{
  "id": "human_approval_service",
  "label": "Human Approval Service Canonical",
  "phase": "phase-02",
  "category": "architecture_engineering_core",
  "status": "ACTIVE_DH_MIRROR",
  "source_no": 88,
  "purpose": "Register human approvals required by FSM-controlled critical actions.",
  "function": "Create auditable approval records for risky operations, including operator identity, requested action, environment, evidence snapshot, risk level, expiration, revocation and approval status.",
  "overview": {
    "summary": "Human Approval Service Canonical owns the difference between a button click and an auditable authorization. It exists because Modal Action System can display approval, but only this service can preserve approval as a governed record the FSM may consume.",
    "function": "FUNCTION: Register approval_id, operator_id, task_id, requested_action, environment, risk_level, evidence_snapshot, diff_id, backup_id, approval_status, approval_reason, timestamp, expiration and revocation state.",
    "system_position": "FSM remains the decision authority. Modal Action System presents the interaction. Audit Trail preserves evidence. Production Deployment Gate, migration flow, destructive filesystem operations and policy changes can all require this approval record before they proceed.",
    "failure_impact": "Approval without this service is only visual consent. A production deploy, destructive migration, server change or policy mutation can appear approved while leaving no durable proof that the right operator authorized the right action against the right evidence at the right time."
  },
  "failure_impact": "Approval without this service is only visual consent. A production deploy, destructive migration, server change or policy mutation can appear approved while leaving no durable proof that the right operator authorized the right action against the right evidence at the right time.",
  "technology_requirements": [
    {
      "technology": "Human Approval Service",
      "required_for": "Register human approvals required by FSM-controlled critical actions.",
      "required_by_phase": "phase-02",
      "required_by_category": "human_approval_service",
      "required_by_buckets": [
        "Prerequisites",
        "Installation",
        "Configuration",
        "Validation",
        "Observable Evidence",
        "Failure Modes & Recovery",
        "Completion & Promotion"
      ],
      "expected_version": "MISSING until Human Approval Service is implemented and validated in the future Execution & Monitoring Panel",
      "validation_command": "MISSING until human_approval_service can prove function, source coverage, evidence state and promotion readiness",
      "evidence_path": "/home/yeff/public_html/devon/canon/execution/state/dh_sources/human_approval_service_canonical.json",
      "status_source": "Documentation Hub + future Execution & Monitoring Panel",
      "blocking_if_missing": true,
      "failure_impact": "Approval without this service is only visual consent. A production deploy, destructive migration, server change or policy mutation can appear approved while leaving no durable proof that the right operator authorized the right action against the right evidence at the right time."
    }
  ],
  "depends_on": [
    "fsm_absolute_decision",
    "modal_action_system",
    "audit_trail"
  ],
  "used_by": [
    "production_deployment_gate",
    "migration_runner",
    "filesystem_operations",
    "security_governance"
  ]
}
