@equilateral_ai/mindmeld 3.4.0 → 3.5.1

package/src/handlers/helpers/predictiveCache.js

@@ -0,0 +1,51 @@
+const { executeQuery } = require('./index');
+
+/**
+ * Get standards that are consistently relevant for a project (>80% activation rate over 30 days)
+ */
+async function getPredictedStandards(projectId) {
+    const result = await executeQuery(`
+        WITH activation_stats AS (
+            SELECT
+                standard_id,
+                COUNT(*) as activation_count,
+                COUNT(DISTINCT DATE(activated_at)) as active_days
+            FROM rapport.standards_activation_log
+            WHERE project_id = $1
+            AND activated_at > NOW() - INTERVAL '30 days'
+            GROUP BY standard_id
+        ),
+        total_sessions AS (
+            SELECT COUNT(DISTINCT DATE(activated_at)) as total_days
+            FROM rapport.standards_activation_log
+            WHERE project_id = $1
+            AND activated_at > NOW() - INTERVAL '30 days'
+        )
+        SELECT a.standard_id,
+               a.activation_count,
+               a.active_days,
+               t.total_days,
+               CASE WHEN t.total_days > 0
+                    THEN ROUND(a.active_days::numeric / t.total_days * 100, 1)
+                    ELSE 0 END as activation_rate
+        FROM activation_stats a, total_sessions t
+        WHERE t.total_days >= 5
+        AND a.active_days::numeric / GREATEST(t.total_days, 1) > 0.8
+        ORDER BY activation_rate DESC
+    `, [projectId]);
+    return result.rows;
+}
+
+/**
+ * Log which standards were activated for a project
+ */
+async function logStandardsActivation(projectId, standardIds) {
+    if (!standardIds || standardIds.length === 0) return;
+    const values = standardIds.map((id, i) => `($1, $${i + 2})`).join(', ');
+    await executeQuery(
+        `INSERT INTO rapport.standards_activation_log (project_id, standard_id) VALUES ${values}`,
+        [projectId, ...standardIds]
+    );
+}
+
+module.exports = { getPredictedStandards, logStandardsActivation };

package/src/handlers/helpers/projectAccess.js

@@ -0,0 +1,88 @@
+/**
+ * Project Access Verification
+ *
+ * Centralizes the "can this user access this project?" check.
+ * Grants access if the user is either:
+ *   1. A direct project collaborator (rapport.project_collaborators)
+ *   2. A member of the company that owns the project (rapport.user_entitlements)
+ *
+ * Returns the project row (project_id, project_name, company_id) on success,
+ * or null if the user has no access.
+ */
+
+const { executeQuery } = require('./dbOperations');
+
+/**
+ * Verify a user has access to a project via collaborator role or company membership.
+ * @param {string} projectId - Project ID to check
+ * @param {string} email - User's email address
+ * @returns {Promise<{project_id: string, project_name: string, company_id: string, access_type: string}|null>}
+ *   Project row with access_type ('collaborator' or 'company_member'), or null if no access.
+ */
+async function verifyProjectAccess(projectId, email) {
+    const result = await executeQuery(`
+        SELECT
+            p.project_id,
+            p.project_name,
+            p.company_id,
+            CASE
+                WHEN pc.email_address IS NOT NULL THEN 'collaborator'
+                WHEN ue.email_address IS NOT NULL THEN 'company_member'
+            END as access_type
+        FROM rapport.projects p
+        LEFT JOIN rapport.project_collaborators pc
+            ON p.project_id = pc.project_id
+            AND pc.email_address = $2
+        LEFT JOIN rapport.user_entitlements ue
+            ON p.company_id = ue.company_id
+            AND ue.email_address = $2
+        WHERE p.project_id = $1
+        AND (pc.email_address IS NOT NULL OR ue.email_address IS NOT NULL)
+        LIMIT 1
+    `, [projectId, email]);
+
+    return result.rows.length > 0 ? result.rows[0] : null;
+}
+
+/**
+ * Verify a user has a specific collaborator role on a project,
+ * OR is a company admin (which grants equivalent access).
+ * @param {string} projectId - Project ID to check
+ * @param {string} email - User's email address
+ * @param {string[]} allowedRoles - Collaborator roles that grant access (e.g. ['owner', 'admin'])
+ * @returns {Promise<{project_id: string, project_name: string, company_id: string, role: string|null, company_admin: boolean}|null>}
+ */
+async function verifyProjectRole(projectId, email, allowedRoles = ['owner', 'admin', 'collaborator']) {
+    const result = await executeQuery(`
+        SELECT
+            p.project_id,
+            p.project_name,
+            p.company_id,
+            pc.role,
+            COALESCE(ue.admin, false) as company_admin
+        FROM rapport.projects p
+        LEFT JOIN rapport.project_collaborators pc
+            ON p.project_id = pc.project_id
+            AND pc.email_address = $2
+        LEFT JOIN rapport.user_entitlements ue
+            ON p.company_id = ue.company_id
+            AND ue.email_address = $2
+        WHERE p.project_id = $1
+        AND (pc.email_address IS NOT NULL OR ue.email_address IS NOT NULL)
+        LIMIT 1
+    `, [projectId, email]);
+
+    if (result.rows.length === 0) return null;
+
+    const row = result.rows[0];
+    const hasRole = row.role && allowedRoles.includes(row.role);
+    const isCompanyAdmin = row.company_admin === true;
+
+    if (hasRole || isCompanyAdmin) {
+        return row;
+    }
+
+    return null;
+}
+
+module.exports = { verifyProjectAccess, verifyProjectRole };