Implemented
The ApprovalManager class in approval_manager.py has too many responsibilities:
- Permission mode enforcement (READ_ONLY, WORKSPACE_WRITE, PROMPT, ALLOW, DANGER_FULL_ACCESS)
- JIT approval state management
- Multi-sig quorum coordination
- Approval store persistence
- Plan contract validation
- Read-only gate enforcement
- Signature collection and verification
This violates the Single Responsibility Principle, making the class difficult to test, maintain, and extend.
We will extract the ApprovalManager into multiple specialized classes coordinated through composition.
- Create
PermissionModeEnforcerclass to handle permission mode logic - Move permission mode enforcement methods from
ApprovalManager - Add unit tests for the new class
- Update
ApprovalManagerto usePermissionModeEnforcer
- Create
JITApprovalManagerclass to handle JIT approval state - Move JIT approval logic from
ApprovalManager - Add unit tests for the new class
- Update
ApprovalManagerto useJITApprovalManager
- Create
MultiSigQuorumManagerclass to handle multi-sig coordination - Move multi-sig logic from
ApprovalManager - Add unit tests for the new class
- Update
ApprovalManagerto useMultiSigQuorumManager
- Create
ApprovalStoreManagerclass to handle persistence - Move approval store operations from
ApprovalManager - Add unit tests for the new class
- Update
ApprovalManagerto useApprovalStoreManager
- Make
ApprovalManagera lightweight coordinator - Use composition to delegate to specialized managers
- Add integration tests for the coordinator pattern
- Update all callers to use the new pattern
- Maintain backward compatibility during transition
- Add comprehensive tests before each extraction
- Use feature flags to enable new implementation gradually
- Create migration guide for breaking changes
- Positive: Better separation of concerns, easier testing, more maintainable code
- Negative: Breaking changes to internal APIs, requires significant refactoring
- Risk: High - affects core approval workflow
- Keep monolithic ApprovalManager (rejected - violates SRP)
- Use inheritance instead of composition (rejected - creates tight coupling)
- Create microservices (rejected - over-engineering for this use case)
- Original issue: Medium-severity architecture issue #2
- Related files:
approval_manager.py,policy.py