Add document archiving

[SachaProbo]

Allow documents to be archived and unarchived via GraphQL, MCP, and
the console UI. Archived documents cannot be edited or published and
are excluded from the trust center. The console displays archived
documents as grayed out in lists and shows the archived date in the
document details drawer.

• Add archived_at column to documents table
• Add archive/unarchive mutations in GraphQL and MCP
• Block update and publish operations on archived documents
• Exclude archived documents from trust center listings
• Return not found for archived documents on trust center endpoints
• Guard title editing form against concurrent archiving
• Show "Archived on" date in document detail drawer

---

Summary by cubic

Add document archiving across GraphQL, MCP, and the console with ABAC enforcement. Archived documents are read‑only, can’t be published, are excluded from the trust center, and archiving removes control/risk mappings and resets trust center visibility; the console adds Active/Archived tabs with bulk and per‑document archive/unarchive and toasts.

• New Features

  • GraphQL: Document.status (ACTIVE/ARCHIVED) and archivedAt; archiveDocument/unarchiveDocument and bulkArchiveDocuments/bulkUnarchiveDocuments; DocumentFilter.status (list); DocumentVersionStatus enum for DocumentVersion.status and DocumentVersionFilter.status; update/publish/version‑update return Conflict if archived; archive/unarchive return Conflict when already/never archived.
  • MCP: New archiveDocument/unarchiveDocument tools; spec includes Document.status and archived_at; version status uses DocumentVersionStatus.
  • Console UI: Active/Archived tabs with tab‑specific bulk actions (Archive/Unarchive or Delete) and per‑document Archive/Unarchive with confirm + toasts; “New document” hidden on Archived tab; permission‑gated actions; edits disabled when archived; “Archived on” date in the details drawer; bulk archive/unarchive/delete remove items immediately via Relay updater; document pickers (LinkedDocumentsDialog, Compliance page) show only ACTIVE documents.
  • Trust Center: Archived documents excluded from listings; detail/PDF/access endpoints return Not Found; archiving resets trust center visibility to NONE.
  • Permissions/ABAC: Added document_status to authorization attributes for Document and DocumentVersion; deny writes when status is ARCHIVED (delete allowed); deny unarchive when status is ACTIVE; new actions core:document:archive and core:document:unarchive.
  • Core behavior: Archiving removes all control and risk mappings; bulk archive applies the same cleanup.

• Migration

  • Create Postgres enum document_status (ACTIVE/ARCHIVED); add archived_at TIMESTAMPTZ and status document_status NOT NULL DEFAULT 'ACTIVE' to documents, then drop the default. Rename enum policy_status to document_version_status.

^{Written for commit 1db8e71. Summary will update on new commits.}

[cubic-dev-ai]

2 issues found across 15 files

Prompt for AI agents (unresolved issues)

Check if these issues are valid — if so, understand the root cause of each and fix them. If appropriate, use sub-agents to investigate and fix each issue separately.


<file name="apps/console/src/pages/organizations/documents/_components/DocumentTitleForm.tsx">

<violation number="1" location="apps/console/src/pages/organizations/documents/_components/DocumentTitleForm.tsx:112">
P2: This only hides the edit entry point; it does not stop the form from staying editable after the document becomes archived. Guard the editing state as well so archived documents cannot keep showing the title input and save action.</violation>
</file>

<file name="pkg/coredata/document_filter.go">

<violation number="1" location="pkg/coredata/document_filter.go:46">
P1: Archived documents are still directly accessible from trust-center detail and export endpoints because this only filters list queries.</violation>
</file>

_{Reply with feedback, questions, or to request a fix. Tag @cubic-dev-ai to re-run a review.}

[gearnode]

LGTM

[cubic-dev-ai]

2 issues found across 6 files (changes from recent commits).

Prompt for AI agents (unresolved issues)

Check if these issues are valid — if so, understand the root cause of each and fix them. If appropriate, use sub-agents to investigate and fix each issue separately.


<file name="pkg/probo/document_service.go">

<violation number="1" location="pkg/probo/document_service.go:1195">
P1: Archiving now permanently deletes control/risk mappings, and unarchive cannot restore them.</violation>

<violation number="2" location="pkg/probo/document_service.go:1721">
P2: Clearing trust-center visibility on archive is irreversible here because unarchive never restores the previous setting.</violation>
</file>

_{Reply with feedback, questions, or to request a fix. Tag @cubic-dev-ai to re-run a review.}

[cubic-dev-ai]

P2: Clearing trust-center visibility on archive is irreversible here because unarchive never restores the previous setting.

Prompt for AI agents

Check if this issue is valid — if so, understand the root cause and fix it. At pkg/probo/document_service.go, line 1721:

<comment>Clearing trust-center visibility on archive is irreversible here because unarchive never restores the previous setting.</comment>

<file context>
@@ -1695,9 +1705,20 @@ func (s *DocumentService) Archive(
 			document.Status = coredata.DocumentStatusArchived
 			document.ArchivedAt = &now
 			document.UpdatedAt = now
+			document.TrustCenterVisibility = coredata.TrustCenterVisibilityNone
 
 			if err := document.Update(ctx, tx, s.svc.scope); err != nil {
</file context>

[gearnode]

LGTM

[github-actions]

🚫 [eslint (apps/console)] _{reported by reviewdog 🐶}
DocumentsListQuery import should occur before import of DocumentType import-x/order

[github-actions]

⚠️ [eslint (apps/console)] _{reported by reviewdog 🐶}
React Hook useEffect has a missing dependency: 'documentTypeFilter'. Either include it or remove the dependency array react-hooks/exhaustive-deps

[github-actions]

⚠️ [eslint (apps/console)] _{reported by reviewdog 🐶}
This line has a length of 124. Maximum allowed is 120 @stylistic/max-len

[github-actions]

🚫 [eslint (apps/console)] _{reported by reviewdog 🐶}
Unsafe assignment of an any value @typescript-eslint/no-unsafe-assignment