@agentlensai/server 0.7.0 → 0.9.0

package/dist/routes/agents.d.ts

@@ -1,8 +1,9 @@
 /**
- * Agent Endpoints (Story 4.7)
+ * Agent Endpoints (Story 4.7 + B1 — Story 1.2)
  *
- * GET /api/agents     — list all agents (with error rate from sessions)
- * GET /api/agents/:id — single agent
+ * GET  /api/agents          — list all agents (with error rate from sessions)
+ * GET  /api/agents/:id      — single agent
+ * PUT  /api/agents/:id/unpause — unpause an agent (clear paused_at, pause_reason, optionally model_override)
  */
 import { Hono } from 'hono';
 import type { IEventStore } from '@agentlensai/core';

package/dist/routes/agents.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"agents.d.ts","sourceRoot":"","sources":["../../src/routes/agents.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAC5B,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AACrD,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,uBAAuB,CAAC;AAG3D,wBAAgB,YAAY,CAAC,KAAK,EAAE,WAAW;eACX,aAAa;0CAmChD"}
+{"version":3,"file":"agents.d.ts","sourceRoot":"","sources":["../../src/routes/agents.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAC5B,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AACrD,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,uBAAuB,CAAC;AAG3D,wBAAgB,YAAY,CAAC,KAAK,EAAE,WAAW;eACX,aAAa;0CAsDhD"}

package/dist/routes/agents.js

@@ -1,8 +1,9 @@
 /**
- * Agent Endpoints (Story 4.7)
+ * Agent Endpoints (Story 4.7 + B1 — Story 1.2)
  *
- * GET /api/agents     — list all agents (with error rate from sessions)
- * GET /api/agents/:id — single agent
+ * GET  /api/agents          — list all agents (with error rate from sessions)
+ * GET  /api/agents/:id      — single agent
+ * PUT  /api/agents/:id/unpause — unpause an agent (clear paused_at, pause_reason, optionally model_override)
  */
 import { Hono } from 'hono';
 import { getTenantStore } from './tenant-helper.js';
@@ -12,15 +13,33 @@ export function agentsRoutes(store) {
     app.get('/', async (c) => {
         const tenantStore = getTenantStore(store, c);
         const agents = await tenantStore.listAgents();
-        // Enrich agents with error rate computed from their sessions
-        const enriched = await Promise.all(agents.map(async (agent) => {
-            const { sessions } = await tenantStore.querySessions({ agentId: agent.id, limit: 10000 });
-            const totalErrors = sessions.reduce((sum, s) => sum + s.errorCount, 0);
-            const totalEvents = sessions.reduce((sum, s) => sum + s.eventCount, 0);
-            const errorRate = totalEvents > 0 ? totalErrors / totalEvents : 0;
-            return { ...agent, errorRate };
-        }));
-        return c.json({ agents: enriched });
+        return c.json({ agents });
+    });
+    // PUT /api/agents/:id/unpause — Unpause an agent (B1 — Story 1.2)
+    app.put('/:id/unpause', async (c) => {
+        const tenantStore = getTenantStore(store, c);
+        const id = c.req.param('id');
+        // Verify agent exists (tenant-scoped)
+        const agent = await tenantStore.getAgent(id);
+        if (!agent) {
+            return c.json({ error: 'Agent not found', status: 404 }, 404);
+        }
+        // Parse optional body for clearModelOverride
+        let clearModelOverride = false;
+        try {
+            const body = await c.req.json().catch(() => ({}));
+            clearModelOverride = body?.clearModelOverride === true;
+        }
+        catch {
+            // No body or invalid JSON — that's fine
+        }
+        // Unpause by clearing pause fields via dedicated method
+        if ('unpauseAgent' in tenantStore && typeof tenantStore.unpauseAgent === 'function') {
+            await tenantStore.unpauseAgent(id, clearModelOverride);
+        }
+        // Return the updated agent
+        const updated = await tenantStore.getAgent(id);
+        return c.json(updated);
     });
     // GET /api/agents/:id — single agent
     app.get('/:id', async (c) => {

package/dist/routes/agents.js.map

@@ -1 +1 @@
-{"version":3,"file":"agents.js","sourceRoot":"","sources":["../../src/routes/agents.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAG5B,OAAO,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAC;AAEpD,MAAM,UAAU,YAAY,CAAC,KAAkB;IAC7C,MAAM,GAAG,GAAG,IAAI,IAAI,EAAgC,CAAC;IAErD,8DAA8D;IAC9D,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QACvB,MAAM,WAAW,GAAG,cAAc,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC;QAC7C,MAAM,MAAM,GAAG,MAAM,WAAW,CAAC,UAAU,EAAE,CAAC;QAE9C,6DAA6D;QAC7D,MAAM,QAAQ,GAAG,MAAM,OAAO,CAAC,GAAG,CAChC,MAAM,CAAC,GAAG,CAAC,KAAK,EAAE,KAAK,EAAE,EAAE;YACzB,MAAM,EAAE,QAAQ,EAAE,GAAG,MAAM,WAAW,CAAC,aAAa,CAAC,EAAE,OAAO,EAAE,KAAK,CAAC,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC,CAAC;YAC1F,MAAM,WAAW,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,CAAC,UAAU,EAAE,CAAC,CAAC,CAAC;YACvE,MAAM,WAAW,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,CAAC,UAAU,EAAE,CAAC,CAAC,CAAC;YACvE,MAAM,SAAS,GAAG,WAAW,GAAG,CAAC,CAAC,CAAC,CAAC,WAAW,GAAG,WAAW,CAAC,CAAC,CAAC,CAAC,CAAC;YAClE,OAAO,EAAE,GAAG,KAAK,EAAE,SAAS,EAAE,CAAC;QACjC,CAAC,CAAC,CACH,CAAC;QAEF,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,QAAQ,EAAE,CAAC,CAAC;IACtC,CAAC,CAAC,CAAC;IAEH,qCAAqC;IACrC,GAAG,CAAC,GAAG,CAAC,MAAM,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QAC1B,MAAM,WAAW,GAAG,cAAc,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC;QAC7C,MAAM,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAC7B,MAAM,KAAK,GAAG,MAAM,WAAW,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;QAE7C,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,iBAAiB,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE,GAAG,CAAC,CAAC;QAChE,CAAC;QAED,OAAO,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IACvB,CAAC,CAAC,CAAC;IAEH,OAAO,GAAG,CAAC;AACb,CAAC"}
+{"version":3,"file":"agents.js","sourceRoot":"","sources":["../../src/routes/agents.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAG5B,OAAO,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAC;AAEpD,MAAM,UAAU,YAAY,CAAC,KAAkB;IAC7C,MAAM,GAAG,GAAG,IAAI,IAAI,EAAgC,CAAC;IAErD,8DAA8D;IAC9D,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QACvB,MAAM,WAAW,GAAG,cAAc,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC;QAC7C,MAAM,MAAM,GAAG,MAAM,WAAW,CAAC,UAAU,EAAE,CAAC;QAE9C,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC,CAAC;IAC5B,CAAC,CAAC,CAAC;IAEH,kEAAkE;IAClE,GAAG,CAAC,GAAG,CAAC,cAAc,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QAClC,MAAM,WAAW,GAAG,cAAc,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC;QAC7C,MAAM,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAE7B,sCAAsC;QACtC,MAAM,KAAK,GAAG,MAAM,WAAW,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;QAC7C,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,iBAAiB,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE,GAAG,CAAC,CAAC;QAChE,CAAC;QAED,6CAA6C;QAC7C,IAAI,kBAAkB,GAAG,KAAK,CAAC;QAC/B,IAAI,CAAC;YACH,MAAM,IAAI,GAAG,MAAM,CAAC,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YAClD,kBAAkB,GAAG,IAAI,EAAE,kBAAkB,KAAK,IAAI,CAAC;QACzD,CAAC;QAAC,MAAM,CAAC;YACP,wCAAwC;QAC1C,CAAC;QAED,wDAAwD;QACxD,IAAI,cAAc,IAAI,WAAW,IAAI,OAAO,WAAW,CAAC,YAAY,KAAK,UAAU,EAAE,CAAC;YACpF,MAAO,WAAmF,CAAC,YAAY,CAAC,EAAE,EAAE,kBAAkB,CAAC,CAAC;QAClI,CAAC;QAED,2BAA2B;QAC3B,MAAM,OAAO,GAAG,MAAM,WAAW,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;QAC/C,OAAO,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IACzB,CAAC,CAAC,CAAC;IAEH,qCAAqC;IACrC,GAAG,CAAC,GAAG,CAAC,MAAM,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QAC1B,MAAM,WAAW,GAAG,cAAc,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC;QAC7C,MAAM,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAC7B,MAAM,KAAK,GAAG,MAAM,WAAW,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;QAE7C,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,iBAAiB,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE,GAAG,CAAC,CAAC;QAChE,CAAC;QAED,OAAO,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IACvB,CAAC,CAAC,CAAC;IAEH,OAAO,GAAG,CAAC;AACb,CAAC"}

package/dist/routes/audit.d.ts

@@ -0,0 +1,15 @@
+/**
+ * Sharing Audit & Export Routes (Story 7.4)
+ *
+ * GET  /api/community/audit          — query audit log with filters
+ * GET  /api/community/audit/export   — JSON export of sharing audit events
+ * GET  /api/community/alerts         — get volume alert config
+ * PUT  /api/community/alerts         — update volume alert config
+ */
+import { Hono } from 'hono';
+import type { AuthVariables } from '../middleware/auth.js';
+import type { SqliteDb } from '../db/index.js';
+export declare function auditRoutes(db: SqliteDb): Hono<{
+    Variables: AuthVariables;
+}, import("hono/types").BlankSchema, "/">;
+//# sourceMappingURL=audit.d.ts.map

package/dist/routes/audit.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"audit.d.ts","sourceRoot":"","sources":["../../src/routes/audit.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAE5B,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,uBAAuB,CAAC;AAC3D,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,gBAAgB,CAAC;AAI/C,wBAAgB,WAAW,CAAC,EAAE,EAAE,QAAQ;eACJ,aAAa;0CA4LhD"}

package/dist/routes/audit.js

@@ -0,0 +1,177 @@
+/**
+ * Sharing Audit & Export Routes (Story 7.4)
+ *
+ * GET  /api/community/audit          — query audit log with filters
+ * GET  /api/community/audit/export   — JSON export of sharing audit events
+ * GET  /api/community/alerts         — get volume alert config
+ * PUT  /api/community/alerts         — update volume alert config
+ */
+import { Hono } from 'hono';
+import { eq, and, gte, lte, desc } from 'drizzle-orm';
+import * as schema from '../db/schema.sqlite.js';
+export function auditRoutes(db) {
+    const app = new Hono();
+    function getTenantId(c) {
+        return c.get('apiKey')?.tenantId ?? 'default';
+    }
+    // ─── GET /audit — query audit log with filters ─────
+    app.get('/', async (c) => {
+        const tenantId = getTenantId(c);
+        const eventType = c.req.query('type');
+        const agentId = c.req.query('agentId');
+        const dateFrom = c.req.query('dateFrom');
+        const dateTo = c.req.query('dateTo');
+        const limitStr = c.req.query('limit');
+        const offsetStr = c.req.query('offset');
+        const limit = limitStr ? Math.min(Math.max(1, parseInt(limitStr, 10) || 50), 500) : 50;
+        const offset = offsetStr ? Math.max(0, parseInt(offsetStr, 10) || 0) : 0;
+        // Query all rows for this tenant, then filter in JS (sqlite doesn't have great dynamic WHERE)
+        let rows = db
+            .select()
+            .from(schema.sharingAuditLog)
+            .where(eq(schema.sharingAuditLog.tenantId, tenantId))
+            .all();
+        // Apply filters
+        if (eventType) {
+            rows = rows.filter((r) => r.eventType === eventType);
+        }
+        if (agentId) {
+            // agentId filtering: match initiatedBy field
+            rows = rows.filter((r) => r.initiatedBy === agentId);
+        }
+        if (dateFrom) {
+            rows = rows.filter((r) => r.timestamp >= dateFrom);
+        }
+        if (dateTo) {
+            rows = rows.filter((r) => r.timestamp <= dateTo);
+        }
+        // Sort by timestamp descending
+        rows.sort((a, b) => b.timestamp.localeCompare(a.timestamp));
+        const total = rows.length;
+        const paged = rows.slice(offset, offset + limit);
+        const events = paged.map((r) => ({
+            id: r.id,
+            tenantId: r.tenantId,
+            eventType: r.eventType,
+            lessonId: r.lessonId ?? undefined,
+            anonymousLessonId: r.anonymousLessonId ?? undefined,
+            lessonHash: r.lessonHash ?? undefined,
+            redactionFindings: r.redactionFindings ? JSON.parse(r.redactionFindings) : undefined,
+            queryText: r.queryText ?? undefined,
+            resultIds: r.resultIds ? JSON.parse(r.resultIds) : undefined,
+            poolEndpoint: r.poolEndpoint ?? undefined,
+            initiatedBy: r.initiatedBy ?? 'system',
+            timestamp: r.timestamp,
+        }));
+        return c.json({ events, total, hasMore: offset + paged.length < total });
+    });
+    // ─── GET /audit/export — JSON export ───────────────
+    app.get('/export', async (c) => {
+        const tenantId = getTenantId(c);
+        const type = c.req.query('type'); // optional filter by event type
+        let rows = db
+            .select()
+            .from(schema.sharingAuditLog)
+            .where(eq(schema.sharingAuditLog.tenantId, tenantId))
+            .all();
+        if (type) {
+            rows = rows.filter((r) => r.eventType === type);
+        }
+        rows.sort((a, b) => b.timestamp.localeCompare(a.timestamp));
+        const events = rows.map((r) => ({
+            id: r.id,
+            tenantId: r.tenantId,
+            eventType: r.eventType,
+            lessonId: r.lessonId,
+            anonymousLessonId: r.anonymousLessonId,
+            lessonHash: r.lessonHash,
+            redactionFindings: r.redactionFindings ? JSON.parse(r.redactionFindings) : null,
+            queryText: r.queryText,
+            resultIds: r.resultIds ? JSON.parse(r.resultIds) : null,
+            poolEndpoint: r.poolEndpoint,
+            initiatedBy: r.initiatedBy,
+            timestamp: r.timestamp,
+        }));
+        c.header('Content-Type', 'application/json');
+        c.header('Content-Disposition', `attachment; filename="audit-export-${tenantId}-${new Date().toISOString().slice(0, 10)}.json"`);
+        return c.json({ exportedAt: new Date().toISOString(), tenantId, count: events.length, events });
+    });
+    // ─── GET /alerts — get volume alert config ─────────
+    app.get('/alerts', async (c) => {
+        const tenantId = getTenantId(c);
+        const config = db
+            .select()
+            .from(schema.sharingConfig)
+            .where(eq(schema.sharingConfig.tenantId, tenantId))
+            .get();
+        return c.json({
+            threshold: config?.volumeAlertThreshold ?? 100,
+            rateLimitPerHour: config?.rateLimitPerHour ?? 50,
+            enabled: config?.enabled ?? false,
+        });
+    });
+    // ─── PUT /alerts — update volume alert config ──────
+    app.put('/alerts', async (c) => {
+        const tenantId = getTenantId(c);
+        let body;
+        try {
+            body = await c.req.json();
+        }
+        catch {
+            return c.json({ error: 'Invalid JSON body' }, 400);
+        }
+        const updates = {};
+        if (body.threshold !== undefined) {
+            const val = Number(body.threshold);
+            if (isNaN(val) || val < 1)
+                return c.json({ error: 'threshold must be >= 1' }, 400);
+            updates.volumeAlertThreshold = val;
+        }
+        if (body.rateLimitPerHour !== undefined) {
+            const val = Number(body.rateLimitPerHour);
+            if (isNaN(val) || val < 1)
+                return c.json({ error: 'rateLimitPerHour must be >= 1' }, 400);
+            updates.rateLimitPerHour = val;
+        }
+        if (Object.keys(updates).length === 0) {
+            return c.json({ error: 'No valid fields to update' }, 400);
+        }
+        const existing = db
+            .select()
+            .from(schema.sharingConfig)
+            .where(eq(schema.sharingConfig.tenantId, tenantId))
+            .get();
+        const now = new Date().toISOString();
+        if (existing) {
+            db.update(schema.sharingConfig)
+                .set({ ...updates, updatedAt: now })
+                .where(eq(schema.sharingConfig.tenantId, tenantId))
+                .run();
+        }
+        else {
+            db.insert(schema.sharingConfig).values({
+                tenantId,
+                enabled: false,
+                humanReviewEnabled: false,
+                poolEndpoint: null,
+                anonymousContributorId: null,
+                purgeToken: null,
+                rateLimitPerHour: updates.rateLimitPerHour ?? 50,
+                volumeAlertThreshold: updates.volumeAlertThreshold ?? 100,
+                updatedAt: now,
+            }).run();
+        }
+        const config = db
+            .select()
+            .from(schema.sharingConfig)
+            .where(eq(schema.sharingConfig.tenantId, tenantId))
+            .get();
+        return c.json({
+            threshold: config?.volumeAlertThreshold ?? 100,
+            rateLimitPerHour: config?.rateLimitPerHour ?? 50,
+            enabled: config?.enabled ?? false,
+        });
+    });
+    return app;
+}
+//# sourceMappingURL=audit.js.map

package/dist/routes/audit.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"audit.js","sourceRoot":"","sources":["../../src/routes/audit.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAC5B,OAAO,EAAE,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE,MAAM,aAAa,CAAC;AAGtD,OAAO,KAAK,MAAM,MAAM,wBAAwB,CAAC;AAGjD,MAAM,UAAU,WAAW,CAAC,EAAY;IACtC,MAAM,GAAG,GAAG,IAAI,IAAI,EAAgC,CAAC;IAErD,SAAS,WAAW,CAAC,CAA4D;QAC/E,OAAO,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,QAAQ,IAAI,SAAS,CAAC;IAChD,CAAC;IAED,sDAAsD;IAEtD,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QACvB,MAAM,QAAQ,GAAG,WAAW,CAAC,CAAC,CAAC,CAAC;QAChC,MAAM,SAAS,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QACtC,MAAM,OAAO,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;QACvC,MAAM,QAAQ,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;QACzC,MAAM,MAAM,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;QACrC,MAAM,QAAQ,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QACtC,MAAM,SAAS,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;QAExC,MAAM,KAAK,GAAG,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,QAAQ,CAAC,QAAQ,EAAE,EAAE,CAAC,IAAI,EAAE,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;QACvF,MAAM,MAAM,GAAG,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,QAAQ,CAAC,SAAS,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QAEzE,8FAA8F;QAC9F,IAAI,IAAI,GAAG,EAAE;aACV,MAAM,EAAE;aACR,IAAI,CAAC,MAAM,CAAC,eAAe,CAAC;aAC5B,KAAK,CAAC,EAAE,CAAC,MAAM,CAAC,eAAe,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;aACpD,GAAG,EAAE,CAAC;QAET,gBAAgB;QAChB,IAAI,SAAS,EAAE,CAAC;YACd,IAAI,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,KAAK,SAAS,CAAC,CAAC;QACvD,CAAC;QACD,IAAI,OAAO,EAAE,CAAC;YACZ,6CAA6C;YAC7C,IAAI,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,KAAK,OAAO,CAAC,CAAC;QACvD,CAAC;QACD,IAAI,QAAQ,EAAE,CAAC;YACb,IAAI,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,IAAI,QAAQ,CAAC,CAAC;QACrD,CAAC;QACD,IAAI,MAAM,EAAE,CAAC;YACX,IAAI,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,IAAI,MAAM,CAAC,CAAC;QACnD,CAAC;QAED,+BAA+B;QAC/B,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,aAAa,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC;QAE5D,MAAM,KAAK,GAAG,IAAI,CAAC,MAAM,CAAC;QAC1B,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,MAAM,GAAG,KAAK,CAAC,CAAC;QAEjD,MAAM,MAAM,GAAwB,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACpD,EAAE,EAAE,CAAC,CAAC,EAAE;YACR,QAAQ,EAAE,CAAC,CAAC,QAAQ;YACpB,SAAS,EAAE,CAAC,CAAC,SAA2C;YACxD,QAAQ,EAAE,CAAC,CAAC,QAAQ,IAAI,SAAS;YACjC,iBAAiB,EAAE,CAAC,CAAC,iBAAiB,IAAI,SAAS;YACnD,UAAU,EAAE,CAAC,CAAC,UAAU,IAAI,SAAS;YACrC,iBAAiB,EAAE,CAAC,CAAC,iBAAiB,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,iBAAiB,CAAC,CAAC,CAAC,CAAC,SAAS;YACpF,SAAS,EAAE,CAAC,CAAC,SAAS,IAAI,SAAS;YACnC,SAAS,EAAE,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,SAAS;YAC5D,YAAY,EAAE,CAAC,CAAC,YAAY,IAAI,SAAS;YACzC,WAAW,EAAE,CAAC,CAAC,WAAW,IAAI,QAAQ;YACtC,SAAS,EAAE,CAAC,CAAC,SAAS;SACvB,CAAC,CAAC,CAAC;QAEJ,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,MAAM,GAAG,KAAK,CAAC,MAAM,GAAG,KAAK,EAAE,CAAC,CAAC;IAC3E,CAAC,CAAC,CAAC;IAEH,sDAAsD;IAEtD,GAAG,CAAC,GAAG,CAAC,SAAS,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QAC7B,MAAM,QAAQ,GAAG,WAAW,CAAC,CAAC,CAAC,CAAC;QAChC,MAAM,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,gCAAgC;QAElE,IAAI,IAAI,GAAG,EAAE;aACV,MAAM,EAAE;aACR,IAAI,CAAC,MAAM,CAAC,eAAe,CAAC;aAC5B,KAAK,CAAC,EAAE,CAAC,MAAM,CAAC,eAAe,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;aACpD,GAAG,EAAE,CAAC;QAET,IAAI,IAAI,EAAE,CAAC;YACT,IAAI,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,KAAK,IAAI,CAAC,CAAC;QAClD,CAAC;QAED,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,aAAa,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC;QAE5D,MAAM,MAAM,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YAC9B,EAAE,EAAE,CAAC,CAAC,EAAE;YACR,QAAQ,EAAE,CAAC,CAAC,QAAQ;YACpB,SAAS,EAAE,CAAC,CAAC,SAAS;YACtB,QAAQ,EAAE,CAAC,CAAC,QAAQ;YACpB,iBAAiB,EAAE,CAAC,CAAC,iBAAiB;YACtC,UAAU,EAAE,CAAC,CAAC,UAAU;YACxB,iBAAiB,EAAE,CAAC,CAAC,iBAAiB,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,iBAAiB,CAAC,CAAC,CAAC,CAAC,IAAI;YAC/E,SAAS,EAAE,CAAC,CAAC,SAAS;YACtB,SAAS,EAAE,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,IAAI;YACvD,YAAY,EAAE,CAAC,CAAC,YAAY;YAC5B,WAAW,EAAE,CAAC,CAAC,WAAW;YAC1B,SAAS,EAAE,CAAC,CAAC,SAAS;SACvB,CAAC,CAAC,CAAC;QAEJ,CAAC,CAAC,MAAM,CAAC,cAAc,EAAE,kBAAkB,CAAC,CAAC;QAC7C,CAAC,CAAC,MAAM,CAAC,qBAAqB,EAAE,sCAAsC,QAAQ,IAAI,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,QAAQ,CAAC,CAAC;QACjI,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,UAAU,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,EAAE,CAAC,CAAC;IAClG,CAAC,CAAC,CAAC;IAEH,sDAAsD;IAEtD,GAAG,CAAC,GAAG,CAAC,SAAS,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QAC7B,MAAM,QAAQ,GAAG,WAAW,CAAC,CAAC,CAAC,CAAC;QAChC,MAAM,MAAM,GAAG,EAAE;aACd,MAAM,EAAE;aACR,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC;aAC1B,KAAK,CAAC,EAAE,CAAC,MAAM,CAAC,aAAa,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;aAClD,GAAG,EAAE,CAAC;QAET,OAAO,CAAC,CAAC,IAAI,CAAC;YACZ,SAAS,EAAE,MAAM,EAAE,oBAAoB,IAAI,GAAG;YAC9C,gBAAgB,EAAE,MAAM,EAAE,gBAAgB,IAAI,EAAE;YAChD,OAAO,EAAE,MAAM,EAAE,OAAO,IAAI,KAAK;SAClC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,sDAAsD;IAEtD,GAAG,CAAC,GAAG,CAAC,SAAS,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QAC7B,MAAM,QAAQ,GAAG,WAAW,CAAC,CAAC,CAAC,CAAC;QAChC,IAAI,IAA6B,CAAC;QAClC,IAAI,CAAC;YACH,IAAI,GAAG,MAAM,CAAC,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC;QAC5B,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,mBAAmB,EAAE,EAAE,GAAG,CAAC,CAAC;QACrD,CAAC;QAED,MAAM,OAAO,GAA4B,EAAE,CAAC;QAC5C,IAAI,IAAI,CAAC,SAAS,KAAK,SAAS,EAAE,CAAC;YACjC,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;YACnC,IAAI,KAAK,CAAC,GAAG,CAAC,IAAI,GAAG,GAAG,CAAC;gBAAE,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,wBAAwB,EAAE,EAAE,GAAG,CAAC,CAAC;YACnF,OAAO,CAAC,oBAAoB,GAAG,GAAG,CAAC;QACrC,CAAC;QACD,IAAI,IAAI,CAAC,gBAAgB,KAAK,SAAS,EAAE,CAAC;YACxC,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;YAC1C,IAAI,KAAK,CAAC,GAAG,CAAC,IAAI,GAAG,GAAG,CAAC;gBAAE,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,+BAA+B,EAAE,EAAE,GAAG,CAAC,CAAC;YAC1F,OAAO,CAAC,gBAAgB,GAAG,GAAG,CAAC;QACjC,CAAC;QAED,IAAI,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACtC,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,2BAA2B,EAAE,EAAE,GAAG,CAAC,CAAC;QAC7D,CAAC;QAED,MAAM,QAAQ,GAAG,EAAE;aAChB,MAAM,EAAE;aACR,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC;aAC1B,KAAK,CAAC,EAAE,CAAC,MAAM,CAAC,aAAa,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;aAClD,GAAG,EAAE,CAAC;QAET,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QACrC,IAAI,QAAQ,EAAE,CAAC;YACb,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,aAAa,CAAC;iBAC5B,GAAG,CAAC,EAAE,GAAG,OAAO,EAAE,SAAS,EAAE,GAAG,EAAE,CAAC;iBACnC,KAAK,CAAC,EAAE,CAAC,MAAM,CAAC,aAAa,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;iBAClD,GAAG,EAAE,CAAC;QACX,CAAC;aAAM,CAAC;YACN,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC,MAAM,CAAC;gBACrC,QAAQ;gBACR,OAAO,EAAE,KAAK;gBACd,kBAAkB,EAAE,KAAK;gBACzB,YAAY,EAAE,IAAI;gBAClB,sBAAsB,EAAE,IAAI;gBAC5B,UAAU,EAAE,IAAI;gBAChB,gBAAgB,EAAG,OAAO,CAAC,gBAA2B,IAAI,EAAE;gBAC5D,oBAAoB,EAAG,OAAO,CAAC,oBAA+B,IAAI,GAAG;gBACrE,SAAS,EAAE,GAAG;aACf,CAAC,CAAC,GAAG,EAAE,CAAC;QACX,CAAC;QAED,MAAM,MAAM,GAAG,EAAE;aACd,MAAM,EAAE;aACR,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC;aAC1B,KAAK,CAAC,EAAE,CAAC,MAAM,CAAC,aAAa,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;aAClD,GAAG,EAAE,CAAC;QAET,OAAO,CAAC,CAAC,IAAI,CAAC;YACZ,SAAS,EAAE,MAAM,EAAE,oBAAoB,IAAI,GAAG;YAC9C,gBAAgB,EAAE,MAAM,EAAE,gBAAgB,IAAI,EAAE;YAChD,OAAO,EAAE,MAAM,EAAE,OAAO,IAAI,KAAK;SAClC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,OAAO,GAAG,CAAC;AACb,CAAC"}

package/dist/routes/capabilities.d.ts

@@ -0,0 +1,15 @@
+/**
+ * Capability Registration REST API (Story 5.2)
+ *
+ * PUT    /api/agents/:id/capabilities              — register a new capability
+ * GET    /api/agents/:id/capabilities              — list agent's capabilities
+ * DELETE /api/agents/:id/capabilities/:capabilityId — remove a capability
+ */
+import { Hono } from 'hono';
+import type { IEventStore } from '@agentlensai/core';
+import type { AuthVariables } from '../middleware/auth.js';
+import type { SqliteDb } from '../db/index.js';
+export declare function capabilityRoutes(store: IEventStore, db: SqliteDb): Hono<{
+    Variables: AuthVariables;
+}, import("hono/types").BlankSchema, "/">;
+//# sourceMappingURL=capabilities.d.ts.map

package/dist/routes/capabilities.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"capabilities.d.ts","sourceRoot":"","sources":["../../src/routes/capabilities.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAC5B,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AACrD,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,uBAAuB,CAAC;AAC3D,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,gBAAgB,CAAC;AAK/C,wBAAgB,gBAAgB,CAAC,KAAK,EAAE,WAAW,EAAE,EAAE,EAAE,QAAQ;eAC7B,aAAa;0CAmFhD"}

package/dist/routes/capabilities.js

@@ -0,0 +1,86 @@
+/**
+ * Capability Registration REST API (Story 5.2)
+ *
+ * PUT    /api/agents/:id/capabilities              — register a new capability
+ * GET    /api/agents/:id/capabilities              — list agent's capabilities
+ * DELETE /api/agents/:id/capabilities/:capabilityId — remove a capability
+ */
+import { Hono } from 'hono';
+import { CapabilityStore, ValidationError } from '../db/capability-store.js';
+import { AnonymousIdManager } from '../db/anonymous-id-manager.js';
+import { getTenantStore } from './tenant-helper.js';
+export function capabilityRoutes(store, db) {
+    const app = new Hono();
+    const capStore = new CapabilityStore(db);
+    const anonIdManager = new AnonymousIdManager(db);
+    /**
+     * Helper to get tenant ID from auth context.
+     */
+    function getTenantId(c) {
+        return c.get('apiKey')?.tenantId ?? 'default';
+    }
+    // PUT /:id/capabilities — register or update a capability
+    app.put('/:id/capabilities', async (c) => {
+        const tenantId = getTenantId(c);
+        const agentId = c.req.param('id');
+        // Verify agent exists
+        const tenantStore = getTenantStore(store, c);
+        const agent = await tenantStore.getAgent(agentId);
+        if (!agent) {
+            return c.json({ error: 'Agent not found', status: 404 }, 404);
+        }
+        let body;
+        try {
+            body = await c.req.json();
+        }
+        catch {
+            return c.json({ error: 'Invalid JSON body', status: 400 }, 400);
+        }
+        try {
+            const capability = capStore.create(tenantId, agentId, body);
+            const anonymousAgentId = anonIdManager.getOrRotateAnonymousId(tenantId, agentId);
+            return c.json({ capability, anonymousAgentId }, 201);
+        }
+        catch (err) {
+            if (err instanceof ValidationError) {
+                return c.json({ error: err.message, status: 400 }, 400);
+            }
+            throw err;
+        }
+    });
+    // GET /:id/capabilities — list agent's capabilities
+    app.get('/:id/capabilities', async (c) => {
+        const tenantId = getTenantId(c);
+        const agentId = c.req.param('id');
+        // Verify agent exists
+        const tenantStore = getTenantStore(store, c);
+        const agent = await tenantStore.getAgent(agentId);
+        if (!agent) {
+            return c.json({ error: 'Agent not found', status: 404 }, 404);
+        }
+        const capabilities = capStore.listByAgent(tenantId, agentId);
+        const anonymousAgentId = anonIdManager.getOrRotateAnonymousId(tenantId, agentId);
+        return c.json({ capabilities, anonymousAgentId });
+    });
+    // DELETE /:id/capabilities/:capabilityId — remove a capability
+    app.delete('/:id/capabilities/:capabilityId', async (c) => {
+        const tenantId = getTenantId(c);
+        const agentId = c.req.param('id');
+        const capabilityId = c.req.param('capabilityId');
+        // Verify agent exists
+        const tenantStore = getTenantStore(store, c);
+        const agent = await tenantStore.getAgent(agentId);
+        if (!agent) {
+            return c.json({ error: 'Agent not found', status: 404 }, 404);
+        }
+        // Verify the capability belongs to this agent
+        const existing = capStore.getById(tenantId, capabilityId);
+        if (!existing || existing.agentId !== agentId) {
+            return c.json({ error: 'Capability not found', status: 404 }, 404);
+        }
+        capStore.delete(tenantId, capabilityId);
+        return c.json({ deleted: true });
+    });
+    return app;
+}
+//# sourceMappingURL=capabilities.js.map

package/dist/routes/capabilities.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"capabilities.js","sourceRoot":"","sources":["../../src/routes/capabilities.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAI5B,OAAO,EAAE,eAAe,EAAE,eAAe,EAAE,MAAM,2BAA2B,CAAC;AAC7E,OAAO,EAAE,kBAAkB,EAAE,MAAM,+BAA+B,CAAC;AACnE,OAAO,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAC;AAEpD,MAAM,UAAU,gBAAgB,CAAC,KAAkB,EAAE,EAAY;IAC/D,MAAM,GAAG,GAAG,IAAI,IAAI,EAAgC,CAAC;IACrD,MAAM,QAAQ,GAAG,IAAI,eAAe,CAAC,EAAE,CAAC,CAAC;IACzC,MAAM,aAAa,GAAG,IAAI,kBAAkB,CAAC,EAAE,CAAC,CAAC;IAEjD;;OAEG;IACH,SAAS,WAAW,CAAC,CAA4D;QAC/E,OAAO,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,QAAQ,IAAI,SAAS,CAAC;IAChD,CAAC;IAED,0DAA0D;IAC1D,GAAG,CAAC,GAAG,CAAC,mBAAmB,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QACvC,MAAM,QAAQ,GAAG,WAAW,CAAC,CAAC,CAAC,CAAC;QAChC,MAAM,OAAO,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAElC,sBAAsB;QACtB,MAAM,WAAW,GAAG,cAAc,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC;QAC7C,MAAM,KAAK,GAAG,MAAM,WAAW,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;QAClD,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,iBAAiB,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE,GAAG,CAAC,CAAC;QAChE,CAAC;QAED,IAAI,IAA6B,CAAC;QAClC,IAAI,CAAC;YACH,IAAI,GAAG,MAAM,CAAC,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC;QAC5B,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,mBAAmB,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE,GAAG,CAAC,CAAC;QAClE,CAAC;QAED,IAAI,CAAC;YACH,MAAM,UAAU,GAAG,QAAQ,CAAC,MAAM,CAAC,QAAQ,EAAE,OAAO,EAAE,IAAwD,CAAC,CAAC;YAChH,MAAM,gBAAgB,GAAG,aAAa,CAAC,sBAAsB,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;YACjF,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,UAAU,EAAE,gBAAgB,EAAE,EAAE,GAAG,CAAC,CAAC;QACvD,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,IAAI,GAAG,YAAY,eAAe,EAAE,CAAC;gBACnC,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,GAAG,CAAC,OAAO,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE,GAAG,CAAC,CAAC;YAC1D,CAAC;YACD,MAAM,GAAG,CAAC;QACZ,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,oDAAoD;IACpD,GAAG,CAAC,GAAG,CAAC,mBAAmB,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QACvC,MAAM,QAAQ,GAAG,WAAW,CAAC,CAAC,CAAC,CAAC;QAChC,MAAM,OAAO,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAElC,sBAAsB;QACtB,MAAM,WAAW,GAAG,cAAc,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC;QAC7C,MAAM,KAAK,GAAG,MAAM,WAAW,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;QAClD,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,iBAAiB,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE,GAAG,CAAC,CAAC;QAChE,CAAC;QAED,MAAM,YAAY,GAAG,QAAQ,CAAC,WAAW,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;QAC7D,MAAM,gBAAgB,GAAG,aAAa,CAAC,sBAAsB,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;QACjF,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,YAAY,EAAE,gBAAgB,EAAE,CAAC,CAAC;IACpD,CAAC,CAAC,CAAC;IAEH,+DAA+D;IAC/D,GAAG,CAAC,MAAM,CAAC,iCAAiC,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE;QACxD,MAAM,QAAQ,GAAG,WAAW,CAAC,CAAC,CAAC,CAAC;QAChC,MAAM,OAAO,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAClC,MAAM,YAAY,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,cAAc,CAAC,CAAC;QAEjD,sBAAsB;QACtB,MAAM,WAAW,GAAG,cAAc,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC;QAC7C,MAAM,KAAK,GAAG,MAAM,WAAW,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;QAClD,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,iBAAiB,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE,GAAG,CAAC,CAAC;QAChE,CAAC;QAED,8CAA8C;QAC9C,MAAM,QAAQ,GAAG,QAAQ,CAAC,OAAO,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC;QAC1D,IAAI,CAAC,QAAQ,IAAI,QAAQ,CAAC,OAAO,KAAK,OAAO,EAAE,CAAC;YAC9C,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,sBAAsB,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE,GAAG,CAAC,CAAC;QACrE,CAAC;QAED,QAAQ,CAAC,MAAM,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC;QACxC,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC;IACnC,CAAC,CAAC,CAAC;IAEH,OAAO,GAAG,CAAC;AACb,CAAC"}

package/dist/routes/community.d.ts

@@ -0,0 +1,24 @@
+/**
+ * Community Sharing REST API (Stories 4.1–4.3)
+ *
+ * POST /api/community/share           — share a lesson
+ * GET  /api/community/search          — search shared lessons
+ * GET  /api/community/config          — get tenant sharing config
+ * PUT  /api/community/config          — update tenant sharing config
+ * GET  /api/community/config/agents/:agentId — get agent sharing config
+ * PUT  /api/community/config/agents/:agentId — update agent sharing config
+ * GET  /api/community/deny-list       — list deny-list rules
+ * POST /api/community/deny-list       — add deny-list rule
+ * DELETE /api/community/deny-list/:id — delete deny-list rule
+ */
+import { Hono } from 'hono';
+import type { AuthVariables } from '../middleware/auth.js';
+import type { SqliteDb } from '../db/index.js';
+import { CommunityService, type PoolTransport } from '../services/community-service.js';
+export declare function communityRoutes(db: SqliteDb, transport?: PoolTransport): {
+    app: Hono<{
+        Variables: AuthVariables;
+    }, import("hono/types").BlankSchema, "/">;
+    service: CommunityService;
+};
+//# sourceMappingURL=community.d.ts.map

package/dist/routes/community.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"community.d.ts","sourceRoot":"","sources":["../../src/routes/community.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAEH,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAC5B,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,uBAAuB,CAAC;AAC3D,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,gBAAgB,CAAC;AAC/C,OAAO,EAAE,gBAAgB,EAA+B,KAAK,aAAa,EAAE,MAAM,kCAAkC,CAAC;AAKrH,wBAAgB,eAAe,CAAC,EAAE,EAAE,QAAQ,EAAE,SAAS,CAAC,EAAE,aAAa;;mBACnC,aAAa;;;EAyLhD"}

package/dist/routes/community.js

@@ -0,0 +1,190 @@
+/**
+ * Community Sharing REST API (Stories 4.1–4.3)
+ *
+ * POST /api/community/share           — share a lesson
+ * GET  /api/community/search          — search shared lessons
+ * GET  /api/community/config          — get tenant sharing config
+ * PUT  /api/community/config          — update tenant sharing config
+ * GET  /api/community/config/agents/:agentId — get agent sharing config
+ * PUT  /api/community/config/agents/:agentId — update agent sharing config
+ * GET  /api/community/deny-list       — list deny-list rules
+ * POST /api/community/deny-list       — add deny-list rule
+ * DELETE /api/community/deny-list/:id — delete deny-list rule
+ */
+import { Hono } from 'hono';
+import { CommunityService, LocalCommunityPoolTransport } from '../services/community-service.js';
+import { LESSON_SHARING_CATEGORIES } from '@agentlensai/core';
+const VALID_CATEGORIES = new Set(LESSON_SHARING_CATEGORIES);
+export function communityRoutes(db, transport) {
+    const app = new Hono();
+    const poolTransport = transport ?? new LocalCommunityPoolTransport();
+    const service = new CommunityService(db, { transport: poolTransport });
+    function getTenantId(c) {
+        return c.get('apiKey')?.tenantId ?? 'default';
+    }
+    // ─── Share ─────────────────────────────────────────
+    app.post('/share', async (c) => {
+        const tenantId = getTenantId(c);
+        let body;
+        try {
+            body = await c.req.json();
+        }
+        catch {
+            return c.json({ error: 'Invalid JSON body' }, 400);
+        }
+        const lessonId = body.lessonId;
+        if (!lessonId || typeof lessonId !== 'string') {
+            return c.json({ error: 'lessonId is required' }, 400);
+        }
+        const result = await service.share(tenantId, lessonId, 'api');
+        switch (result.status) {
+            case 'shared':
+                return c.json(result, 201);
+            case 'rate_limited':
+                return c.json({ error: 'Rate limit exceeded', status: 'rate_limited' }, 429);
+            case 'disabled':
+                return c.json({ error: result.reason, status: 'disabled' }, 403);
+            case 'blocked':
+                return c.json({ error: result.reason, status: 'blocked' }, 422);
+            case 'pending_review':
+                return c.json(result, 202);
+            case 'error':
+                return c.json({ error: result.error, status: 'error' }, 500);
+        }
+    });
+    // ─── Search ────────────────────────────────────────
+    app.get('/search', async (c) => {
+        const tenantId = getTenantId(c);
+        const query = c.req.query('q');
+        if (!query) {
+            return c.json({ error: 'q (query) parameter is required' }, 400);
+        }
+        const category = c.req.query('category') || undefined;
+        if (category && !VALID_CATEGORIES.has(category)) {
+            return c.json({ error: `Invalid category. Must be one of: ${LESSON_SHARING_CATEGORIES.join(', ')}` }, 400);
+        }
+        const minReputation = c.req.query('minReputation') ? Number(c.req.query('minReputation')) : undefined;
+        const limit = c.req.query('limit') ? Math.min(Number(c.req.query('limit')), 50) : 50;
+        const result = await service.search(tenantId, query, { category, minReputation, limit }, 'api');
+        return c.json(result);
+    });
+    // ─── Tenant Config ────────────────────────────────
+    app.get('/config', async (c) => {
+        const tenantId = getTenantId(c);
+        const config = service.getSharingConfig(tenantId);
+        return c.json({ config });
+    });
+    app.put('/config', async (c) => {
+        const tenantId = getTenantId(c);
+        let body;
+        try {
+            body = await c.req.json();
+        }
+        catch {
+            return c.json({ error: 'Invalid JSON body' }, 400);
+        }
+        const updates = {};
+        if (body.enabled !== undefined)
+            updates.enabled = Boolean(body.enabled);
+        if (body.humanReviewEnabled !== undefined)
+            updates.humanReviewEnabled = Boolean(body.humanReviewEnabled);
+        if (body.poolEndpoint !== undefined)
+            updates.poolEndpoint = body.poolEndpoint;
+        if (body.rateLimitPerHour !== undefined) {
+            const val = Number(body.rateLimitPerHour);
+            if (isNaN(val) || val < 1)
+                return c.json({ error: 'rateLimitPerHour must be >= 1' }, 400);
+            updates.rateLimitPerHour = val;
+        }
+        if (body.volumeAlertThreshold !== undefined) {
+            const val = Number(body.volumeAlertThreshold);
+            if (isNaN(val) || val < 1)
+                return c.json({ error: 'volumeAlertThreshold must be >= 1' }, 400);
+            updates.volumeAlertThreshold = val;
+        }
+        if (body.categories !== undefined) {
+            if (!Array.isArray(body.categories))
+                return c.json({ error: 'categories must be an array' }, 400);
+            for (const cat of body.categories) {
+                if (!VALID_CATEGORIES.has(cat)) {
+                    return c.json({ error: `Invalid category: ${cat}` }, 400);
+                }
+            }
+        }
+        const config = service.updateSharingConfig(tenantId, updates);
+        return c.json({ config });
+    });
+    // ─── Agent Config ──────────────────────────────────
+    app.get('/config/agents/:agentId', async (c) => {
+        const tenantId = getTenantId(c);
+        const agentId = c.req.param('agentId');
+        const config = service.getAgentSharingConfig(tenantId, agentId);
+        return c.json({ config });
+    });
+    app.put('/config/agents/:agentId', async (c) => {
+        const tenantId = getTenantId(c);
+        const agentId = c.req.param('agentId');
+        let body;
+        try {
+            body = await c.req.json();
+        }
+        catch {
+            return c.json({ error: 'Invalid JSON body' }, 400);
+        }
+        const updates = {};
+        if (body.enabled !== undefined)
+            updates.enabled = Boolean(body.enabled);
+        if (body.categories !== undefined) {
+            if (!Array.isArray(body.categories))
+                return c.json({ error: 'categories must be an array' }, 400);
+            for (const cat of body.categories) {
+                if (!VALID_CATEGORIES.has(cat)) {
+                    return c.json({ error: `Invalid category: ${cat}` }, 400);
+                }
+            }
+            updates.categories = body.categories;
+        }
+        const config = service.updateAgentSharingConfig(tenantId, agentId, updates);
+        return c.json({ config });
+    });
+    // ─── Deny List ─────────────────────────────────────
+    app.get('/deny-list', async (c) => {
+        const tenantId = getTenantId(c);
+        const rules = service.getDenyList(tenantId);
+        return c.json({ rules });
+    });
+    app.post('/deny-list', async (c) => {
+        const tenantId = getTenantId(c);
+        let body;
+        try {
+            body = await c.req.json();
+        }
+        catch {
+            return c.json({ error: 'Invalid JSON body' }, 400);
+        }
+        const pattern = body.pattern;
+        if (!pattern || typeof pattern !== 'string') {
+            return c.json({ error: 'pattern is required' }, 400);
+        }
+        const reason = body.reason || 'No reason provided';
+        const isRegex = Boolean(body.isRegex);
+        try {
+            const rule = service.addDenyListRule(tenantId, pattern, isRegex, reason);
+            return c.json({ rule }, 201);
+        }
+        catch (err) {
+            return c.json({ error: err instanceof Error ? err.message : String(err) }, 400);
+        }
+    });
+    app.delete('/deny-list/:id', async (c) => {
+        const tenantId = getTenantId(c);
+        const ruleId = c.req.param('id');
+        const ok = service.deleteDenyListRule(tenantId, ruleId);
+        if (!ok) {
+            return c.json({ error: 'Rule not found' }, 404);
+        }
+        return c.json({ deleted: true });
+    });
+    return { app, service };
+}
+//# sourceMappingURL=community.js.map