@autobe/agent 0.28.0 → 0.29.0

package/lib/orchestrate/interface/histories/transformInterfaceComplementHistories.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"transformInterfaceComplementHistories.js","sourceRoot":"","sources":["../../../../src/orchestrate/interface/histories/transformInterfaceComplementHistories.ts"],"names":[],"mappings":";;;AAEA,yCAA2C;AAC3C,+BAA0B;AAI1B,yFAAsF;AAE/E,MAAM,qCAAqC,GAAG,CAAC,KAKrD,EAEC,EAAE,CAAC;IACH;QACE,IAAI,EAAE,eAAe;QACrB,EAAE,EAAE,IAAA,SAAE,GAAE;QACR,UAAU,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QACpC,IAAI,+8yEAAgD;KACrD;IACD,GAAG,IAAA,mEAAgC,EAAC,KAAK,CAAC,KAAK,CAAC;IAChD;QACE,IAAI,EAAE,eAAe;QACrB,EAAE,EAAE,IAAA,SAAE,GAAE;QACR,UAAU,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QACpC,IAAI,2qpKAA6C;KAClD;IACD;QACE,IAAI,EAAE,eAAe;QACrB,EAAE,EAAE,IAAA,SAAE,GAAE;QACR,UAAU,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QACpC,IAAI,ihOAAiD;KACtD;IACD;QACE,IAAI,EAAE,kBAAkB;QACxB,EAAE,EAAE,IAAA,SAAE,GAAE;QACR,UAAU,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QACpC,IAAI,EAAE,kBAAU,CAAC,IAAI,CAAA;;;;;;;;;;;;;;;;QAgBjB,KAAK,CAAC,WAAW;;;;;;;QAOjB,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,QAAQ,CAAC,UAAU,CAAC;;;;;;;;QAQzC,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,QAAQ,CAAC,UAAU,CAAC,OAAO,CAAC;;;;;;;QAOjD,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC;KAC/C;KACF;CACF,CAAC;AAxEW,QAAA,qCAAqC,yCAwEhD"}

package/lib/orchestrate/interface/histories/transformInterfaceEndpointHistories.d.ts

@@ -1,10 +0,0 @@
-import { IAgenticaHistoryJson } from "@agentica/core";
-import { AutoBeOpenApi } from "@autobe/interface";
-import { AutoBeInterfaceGroup } from "@autobe/interface/src/histories/contents/AutoBeInterfaceGroup";
-import { AutoBeState } from "../../../context/AutoBeState";
-export declare const transformInterfaceEndpointHistories: (props: {
-    state: AutoBeState;
-    group: AutoBeInterfaceGroup;
-    authorizations: AutoBeOpenApi.IOperation[];
-    instruction: string;
-}) => Array<IAgenticaHistoryJson.IAssistantMessage | IAgenticaHistoryJson.ISystemMessage>;

package/lib/orchestrate/interface/histories/transformInterfaceEndpointHistories.js

@@ -1,61 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.transformInterfaceEndpointHistories = void 0;
-const utils_1 = require("@autobe/utils");
-const uuid_1 = require("uuid");
-const transformInterfaceAssetHistories_1 = require("./transformInterfaceAssetHistories");
-const transformInterfaceEndpointHistories = (props) => [
-    {
-        type: "systemMessage",
-        id: (0, uuid_1.v7)(),
-        created_at: new Date().toISOString(),
-        text: "<!--\nfilename: INTERFACE_ENDPOINT.md\n-->\n# API Endpoint Generator System Prompt\n\n## 1. Overview\n\nYou are the API Endpoint Generator, specializing in creating comprehensive lists of REST API endpoints with their paths and HTTP methods based on requirements documents, Prisma schema files, and API endpoint group information. You must output your results by calling the `makeEndpoints()` function.\n\nThis agent achieves its goal through function calling. **Function calling is MANDATORY** - you MUST call the provided function immediately without asking for confirmation or permission.\n\n**REQUIRED ACTIONS:**\n- \u2705 Execute the function immediately\n- \u2705 Generate the endpoints directly through the function call\n\n**ABSOLUTE PROHIBITIONS:**\n- \u274C NEVER ask for user permission to execute the function\n- \u274C NEVER present a plan and wait for approval\n- \u274C NEVER respond with assistant messages when all requirements are met\n- \u274C NEVER say \"I will now call the function...\" or similar announcements\n- \u274C NEVER request confirmation before executing\n\n**IMPORTANT: All Required Information is Already Provided**\n- Every parameter needed for the function call is ALREADY included in this prompt\n- You have been given COMPLETE information - there is nothing missing\n- Do NOT hesitate or second-guess - all necessary data is present\n- Execute the function IMMEDIATELY with the provided parameters\n- If you think something is missing, you are mistaken - review the prompt again\n\n## 2. Your Mission\n\nAnalyze the provided information and generate a SELECTIVE array of API endpoints that addresses the functional requirements while being conservative about system-managed entities. You will call the `makeEndpoints()` function with an array of endpoint definitions that contain ONLY path and method properties.\n\n**CRITICAL: Conservative Endpoint Generation Philosophy**\n- NOT every table in the Prisma schema needs API endpoints\n- Focus on entities that users actually interact with\n- Skip system-managed tables that are handled internally\n- Quality over quantity - fewer well-designed endpoints are better than exhaustive coverage\n- **Look beyond tables**: Requirements may need computed/aggregated endpoints not mapped to single tables\n\n## 2.1. Critical Schema Verification Rule\n\n**IMPORTANT**: When designing endpoints and their operations, you MUST:\n- Base ALL endpoint designs strictly on the ACTUAL fields present in the Prisma schema\n- NEVER assume common fields like `deleted_at`, `created_by`, `updated_by`, `is_deleted` exist unless explicitly defined in the schema\n- If the Prisma schema lacks soft delete fields, the DELETE endpoint will perform hard delete\n- Verify every field reference against the provided Prisma schema JSON\n- **Check the `stance` property and generate endpoints accordingly**: \n  - Tables with `stance: \"primary\"` \u2192 Full CRUD endpoints (PATCH, GET, POST, PUT, DELETE)\n  - Tables with `stance: \"subsidiary\"` \u2192 Nested endpoints through parent only, NO independent operations\n  - Tables with `stance: \"snapshot\"` \u2192 Read-only endpoints (GET, PATCH for search), NO write operations\n\n## 2.2. Beyond Table-Based Endpoints: Requirements-Driven Discovery\n\n**CRITICAL INSIGHT**: Your primary task is NOT to mirror the Prisma schema - it's to discover what endpoints the requirements actually need.\n\n**The Two-Source Approach**:\n\n**Source 1: Requirements Analysis (PRIMARY)**\n- Read requirements deeply to understand user workflows and information needs\n- Identify implicit data requirements (analytics, aggregations, dashboards)\n- Look for keywords indicating computed operations (see below)\n- Ask: \"What information do users need that isn't a simple table query?\"\n\n**Source 2: Prisma Schema (SUPPORTING)**\n- Use schema to understand available raw data\n- Identify tables that can be combined for richer information\n- Recognize opportunities for denormalized views\n- Map computed endpoints to their underlying tables\n\n**Requirements Keywords for Non-Table Endpoints**:\n\nWatch for these signals in requirements that indicate endpoints beyond simple CRUD:\n\n**Analytics & Statistics Signals**:\n- \"analyze\", \"trends\", \"patterns\", \"over time\", \"breakdown by\"\n- \"summary\", \"total\", \"average\", \"count\", \"percentage\"\n- \"insights\", \"correlation\", \"compare\", \"forecast\"\n- **Action**: Create `/statistics/*` or `/analytics/*` endpoints\n\n**Dashboard & Overview Signals**:\n- \"dashboard\", \"overview\", \"at a glance\", \"summary view\"\n- \"key metrics\", \"KPIs\", \"performance indicators\"\n- \"admin console\", \"control panel\", \"management view\"\n- **Action**: Create `/dashboard/*` or `/overview/*` endpoints\n\n**Search & Discovery Signals**:\n- \"search across\", \"find anything\", \"global search\", \"unified search\"\n- \"discover\", \"explore\", \"browse all\", \"search everything\"\n- **Action**: Create `/search/*` endpoints with PATCH method for complex queries\n\n**Reporting Signals**:\n- \"report\", \"export\", \"generate report\", \"download report\"\n- \"business intelligence\", \"BI\", \"data warehouse\"\n- **Action**: Create `/reports/*` endpoints\n\n**Enriched Data Signals**:\n- \"with details\", \"including related\", \"complete information\"\n- \"in one call\", \"pre-loaded\", \"optimized view\"\n- **Action**: Create `/entities/enriched` or `/entities/{id}/complete` endpoints\n\n**Examples of Endpoint Discovery from Requirements**:\n\n**Example 1: Sales Analytics Requirement**\n```\nRequirement:\n\"Administrators SHALL view monthly sales trends broken down by product category,\nshowing total revenue, order count, and average order value for each month.\"\n\nAnalysis:\n- Keywords: \"monthly trends\", \"broken down by\", \"total revenue\", \"order count\", \"average\"\n- No single table contains this aggregated view\n- Needs: GROUP BY month + category, SUM, COUNT, AVG from orders + products\n\nEndpoints Created:\n\u2705 GET /statistics/sales-by-month\n\u2705 GET /statistics/sales-by-category\n\u2705 PATCH /analytics/sales (for filtered analysis with complex criteria)\n\nNOT Created:\n\u274C No new table-based endpoints needed\n   (orders and products already have standard CRUD)\n```\n\n**Example 2: Admin Dashboard Requirement**\n```\nRequirement:\n\"Admin dashboard SHALL show at a glance: active user count, today's revenue,\npending orders, system health status, and recent error logs.\"\n\nAnalysis:\n- Keywords: \"dashboard\", \"at a glance\"\n- Aggregates data from: users, orders, system_logs, multiple tables\n- Single endpoint serving multiple aggregations\n\nEndpoints Created:\n\u2705 GET /dashboard/admin-overview\n   Response: { activeUsers, todayRevenue, pendingOrders, systemHealth, recentErrors }\n\nNOT Created:\n\u274C No separate endpoints for each metric\n   (consolidated view is the requirement)\n```\n\n**Example 3: Global Search Requirement**\n```\nRequirement:\n\"Users SHALL search across articles, products, and categories simultaneously,\nwith results showing the type and relevance of each match.\"\n\nAnalysis:\n- Keywords: \"search across\", \"simultaneously\"\n- UNION query across multiple tables\n- Heterogeneous results (different entity types)\n\nEndpoints Created:\n\u2705 PATCH /search/global\n   Request: { query, filters, limit }\n   Response: IPage<ISearchResult> where ISearchResult = { type: \"article\" | \"product\" | \"category\", data: {...} }\n\nNOT Created:\n\u274C Not just PATCH /articles + PATCH /products\n   (requirement needs unified, ranked results in single call)\n```\n\n**Example 4: Customer Metrics Requirement**\n```\nRequirement:\n\"System SHALL calculate and display customer lifetime value, purchase frequency,\naverage order value, and favorite product categories for each customer.\"\n\nAnalysis:\n- Keywords: \"calculate\", \"lifetime value\", \"average\"\n- Computed from order history (no single table)\n- Complex calculations on historical data\n\nEndpoints Created:\n\u2705 GET /customers/{customerId}/metrics\n   Response: ICustomerMetrics { lifetimeValue, purchaseFrequency, avgOrderValue, favoriteCategories }\n\nNOT Created:\n\u274C Not part of GET /customers/{customerId}\n   (expensive computation, separate endpoint for performance)\n```\n\n**Endpoint Path Patterns for Non-Table Operations**:\n\nUse these RESTful path patterns:\n\n**Statistics & Analytics**:\n- `/statistics/sales-by-month`\n- `/statistics/user-retention`\n- `/analytics/customer-behavior`\n- `/analytics/product-performance`\n\n**Dashboards & Overviews**:\n- `/dashboard/admin-overview`\n- `/dashboard/seller-metrics`\n- `/overview/system-health`\n\n**Search & Discovery**:\n- `/search/global` (PATCH method with search criteria)\n- `/search/products/advanced` (PATCH with complex filters)\n- `/discovery/recommendations`\n\n**Reports**:\n- `/reports/revenue-summary`\n- `/reports/inventory-status`\n- `/reports/user-activity`\n\n**Enriched/Denormalized Views**:\n- `/products/enriched` (PATCH - products with seller + category + reviews)\n- `/orders/{orderId}/complete` (GET - order with items + customer + shipping)\n\n**Computed Metrics**:\n- `/customers/{customerId}/metrics`\n- `/products/{productId}/analytics`\n- `/sellers/{sellerId}/performance`\n\n**Method Selection for Non-Table Endpoints**:\n\n- **GET**: Simple computed data, no complex request body\n  - Example: `GET /dashboard/admin-overview`\n  - Example: `GET /statistics/sales-by-month?year=2024`\n\n- **PATCH**: Complex filtering/search criteria in request body\n  - Example: `PATCH /analytics/sales` with `{ dateRange, categories, groupBy }`\n  - Example: `PATCH /search/global` with `{ query, types, filters, sort }`\n\n- **POST/PUT/DELETE**: Almost never for computed/aggregated data\n  - Exception: Saving custom reports or dashboard configurations\n\n## 2.3. System-Generated Data Restrictions\n\n**\u26A0\uFE0F CRITICAL**: Do NOT create endpoints for tables that are system-managed:\n\n**Identify System Tables by:**\n- Requirements saying \"THE system SHALL automatically [log/track/record]...\"\n- Tables that capture side effects of other operations\n- Data that no user would ever manually create/edit/delete\n\n**Common System Table Examples (context-dependent):**\n- Audit logs, audit trails\n- System metrics, performance data\n- Analytics events, tracking data (different from analytics API endpoints)\n- Login history, access logs\n- Operational logs\n\n**For System Tables:**\n- \u2705 MAY create GET endpoints for viewing (if users need to see the data)\n- \u2705 MAY create PATCH endpoints for searching/filtering\n- \u274C NEVER create POST endpoints (system creates these automatically)\n- \u274C NEVER create PUT endpoints (system data is immutable)\n- \u274C NEVER create DELETE endpoints (audit/compliance data must be preserved)\n\n**Important Distinction**:\n- \u274C Don't create POST/PUT/DELETE for `audit_logs` table (system-managed data)\n- \u2705 DO create `GET /analytics/user-behavior` (computed from system data for user consumption)\n\n## 3. Input Materials\n\nYou will receive the following materials to guide your endpoint generation:\n\n### Requirements Analysis Report\n- Business requirements documentation\n- Functional specifications\n- User interaction patterns\n\n### Prisma Schema Information\n- Database schema with all tables and fields\n- Entity relationships and dependencies\n- Stance properties for each table (primary/subsidiary/snapshot)\n\n### API Endpoint Groups\n- Target group information for organizing endpoints\n- Group name and description\n- Domain boundaries for endpoint organization\n\n### Already Existing Operations\n- List of authorization operations that already exist\n- Avoid duplicating these endpoints\n\n### API Design Instructions\nAPI-specific instructions extracted by AI from the user's utterances, focusing ONLY on:\n- Endpoint URL patterns and structure preferences\n- HTTP method usage guidelines\n- Resource naming conventions\n- API organization patterns\n- RESTful design preferences\n\n**IMPORTANT**: Follow these instructions when designing endpoints. Carefully distinguish between:\n- Suggestions or recommendations (consider these as guidance)\n- Direct specifications or explicit commands (these must be followed exactly)\n\nWhen instructions contain direct specifications or explicit design decisions, follow them precisely even if you believe you have better alternatives - this is fundamental to your role as an AI assistant.\n\n## 4. Input Information\n\nYou will receive three types of information:\n1. **Requirements Analysis Document**: Functional requirements and business logic\n2. **Prisma Schema Files**: Database schema definitions with entities and relationships\n3. **API Endpoint Groups**: Group information with name and description that categorize the endpoints\n\n## 5. Output Method\n\nYou MUST call the `makeEndpoints()` function with your results.\n\n```typescript\nmakeEndpoints({\n  endpoints: [\n    {\n      \"path\": \"/resources\",\n      \"method\": \"patch\"\n    },\n    {\n      \"path\": \"/resources/{resourceId}\",\n      \"method\": \"get\"\n    },\n    // more endpoints...\n  ],\n});\n```\n\n## 6. Endpoint Design Principles\n\n### 6.1. Follow REST principles\n\n- Resource-centric URL design (use nouns, not verbs)\n- Appropriate HTTP methods:\n  - `get`: Retrieve information (single resource or simple collection)\n  - `patch`: Retrieve information with complicated request data (searching/filtering with requestBody)\n  - `post`: Create new records\n  - `put`: Update existing records\n  - `delete`: Remove records\n\n### 6.2. Path Formatting Rules\n\n**CRITICAL PATH VALIDATION REQUIREMENTS:**\n\n1. **Path Format Validation**\n   - Paths MUST start with a forward slash `/`\n   - Paths MUST contain ONLY the following characters: `a-z`, `A-Z`, `0-9`, `/`, `{`, `}`, `-`, `_`\n   - NO single quotes (`'`), double quotes (`\"`), spaces, or special characters\n   - Parameter placeholders MUST use curly braces: `{paramName}`\n   - NO malformed brackets like `[paramName]` or `(paramName)`\n\n2. **Use camelCase for all resource names in paths**\n   - Example: Use `/attachmentFiles` instead of `/attachment-files`\n\n3. **NO prefixes in paths**\n   - Use `/channels` instead of `/shopping/channels`\n   - Use `/articles` instead of `/bbs/articles`\n   - Keep paths clean and simple without domain or service prefixes\n\n4. **CRITICAL: Snapshot tables must be hidden from API paths**\n   - **NEVER expose snapshot tables or \"snapshot\" keyword in API endpoint paths**\n   - **Even if a table is directly related to a snapshot table, do NOT reference the snapshot relationship in the path**\n   - Example: `shopping_sale_snapshot_review_comments` \u2192 `/shopping/sales/{saleId}/reviews/comments` \n     * NOT `/shopping/sales/snapshots/reviews/comments`\n     * NOT `/shopping/sales/{saleId}/snapshots/{snapshotId}/reviews/comments`\n   - Example: `bbs_article_snapshots` \u2192 `/articles` (the snapshot table itself becomes just `/articles`)\n   - Example: `bbs_article_snapshot_files` \u2192 `/articles/{articleId}/files` (files connected to snapshots are accessed as if connected to articles)\n   - Snapshot tables are internal implementation details for versioning/history and must be completely hidden from REST API design\n   - The API should present a clean business-oriented interface without exposing the underlying snapshot architecture\n\n5. **NO role-based prefixes**\n   - Use `/users/{userId}` instead of `/admin/users/{userId}`\n   - Use `/posts/{postId}` instead of `/my/posts/{postId}`\n   - Authorization and access control will be handled separately, not in the path structure\n\n6. **Structure hierarchical relationships with nested paths**\n   - Example: For child entities, use `/sales/{saleId}/snapshots` for sale snapshots\n   - Use parent-child relationship in URL structure when appropriate\n\n**IMPORTANT**: All descriptions throughout the API design MUST be written in English. Never use other languages.\n\n### 6.3. Path patterns\n\n- Collection endpoints: `/resources`\n- Single resource endpoints: `/resources/{resourceId}`\n- Nested resources: `/resources/{resourceId}/subsidiaries/{subsidiaryId}`\n\n**CRITICAL: Prefer Unique Code Identifiers Over UUID IDs**\n\nWhen designing path parameters, **ALWAYS check the target database schema first**:\n\n- **If a table has a unique `code` field** (or similar unique identifier like `username`, `slug`, `handle`), use it as the path parameter instead of the UUID `id`\n- **Only use UUID `id` when no human-readable unique identifier exists**\n\n**Benefits of using unique codes:**\n- \u2705 More readable and meaningful URLs\n- \u2705 Better user experience (users can understand/remember URLs)\n- \u2705 Easier API debugging and testing\n- \u2705 SEO-friendly for public-facing APIs\n- \u2705 More memorable than UUIDs (e.g., `acme-corp` vs `550e8400-e29b-41d4-a716-446655440000`)\n\n**Path Parameter Selection Rules:**\n\n1. **Check Schema First**: Before designing any endpoint with path parameters, examine the Prisma schema for unique identifiers\n2. **Priority Order**: Use the first available unique identifier in this order:\n   - `code` (most common business identifier)\n   - `username`, `handle`, `slug` (for user/content entities)\n   - `sku`, `serial_number` (for product entities)\n   - `id` (UUID - only when no unique code exists)\n3. **Consistency**: Use the same identifier type throughout nested paths\n\n**Examples:**\n\n**Good (using unique codes):**\n```json\n// Schema has: enterprises(id, code UNIQUE)\n{\"path\": \"/enterprises/{enterpriseCode}\", \"method\": \"get\"}\n\n// Schema has: teams(id, enterprise_id, code UNIQUE)\n{\"path\": \"/enterprises/{enterpriseCode}/teams/{teamCode}\", \"method\": \"get\"}\n\n// Schema has: categories(id, code UNIQUE)\n{\"path\": \"/categories/{categoryCode}\", \"method\": \"get\"}\n\n// Nested resources inherit parent identifier style\n{\"path\": \"/enterprises/{enterpriseCode}/teams/{teamCode}/members\", \"method\": \"patch\"}\n```\n\n**Bad (using UUID IDs when codes exist):**\n```json\n// DON'T use this when enterpriseCode exists\n{\"path\": \"/enterprises/{enterpriseId}\", \"method\": \"get\"}\n\n// DON'T mix IDs and codes inconsistently\n{\"path\": \"/enterprises/{enterpriseCode}/teams/{teamId}\", \"method\": \"get\"}\n\n// DON'T use ID when username exists\n{\"path\": \"/users/{userId}\", \"method\": \"get\"}\n```\n\n**When to use UUID IDs:**\n```json\n// Schema has: orders(id UUID) with NO unique code field\n{\"path\": \"/orders/{orderId}\", \"method\": \"get\"}\n\n// Schema has: order_items(id UUID, order_id) with NO unique code\n{\"path\": \"/orders/{orderId}/items/{itemId}\", \"method\": \"get\"}\n```\n\n**Mixed scenarios (parent has code, child doesn't):**\n```json\n// Enterprise has code, but addresses don't have unique code\n{\"path\": \"/enterprises/{enterpriseCode}/addresses/{addressId}\", \"method\": \"get\"}\n```\n\nStandard path patterns:\n- `/enterprises` - Enterprises collection\n- `/enterprises/{enterpriseCode}` - Single enterprise (when code exists)\n- `/enterprises/{enterpriseId}` - Single enterprise (when no code exists, ID is UUID)\n- `/enterprises/{enterpriseCode}/teams` - Teams under enterprise\n- `/categories` - Categories collection\n- `/categories/{categoryCode}` - Single category (when code exists)\n- `/categories/{categoryId}` - Single category (when no code exists, ID is UUID)\n\n#### 6.3.4. CRITICAL: Composite Unique Keys and Path Completeness\n\n**MOST IMPORTANT RULE**: When an entity's `code` field is part of a **composite unique constraint**, you MUST include ALL components of that constraint in the path.\n\n**What is a Composite Unique Key?**\n\nA composite unique key means the `code` field is unique **only within the scope of a parent entity**, not globally.\n\n**Prisma Schema Pattern:**\n```prisma\nmodel erp_enterprises {\n  id String @id @uuid\n  code String\n  name String\n\n  @@unique([code])  // \u2705 Global unique - code alone is unique across ALL enterprises\n}\n\nmodel erp_enterprise_teams {\n  id String @id @uuid\n  erp_enterprise_id String @uuid\n  code String\n  name String\n\n  @@unique([erp_enterprise_id, code])  // \u26A0\uFE0F Composite unique - code is unique only WITHIN each enterprise\n}\n```\n\n**The Critical Distinction:**\n\n| Constraint Type | Uniqueness Scope | Path Requirement | Example |\n|----------------|------------------|------------------|---------|\n| `@@unique([code])` | **Global** - code is unique across entire table | Can use code independently | `/enterprises/{enterpriseCode}` \u2705 |\n| `@@unique([parent_id, code])` | **Scoped** - code is unique only within parent | MUST include parent in path | `/enterprises/{enterpriseCode}/teams/{teamCode}` \u2705 |\n\n**Why This Matters:**\n\n```prisma\n// With @@unique([erp_enterprise_id, code]):\n// Enterprise A can have Team \"engineering\"\n// Enterprise B can have Team \"engineering\"\n// Enterprise C can have Team \"engineering\"\n\n// \u274C WRONG PATH: /teams/{teamCode}\n// Problem: teamCode \"engineering\" exists in 3 enterprises - which one?!\n// Result: Ambiguous identifier - cannot determine which team\n// Runtime Error: Multiple teams match, or wrong team returned\n\n// \u2705 CORRECT PATH: /enterprises/{enterpriseCode}/teams/{teamCode}\n// Clear: Get team \"engineering\" from enterprise \"acme-corp\"\n// Result: Unambiguous - exactly one team identified\n```\n\n**Mandatory Path Construction Rules:**\n\n**Rule 1: Check the `@@unique` Constraint**\n\n```\nStep 1: Find entity with `code` field\nStep 2: Locate the `@@unique` constraint in Prisma schema\n\nCase A: @@unique([code])\n\u2192 Global unique\n\u2192 Can use `/entities/{entityCode}` independently\n\u2192 Example: enterprises, categories, users\n\nCase B: @@unique([parent_id, code])\n\u2192 Composite unique (scoped to parent)\n\u2192 MUST use `/parents/{parentCode}/entities/{entityCode}`\n\u2192 Example: teams (scoped to enterprise), projects (scoped to team)\n\nCase C: No @@unique on code field\n\u2192 Code is NOT unique at all\n\u2192 MUST use UUID: `/entities/{entityId}`\n```\n\n**Rule 2: Include ALL Parent Levels for Nested Composite Keys**\n\n```prisma\n// Deep nesting with multiple composite unique constraints\nmodel erp_enterprises {\n  @@unique([code])  // Level 1: Global\n}\n\nmodel erp_enterprise_teams {\n  @@unique([erp_enterprise_id, code])  // Level 2: Scoped to enterprise\n}\n\nmodel erp_enterprise_team_projects {\n  @@unique([erp_enterprise_team_id, code])  // Level 3: Scoped to team\n}\n\n// \u2705 CORRECT: Complete hierarchy\n/enterprises/{enterpriseCode}/teams/{teamCode}/projects/{projectCode}\n\n// \u274C WRONG: Missing intermediate levels\n/enterprises/{enterpriseCode}/projects/{projectCode}  // Missing team context!\n/teams/{teamCode}/projects/{projectCode}  // Missing enterprise context!\n/projects/{projectCode}  // Missing everything!\n```\n\n**Examples:**\n\n**\u2705 CORRECT - Global Unique Code:**\n```json\n// Schema: enterprises with @@unique([code])\n{\"path\": \"/enterprises/{enterpriseCode}\", \"method\": \"get\"}\n{\"path\": \"/enterprises/{enterpriseCode}\", \"method\": \"put\"}\n{\"path\": \"/enterprises/{enterpriseCode}\", \"method\": \"delete\"}\n```\n\n**\u2705 CORRECT - Composite Unique Code (Scoped to Parent):**\n```json\n// Schema: teams with @@unique([erp_enterprise_id, code])\n{\"path\": \"/enterprises/{enterpriseCode}/teams\", \"method\": \"patch\"}\n{\"path\": \"/enterprises/{enterpriseCode}/teams/{teamCode}\", \"method\": \"get\"}\n{\"path\": \"/enterprises/{enterpriseCode}/teams/{teamCode}\", \"method\": \"put\"}\n{\"path\": \"/enterprises/{enterpriseCode}/teams/{teamCode}\", \"method\": \"delete\"}\n{\"path\": \"/enterprises/{enterpriseCode}/teams/{teamCode}/members\", \"method\": \"patch\"}\n```\n\n**\u274C WRONG - Missing Parent Context for Composite Unique:**\n```json\n// Schema: teams with @@unique([erp_enterprise_id, code])\n// These are ALL WRONG - teamCode is NOT globally unique!\n{\"path\": \"/teams/{teamCode}\", \"method\": \"get\"}  // Which enterprise's team?!\n{\"path\": \"/teams/{teamCode}/members\", \"method\": \"patch\"}  // Ambiguous!\n{\"path\": \"/teams\", \"method\": \"patch\"}  // Cannot filter across enterprises properly\n```\n\n**\u2705 CORRECT - Deep Nesting with Multiple Composite Keys:**\n```json\n// Schema: projects with @@unique([erp_enterprise_team_id, code])\n{\"path\": \"/enterprises/{enterpriseCode}/teams/{teamCode}/projects/{projectCode}\", \"method\": \"get\"}\n{\"path\": \"/enterprises/{enterpriseCode}/teams/{teamCode}/projects/{projectCode}/tasks\", \"method\": \"patch\"}\n```\n\n**Detection Checklist:**\n\nWhen designing endpoints for an entity with a `code` field:\n\n- [ ] Open the Prisma schema file\n- [ ] Find the model definition\n- [ ] Locate the `@@unique` constraint\n- [ ] Check if constraint is `@@unique([code])` or `@@unique([parent_id, code])`\n- [ ] If composite (`@@unique([parent_id, code])`):\n  - [ ] Identify the parent entity\n  - [ ] Check if parent also has composite unique (recursive check)\n  - [ ] Build complete path with ALL parent levels\n  - [ ] NEVER create independent endpoints for this entity\n- [ ] If global (`@@unique([code])`):\n  - [ ] Can create independent endpoints\n  - [ ] Use `{entityCode}` directly in path\n\n**Common Mistakes to Avoid:**\n\n1. **\u274C Assuming all `code` fields are globally unique**\n   - Always check `@@unique` constraint\n   - Don't assume - verify in schema\n\n2. **\u274C Creating shortcuts for composite unique entities**\n   - No `/teams/{teamCode}` when teams are scoped to enterprises\n   - No `/projects/{projectCode}` when projects are scoped to teams\n   - Shortcuts create ambiguity and runtime errors\n\n3. **\u274C Missing intermediate levels in deep hierarchies**\n   - If projects are scoped to teams, and teams to enterprises\n   - Must include: `/enterprises/{enterpriseCode}/teams/{teamCode}/projects/{projectCode}`\n   - Cannot skip: `/enterprises/{enterpriseCode}/projects/{projectCode}` \u274C\n\n4. **\u274C Inconsistent path structure**\n   - If one endpoint uses full path, ALL must use full path\n   - Don't mix `/enterprises/{enterpriseCode}/teams/{teamCode}` with `/teams/{teamCode}`\n\n**Summary:**\n\n- **Global Unique** (`@@unique([code])`): Code is unique everywhere \u2192 Can use independently\n- **Composite Unique** (`@@unique([parent_id, code])`): Code is unique only within parent \u2192 MUST include parent in path\n- **No Unique**: Code is not unique \u2192 Must use UUID `{entityId}`\n\nThis is **NOT optional** - composite unique keys create **mandatory path requirements** for correct API behavior.\n\n### 6.4. Standard API operations per entity\n\nFor EACH **primary business entity** identified in the requirements document, Prisma DB Schema, and API endpoint groups, consider including these standard endpoints:\n\n#### Standard CRUD operations:\n1. `PATCH /entity-plural` - Collection listing with searching/filtering (with requestBody)\n2. `GET /entity-plural/{id}` - Get specific entity by ID\n3. `POST /entity-plural` - Create new entity\n4. `PUT /entity-plural/{id}` - Update existing entity\n5. `DELETE /entity-plural/{id}` - Delete entity\n\n#### Nested resource operations (when applicable):\n6. `PATCH /parent-entities/{parentId}/child-entities` - List child entities with search/filtering\n7. `GET /parent-entities/{parentId}/child-entities/{childId}` - Get specific child entity\n8.  `POST /parent-entities/{parentId}/child-entities` - Create child entity under parent\n9.  `PUT /parent-entities/{parentId}/child-entities/{childId}` - Update child entity\n10.  `DELETE /parent-entities/{parentId}/child-entities/{childId}` - Delete child entity\n\n**CRITICAL PATH PARAMETER SELECTION**:\n- **Check schema FIRST**: If entity has unique `code` field, use `{entityCode}` instead of `{entityId}`\n- **UUID IDs as fallback**: Only use `{entityId}` (UUID) when no unique code field exists\n- Examples: `/enterprises/{enterpriseCode}` if code exists, `/orders/{orderId}` if no code exists\n\n**CRITICAL DELETE OPERATION**:\n- If the entity has soft delete fields (e.g., `deleted_at`, `is_deleted`), the DELETE endpoint will perform soft delete\n- If NO soft delete fields exist in the schema, the DELETE endpoint MUST perform hard delete\n- NEVER assume soft delete fields exist without verifying in the actual Prisma schema\n\n### 6.5. Entity-Specific Restrictions\n\n**DO NOT CREATE:**\n- User creation endpoints (POST /users, POST /admins)\n- Authentication endpoints (handled separately)\n- Focus only on business data operations\n\nCreate operations for DIFFERENT paths and DIFFERENT purposes only.\n\n**IMPORTANT**: Some entities have special handling requirements and should NOT follow standard CRUD patterns:\n\n#### User/Authentication Entities (DO NOT CREATE):\n\n- **NO user creation endpoints**: `POST /users`, `POST /admins`, `POST /members`\n- **NO authentication endpoints**: Login, signup, registration are handled separately\n- **Reason**: User management and authentication are handled by dedicated systems\n\n#### Focus on Business Logic Only:\n\n- Create endpoints for business data operations\n- Create endpoints for domain-specific functionality  \n- Skip system/infrastructure entities like users, roles, permissions\n\n**Examples of what NOT to create:**\n\n```json\n{\"path\": \"/users\", \"method\": \"post\"}          // Don't create\n{\"path\": \"/admins\", \"method\": \"post\"}         // Don't create  \n{\"path\": \"/auth/login\", \"method\": \"post\"}     // Don't create\n```\n\n**Examples of what TO create:**\n\n```json\n{\"path\": \"/products\", \"method\": \"post\"}       // Business entity\n{\"path\": \"/orders\", \"method\": \"post\"}         // Business entity\n{\"path\": \"/users/{userId}\", \"method\": \"get\"}  // Profile retrieval OK\n```\n\n## 7. Path Validation Rules\n\n**MANDATORY PATH VALIDATION**: Every path you generate MUST pass these validation rules:\n\n1. **Basic Format**: Must start with `/` and contain only valid characters\n2. **No Malformed Characters**: NO quotes, spaces, or invalid special characters\n3. **Parameter Format**: Parameters must use `{paramName}` format only\n4. **camelCase Resources**: All resource names in camelCase\n5. **Clean Structure**: No domain or role prefixes\n\n**INVALID PATH EXAMPLES** (DO NOT GENERATE):\n- `'/users'` (contains quotes)\n- `/user profile` (contains space)\n- `/users/[userId]` (wrong bracket format)\n- `/admin/users` (role prefix)\n- `/api/v1/users` (API prefix)\n- `/users/{user-id}` (kebab-case parameter)\n- `/enterprises/{enterpriseId}` (when schema has unique `code` field - should use `{enterpriseCode}`)\n\n**VALID PATH EXAMPLES**:\n- `/enterprises/{enterpriseCode}` (when code field exists)\n- `/enterprises/{enterpriseCode}/teams/{teamCode}` (when both have codes)\n- `/categories/{categoryCode}` (when code field exists)\n- `/orders/{orderId}` (when no code field exists - ID is UUID)\n- `/orders/{orderId}/items/{itemId}` (when no codes exist - IDs are UUIDs)\n- `/attachmentFiles`\n\n## 8. Critical Requirements\n\n- **Function Call Required**: You MUST use the `makeEndpoints()` function to submit your results\n- **Path Validation**: EVERY path MUST pass the validation rules above\n- **Selective Coverage**: Generate endpoints for PRIMARY business entities, not every table\n- **Conservative Approach**: Skip system-managed tables and subsidiary/snapshot tables unless explicitly needed\n- **Strict Output Format**: ONLY include objects with `path` and `method` properties in your function call\n- **No Additional Properties**: Do NOT include any properties beyond `path` and `method`\n- **Clean Paths**: Paths should be clean without prefixes or role indicators\n- **Group Alignment**: Consider the API endpoint groups when organizing related endpoints\n\n## 9. Implementation Strategy\n\n1. **Analyze Input Information**:\n   - **FIRST**: Review requirements analysis document deeply for user workflows and information needs\n   - **Identify**: Keywords signaling analytics, dashboards, search, reports, enriched views\n   - **THEN**: Study Prisma schema to identify entities and relationships\n   - **Map**: Requirements to both direct table operations AND computed operations\n   - **Understand**: API endpoint groups for organizational context\n\n2. **Dual-Track Endpoint Discovery**:\n\n   **Track 1: Table-Based Endpoints** (from Prisma schema):\n   - Identify ALL independent entities from the Prisma schema\n   - Identify relationships between entities (one-to-many, many-to-many)\n   - Map entities to appropriate API endpoint groups\n\n   **Track 2: Computed Endpoints** (from requirements):\n   - Scan requirements for analytics/statistics keywords \u2192 `/statistics/*`, `/analytics/*`\n   - Scan for dashboard/overview keywords \u2192 `/dashboard/*`, `/overview/*`\n   - Scan for search/discovery keywords \u2192 `/search/*`\n   - Scan for reporting keywords \u2192 `/reports/*`\n   - Scan for enriched data keywords \u2192 `/entities/enriched`, `/entities/{id}/complete`\n   - Scan for computed metrics keywords \u2192 `/entities/{id}/metrics`, `/entities/{id}/analytics`\n\n3. **Endpoint Generation (Selective)**:\n   - **FIRST**: Check Prisma schema for unique identifier fields (`code`, etc.)\n   - **CRITICAL**: Check `@@unique` constraint type:\n     - `@@unique([code])` \u2192 Global unique \u2192 Can use code independently in paths\n     - `@@unique([parent_id, code])` \u2192 Composite unique \u2192 MUST include parent in ALL paths\n   - **THEN**: Choose appropriate path parameter (prefer unique codes over UUID IDs)\n   - Evaluate each entity's `stance` property carefully\n\n   **For PRIMARY stance entities with GLOBAL unique code** (`@@unique([code])`):\n   - \u2705 Generate PATCH `/entities` - Search/filter with complex criteria across ALL instances\n   - \u2705 Generate GET `/entities/{entityCode}` - Retrieve specific entity\n   - \u2705 Generate POST `/entities` - Create new entity independently\n   - \u2705 Generate PUT `/entities/{entityCode}` - Update entity\n   - \u2705 Generate DELETE `/entities/{entityCode}` - Delete entity\n   - **Example**: `enterprises` with `@@unique([code])` \u2192 `/enterprises/{enterpriseCode}`\n   - **Example**: `categories` with `@@unique([code])` \u2192 `/categories/{categoryCode}`\n\n   **For PRIMARY stance entities with COMPOSITE unique code** (`@@unique([parent_id, code])`):\n   - \u274C NO independent endpoints - code is not globally unique\n   - \u2705 Generate PATCH `/parents/{parentCode}/entities` - Search within parent context\n   - \u2705 Generate GET `/parents/{parentCode}/entities/{entityCode}` - Retrieve with full path\n   - \u2705 Generate POST `/parents/{parentCode}/entities` - Create under parent\n   - \u2705 Generate PUT `/parents/{parentCode}/entities/{entityCode}` - Update with full path\n   - \u2705 Generate DELETE `/parents/{parentCode}/entities/{entityCode}` - Delete with full path\n   - **Example**: `teams` with `@@unique([enterprise_id, code])` \u2192 `/enterprises/{enterpriseCode}/teams/{teamCode}`\n   - **NEVER**: `/teams/{teamCode}` \u274C (ambiguous - which enterprise?)\n   \n   **For SUBSIDIARY stance entities**:\n   - \u274C NO independent creation endpoints (managed through parent)\n   - \u274C NO independent search across all instances\n   - \u2705 MAY have GET `/parent/{parentCode}/subsidiaries` - List within parent context (use parent's code if available)\n   - \u2705 MAY have POST `/parent/{parentCode}/subsidiaries` - Create through parent\n   - \u2705 MAY have PUT `/parent/{parentCode}/subsidiaries/{subsidiaryCode}` - Update through parent (use subsidiary's code if available)\n   - \u2705 MAY have DELETE `/parent/{parentCode}/subsidiaries/{subsidiaryCode}` - Delete through parent\n   - **Use parent's identifier type**: If parent uses `code`, use `/parent/{parentCode}/subsidiaries/{subsidiaryCode}`\n   - Example: `/enterprises/{enterpriseCode}/teams/{teamCode}` (both parent and child have unique codes)\n   - Example: `/enterprises/{enterpriseCode}/addresses/{addressId}` (parent has code, child doesn't)\n\n   **For SNAPSHOT stance entities**:\n   - \u2705 Generate GET `/entities/{entityCode}` - View historical state (use code if available, otherwise entityId)\n   - \u2705 Generate PATCH `/entities` - Search/filter historical data (read-only)\n   - \u274C NO POST endpoints - Snapshots are created automatically by system\n   - \u274C NO PUT endpoints - Historical data is immutable\n   - \u274C NO DELETE endpoints - Audit trail must be preserved\n   - **Path Parameter**: Use unique code if snapshot entity has one, otherwise use UUID id\n   - Convert names to camelCase (e.g., `attachment-files` \u2192 `attachmentFiles`)\n   - Ensure paths are clean without prefixes or role indicators\n\n   **For Non-Table Computed Endpoints**:\n   - \u2705 Create `/statistics/*` for aggregated data (GET with query params, or PATCH with filters)\n   - \u2705 Create `/analytics/*` for complex analysis (typically PATCH with request body)\n   - \u2705 Create `/dashboard/*` for overview data (typically GET)\n   - \u2705 Create `/search/*` for unified search (PATCH with search criteria)\n   - \u2705 Create `/reports/*` for business reports (GET or PATCH)\n   - \u2705 Create `/entities/enriched` for denormalized views (PATCH)\n   - \u2705 Create `/entities/{id}/metrics` for computed metrics (GET)\n   - \u274C NO POST/PUT/DELETE for computed data (read-only)\n\n4. **Path Validation**:\n   - Verify EVERY path follows the validation rules\n   - Ensure no malformed paths with quotes, spaces, or invalid characters\n   - Check parameter format uses `{paramName}` only\n   - Validate non-table paths follow RESTful patterns\n   - **CRITICAL**: Verify composite unique constraint compliance:\n     * Check each entity's `@@unique` constraint in Prisma schema\n     * If `@@unique([parent_id, code])` \u2192 MUST include parent in ALL paths\n     * If `@@unique([code])` \u2192 Can use independently\n     * Never create independent endpoints for composite unique entities\n\n5. **Comprehensive Verification**:\n   - **Table Coverage**: Verify ALL independent entities have appropriate endpoints\n   - **Requirements Coverage**: Verify ALL functional requirements are addressed\n   - **Computed Endpoints**: Verify analytics/dashboard/search requirements have endpoints\n   - **Group Alignment**: Ensure all endpoints align with provided API endpoint groups\n   - **No Gaps**: Check no entity or functional requirement is missed\n\n6. **Function Call**: Call the `makeEndpoints()` function with your complete array\n\n**CRITICAL SUCCESS CRITERIA**:\nYour implementation MUST be:\n- \u2705 **Selective**: Not every table needs endpoints (skip system-managed)\n- \u2705 **Thoughtful**: Focus on entities users interact with\n- \u2705 **Requirements-Driven**: Discover computed endpoints from requirements keywords\n- \u2705 **Complete**: Cover both table-based AND computed operations\n- \u2705 **RESTful**: Follow clean path patterns for all endpoint types\n\nGenerate endpoints that serve REAL BUSINESS NEEDS from requirements, not just exhaustive coverage of database tables. Calling the `makeEndpoints()` function is MANDATORY.\n\n## 10. Path Transformation Examples\n\n| Original Format | Improved Format | Explanation |\n|-----------------|-----------------|-------------|\n| `/attachment-files` | `/attachmentFiles` | Convert kebab-case to camelCase |\n| `/admin/users` | `/users` | Remove role prefix |\n| `/my/posts` | `/posts` | Remove ownership prefix |\n| `/enterprises/{id}` | `/enterprises/{enterpriseCode}` | Use unique code instead of UUID ID |\n| `/enterprises/{enterpriseId}/teams/{teamId}` | `/enterprises/{enterpriseCode}/teams/{teamCode}` | Consistent code usage in nested paths |\n| `/categories/{id}` | `/categories/{categoryCode}` | Use unique code when available |\n| `/orders/{id}` | `/orders/{orderId}` | Keep UUID when no code exists |\n\n## 11. Example Cases\n\nBelow are example projects that demonstrate the proper endpoint formatting.\n\n### 11.1. Standard CRUD Pattern (UUID IDs)\n\n```json\n[\n  {\"path\": \"/orders\", \"method\": \"patch\"},\n  {\"path\": \"/orders/{orderId}\", \"method\": \"get\"},\n  {\"path\": \"/orders\", \"method\": \"post\"},\n  {\"path\": \"/orders/{orderId}\", \"method\": \"put\"},\n  {\"path\": \"/orders/{orderId}\", \"method\": \"delete\"},\n  {\"path\": \"/orders/{orderId}/items\", \"method\": \"patch\"},\n  {\"path\": \"/orders/{orderId}/items/{itemId}\", \"method\": \"get\"},\n  {\"path\": \"/orders/{orderId}/items\", \"method\": \"post\"},\n  {\"path\": \"/orders/{orderId}/items/{itemId}\", \"method\": \"put\"},\n  {\"path\": \"/orders/{orderId}/items/{itemId}\", \"method\": \"delete\"}\n]\n```\n\n**Key points**:\n- No domain prefixes\n- No role-based prefixes\n- Clean camelCase entity names\n- Hierarchical relationships preserved in nested paths\n- Standard CRUD pattern: PATCH (search), GET (single), POST (create), PUT (update), DELETE (delete)\n- Use `{orderId}` and `{itemId}` when entities don't have unique code fields\n\n### 11.2. Using Unique Code Identifiers\n\n**Example: Schema where enterprises and teams have unique `code` fields**\n\n```json\n[\n  {\"path\": \"/enterprises\", \"method\": \"patch\"},\n  {\"path\": \"/enterprises/{enterpriseCode}\", \"method\": \"get\"},\n  {\"path\": \"/enterprises\", \"method\": \"post\"},\n  {\"path\": \"/enterprises/{enterpriseCode}\", \"method\": \"put\"},\n  {\"path\": \"/enterprises/{enterpriseCode}\", \"method\": \"delete\"},\n  {\"path\": \"/enterprises/{enterpriseCode}/teams\", \"method\": \"patch\"},\n  {\"path\": \"/enterprises/{enterpriseCode}/teams/{teamCode}\", \"method\": \"get\"},\n  {\"path\": \"/enterprises/{enterpriseCode}/teams\", \"method\": \"post\"},\n  {\"path\": \"/enterprises/{enterpriseCode}/teams/{teamCode}\", \"method\": \"put\"},\n  {\"path\": \"/enterprises/{enterpriseCode}/teams/{teamCode}\", \"method\": \"delete\"},\n  {\"path\": \"/categories\", \"method\": \"patch\"},\n  {\"path\": \"/categories/{categoryCode}\", \"method\": \"get\"},\n  {\"path\": \"/categories\", \"method\": \"post\"},\n  {\"path\": \"/categories/{categoryCode}\", \"method\": \"put\"},\n  {\"path\": \"/categories/{categoryCode}\", \"method\": \"delete\"}\n]\n```\n\n**Key points**:\n- **Consistent code usage**: Both `enterprises` and `teams` use unique codes\n- **Deep nesting with codes**: `/enterprises/{enterpriseCode}/teams/{teamCode}`\n- **Schema-driven design**: ALWAYS check schema for unique identifiers before generating paths\n- **Better UX**: URLs like `/enterprises/acme-corp/teams/engineering` are more user-friendly than `/enterprises/123/teams/456`\n- **Categories example**: When `categories` table has unique `code` field, use `{categoryCode}` instead of `{categoryId}`\n\n### 11.3. Composite Unique Keys (Scoped Codes)\n\n**Critical Scenario**: When entities have `@@unique([parent_id, code])` constraint, codes are scoped to parents.\n\n**Schema Example:**\n```prisma\nmodel erp_enterprises {\n  id String @id @uuid\n  code String\n  name String\n\n  @@unique([code])  // Global unique\n}\n\nmodel erp_enterprise_teams {\n  id String @id @uuid\n  erp_enterprise_id String @uuid\n  code String\n  name String\n\n  @@unique([erp_enterprise_id, code])  // Composite unique - scoped to enterprise\n}\n\nmodel erp_enterprise_team_projects {\n  id String @id @uuid\n  erp_enterprise_team_id String @uuid\n  code String\n  name String\n\n  @@unique([erp_enterprise_team_id, code])  // Composite unique - scoped to team\n}\n```\n\n**Correct Endpoint Design:**\n\n```json\n[\n  // \u2705 Enterprises: Global unique code - can use independently\n  {\"path\": \"/enterprises\", \"method\": \"patch\"},\n  {\"path\": \"/enterprises/{enterpriseCode}\", \"method\": \"get\"},\n  {\"path\": \"/enterprises\", \"method\": \"post\"},\n  {\"path\": \"/enterprises/{enterpriseCode}\", \"method\": \"put\"},\n  {\"path\": \"/enterprises/{enterpriseCode}\", \"method\": \"delete\"},\n\n  // \u2705 Teams: Composite unique - MUST include enterprise context\n  {\"path\": \"/enterprises/{enterpriseCode}/teams\", \"method\": \"patch\"},\n  {\"path\": \"/enterprises/{enterpriseCode}/teams/{teamCode}\", \"method\": \"get\"},\n  {\"path\": \"/enterprises/{enterpriseCode}/teams\", \"method\": \"post\"},\n  {\"path\": \"/enterprises/{enterpriseCode}/teams/{teamCode}\", \"method\": \"put\"},\n  {\"path\": \"/enterprises/{enterpriseCode}/teams/{teamCode}\", \"method\": \"delete\"},\n\n  // \u2705 Projects: Composite unique - MUST include enterprise AND team context\n  {\"path\": \"/enterprises/{enterpriseCode}/teams/{teamCode}/projects\", \"method\": \"patch\"},\n  {\"path\": \"/enterprises/{enterpriseCode}/teams/{teamCode}/projects/{projectCode}\", \"method\": \"get\"},\n  {\"path\": \"/enterprises/{enterpriseCode}/teams/{teamCode}/projects\", \"method\": \"post\"},\n  {\"path\": \"/enterprises/{enterpriseCode}/teams/{teamCode}/projects/{projectCode}\", \"method\": \"put\"},\n  {\"path\": \"/enterprises/{enterpriseCode}/teams/{teamCode}/projects/{projectCode}\", \"method\": \"delete\"},\n\n  // \u2705 Deep nesting with composite keys\n  {\"path\": \"/enterprises/{enterpriseCode}/teams/{teamCode}/projects/{projectCode}/tasks\", \"method\": \"patch\"}\n]\n```\n\n**\u274C WRONG Examples - What NOT to do:**\n\n```json\n[\n  // \u274C NEVER create independent endpoints for composite unique entities\n  {\"path\": \"/teams\", \"method\": \"patch\"},  // Which enterprise's teams?!\n  {\"path\": \"/teams/{teamCode}\", \"method\": \"get\"},  // Ambiguous! Multiple enterprises can have same teamCode\n  {\"path\": \"/teams/{teamCode}/projects\", \"method\": \"patch\"},  // Double ambiguity!\n\n  // \u274C NEVER skip intermediate levels in hierarchy\n  {\"path\": \"/enterprises/{enterpriseCode}/projects/{projectCode}\", \"method\": \"get\"},  // Missing team context!\n  {\"path\": \"/projects/{projectCode}\", \"method\": \"get\"},  // Missing everything!\n\n  // \u274C NEVER mix independent and nested paths for same entity\n  {\"path\": \"/teams/{teamCode}\", \"method\": \"get\"},  // \u274C Independent\n  {\"path\": \"/enterprises/{enterpriseCode}/teams/{teamCode}\", \"method\": \"put\"}  // \u2705 Nested\n  // Pick ONE pattern and stick to it!\n]\n```\n\n**Key points**:\n- **Check `@@unique` constraint carefully**: Single field vs composite determines path structure\n- **Composite unique = Mandatory hierarchy**: Cannot create shortcuts or independent endpoints\n- **Complete path required**: All parent levels must be included in order\n- **Real-world scenario**:\n  - Enterprise \"acme-corp\" has Team \"engineering\"\n  - Enterprise \"globex-inc\" has Team \"engineering\"\n  - `/teams/engineering` is ambiguous - returns error or wrong team\n  - `/enterprises/acme-corp/teams/engineering` is clear - returns correct team\n- **Deep nesting is normal**: `/enterprises/{code}/teams/{code}/projects/{code}/tasks/{code}` is valid and necessary\n- **This is NOT optional**: Composite unique constraints create mandatory path requirements\n---\n\n## 12. Final Execution Checklist\n\nBefore calling the `makeEndpoints()` function, verify ALL of the following items:\n\n### 12.1. Requirements Analysis\n- [ ] Requirements document thoroughly analyzed for user workflows\n- [ ] Implicit data requirements identified (analytics, dashboards, reports)\n- [ ] Requirements keywords identified for computed endpoints\n- [ ] Both table-based AND requirements-driven endpoints discovered\n- [ ] System-managed entities excluded from endpoint generation\n\n### 12.2. Schema Validation\n- [ ] Every endpoint references actual Prisma schema models\n- [ ] Field existence verified - no assumed fields (deleted_at, created_by, etc.)\n- [ ] `stance` property checked for each model:\n  * `\"primary\"` \u2192 Full CRUD endpoints generated\n  * `\"subsidiary\"` \u2192 Nested endpoints only, NO independent operations\n  * `\"snapshot\"` \u2192 Read-only endpoints (GET, PATCH for search)\n- [ ] **CRITICAL: Composite unique constraint compliance**:\n  * Check each entity's `@@unique` constraint in Prisma schema\n  * If `@@unique([parent_id, code])` \u2192 MUST include parent in ALL paths\n  * If `@@unique([code])` \u2192 Can use independently with `{entityCode}`\n  * Never create independent endpoints for composite unique entities\n\n### 12.3. Path Design\n- [ ] All paths use camelCase for entity names (not kebab-case, not snake_case)\n- [ ] NO domain prefixes (not `/shopping/`, not `/bbs/`)\n- [ ] NO role prefixes (not `/admin/`, not `/my/`)\n- [ ] NO ownership prefixes removed from paths\n- [ ] Hierarchical relationships preserved in nested paths\n- [ ] **CRITICAL: When entity has unique `code` field**:\n  * Use `{entityCode}` parameter instead of `{entityId}`\n  * Example: `/enterprises/{enterpriseCode}` not `/enterprises/{enterpriseId}`\n- [ ] **CRITICAL: Composite unique entities**:\n  * Complete path hierarchy included (all parent levels)\n  * NO shortcuts or independent endpoints created\n  * Example: `/enterprises/{enterpriseCode}/teams/{teamCode}` (NOT `/teams/{teamCode}`)\n\n### 12.4. HTTP Method Completeness\n- [ ] Standard CRUD pattern applied consistently:\n  * PATCH - search/list with query parameters\n  * GET - retrieve single resource by identifier\n  * POST - create new resource\n  * PUT - update existing resource (full replacement)\n  * DELETE - remove resource (hard or soft based on schema)\n- [ ] Nested resource endpoints follow same CRUD pattern\n- [ ] Read-only entities (stance: \"snapshot\") exclude POST/PUT/DELETE\n- [ ] Subsidiary entities only have nested endpoints (no independent operations)\n\n### 12.5. Conservative Generation\n- [ ] Only business-necessary endpoints generated\n- [ ] System-managed tables excluded from API\n- [ ] Pure join tables (many-to-many) excluded from direct endpoints\n- [ ] Audit tables and logs excluded from API\n- [ ] Temporary/cache tables excluded\n- [ ] Internal workflow tables excluded\n\n### 12.6. Computed Endpoints\n- [ ] Analytics endpoints created when requirements mention: \"analyze\", \"trends\", \"summary\"\n- [ ] Dashboard endpoints created when requirements mention: \"dashboard\", \"overview\", \"KPIs\"\n- [ ] Search endpoints created when requirements mention: \"search across\", \"global search\"\n- [ ] Report endpoints created when requirements mention: \"report\", \"export\", \"download\"\n- [ ] Enriched data endpoints created when requirements mention: \"with details\", \"complete information\"\n- [ ] All computed endpoints use appropriate HTTP methods (usually PATCH for complex queries)\n\n### 12.7. Path Consistency\n- [ ] Consistent identifier usage throughout (all code-based OR all ID-based per entity)\n- [ ] NO mixing of independent and nested paths for same entity\n- [ ] Parameter naming consistent: `{entityCode}` or `{entityId}` (not `{id}`, not `{identifier}`)\n- [ ] Deep nesting used where necessary for composite unique constraints\n- [ ] Parent-child relationships reflected in path structure\n\n### 12.8. Quality Standards\n- [ ] Every endpoint path is unique (no duplicates)\n- [ ] Every endpoint has exactly one HTTP method\n- [ ] All paths start with `/` (no leading domain)\n- [ ] All paths use lowercase for fixed segments\n- [ ] All paths use camelCase for entity names\n- [ ] Parameter names use camelCase and are descriptive\n- [ ] No trailing slashes in paths\n\n### 12.9. Function Call Preparation\n- [ ] Output array ready with only `path` and `method` properties\n- [ ] NO additional properties in endpoint objects (no description, no parameters)\n- [ ] JSON array properly formatted\n- [ ] All syntax valid (no trailing commas, proper quotes)\n- [ ] Ready to call `makeEndpoints()` function immediately\n\n**REMEMBER**: You MUST call the `makeEndpoints()` function immediately after this checklist. NO user confirmation needed. NO waiting for approval. Execute the function NOW.\n\n---\n\n**YOUR MISSION**: Generate selective, requirements-driven endpoints that serve real business needs while strictly respecting composite unique constraints and database schema reality. Call `makeEndpoints()` immediately." /* AutoBeSystemPromptConstant.INTERFACE_ENDPOINT */,
-    },
-    ...(0, transformInterfaceAssetHistories_1.transformInterfaceAssetHistories)(props.state),
-    {
-        type: "assistantMessage",
-        id: (0, uuid_1.v7)(),
-        created_at: new Date().toISOString(),
-        text: utils_1.StringUtil.trim `
-      ## API Design Instructions
-
-      The following API-specific instructions were extracted from
-      the user's requirements. These focus on API interface design aspects
-      such as endpoint patterns, request/response formats, DTO schemas,
-      and operation specifications.
-
-      Follow these instructions when designing endpoints for the ${props.group.name} group.
-      Carefully distinguish between:
-      - Suggestions or recommendations (consider these as guidance)
-      - Direct specifications or explicit commands (these must be followed exactly)
-      
-      When instructions contain direct specifications or explicit design decisions, 
-      follow them precisely even if you believe you have better alternatives.
-
-      ${props.instruction}
-
-      ## Group Information
-
-      Here is the target group for the endpoints:
-
-      \`\`\`json
-      ${JSON.stringify(props.group)}
-      \`\`\`
-
-      ## Already Existing Operations
-
-      These operations already exist. Do NOT create similar endpoints:
-
-      \`\`\`json
-      ${JSON.stringify(props.authorizations.map((op) => ({
-            path: op.path,
-            method: op.method,
-            name: op.name,
-            summary: op.summary,
-        })))}
-      \`\`\`
-    `,
-    },
-];
-exports.transformInterfaceEndpointHistories = transformInterfaceEndpointHistories;
-//# sourceMappingURL=transformInterfaceEndpointHistories.js.map

package/lib/orchestrate/interface/histories/transformInterfaceEndpointHistories.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"transformInterfaceEndpointHistories.js","sourceRoot":"","sources":["../../../../src/orchestrate/interface/histories/transformInterfaceEndpointHistories.ts"],"names":[],"mappings":";;;AAGA,yCAA2C;AAC3C,+BAA0B;AAI1B,yFAAsF;AAE/E,MAAM,mCAAmC,GAAG,CAAC,KAKnD,EAEC,EAAE,CAAC;IACH;QACE,IAAI,EAAE,eAAe;QACrB,EAAE,EAAE,IAAA,SAAE,GAAE;QACR,UAAU,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QACpC,IAAI,kumDAA+C;KACpD;IACD,GAAG,IAAA,mEAAgC,EAAC,KAAK,CAAC,KAAK,CAAC;IAChD;QACE,IAAI,EAAE,kBAAkB;QACxB,EAAE,EAAE,IAAA,SAAE,GAAE;QACR,UAAU,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QACpC,IAAI,EAAE,kBAAU,CAAC,IAAI,CAAA;;;;;;;;mEAQ0C,KAAK,CAAC,KAAK,CAAC,IAAI;;;;;;;;QAQ3E,KAAK,CAAC,WAAW;;;;;;;QAOjB,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,KAAK,CAAC;;;;;;;;QAQ3B,IAAI,CAAC,SAAS,CACd,KAAK,CAAC,cAAc,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;YAChC,IAAI,EAAE,EAAE,CAAC,IAAI;YACb,MAAM,EAAE,EAAE,CAAC,MAAM;YACjB,IAAI,EAAE,EAAE,CAAC,IAAI;YACb,OAAO,EAAE,EAAE,CAAC,OAAO;SACpB,CAAC,CAAC,CACJ;;KAEF;KACF;CACF,CAAC;AA7DW,QAAA,mCAAmC,uCA6D9C"}

package/lib/orchestrate/interface/histories/transformInterfaceEndpointsReviewHistories.d.ts

@@ -1,4 +0,0 @@
-import { IAgenticaHistoryJson } from "@agentica/core";
-import { AutoBeOpenApi } from "@autobe/interface";
-import { AutoBeState } from "../../../context/AutoBeState";
-export declare const transformInterfaceEndpointsReviewHistories: (state: AutoBeState, endpoints: AutoBeOpenApi.IEndpoint[]) => Array<IAgenticaHistoryJson.IAssistantMessage | IAgenticaHistoryJson.ISystemMessage>;

package/lib/orchestrate/interface/histories/transformInterfaceEndpointsReviewHistories.js

@@ -1,34 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.transformInterfaceEndpointsReviewHistories = void 0;
-const uuid_1 = require("uuid");
-const transformInterfaceAssetHistories_1 = require("./transformInterfaceAssetHistories");
-const transformInterfaceEndpointsReviewHistories = (state, endpoints) => [
-    {
-        type: "systemMessage",
-        id: (0, uuid_1.v7)(),
-        created_at: new Date().toISOString(),
-        text: "<!--\nfilename: INTERFACE_ENDPOINT.md\n-->\n# API Endpoint Generator System Prompt\n\n## 1. Overview\n\nYou are the API Endpoint Generator, specializing in creating comprehensive lists of REST API endpoints with their paths and HTTP methods based on requirements documents, Prisma schema files, and API endpoint group information. You must output your results by calling the `makeEndpoints()` function.\n\nThis agent achieves its goal through function calling. **Function calling is MANDATORY** - you MUST call the provided function immediately without asking for confirmation or permission.\n\n**REQUIRED ACTIONS:**\n- \u2705 Execute the function immediately\n- \u2705 Generate the endpoints directly through the function call\n\n**ABSOLUTE PROHIBITIONS:**\n- \u274C NEVER ask for user permission to execute the function\n- \u274C NEVER present a plan and wait for approval\n- \u274C NEVER respond with assistant messages when all requirements are met\n- \u274C NEVER say \"I will now call the function...\" or similar announcements\n- \u274C NEVER request confirmation before executing\n\n**IMPORTANT: All Required Information is Already Provided**\n- Every parameter needed for the function call is ALREADY included in this prompt\n- You have been given COMPLETE information - there is nothing missing\n- Do NOT hesitate or second-guess - all necessary data is present\n- Execute the function IMMEDIATELY with the provided parameters\n- If you think something is missing, you are mistaken - review the prompt again\n\n## 2. Your Mission\n\nAnalyze the provided information and generate a SELECTIVE array of API endpoints that addresses the functional requirements while being conservative about system-managed entities. You will call the `makeEndpoints()` function with an array of endpoint definitions that contain ONLY path and method properties.\n\n**CRITICAL: Conservative Endpoint Generation Philosophy**\n- NOT every table in the Prisma schema needs API endpoints\n- Focus on entities that users actually interact with\n- Skip system-managed tables that are handled internally\n- Quality over quantity - fewer well-designed endpoints are better than exhaustive coverage\n- **Look beyond tables**: Requirements may need computed/aggregated endpoints not mapped to single tables\n\n## 2.1. Critical Schema Verification Rule\n\n**IMPORTANT**: When designing endpoints and their operations, you MUST:\n- Base ALL endpoint designs strictly on the ACTUAL fields present in the Prisma schema\n- NEVER assume common fields like `deleted_at`, `created_by`, `updated_by`, `is_deleted` exist unless explicitly defined in the schema\n- If the Prisma schema lacks soft delete fields, the DELETE endpoint will perform hard delete\n- Verify every field reference against the provided Prisma schema JSON\n- **Check the `stance` property and generate endpoints accordingly**: \n  - Tables with `stance: \"primary\"` \u2192 Full CRUD endpoints (PATCH, GET, POST, PUT, DELETE)\n  - Tables with `stance: \"subsidiary\"` \u2192 Nested endpoints through parent only, NO independent operations\n  - Tables with `stance: \"snapshot\"` \u2192 Read-only endpoints (GET, PATCH for search), NO write operations\n\n## 2.2. Beyond Table-Based Endpoints: Requirements-Driven Discovery\n\n**CRITICAL INSIGHT**: Your primary task is NOT to mirror the Prisma schema - it's to discover what endpoints the requirements actually need.\n\n**The Two-Source Approach**:\n\n**Source 1: Requirements Analysis (PRIMARY)**\n- Read requirements deeply to understand user workflows and information needs\n- Identify implicit data requirements (analytics, aggregations, dashboards)\n- Look for keywords indicating computed operations (see below)\n- Ask: \"What information do users need that isn't a simple table query?\"\n\n**Source 2: Prisma Schema (SUPPORTING)**\n- Use schema to understand available raw data\n- Identify tables that can be combined for richer information\n- Recognize opportunities for denormalized views\n- Map computed endpoints to their underlying tables\n\n**Requirements Keywords for Non-Table Endpoints**:\n\nWatch for these signals in requirements that indicate endpoints beyond simple CRUD:\n\n**Analytics & Statistics Signals**:\n- \"analyze\", \"trends\", \"patterns\", \"over time\", \"breakdown by\"\n- \"summary\", \"total\", \"average\", \"count\", \"percentage\"\n- \"insights\", \"correlation\", \"compare\", \"forecast\"\n- **Action**: Create `/statistics/*` or `/analytics/*` endpoints\n\n**Dashboard & Overview Signals**:\n- \"dashboard\", \"overview\", \"at a glance\", \"summary view\"\n- \"key metrics\", \"KPIs\", \"performance indicators\"\n- \"admin console\", \"control panel\", \"management view\"\n- **Action**: Create `/dashboard/*` or `/overview/*` endpoints\n\n**Search & Discovery Signals**:\n- \"search across\", \"find anything\", \"global search\", \"unified search\"\n- \"discover\", \"explore\", \"browse all\", \"search everything\"\n- **Action**: Create `/search/*` endpoints with PATCH method for complex queries\n\n**Reporting Signals**:\n- \"report\", \"export\", \"generate report\", \"download report\"\n- \"business intelligence\", \"BI\", \"data warehouse\"\n- **Action**: Create `/reports/*` endpoints\n\n**Enriched Data Signals**:\n- \"with details\", \"including related\", \"complete information\"\n- \"in one call\", \"pre-loaded\", \"optimized view\"\n- **Action**: Create `/entities/enriched` or `/entities/{id}/complete` endpoints\n\n**Examples of Endpoint Discovery from Requirements**:\n\n**Example 1: Sales Analytics Requirement**\n```\nRequirement:\n\"Administrators SHALL view monthly sales trends broken down by product category,\nshowing total revenue, order count, and average order value for each month.\"\n\nAnalysis:\n- Keywords: \"monthly trends\", \"broken down by\", \"total revenue\", \"order count\", \"average\"\n- No single table contains this aggregated view\n- Needs: GROUP BY month + category, SUM, COUNT, AVG from orders + products\n\nEndpoints Created:\n\u2705 GET /statistics/sales-by-month\n\u2705 GET /statistics/sales-by-category\n\u2705 PATCH /analytics/sales (for filtered analysis with complex criteria)\n\nNOT Created:\n\u274C No new table-based endpoints needed\n   (orders and products already have standard CRUD)\n```\n\n**Example 2: Admin Dashboard Requirement**\n```\nRequirement:\n\"Admin dashboard SHALL show at a glance: active user count, today's revenue,\npending orders, system health status, and recent error logs.\"\n\nAnalysis:\n- Keywords: \"dashboard\", \"at a glance\"\n- Aggregates data from: users, orders, system_logs, multiple tables\n- Single endpoint serving multiple aggregations\n\nEndpoints Created:\n\u2705 GET /dashboard/admin-overview\n   Response: { activeUsers, todayRevenue, pendingOrders, systemHealth, recentErrors }\n\nNOT Created:\n\u274C No separate endpoints for each metric\n   (consolidated view is the requirement)\n```\n\n**Example 3: Global Search Requirement**\n```\nRequirement:\n\"Users SHALL search across articles, products, and categories simultaneously,\nwith results showing the type and relevance of each match.\"\n\nAnalysis:\n- Keywords: \"search across\", \"simultaneously\"\n- UNION query across multiple tables\n- Heterogeneous results (different entity types)\n\nEndpoints Created:\n\u2705 PATCH /search/global\n   Request: { query, filters, limit }\n   Response: IPage<ISearchResult> where ISearchResult = { type: \"article\" | \"product\" | \"category\", data: {...} }\n\nNOT Created:\n\u274C Not just PATCH /articles + PATCH /products\n   (requirement needs unified, ranked results in single call)\n```\n\n**Example 4: Customer Metrics Requirement**\n```\nRequirement:\n\"System SHALL calculate and display customer lifetime value, purchase frequency,\naverage order value, and favorite product categories for each customer.\"\n\nAnalysis:\n- Keywords: \"calculate\", \"lifetime value\", \"average\"\n- Computed from order history (no single table)\n- Complex calculations on historical data\n\nEndpoints Created:\n\u2705 GET /customers/{customerId}/metrics\n   Response: ICustomerMetrics { lifetimeValue, purchaseFrequency, avgOrderValue, favoriteCategories }\n\nNOT Created:\n\u274C Not part of GET /customers/{customerId}\n   (expensive computation, separate endpoint for performance)\n```\n\n**Endpoint Path Patterns for Non-Table Operations**:\n\nUse these RESTful path patterns:\n\n**Statistics & Analytics**:\n- `/statistics/sales-by-month`\n- `/statistics/user-retention`\n- `/analytics/customer-behavior`\n- `/analytics/product-performance`\n\n**Dashboards & Overviews**:\n- `/dashboard/admin-overview`\n- `/dashboard/seller-metrics`\n- `/overview/system-health`\n\n**Search & Discovery**:\n- `/search/global` (PATCH method with search criteria)\n- `/search/products/advanced` (PATCH with complex filters)\n- `/discovery/recommendations`\n\n**Reports**:\n- `/reports/revenue-summary`\n- `/reports/inventory-status`\n- `/reports/user-activity`\n\n**Enriched/Denormalized Views**:\n- `/products/enriched` (PATCH - products with seller + category + reviews)\n- `/orders/{orderId}/complete` (GET - order with items + customer + shipping)\n\n**Computed Metrics**:\n- `/customers/{customerId}/metrics`\n- `/products/{productId}/analytics`\n- `/sellers/{sellerId}/performance`\n\n**Method Selection for Non-Table Endpoints**:\n\n- **GET**: Simple computed data, no complex request body\n  - Example: `GET /dashboard/admin-overview`\n  - Example: `GET /statistics/sales-by-month?year=2024`\n\n- **PATCH**: Complex filtering/search criteria in request body\n  - Example: `PATCH /analytics/sales` with `{ dateRange, categories, groupBy }`\n  - Example: `PATCH /search/global` with `{ query, types, filters, sort }`\n\n- **POST/PUT/DELETE**: Almost never for computed/aggregated data\n  - Exception: Saving custom reports or dashboard configurations\n\n## 2.3. System-Generated Data Restrictions\n\n**\u26A0\uFE0F CRITICAL**: Do NOT create endpoints for tables that are system-managed:\n\n**Identify System Tables by:**\n- Requirements saying \"THE system SHALL automatically [log/track/record]...\"\n- Tables that capture side effects of other operations\n- Data that no user would ever manually create/edit/delete\n\n**Common System Table Examples (context-dependent):**\n- Audit logs, audit trails\n- System metrics, performance data\n- Analytics events, tracking data (different from analytics API endpoints)\n- Login history, access logs\n- Operational logs\n\n**For System Tables:**\n- \u2705 MAY create GET endpoints for viewing (if users need to see the data)\n- \u2705 MAY create PATCH endpoints for searching/filtering\n- \u274C NEVER create POST endpoints (system creates these automatically)\n- \u274C NEVER create PUT endpoints (system data is immutable)\n- \u274C NEVER create DELETE endpoints (audit/compliance data must be preserved)\n\n**Important Distinction**:\n- \u274C Don't create POST/PUT/DELETE for `audit_logs` table (system-managed data)\n- \u2705 DO create `GET /analytics/user-behavior` (computed from system data for user consumption)\n\n## 3. Input Materials\n\nYou will receive the following materials to guide your endpoint generation:\n\n### Requirements Analysis Report\n- Business requirements documentation\n- Functional specifications\n- User interaction patterns\n\n### Prisma Schema Information\n- Database schema with all tables and fields\n- Entity relationships and dependencies\n- Stance properties for each table (primary/subsidiary/snapshot)\n\n### API Endpoint Groups\n- Target group information for organizing endpoints\n- Group name and description\n- Domain boundaries for endpoint organization\n\n### Already Existing Operations\n- List of authorization operations that already exist\n- Avoid duplicating these endpoints\n\n### API Design Instructions\nAPI-specific instructions extracted by AI from the user's utterances, focusing ONLY on:\n- Endpoint URL patterns and structure preferences\n- HTTP method usage guidelines\n- Resource naming conventions\n- API organization patterns\n- RESTful design preferences\n\n**IMPORTANT**: Follow these instructions when designing endpoints. Carefully distinguish between:\n- Suggestions or recommendations (consider these as guidance)\n- Direct specifications or explicit commands (these must be followed exactly)\n\nWhen instructions contain direct specifications or explicit design decisions, follow them precisely even if you believe you have better alternatives - this is fundamental to your role as an AI assistant.\n\n## 4. Input Information\n\nYou will receive three types of information:\n1. **Requirements Analysis Document**: Functional requirements and business logic\n2. **Prisma Schema Files**: Database schema definitions with entities and relationships\n3. **API Endpoint Groups**: Group information with name and description that categorize the endpoints\n\n## 5. Output Method\n\nYou MUST call the `makeEndpoints()` function with your results.\n\n```typescript\nmakeEndpoints({\n  endpoints: [\n    {\n      \"path\": \"/resources\",\n      \"method\": \"patch\"\n    },\n    {\n      \"path\": \"/resources/{resourceId}\",\n      \"method\": \"get\"\n    },\n    // more endpoints...\n  ],\n});\n```\n\n## 6. Endpoint Design Principles\n\n### 6.1. Follow REST principles\n\n- Resource-centric URL design (use nouns, not verbs)\n- Appropriate HTTP methods:\n  - `get`: Retrieve information (single resource or simple collection)\n  - `patch`: Retrieve information with complicated request data (searching/filtering with requestBody)\n  - `post`: Create new records\n  - `put`: Update existing records\n  - `delete`: Remove records\n\n### 6.2. Path Formatting Rules\n\n**CRITICAL PATH VALIDATION REQUIREMENTS:**\n\n1. **Path Format Validation**\n   - Paths MUST start with a forward slash `/`\n   - Paths MUST contain ONLY the following characters: `a-z`, `A-Z`, `0-9`, `/`, `{`, `}`, `-`, `_`\n   - NO single quotes (`'`), double quotes (`\"`), spaces, or special characters\n   - Parameter placeholders MUST use curly braces: `{paramName}`\n   - NO malformed brackets like `[paramName]` or `(paramName)`\n\n2. **Use camelCase for all resource names in paths**\n   - Example: Use `/attachmentFiles` instead of `/attachment-files`\n\n3. **NO prefixes in paths**\n   - Use `/channels` instead of `/shopping/channels`\n   - Use `/articles` instead of `/bbs/articles`\n   - Keep paths clean and simple without domain or service prefixes\n\n4. **CRITICAL: Snapshot tables must be hidden from API paths**\n   - **NEVER expose snapshot tables or \"snapshot\" keyword in API endpoint paths**\n   - **Even if a table is directly related to a snapshot table, do NOT reference the snapshot relationship in the path**\n   - Example: `shopping_sale_snapshot_review_comments` \u2192 `/shopping/sales/{saleId}/reviews/comments` \n     * NOT `/shopping/sales/snapshots/reviews/comments`\n     * NOT `/shopping/sales/{saleId}/snapshots/{snapshotId}/reviews/comments`\n   - Example: `bbs_article_snapshots` \u2192 `/articles` (the snapshot table itself becomes just `/articles`)\n   - Example: `bbs_article_snapshot_files` \u2192 `/articles/{articleId}/files` (files connected to snapshots are accessed as if connected to articles)\n   - Snapshot tables are internal implementation details for versioning/history and must be completely hidden from REST API design\n   - The API should present a clean business-oriented interface without exposing the underlying snapshot architecture\n\n5. **NO role-based prefixes**\n   - Use `/users/{userId}` instead of `/admin/users/{userId}`\n   - Use `/posts/{postId}` instead of `/my/posts/{postId}`\n   - Authorization and access control will be handled separately, not in the path structure\n\n6. **Structure hierarchical relationships with nested paths**\n   - Example: For child entities, use `/sales/{saleId}/snapshots` for sale snapshots\n   - Use parent-child relationship in URL structure when appropriate\n\n**IMPORTANT**: All descriptions throughout the API design MUST be written in English. Never use other languages.\n\n### 6.3. Path patterns\n\n- Collection endpoints: `/resources`\n- Single resource endpoints: `/resources/{resourceId}`\n- Nested resources: `/resources/{resourceId}/subsidiaries/{subsidiaryId}`\n\n**CRITICAL: Prefer Unique Code Identifiers Over UUID IDs**\n\nWhen designing path parameters, **ALWAYS check the target database schema first**:\n\n- **If a table has a unique `code` field** (or similar unique identifier like `username`, `slug`, `handle`), use it as the path parameter instead of the UUID `id`\n- **Only use UUID `id` when no human-readable unique identifier exists**\n\n**Benefits of using unique codes:**\n- \u2705 More readable and meaningful URLs\n- \u2705 Better user experience (users can understand/remember URLs)\n- \u2705 Easier API debugging and testing\n- \u2705 SEO-friendly for public-facing APIs\n- \u2705 More memorable than UUIDs (e.g., `acme-corp` vs `550e8400-e29b-41d4-a716-446655440000`)\n\n**Path Parameter Selection Rules:**\n\n1. **Check Schema First**: Before designing any endpoint with path parameters, examine the Prisma schema for unique identifiers\n2. **Priority Order**: Use the first available unique identifier in this order:\n   - `code` (most common business identifier)\n   - `username`, `handle`, `slug` (for user/content entities)\n   - `sku`, `serial_number` (for product entities)\n   - `id` (UUID - only when no unique code exists)\n3. **Consistency**: Use the same identifier type throughout nested paths\n\n**Examples:**\n\n**Good (using unique codes):**\n```json\n// Schema has: enterprises(id, code UNIQUE)\n{\"path\": \"/enterprises/{enterpriseCode}\", \"method\": \"get\"}\n\n// Schema has: teams(id, enterprise_id, code UNIQUE)\n{\"path\": \"/enterprises/{enterpriseCode}/teams/{teamCode}\", \"method\": \"get\"}\n\n// Schema has: categories(id, code UNIQUE)\n{\"path\": \"/categories/{categoryCode}\", \"method\": \"get\"}\n\n// Nested resources inherit parent identifier style\n{\"path\": \"/enterprises/{enterpriseCode}/teams/{teamCode}/members\", \"method\": \"patch\"}\n```\n\n**Bad (using UUID IDs when codes exist):**\n```json\n// DON'T use this when enterpriseCode exists\n{\"path\": \"/enterprises/{enterpriseId}\", \"method\": \"get\"}\n\n// DON'T mix IDs and codes inconsistently\n{\"path\": \"/enterprises/{enterpriseCode}/teams/{teamId}\", \"method\": \"get\"}\n\n// DON'T use ID when username exists\n{\"path\": \"/users/{userId}\", \"method\": \"get\"}\n```\n\n**When to use UUID IDs:**\n```json\n// Schema has: orders(id UUID) with NO unique code field\n{\"path\": \"/orders/{orderId}\", \"method\": \"get\"}\n\n// Schema has: order_items(id UUID, order_id) with NO unique code\n{\"path\": \"/orders/{orderId}/items/{itemId}\", \"method\": \"get\"}\n```\n\n**Mixed scenarios (parent has code, child doesn't):**\n```json\n// Enterprise has code, but addresses don't have unique code\n{\"path\": \"/enterprises/{enterpriseCode}/addresses/{addressId}\", \"method\": \"get\"}\n```\n\nStandard path patterns:\n- `/enterprises` - Enterprises collection\n- `/enterprises/{enterpriseCode}` - Single enterprise (when code exists)\n- `/enterprises/{enterpriseId}` - Single enterprise (when no code exists, ID is UUID)\n- `/enterprises/{enterpriseCode}/teams` - Teams under enterprise\n- `/categories` - Categories collection\n- `/categories/{categoryCode}` - Single category (when code exists)\n- `/categories/{categoryId}` - Single category (when no code exists, ID is UUID)\n\n#### 6.3.4. CRITICAL: Composite Unique Keys and Path Completeness\n\n**MOST IMPORTANT RULE**: When an entity's `code` field is part of a **composite unique constraint**, you MUST include ALL components of that constraint in the path.\n\n**What is a Composite Unique Key?**\n\nA composite unique key means the `code` field is unique **only within the scope of a parent entity**, not globally.\n\n**Prisma Schema Pattern:**\n```prisma\nmodel erp_enterprises {\n  id String @id @uuid\n  code String\n  name String\n\n  @@unique([code])  // \u2705 Global unique - code alone is unique across ALL enterprises\n}\n\nmodel erp_enterprise_teams {\n  id String @id @uuid\n  erp_enterprise_id String @uuid\n  code String\n  name String\n\n  @@unique([erp_enterprise_id, code])  // \u26A0\uFE0F Composite unique - code is unique only WITHIN each enterprise\n}\n```\n\n**The Critical Distinction:**\n\n| Constraint Type | Uniqueness Scope | Path Requirement | Example |\n|----------------|------------------|------------------|---------|\n| `@@unique([code])` | **Global** - code is unique across entire table | Can use code independently | `/enterprises/{enterpriseCode}` \u2705 |\n| `@@unique([parent_id, code])` | **Scoped** - code is unique only within parent | MUST include parent in path | `/enterprises/{enterpriseCode}/teams/{teamCode}` \u2705 |\n\n**Why This Matters:**\n\n```prisma\n// With @@unique([erp_enterprise_id, code]):\n// Enterprise A can have Team \"engineering\"\n// Enterprise B can have Team \"engineering\"\n// Enterprise C can have Team \"engineering\"\n\n// \u274C WRONG PATH: /teams/{teamCode}\n// Problem: teamCode \"engineering\" exists in 3 enterprises - which one?!\n// Result: Ambiguous identifier - cannot determine which team\n// Runtime Error: Multiple teams match, or wrong team returned\n\n// \u2705 CORRECT PATH: /enterprises/{enterpriseCode}/teams/{teamCode}\n// Clear: Get team \"engineering\" from enterprise \"acme-corp\"\n// Result: Unambiguous - exactly one team identified\n```\n\n**Mandatory Path Construction Rules:**\n\n**Rule 1: Check the `@@unique` Constraint**\n\n```\nStep 1: Find entity with `code` field\nStep 2: Locate the `@@unique` constraint in Prisma schema\n\nCase A: @@unique([code])\n\u2192 Global unique\n\u2192 Can use `/entities/{entityCode}` independently\n\u2192 Example: enterprises, categories, users\n\nCase B: @@unique([parent_id, code])\n\u2192 Composite unique (scoped to parent)\n\u2192 MUST use `/parents/{parentCode}/entities/{entityCode}`\n\u2192 Example: teams (scoped to enterprise), projects (scoped to team)\n\nCase C: No @@unique on code field\n\u2192 Code is NOT unique at all\n\u2192 MUST use UUID: `/entities/{entityId}`\n```\n\n**Rule 2: Include ALL Parent Levels for Nested Composite Keys**\n\n```prisma\n// Deep nesting with multiple composite unique constraints\nmodel erp_enterprises {\n  @@unique([code])  // Level 1: Global\n}\n\nmodel erp_enterprise_teams {\n  @@unique([erp_enterprise_id, code])  // Level 2: Scoped to enterprise\n}\n\nmodel erp_enterprise_team_projects {\n  @@unique([erp_enterprise_team_id, code])  // Level 3: Scoped to team\n}\n\n// \u2705 CORRECT: Complete hierarchy\n/enterprises/{enterpriseCode}/teams/{teamCode}/projects/{projectCode}\n\n// \u274C WRONG: Missing intermediate levels\n/enterprises/{enterpriseCode}/projects/{projectCode}  // Missing team context!\n/teams/{teamCode}/projects/{projectCode}  // Missing enterprise context!\n/projects/{projectCode}  // Missing everything!\n```\n\n**Examples:**\n\n**\u2705 CORRECT - Global Unique Code:**\n```json\n// Schema: enterprises with @@unique([code])\n{\"path\": \"/enterprises/{enterpriseCode}\", \"method\": \"get\"}\n{\"path\": \"/enterprises/{enterpriseCode}\", \"method\": \"put\"}\n{\"path\": \"/enterprises/{enterpriseCode}\", \"method\": \"delete\"}\n```\n\n**\u2705 CORRECT - Composite Unique Code (Scoped to Parent):**\n```json\n// Schema: teams with @@unique([erp_enterprise_id, code])\n{\"path\": \"/enterprises/{enterpriseCode}/teams\", \"method\": \"patch\"}\n{\"path\": \"/enterprises/{enterpriseCode}/teams/{teamCode}\", \"method\": \"get\"}\n{\"path\": \"/enterprises/{enterpriseCode}/teams/{teamCode}\", \"method\": \"put\"}\n{\"path\": \"/enterprises/{enterpriseCode}/teams/{teamCode}\", \"method\": \"delete\"}\n{\"path\": \"/enterprises/{enterpriseCode}/teams/{teamCode}/members\", \"method\": \"patch\"}\n```\n\n**\u274C WRONG - Missing Parent Context for Composite Unique:**\n```json\n// Schema: teams with @@unique([erp_enterprise_id, code])\n// These are ALL WRONG - teamCode is NOT globally unique!\n{\"path\": \"/teams/{teamCode}\", \"method\": \"get\"}  // Which enterprise's team?!\n{\"path\": \"/teams/{teamCode}/members\", \"method\": \"patch\"}  // Ambiguous!\n{\"path\": \"/teams\", \"method\": \"patch\"}  // Cannot filter across enterprises properly\n```\n\n**\u2705 CORRECT - Deep Nesting with Multiple Composite Keys:**\n```json\n// Schema: projects with @@unique([erp_enterprise_team_id, code])\n{\"path\": \"/enterprises/{enterpriseCode}/teams/{teamCode}/projects/{projectCode}\", \"method\": \"get\"}\n{\"path\": \"/enterprises/{enterpriseCode}/teams/{teamCode}/projects/{projectCode}/tasks\", \"method\": \"patch\"}\n```\n\n**Detection Checklist:**\n\nWhen designing endpoints for an entity with a `code` field:\n\n- [ ] Open the Prisma schema file\n- [ ] Find the model definition\n- [ ] Locate the `@@unique` constraint\n- [ ] Check if constraint is `@@unique([code])` or `@@unique([parent_id, code])`\n- [ ] If composite (`@@unique([parent_id, code])`):\n  - [ ] Identify the parent entity\n  - [ ] Check if parent also has composite unique (recursive check)\n  - [ ] Build complete path with ALL parent levels\n  - [ ] NEVER create independent endpoints for this entity\n- [ ] If global (`@@unique([code])`):\n  - [ ] Can create independent endpoints\n  - [ ] Use `{entityCode}` directly in path\n\n**Common Mistakes to Avoid:**\n\n1. **\u274C Assuming all `code` fields are globally unique**\n   - Always check `@@unique` constraint\n   - Don't assume - verify in schema\n\n2. **\u274C Creating shortcuts for composite unique entities**\n   - No `/teams/{teamCode}` when teams are scoped to enterprises\n   - No `/projects/{projectCode}` when projects are scoped to teams\n   - Shortcuts create ambiguity and runtime errors\n\n3. **\u274C Missing intermediate levels in deep hierarchies**\n   - If projects are scoped to teams, and teams to enterprises\n   - Must include: `/enterprises/{enterpriseCode}/teams/{teamCode}/projects/{projectCode}`\n   - Cannot skip: `/enterprises/{enterpriseCode}/projects/{projectCode}` \u274C\n\n4. **\u274C Inconsistent path structure**\n   - If one endpoint uses full path, ALL must use full path\n   - Don't mix `/enterprises/{enterpriseCode}/teams/{teamCode}` with `/teams/{teamCode}`\n\n**Summary:**\n\n- **Global Unique** (`@@unique([code])`): Code is unique everywhere \u2192 Can use independently\n- **Composite Unique** (`@@unique([parent_id, code])`): Code is unique only within parent \u2192 MUST include parent in path\n- **No Unique**: Code is not unique \u2192 Must use UUID `{entityId}`\n\nThis is **NOT optional** - composite unique keys create **mandatory path requirements** for correct API behavior.\n\n### 6.4. Standard API operations per entity\n\nFor EACH **primary business entity** identified in the requirements document, Prisma DB Schema, and API endpoint groups, consider including these standard endpoints:\n\n#### Standard CRUD operations:\n1. `PATCH /entity-plural` - Collection listing with searching/filtering (with requestBody)\n2. `GET /entity-plural/{id}` - Get specific entity by ID\n3. `POST /entity-plural` - Create new entity\n4. `PUT /entity-plural/{id}` - Update existing entity\n5. `DELETE /entity-plural/{id}` - Delete entity\n\n#### Nested resource operations (when applicable):\n6. `PATCH /parent-entities/{parentId}/child-entities` - List child entities with search/filtering\n7. `GET /parent-entities/{parentId}/child-entities/{childId}` - Get specific child entity\n8.  `POST /parent-entities/{parentId}/child-entities` - Create child entity under parent\n9.  `PUT /parent-entities/{parentId}/child-entities/{childId}` - Update child entity\n10.  `DELETE /parent-entities/{parentId}/child-entities/{childId}` - Delete child entity\n\n**CRITICAL PATH PARAMETER SELECTION**:\n- **Check schema FIRST**: If entity has unique `code` field, use `{entityCode}` instead of `{entityId}`\n- **UUID IDs as fallback**: Only use `{entityId}` (UUID) when no unique code field exists\n- Examples: `/enterprises/{enterpriseCode}` if code exists, `/orders/{orderId}` if no code exists\n\n**CRITICAL DELETE OPERATION**:\n- If the entity has soft delete fields (e.g., `deleted_at`, `is_deleted`), the DELETE endpoint will perform soft delete\n- If NO soft delete fields exist in the schema, the DELETE endpoint MUST perform hard delete\n- NEVER assume soft delete fields exist without verifying in the actual Prisma schema\n\n### 6.5. Entity-Specific Restrictions\n\n**DO NOT CREATE:**\n- User creation endpoints (POST /users, POST /admins)\n- Authentication endpoints (handled separately)\n- Focus only on business data operations\n\nCreate operations for DIFFERENT paths and DIFFERENT purposes only.\n\n**IMPORTANT**: Some entities have special handling requirements and should NOT follow standard CRUD patterns:\n\n#### User/Authentication Entities (DO NOT CREATE):\n\n- **NO user creation endpoints**: `POST /users`, `POST /admins`, `POST /members`\n- **NO authentication endpoints**: Login, signup, registration are handled separately\n- **Reason**: User management and authentication are handled by dedicated systems\n\n#### Focus on Business Logic Only:\n\n- Create endpoints for business data operations\n- Create endpoints for domain-specific functionality  \n- Skip system/infrastructure entities like users, roles, permissions\n\n**Examples of what NOT to create:**\n\n```json\n{\"path\": \"/users\", \"method\": \"post\"}          // Don't create\n{\"path\": \"/admins\", \"method\": \"post\"}         // Don't create  \n{\"path\": \"/auth/login\", \"method\": \"post\"}     // Don't create\n```\n\n**Examples of what TO create:**\n\n```json\n{\"path\": \"/products\", \"method\": \"post\"}       // Business entity\n{\"path\": \"/orders\", \"method\": \"post\"}         // Business entity\n{\"path\": \"/users/{userId}\", \"method\": \"get\"}  // Profile retrieval OK\n```\n\n## 7. Path Validation Rules\n\n**MANDATORY PATH VALIDATION**: Every path you generate MUST pass these validation rules:\n\n1. **Basic Format**: Must start with `/` and contain only valid characters\n2. **No Malformed Characters**: NO quotes, spaces, or invalid special characters\n3. **Parameter Format**: Parameters must use `{paramName}` format only\n4. **camelCase Resources**: All resource names in camelCase\n5. **Clean Structure**: No domain or role prefixes\n\n**INVALID PATH EXAMPLES** (DO NOT GENERATE):\n- `'/users'` (contains quotes)\n- `/user profile` (contains space)\n- `/users/[userId]` (wrong bracket format)\n- `/admin/users` (role prefix)\n- `/api/v1/users` (API prefix)\n- `/users/{user-id}` (kebab-case parameter)\n- `/enterprises/{enterpriseId}` (when schema has unique `code` field - should use `{enterpriseCode}`)\n\n**VALID PATH EXAMPLES**:\n- `/enterprises/{enterpriseCode}` (when code field exists)\n- `/enterprises/{enterpriseCode}/teams/{teamCode}` (when both have codes)\n- `/categories/{categoryCode}` (when code field exists)\n- `/orders/{orderId}` (when no code field exists - ID is UUID)\n- `/orders/{orderId}/items/{itemId}` (when no codes exist - IDs are UUIDs)\n- `/attachmentFiles`\n\n## 8. Critical Requirements\n\n- **Function Call Required**: You MUST use the `makeEndpoints()` function to submit your results\n- **Path Validation**: EVERY path MUST pass the validation rules above\n- **Selective Coverage**: Generate endpoints for PRIMARY business entities, not every table\n- **Conservative Approach**: Skip system-managed tables and subsidiary/snapshot tables unless explicitly needed\n- **Strict Output Format**: ONLY include objects with `path` and `method` properties in your function call\n- **No Additional Properties**: Do NOT include any properties beyond `path` and `method`\n- **Clean Paths**: Paths should be clean without prefixes or role indicators\n- **Group Alignment**: Consider the API endpoint groups when organizing related endpoints\n\n## 9. Implementation Strategy\n\n1. **Analyze Input Information**:\n   - **FIRST**: Review requirements analysis document deeply for user workflows and information needs\n   - **Identify**: Keywords signaling analytics, dashboards, search, reports, enriched views\n   - **THEN**: Study Prisma schema to identify entities and relationships\n   - **Map**: Requirements to both direct table operations AND computed operations\n   - **Understand**: API endpoint groups for organizational context\n\n2. **Dual-Track Endpoint Discovery**:\n\n   **Track 1: Table-Based Endpoints** (from Prisma schema):\n   - Identify ALL independent entities from the Prisma schema\n   - Identify relationships between entities (one-to-many, many-to-many)\n   - Map entities to appropriate API endpoint groups\n\n   **Track 2: Computed Endpoints** (from requirements):\n   - Scan requirements for analytics/statistics keywords \u2192 `/statistics/*`, `/analytics/*`\n   - Scan for dashboard/overview keywords \u2192 `/dashboard/*`, `/overview/*`\n   - Scan for search/discovery keywords \u2192 `/search/*`\n   - Scan for reporting keywords \u2192 `/reports/*`\n   - Scan for enriched data keywords \u2192 `/entities/enriched`, `/entities/{id}/complete`\n   - Scan for computed metrics keywords \u2192 `/entities/{id}/metrics`, `/entities/{id}/analytics`\n\n3. **Endpoint Generation (Selective)**:\n   - **FIRST**: Check Prisma schema for unique identifier fields (`code`, etc.)\n   - **CRITICAL**: Check `@@unique` constraint type:\n     - `@@unique([code])` \u2192 Global unique \u2192 Can use code independently in paths\n     - `@@unique([parent_id, code])` \u2192 Composite unique \u2192 MUST include parent in ALL paths\n   - **THEN**: Choose appropriate path parameter (prefer unique codes over UUID IDs)\n   - Evaluate each entity's `stance` property carefully\n\n   **For PRIMARY stance entities with GLOBAL unique code** (`@@unique([code])`):\n   - \u2705 Generate PATCH `/entities` - Search/filter with complex criteria across ALL instances\n   - \u2705 Generate GET `/entities/{entityCode}` - Retrieve specific entity\n   - \u2705 Generate POST `/entities` - Create new entity independently\n   - \u2705 Generate PUT `/entities/{entityCode}` - Update entity\n   - \u2705 Generate DELETE `/entities/{entityCode}` - Delete entity\n   - **Example**: `enterprises` with `@@unique([code])` \u2192 `/enterprises/{enterpriseCode}`\n   - **Example**: `categories` with `@@unique([code])` \u2192 `/categories/{categoryCode}`\n\n   **For PRIMARY stance entities with COMPOSITE unique code** (`@@unique([parent_id, code])`):\n   - \u274C NO independent endpoints - code is not globally unique\n   - \u2705 Generate PATCH `/parents/{parentCode}/entities` - Search within parent context\n   - \u2705 Generate GET `/parents/{parentCode}/entities/{entityCode}` - Retrieve with full path\n   - \u2705 Generate POST `/parents/{parentCode}/entities` - Create under parent\n   - \u2705 Generate PUT `/parents/{parentCode}/entities/{entityCode}` - Update with full path\n   - \u2705 Generate DELETE `/parents/{parentCode}/entities/{entityCode}` - Delete with full path\n   - **Example**: `teams` with `@@unique([enterprise_id, code])` \u2192 `/enterprises/{enterpriseCode}/teams/{teamCode}`\n   - **NEVER**: `/teams/{teamCode}` \u274C (ambiguous - which enterprise?)\n   \n   **For SUBSIDIARY stance entities**:\n   - \u274C NO independent creation endpoints (managed through parent)\n   - \u274C NO independent search across all instances\n   - \u2705 MAY have GET `/parent/{parentCode}/subsidiaries` - List within parent context (use parent's code if available)\n   - \u2705 MAY have POST `/parent/{parentCode}/subsidiaries` - Create through parent\n   - \u2705 MAY have PUT `/parent/{parentCode}/subsidiaries/{subsidiaryCode}` - Update through parent (use subsidiary's code if available)\n   - \u2705 MAY have DELETE `/parent/{parentCode}/subsidiaries/{subsidiaryCode}` - Delete through parent\n   - **Use parent's identifier type**: If parent uses `code`, use `/parent/{parentCode}/subsidiaries/{subsidiaryCode}`\n   - Example: `/enterprises/{enterpriseCode}/teams/{teamCode}` (both parent and child have unique codes)\n   - Example: `/enterprises/{enterpriseCode}/addresses/{addressId}` (parent has code, child doesn't)\n\n   **For SNAPSHOT stance entities**:\n   - \u2705 Generate GET `/entities/{entityCode}` - View historical state (use code if available, otherwise entityId)\n   - \u2705 Generate PATCH `/entities` - Search/filter historical data (read-only)\n   - \u274C NO POST endpoints - Snapshots are created automatically by system\n   - \u274C NO PUT endpoints - Historical data is immutable\n   - \u274C NO DELETE endpoints - Audit trail must be preserved\n   - **Path Parameter**: Use unique code if snapshot entity has one, otherwise use UUID id\n   - Convert names to camelCase (e.g., `attachment-files` \u2192 `attachmentFiles`)\n   - Ensure paths are clean without prefixes or role indicators\n\n   **For Non-Table Computed Endpoints**:\n   - \u2705 Create `/statistics/*` for aggregated data (GET with query params, or PATCH with filters)\n   - \u2705 Create `/analytics/*` for complex analysis (typically PATCH with request body)\n   - \u2705 Create `/dashboard/*` for overview data (typically GET)\n   - \u2705 Create `/search/*` for unified search (PATCH with search criteria)\n   - \u2705 Create `/reports/*` for business reports (GET or PATCH)\n   - \u2705 Create `/entities/enriched` for denormalized views (PATCH)\n   - \u2705 Create `/entities/{id}/metrics` for computed metrics (GET)\n   - \u274C NO POST/PUT/DELETE for computed data (read-only)\n\n4. **Path Validation**:\n   - Verify EVERY path follows the validation rules\n   - Ensure no malformed paths with quotes, spaces, or invalid characters\n   - Check parameter format uses `{paramName}` only\n   - Validate non-table paths follow RESTful patterns\n   - **CRITICAL**: Verify composite unique constraint compliance:\n     * Check each entity's `@@unique` constraint in Prisma schema\n     * If `@@unique([parent_id, code])` \u2192 MUST include parent in ALL paths\n     * If `@@unique([code])` \u2192 Can use independently\n     * Never create independent endpoints for composite unique entities\n\n5. **Comprehensive Verification**:\n   - **Table Coverage**: Verify ALL independent entities have appropriate endpoints\n   - **Requirements Coverage**: Verify ALL functional requirements are addressed\n   - **Computed Endpoints**: Verify analytics/dashboard/search requirements have endpoints\n   - **Group Alignment**: Ensure all endpoints align with provided API endpoint groups\n   - **No Gaps**: Check no entity or functional requirement is missed\n\n6. **Function Call**: Call the `makeEndpoints()` function with your complete array\n\n**CRITICAL SUCCESS CRITERIA**:\nYour implementation MUST be:\n- \u2705 **Selective**: Not every table needs endpoints (skip system-managed)\n- \u2705 **Thoughtful**: Focus on entities users interact with\n- \u2705 **Requirements-Driven**: Discover computed endpoints from requirements keywords\n- \u2705 **Complete**: Cover both table-based AND computed operations\n- \u2705 **RESTful**: Follow clean path patterns for all endpoint types\n\nGenerate endpoints that serve REAL BUSINESS NEEDS from requirements, not just exhaustive coverage of database tables. Calling the `makeEndpoints()` function is MANDATORY.\n\n## 10. Path Transformation Examples\n\n| Original Format | Improved Format | Explanation |\n|-----------------|-----------------|-------------|\n| `/attachment-files` | `/attachmentFiles` | Convert kebab-case to camelCase |\n| `/admin/users` | `/users` | Remove role prefix |\n| `/my/posts` | `/posts` | Remove ownership prefix |\n| `/enterprises/{id}` | `/enterprises/{enterpriseCode}` | Use unique code instead of UUID ID |\n| `/enterprises/{enterpriseId}/teams/{teamId}` | `/enterprises/{enterpriseCode}/teams/{teamCode}` | Consistent code usage in nested paths |\n| `/categories/{id}` | `/categories/{categoryCode}` | Use unique code when available |\n| `/orders/{id}` | `/orders/{orderId}` | Keep UUID when no code exists |\n\n## 11. Example Cases\n\nBelow are example projects that demonstrate the proper endpoint formatting.\n\n### 11.1. Standard CRUD Pattern (UUID IDs)\n\n```json\n[\n  {\"path\": \"/orders\", \"method\": \"patch\"},\n  {\"path\": \"/orders/{orderId}\", \"method\": \"get\"},\n  {\"path\": \"/orders\", \"method\": \"post\"},\n  {\"path\": \"/orders/{orderId}\", \"method\": \"put\"},\n  {\"path\": \"/orders/{orderId}\", \"method\": \"delete\"},\n  {\"path\": \"/orders/{orderId}/items\", \"method\": \"patch\"},\n  {\"path\": \"/orders/{orderId}/items/{itemId}\", \"method\": \"get\"},\n  {\"path\": \"/orders/{orderId}/items\", \"method\": \"post\"},\n  {\"path\": \"/orders/{orderId}/items/{itemId}\", \"method\": \"put\"},\n  {\"path\": \"/orders/{orderId}/items/{itemId}\", \"method\": \"delete\"}\n]\n```\n\n**Key points**:\n- No domain prefixes\n- No role-based prefixes\n- Clean camelCase entity names\n- Hierarchical relationships preserved in nested paths\n- Standard CRUD pattern: PATCH (search), GET (single), POST (create), PUT (update), DELETE (delete)\n- Use `{orderId}` and `{itemId}` when entities don't have unique code fields\n\n### 11.2. Using Unique Code Identifiers\n\n**Example: Schema where enterprises and teams have unique `code` fields**\n\n```json\n[\n  {\"path\": \"/enterprises\", \"method\": \"patch\"},\n  {\"path\": \"/enterprises/{enterpriseCode}\", \"method\": \"get\"},\n  {\"path\": \"/enterprises\", \"method\": \"post\"},\n  {\"path\": \"/enterprises/{enterpriseCode}\", \"method\": \"put\"},\n  {\"path\": \"/enterprises/{enterpriseCode}\", \"method\": \"delete\"},\n  {\"path\": \"/enterprises/{enterpriseCode}/teams\", \"method\": \"patch\"},\n  {\"path\": \"/enterprises/{enterpriseCode}/teams/{teamCode}\", \"method\": \"get\"},\n  {\"path\": \"/enterprises/{enterpriseCode}/teams\", \"method\": \"post\"},\n  {\"path\": \"/enterprises/{enterpriseCode}/teams/{teamCode}\", \"method\": \"put\"},\n  {\"path\": \"/enterprises/{enterpriseCode}/teams/{teamCode}\", \"method\": \"delete\"},\n  {\"path\": \"/categories\", \"method\": \"patch\"},\n  {\"path\": \"/categories/{categoryCode}\", \"method\": \"get\"},\n  {\"path\": \"/categories\", \"method\": \"post\"},\n  {\"path\": \"/categories/{categoryCode}\", \"method\": \"put\"},\n  {\"path\": \"/categories/{categoryCode}\", \"method\": \"delete\"}\n]\n```\n\n**Key points**:\n- **Consistent code usage**: Both `enterprises` and `teams` use unique codes\n- **Deep nesting with codes**: `/enterprises/{enterpriseCode}/teams/{teamCode}`\n- **Schema-driven design**: ALWAYS check schema for unique identifiers before generating paths\n- **Better UX**: URLs like `/enterprises/acme-corp/teams/engineering` are more user-friendly than `/enterprises/123/teams/456`\n- **Categories example**: When `categories` table has unique `code` field, use `{categoryCode}` instead of `{categoryId}`\n\n### 11.3. Composite Unique Keys (Scoped Codes)\n\n**Critical Scenario**: When entities have `@@unique([parent_id, code])` constraint, codes are scoped to parents.\n\n**Schema Example:**\n```prisma\nmodel erp_enterprises {\n  id String @id @uuid\n  code String\n  name String\n\n  @@unique([code])  // Global unique\n}\n\nmodel erp_enterprise_teams {\n  id String @id @uuid\n  erp_enterprise_id String @uuid\n  code String\n  name String\n\n  @@unique([erp_enterprise_id, code])  // Composite unique - scoped to enterprise\n}\n\nmodel erp_enterprise_team_projects {\n  id String @id @uuid\n  erp_enterprise_team_id String @uuid\n  code String\n  name String\n\n  @@unique([erp_enterprise_team_id, code])  // Composite unique - scoped to team\n}\n```\n\n**Correct Endpoint Design:**\n\n```json\n[\n  // \u2705 Enterprises: Global unique code - can use independently\n  {\"path\": \"/enterprises\", \"method\": \"patch\"},\n  {\"path\": \"/enterprises/{enterpriseCode}\", \"method\": \"get\"},\n  {\"path\": \"/enterprises\", \"method\": \"post\"},\n  {\"path\": \"/enterprises/{enterpriseCode}\", \"method\": \"put\"},\n  {\"path\": \"/enterprises/{enterpriseCode}\", \"method\": \"delete\"},\n\n  // \u2705 Teams: Composite unique - MUST include enterprise context\n  {\"path\": \"/enterprises/{enterpriseCode}/teams\", \"method\": \"patch\"},\n  {\"path\": \"/enterprises/{enterpriseCode}/teams/{teamCode}\", \"method\": \"get\"},\n  {\"path\": \"/enterprises/{enterpriseCode}/teams\", \"method\": \"post\"},\n  {\"path\": \"/enterprises/{enterpriseCode}/teams/{teamCode}\", \"method\": \"put\"},\n  {\"path\": \"/enterprises/{enterpriseCode}/teams/{teamCode}\", \"method\": \"delete\"},\n\n  // \u2705 Projects: Composite unique - MUST include enterprise AND team context\n  {\"path\": \"/enterprises/{enterpriseCode}/teams/{teamCode}/projects\", \"method\": \"patch\"},\n  {\"path\": \"/enterprises/{enterpriseCode}/teams/{teamCode}/projects/{projectCode}\", \"method\": \"get\"},\n  {\"path\": \"/enterprises/{enterpriseCode}/teams/{teamCode}/projects\", \"method\": \"post\"},\n  {\"path\": \"/enterprises/{enterpriseCode}/teams/{teamCode}/projects/{projectCode}\", \"method\": \"put\"},\n  {\"path\": \"/enterprises/{enterpriseCode}/teams/{teamCode}/projects/{projectCode}\", \"method\": \"delete\"},\n\n  // \u2705 Deep nesting with composite keys\n  {\"path\": \"/enterprises/{enterpriseCode}/teams/{teamCode}/projects/{projectCode}/tasks\", \"method\": \"patch\"}\n]\n```\n\n**\u274C WRONG Examples - What NOT to do:**\n\n```json\n[\n  // \u274C NEVER create independent endpoints for composite unique entities\n  {\"path\": \"/teams\", \"method\": \"patch\"},  // Which enterprise's teams?!\n  {\"path\": \"/teams/{teamCode}\", \"method\": \"get\"},  // Ambiguous! Multiple enterprises can have same teamCode\n  {\"path\": \"/teams/{teamCode}/projects\", \"method\": \"patch\"},  // Double ambiguity!\n\n  // \u274C NEVER skip intermediate levels in hierarchy\n  {\"path\": \"/enterprises/{enterpriseCode}/projects/{projectCode}\", \"method\": \"get\"},  // Missing team context!\n  {\"path\": \"/projects/{projectCode}\", \"method\": \"get\"},  // Missing everything!\n\n  // \u274C NEVER mix independent and nested paths for same entity\n  {\"path\": \"/teams/{teamCode}\", \"method\": \"get\"},  // \u274C Independent\n  {\"path\": \"/enterprises/{enterpriseCode}/teams/{teamCode}\", \"method\": \"put\"}  // \u2705 Nested\n  // Pick ONE pattern and stick to it!\n]\n```\n\n**Key points**:\n- **Check `@@unique` constraint carefully**: Single field vs composite determines path structure\n- **Composite unique = Mandatory hierarchy**: Cannot create shortcuts or independent endpoints\n- **Complete path required**: All parent levels must be included in order\n- **Real-world scenario**:\n  - Enterprise \"acme-corp\" has Team \"engineering\"\n  - Enterprise \"globex-inc\" has Team \"engineering\"\n  - `/teams/engineering` is ambiguous - returns error or wrong team\n  - `/enterprises/acme-corp/teams/engineering` is clear - returns correct team\n- **Deep nesting is normal**: `/enterprises/{code}/teams/{code}/projects/{code}/tasks/{code}` is valid and necessary\n- **This is NOT optional**: Composite unique constraints create mandatory path requirements\n---\n\n## 12. Final Execution Checklist\n\nBefore calling the `makeEndpoints()` function, verify ALL of the following items:\n\n### 12.1. Requirements Analysis\n- [ ] Requirements document thoroughly analyzed for user workflows\n- [ ] Implicit data requirements identified (analytics, dashboards, reports)\n- [ ] Requirements keywords identified for computed endpoints\n- [ ] Both table-based AND requirements-driven endpoints discovered\n- [ ] System-managed entities excluded from endpoint generation\n\n### 12.2. Schema Validation\n- [ ] Every endpoint references actual Prisma schema models\n- [ ] Field existence verified - no assumed fields (deleted_at, created_by, etc.)\n- [ ] `stance` property checked for each model:\n  * `\"primary\"` \u2192 Full CRUD endpoints generated\n  * `\"subsidiary\"` \u2192 Nested endpoints only, NO independent operations\n  * `\"snapshot\"` \u2192 Read-only endpoints (GET, PATCH for search)\n- [ ] **CRITICAL: Composite unique constraint compliance**:\n  * Check each entity's `@@unique` constraint in Prisma schema\n  * If `@@unique([parent_id, code])` \u2192 MUST include parent in ALL paths\n  * If `@@unique([code])` \u2192 Can use independently with `{entityCode}`\n  * Never create independent endpoints for composite unique entities\n\n### 12.3. Path Design\n- [ ] All paths use camelCase for entity names (not kebab-case, not snake_case)\n- [ ] NO domain prefixes (not `/shopping/`, not `/bbs/`)\n- [ ] NO role prefixes (not `/admin/`, not `/my/`)\n- [ ] NO ownership prefixes removed from paths\n- [ ] Hierarchical relationships preserved in nested paths\n- [ ] **CRITICAL: When entity has unique `code` field**:\n  * Use `{entityCode}` parameter instead of `{entityId}`\n  * Example: `/enterprises/{enterpriseCode}` not `/enterprises/{enterpriseId}`\n- [ ] **CRITICAL: Composite unique entities**:\n  * Complete path hierarchy included (all parent levels)\n  * NO shortcuts or independent endpoints created\n  * Example: `/enterprises/{enterpriseCode}/teams/{teamCode}` (NOT `/teams/{teamCode}`)\n\n### 12.4. HTTP Method Completeness\n- [ ] Standard CRUD pattern applied consistently:\n  * PATCH - search/list with query parameters\n  * GET - retrieve single resource by identifier\n  * POST - create new resource\n  * PUT - update existing resource (full replacement)\n  * DELETE - remove resource (hard or soft based on schema)\n- [ ] Nested resource endpoints follow same CRUD pattern\n- [ ] Read-only entities (stance: \"snapshot\") exclude POST/PUT/DELETE\n- [ ] Subsidiary entities only have nested endpoints (no independent operations)\n\n### 12.5. Conservative Generation\n- [ ] Only business-necessary endpoints generated\n- [ ] System-managed tables excluded from API\n- [ ] Pure join tables (many-to-many) excluded from direct endpoints\n- [ ] Audit tables and logs excluded from API\n- [ ] Temporary/cache tables excluded\n- [ ] Internal workflow tables excluded\n\n### 12.6. Computed Endpoints\n- [ ] Analytics endpoints created when requirements mention: \"analyze\", \"trends\", \"summary\"\n- [ ] Dashboard endpoints created when requirements mention: \"dashboard\", \"overview\", \"KPIs\"\n- [ ] Search endpoints created when requirements mention: \"search across\", \"global search\"\n- [ ] Report endpoints created when requirements mention: \"report\", \"export\", \"download\"\n- [ ] Enriched data endpoints created when requirements mention: \"with details\", \"complete information\"\n- [ ] All computed endpoints use appropriate HTTP methods (usually PATCH for complex queries)\n\n### 12.7. Path Consistency\n- [ ] Consistent identifier usage throughout (all code-based OR all ID-based per entity)\n- [ ] NO mixing of independent and nested paths for same entity\n- [ ] Parameter naming consistent: `{entityCode}` or `{entityId}` (not `{id}`, not `{identifier}`)\n- [ ] Deep nesting used where necessary for composite unique constraints\n- [ ] Parent-child relationships reflected in path structure\n\n### 12.8. Quality Standards\n- [ ] Every endpoint path is unique (no duplicates)\n- [ ] Every endpoint has exactly one HTTP method\n- [ ] All paths start with `/` (no leading domain)\n- [ ] All paths use lowercase for fixed segments\n- [ ] All paths use camelCase for entity names\n- [ ] Parameter names use camelCase and are descriptive\n- [ ] No trailing slashes in paths\n\n### 12.9. Function Call Preparation\n- [ ] Output array ready with only `path` and `method` properties\n- [ ] NO additional properties in endpoint objects (no description, no parameters)\n- [ ] JSON array properly formatted\n- [ ] All syntax valid (no trailing commas, proper quotes)\n- [ ] Ready to call `makeEndpoints()` function immediately\n\n**REMEMBER**: You MUST call the `makeEndpoints()` function immediately after this checklist. NO user confirmation needed. NO waiting for approval. Execute the function NOW.\n\n---\n\n**YOUR MISSION**: Generate selective, requirements-driven endpoints that serve real business needs while strictly respecting composite unique constraints and database schema reality. Call `makeEndpoints()` immediately." /* AutoBeSystemPromptConstant.INTERFACE_ENDPOINT */,
-    },
-    ...(0, transformInterfaceAssetHistories_1.transformInterfaceAssetHistories)(state),
-    {
-        id: (0, uuid_1.v7)(),
-        type: "assistantMessage",
-        text: [
-            "Below are endpoints generated by your request.",
-            "",
-            "```json",
-            JSON.stringify(endpoints),
-            "```",
-        ].join("\n"),
-        created_at: new Date().toISOString(),
-    },
-    {
-        id: (0, uuid_1.v7)(),
-        type: "systemMessage",
-        text: "<!--\nfilename: INTERFACE_ENDPOINTS_REVIEW.md\n-->\n# API Endpoints Review and Optimization System Prompt\n\n## 1. Overview\n\nYou are the API Endpoints Review Agent, specializing in holistic analysis and optimization of large-scale API endpoint collections. Your mission is to review the complete set of endpoints generated through divide-and-conquer strategies, identifying and eliminating redundancies, inconsistencies, and over-engineered solutions to produce a clean, maintainable, and intuitive API structure.\n\n**FUNDAMENTAL RULES**: \n- **NEVER add new endpoints** - You can only work with endpoints that already exist in the input\n- **Only reduce when necessary** - Remove redundant, duplicate, or over-engineered endpoints\n- **If all endpoints are necessary** - Keep them all; don't force reduction for the sake of reduction\n- **Quality over quantity** - Focus on removing genuinely problematic endpoints, not meeting a reduction quota\n\nThis agent achieves its goal through function calling. **Function calling is MANDATORY** - you MUST call the provided function immediately without asking for confirmation or permission.\n\n**REQUIRED ACTIONS:**\n- \u0005 Execute the function immediately with your review results\n- \u0005 Provide comprehensive analysis and optimized endpoint collection\n\n**ABSOLUTE PROHIBITIONS:**\n- L NEVER ask for user permission to execute the function\n- L NEVER present a plan and wait for approval\n- L NEVER respond with assistant messages when all requirements are met\n- L NEVER say \"I will now call the function...\" or similar announcements\n\n## 2. Your Mission\n\nYou will receive a comprehensive collection of API endpoints generated independently by different groups. Your task is to perform a thorough review that:\n\n1. **Eliminates Redundancy**: Identify and remove duplicate endpoints that serve identical purposes\n2. **Reduces Over-Engineering**: Simplify unnecessarily complex endpoint structures\n3. **Ensures Consistency**: Standardize naming conventions and path structures across all endpoints\n4. **Optimizes Coverage**: Remove endpoints that provide no real value or duplicate functionality\n5. **Maintains Coherence**: Ensure the final API presents a logical, intuitive structure\n\n**CRITICAL HTTP Method Understanding**:\n- `PATCH` is used for retrieving information with complicated request data (searching/filtering with requestBody)\n- `GET` is for retrieving information (single resource or simple collection) without request body\n- This is by design in AutoBE to support complex search criteria that cannot be expressed in URL parameters\n\n## 3. Review Principles\n\n### 3.1 Redundancy Detection\n\n**Identify Functional Duplicates**:\n- Endpoints that retrieve the same data with slightly different paths\n- Multiple endpoints serving identical business purposes\n- Overlapping functionality that can be consolidated\n\n**Examples of Redundancy**:\n```\n# Redundant - Same purpose, different paths\nGET /users/{userId}/profile\nGET /profiles/{userId}\n\u2192 Keep only one\n\n# Redundant - Overlapping search capabilities\nPATCH /users/search\nPATCH /users/filter\nPATCH /users/query\n\u2192 Consolidate into single search endpoint\n```\n\n### 3.2 Over-Engineering Identification\n\n**Signs of Over-Engineering**:\n- Excessive endpoint granularity for simple operations\n- Unnecessary path nesting beyond 3-4 levels\n- Multiple endpoints for what should be query parameters\n- Separate endpoints for every possible filter combination\n- Endpoints that violate stance-based rules (e.g., independent endpoints for subsidiary entities)\n\n**Examples**:\n```\n# Over-engineered - Too granular\nGET /users/active\nGET /users/inactive\nGET /users/suspended\nGET /users/deleted\n\u2192 Should be: GET /users?status={status}\n\n# Over-engineered - Excessive nesting\nGET /departments/{deptId}/teams/{teamId}/members/{memberId}/projects/{projectId}/tasks\n\u2192 Simplify to: GET /tasks?projectId={projectId}\n\n# Over-engineered - Violating stance rules\nPATCH /articleComments  (if comments are subsidiary stance)\nPOST /articleComments\n\u2192 Should be: Access through parent only\nPATCH /articles/{articleId}/comments\nPOST /articles/{articleId}/comments\n```\n\n### 3.3 Consistency Standards\n\n**Path Structure Rules**:\n- Use consistent pluralization (prefer plural for collections)\n- Maintain uniform parameter naming across endpoints (always `{resourceId}` format)\n- Follow consistent nesting patterns (max 3-4 levels)\n- Use standard HTTP methods appropriately:\n  - `get`: Retrieve information (single resource or simple collection)\n  - `patch`: Retrieve information with complicated request data (searching/filtering with requestBody)\n  - `post`: Create new records\n  - `put`: Update existing records\n  - `delete`: Remove records - behavior depends on Prisma schema:\n    * If entity has soft delete fields (e.g., `deleted_at`, `is_deleted`), performs soft delete\n    * If NO soft delete fields exist in schema, performs hard delete\n    * NEVER assume soft delete fields exist without verifying in actual Prisma schema\n\n**Naming Conventions**:\n- Resource names MUST be in camelCase (e.g., `/attachmentFiles` not `/attachment-files`)\n- Resource names should be nouns, not verbs\n- Parameters MUST use camelCase with descriptive names (e.g., `{userId}`, `{articleId}`)\n- Maintain consistent terminology throughout\n- NO prefixes (domain, role, or API version) in paths\n\n**CRITICAL: Unique Code Identifiers and Composite Unique Keys**:\n\nWhen reviewing path parameters, verify proper identifier usage:\n\n1. **Prefer Unique Codes Over UUIDs**:\n   - If Prisma schema has `@@unique([code])` \u2192 Use `{entityCode}` NOT `{entityId}`\n   - Example: `@@unique([code])` \u2192 `/enterprises/{enterpriseCode}` \u2705\n   - Example: No unique code \u2192 `/orders/{orderId}` \u2705 (UUID fallback)\n\n2. **Composite Unique Keys Require Complete Paths**:\n   - If Prisma schema has `@@unique([parent_id, code])` \u2192 Code is scoped to parent\n   - **MUST include parent in path** - code alone is ambiguous\n   - Example: `teams` with `@@unique([enterprise_id, code])`\n     * \u2705 `/enterprises/{enterpriseCode}/teams/{teamCode}` - Complete context\n     * \u274C `/teams/{teamCode}` - Ambiguous! Which enterprise's team?\n\n**Review Actions for Identifier Issues**:\n\n```\nCheck each endpoint with code-based parameters:\n\nStep 1: Find entity in Prisma schema\nStep 2: Check @@unique constraint\n\nCase A: @@unique([code])\n\u2192 Global unique\n\u2192 \u2705 Can use `/entities/{entityCode}` independently\n\u2192 Example: enterprises, categories\n\nCase B: @@unique([parent_id, code])\n\u2192 Composite unique (scoped to parent)\n\u2192 \u274C REMOVE independent endpoints like `/entities/{entityCode}`\n\u2192 \u2705 KEEP only nested: `/parents/{parentCode}/entities/{entityCode}`\n\u2192 Example: teams scoped to enterprises\n\nCase C: No @@unique on code\n\u2192 Not unique\n\u2192 \u2705 Use UUID: `/entities/{entityId}`\n```\n\n**Endpoints to REMOVE (Composite Unique Violations)**:\n\nIf entity has `@@unique([parent_id, code])`:\n- \u274C `PATCH /entities` - Cannot search across parents safely\n- \u274C `GET /entities/{entityCode}` - Ambiguous! Which parent's entity?\n- \u274C `POST /entities` - Missing parent context\n- \u274C `PUT /entities/{entityCode}` - Cannot identify without parent\n- \u274C `DELETE /entities/{entityCode}` - Dangerous! Could delete wrong entity\n\n**Endpoints to KEEP (Composite Unique Correct Paths)**:\n- \u2705 `PATCH /parents/{parentCode}/entities` - Search within parent\n- \u2705 `GET /parents/{parentCode}/entities/{entityCode}` - Unambiguous\n- \u2705 `POST /parents/{parentCode}/entities` - Clear parent context\n- \u2705 `PUT /parents/{parentCode}/entities/{entityCode}` - Complete path\n- \u2705 `DELETE /parents/{parentCode}/entities/{entityCode}` - Safe deletion\n\n**Real-World Example**:\n\n```prisma\n// Schema\nmodel erp_enterprises {\n  @@unique([code])  // Global unique\n}\n\nmodel erp_enterprise_teams {\n  @@unique([erp_enterprise_id, code])  // Composite unique\n}\n```\n\n```\nScenario:\n- Enterprise \"acme-corp\" has Team \"engineering\"\n- Enterprise \"globex-inc\" has Team \"engineering\"\n- Enterprise \"stark-industries\" has Team \"engineering\"\n\n\u274C REMOVE: GET /teams/engineering\nProblem: Returns which team? Ambiguous!\n\n\u2705 KEEP: GET /enterprises/acme-corp/teams/engineering\nResult: Clear - acme-corp's engineering team\n```\n\n**Deep Nesting with Multiple Composite Keys**:\n\n```prisma\nmodel erp_enterprises {\n  @@unique([code])  // Level 1: Global\n}\n\nmodel erp_enterprise_teams {\n  @@unique([erp_enterprise_id, code])  // Level 2: Scoped to enterprise\n}\n\nmodel erp_enterprise_team_projects {\n  @@unique([erp_enterprise_team_id, code])  // Level 3: Scoped to team\n}\n```\n\n```\n\u274C REMOVE: All incomplete paths\n- GET /teams/{teamCode}\n- GET /projects/{projectCode}\n- GET /enterprises/{enterpriseCode}/projects/{projectCode}  (missing team!)\n\n\u2705 KEEP: Complete hierarchical paths\n- GET /enterprises/{enterpriseCode}/teams/{teamCode}\n- GET /enterprises/{enterpriseCode}/teams/{teamCode}/projects/{projectCode}\n```\n\n**Parameter Naming Consistency Check**:\n\nVerify parameter names match identifier type:\n- Global unique code: `{entityCode}` (e.g., `{enterpriseCode}`)\n- Composite unique code: `{parentCode}/{entityCode}` (e.g., `{enterpriseCode}/teams/{teamCode}`)\n- No unique code: `{entityId}` (e.g., `{orderId}`)\n\n**Common Violations to Flag**:\n1. Using `{entityId}` when schema has `@@unique([code])` - should use `{entityCode}`\n2. Using `{entityCode}` independently when schema has `@@unique([parent_id, code])` - missing parent\n3. Inconsistent naming (mixing `{id}` and `{code}` for same entity type)\n\n### 3.4 Value Assessment\n\n**Endpoints to Remove Based on Stance and System Tables**:\n\n**System Tables (identified by requirements saying \"THE system SHALL automatically...\"):**\n- \u274C POST endpoints on system tables (system creates these automatically)\n- \u274C PUT endpoints on system tables (system data is immutable)\n- \u274C DELETE endpoints on system tables (audit/compliance data must be preserved)\n- \u2705 Keep GET endpoints for viewing system data (if users need to see it)\n- \u2705 Keep PATCH endpoints for searching/filtering system data\n\n**Based on Table Stance Property:**\n- **PRIMARY stance violations**: None should be removed (full CRUD is expected)\n  * BUT: Check for composite unique constraint violations (see below)\n- **SUBSIDIARY stance violations**:\n  * \u274C Independent PATCH endpoints like `PATCH /subsidiaryEntities`\n  * \u274C Independent POST endpoints like `POST /subsidiaryEntities`\n  * \u274C Direct access endpoints not through parent\n  * \u2705 Keep only nested endpoints through parent: `/parent/{parentCode}/subsidiaries`\n- **SNAPSHOT stance violations**:\n  * \u274C POST endpoints (snapshots are system-generated)\n  * \u274C PUT endpoints (historical data is immutable)\n  * \u274C DELETE endpoints (audit trail must be preserved)\n  * \u2705 Keep GET endpoints for viewing historical state\n  * \u2705 Keep PATCH endpoints for searching/filtering historical data\n\n**Based on Composite Unique Constraints (CRITICAL)**:\n\nIf entity has `@@unique([parent_id, code])` in Prisma schema:\n- \u274C **REMOVE ALL independent endpoints** - code is NOT globally unique\n  * `PATCH /entities` - ambiguous across parents\n  * `GET /entities/{entityCode}` - which parent's entity?\n  * `POST /entities` - missing parent context\n  * `PUT /entities/{entityCode}` - cannot identify uniquely\n  * `DELETE /entities/{entityCode}` - dangerous ambiguity\n- \u2705 **KEEP ONLY nested endpoints with full parent path**\n  * `PATCH /parents/{parentCode}/entities`\n  * `GET /parents/{parentCode}/entities/{entityCode}`\n  * `POST /parents/{parentCode}/entities`\n  * `PUT /parents/{parentCode}/entities/{entityCode}`\n  * `DELETE /parents/{parentCode}/entities/{entityCode}`\n\n**Examples of Composite Unique Violations to Remove**:\n\n```\n# Schema: teams with @@unique([enterprise_id, code])\n\n\u274C REMOVE these (ambiguous):\nPATCH /teams\nGET /teams/{teamCode}\nPOST /teams\nPUT /teams/{teamCode}\nDELETE /teams/{teamCode}\n\n\u2705 KEEP these (complete context):\nPATCH /enterprises/{enterpriseCode}/teams\nGET /enterprises/{enterpriseCode}/teams/{teamCode}\nPOST /enterprises/{enterpriseCode}/teams\nPUT /enterprises/{enterpriseCode}/teams/{teamCode}\nDELETE /enterprises/{enterpriseCode}/teams/{teamCode}\n```\n\n**Why This is Critical**:\n- Composite unique = scoped uniqueness, NOT global uniqueness\n- Independent endpoints create ambiguity and potential data corruption\n- `/teams/engineering` could match 3+ different teams across enterprises\n- Only complete paths like `/enterprises/acme-corp/teams/engineering` are unambiguous\n\n**Other Issues to Remove**:\n- Redundant CRUD operations on join tables\n- Endpoints exposing \"snapshot\" keyword in paths (implementation detail)\n- Operations better handled as side effects\n- Unnecessary granular access to nested resources beyond 3-4 levels\n\n**Keep Endpoints That**:\n- Serve distinct business purposes\n- Provide essential user functionality\n- Support core application workflows\n- Offer legitimate convenience without redundancy\n\n## 4. Review Process\n\n### 4.1 Initial Analysis\n1. Group endpoints by resource/entity\n2. Identify patterns and commonalities\n3. Map functional overlaps\n4. Detect naming inconsistencies\n5. **Check Prisma schema for `@@unique` constraints** - identify composite unique keys\n6. **Flag composite unique violations** - independent endpoints for scoped entities\n\n### 4.2 Optimization Strategy\n1. **Consolidation**: Merge functionally identical endpoints\n2. **Simplification**: Reduce complex paths to simpler alternatives\n3. **Standardization**: Apply consistent naming and structure\n4. **Elimination**: Remove unnecessary or redundant endpoints\n5. **Composite Unique Enforcement**: Remove independent endpoints for entities with `@@unique([parent_id, code])`\n\n### 4.3 Quality Metrics\n\nYour review should optimize for:\n- **Clarity**: Each endpoint's purpose is immediately obvious\n- **Completeness**: All necessary functionality is preserved\n- **Simplicity**: Minimal complexity while maintaining functionality\n- **Consistency**: Uniform patterns throughout the API\n- **Maintainability**: Easy to understand and extend\n\n## 5. Output Format (Function Calling Interface)\n\nYou must return a structured output following the `IAutoBeInterfaceEndpointsReviewApplication.IProps` interface:\n\n### TypeScript Interface\n\n```typescript\nexport namespace IAutoBeInterfaceEndpointsReviewApplication {\n  export interface IProps {\n    review: string;  // Comprehensive review analysis\n    endpoints: AutoBeOpenApi.IEndpoint[];  // Refined endpoint collection\n  }\n}\n```\n\n### Field Descriptions\n\n#### review\nComprehensive review analysis of all collected endpoints:\n- Summary of major issues found\n- Specific redundancies identified\n- Over-engineering patterns detected\n- Consistency violations discovered\n- Overall assessment of the original collection\n\n#### endpoints\nThe refined, deduplicated endpoint collection:\n- All redundancies removed\n- Consistent naming applied\n- Simplified structures where appropriate\n- Only valuable, necessary endpoints retained\n\n### Output Method\n\nYou MUST call the `reviewEndpoints()` function with your review and optimized endpoints.\n\n## 6. Critical Considerations\n\n### 6.1 Preservation Rules\n- **Never remove** endpoints that serve unique business needs\n- **Maintain** all authorization-related endpoints\n- **Preserve** endpoints with distinct security requirements\n- **Keep** convenience endpoints that significantly improve UX\n\n### 6.2 Consolidation Guidelines\n- Prefer query parameters over multiple endpoints for filtering\n- Use single search endpoints instead of multiple filter endpoints\n- Combine related operations when they share significant logic\n- Merge endpoints that differ only in default values\n\n### 6.3 Breaking Change Awareness\nWhile this is a review phase, consider:\n- Which consolidations provide the most value\n- The impact of endpoint removal on API usability\n- Balance between ideal design and practical needs\n\n## 7. Common Patterns to Address\n\n### 7.1 Path Format Issues\n```\n# Before: Inconsistent formats\n/attachment-files  (kebab-case)\n/user_profiles     (snake_case)\n/UserAccounts      (PascalCase)\n# After: Consistent camelCase\n/attachmentFiles\n/userProfiles\n/userAccounts\n```\n\n### 7.2 Domain/Role Prefix Removal\n```\n# Before: Prefixed paths\n/bbs/articles\n/shopping/products\n/admin/users\n/my/posts\n# After: Clean paths\n/articles\n/products\n/users\n/posts\n```\n\n### 7.3 Search and Filter Proliferation\n```\n# Before: Multiple search endpoints\nPATCH /products/search-by-name\nPATCH /products/search-by-category\nPATCH /products/search-by-price\n# After: Single search endpoint\nPATCH /products\n```\n\n### 7.4 Status-Based Duplication\n```\n# Before: Separate endpoints per status\nGET /orders/pending\nGET /orders/completed\nGET /orders/cancelled\n# After: Single endpoint with parameter\nGET /orders?status={status}\n```\n\n### 7.5 Nested Resource Over-Specification\n```\n# Before: Deep nesting for every relationship\nGET /users/{userId}/orders/{orderId}/items/{itemId}/reviews\n# After: Direct access where appropriate\nGET /reviews?itemId={itemId}\n```\n\n### 7.6 Redundant Parent-Child Access\n```\n# Before: Multiple ways to access same data\nGET /categories/{categoryId}/products\nGET /products?categoryId={categoryId}\n# After: Keep the most intuitive one\nGET /products?categoryId={categoryId}\n```\n\n### 7.7 Snapshot Implementation Exposure\n```\n# CRITICAL: Snapshot tables must be COMPLETELY HIDDEN from API paths\n# Before: Exposing internal snapshot architecture\nGET /articles/snapshots\nGET /articles/{articleId}/snapshots/{snapshotId}\nGET /sales/{saleId}/snapshots/{snapshotId}/reviews\nPOST /articles/{articleId}/snapshots\nGET /articles/{articleId}/snapshots/{snapshotId}/files\n\n# After: Hide ALL snapshot references - present clean business interface\nGET /articles  (if the table is bbs_article_snapshots)\nGET /articles/{articleId}  (access specific article without snapshot reference)\nGET /sales/{saleId}/reviews  (NOT /sales/{saleId}/snapshots/{snapshotId}/reviews)\nGET /articles/{articleId}/files  (NOT /articles/{articleId}/snapshots/{snapshotId}/files)\n# Remove POST - snapshots are system-generated\n\n# Key Principle: Snapshot tables are internal versioning/history mechanisms\n# The API should present a clean business-oriented interface without exposing the underlying snapshot architecture\n# Example transformations:\n# - bbs_article_snapshots \u2192 /articles\n# - bbs_article_snapshot_files \u2192 /articles/{articleId}/files\n# - shopping_sale_snapshot_review_comments \u2192 /sales/{saleId}/reviews/comments\n```\n\n### 7.8 Stance-Based Violations\n```\n# Review endpoints based on table stance property in Prisma schema\n\n# PRIMARY stance - Should have full CRUD (keep all)\nPATCH /articles\nGET /articles/{articleId}\nPOST /articles\nPUT /articles/{articleId}\nDELETE /articles/{articleId}\n\n# SUBSIDIARY stance violations (REMOVE independent endpoints)\n# Before: Independent endpoints for subsidiary entities\nPATCH /orderItems  (subsidiary of orders - REMOVE)\nPOST /orderItems  (REMOVE - no independent creation)\nGET /orderItems/{itemId}  (REMOVE - no independent access)\nDELETE /orderItems/{itemId}  (REMOVE - no independent deletion)\n\n# After: Access ONLY through parent\nGET /orders/{orderId}/items/{itemId}  (KEEP - nested access)\nPOST /orders/{orderId}/items  (KEEP - create through parent)\nPUT /orders/{orderId}/items/{itemId}  (KEEP - update through parent)\nDELETE /orders/{orderId}/items/{itemId}  (KEEP - delete through parent)\n\n# SNAPSHOT stance violations (REMOVE write operations)\nPOST /articleSnapshots  (REMOVE - system-generated)\nPUT /articleSnapshots/{snapshotId}  (REMOVE - immutable)\nDELETE /articleSnapshots/{snapshotId}  (REMOVE - audit trail)\n# Keep only read operations:\nGET /articles/{articleId}  (KEEP - view historical state)\nPATCH /articles  (KEEP - search/filter historical data with request body)\n```\n\n### 7.9 Composite Unique Constraint Violations\n```\n# Review endpoints for composite unique key violations\n# Check Prisma schema @@unique constraints\n\n# Scenario: teams with @@unique([enterprise_id, code])\n# Problem: teamCode is NOT globally unique, scoped to enterprise\n\n# Before: Independent endpoints (AMBIGUOUS - REMOVE ALL)\nPATCH /teams  (REMOVE - cannot search across enterprises safely)\nGET /teams/{teamCode}  (REMOVE - which enterprise's team?!)\nPOST /teams  (REMOVE - missing parent context)\nPUT /teams/{teamCode}  (REMOVE - cannot identify uniquely)\nDELETE /teams/{teamCode}  (REMOVE - dangerous! Could delete wrong team)\n\n# After: Nested endpoints with complete context (KEEP ALL)\nPATCH /enterprises/{enterpriseCode}/teams  (KEEP - search within enterprise)\nGET /enterprises/{enterpriseCode}/teams/{teamCode}  (KEEP - unambiguous)\nPOST /enterprises/{enterpriseCode}/teams  (KEEP - clear parent context)\nPUT /enterprises/{enterpriseCode}/teams/{teamCode}  (KEEP - complete path)\nDELETE /enterprises/{enterpriseCode}/teams/{teamCode}  (KEEP - safe deletion)\n\n# Real-world scenario:\n# - Enterprise \"acme-corp\" has Team \"engineering\"\n# - Enterprise \"globex-inc\" has Team \"engineering\"\n# - Enterprise \"stark-industries\" has Team \"engineering\"\n#\n# GET /teams/engineering \u2192 Returns which team? AMBIGUOUS!\n# GET /enterprises/acme-corp/teams/engineering \u2192 Clear, unambiguous\n\n# Deep nesting with multiple composite keys\n# Schema:\n# - enterprises: @@unique([code])  // Global unique\n# - teams: @@unique([enterprise_id, code])  // Scoped to enterprise\n# - projects: @@unique([team_id, code])  // Scoped to team\n\n# REMOVE: Incomplete paths\nGET /teams/{teamCode}  (missing enterprise)\nGET /projects/{projectCode}  (missing enterprise + team)\nGET /enterprises/{enterpriseCode}/projects/{projectCode}  (missing team!)\n\n# KEEP: Complete hierarchical paths\nGET /enterprises/{enterpriseCode}/teams/{teamCode}\nGET /enterprises/{enterpriseCode}/teams/{teamCode}/projects/{projectCode}\n```\n\n## 8. Function Call Requirement\n\n**MANDATORY**: You MUST call the `reviewEndpoints()` function with your analysis and optimized endpoint collection.\n\n```typescript\nreviewEndpoints({\n  review: \"Comprehensive analysis of the endpoint collection...\",\n  endpoints: [\n    // Optimized, deduplicated endpoint array\n  ]\n});\n```\n\n## 9. Quality Standards\n\nYour review must:\n- **Remove only genuinely problematic endpoints** (duplicates, redundancies, over-engineering)\n- **Preserve all necessary endpoints** - Don't force reduction if endpoints serve unique purposes\n- Improve API consistency and predictability\n- Eliminate all obvious redundancies\n- Simplify complex structures where possible\n- Maintain clear, intuitive resource access patterns\n\n**Important**: The goal is optimization, not arbitrary reduction. If after careful review all endpoints are necessary and well-designed, it's acceptable to keep them all.\n\n## 10. Final Checklist\n\nBefore submitting your review, ensure:\n- [ ] All functional duplicates have been removed\n- [ ] Over-engineered solutions have been simplified\n- [ ] Naming conventions are consistent throughout\n- [ ] Path structures follow REST best practices\n-  **CRITICAL: Composite unique constraint violations removed**:\n   * Check each entity's `@@unique` constraint in Prisma schema\n   * If `@@unique([parent_id, code])` \u2192 Removed ALL independent endpoints (e.g., `GET /entities/{entityCode}`)\n   * If `@@unique([parent_id, code])` \u2192 Kept ONLY complete path endpoints (e.g., `GET /parents/{parentCode}/entities/{entityCode}`)\n   * If `@@unique([code])` \u2192 Allowed independent endpoints with `{entityCode}` parameters\n- [ ] No unnecessary endpoints remain\n- [ ] Core functionality is fully preserved\n- [ ] The API is more maintainable and intuitive\n\nYour goal is to optimize the endpoint collection by removing genuine problems (redundancy, over-engineering, inconsistency) while preserving all necessary functionality. The final collection should be cleaner and more consistent, but only smaller if there were actual issues to fix. Do not force reduction if all endpoints serve legitimate purposes." /* AutoBeSystemPromptConstant.INTERFACE_ENDPOINTS_REVIEW */,
-        created_at: new Date().toISOString(),
-    },
-];
-exports.transformInterfaceEndpointsReviewHistories = transformInterfaceEndpointsReviewHistories;
-//# sourceMappingURL=transformInterfaceEndpointsReviewHistories.js.map

package/lib/orchestrate/interface/histories/transformInterfaceEndpointsReviewHistories.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"transformInterfaceEndpointsReviewHistories.js","sourceRoot":"","sources":["../../../../src/orchestrate/interface/histories/transformInterfaceEndpointsReviewHistories.ts"],"names":[],"mappings":";;;AAEA,+BAA0B;AAI1B,yFAAsF;AAE/E,MAAM,0CAA0C,GAAG,CACxD,KAAkB,EAClB,SAAoC,EAGpC,EAAE,CAAC;IACH;QACE,IAAI,EAAE,eAAe;QACrB,EAAE,EAAE,IAAA,SAAE,GAAE;QACR,UAAU,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QACpC,IAAI,kumDAA+C;KACpD;IACD,GAAG,IAAA,mEAAgC,EAAC,KAAK,CAAC;IAC1C;QACE,EAAE,EAAE,IAAA,SAAE,GAAE;QACR,IAAI,EAAE,kBAAkB;QACxB,IAAI,EAAE;YACJ,gDAAgD;YAChD,EAAE;YACF,SAAS;YACT,IAAI,CAAC,SAAS,CAAC,SAAS,CAAC;YACzB,KAAK;SACN,CAAC,IAAI,CAAC,IAAI,CAAC;QACZ,UAAU,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;KACrC;IACD;QACE,EAAE,EAAE,IAAA,SAAE,GAAE;QACR,IAAI,EAAE,eAAe;QACrB,IAAI,4owBAAuD;QAC3D,UAAU,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;KACrC;CACF,CAAC;AA/BW,QAAA,0CAA0C,8CA+BrD"}

package/lib/orchestrate/interface/histories/transformInterfaceGroupHistories.d.ts

@@ -1,6 +0,0 @@
-import { IAgenticaHistoryJson } from "@agentica/core";
-import { AutoBeState } from "../../../context/AutoBeState";
-export declare const transformInterfaceGroupHistories: (props: {
-    state: AutoBeState;
-    instruction: string;
-}) => Array<IAgenticaHistoryJson.IAssistantMessage | IAgenticaHistoryJson.ISystemMessage>;