |
Inference /api/* path-prefix dihapus |
PATH_PREFIX_FEATURE_FLAG_RULES = () slice 7 |
✅ |
| C6 |
FE parity + guardrail tests hijau |
feBackendApiRouteAccessParity, inferenceRetired, authStoreContract |
✅ |
| C7 |
ROLE_CAPABILITIES bukan otoritas API |
Hanya dipakai di compute_permissions(); komentar slice 5 |
✅ |
| C8 |
Controller auth tidak mendefinisikan map capability |
test_modular_topology_unit — map hanya di service |
✅ |
3. QC gate (dijalankan 2026-06-11)
Backend (unit, standalone)
| Suite |
Hasil |
test_auth_capabilities_unit.py |
42 OK |
test_auth_payload_contract_unit.py |
OK |
test_api_route_access_unit.py |
12 OK |
test_feature_access_inference_retired_unit.py |
3 OK |
test_feature_access_unit.py |
8 OK |
test_ir_http_contract_unit.py |
5 OK |
test_gap01_closure_unit.py |
(baru) — invariant closure |
Frontend
| Suite |
Hasil |
authPayloadContractV1.spec.js |
4 OK |
feBackendApiRouteAccessParity.spec.js |
4 OK |
wave2ApiRouteRegistry.spec.js |
13 OK (≥43 rules) |
inferenceRetired.spec.js |
1 OK |
gap01ClosureContract.spec.js |
(baru) |
npm run test:contract:auth-e2e |
8/8 OK (scoladev) |
4. Residual (non-blocker go-live)
| ID |
Item |
Severity |
Rekomendasi |
| GAP-01-R1 |
ROLE_CAPABILITIES shrink via shared profiles |
Low |
Closed 2026-06-11 — PRINCIPAL_CAPABILITIES, STAFF_SELF_SERVICE_CAPABILITIES, wildcard consolidation |
| GAP-01-R2 |
/api/v1/executive/*, /api/v1/vice-principal/*, /api/v1/subscription/* belum di registry |
Low |
Closed 2026-06-11 — wave 3 registry rows |
| GAP-01-R3 |
Dataset RPC (/web/dataset/call_kw/) masih pakai model inference |
Accepted |
Odoo-native; bukan scope GAP-01 API registry |
| GAP-01-R4 |
Live contract matrix belum mencakup librarian/homeroom |
Low |
Resolved — GAP-03 slice 2 (2026-06-11) |
Residual tidak memblokir go-live Professional: ACL Odoo + registry ≥43 prefix + capability gate menutup surface API sensitif P0/wave-2/wave-3.
5. Keputusan
| Field |
Nilai |
| Status GAP-01 |
Closed (Professional scope) |
| Tanggal closure |
2026-06-11 |
| Commits kunci |
BE fe2bfa87 (slice 7) · FE e89c6660 |
| Re-audit trigger |
Tambah paket enterprise (SC-FIN penuh, SC-DAP), perubahan model grup Odoo, atau insiden auth bypass |
6. Rujukan