fix(awooop): 移除 tenants 前台內部控制鍵
All checks were successful
Code Review / ai-code-review (push) Successful in 14s
CD Pipeline / tests (push) Successful in 1m34s
CD Pipeline / build-and-deploy (push) Successful in 3m40s
CD Pipeline / post-deploy-checks (push) Successful in 1m32s

This commit is contained in:
Your Name
2026-06-15 05:00:28 +08:00
parent b4296095c4
commit 5545000c6c
4 changed files with 203 additions and 44 deletions

View File

@@ -11722,13 +11722,24 @@ def validate(root: Path) -> None:
"SecurityTenantScopeCandidatePanel",
)
assert_text_contains("awooop_tenants_page.iwooos_link", awooop_tenants_page, 'href="/iwooos"')
for text in [
"tenantScopeBoundaryItems",
"migrationLocked",
"policyLocked",
"runtimeLocked",
"actionButtonsLocked",
"boundaryItems.runtimeLocked",
"boundaryItems.actionButtonsLocked",
]:
assert_text_contains("awooop_tenants_page.security_tenant_boundary", awooop_tenants_page, text)
for text in [
"tenant_migration_mode_changed=false",
"tenant_policy_mutation_authorized=false",
"runtime_execution_authorized=false",
"action_buttons_allowed=false",
"4 gates = false",
]:
assert_text_contains("awooop_tenants_page.security_tenant_boundary", awooop_tenants_page, text)
assert_text_not_contains("awooop_tenants_page.security_tenant_raw_boundary_leak", awooop_tenants_page, text)
for text in [
"AWOOOI 第一租戶",
"IwoooS 資安鏡像",
@@ -11752,6 +11763,7 @@ def validate(root: Path) -> None:
"openIwooos",
"metrics",
"scopeRefs",
"boundaryItems",
]:
assert_contains(
"web_messages.zh-TW.awooop.tenants.securityTenantScopeCandidate",
@@ -11763,6 +11775,17 @@ def validate(root: Path) -> None:
list(web_messages_en["awooop"]["tenants"]["securityTenantScopeCandidate"].keys()),
key,
)
for key in ["migrationLocked", "policyLocked", "runtimeLocked", "actionButtonsLocked"]:
assert_contains(
"web_messages.zh-TW.awooop.tenants.securityTenantScopeCandidate.boundaryItems",
list(web_messages_zh["awooop"]["tenants"]["securityTenantScopeCandidate"]["boundaryItems"].keys()),
key,
)
assert_contains(
"web_messages.en.awooop.tenants.securityTenantScopeCandidate.boundaryItems",
list(web_messages_en["awooop"]["tenants"]["securityTenantScopeCandidate"]["boundaryItems"].keys()),
key,
)
assert_text_contains(
"awooop_tenants_page.github_tenant_scope_panel",
@@ -11784,6 +11807,19 @@ def validate(root: Path) -> None:
"S4.9 Gitea 清冊負責人證明",
"S4.10 GitHub 目標負責人決策",
"S4.12 工作流程 / 機密名稱負責人回覆",
"githubTenantReadinessBoundaries",
"sourceScopeWaiting",
"ownerResponseWaiting",
"repoCreationLocked",
"refsMutationLocked",
"githubPrimaryLocked",
"giteaDisableLocked",
"tenantPolicyLocked",
"runtimeLocked",
"actionButtonsLocked",
]:
assert_text_contains("awooop_tenants_page.github_tenant_scope_boundary", awooop_tenants_page, text)
for text in [
"tenant_source_control_scope_accepted=false",
"repo_owner_response_accepted=false",
"repo_creation_authorized=false",
@@ -11794,7 +11830,7 @@ def validate(root: Path) -> None:
"runtime_execution_authorized=false",
"action_buttons_allowed=false",
]:
assert_text_contains("awooop_tenants_page.github_tenant_scope_boundary", awooop_tenants_page, text)
assert_text_not_contains("awooop_tenants_page.github_tenant_raw_boundary_leak", awooop_tenants_page, text)
for key in [
"title",
"subtitle",
@@ -11806,6 +11842,7 @@ def validate(root: Path) -> None:
"boundaryDetail",
"metrics",
"scopeRefs",
"boundaryItems",
]:
assert_contains(
"web_messages.zh-TW.awooop.tenants.githubTenantReadinessScope",
@@ -11817,6 +11854,27 @@ def validate(root: Path) -> None:
list(web_messages_en["awooop"]["tenants"]["githubTenantReadinessScope"].keys()),
key,
)
for key in [
"sourceScopeWaiting",
"ownerResponseWaiting",
"repoCreationLocked",
"refsMutationLocked",
"githubPrimaryLocked",
"giteaDisableLocked",
"tenantPolicyLocked",
"runtimeLocked",
"actionButtonsLocked",
]:
assert_contains(
"web_messages.zh-TW.awooop.tenants.githubTenantReadinessScope.boundaryItems",
list(web_messages_zh["awooop"]["tenants"]["githubTenantReadinessScope"]["boundaryItems"].keys()),
key,
)
assert_contains(
"web_messages.en.awooop.tenants.githubTenantReadinessScope.boundaryItems",
list(web_messages_en["awooop"]["tenants"]["githubTenantReadinessScope"]["boundaryItems"].keys()),
key,
)
for text in [
"sourcePublicScopeCode(index)",
@@ -11913,6 +11971,22 @@ def validate(root: Path) -> None:
awooop_tenants_page,
'href="/iwooos"',
)
for text in [
"ownerResponseValidationTenantBoundaries",
"responseNotReceived",
"responseNotAccepted",
"responseNotRejected",
"tenantScopeWaiting",
"tenantPolicyLocked",
"repoCreationLocked",
"refsSyncLocked",
"workflowLocked",
"secretValueBlocked",
"githubPrimaryLocked",
"runtimeLocked",
"actionButtonsLocked",
]:
assert_text_contains("awooop_tenants_page.owner_response_validation_boundary", awooop_tenants_page, text)
for text in [
"source_control_owner_response_validation_rollup_v1",
"gitea_inventory_owner_attestation_response_v1",
@@ -11932,7 +12006,7 @@ def validate(root: Path) -> None:
"runtime_execution_authorized=false",
"action_buttons_allowed=false",
]:
assert_text_contains("awooop_tenants_page.owner_response_validation_boundary", awooop_tenants_page, text)
assert_text_not_contains("awooop_tenants_page.owner_response_validation_raw_boundary_leak", awooop_tenants_page, text)
for key in [
"title",
"subtitle",
@@ -11944,6 +12018,7 @@ def validate(root: Path) -> None:
"boundaryDetail",
"metrics",
"scopeRefs",
"boundaryItems",
]:
assert_contains(
"web_messages.zh-TW.awooop.tenants.ownerResponseValidationScope",
@@ -11955,6 +12030,30 @@ def validate(root: Path) -> None:
list(web_messages_en["awooop"]["tenants"]["ownerResponseValidationScope"].keys()),
key,
)
for key in [
"responseNotReceived",
"responseNotAccepted",
"responseNotRejected",
"tenantScopeWaiting",
"tenantPolicyLocked",
"repoCreationLocked",
"refsSyncLocked",
"workflowLocked",
"secretValueBlocked",
"githubPrimaryLocked",
"runtimeLocked",
"actionButtonsLocked",
]:
assert_contains(
"web_messages.zh-TW.awooop.tenants.ownerResponseValidationScope.boundaryItems",
list(web_messages_zh["awooop"]["tenants"]["ownerResponseValidationScope"]["boundaryItems"].keys()),
key,
)
assert_contains(
"web_messages.en.awooop.tenants.ownerResponseValidationScope.boundaryItems",
list(web_messages_en["awooop"]["tenants"]["ownerResponseValidationScope"]["boundaryItems"].keys()),
key,
)
for key in [
"validationRollup",
"giteaAttestation",