TenantAtlas/specs/254-remove-acknowledged-compat/data-model.md

Data Model — Remove Legacy Acknowledged Finding Status Compatibility

Spec: spec.md

This feature is subtractive. It introduces no new persisted truth and no migration. The data-model impact is the removal of one legacy findings workflow branch from productive code and the reaffirmation of the canonical findings lifecycle as the only active status contract.

Existing Canonical Entities Reused

Finding (findings)

Purpose: Tenant-owned findings workflow truth.

Key fields (existing):

• id
• workspace_id
• tenant_id
• status
• triaged_at
• in_progress_at
• reopened_at
• resolved_at
• closed_at
• risk_accepted_at via related exception state where applicable
• first_seen_at
• last_seen_at
• times_seen
• sla_days
• due_at
• acknowledged_at
• acknowledged_by_user_id

Feature use:

• Remains the single canonical workflow truth for findings.
• Continues to require both workspace_id and tenant_id as ownership anchors.
• Keeps the surviving active status contract: new, triaged, in_progress, reopened.
• Keeps the surviving terminal status contract: resolved, closed, risk_accepted.
• acknowledged_at and acknowledged_by_user_id may remain in schema for now, but they no longer justify an active workflow status, query branch, or UI affordance.

FindingException (finding_exceptions)

Purpose: Existing risk-acceptance and exception truth attached to findings.

Feature use:

• Remains unchanged.
• Exists only for regression protection so removing acknowledged does not collapse or rename risk-governance semantics.

Removed Active Workflow Contract

LegacyAcknowledgedFindingStatus (removed, non-persisted contract)

Previous role:

• active status constant on Finding
• extra member of openStatusesForQuery()
• special-case filter and badge label
• capability alias and RBAC wording branch
• compatibility expectation in findings-facing tests and summary consumers

Removal rule:

• no productive code path writes acknowledged as current findings status
• no productive code path queries acknowledged as part of the active open-status set
• no productive findings UI or summary consumer presents acknowledged as current work
• no role or capability mapping preserves tenant_findings.acknowledge

Derived Non-Persisted Contracts

CanonicalFindingOpenStatusSet (derived)

Members:

• new
• triaged
• in_progress
• reopened

Consumers:

• findings resource and inbox queries
• workspace overview and governance inbox summaries
• review/report disclosure helpers that describe current open findings work
• support-diagnostic bundles that group active findings issues
• alerts, hygiene services, and findings generators that still look up active/open findings

CanonicalFindingWorkflowPermissionSet (derived)

Purpose: Surviving capability vocabulary for findings workflow actions.

Feature use:

• remove tenant_findings.acknowledge
• keep surviving findings permissions and policy checks authoritative
• keep 404 versus 403 semantics unchanged for tenant-scoped findings surfaces

Data Ownership Notes

• No new table, column, persisted alias, cache, or compatibility projection is introduced.
• No migration or historical data rewrite is planned.
• Review/report and support-diagnostic consumers remain derived over tenant-owned findings truth; they do not become separate persisted status stores.
• Verification-check acknowledgement, onboarding acknowledgement, and restore acknowledgement remain separate domains and are not remodeled here.

Removal Invariants

• No productive code path may treat acknowledged as a current findings workflow status.
• No productive query helper may include acknowledged in the active open findings set.
• No shared badge, filter, summary, review/report disclosure, or support-diagnostic grouping may present acknowledged as current findings work.
• No new migration or persisted compatibility artifact may be introduced to preserve the removed branch.
• No non-finding acknowledgement domain may change as collateral damage from this cleanup.