@agenticmail/enterprise 0.2.1

package/dist/index.js

@@ -0,0 +1,522 @@
+import {
+  AGENTICMAIL_TOOLS,
+  ALL_TOOLS,
+  ActivityTracker,
+  AgentConfigGenerator,
+  AgentLifecycleManager,
+  ApprovalEngine,
+  BUILTIN_SKILLS,
+  DeploymentEngine,
+  KnowledgeBaseEngine,
+  OPENCLAW_CORE_TOOLS,
+  PLAN_LIMITS,
+  PRESET_PROFILES,
+  PermissionEngine,
+  TOOL_INDEX,
+  TenantManager,
+  generateOpenClawToolPolicy,
+  getToolsBySkill,
+  init_tool_catalog
+} from "./chunk-N2JVTNNJ.js";
+import {
+  ENGINE_TABLES,
+  ENGINE_TABLES_POSTGRES,
+  EngineDatabase,
+  MIGRATIONS,
+  MIGRATIONS_TABLE,
+  MIGRATIONS_TABLE_POSTGRES,
+  sqliteToMySQL,
+  sqliteToPostgres
+} from "./chunk-IQWA44WT.js";
+import {
+  CircuitBreaker,
+  CircuitOpenError,
+  HealthMonitor,
+  KeyedRateLimiter,
+  RateLimiter,
+  ValidationError,
+  auditLogger,
+  createAdapter,
+  createAdminRoutes,
+  createAuthRoutes,
+  createServer,
+  deployToCloud,
+  errorHandler,
+  generateDockerCompose,
+  generateFlyToml,
+  getSupportedDatabases,
+  rateLimiter,
+  requestIdMiddleware,
+  requestLogger,
+  requireRole,
+  securityHeaders,
+  validate,
+  withRetry
+} from "./chunk-DXNKR3TG.js";
+import {
+  DatabaseAdapter
+} from "./chunk-77IDQJL3.js";
+import "./chunk-PNKVD2UK.js";
+
+// src/engine/index.ts
+init_tool_catalog();
+
+// src/engine/openclaw-hook.ts
+var EnterpriseHook = class {
+  config;
+  permissionCache = /* @__PURE__ */ new Map();
+  pendingToolCalls = /* @__PURE__ */ new Map();
+  // callId → toolCallRecordId
+  connected = false;
+  constructor(config) {
+    this.config = {
+      engineUrl: config.engineUrl,
+      agentId: config.agentId,
+      orgId: config.orgId,
+      apiToken: config.apiToken || "",
+      knowledgeBaseEnabled: config.knowledgeBaseEnabled ?? true,
+      kbMaxTokens: config.kbMaxTokens ?? 2e3,
+      activityStreamEnabled: config.activityStreamEnabled ?? true,
+      failMode: config.failMode ?? "open",
+      permissionCacheTtlSec: config.permissionCacheTtlSec ?? 30
+    };
+  }
+  /**
+   * BEFORE a tool call — check permissions, record start
+   */
+  async beforeToolCall(ctx) {
+    try {
+      const cached = this.permissionCache.get(ctx.toolId);
+      if (cached && cached.expires > Date.now()) {
+        await this.recordToolCallStart(ctx);
+        return cached.result;
+      }
+      const permResult = await this.apiCall("/api/engine/permissions/check", "POST", {
+        agentId: this.config.agentId,
+        toolId: ctx.toolId
+      });
+      const result = {
+        allowed: permResult.allowed ?? this.config.failMode === "open",
+        reason: permResult.reason || "Unknown",
+        requiresApproval: permResult.requiresApproval || false,
+        sandbox: permResult.sandbox || false
+      };
+      this.permissionCache.set(ctx.toolId, {
+        result,
+        expires: Date.now() + this.config.permissionCacheTtlSec * 1e3
+      });
+      if (result.requiresApproval && result.allowed) {
+        const approval = await this.requestApproval(ctx);
+        if (approval) {
+          result.approvalId = approval.id;
+          if (approval.status === "denied") {
+            result.allowed = false;
+            result.reason = `Denied by ${approval.decision?.by}: ${approval.decision?.reason || "No reason given"}`;
+          } else if (approval.status === "expired") {
+            result.allowed = false;
+            result.reason = "Approval request expired";
+          }
+        }
+      }
+      if (result.allowed) {
+        await this.recordToolCallStart(ctx);
+      } else {
+        await this.recordActivity("tool_blocked", {
+          toolId: ctx.toolId,
+          toolName: ctx.toolName,
+          reason: result.reason
+        });
+      }
+      return result;
+    } catch (error) {
+      const allowed = this.config.failMode === "open";
+      return {
+        allowed,
+        reason: allowed ? `Engine unreachable (fail-open): ${error.message}` : `Engine unreachable (fail-closed): ${error.message}`,
+        requiresApproval: false
+      };
+    }
+  }
+  /**
+   * AFTER a tool call — record result, update usage
+   */
+  async afterToolCall(ctx, result) {
+    try {
+      await this.apiCall("/api/engine/agents/" + this.config.agentId + "/record-tool-call", "POST", {
+        toolId: ctx.toolId,
+        tokensUsed: (result.inputTokens || 0) + (result.outputTokens || 0),
+        costUsd: result.costUsd || 0,
+        isExternalAction: this.isExternalAction(ctx.toolId),
+        error: !result.success
+      });
+      await this.recordActivity(result.success ? "tool_call_end" : "tool_call_error", {
+        toolId: ctx.toolId,
+        toolName: ctx.toolName,
+        success: result.success,
+        error: result.error,
+        durationMs: ctx.timestamp ? Date.now() - ctx.timestamp.getTime() : void 0,
+        inputTokens: result.inputTokens,
+        outputTokens: result.outputTokens,
+        costUsd: result.costUsd
+      });
+    } catch {
+    }
+  }
+  /**
+   * BEFORE an LLM call — inject knowledge base context
+   */
+  async getKnowledgeContext(userMessage) {
+    if (!this.config.knowledgeBaseEnabled) return null;
+    try {
+      const result = await this.apiCall("/api/engine/knowledge-bases/context", "POST", {
+        agentId: this.config.agentId,
+        query: userMessage,
+        maxTokens: this.config.kbMaxTokens
+      });
+      return result.context || null;
+    } catch {
+      return null;
+    }
+  }
+  /**
+   * ON session start
+   */
+  async onSessionStart(sessionId) {
+    try {
+      await this.recordActivity("session_start", { sessionId });
+    } catch {
+    }
+  }
+  /**
+   * ON session end
+   */
+  async onSessionEnd(sessionId) {
+    try {
+      await this.recordActivity("session_end", { sessionId });
+    } catch {
+    }
+  }
+  /**
+   * Record a conversation message
+   */
+  async recordMessage(opts) {
+    try {
+      await this.apiCall("/api/engine/activity/record-message", "POST", {
+        agentId: this.config.agentId,
+        ...opts
+      });
+    } catch {
+    }
+  }
+  /**
+   * Get the tool policy for this agent (used on startup to configure OpenClaw)
+   */
+  async getToolPolicy() {
+    try {
+      return await this.apiCall(`/api/engine/permissions/${this.config.agentId}/policy`, "GET");
+    } catch {
+      return null;
+    }
+  }
+  /**
+   * Check if engine is reachable
+   */
+  async healthCheck() {
+    try {
+      const result = await this.apiCall("/health", "GET");
+      this.connected = result.status === "ok";
+      return this.connected;
+    } catch {
+      this.connected = false;
+      return false;
+    }
+  }
+  // ─── Private ──────────────────────────────────────────
+  async requestApproval(ctx) {
+    try {
+      const result = await this.apiCall("/api/engine/approvals/request", "POST", {
+        agentId: this.config.agentId,
+        agentName: this.config.agentId,
+        toolId: ctx.toolId,
+        toolName: ctx.toolName,
+        parameters: ctx.parameters,
+        context: `Session ${ctx.sessionId}`
+      });
+      if (result.request?.id) {
+        const start = Date.now();
+        while (Date.now() - start < 3e5) {
+          await new Promise((r) => setTimeout(r, 3e3));
+          const check = await this.apiCall(`/api/engine/approvals/${result.request.id}`, "GET");
+          if (check.request?.status !== "pending") return check.request;
+        }
+        return { status: "expired" };
+      }
+      return null;
+    } catch {
+      return null;
+    }
+  }
+  async recordToolCallStart(ctx) {
+    if (!this.config.activityStreamEnabled) return;
+    try {
+      await this.recordActivity("tool_call_start", {
+        toolId: ctx.toolId,
+        toolName: ctx.toolName,
+        sessionId: ctx.sessionId
+      });
+    } catch {
+    }
+  }
+  async recordActivity(type, data) {
+    try {
+      await this.apiCall("/api/engine/activity/record", "POST", {
+        agentId: this.config.agentId,
+        orgId: this.config.orgId,
+        type,
+        data
+      });
+    } catch {
+    }
+  }
+  isExternalAction(toolId) {
+    const externalTools = [
+      "agenticmail_send",
+      "agenticmail_reply",
+      "agenticmail_forward",
+      "agenticmail_sms_send",
+      "message",
+      "tts"
+    ];
+    return externalTools.includes(toolId);
+  }
+  async apiCall(path, method, body) {
+    const opts = {
+      method,
+      headers: {
+        "Content-Type": "application/json",
+        ...this.config.apiToken ? { "Authorization": `Bearer ${this.config.apiToken}` } : {}
+      },
+      signal: AbortSignal.timeout(5e3)
+    };
+    if (body && method !== "GET") opts.body = JSON.stringify(body);
+    const resp = await fetch(`${this.config.engineUrl}${path}`, opts);
+    return resp.json();
+  }
+};
+function createEnterpriseHook(config) {
+  return new EnterpriseHook(config);
+}
+
+// src/engine/agenticmail-bridge.ts
+init_tool_catalog();
+var AgenticMailBridge = class {
+  hook;
+  config;
+  toolPolicy = null;
+  sessionId = "";
+  rateLimiter = { count: 0, resetAt: 0 };
+  constructor(config) {
+    this.config = config;
+    this.hook = new EnterpriseHook(config);
+  }
+  /**
+   * Initialize the bridge — load config, verify connection
+   */
+  async initialize() {
+    const connected = await this.hook.healthCheck();
+    if (connected && this.config.autoConfigureTools !== false) {
+      this.toolPolicy = await this.hook.getToolPolicy();
+    }
+    if (this.config.verbose) {
+      console.log(`[Enterprise] Bridge initialized. Connected: ${connected}`);
+      if (this.toolPolicy) {
+        console.log(`[Enterprise] Tool policy: ${this.toolPolicy.allowedTools.length} allowed, ${this.toolPolicy.blockedTools.length} blocked`);
+      }
+    }
+    return { connected, toolPolicy: this.toolPolicy };
+  }
+  /**
+   * Get a tool interceptor that can be registered with OpenClaw
+   */
+  getInterceptor() {
+    return {
+      beforeTool: async (toolId, params, sessionId) => {
+        this.sessionId = sessionId;
+        if (this.toolPolicy?.blockedTools.includes(toolId)) {
+          if (this.config.verbose) console.log(`[Enterprise] BLOCKED: ${toolId} (policy)`);
+          return { allowed: false, reason: `Tool "${toolId}" is blocked by enterprise policy` };
+        }
+        const now = Date.now();
+        if (now > this.rateLimiter.resetAt) {
+          this.rateLimiter = { count: 0, resetAt: now + 6e4 };
+        }
+        this.rateLimiter.count++;
+        const limit = this.toolPolicy?.rateLimits?.toolCallsPerMinute || 120;
+        if (this.rateLimiter.count > limit) {
+          return { allowed: false, reason: `Rate limit exceeded: ${this.rateLimiter.count}/${limit} calls/min` };
+        }
+        const result = await this.hook.beforeToolCall({
+          toolId,
+          toolName: toolId,
+          parameters: params,
+          sessionId,
+          timestamp: /* @__PURE__ */ new Date()
+        });
+        if (this.config.verbose && !result.allowed) {
+          console.log(`[Enterprise] BLOCKED: ${toolId} \u2014 ${result.reason}`);
+        }
+        return {
+          allowed: result.allowed,
+          reason: result.reason,
+          modifiedParams: result.modifiedParameters
+        };
+      },
+      afterTool: async (toolId, params, result, sessionId) => {
+        await this.hook.afterToolCall(
+          { toolId, toolName: toolId, parameters: params, sessionId, timestamp: /* @__PURE__ */ new Date() },
+          {
+            success: !result?.error,
+            output: typeof result === "string" ? result : JSON.stringify(result)?.slice(0, 500),
+            error: result?.error
+          }
+        );
+      }
+    };
+  }
+  /**
+   * Get knowledge base context to inject before LLM call
+   */
+  async getKBContext(userMessage) {
+    return this.hook.getKnowledgeContext(userMessage);
+  }
+  /**
+   * Generate coordination context for the agent's system prompt
+   */
+  getCoordinationContext() {
+    if (!this.config.injectCoordinationContext) return "";
+    const blocked = this.toolPolicy?.blockedTools || [];
+    const needsApproval = this.toolPolicy?.approvalRequired || [];
+    let ctx = "\n<enterprise-context>\n";
+    ctx += "\u{1F3E2} This agent is managed by AgenticMail Enterprise.\n";
+    if (blocked.length > 0) {
+      ctx += `\u26D4 Blocked tools (do not attempt): ${blocked.join(", ")}
+`;
+    }
+    if (needsApproval.length > 0) {
+      ctx += `\u26A0\uFE0F Tools requiring human approval: ${needsApproval.join(", ")}
+`;
+      ctx += "When using these tools, the call will pause until a human approves or denies.\n";
+    }
+    ctx += "</enterprise-context>\n";
+    return ctx;
+  }
+  /**
+   * Notify engine of session lifecycle
+   */
+  async onSessionStart(sessionId) {
+    this.sessionId = sessionId;
+    await this.hook.onSessionStart(sessionId);
+  }
+  async onSessionEnd(sessionId) {
+    await this.hook.onSessionEnd(sessionId);
+  }
+  /**
+   * Record a message in the conversation log
+   */
+  async recordMessage(role, content, opts) {
+    await this.hook.recordMessage({
+      sessionId: this.sessionId,
+      role,
+      content,
+      channel: opts?.channel,
+      tokenCount: opts?.tokenCount || Math.ceil(content.length / 4)
+    });
+  }
+  /**
+   * Get the loaded tool policy
+   */
+  getToolPolicy() {
+    return this.toolPolicy;
+  }
+  /**
+   * Generate OpenClaw-compatible config for tools.allow / tools.deny
+   * This is what gets written to the gateway config
+   */
+  getOpenClawToolConfig() {
+    if (!this.toolPolicy) return {};
+    return generateOpenClawToolPolicy(
+      this.toolPolicy.allowedTools,
+      this.toolPolicy.blockedTools
+    );
+  }
+};
+async function createAgenticMailBridge(config) {
+  const bridge = new AgenticMailBridge({
+    autoConfigureTools: true,
+    injectCoordinationContext: true,
+    verbose: false,
+    failMode: "open",
+    permissionCacheTtlSec: 30,
+    kbMaxTokens: 2e3,
+    knowledgeBaseEnabled: true,
+    activityStreamEnabled: true,
+    ...config
+  });
+  await bridge.initialize();
+  return bridge;
+}
+export {
+  AGENTICMAIL_TOOLS,
+  ALL_TOOLS,
+  ActivityTracker,
+  AgentConfigGenerator,
+  AgentLifecycleManager,
+  AgenticMailBridge,
+  ApprovalEngine,
+  BUILTIN_SKILLS,
+  CircuitBreaker,
+  CircuitOpenError,
+  DatabaseAdapter,
+  DeploymentEngine,
+  ENGINE_TABLES,
+  ENGINE_TABLES_POSTGRES,
+  EngineDatabase,
+  EnterpriseHook,
+  HealthMonitor,
+  KeyedRateLimiter,
+  KnowledgeBaseEngine,
+  MIGRATIONS,
+  MIGRATIONS_TABLE,
+  MIGRATIONS_TABLE_POSTGRES,
+  OPENCLAW_CORE_TOOLS,
+  PLAN_LIMITS,
+  PRESET_PROFILES,
+  PermissionEngine,
+  RateLimiter,
+  TOOL_INDEX,
+  TenantManager,
+  ValidationError,
+  auditLogger,
+  createAdapter,
+  createAdminRoutes,
+  createAgenticMailBridge,
+  createAuthRoutes,
+  createEnterpriseHook,
+  createServer,
+  deployToCloud,
+  errorHandler,
+  generateDockerCompose,
+  generateFlyToml,
+  generateOpenClawToolPolicy,
+  getSupportedDatabases,
+  getToolsBySkill,
+  rateLimiter,
+  requestIdMiddleware,
+  requestLogger,
+  requireRole,
+  securityHeaders,
+  sqliteToMySQL,
+  sqliteToPostgres,
+  validate,
+  withRetry
+};