Reports and data rights
Reports Data Rights Reviewer Workflow
This public reviewer board ties report exports, signed-in account-save gates, data-rights controls, permission previews, protected reviewer smoke, and owner activation review into one no-secret workflow. It publishes aggregate evidence only while report bodies, account payloads, private EVE data, provider calls, and database writes stay gated.
3 export formats and 6 checklist labels are ready.
Account saves stay staged until owner, auth, database, and rollback evidence are recorded.
Protected export, delete, disconnect, logout, and session routes keep private no-store boundaries.
Smoke packet labels are available while protected packet bodies remain admin-only.
10 owner smoke evidence fields still need review before activation.
Public text excludes private data, token material, protected packet bodies, and separate-project details.
Owner Evidence Fields
0/10 protected evidence fields are recorded; 10 still need owner review.
- Smoke timestamprequired
- Reviewerrequired
- Tested Ops routerequired
- Report-save resultrequired
- Account-export resultrequired
- Destructive-control resultrequired
- Database runtime resultrequired
- Webhook boundary resultrequired
- Rollback decisionrequired
- Tracker rowrequired
Owner Smoke Checklist
20 public-safe owner checklist labels are mirrored.
- Owner smoke evidence fields completereview
- Owner smoke outcome passedreview
- Owner activation decision readyreview
- Report-save result recordedreview
- Account-export result recordedreview
- Destructive controls recordedreview
- Database runtime recordedreview
- Webhook boundary recordedreview
- Side effects still offready
- Tracker row recordedreview
Reports And Export Evidence
35 report tools, 3 export formats, and 6 public checklist labels are ready.
Keep report bodies browser-local unless the user exports or later signs in for account saves.
Account Save Gates
18/22 combined launch gates are ready while signed-in saves stay staged.
Enable account saves only after live auth, database, owner smoke, and rollback evidence are recorded.
Data Rights Review
5 protected account-control routes and 5 private header targets are covered.
Keep export, delete, disconnect, logout, and browser-local clear actions user-led and private.
Permission Preview Boundary
63 scopes and 8 feature consent plans are mapped without starting OAuth.
Ask for feature-specific consent only when a signed-in feature needs it.
Protected Reviewer Smoke
10/14 reviewer smoke gates are ready, with protected packet exports held behind admin access.
Use the protected reviewer smoke packet for owner checks while public pages expose counts only.
Owner Activation Decision
1/10 owner smoke checklist items are ready; 10 evidence fields still need owner review.
Keep account saves, exports, deletion, disconnect, logout, webhooks, provider calls, and database writes gated.
Reports Data Rights Reviewer page
Public workflow page shows aggregate readiness and owner gates only.
Reports Data Rights Reviewer JSON
Machine-readable feed exposes public-safe counts and links only.
Reports And Export Evidence proof
35 report tools, 3 export formats, and 6 public checklist labels are ready.
Account Save Gates proof
18/22 combined launch gates are ready while signed-in saves stay staged.
Data Rights Review proof
5 protected account-control routes and 5 private header targets are covered.
Permission Preview Boundary proof
63 scopes and 8 feature consent plans are mapped without starting OAuth.
Protected Reviewer Smoke proof
10/14 reviewer smoke gates are ready, with protected packet exports held behind admin access.
Owner Activation Decision proof
1/10 owner smoke checklist items are ready; 10 evidence fields still need owner review.
Reports export manifest
Public export manifest describes export formats without report bodies.
Public health JSON
Public health links the reviewer and readiness feeds without private payloads.
Owner evidence checklist
Public page lists required owner evidence labels and states without exposing evidence values.
Visibility
Kept out of public pages, health snapshots, smoke logs, screenshots, and readiness feeds.
Source Data
Kept out of public pages, health snapshots, smoke logs, screenshots, and readiness feeds.
Report Bodies
Kept out of public pages, health snapshots, smoke logs, screenshots, and readiness feeds.
Raw Pasted Inputs
Kept out of public pages, health snapshots, smoke logs, screenshots, and readiness feeds.
Account Reports
Kept out of public pages, health snapshots, smoke logs, screenshots, and readiness feeds.
Account Exports
Kept out of public pages, health snapshots, smoke logs, screenshots, and readiness feeds.
Account Deletes
Kept out of public pages, health snapshots, smoke logs, screenshots, and readiness feeds.
Eve Disconnect
Kept out of public pages, health snapshots, smoke logs, screenshots, and readiness feeds.
Private Eve Data
Kept out of public pages, health snapshots, smoke logs, screenshots, and readiness feeds.
Token Values
Kept out of public pages, health snapshots, smoke logs, screenshots, and readiness feeds.
Token Ciphertext
Kept out of public pages, health snapshots, smoke logs, screenshots, and readiness feeds.
Provider Secrets
Kept out of public pages, health snapshots, smoke logs, screenshots, and readiness feeds.
Owner Evidence Values
Kept out of public pages, health snapshots, smoke logs, screenshots, and readiness feeds.
Provider Calls
Kept out of public pages, health snapshots, smoke logs, screenshots, and readiness feeds.
Webhook Delivery
Kept out of public pages, health snapshots, smoke logs, screenshots, and readiness feeds.
Database Writes
Kept out of public pages, health snapshots, smoke logs, screenshots, and readiness feeds.
Account Writes
Kept out of public pages, health snapshots, smoke logs, screenshots, and readiness feeds.
Separate Project Accounts
Kept out of public pages, health snapshots, smoke logs, screenshots, and readiness feeds.
No-Secret Reports Data Rule
Public reports data-rights reviewer exposes aggregate reports, export, account-save, data-rights, permission-preview, protected-smoke, proof-link, owner evidence checklist labels, and owner-gate counts only; it does not expose report bodies, raw pasted inputs, account reports, account exports, account delete payloads, EVE disconnect payloads, owner evidence values, EVE token values, token ciphertext, private EVE data, provider secrets, raw visitor identifiers, raw browser agent strings, payment profile details, support messages, manual queue notes, protected admin packet bodies, or separate-project account details, and it does not start OAuth, write database rows, call EVE or CCP, call providers, deliver webhooks, export account data, delete accounts, disconnect EVE, log out sessions, clear browser storage, or mutate data.