@agenticmail/enterprise 0.5.298 → 0.5.299

package/src/admin/routes.ts

@@ -2137,6 +2137,262 @@ export function createAdminRoutes(db: DatabaseAdapter) {
     }
   });
 
+  // ─── Client Organizations ─────────────────────────────
+
+  api.get('/organizations', requireRole('admin'), async (c) => {
+    try {
+      const isPostgres = (db as any).pool;
+      if (isPostgres) {
+        const { rows } = await (db as any)._query(`
+          SELECT o.*, COUNT(a.id) as agent_count
+          FROM client_organizations o
+          LEFT JOIN agents a ON a.client_org_id = o.id
+          GROUP BY o.id
+          ORDER BY o.created_at DESC
+        `);
+        return c.json({ organizations: rows });
+      } else {
+        const engineDb = db.getEngineDB();
+        const rows = await engineDb!.all(`
+          SELECT o.*, COUNT(a.id) as agent_count
+          FROM client_organizations o
+          LEFT JOIN agents a ON a.client_org_id = o.id
+          GROUP BY o.id
+          ORDER BY o.created_at DESC
+        `);
+        return c.json({ organizations: rows });
+      }
+    } catch (e: any) {
+      return c.json({ error: e.message }, 500);
+    }
+  });
+
+  api.post('/organizations', requireRole('admin'), async (c) => {
+    const body = await c.req.json();
+    validate(body, [
+      { field: 'name', type: 'string', required: true, minLength: 1, maxLength: 128 },
+      { field: 'slug', type: 'string', required: true, minLength: 1, maxLength: 64, pattern: /^[a-z0-9-]+$/ },
+      { field: 'contact_name', type: 'string', maxLength: 128 },
+      { field: 'contact_email', type: 'email' },
+      { field: 'description', type: 'string', maxLength: 512 },
+    ]);
+    const id = (await import('crypto')).randomUUID();
+    try {
+      const isPostgres = (db as any).pool;
+      if (isPostgres) {
+        await (db as any)._query(
+          `INSERT INTO client_organizations (id, name, slug, contact_name, contact_email, description) VALUES ($1, $2, $3, $4, $5, $6)`,
+          [id, body.name, body.slug, body.contact_name || null, body.contact_email || null, body.description || null]
+        );
+        const { rows } = await (db as any)._query(`SELECT * FROM client_organizations WHERE id = $1`, [id]);
+        return c.json(rows[0], 201);
+      } else {
+        const engineDb = db.getEngineDB();
+        await engineDb!.run(
+          `INSERT INTO client_organizations (id, name, slug, contact_name, contact_email, description) VALUES (?, ?, ?, ?, ?, ?)`,
+          [id, body.name, body.slug, body.contact_name || null, body.contact_email || null, body.description || null]
+        );
+        const row = await engineDb!.get(`SELECT * FROM client_organizations WHERE id = ?`, [id]);
+        return c.json(row, 201);
+      }
+    } catch (e: any) {
+      if (e.message?.includes('UNIQUE') || e.code === '23505') return c.json({ error: 'Slug already exists' }, 409);
+      return c.json({ error: e.message }, 500);
+    }
+  });
+
+  api.get('/organizations/:id', requireRole('admin'), async (c) => {
+    const id = c.req.param('id');
+    try {
+      const isPostgres = (db as any).pool;
+      if (isPostgres) {
+        const { rows: orgs } = await (db as any)._query(`SELECT * FROM client_organizations WHERE id = $1`, [id]);
+        if (!orgs[0]) return c.json({ error: 'Organization not found' }, 404);
+        const { rows: agents } = await (db as any)._query(`SELECT id, name, email, role, status FROM agents WHERE client_org_id = $1`, [id]);
+        return c.json({ ...orgs[0], agents });
+      } else {
+        const engineDb = db.getEngineDB();
+        const org = await engineDb!.get(`SELECT * FROM client_organizations WHERE id = ?`, [id]);
+        if (!org) return c.json({ error: 'Organization not found' }, 404);
+        const agents = await engineDb!.all(`SELECT id, name, email, role, status FROM agents WHERE client_org_id = ?`, [id]);
+        return c.json({ ...(org as any), agents });
+      }
+    } catch (e: any) {
+      return c.json({ error: e.message }, 500);
+    }
+  });
+
+  api.patch('/organizations/:id', requireRole('admin'), async (c) => {
+    const id = c.req.param('id');
+    const body = await c.req.json();
+    validate(body, [
+      { field: 'name', type: 'string', minLength: 1, maxLength: 128 },
+      { field: 'contact_name', type: 'string', maxLength: 128 },
+      { field: 'contact_email', type: 'email' },
+      { field: 'description', type: 'string', maxLength: 512 },
+    ]);
+    try {
+      const fields: string[] = [];
+      const values: any[] = [];
+      const isPostgres = (db as any).pool;
+      let idx = 1;
+      for (const key of ['name', 'contact_name', 'contact_email', 'description']) {
+        if (body[key] !== undefined) {
+          fields.push(isPostgres ? `${key} = $${idx++}` : `${key} = ?`);
+          values.push(body[key]);
+        }
+      }
+      if (fields.length === 0) return c.json({ error: 'No fields to update' }, 400);
+      fields.push(isPostgres ? `updated_at = NOW()` : `updated_at = datetime('now')`);
+      values.push(id);
+      const where = isPostgres ? `$${idx}` : '?';
+      const sql = `UPDATE client_organizations SET ${fields.join(', ')} WHERE id = ${where}`;
+      if (isPostgres) {
+        await (db as any)._query(sql, values);
+        const { rows } = await (db as any)._query(`SELECT * FROM client_organizations WHERE id = $1`, [id]);
+        return c.json(rows[0]);
+      } else {
+        const engineDb = db.getEngineDB();
+        await engineDb!.run(sql, values);
+        const row = await engineDb!.get(`SELECT * FROM client_organizations WHERE id = ?`, [id]);
+        return c.json(row);
+      }
+    } catch (e: any) {
+      return c.json({ error: e.message }, 500);
+    }
+  });
+
+  api.post('/organizations/:id/toggle', requireRole('admin'), async (c) => {
+    const id = c.req.param('id');
+    try {
+      const isPostgres = (db as any).pool;
+      if (isPostgres) {
+        const { rows } = await (db as any)._query(`SELECT is_active FROM client_organizations WHERE id = $1`, [id]);
+        if (!rows[0]) return c.json({ error: 'Organization not found' }, 404);
+        const newActive = !rows[0].is_active;
+        await (db as any)._query(`UPDATE client_organizations SET is_active = $1, updated_at = NOW() WHERE id = $2`, [newActive, id]);
+        const newStatus = newActive ? 'active' : 'suspended';
+        await (db as any)._query(`UPDATE agents SET status = $1 WHERE client_org_id = $2`, [newStatus, id]);
+        return c.json({ is_active: newActive });
+      } else {
+        const engineDb = db.getEngineDB();
+        const org = await engineDb!.get<any>(`SELECT is_active FROM client_organizations WHERE id = ?`, [id]);
+        if (!org) return c.json({ error: 'Organization not found' }, 404);
+        const newActive = !(org.is_active);
+        await engineDb!.run(`UPDATE client_organizations SET is_active = ?, updated_at = datetime('now') WHERE id = ?`, [newActive ? 1 : 0, id]);
+        const newStatus = newActive ? 'active' : 'suspended';
+        await engineDb!.run(`UPDATE agents SET status = ? WHERE client_org_id = ?`, [newStatus, id]);
+        return c.json({ is_active: newActive });
+      }
+    } catch (e: any) {
+      return c.json({ error: e.message }, 500);
+    }
+  });
+
+  api.delete('/organizations/:id', requireRole('admin'), async (c) => {
+    const id = c.req.param('id');
+    try {
+      const isPostgres = (db as any).pool;
+      if (isPostgres) {
+        const { rows: agents } = await (db as any)._query(`SELECT id FROM agents WHERE client_org_id = $1`, [id]);
+        if (agents.length > 0) return c.json({ error: 'Cannot delete organization with linked agents. Unassign all agents first.' }, 400);
+        await (db as any)._query(`DELETE FROM client_organizations WHERE id = $1`, [id]);
+      } else {
+        const engineDb = db.getEngineDB();
+        const agents = await engineDb!.all(`SELECT id FROM agents WHERE client_org_id = ?`, [id]);
+        if (agents.length > 0) return c.json({ error: 'Cannot delete organization with linked agents. Unassign all agents first.' }, 400);
+        await engineDb!.run(`DELETE FROM client_organizations WHERE id = ?`, [id]);
+      }
+      return c.json({ success: true });
+    } catch (e: any) {
+      return c.json({ error: e.message }, 500);
+    }
+  });
+
+  // ─── Agent-Org Linking ──────────────────────────────────
+
+  api.post('/agents/:id/assign-org', requireRole('admin'), async (c) => {
+    const agentId = c.req.param('id');
+    const { orgId } = await c.req.json();
+    if (!orgId) return c.json({ error: 'orgId is required' }, 400);
+    try {
+      const isPostgres = (db as any).pool;
+      if (isPostgres) {
+        await (db as any)._query(`UPDATE agents SET client_org_id = $1 WHERE id = $2`, [orgId, agentId]);
+      } else {
+        await db.getEngineDB()!.run(`UPDATE agents SET client_org_id = ? WHERE id = ?`, [orgId, agentId]);
+      }
+      return c.json({ success: true });
+    } catch (e: any) {
+      return c.json({ error: e.message }, 500);
+    }
+  });
+
+  api.post('/agents/:id/unassign-org', requireRole('admin'), async (c) => {
+    const agentId = c.req.param('id');
+    try {
+      const isPostgres = (db as any).pool;
+      if (isPostgres) {
+        await (db as any)._query(`UPDATE agents SET client_org_id = NULL WHERE id = $1`, [agentId]);
+      } else {
+        await db.getEngineDB()!.run(`UPDATE agents SET client_org_id = NULL WHERE id = ?`, [agentId]);
+      }
+      return c.json({ success: true });
+    } catch (e: any) {
+      return c.json({ error: e.message }, 500);
+    }
+  });
+
+  // ─── Agent Knowledge Access ─────────────────────────────
+
+  api.get('/agents/:id/knowledge-access', requireRole('admin'), async (c) => {
+    const agentId = c.req.param('id');
+    try {
+      const isPostgres = (db as any).pool;
+      if (isPostgres) {
+        const { rows } = await (db as any)._query(`SELECT * FROM agent_knowledge_access WHERE agent_id = $1`, [agentId]);
+        return c.json({ grants: rows });
+      } else {
+        const rows = await db.getEngineDB()!.all(`SELECT * FROM agent_knowledge_access WHERE agent_id = ?`, [agentId]);
+        return c.json({ grants: rows });
+      }
+    } catch (e: any) {
+      return c.json({ error: e.message }, 500);
+    }
+  });
+
+  api.put('/agents/:id/knowledge-access', requireRole('admin'), async (c) => {
+    const agentId = c.req.param('id');
+    const { grants } = await c.req.json();
+    if (!Array.isArray(grants)) return c.json({ error: 'grants must be an array' }, 400);
+    try {
+      const isPostgres = (db as any).pool;
+      if (isPostgres) {
+        await (db as any)._query(`DELETE FROM agent_knowledge_access WHERE agent_id = $1`, [agentId]);
+        for (const g of grants) {
+          const id = (await import('crypto')).randomUUID();
+          await (db as any)._query(
+            `INSERT INTO agent_knowledge_access (id, agent_id, knowledge_base_id, access_type) VALUES ($1, $2, $3, $4)`,
+            [id, agentId, g.knowledgeBaseId, g.accessType || 'read']
+          );
+        }
+      } else {
+        const engineDb = db.getEngineDB()!;
+        await engineDb.run(`DELETE FROM agent_knowledge_access WHERE agent_id = ?`, [agentId]);
+        for (const g of grants) {
+          const id = (await import('crypto')).randomUUID();
+          await engineDb.run(
+            `INSERT INTO agent_knowledge_access (id, agent_id, knowledge_base_id, access_type) VALUES (?, ?, ?, ?)`,
+            [id, agentId, g.knowledgeBaseId, g.accessType || 'read']
+          );
+        }
+      }
+      return c.json({ success: true });
+    } catch (e: any) {
+      return c.json({ error: e.message }, 500);
+    }
+  });
+
   /** Stop and optionally delete tunnel */
   api.post('/tunnel/stop', requireRole('admin'), async (c) => {
     try {

package/src/dashboard/app.js

@@ -27,6 +27,7 @@ import { VaultPage } from './pages/vault.js';
 import { OrgChartPage } from './pages/org-chart.js';
 import { TaskPipelinePage } from './pages/task-pipeline.js';
 import { DatabaseAccessPage } from './pages/database-access.js';
+import { OrganizationsPage } from './pages/organizations.js';
 
 // ─── Toast System ────────────────────────────────────────
 let toastId = 0;
@@ -211,6 +212,7 @@ function App() {
     { section: 'Overview', items: [{ id: 'dashboard', icon: I.dashboard, label: 'Dashboard' }] },
     { section: 'Management', items: [
       { id: 'agents', icon: I.agents, label: 'Agents' },
+      { id: 'organizations', icon: I.building, label: 'Organizations' },
       { id: 'skills', icon: I.skills, label: 'Skills' },
       { id: 'community-skills', icon: I.marketplace, label: 'Community Skills' },
       { id: 'skill-connections', icon: I.link, label: 'Integrations & MCP' },
@@ -262,6 +264,7 @@ function App() {
     'org-chart': OrgChartPage,
     'task-pipeline': TaskPipelinePage,
     'database-access': DatabaseAccessPage,
+    organizations: OrganizationsPage,
   };
 
   const navigateToAgent = (agentId) => { _setSelectedAgentId(agentId); history.pushState(null, '', '/dashboard/agents/' + agentId); };

package/src/dashboard/components/icons.js

@@ -56,5 +56,6 @@ export const I = {
   chevronLeft: () => h('svg', S, h('polyline', { points: '15 18 9 12 15 6' })),
 chevronRight: () => h('svg', S, h('polyline', { points: '9 18 15 12 9 6' })),
 chevronDown: () => h('svg', S, h('polyline', { points: '6 9 12 15 18 9' })),
+  building: () => h('svg', S, h('path', { d: 'M3 21h18M3 10h18M3 7l9-4 9 4M4 10v11M20 10v11M8 14v.01M12 14v.01M16 14v.01M8 18v.01M12 18v.01M16 18v.01' })),
   edit: () => h('svg', S, h('path', { d: 'M11 4H4a2 2 0 0 0-2 2v14a2 2 0 0 0 2 2h14a2 2 0 0 0 2-2v-7' }), h('path', { d: 'M18.5 2.5a2.121 2.121 0 0 1 3 3L12 15l-4 1 1-4 9.5-9.5z' })),
 };

package/src/dashboard/pages/agent-detail/overview.js

@@ -363,6 +363,9 @@ export function OverviewSection(props) {
       )
     ),
 
+    // ─── Organization & Knowledge Access ──────────────────
+    h(OrgAndKnowledgeCards, { agentId: agentId, agent: agent, engineAgent: engineAgent, toast: toast }),
+
     // ─── Real-Time Status Card ────────────────────────────
     h('div', { className: 'card', style: { marginBottom: 20 } },
       h('div', { className: 'card-header', style: { display: 'flex', justifyContent: 'space-between', alignItems: 'center' } },
@@ -649,6 +652,113 @@ function _timeAgo(ts) {
   return Math.floor(diff / 3600000) + 'h ago';
 }
 
+// ─── Organization & Knowledge Access Cards ────────────────
+function OrgAndKnowledgeCards(props) {
+  var agentId = props.agentId;
+  var toast = props.toast;
+
+  var _orgs = useState([]);
+  var orgs = _orgs[0]; var setOrgs = _orgs[1];
+  var _currentOrg = useState(null);
+  var currentOrg = _currentOrg[0]; var setCurrentOrg = _currentOrg[1];
+  var _kbs = useState([]);
+  var kbs = _kbs[0]; var setKbs = _kbs[1];
+  var _kaGrants = useState([]);
+  var kaGrants = _kaGrants[0]; var setKaGrants = _kaGrants[1];
+  var _acting = useState('');
+  var acting = _acting[0]; var setActing = _acting[1];
+  var _selOrg = useState('');
+  var selOrg = _selOrg[0]; var setSelOrg = _selOrg[1];
+
+  useEffect(function() {
+    // Load orgs list
+    apiCall('/organizations').then(function(d) { setOrgs(d.organizations || []); }).catch(function() {});
+    // Load agent's current org
+    apiCall('/agents/' + agentId).then(function(a) {
+      if (a && a.client_org_id) {
+        setSelOrg(a.client_org_id);
+        apiCall('/organizations/' + a.client_org_id).then(function(o) { setCurrentOrg(o); }).catch(function() {});
+      }
+    }).catch(function() {});
+    // Load knowledge access
+    apiCall('/agents/' + agentId + '/knowledge-access').then(function(d) { setKaGrants(d.grants || []); }).catch(function() {});
+    // Load knowledge bases
+    engineCall('/knowledge').then(function(d) { setKbs(d.knowledgeBases || d || []); }).catch(function() {});
+  }, [agentId]);
+
+  var assignOrg = function(orgId) {
+    if (!orgId) {
+      setActing('unassign');
+      apiCall('/agents/' + agentId + '/unassign-org', { method: 'POST' }).then(function() {
+        setCurrentOrg(null); setSelOrg(''); toast('Organization unassigned', 'success');
+      }).catch(function(e) { toast(e.message, 'error'); }).finally(function() { setActing(''); });
+      return;
+    }
+    setActing('assign');
+    apiCall('/agents/' + agentId + '/assign-org', { method: 'POST', body: JSON.stringify({ orgId: orgId }) }).then(function() {
+      setSelOrg(orgId);
+      var org = orgs.find(function(o) { return o.id === orgId; });
+      setCurrentOrg(org || null);
+      toast('Organization assigned', 'success');
+    }).catch(function(e) { toast(e.message, 'error'); }).finally(function() { setActing(''); });
+  };
+
+  return h(Fragment, null,
+    h('div', { style: { display: 'grid', gridTemplateColumns: '1fr 1fr', gap: 16, marginBottom: 20 } },
+      // Organization card
+      h('div', { className: 'card' },
+        h('div', { className: 'card-header' }, 'Organization'),
+        h('div', { className: 'card-body' },
+          currentOrg
+            ? h('div', null,
+                h('div', { style: { fontWeight: 600, fontSize: 14, marginBottom: 4 } }, currentOrg.name),
+                h('div', { style: { fontSize: 12, color: 'var(--text-muted)', fontFamily: 'var(--font-mono, monospace)', marginBottom: 8 } }, currentOrg.slug),
+                h('span', { className: 'badge badge-' + (currentOrg.is_active ? 'success' : 'warning') }, currentOrg.is_active ? 'Active' : 'Inactive')
+              )
+            : h('div', { style: { fontSize: 13, color: 'var(--text-muted)', marginBottom: 8 } }, 'Unassigned'),
+          h('div', { style: { marginTop: 10 } },
+            h('select', { className: 'input', value: selOrg, disabled: !!acting, onChange: function(e) { assignOrg(e.target.value); }, style: { width: '100%', fontSize: 12 } },
+              h('option', { value: '' }, '— No organization —'),
+              orgs.map(function(o) { return h('option', { key: o.id, value: o.id }, o.name); })
+            )
+          )
+        )
+      ),
+      // Knowledge Access card
+      h('div', { className: 'card' },
+        h('div', { className: 'card-header' }, 'Knowledge Access'),
+        h('div', { className: 'card-body' },
+          kbs.length === 0
+            ? h('div', { style: { fontSize: 13, color: 'var(--text-muted)' } }, 'No knowledge bases configured')
+            : h('div', { style: { display: 'flex', flexDirection: 'column', gap: 6 } },
+                kbs.map(function(kb) {
+                  var grant = kaGrants.find(function(g) { return g.knowledge_base_id === kb.id; });
+                  var accessType = grant ? grant.access_type : '';
+                  return h('div', { key: kb.id, style: { display: 'flex', alignItems: 'center', justifyContent: 'space-between', padding: '4px 0', borderBottom: '1px solid var(--border)' } },
+                    h('span', { style: { fontSize: 13, fontWeight: 500 } }, kb.name || kb.id),
+                    h('select', { className: 'input', value: accessType, style: { width: 120, fontSize: 11, padding: '2px 6px' }, onChange: function(e) {
+                      var newVal = e.target.value;
+                      var newGrants = kaGrants.filter(function(g) { return g.knowledge_base_id !== kb.id; });
+                      if (newVal) newGrants.push({ knowledge_base_id: kb.id, access_type: newVal });
+                      var payload = newGrants.map(function(g) { return { knowledgeBaseId: g.knowledge_base_id, accessType: g.access_type }; });
+                      apiCall('/agents/' + agentId + '/knowledge-access', { method: 'PUT', body: JSON.stringify({ grants: payload }) })
+                        .then(function() { setKaGrants(newGrants); toast('Knowledge access updated', 'success'); })
+                        .catch(function(err) { toast(err.message, 'error'); });
+                    }},
+                      h('option', { value: '' }, 'No access'),
+                      h('option', { value: 'read' }, 'Read'),
+                      h('option', { value: 'contribute' }, 'Contribute'),
+                      h('option', { value: 'both' }, 'Both')
+                    )
+                  );
+                })
+              )
+        )
+      )
+    )
+  );
+}
+
 // Inject pulse animation CSS if not already present
 if (typeof document !== 'undefined' && !document.getElementById('_pulse_css')) {
   var style = document.createElement('style');