@exulu/backend 1.16.0 → 1.18.0

package/dist/index.js

@@ -73,8 +73,8 @@ var validateJob = (job) => {
 import "zod";
 import "bullmq";
 import { z } from "zod";
-import * as fs from "fs";
-import * as path from "path";
+import "fs";
+import "path";
 import { convertToModelMessages, createIdGenerator, generateObject, generateText, streamText, tool, validateUIMessages, stepCountIs } from "ai";
 
 // types/enums/statistics.ts
@@ -175,87 +175,48 @@ import pgvector2 from "pgvector/knex";
 import "bullmq";
 import { v4 as uuidv4 } from "uuid";
 var bullmqDecorator = async ({
+  queue,
   label,
-  type,
-  workflow,
   embedder,
   inputs,
-  queue,
   user,
-  agent,
-  session,
-  configuration,
-  updater,
-  context,
-  steps,
-  source,
-  documents,
+  role,
   trigger,
-  item
+  workflow,
+  item,
+  context
 }) => {
+  if (embedder && workflow) {
+    throw new Error("Cannot have both embedder and workflow in the same job.");
+  }
+  if (workflow && item) {
+    throw new Error("Cannot have both workflow and item in the same job.");
+  }
+  let type = "embedder";
+  if (workflow) {
+    type = "workflow";
+  }
   const redisId = uuidv4();
   const job = await queue.add(
     `${embedder || workflow}`,
     {
-      type: `${type}`,
+      label,
       ...embedder && { embedder },
-      ...workflow && { workflow },
-      ...configuration && { configuration },
-      ...updater && { updater },
-      ...context && { context },
-      ...source && { source },
-      ...documents && { documents },
-      ...steps && { steps },
+      type: `${type}`,
+      inputs,
+      ...user && { user },
+      ...role && { role },
       ...trigger && { trigger },
+      ...workflow && { workflow },
       ...item && { item },
-      agent,
-      user,
-      inputs,
-      label,
-      session
+      ...context && { context }
     },
     {
       jobId: redisId
     }
   );
-  const { db: db3 } = await postgresClient();
-  const now = /* @__PURE__ */ new Date();
-  console.log("[EXULU] scheduling new job", inputs);
-  const insertData = {
-    name: `${label}`,
-    redis: job.id,
-    status: "waiting",
-    type,
-    inputs,
-    agent,
-    item,
-    createdAt: now,
-    updatedAt: now,
-    user,
-    session,
-    ...embedder && { embedder },
-    ...workflow && { workflow },
-    ...configuration && { configuration },
-    ...steps && { steps },
-    ...updater && { updater },
-    ...context && { context },
-    ...source && { source },
-    ...documents && { documents: documents.map((doc2) => doc2.id) },
-    ...trigger && { trigger }
-  };
-  await db3("jobs").insert(insertData).onConflict("redis").merge({
-    ...insertData,
-    updatedAt: now
-    // Only updatedAt changes on updates
-  });
-  const doc = await db3.from("jobs").where({ redis: job.id }).first();
-  if (!doc?.id) {
-    throw new Error("Failed to get job ID after insert/update");
-  }
-  console.log("[EXULU] created job", doc?.id);
   return {
     ...job,
-    id: doc?.id,
     redis: job.id
   };
 };
@@ -344,7 +305,7 @@ var mapType = (t, type, name, defaultValue, unique) => {
 
 // src/registry/utils/sanitize-name.ts
 var sanitizeName = (name) => {
-  return name.toLowerCase().replace(/ /g, "_");
+  return name.toLowerCase().replace(/ /g, "_")?.trim();
 };
 
 // src/evals/utils/index.tsx
@@ -427,6 +388,7 @@ var ExuluEvalUtils = {
 // src/registry/classes.ts
 import CryptoJS from "crypto-js";
 import "express";
+import "@opentelemetry/api";
 function sanitizeToolName(name) {
   if (typeof name !== "string") return "";
   let sanitized = name.replace(/[^a-zA-Z0-9_-]+/g, "_");
@@ -488,7 +450,7 @@ var convertToolsArrayToObject = (tools, configs, providerApiKey, user, role) =>
 };
 var hydrateVariables = async (tool2) => {
   const { db: db3 } = await postgresClient();
-  const promises2 = tool2.config.map(async (toolConfig) => {
+  const promises = tool2.config.map(async (toolConfig) => {
     const variableName = toolConfig.variable;
     const variable = await db3.from("variables").where({ name: variableName }).first();
     if (!variable) {
@@ -502,7 +464,7 @@ var hydrateVariables = async (tool2) => {
     }
     toolConfig.value = value;
   });
-  await Promise.all(promises2);
+  await Promise.all(promises);
   console.log("[EXULU] Variable values retrieved and added to tool config.");
   return tool2;
 };
@@ -559,10 +521,16 @@ var ExuluAgent = class {
     this.model = this.config?.model;
   }
   get providerName() {
+    if (!this.config?.model?.create) {
+      return "";
+    }
     const model = this.config?.model?.create({ apiKey: "" });
     return typeof model === "string" ? model : model?.provider || "";
   }
   get modelName() {
+    if (!this.config?.model?.create) {
+      return "";
+    }
     const model = this.config?.model?.create({ apiKey: "" });
     return typeof model === "string" ? model : model?.modelId || "";
   }
@@ -602,6 +570,9 @@ var ExuluAgent = class {
     if (prompt && message) {
       throw new Error("Message and prompt cannot be provided at the same time.");
     }
+    if (!prompt && !message) {
+      throw new Error("Prompt or message is required for generating.");
+    }
     const model = this.model.create({
       apiKey: providerApiKey
     });
@@ -621,28 +592,52 @@ var ExuluAgent = class {
     }
     console.log("[EXULU] Model provider key", providerApiKey);
     console.log("[EXULU] Tool configs", toolConfigs);
-    const { text } = await generateText({
-      model,
-      // Should be a LanguageModelV1
-      system: "You are a helpful assistant. When you use a tool to answer a question do not explicitly comment on the result of the tool call unless the user has explicitly you to do something with the result.",
-      messages: messages ? convertToModelMessages(messages) : void 0,
-      prompt,
-      maxRetries: 2,
-      tools: convertToolsArrayToObject(tools, toolConfigs, providerApiKey, user, role),
-      stopWhen: [stepCountIs(5)]
-    });
-    if (statistics) {
-      await updateStatistic({
-        name: "count",
-        label: statistics.label,
-        type: STATISTICS_TYPE_ENUM.AGENT_RUN,
-        trigger: statistics.trigger,
-        count: 1,
-        user,
-        role
+    if (prompt) {
+      const { text } = await generateText({
+        model,
+        // Should be a LanguageModelV1
+        system: "You are a helpful assistant. When you use a tool to answer a question do not explicitly comment on the result of the tool call unless the user has explicitly you to do something with the result.",
+        prompt,
+        maxRetries: 2,
+        tools: convertToolsArrayToObject(tools, toolConfigs, providerApiKey, user, role),
+        stopWhen: [stepCountIs(5)]
+      });
+      if (statistics) {
+        await updateStatistic({
+          name: "count",
+          label: statistics.label,
+          type: STATISTICS_TYPE_ENUM.AGENT_RUN,
+          trigger: statistics.trigger,
+          count: 1,
+          user,
+          role
+        });
+      }
+      return text;
+    }
+    if (messages) {
+      const { text } = await generateText({
+        model,
+        // Should be a LanguageModelV1
+        system: "You are a helpful assistant. When you use a tool to answer a question do not explicitly comment on the result of the tool call unless the user has explicitly you to do something with the result.",
+        messages: convertToModelMessages(messages),
+        maxRetries: 2,
+        tools: convertToolsArrayToObject(tools, toolConfigs, providerApiKey, user, role),
+        stopWhen: [stepCountIs(5)]
       });
+      if (statistics) {
+        await updateStatistic({
+          name: "count",
+          label: statistics.label,
+          type: STATISTICS_TYPE_ENUM.AGENT_RUN,
+          trigger: statistics.trigger,
+          count: 1,
+          user,
+          role
+        });
+      }
+      return text;
     }
-    return text;
   };
   generateStream = async ({ express: express3, user, role, session, message, tools, statistics, toolConfigs, providerApiKey }) => {
     if (!this.model) {
@@ -674,7 +669,7 @@ var ExuluAgent = class {
     const result = streamText({
       model,
       // Should be a LanguageModelV1
-      messages: messages ? convertToModelMessages(messages) : void 0,
+      messages: convertToModelMessages(messages),
       system: "You are a helpful assistant. When you use a tool to answer a question do not explicitly comment on the result of the tool call unless the user has explicitly you to do something with the result.",
       maxRetries: 2,
       tools: convertToolsArrayToObject(tools, toolConfigs, providerApiKey, user, role),
@@ -722,7 +717,7 @@ var getAgentMessages = async ({ session, user, limit, page }) => {
 };
 var saveChat = async ({ session, user, messages }) => {
   const { db: db3 } = await postgresClient();
-  const promises2 = messages.map((message) => {
+  const promises = messages.map((message) => {
     return db3.from("agent_messages").insert({
       session,
       user,
@@ -730,7 +725,7 @@ var saveChat = async ({ session, user, messages }) => {
       title: message.role === "user" ? "User" : "Assistant"
     });
   });
-  await Promise.all(promises2);
+  await Promise.all(promises);
 };
 var ExuluEmbedder = class {
   id;
@@ -796,42 +791,6 @@ var ExuluEmbedder = class {
     return await this.generateEmbeddings(output);
   }
 };
-var ExuluLogger = class {
-  logPath;
-  job;
-  constructor(job, logsDir) {
-    this.job = job;
-    if (logsDir && job) {
-      if (!fs.existsSync(logsDir)) {
-        fs.mkdirSync(logsDir, { recursive: true });
-      }
-      this.logPath = path.join(logsDir, `${job.id}_${(/* @__PURE__ */ new Date()).toISOString().replace(/[:.]/g, "-")}.txt`);
-    }
-  }
-  async write(message, level) {
-    const logMessage = message.endsWith("\n") ? message : message + "\n";
-    if (!this.logPath) {
-      switch (level) {
-        case "INFO":
-          console.log(message);
-          break;
-        case "WARNING":
-          console.warn(message);
-          break;
-        case "ERROR":
-          console.error(message);
-          break;
-      }
-      return;
-    }
-    try {
-      await fs.promises.appendFile(this.logPath, `[EXULU][${level}] - ${(/* @__PURE__ */ new Date()).toISOString()}: ${logMessage}`);
-    } catch (error) {
-      console.error(`Error writing to log file ${this.job ? this.job.id : "unknown job"}:`, error);
-      throw error;
-    }
-  }
-};
 var ExuluEval = class {
   name;
   description;
@@ -991,6 +950,12 @@ var ExuluTool = class {
     });
   }
 };
+var getTableName = (name) => {
+  return sanitizeName(name) + "_items";
+};
+var getChunksTableName = (name) => {
+  return sanitizeName(name) + "_chunks";
+};
 var ExuluContext = class {
   id;
   name;
@@ -1002,7 +967,6 @@ var ExuluContext = class {
   queryRewriter;
   resultReranker;
   // todo typings
-  _sources = [];
   configuration;
   constructor({ id, name, description, embedder, active, rateLimit, fields, queryRewriter, resultReranker, configuration }) {
     this.id = id;
@@ -1015,138 +979,169 @@ var ExuluContext = class {
     this.embedder = embedder;
     this.active = active;
     this.rateLimit = rateLimit;
-    this._sources = [];
     this.queryRewriter = queryRewriter;
     this.resultReranker = resultReranker;
   }
-  deleteOne = async (id) => {
-    return {};
-  };
   deleteAll = async () => {
-    return {};
-  };
-  getTableName = () => {
-    return sanitizeName(this.name) + "_items";
-  };
-  getChunksTableName = () => {
-    return sanitizeName(this.name) + "_chunks";
+    const { db: db3 } = await postgresClient();
+    await db3.from(getTableName(this.name)).delete();
+    await db3.from(getChunksTableName(this.name)).delete();
+    return {
+      count: 0,
+      results: []
+    };
   };
   tableExists = async () => {
     const { db: db3 } = await postgresClient();
-    const tableExists = await db3.schema.hasTable(this.getTableName());
+    const tableExists = await db3.schema.hasTable(getTableName(this.name));
     return tableExists;
   };
-  async updateItem(user, id, item, role) {
-    if (!id) {
+  createAndUpsertEmbeddings = async (item, user, statistics, role) => {
+    if (!this.embedder) {
+      throw new Error("Embedder is not set for this context.");
+    }
+    const { db: db3 } = await postgresClient();
+    const { id: source, chunks } = await this.embedder.generateFromDocument({
+      ...item,
+      id: item.id
+    }, {
+      label: statistics.label || this.name,
+      trigger: statistics.trigger || "agent"
+    }, user, role);
+    const exists = await db3.schema.hasTable(getChunksTableName(this.name));
+    if (!exists) {
+      await this.createChunksTable();
+    }
+    await db3.from(getChunksTableName(this.name)).where({ source }).delete();
+    await db3.from(getChunksTableName(this.name)).insert(chunks.map((chunk) => ({
+      source,
+      content: chunk.content,
+      chunk_index: chunk.index,
+      embedding: pgvector2.toSql(chunk.vector)
+    })));
+    await db3.from(getTableName(this.name)).where({ id: item.id }).update({
+      embeddings_updated_at: (/* @__PURE__ */ new Date()).toISOString()
+    }).returning("id");
+    return {
+      id: item.id,
+      chunks: chunks?.length || 0
+    };
+  };
+  async updateItem(user, item, role, trigger) {
+    if (!item.id) {
       throw new Error("Id is required for updating an item.");
     }
     const { db: db3 } = await postgresClient();
     Object.keys(item).forEach((key) => {
-      if (key === "name" || key === "description" || key === "external_id" || key === "tags" || key === "source" || key === "textLength" || key === "upsert" || key === "archived") {
+      if (key === "id" || key === "name" || key === "description" || key === "external_id" || key === "tags" || key === "source" || key === "textlength" || key === "upsert" || key === "archived") {
         return;
       }
-      const field = this.fields.find((field2) => field2.name === key);
+      const field = this.fields.find((field2) => sanitizeName(field2.name) === sanitizeName(key));
       if (!field) {
-        throw new Error("Trying to uppdate value for field '" + key + "' that does not exist on the context fields definition. Available fields: " + this.fields.map((field2) => sanitizeName(field2.name)).join(", ") + " ,name, description, external_id");
+        throw new Error("Trying to update value for field '" + key + "' that does not exist on the context fields definition. Available fields: " + this.fields.map((field2) => sanitizeName(field2.name)).join(", ") + " ,name, description, external_id");
       }
     });
-    delete item.id;
-    delete item.created_at;
-    delete item.upsert;
-    item.updated_at = db3.fn.now();
-    const result = await db3.from(this.getTableName()).where({ id }).update(item).returning("id");
-    if (this.configuration.calculateVectors === "onUpdate" || this.configuration.calculateVectors === "always") {
+    const payloadWithSanitizedPropertyNames = {};
+    Object.keys(item).forEach((key) => {
+      payloadWithSanitizedPropertyNames[sanitizeName(key)] = item[key];
+    });
+    const id = payloadWithSanitizedPropertyNames.id;
+    delete payloadWithSanitizedPropertyNames.id;
+    delete payloadWithSanitizedPropertyNames.created_at;
+    delete payloadWithSanitizedPropertyNames.upsert;
+    payloadWithSanitizedPropertyNames.updated_at = db3.fn.now();
+    const result = await db3.from(getTableName(this.name)).where({ id }).update(payloadWithSanitizedPropertyNames).returning("id");
+    if (this.embedder && (this.configuration.calculateVectors === "onUpdate" || this.configuration.calculateVectors === "always")) {
       if (this.embedder.queue?.name) {
         console.log("[EXULU] embedder is in queue mode, scheduling job.");
         const job = await bullmqDecorator({
-          label: `Job running '${this.embedder.name}' for '${item.name} (${item.id}).'`,
+          label: `${this.embedder.name}`,
           embedder: this.embedder.id,
-          type: "embedder",
+          context: this.id,
           inputs: item,
+          item: item.id,
           queue: this.embedder.queue,
-          user
+          user,
+          role,
+          trigger: trigger || "agent"
         });
         return {
           id: result[0].id,
           job: job.id
         };
       }
-      const { id: source, chunks } = await this.embedder.generateFromDocument({
-        ...item,
-        id
-      }, {
-        label: this.name,
-        trigger: "agent"
-      }, user, role);
-      const exists = await db3.schema.hasTable(this.getChunksTableName());
-      if (!exists) {
-        await this.createChunksTable();
-      }
-      await db3.from(this.getChunksTableName()).where({ source }).delete();
-      await db3.from(this.getChunksTableName()).insert(chunks.map((chunk) => ({
-        source,
-        content: chunk.content,
-        chunk_index: chunk.index,
-        embedding: pgvector2.toSql(chunk.vector)
-      })));
-      await db3.from(this.getTableName()).where({ id }).update({
-        embeddings_updated_at: (/* @__PURE__ */ new Date()).toISOString()
-      }).returning("id");
+      await this.createAndUpsertEmbeddings(item, user, {
+        label: this.embedder.name,
+        trigger: trigger || "agent"
+      }, role);
     }
     return {
       id: result[0].id,
       job: void 0
     };
   }
-  async insertItem(user, item, upsert = false, role) {
+  async insertItem(user, item, upsert = false, role, trigger) {
     if (!item.name) {
       throw new Error("Name field is required.");
     }
     const { db: db3 } = await postgresClient();
     if (item.external_id) {
-      const existingItem = await db3.from(this.getTableName()).where({ external_id: item.external_id }).first();
+      const existingItem = await db3.from(getTableName(this.name)).where({ external_id: item.external_id }).first();
       if (existingItem && !upsert) {
         throw new Error("Item with external id " + item.external_id + " already exists.");
       }
       if (existingItem && upsert) {
-        await this.updateItem(user, existingItem.id, item, role);
+        await this.updateItem(user, {
+          ...item,
+          id: existingItem.id
+        }, role, trigger);
         return existingItem.id;
       }
     }
     if (upsert && item.id) {
-      const existingItem = await db3.from(this.getTableName()).where({ id: item.id }).first();
+      const existingItem = await db3.from(getTableName(this.name)).where({ id: item.id }).first();
       if (existingItem && upsert) {
-        await this.updateItem(user, existingItem.id, item, role);
+        await this.updateItem(user, {
+          ...item,
+          id: existingItem.id
+        }, role, trigger);
         return existingItem.id;
       }
     }
     Object.keys(item).forEach((key) => {
-      if (key === "name" || key === "description" || key === "external_id" || key === "tags" || key === "source" || key === "textLength" || key === "upsert" || key === "archived") {
+      if (key === "id" || key === "name" || key === "description" || key === "external_id" || key === "tags" || key === "source" || key === "textlength" || key === "upsert" || key === "archived") {
         return;
       }
-      const field = this.fields.find((field2) => field2.name === key);
+      const field = this.fields.find((field2) => sanitizeName(field2.name) === sanitizeName(key));
       if (!field) {
         throw new Error("Trying to insert value for field '" + key + "' that does not exist on the context fields definition. Available fields: " + this.fields.map((field2) => sanitizeName(field2.name)).join(", ") + " ,name, description, external_id");
       }
     });
-    delete item.id;
-    delete item.upsert;
-    const result = await db3.from(this.getTableName()).insert({
-      ...item,
+    const payloadWithSanitizedPropertyNames = {};
+    Object.keys(item).forEach((key) => {
+      payloadWithSanitizedPropertyNames[sanitizeName(key)] = item[key];
+    });
+    delete payloadWithSanitizedPropertyNames.id;
+    delete payloadWithSanitizedPropertyNames.upsert;
+    const result = await db3.from(getTableName(this.name)).insert({
+      ...payloadWithSanitizedPropertyNames,
       id: db3.fn.uuid(),
       created_at: db3.fn.now(),
       updated_at: db3.fn.now()
     }).returning("id");
-    if (this.configuration.calculateVectors === "onInsert" || this.configuration.calculateVectors === "always") {
+    if (this.embedder && (this.configuration.calculateVectors === "onInsert" || this.configuration.calculateVectors === "always")) {
       if (this.embedder.queue?.name) {
         console.log("[EXULU] embedder is in queue mode, scheduling job.");
         const job = await bullmqDecorator({
-          label: `Job running '${this.embedder.name}' for '${item.name} (${item.id}).'`,
+          label: `${this.embedder.name}`,
           embedder: this.embedder.id,
-          type: "embedder",
+          context: this.id,
           inputs: item,
+          item: item.id,
           queue: this.embedder.queue,
-          user
+          user,
+          role,
+          trigger: trigger || "agent"
         });
         return {
           id: result[0].id,
@@ -1154,27 +1149,13 @@ var ExuluContext = class {
         };
       }
       console.log("[EXULU] embedder is not in queue mode, calculating vectors directly.");
-      const { id: source, chunks } = await this.embedder.generateFromDocument({
+      await this.createAndUpsertEmbeddings({
         ...item,
         id: result[0].id
-      }, {
-        label: this.name,
-        trigger: "agent"
-      }, user, role);
-      const exists = await db3.schema.hasTable(this.getChunksTableName());
-      if (!exists) {
-        await this.createChunksTable();
-      }
-      console.log("[EXULU] Inserting chunks.");
-      await db3.from(this.getChunksTableName()).insert(chunks.map((chunk) => ({
-        source,
-        content: chunk.content,
-        chunk_index: chunk.index,
-        embedding: pgvector2.toSql(chunk.vector)
-      })));
-      await db3.from(this.getTableName()).where({ id: result[0].id }).update({
-        embeddings_updated_at: (/* @__PURE__ */ new Date()).toISOString()
-      }).returning("id");
+      }, user, {
+        label: this.embedder.name,
+        trigger: trigger || "agent"
+      }, role);
     }
     return {
       id: result[0].id,
@@ -1203,7 +1184,7 @@ var ExuluContext = class {
     if (page < 1) page = 1;
     if (limit < 1) limit = 10;
     let offset = (page - 1) * limit;
-    const mainTable = this.getTableName();
+    const mainTable = getTableName(this.name);
     const { db: db3 } = await postgresClient();
     const columns = await db3(mainTable).columnInfo();
     const totalQuery = db3.count("* as count").from(mainTable).first();
@@ -1243,12 +1224,12 @@ var ExuluContext = class {
         context: {
           name: this.name,
           id: this.id,
-          embedder: this.embedder.name
+          embedder: this.embedder?.name || void 0
         },
         items
       };
     }
-    if (typeof query === "string") {
+    if (typeof query === "string" && this.embedder) {
       if (!method) {
         method = "cosineDistance";
       }
@@ -1266,7 +1247,7 @@ var ExuluContext = class {
       if (this.queryRewriter) {
         query = await this.queryRewriter(query);
       }
-      const chunksTable = this.getChunksTableName();
+      const chunksTable = getChunksTableName(this.name);
       itemsQuery.leftJoin(chunksTable, function() {
         this.on(chunksTable + ".source", "=", mainTable + ".id");
       });
@@ -1380,7 +1361,7 @@ var ExuluContext = class {
   };
   createItemsTable = async () => {
     const { db: db3 } = await postgresClient();
-    const tableName = this.getTableName();
+    const tableName = getTableName(this.name);
     console.log("[EXULU] Creating table: " + tableName);
     return await db3.schema.createTable(tableName, (table) => {
       console.log("[EXULU] Creating fields for table.", this.fields);
@@ -1390,7 +1371,8 @@ var ExuluContext = class {
       table.text("tags");
       table.boolean("archived").defaultTo(false);
       table.text("external_id");
-      table.integer("textLength");
+      table.text("rights_mode").defaultTo(this.configuration?.defaultRightsMode ?? "private");
+      table.integer("textlength");
       table.text("source");
       table.timestamp("embeddings_updated_at");
       for (const field of this.fields) {
@@ -1405,11 +1387,14 @@ var ExuluContext = class {
   };
   createChunksTable = async () => {
     const { db: db3 } = await postgresClient();
-    const tableName = this.getChunksTableName();
+    const tableName = getChunksTableName(this.name);
     console.log("[EXULU] Creating table: " + tableName);
     return await db3.schema.createTable(tableName, (table) => {
+      if (!this.embedder) {
+        throw new Error("Embedder must be set for context " + this.name + " to create chunks table.");
+      }
       table.uuid("id").primary().defaultTo(db3.fn.uuid());
-      table.uuid("source").references("id").inTable(this.getTableName());
+      table.uuid("source").references("id").inTable(getTableName(this.name));
       table.text("content");
       table.integer("chunk_index");
       table.specificType("embedding", `vector(${this.embedder.vectorDimensions})`);
@@ -1442,44 +1427,6 @@ var ExuluContext = class {
       }
     });
   };
-  sources = {
-    add: (inputs) => {
-      const source = new ExuluSource({
-        ...inputs,
-        context: this.id
-      });
-      this._sources.push(source);
-      return source;
-    },
-    get: (id) => {
-      if (id) {
-        return this._sources.find((source) => source.id === id);
-      }
-      return this._sources ?? [];
-    }
-  };
-};
-var ExuluSource = class {
-  id;
-  name;
-  description;
-  updaters;
-  context;
-  constructor({ id, name, description, updaters, context }) {
-    this.id = id;
-    this.name = name;
-    this.description = description;
-    this.context = context;
-    this.updaters = updaters.map((updater) => {
-      if (updater.type === "webhook") {
-        return {
-          ...updater,
-          slug: `/contexts/${context}/sources/${this.id}/${updater.id}/webhook`
-        };
-      }
-      return updater;
-    });
-  }
 };
 var updateStatistic = async (statistic) => {
   const currentDate = (/* @__PURE__ */ new Date()).toISOString().split("T")[0];
@@ -1871,10 +1818,11 @@ var requestValidators = {
 };
 
 // src/registry/routes.ts
-import { zerialize } from "zodex";
+import "zodex";
 
 // src/bullmq/queues.ts
 import { Queue as Queue3 } from "bullmq";
+import { BullMQOtel } from "bullmq-otel";
 var ExuluQueues = class {
   queues;
   constructor() {
@@ -1892,7 +1840,13 @@ var ExuluQueues = class {
       console.error(`[EXULU] no redis server configured, but you are trying to use a queue ( ${name}), likely in an agent or embedder (look for ExuluQueues.use() ).`);
       throw new Error(`[EXULU] no redis server configured.`);
     }
-    const newQueue = new Queue3(`${name}`, { connection: redisServer });
+    const newQueue = new Queue3(
+      `${name}`,
+      {
+        connection: redisServer,
+        telemetry: new BullMQOtel("simple-guide")
+      }
+    );
     this.queues.push(newQueue);
     return newQueue;
   }
@@ -1912,7 +1866,7 @@ var VectorMethodEnum = {
 // src/registry/routes.ts
 import express from "express";
 import { ApolloServer } from "@apollo/server";
-import * as Papa from "papaparse";
+import "papaparse";
 import cors from "cors";
 import "reflect-metadata";
 
@@ -1922,1332 +1876,1612 @@ import GraphQLJSON from "graphql-type-json";
 import { GraphQLScalarType, Kind } from "graphql";
 import CryptoJS2 from "crypto-js";
 import bcrypt2 from "bcryptjs";
-var GraphQLDate = new GraphQLScalarType({
-  name: "Date",
-  description: "Date custom scalar type",
-  serialize(value) {
-    if (value instanceof Date) {
-      return value.toISOString();
-    }
-    if (typeof value === "number") {
-      return new Date(value).toISOString();
-    }
-    if (typeof value === "string") {
-      return new Date(value).toISOString();
-    }
-    return value;
+
+// src/postgres/core-schema.ts
+var agentMessagesSchema = {
+  name: {
+    plural: "agent_messages",
+    singular: "agent_message"
   },
-  parseValue(value) {
-    if (typeof value === "string") {
-      return new Date(value);
-    }
-    if (typeof value === "number") {
-      return new Date(value);
+  fields: [
+    {
+      name: "content",
+      type: "text"
+    },
+    {
+      name: "title",
+      type: "text"
+    },
+    {
+      name: "user",
+      type: "number"
+    },
+    {
+      name: "session",
+      type: "text"
     }
-    return value;
+  ]
+};
+var agentSessionsSchema = {
+  name: {
+    plural: "agent_sessions",
+    singular: "agent_session"
   },
-  parseLiteral(ast) {
-    if (ast.kind === Kind.STRING) {
-      return new Date(ast.value);
-    }
-    if (ast.kind === Kind.INT) {
-      return new Date(parseInt(ast.value, 10));
+  RBAC: true,
+  fields: [
+    {
+      name: "agent",
+      type: "uuid"
+    },
+    {
+      name: "user",
+      // next auth stores users with id type SERIAL, so we need to use number
+      type: "number"
+    },
+    {
+      name: "role",
+      type: "uuid"
+    },
+    {
+      name: "title",
+      type: "text"
     }
-    return null;
-  }
-});
-var map = (field) => {
-  let type;
-  switch (field.type) {
-    case "text":
-    case "shortText":
-    case "longText":
-    case "code":
-      type = "String";
-      break;
-    case "enum":
-      type = field.enumValues ? `${field.name}Enum` : "String";
-      break;
-    case "number":
-      type = "Float";
-      break;
-    case "boolean":
-      type = "Boolean";
-      break;
-    case "json":
-      type = "JSON";
-      break;
-    case "date":
-      type = "Date";
-      break;
-    default:
-      type = "String";
-  }
-  return type;
+  ]
 };
-function createTypeDefs(table) {
-  const enumDefs = table.fields.filter((field) => field.type === "enum" && field.enumValues).map((field) => {
-    const enumValues = field.enumValues.map((value) => {
-      const sanitized = String(value).replace(/[^a-zA-Z0-9_]/g, "_").replace(/^[0-9]/, "_$&").toUpperCase();
-      return `  ${sanitized}`;
-    }).join("\n");
-    return `
-enum ${field.name}Enum {
-${enumValues}
-}`;
-  }).join("\n");
-  const fields = table.fields.map((field) => {
-    let type;
-    type = map(field);
-    const required = field.required ? "!" : "";
-    return `  ${field.name}: ${type}${required}`;
-  });
-  const rbacField = table.RBAC ? "  RBAC: RBACData" : "";
-  const typeDef = `
-  type ${table.name.singular} {
-  ${fields.join("\n")}
-    ${table.fields.find((field) => field.name === "id") ? "" : "id: ID!"}
-${rbacField}
-  }
-  `;
-  const rbacInputField = table.RBAC ? "  RBAC: RBACInput" : "";
-  const inputDef = `
-input ${table.name.singular}Input {
-${table.fields.map((f) => `  ${f.name}: ${map(f)}`).join("\n")}
-${rbacInputField}
-}
-`;
-  return enumDefs + typeDef + inputDef;
-}
-function createFilterTypeDefs(table) {
-  const fieldFilters = table.fields.map((field) => {
-    let type;
-    if (field.type === "enum" && field.enumValues) {
-      type = `${field.name}Enum`;
-    } else {
-      type = map(field);
+var variablesSchema = {
+  name: {
+    plural: "variables",
+    singular: "variable"
+  },
+  fields: [
+    {
+      name: "name",
+      type: "text",
+      index: true,
+      unique: true
+    },
+    {
+      name: "value",
+      type: "longText"
+    },
+    {
+      name: "encrypted",
+      type: "boolean",
+      default: false
     }
-    return `
-  ${field.name}: FilterOperator${type}`;
-  });
-  const tableNameSingularUpperCaseFirst = table.name.singular.charAt(0).toUpperCase() + table.name.singular.slice(1);
-  const enumFilterOperators = table.fields.filter((field) => field.type === "enum" && field.enumValues).map((field) => {
-    const enumTypeName = `${field.name}Enum`;
-    return `
-input FilterOperator${enumTypeName} {
-  eq: ${enumTypeName}
-  ne: ${enumTypeName}
-  in: [${enumTypeName}]
-  and: [FilterOperator${enumTypeName}]
-  or: [FilterOperator${enumTypeName}]
-}`;
-  }).join("\n");
-  const operatorTypes = `
-input FilterOperatorString {
-  eq: String
-  ne: String
-  in: [String]
-  contains: String
-  and: [FilterOperatorString]
-  or: [FilterOperatorString]
-}
-
-input FilterOperatorDate {
-  lte: Date
-  gte: Date
-  and: [FilterOperatorDate]
-  or: [FilterOperatorDate]
-}
-
-input FilterOperatorFloat {
-  eq: Float
-  ne: Float
-  in: [Float]
-  and: [FilterOperatorFloat]
-  or: [FilterOperatorFloat]
-}
-
-input FilterOperatorBoolean {
-  eq: Boolean
-  ne: Boolean
-  in: [Boolean]
-  and: [FilterOperatorBoolean]
-  or: [FilterOperatorBoolean]
-}
-
-input FilterOperatorJSON {
-  eq: JSON
-  ne: JSON
-  in: [JSON]
-}
-
-input SortBy {
-  field: String!
-  direction: SortDirection!
-}
-
-enum SortDirection {
-  ASC
-  DESC
-}
-
-${enumFilterOperators}
-
-input Filter${tableNameSingularUpperCaseFirst} {
-${fieldFilters.join("\n")}
-}`;
-  return operatorTypes;
-}
-var getRequestedFields = (info) => {
-  const selections = info.operation.selectionSet.selections[0].selectionSet.selections;
-  const itemsSelection = selections.find((s) => s.name.value === "items");
-  const fields = itemsSelection ? Object.keys(itemsSelection.selectionSet.selections.reduce((acc, field) => {
-    acc[field.name.value] = true;
-    return acc;
-  }, {})) : Object.keys(selections.reduce((acc, field) => {
-    acc[field.name.value] = true;
-    return acc;
-  }, {}));
-  return fields.filter((field) => field !== "pageInfo" && field !== "items" && field !== "RBAC");
+  ]
 };
-var handleRBACUpdate = async (db3, entityName, resourceId, rbacData, existingRbacRecords) => {
-  const { users = [], roles = [] } = rbacData;
-  if (!existingRbacRecords) {
-    existingRbacRecords = await db3.from("rbac").where({
-      entity: entityName,
-      target_resource_id: resourceId
-    }).select("*");
-  }
-  const newUserRecords = new Set(users.map((u) => `${u.id}:${u.rights}`));
-  const newRoleRecords = new Set(roles.map((r) => `${r.id}:${r.rights}`));
-  const existingUserRecords = new Set(existingRbacRecords.filter((r) => r.access_type === "User").map((r) => `${r.user_id}:${r.rights}`));
-  const existingRoleRecords = new Set(existingRbacRecords.filter((r) => r.access_type === "Role").map((r) => `${r.role_id}:${r.rights}`));
-  const usersToCreate = users.filter((u) => !existingUserRecords.has(`${u.id}:${u.rights}`));
-  const rolesToCreate = roles.filter((r) => !existingRoleRecords.has(`${r.id}:${r.rights}`));
-  const usersToRemove = existingRbacRecords.filter((r) => r.access_type === "User" && !newUserRecords.has(`${r.user_id}:${r.rights}`));
-  const rolesToRemove = existingRbacRecords.filter((r) => r.access_type === "Role" && !newRoleRecords.has(`${r.role_id}:${r.rights}`));
-  if (usersToRemove.length > 0) {
-    await db3.from("rbac").whereIn("id", usersToRemove.map((r) => r.id)).del();
-  }
-  if (rolesToRemove.length > 0) {
-    await db3.from("rbac").whereIn("id", rolesToRemove.map((r) => r.id)).del();
-  }
-  const recordsToInsert = [];
-  usersToCreate.forEach((user) => {
-    recordsToInsert.push({
-      entity: entityName,
-      access_type: "User",
-      target_resource_id: resourceId,
-      user_id: user.id,
-      rights: user.rights,
-      createdAt: /* @__PURE__ */ new Date(),
-      updatedAt: /* @__PURE__ */ new Date()
-    });
-  });
-  rolesToCreate.forEach((role) => {
-    recordsToInsert.push({
-      entity: entityName,
-      access_type: "Role",
-      target_resource_id: resourceId,
-      role_id: role.id,
-      rights: role.rights,
-      createdAt: /* @__PURE__ */ new Date(),
-      updatedAt: /* @__PURE__ */ new Date()
-    });
-  });
-  if (recordsToInsert.length > 0) {
-    await db3.from("rbac").insert(recordsToInsert);
-  }
+var workflowTemplatesSchema = {
+  name: {
+    plural: "workflow_templates",
+    singular: "workflow_template"
+  },
+  RBAC: true,
+  fields: [
+    {
+      name: "name",
+      type: "text",
+      required: true
+    },
+    {
+      name: "description",
+      type: "text"
+    },
+    {
+      name: "owner",
+      type: "number",
+      required: true
+    },
+    {
+      name: "visibility",
+      type: "text",
+      required: true
+    },
+    {
+      name: "shared_user_ids",
+      type: "json"
+    },
+    {
+      name: "shared_role_ids",
+      type: "json"
+    },
+    {
+      name: "variables",
+      type: "json"
+    },
+    {
+      name: "steps_json",
+      type: "json",
+      required: true
+    },
+    {
+      name: "example_metadata_json",
+      type: "json"
+    }
+  ]
 };
-function createMutations(table) {
-  const tableNamePlural = table.name.plural.toLowerCase();
-  const validateWriteAccess = async (id, context) => {
-    try {
-      const { db: db3, req, user } = context;
-      if (user.super_admin === true) {
-        return true;
-      }
-      if (!user.role || !(table.name.plural === "agents" && user.role.agents === "write") && !(table.name.plural === "workflow_templates" && user.role.workflows === "write") && !(table.name.plural === "variables" && user.role.variables === "write") && !(table.name.plural === "users" && user.role.users === "write")) {
-        console.error("Access control error: no role found for current user or no access to entity type.");
-        throw new Error("Access control error: no role found for current user or no access to entity type.");
-      }
-      const hasRBAC = table.RBAC === true;
-      if (!hasRBAC) {
-        return true;
-      }
-      const record = await db3.from(tableNamePlural).select(["rights_mode", "created_by"]).where({ id }).first();
-      if (!record) {
-        throw new Error("Record not found");
-      }
-      if (tableNamePlural === "jobs") {
-        if (!user.super_admin && record.created_by !== user.id) {
-          throw new Error("You are not authorized to edit this record");
-        }
-      }
-      if (record.rights_mode === "public") {
-        return true;
-      }
-      if (record.rights_mode === "private") {
-        if (record.created_by === user.id) {
-          return true;
-        }
-        throw new Error("Only the creator can edit this private record");
-      }
-      if (record.rights_mode === "users") {
-        const rbacRecord = await db3.from("rbac").where({
-          entity: table.name.singular,
-          target_resource_id: id,
-          access_type: "User",
-          user_id: user.id,
-          rights: "write"
-        }).first();
-        if (rbacRecord) {
-          return true;
-        }
-        throw new Error("Insufficient user permissions to edit this record");
-      }
-      if (record.rights_mode === "roles" && user.role) {
-        const rbacRecord = await db3.from("rbac").where({
-          entity: table.name.singular,
-          target_resource_id: id,
-          access_type: "Role",
-          role_id: user.role,
-          rights: "write"
-        }).first();
-        if (rbacRecord) {
-          return true;
-        }
-        throw new Error("Insufficient role permissions to edit this record");
-      }
-      throw new Error("Insufficient permissions to edit this record");
-    } catch (error) {
-      console.error("Write access validation error:", error);
-      throw error;
-    }
-  };
-  return {
-    [`${tableNamePlural}CreateOne`]: async (_, args, context, info) => {
-      const { db: db3 } = context;
-      const requestedFields = getRequestedFields(info);
-      let { input } = args;
-      const rbacData = input.RBAC;
-      delete input.RBAC;
-      delete input.created_by;
-      input = encryptSensitiveFields(input);
-      if (table.RBAC) {
-        input.created_by = context.user.id;
-      }
-      if (table.name.singular === "user" && context.user?.super_admin !== true) {
-        throw new Error("You are not authorized to create users");
-      }
-      if (table.name.singular === "user" && input.password) {
-        input.password = await bcrypt2.hash(input.password, 10);
-      }
-      Object.keys(input).forEach((key) => {
-        if (table.fields.find((field) => field.name === key)?.type === "json") {
-          if (typeof input[key] === "object" || Array.isArray(input[key])) {
-            input[key] = JSON.stringify(input[key]);
-          }
-        }
-      });
-      const results = await db3(tableNamePlural).insert({
-        ...input,
-        ...table.RBAC ? { rights_mode: "private" } : {},
-        createdAt: /* @__PURE__ */ new Date(),
-        updatedAt: /* @__PURE__ */ new Date()
-      }).returning(requestedFields);
-      if (table.RBAC && rbacData && results[0]) {
-        await handleRBACUpdate(db3, table.name.singular, results[0].id, rbacData, []);
-      }
-      return results[0];
+var agentsSchema = {
+  name: {
+    plural: "agents",
+    singular: "agent"
+  },
+  RBAC: true,
+  fields: [
+    {
+      name: "name",
+      type: "text"
     },
-    [`${tableNamePlural}UpdateOne`]: async (_, args, context, info) => {
-      const { db: db3, req } = context;
-      let { where, input } = args;
-      await validateCreateOrRemoveSuperAdminPermission(tableNamePlural, input, req);
-      if (where.id) {
-        await validateWriteAccess(where.id, context);
-      }
-      const rbacData = input.RBAC;
-      delete input.RBAC;
-      delete input.created_by;
-      input = encryptSensitiveFields(input);
-      Object.keys(input).forEach((key) => {
-        if (table.fields.find((field) => field.name === key)?.type === "json") {
-          if (typeof input[key] === "object" || Array.isArray(input[key])) {
-            input[key] = JSON.stringify(input[key]);
-          }
-        }
-      });
-      await db3(tableNamePlural).where(where).update({
-        ...input,
-        updatedAt: /* @__PURE__ */ new Date()
-      });
-      if (table.RBAC && rbacData && where.id) {
-        const existingRbacRecords = await db3.from("rbac").where({
-          entity: table.name.singular,
-          target_resource_id: where.id
-        }).select("*");
-        await handleRBACUpdate(db3, table.name.singular, where.id, rbacData, existingRbacRecords);
-      }
-      const requestedFields = getRequestedFields(info);
-      const result = await db3.from(tableNamePlural).select(requestedFields).where(where).first();
-      return result;
+    {
+      name: "image",
+      type: "text"
     },
-    [`${tableNamePlural}UpdateOneById`]: async (_, args, context, info) => {
-      const { db: db3, req } = context;
-      let { id, input } = args;
-      await validateCreateOrRemoveSuperAdminPermission(tableNamePlural, input, req);
-      await validateWriteAccess(id, context);
-      const rbacData = input.RBAC;
-      delete input.RBAC;
-      delete input.created_by;
-      input = encryptSensitiveFields(input);
-      Object.keys(input).forEach((key) => {
-        if (table.fields.find((field) => field.name === key)?.type === "json") {
-          if (typeof input[key] === "object" || Array.isArray(input[key])) {
-            input[key] = JSON.stringify(input[key]);
-          }
-        }
-      });
-      await db3(tableNamePlural).where({ id }).update({
-        ...input,
-        updatedAt: /* @__PURE__ */ new Date()
-      });
-      if (table.RBAC && rbacData) {
-        const existingRbacRecords = await db3.from("rbac").where({
-          entity: table.name.singular,
-          target_resource_id: id
-        }).select("*");
-        await handleRBACUpdate(db3, table.name.singular, id, rbacData, existingRbacRecords);
-      }
-      const requestedFields = getRequestedFields(info);
-      const result = await db3.from(tableNamePlural).select(requestedFields).where({ id }).first();
-      return result;
+    {
+      name: "description",
+      type: "text"
     },
-    [`${tableNamePlural}RemoveOne`]: async (_, args, context, info) => {
-      const { db: db3 } = context;
-      const { where } = args;
-      const requestedFields = getRequestedFields(info);
-      const result = await db3.from(tableNamePlural).select(requestedFields).where(where).first();
-      if (!result) {
-        throw new Error("Record not found");
-      }
-      await db3(tableNamePlural).where(where).del();
-      if (table.RBAC) {
-        await db3.from("rbac").where({
-          entity: table.name.singular,
-          target_resource_id: result.id
-        }).del();
-      }
-      return result;
+    {
+      name: "providerApiKey",
+      type: "text"
     },
-    [`${tableNamePlural}RemoveOneById`]: async (_, args, context, info) => {
-      const { id } = args;
-      const { db: db3 } = context;
-      const requestedFields = getRequestedFields(info);
-      const result = await db3.from(tableNamePlural).select(requestedFields).where({ id }).first();
-      if (!result) {
-        throw new Error("Record not found");
-      }
-      await db3(tableNamePlural).where({ id }).del();
-      if (table.RBAC) {
-        await db3.from("rbac").where({
-          entity: table.name.singular,
-          target_resource_id: id
-        }).del();
-      }
-      return result;
+    {
+      name: "backend",
+      type: "text"
+    },
+    {
+      name: "type",
+      type: "text"
+    },
+    {
+      name: "active",
+      type: "boolean",
+      default: false
+    },
+    {
+      name: "tools",
+      type: "json"
     }
-  };
-}
-var applyAccessControl = (table, user, query) => {
-  console.log("table", table);
-  const tableNamePlural = table.name.plural.toLowerCase();
-  if (!user.super_admin && table.name.plural === "jobs") {
-    query = query.where("created_by", user.id);
-    return query;
-  }
-  const hasRBAC = table.RBAC === true;
-  if (!hasRBAC) {
-    return query;
-  }
-  if (table.name.plural !== "agent_sessions" && user.super_admin === true) {
-    return query;
-  }
-  if (!user.role || !(table.name.plural === "agents" && (user.role.agents === "read" || user.role.agents === "write")) && !(table.name.plural === "workflow_templates" && (user.role.workflows === "read" || user.role.workflows === "write")) && !(table.name.plural === "variables" && (user.role.variables === "read" || user.role.variables === "write")) && !(table.name.plural === "users" && (user.role.users === "read" || user.role.users === "write"))) {
-    console.error("Access control error: no role found or no access to entity type.");
-    return query.where("1", "=", "0");
-  }
-  try {
-    query = query.where(function() {
-      this.where("rights_mode", "public");
-      this.orWhere("created_by", user.id);
-      this.orWhere(function() {
-        this.where("rights_mode", "users").whereExists(function() {
-          this.select("*").from("rbac").whereRaw("rbac.target_resource_id = " + tableNamePlural + ".id").where("rbac.entity", table.name.singular).where("rbac.access_type", "User").where("rbac.user_id", user.id);
-        });
-      });
-      if (user.role) {
-        console.log("user.role", user.role);
-        this.orWhere(function() {
-          this.where("rights_mode", "roles").whereExists(function() {
-            this.select("*").from("rbac").whereRaw("rbac.target_resource_id = " + tableNamePlural + ".id").where("rbac.entity", table.name.singular).where("rbac.access_type", "Role").where("rbac.role_id", user.role);
-          });
-        });
-      }
-    });
-  } catch (error) {
-    console.error("Access control error:", error);
-    return query.where("1", "=", "0");
-  }
-  return query;
-};
-var converOperatorToQuery = (query, fieldName, operators) => {
-  if (operators.eq !== void 0) {
-    query = query.where(fieldName, operators.eq);
-  }
-  if (operators.ne !== void 0) {
-    query = query.whereRaw(`?? IS DISTINCT FROM ?`, [fieldName, operators.ne]);
-  }
-  if (operators.in !== void 0) {
-    query = query.whereIn(fieldName, operators.in);
-  }
-  if (operators.contains !== void 0) {
-    query = query.where(fieldName, "like", `%${operators.contains}%`);
-  }
-  if (operators.lte !== void 0) {
-    query = query.where(fieldName, "<=", operators.lte);
-  }
-  if (operators.gte !== void 0) {
-    query = query.where(fieldName, ">=", operators.gte);
-  }
-  return query;
+  ]
 };
-function createQueries(table) {
-  const tableNamePlural = table.name.plural.toLowerCase();
-  const tableNameSingular = table.name.singular.toLowerCase();
-  const applyFilters = (query, filters) => {
-    filters.forEach((filter) => {
-      Object.entries(filter).forEach(([fieldName, operators]) => {
-        if (operators) {
-          if (operators.and !== void 0) {
-            console.log("operators.and", operators.and);
-            operators.and.forEach((operator) => {
-              query = converOperatorToQuery(query, fieldName, operator);
-            });
-          }
-          if (operators.or !== void 0) {
-            operators.or.forEach((operator) => {
-              query = converOperatorToQuery(query, fieldName, operator);
-            });
-          }
-          query = converOperatorToQuery(query, fieldName, operators);
-          console.log("query", query);
-        }
-      });
-    });
-    return query;
-  };
-  const applySorting = (query, sort) => {
-    if (sort) {
-      query = query.orderBy(sort.field, sort.direction.toLowerCase());
-    }
-    return query;
-  };
-  return {
-    [`${tableNameSingular}ById`]: async (_, args, context, info) => {
-      const { db: db3 } = context;
-      const requestedFields = getRequestedFields(info);
-      let query = db3.from(tableNamePlural).select(requestedFields).where({ id: args.id });
-      query = applyAccessControl(table, context.user, query);
-      const result = await query.first();
-      return result;
+var usersSchema = {
+  name: {
+    plural: "users",
+    singular: "user"
+  },
+  fields: [
+    {
+      name: "id",
+      type: "number",
+      index: true
     },
-    [`${tableNameSingular}ByIds`]: async (_, args, context, info) => {
-      const { db: db3 } = context;
-      const requestedFields = getRequestedFields(info);
-      let query = db3.from(tableNamePlural).select(requestedFields).whereIn("id", args.ids);
-      query = applyAccessControl(table, context.user, query);
-      const result = await query;
-      return result;
+    {
+      name: "favourite_agents",
+      type: "json"
     },
-    [`${tableNameSingular}One`]: async (_, args, context, info) => {
-      const { filters = [], sort } = args;
-      const { db: db3 } = context;
-      const requestedFields = getRequestedFields(info);
-      let query = db3.from(tableNamePlural).select(requestedFields);
-      query = applyFilters(query, filters);
-      query = applyAccessControl(table, context.user, query);
-      query = applySorting(query, sort);
-      const result = await query.first();
-      return result;
+    {
+      name: "firstname",
+      type: "text"
     },
-    [`${tableNamePlural}Pagination`]: async (_, args, context, info) => {
-      const { limit = 10, page = 0, filters = [], sort } = args;
-      const { db: db3 } = context;
-      let countQuery = db3(tableNamePlural);
-      countQuery = applyFilters(countQuery, filters);
-      countQuery = applyAccessControl(table, context.user, countQuery);
-      console.log("countQuery", countQuery);
-      const countResult = await countQuery.count("* as count");
-      const itemCount = Number(countResult[0]?.count || 0);
-      const pageCount = Math.ceil(itemCount / limit);
-      const currentPage = page;
-      const hasPreviousPage = currentPage > 1;
-      const hasNextPage = currentPage < pageCount - 1;
-      let dataQuery = db3(tableNamePlural);
-      dataQuery = applyFilters(dataQuery, filters);
-      dataQuery = applyAccessControl(table, context.user, dataQuery);
-      const requestedFields = getRequestedFields(info);
-      dataQuery = applySorting(dataQuery, sort);
-      if (page > 1) {
-        dataQuery = dataQuery.offset((page - 1) * limit);
-      }
-      const items = await dataQuery.select(requestedFields).limit(limit);
-      return {
-        pageInfo: {
-          pageCount,
-          itemCount,
-          currentPage,
-          hasPreviousPage,
-          hasNextPage
-        },
-        items
-      };
+    {
+      name: "name",
+      type: "text"
     },
-    // Add generic statistics query for all tables
-    [`${tableNamePlural}Statistics`]: async (_, args, context, info) => {
-      const { filters = [], groupBy } = args;
-      const { db: db3 } = context;
-      let query = db3(tableNamePlural);
-      query = applyFilters(query, filters);
-      query = applyAccessControl(table, context.user, query);
-      if (groupBy) {
-        query = query.select(groupBy).groupBy(groupBy);
-        if (tableNamePlural === "tracking") {
-          query = query.sum("total as count");
-        } else {
-          query = query.count("* as count");
-        }
-        const results = await query;
-        console.log("!!! results !!!", results);
-        return results.map((r) => ({
-          group: r[groupBy],
-          count: r.count ? Number(r.count) : 0
-        }));
-      } else {
-        if (tableNamePlural === "tracking") {
-          query = query.sum("total as count");
-          const [{ count }] = await query.sum("total as count");
-          console.log("!!! count !!!", count);
-          return [{
-            group: "total",
-            count: count ? Number(count) : 0
-          }];
-        } else {
-          const [{ count }] = await query.count("* as count");
-          return [{
-            group: "total",
-            count: count ? Number(count) : 0
-          }];
-        }
-      }
-    }
-  };
-}
-var RBACResolver = async (db3, table, entityName, resourceId, rights_mode) => {
-  const rbacRecords = await db3.from("rbac").where({
-    entity: entityName,
-    target_resource_id: resourceId
-  }).select("*");
-  const users = rbacRecords.filter((r) => r.access_type === "User").map((r) => ({ id: r.user_id, rights: r.rights }));
-  const roles = rbacRecords.filter((r) => r.access_type === "Role").map((r) => ({ id: r.role_id, rights: r.rights }));
-  let type = rights_mode || "private";
-  if (type === "users" && users.length === 0) type = "private";
-  if (type === "roles" && roles.length === 0) type = "private";
-  return {
-    type,
-    users,
-    roles
-  };
-};
-function createSDL(tables) {
-  tables.forEach((table) => {
-    table.fields.push({
-      name: "createdAt",
-      type: "date"
-    });
-    table.fields.push({
-      name: "updatedAt",
+    {
+      name: "lastname",
+      type: "text"
+    },
+    {
+      name: "email",
+      type: "text",
+      index: true
+    },
+    {
+      name: "temporary_token",
+      type: "text"
+    },
+    {
+      name: "type",
+      type: "text",
+      index: true
+    },
+    {
+      name: "profile_image",
+      type: "text"
+    },
+    {
+      name: "super_admin",
+      type: "boolean",
+      default: false
+    },
+    {
+      name: "status",
+      type: "text"
+    },
+    {
+      name: "emailVerified",
+      type: "text"
+    },
+    {
+      name: "apikey",
+      type: "text"
+    },
+    {
+      name: "last_used",
       type: "date"
-    });
-  });
-  console.log("[EXULU] Creating SDL");
-  let typeDefs = `
-    scalar JSON
-    scalar Date
-    
-    type RBACData {
-      type: String!
-      users: [RBACUser!]
-      roles: [RBACRole!]
+    },
+    {
+      name: "password",
+      type: "text"
+    },
+    {
+      name: "anthropic_token",
+      type: "text"
+    },
+    {
+      name: "role",
+      type: "uuid"
     }
-    
-    type RBACUser {
-      id: ID!
-      rights: String!
+  ]
+};
+var rolesSchema = {
+  name: {
+    plural: "roles",
+    singular: "role"
+  },
+  fields: [
+    {
+      name: "name",
+      type: "text"
+    },
+    {
+      name: agentsSchema.name.plural,
+      type: "text"
+      // write | read access to agents
+    },
+    {
+      name: "api",
+      type: "text"
+    },
+    {
+      name: "workflows",
+      type: "text"
+      // write | read access to workflows
+    },
+    {
+      name: variablesSchema.name.plural,
+      type: "text"
+      // write | read access to variables
+    },
+    {
+      name: usersSchema.name.plural,
+      type: "text"
+      // write | read access to users
     }
-    
-    type RBACRole {
-      id: ID!
-      rights: String!
-    }
-    
-    input RBACInput {
-      users: [RBACUserInput!]
-      roles: [RBACRoleInput!]
-    }
-    
-    input RBACUserInput {
-      id: ID!
-      rights: String!
-    }
-    
-    input RBACRoleInput {
-      id: ID!
-      rights: String!
-    }
-    
-    type Query {
-    `;
-  let mutationDefs = `
-    type Mutation {
-    `;
-  let modelDefs = "";
-  const resolvers = { JSON: GraphQLJSON, Date: GraphQLDate, Query: {}, Mutation: {} };
-  for (const table of tables) {
-    if (table.graphql === false) {
-      continue;
-    }
-    const tableNamePlural = table.name.plural.toLowerCase();
-    const tableNameSingular = table.name.singular.toLowerCase();
-    const tableNameSingularUpperCaseFirst = table.name.singular.charAt(0).toUpperCase() + table.name.singular.slice(1);
-    console.log("[EXULU] Adding table >>>>>", tableNamePlural);
-    typeDefs += `
-      ${tableNameSingular}ById(id: ID!): ${tableNameSingular}
-      ${tableNameSingular}ByIds(ids: [ID!]!): [${tableNameSingular}]!
-      ${tableNamePlural}Pagination(limit: Int, page: Int, filters: [Filter${tableNameSingularUpperCaseFirst}], sort: SortBy): ${tableNameSingularUpperCaseFirst}PaginationResult
-      ${tableNameSingular}One(filters: [Filter${tableNameSingularUpperCaseFirst}], sort: SortBy): ${tableNameSingular}
-      ${tableNamePlural}Statistics(filters: [Filter${tableNameSingularUpperCaseFirst}], groupBy: String): [StatisticsResult]!
-    `;
-    mutationDefs += `
-      ${tableNamePlural}CreateOne(input: ${tableNameSingular}Input!): ${tableNameSingular}
-      ${tableNamePlural}UpdateOne(where: JSON!, input: ${tableNameSingular}Input!): ${tableNameSingular}
-      ${tableNamePlural}UpdateOneById(id: ID!, input: ${tableNameSingular}Input!): ${tableNameSingular}
-      ${tableNamePlural}RemoveOne(where: JSON!): ${tableNameSingular}
-      ${tableNamePlural}RemoveOneById(id: ID!): ${tableNameSingular}
-    `;
-    modelDefs += createTypeDefs(table);
-    modelDefs += createFilterTypeDefs(table);
-    modelDefs += `
-type ${tableNameSingularUpperCaseFirst}PaginationResult {
-  pageInfo: PageInfo!
-  items: [${tableNameSingular}]!
-}
-
-type PageInfo {
-  pageCount: Int!
-  itemCount: Int!
-  currentPage: Int!
-  hasPreviousPage: Boolean!
-  hasNextPage: Boolean!
-}
-`;
-    Object.assign(resolvers.Query, createQueries(table));
-    Object.assign(resolvers.Mutation, createMutations(table));
-    if (table.RBAC) {
-      const rbacResolverName = table.name.singular;
-      if (!resolvers[rbacResolverName]) {
-        resolvers[rbacResolverName] = {};
-      }
-      resolvers[rbacResolverName].RBAC = async (parent, args, context) => {
-        const { db: db3 } = context;
-        const resourceId = parent.id;
-        const entityName = table.name.singular;
-        const rights_mode = parent.rights_mode;
-        return RBACResolver(db3, table, entityName, resourceId, rights_mode);
-      };
-    }
-  }
-  typeDefs += "}\n";
-  mutationDefs += "}\n";
-  const genericTypes = `
-type StatisticsResult {
-  group: String!
-  count: Int!
-}
-`;
-  const fullSDL = typeDefs + mutationDefs + modelDefs + genericTypes;
-  const schema = makeExecutableSchema({
-    typeDefs: fullSDL,
-    resolvers
-  });
-  console.log("\n\u{1F4CA} GraphQL Schema Overview\n");
-  const queriesTable = Object.keys(resolvers.Query).map((query) => ({
-    "Operation Type": "Query",
-    "Name": query,
-    "Description": "Retrieves data"
-  }));
-  const mutationsTable = Object.keys(resolvers.Mutation).map((mutation) => ({
-    "Operation Type": "Mutation",
-    "Name": mutation,
-    "Description": "Modifies data"
-  }));
-  const typesTable = tables.flatMap(
-    (table) => table.fields.map((field) => ({
-      "Type": table.name.singular,
-      "Field": field.name,
-      "Field Type": field.type,
-      "Required": field.required ? "Yes" : "No"
-    }))
-  );
-  console.log("\u{1F50D} Operations:");
-  console.table([...queriesTable, ...mutationsTable]);
-  console.log("\n\u{1F4DD} Types and Fields:");
-  console.table(typesTable);
-  console.log("\n");
-  return schema;
-}
-var encryptSensitiveFields = (input) => {
-  if (input.value && input.encrypted === true) {
-    input.value = CryptoJS2.AES.encrypt(input.value, process.env.NEXTAUTH_SECRET).toString();
-  }
-  return input;
-};
-var validateCreateOrRemoveSuperAdminPermission = async (tableNamePlural, input, req) => {
-  if (tableNamePlural === "users" && input.super_admin !== void 0) {
-    const authResult = await requestValidators.authenticate(req);
-    if (authResult.error || !authResult.user) {
-      throw new Error("Authentication failed");
-    }
-    if (!authResult.user.super_admin) {
-      throw new Error("Only super administrators can modify super_admin status");
-    }
-  }
+  ]
 };
-
-// src/registry/routes.ts
-import { expressMiddleware } from "@as-integrations/express5";
-
-// src/postgres/core-schema.ts
-var agentMessagesSchema = {
+var statisticsSchema = {
   name: {
-    plural: "agent_messages",
-    singular: "agent_message"
+    plural: "tracking",
+    singular: "tracking"
   },
   fields: [
     {
-      name: "content",
+      name: "name",
       type: "text"
     },
     {
-      name: "title",
+      name: "label",
       type: "text"
     },
     {
-      name: "user",
-      type: "number"
+      name: "type",
+      type: "enum",
+      enumValues: Object.values(STATISTICS_TYPE_ENUM)
     },
     {
-      name: "session",
-      type: "text"
-    }
-  ]
-};
-var agentSessionsSchema = {
-  name: {
-    plural: "agent_sessions",
-    singular: "agent_session"
-  },
-  fields: [
-    {
-      name: "agent",
-      type: "uuid"
+      name: "total",
+      type: "number"
     },
     {
       name: "user",
-      // next auth stores users with id type SERIAL, so we need to use number
       type: "number"
     },
     {
       name: "role",
       type: "uuid"
-    },
-    {
-      name: "title",
-      type: "text"
     }
   ]
 };
-var variablesSchema = {
+var evalResultsSchema = {
   name: {
-    plural: "variables",
-    singular: "variable"
+    plural: "eval_results",
+    singular: "eval_result"
   },
   fields: [
     {
-      name: "name",
-      type: "text",
-      index: true,
-      unique: true
+      name: "input",
+      type: "longText"
     },
     {
-      name: "value",
+      name: "output",
       type: "longText"
     },
     {
-      name: "encrypted",
-      type: "boolean",
-      default: false
-    }
-  ]
-};
-var workflowTemplatesSchema = {
-  name: {
-    plural: "workflow_templates",
-    singular: "workflow_template"
-  },
-  RBAC: true,
-  fields: [
-    {
-      name: "name",
-      type: "text",
-      required: true
+      name: "duration",
+      type: "number"
     },
     {
-      name: "description",
+      name: "category",
       type: "text"
     },
     {
-      name: "owner",
-      type: "number",
-      required: true
+      name: "metadata",
+      type: "json"
     },
     {
-      name: "visibility",
-      type: "text",
-      required: true
+      name: "result",
+      type: "number"
     },
     {
-      name: "shared_user_ids",
-      type: "json"
+      name: "agent_id",
+      type: "uuid"
     },
     {
-      name: "shared_role_ids",
-      type: "json"
+      name: "workflow_id",
+      type: "uuid"
     },
     {
-      name: "variables",
-      type: "json"
+      name: "eval_type",
+      type: "text"
     },
     {
-      name: "steps_json",
-      type: "json",
-      required: true
+      name: "eval_name",
+      type: "text"
     },
     {
-      name: "example_metadata_json",
-      type: "json"
+      name: "comment",
+      type: "longText"
     }
   ]
 };
-var agentsSchema = {
+var jobsSchema = {
   name: {
-    plural: "agents",
-    singular: "agent"
+    plural: "jobs",
+    singular: "job"
   },
   RBAC: true,
   fields: [
     {
-      name: "name",
+      name: "redis",
       type: "text"
     },
     {
-      name: "image",
+      name: "session",
       type: "text"
     },
     {
-      name: "description",
+      name: "status",
       type: "text"
     },
     {
-      name: "providerApiKey",
+      name: "type",
       type: "text"
     },
     {
-      name: "extensions",
-      type: "json"
-    },
-    {
-      name: "backend",
-      type: "text"
+      name: "result",
+      type: "longText"
     },
     {
-      name: "type",
+      name: "name",
       type: "text"
     },
     {
-      name: "active",
-      type: "boolean",
-      default: false
+      name: "agent",
+      type: "uuid"
     },
     {
-      name: "tools",
-      type: "json"
-    }
-  ]
-};
-var usersSchema = {
-  name: {
-    plural: "users",
-    singular: "user"
-  },
-  fields: [
-    {
-      name: "id",
-      type: "number",
-      index: true
+      name: "workflow",
+      type: "uuid"
     },
     {
-      name: "favourite_agents",
-      type: "json"
+      name: "user",
+      // next auth stores users with id type SERIAL, so we need to use number
+      type: "number"
     },
     {
-      name: "firstname",
-      type: "text"
+      name: "item",
+      type: "uuid"
     },
     {
-      name: "name",
-      type: "text"
+      name: "steps",
+      type: "number"
     },
     {
-      name: "lastname",
-      type: "text"
+      name: "inputs",
+      type: "json"
     },
     {
-      name: "email",
-      type: "text",
-      index: true
+      name: "finished_at",
+      type: "date"
     },
     {
-      name: "temporary_token",
-      type: "text"
-    },
+      name: "duration",
+      type: "number"
+    }
+  ]
+};
+var rbacSchema = {
+  name: {
+    plural: "rbac",
+    singular: "rbac"
+  },
+  graphql: false,
+  fields: [
     {
-      name: "type",
+      name: "entity",
       type: "text",
-      index: true
-    },
-    {
-      name: "profile_image",
-      type: "text"
-    },
-    {
-      name: "super_admin",
-      type: "boolean",
-      default: false
-    },
-    {
-      name: "status",
-      type: "text"
-    },
-    {
-      name: "emailVerified",
-      type: "text"
+      required: true
     },
     {
-      name: "apikey",
-      type: "text"
+      name: "access_type",
+      type: "text",
+      required: true
     },
     {
-      name: "last_used",
-      type: "date"
+      name: "target_resource_id",
+      type: "uuid",
+      required: true
     },
     {
-      name: "password",
-      type: "text"
+      name: "role_id",
+      type: "uuid"
     },
     {
-      name: "anthropic_token",
-      type: "text"
+      name: "user_id",
+      type: "number"
     },
     {
-      name: "role",
-      type: "uuid"
+      name: "rights",
+      type: "text",
+      required: true
+    }
+  ]
+};
+var addRBACfields = (schema) => {
+  if (schema.RBAC) {
+    console.log(`[EXULU] Adding rights_mode field to ${schema.name.plural} table.`);
+    schema.fields.push({
+      name: "rights_mode",
+      type: "text",
+      required: false,
+      default: "private"
+    });
+    schema.fields.push({
+      name: "created_by",
+      type: "number",
+      required: true,
+      default: 0
+    });
+  }
+  return schema;
+};
+var coreSchemas = {
+  get: () => {
+    return {
+      agentsSchema: () => addRBACfields(agentsSchema),
+      agentMessagesSchema: () => addRBACfields(agentMessagesSchema),
+      agentSessionsSchema: () => addRBACfields(agentSessionsSchema),
+      usersSchema: () => addRBACfields(usersSchema),
+      rolesSchema: () => addRBACfields(rolesSchema),
+      statisticsSchema: () => addRBACfields(statisticsSchema),
+      evalResultsSchema: () => addRBACfields(evalResultsSchema),
+      jobsSchema: () => addRBACfields(jobsSchema),
+      variablesSchema: () => addRBACfields(variablesSchema),
+      rbacSchema: () => addRBACfields(rbacSchema),
+      workflowTemplatesSchema: () => addRBACfields(workflowTemplatesSchema)
+    };
+  }
+};
+
+// src/registry/utils/graphql.ts
+var GraphQLDate = new GraphQLScalarType({
+  name: "Date",
+  description: "Date custom scalar type",
+  serialize(value) {
+    if (value instanceof Date) {
+      return value.toISOString();
+    }
+    if (typeof value === "number") {
+      return new Date(value).toISOString();
+    }
+    if (typeof value === "string") {
+      return new Date(value).toISOString();
+    }
+    return value;
+  },
+  parseValue(value) {
+    if (typeof value === "string") {
+      return new Date(value);
+    }
+    if (typeof value === "number") {
+      return new Date(value);
+    }
+    return value;
+  },
+  parseLiteral(ast) {
+    if (ast.kind === Kind.STRING) {
+      return new Date(ast.value);
+    }
+    if (ast.kind === Kind.INT) {
+      return new Date(parseInt(ast.value, 10));
+    }
+    return null;
+  }
+});
+var map = (field) => {
+  let type;
+  switch (field.type) {
+    case "text":
+    case "shortText":
+    case "longText":
+    case "code":
+      type = "String";
+      break;
+    case "enum":
+      type = field.enumValues ? `${field.name}Enum` : "String";
+      break;
+    case "number":
+      type = "Float";
+      break;
+    case "boolean":
+      type = "Boolean";
+      break;
+    case "json":
+      type = "JSON";
+      break;
+    case "date":
+      type = "Date";
+      break;
+    default:
+      type = "String";
+  }
+  return type;
+};
+function createTypeDefs(table) {
+  const enumDefs = table.fields.filter((field) => field.type === "enum" && field.enumValues).map((field) => {
+    const enumValues = field.enumValues.map((value) => {
+      const sanitized = String(value).replace(/[^a-zA-Z0-9_]/g, "_").replace(/^[0-9]/, "_$&").toUpperCase();
+      return `  ${sanitized}`;
+    }).join("\n");
+    return `
+enum ${field.name}Enum {
+${enumValues}
+}`;
+  }).join("\n");
+  let fields = table.fields.map((field) => {
+    let type;
+    type = map(field);
+    const required = field.required ? "!" : "";
+    return `  ${field.name}: ${type}${required}`;
+  });
+  if (table.name.singular === "agent") {
+    fields.push("  providerName: String");
+    fields.push("  modelName: String");
+    fields.push("  rateLimit: RateLimiterRule");
+    fields.push("  streaming: Boolean");
+    fields.push("  capabilities: AgentCapabilities");
+    fields.push("  slug: String");
+  }
+  const rbacField = table.RBAC ? "  RBAC: RBACData" : "";
+  const typeDef = `
+  type ${table.name.singular} {
+  ${fields.join("\n")}
+    ${table.fields.find((field) => field.name === "id") ? "" : "id: ID!"}
+${rbacField}
+  }
+  `;
+  const rbacInputField = table.RBAC ? "  RBAC: RBACInput" : "";
+  const inputDef = `
+input ${table.name.singular}Input {
+${table.fields.map((f) => `  ${f.name}: ${map(f)}`).join("\n")}
+${rbacInputField}
+}
+`;
+  return enumDefs + typeDef + inputDef;
+}
+function createFilterTypeDefs(table) {
+  const fieldFilters = table.fields.map((field) => {
+    let type;
+    if (field.type === "enum" && field.enumValues) {
+      type = `${field.name}Enum`;
+    } else {
+      type = map(field);
+    }
+    return `
+  ${field.name}: FilterOperator${type}`;
+  });
+  const tableNameSingularUpperCaseFirst = table.name.singular.charAt(0).toUpperCase() + table.name.singular.slice(1);
+  const enumFilterOperators = table.fields.filter((field) => field.type === "enum" && field.enumValues).map((field) => {
+    const enumTypeName = `${field.name}Enum`;
+    return `
+input FilterOperator${enumTypeName} {
+  eq: ${enumTypeName}
+  ne: ${enumTypeName}
+  in: [${enumTypeName}]
+  and: [FilterOperator${enumTypeName}]
+  or: [FilterOperator${enumTypeName}]
+}`;
+  }).join("\n");
+  const operatorTypes = `
+input FilterOperatorString {
+  eq: String
+  ne: String
+  in: [String]
+  contains: String
+  and: [FilterOperatorString]
+  or: [FilterOperatorString]
+}
+
+input FilterOperatorDate {
+  lte: Date
+  gte: Date
+  and: [FilterOperatorDate]
+  or: [FilterOperatorDate]
+}
+
+input FilterOperatorFloat {
+  eq: Float
+  ne: Float
+  in: [Float]
+  and: [FilterOperatorFloat]
+  or: [FilterOperatorFloat]
+}
+
+input FilterOperatorBoolean {
+  eq: Boolean
+  ne: Boolean
+  in: [Boolean]
+  and: [FilterOperatorBoolean]
+  or: [FilterOperatorBoolean]
+}
+
+input FilterOperatorJSON {
+  eq: JSON
+  ne: JSON
+  in: [JSON]
+}
+
+input SortBy {
+  field: String!
+  direction: SortDirection!
+}
+
+enum SortDirection {
+  ASC
+  DESC
+}
+
+${enumFilterOperators}
+
+input Filter${tableNameSingularUpperCaseFirst} {
+${fieldFilters.join("\n")}
+}`;
+  return operatorTypes;
+}
+var getRequestedFields = (info) => {
+  const selections = info.operation.selectionSet.selections[0].selectionSet.selections;
+  const itemsSelection = selections.find((s) => s.name.value === "items");
+  const fields = itemsSelection ? Object.keys(itemsSelection.selectionSet.selections.reduce((acc, field) => {
+    acc[field.name.value] = true;
+    return acc;
+  }, {})) : Object.keys(selections.reduce((acc, field) => {
+    acc[field.name.value] = true;
+    return acc;
+  }, {}));
+  return fields.filter((field) => field !== "pageInfo" && field !== "items" && field !== "RBAC");
+};
+var handleRBACUpdate = async (db3, entityName, resourceId, rbacData, existingRbacRecords) => {
+  const { users = [], roles = [] } = rbacData;
+  if (!existingRbacRecords) {
+    existingRbacRecords = await db3.from("rbac").where({
+      entity: entityName,
+      target_resource_id: resourceId
+    }).select("*");
+  }
+  const newUserRecords = new Set(users.map((u) => `${u.id}:${u.rights}`));
+  const newRoleRecords = new Set(roles.map((r) => `${r.id}:${r.rights}`));
+  const existingUserRecords = new Set(existingRbacRecords.filter((r) => r.access_type === "User").map((r) => `${r.user_id}:${r.rights}`));
+  const existingRoleRecords = new Set(existingRbacRecords.filter((r) => r.access_type === "Role").map((r) => `${r.role_id}:${r.rights}`));
+  const usersToCreate = users.filter((u) => !existingUserRecords.has(`${u.id}:${u.rights}`));
+  const rolesToCreate = roles.filter((r) => !existingRoleRecords.has(`${r.id}:${r.rights}`));
+  const usersToRemove = existingRbacRecords.filter((r) => r.access_type === "User" && !newUserRecords.has(`${r.user_id}:${r.rights}`));
+  const rolesToRemove = existingRbacRecords.filter((r) => r.access_type === "Role" && !newRoleRecords.has(`${r.role_id}:${r.rights}`));
+  if (usersToRemove.length > 0) {
+    await db3.from("rbac").whereIn("id", usersToRemove.map((r) => r.id)).del();
+  }
+  if (rolesToRemove.length > 0) {
+    await db3.from("rbac").whereIn("id", rolesToRemove.map((r) => r.id)).del();
+  }
+  const recordsToInsert = [];
+  usersToCreate.forEach((user) => {
+    recordsToInsert.push({
+      entity: entityName,
+      access_type: "User",
+      target_resource_id: resourceId,
+      user_id: user.id,
+      rights: user.rights,
+      createdAt: /* @__PURE__ */ new Date(),
+      updatedAt: /* @__PURE__ */ new Date()
+    });
+  });
+  rolesToCreate.forEach((role) => {
+    recordsToInsert.push({
+      entity: entityName,
+      access_type: "Role",
+      target_resource_id: resourceId,
+      role_id: role.id,
+      rights: role.rights,
+      createdAt: /* @__PURE__ */ new Date(),
+      updatedAt: /* @__PURE__ */ new Date()
+    });
+  });
+  if (recordsToInsert.length > 0) {
+    await db3.from("rbac").insert(recordsToInsert);
+  }
+};
+function createMutations(table, agents, contexts, tools) {
+  const tableNamePlural = table.name.plural.toLowerCase();
+  const validateWriteAccess = async (id, context) => {
+    try {
+      const { db: db3, req, user } = context;
+      if (user.super_admin === true) {
+        return true;
+      }
+      if (!user.role || !(table.name.plural === "agents" && user.role.agents === "write") && !(table.name.plural === "workflow_templates" && user.role.workflows === "write") && !(table.name.plural === "variables" && user.role.variables === "write") && !(table.name.plural === "users" && user.role.users === "write")) {
+        console.error("Access control error: no role found for current user or no access to entity type.");
+        throw new Error("Access control error: no role found for current user or no access to entity type.");
+      }
+      const hasRBAC = table.RBAC === true;
+      if (!hasRBAC) {
+        return true;
+      }
+      const record = await db3.from(tableNamePlural).select(["rights_mode", "created_by"]).where({ id }).first();
+      if (!record) {
+        throw new Error("Record not found");
+      }
+      if (tableNamePlural === "jobs") {
+        if (!user.super_admin && record.created_by !== user.id) {
+          throw new Error("You are not authorized to edit this record");
+        }
+      }
+      if (record.rights_mode === "public") {
+        return true;
+      }
+      if (record.rights_mode === "private") {
+        if (record.created_by === user.id) {
+          return true;
+        }
+        throw new Error("Only the creator can edit this private record");
+      }
+      if (record.rights_mode === "users") {
+        const rbacRecord = await db3.from("rbac").where({
+          entity: table.name.singular,
+          target_resource_id: id,
+          access_type: "User",
+          user_id: user.id,
+          rights: "write"
+        }).first();
+        if (rbacRecord) {
+          return true;
+        }
+        throw new Error("Insufficient user permissions to edit this record");
+      }
+      if (record.rights_mode === "roles" && user.role) {
+        const rbacRecord = await db3.from("rbac").where({
+          entity: table.name.singular,
+          target_resource_id: id,
+          access_type: "Role",
+          role_id: user.role,
+          rights: "write"
+        }).first();
+        if (rbacRecord) {
+          return true;
+        }
+        throw new Error("Insufficient role permissions to edit this record");
+      }
+      throw new Error("Insufficient permissions to edit this record");
+    } catch (error) {
+      console.error("Write access validation error:", error);
+      throw error;
     }
-  ]
-};
-var rolesSchema = {
-  name: {
-    plural: "roles",
-    singular: "role"
-  },
-  fields: [
-    {
-      name: "name",
-      type: "text"
-    },
-    {
-      name: agentsSchema.name.plural,
-      type: "text"
-      // write | read access to agents
-    },
-    {
-      name: "api",
-      type: "text"
+  };
+  return {
+    [`${tableNamePlural}CreateOne`]: async (_, args, context, info) => {
+      const { db: db3 } = context;
+      const requestedFields = getRequestedFields(info);
+      const sanitizedFields = sanitizeRequestedFields(table, requestedFields);
+      let { input } = args;
+      const rbacData = input.RBAC;
+      delete input.RBAC;
+      delete input.created_by;
+      input = encryptSensitiveFields(input);
+      if (table.RBAC) {
+        input.created_by = context.user.id;
+      }
+      if (table.name.singular === "user" && context.user?.super_admin !== true) {
+        throw new Error("You are not authorized to create users");
+      }
+      if (table.name.singular === "user" && input.password) {
+        input.password = await bcrypt2.hash(input.password, 10);
+      }
+      Object.keys(input).forEach((key) => {
+        if (table.fields.find((field) => field.name === key)?.type === "json") {
+          if (typeof input[key] === "object" || Array.isArray(input[key])) {
+            input[key] = JSON.stringify(input[key]);
+          }
+        }
+      });
+      const results = await db3(tableNamePlural).insert({
+        ...input,
+        ...table.RBAC ? { rights_mode: "private" } : {},
+        createdAt: /* @__PURE__ */ new Date(),
+        updatedAt: /* @__PURE__ */ new Date()
+      }).returning(sanitizedFields);
+      if (table.RBAC && rbacData && results[0]) {
+        await handleRBACUpdate(db3, table.name.singular, results[0].id, rbacData, []);
+      }
+      return finalizeRequestedFields({ table, requestedFields, agents, contexts, tools, result: results[0] });
     },
-    {
-      name: "workflows",
-      type: "text"
-      // write | read access to workflows
+    [`${tableNamePlural}UpdateOne`]: async (_, args, context, info) => {
+      const { db: db3, req } = context;
+      let { where, input } = args;
+      await validateCreateOrRemoveSuperAdminPermission(tableNamePlural, input, req);
+      if (where.id) {
+        await validateWriteAccess(where.id, context);
+      }
+      const rbacData = input.RBAC;
+      delete input.RBAC;
+      delete input.created_by;
+      input = encryptSensitiveFields(input);
+      Object.keys(input).forEach((key) => {
+        if (table.fields.find((field) => field.name === key)?.type === "json") {
+          if (typeof input[key] === "object" || Array.isArray(input[key])) {
+            input[key] = JSON.stringify(input[key]);
+          }
+        }
+      });
+      await db3(tableNamePlural).where(where).update({
+        ...input,
+        updatedAt: /* @__PURE__ */ new Date()
+      });
+      if (table.RBAC && rbacData && where.id) {
+        const existingRbacRecords = await db3.from("rbac").where({
+          entity: table.name.singular,
+          target_resource_id: where.id
+        }).select("*");
+        await handleRBACUpdate(db3, table.name.singular, where.id, rbacData, existingRbacRecords);
+      }
+      const requestedFields = getRequestedFields(info);
+      const sanitizedFields = sanitizeRequestedFields(table, requestedFields);
+      const result = await db3.from(tableNamePlural).select(sanitizedFields).where(where).first();
+      return finalizeRequestedFields({ table, requestedFields, agents, contexts, tools, result });
     },
-    {
-      name: variablesSchema.name.plural,
-      type: "text"
-      // write | read access to variables
+    [`${tableNamePlural}UpdateOneById`]: async (_, args, context, info) => {
+      const { db: db3, req } = context;
+      let { id, input } = args;
+      await validateCreateOrRemoveSuperAdminPermission(tableNamePlural, input, req);
+      await validateWriteAccess(id, context);
+      const rbacData = input.RBAC;
+      delete input.RBAC;
+      delete input.created_by;
+      input = encryptSensitiveFields(input);
+      Object.keys(input).forEach((key) => {
+        if (table.fields.find((field) => field.name === key)?.type === "json") {
+          if (typeof input[key] === "object" || Array.isArray(input[key])) {
+            input[key] = JSON.stringify(input[key]);
+          }
+        }
+      });
+      await db3(tableNamePlural).where({ id }).update({
+        ...input,
+        updatedAt: /* @__PURE__ */ new Date()
+      });
+      if (table.RBAC && rbacData) {
+        const existingRbacRecords = await db3.from("rbac").where({
+          entity: table.name.singular,
+          target_resource_id: id
+        }).select("*");
+        await handleRBACUpdate(db3, table.name.singular, id, rbacData, existingRbacRecords);
+      }
+      const requestedFields = getRequestedFields(info);
+      const sanitizedFields = sanitizeRequestedFields(table, requestedFields);
+      const result = await db3.from(tableNamePlural).select(sanitizedFields).where({ id }).first();
+      return finalizeRequestedFields({ table, requestedFields, agents, contexts, tools, result });
     },
-    {
-      name: usersSchema.name.plural,
-      type: "text"
-      // write | read access to users
+    [`${tableNamePlural}RemoveOneById`]: async (_, args, context, info) => {
+      const { id } = args;
+      const { db: db3 } = context;
+      const requestedFields = getRequestedFields(info);
+      const sanitizedFields = sanitizeRequestedFields(table, requestedFields);
+      const result = await db3.from(tableNamePlural).select(sanitizedFields).where({ id }).first();
+      if (!result) {
+        throw new Error("Record not found");
+      }
+      await db3(tableNamePlural).where({ id }).del();
+      if (table.RBAC) {
+        await db3.from("rbac").where({
+          entity: table.name.singular,
+          target_resource_id: id
+        }).del();
+      }
+      return finalizeRequestedFields({ table, requestedFields, agents, contexts, tools, result });
     }
-  ]
+  };
+}
+var applyAccessControl = (table, user, query) => {
+  console.log("table", table);
+  const tableNamePlural = table.name.plural.toLowerCase();
+  if (!user.super_admin && table.name.plural === "jobs") {
+    query = query.where("created_by", user.id);
+    return query;
+  }
+  const hasRBAC = table.RBAC === true;
+  if (!hasRBAC) {
+    return query;
+  }
+  if (table.name.plural !== "agent_sessions" && user.super_admin === true) {
+    return query;
+  }
+  if (!user.role || !(table.name.plural === "agents" && (user.role.agents === "read" || user.role.agents === "write")) && !(table.name.plural === "workflow_templates" && (user.role.workflows === "read" || user.role.workflows === "write")) && !(table.name.plural === "variables" && (user.role.variables === "read" || user.role.variables === "write")) && !(table.name.plural === "users" && (user.role.users === "read" || user.role.users === "write"))) {
+    console.error("Access control error: no role found or no access to entity type.");
+    return query.where("1", "=", "0");
+  }
+  try {
+    query = query.where(function() {
+      this.where("rights_mode", "public");
+      this.orWhere("created_by", user.id);
+      this.orWhere(function() {
+        this.where("rights_mode", "users").whereExists(function() {
+          this.select("*").from("rbac").whereRaw("rbac.target_resource_id = " + tableNamePlural + ".id").where("rbac.entity", table.name.singular).where("rbac.access_type", "User").where("rbac.user_id", user.id);
+        });
+      });
+      if (user.role) {
+        console.log("user.role", user.role);
+        this.orWhere(function() {
+          this.where("rights_mode", "roles").whereExists(function() {
+            this.select("*").from("rbac").whereRaw("rbac.target_resource_id = " + tableNamePlural + ".id").where("rbac.entity", table.name.singular).where("rbac.access_type", "Role").where("rbac.role_id", user.role);
+          });
+        });
+      }
+    });
+  } catch (error) {
+    console.error("Access control error:", error);
+    return query.where("1", "=", "0");
+  }
+  return query;
 };
-var statisticsSchema = {
-  name: {
-    plural: "tracking",
-    singular: "tracking"
-  },
-  fields: [
-    {
-      name: "name",
-      type: "text"
-    },
-    {
-      name: "label",
-      type: "text"
-    },
-    {
-      name: "type",
-      type: "enum",
-      enumValues: Object.values(STATISTICS_TYPE_ENUM)
-    },
-    {
-      name: "total",
-      type: "number"
-    },
-    {
-      name: "user",
-      type: "number"
-    },
-    {
-      name: "role",
-      type: "uuid"
-    }
-  ]
+var converOperatorToQuery = (query, fieldName, operators) => {
+  if (operators.eq !== void 0) {
+    query = query.where(fieldName, operators.eq);
+  }
+  if (operators.ne !== void 0) {
+    query = query.whereRaw(`?? IS DISTINCT FROM ?`, [fieldName, operators.ne]);
+  }
+  if (operators.in !== void 0) {
+    query = query.whereIn(fieldName, operators.in);
+  }
+  if (operators.contains !== void 0) {
+    query = query.where(fieldName, "like", `%${operators.contains}%`);
+  }
+  if (operators.lte !== void 0) {
+    query = query.where(fieldName, "<=", operators.lte);
+  }
+  if (operators.gte !== void 0) {
+    query = query.where(fieldName, ">=", operators.gte);
+  }
+  return query;
+};
+var backendAgentFields = [
+  "providerName",
+  "modelName",
+  "slug",
+  "rateLimit",
+  "streaming",
+  "capabilities"
+];
+var removeAgentFields = (requestedFields) => {
+  const filtered = requestedFields.filter((field) => !backendAgentFields.includes(field));
+  filtered.push("backend");
+  return filtered;
+};
+var addAgentFields = (requestedFields, agents, result) => {
+  let backend = agents.find((a) => a.id === result?.backend);
+  if (requestedFields.includes("providerName")) {
+    result.providerName = backend?.providerName || "";
+  }
+  if (requestedFields.includes("modelName")) {
+    result.modelName = backend?.modelName || "";
+  }
+  if (requestedFields.includes("slug")) {
+    result.slug = backend?.slug || "";
+  }
+  if (requestedFields.includes("rateLimit")) {
+    result.rateLimit = backend?.rateLimit || "";
+  }
+  if (requestedFields.includes("streaming")) {
+    result.streaming = backend?.streaming || false;
+  }
+  if (requestedFields.includes("capabilities")) {
+    result.capabilities = backend?.capabilities || [];
+  }
+  if (!requestedFields.includes("backend")) {
+    delete result.backend;
+  }
+  return result;
 };
-var evalResultsSchema = {
-  name: {
-    plural: "eval_results",
-    singular: "eval_result"
-  },
-  fields: [
-    {
-      name: "input",
-      type: "longText"
-    },
-    {
-      name: "output",
-      type: "longText"
-    },
-    {
-      name: "duration",
-      type: "number"
-    },
-    {
-      name: "category",
-      type: "text"
-    },
-    {
-      name: "metadata",
-      type: "json"
-    },
-    {
-      name: "result",
-      type: "number"
-    },
-    {
-      name: "agent_id",
-      type: "uuid"
-    },
-    {
-      name: "workflow_id",
-      type: "uuid"
-    },
-    {
-      name: "eval_type",
-      type: "text"
-    },
-    {
-      name: "eval_name",
-      type: "text"
-    },
-    {
-      name: "comment",
-      type: "longText"
-    }
-  ]
+var sanitizeRequestedFields = (table, requestedFields) => {
+  if (table.name.singular === "agent") {
+    requestedFields = removeAgentFields(requestedFields);
+  }
+  if (!requestedFields.includes("id")) {
+    requestedFields.push("id");
+  }
+  return requestedFields;
 };
-var jobsSchema = {
-  name: {
-    plural: "jobs",
-    singular: "job"
-  },
-  RBAC: true,
-  fields: [
-    {
-      name: "redis",
-      type: "text"
-    },
-    {
-      name: "session",
-      type: "text"
-    },
-    {
-      name: "status",
-      type: "text"
-    },
-    {
-      name: "type",
-      type: "text"
-    },
-    {
-      name: "result",
-      type: "longText"
-    },
-    {
-      name: "name",
-      type: "text"
-    },
-    {
-      name: "agent",
-      type: "uuid"
-    },
-    {
-      name: "workflow",
-      type: "uuid"
-    },
-    {
-      name: "user",
-      // next auth stores users with id type SERIAL, so we need to use number
-      type: "number"
-    },
-    {
-      name: "item",
-      type: "uuid"
-    },
-    {
-      name: "steps",
-      type: "number"
-    },
-    {
-      name: "inputs",
-      type: "json"
-    },
-    {
-      name: "finished_at",
-      type: "date"
-    },
-    {
-      name: "duration",
-      type: "number"
+var finalizeRequestedFields = ({
+  table,
+  requestedFields,
+  agents,
+  contexts,
+  tools,
+  result
+}) => {
+  if (!result) {
+    return result;
+  }
+  if (Array.isArray(result)) {
+    result = result.map((item) => {
+      return finalizeRequestedFields({ table, requestedFields, agents, contexts, tools, result: item });
+    });
+  } else {
+    if (table.name.singular === "agent") {
+      result = addAgentFields(requestedFields, agents, result);
+      if (!requestedFields.includes("backend")) {
+        delete result.backend;
+      }
     }
-  ]
+  }
+  return result;
 };
-var rbacSchema = {
-  name: {
-    plural: "rbac",
-    singular: "rbac"
-  },
-  graphql: false,
-  fields: [
-    {
-      name: "entity",
-      type: "text",
-      required: true
-    },
-    {
-      name: "access_type",
-      type: "text",
-      required: true
+function createQueries(table, agents, tools, contexts) {
+  const tableNamePlural = table.name.plural.toLowerCase();
+  const tableNameSingular = table.name.singular.toLowerCase();
+  const applyFilters = (query, filters) => {
+    filters.forEach((filter) => {
+      Object.entries(filter).forEach(([fieldName, operators]) => {
+        if (operators) {
+          if (operators.and !== void 0) {
+            console.log("operators.and", operators.and);
+            operators.and.forEach((operator) => {
+              query = converOperatorToQuery(query, fieldName, operator);
+            });
+          }
+          if (operators.or !== void 0) {
+            operators.or.forEach((operator) => {
+              query = converOperatorToQuery(query, fieldName, operator);
+            });
+          }
+          query = converOperatorToQuery(query, fieldName, operators);
+          console.log("query", query);
+        }
+      });
+    });
+    return query;
+  };
+  const applySorting = (query, sort) => {
+    if (sort) {
+      query = query.orderBy(sort.field, sort.direction.toLowerCase());
+    }
+    return query;
+  };
+  return {
+    [`${tableNameSingular}ById`]: async (_, args, context, info) => {
+      const { db: db3 } = context;
+      const requestedFields = getRequestedFields(info);
+      const sanitizedFields = sanitizeRequestedFields(table, requestedFields);
+      let query = db3.from(tableNamePlural).select(sanitizedFields).where({ id: args.id });
+      query = applyAccessControl(table, context.user, query);
+      let result = await query.first();
+      return finalizeRequestedFields({ table, requestedFields, agents, contexts, tools, result });
     },
-    {
-      name: "target_resource_id",
-      type: "uuid",
-      required: true
+    [`${tableNameSingular}ByIds`]: async (_, args, context, info) => {
+      const { db: db3 } = context;
+      const requestedFields = getRequestedFields(info);
+      const sanitizedFields = sanitizeRequestedFields(table, requestedFields);
+      let query = db3.from(tableNamePlural).select(sanitizedFields).whereIn("id", args.ids);
+      query = applyAccessControl(table, context.user, query);
+      let result = await query;
+      return finalizeRequestedFields({ table, requestedFields, agents, contexts, tools, result });
     },
-    {
-      name: "role_id",
-      type: "uuid"
+    [`${tableNameSingular}One`]: async (_, args, context, info) => {
+      const { filters = [], sort } = args;
+      const { db: db3 } = context;
+      const requestedFields = getRequestedFields(info);
+      const sanitizedFields = sanitizeRequestedFields(table, requestedFields);
+      let query = db3.from(tableNamePlural).select(sanitizedFields);
+      query = applyFilters(query, filters);
+      query = applyAccessControl(table, context.user, query);
+      query = applySorting(query, sort);
+      let result = await query.first();
+      return finalizeRequestedFields({ table, requestedFields, agents, contexts, tools, result });
     },
-    {
-      name: "user_id",
-      type: "number"
+    [`${tableNamePlural}Pagination`]: async (_, args, context, info) => {
+      const { limit = 10, page = 0, filters = [], sort } = args;
+      const { db: db3 } = context;
+      let countQuery = db3(tableNamePlural);
+      countQuery = applyFilters(countQuery, filters);
+      countQuery = applyAccessControl(table, context.user, countQuery);
+      console.log("countQuery", countQuery);
+      const countResult = await countQuery.count("* as count");
+      const itemCount = Number(countResult[0]?.count || 0);
+      const pageCount = Math.ceil(itemCount / limit);
+      const currentPage = page;
+      const hasPreviousPage = currentPage > 1;
+      const hasNextPage = currentPage < pageCount - 1;
+      let dataQuery = db3(tableNamePlural);
+      dataQuery = applyFilters(dataQuery, filters);
+      dataQuery = applyAccessControl(table, context.user, dataQuery);
+      const requestedFields = getRequestedFields(info);
+      dataQuery = applySorting(dataQuery, sort);
+      if (page > 1) {
+        dataQuery = dataQuery.offset((page - 1) * limit);
+      }
+      const sanitizedFields = sanitizeRequestedFields(table, requestedFields);
+      let items = await dataQuery.select(sanitizedFields).limit(limit);
+      return {
+        pageInfo: {
+          pageCount,
+          itemCount,
+          currentPage,
+          hasPreviousPage,
+          hasNextPage
+        },
+        items: finalizeRequestedFields({ table, requestedFields, agents, contexts, tools, result: items })
+      };
     },
-    {
-      name: "rights",
-      type: "text",
-      required: true
+    // Add generic statistics query for all tables
+    [`${tableNamePlural}Statistics`]: async (_, args, context, info) => {
+      const { filters = [], groupBy } = args;
+      const { db: db3 } = context;
+      let query = db3(tableNamePlural);
+      query = applyFilters(query, filters);
+      query = applyAccessControl(table, context.user, query);
+      if (groupBy) {
+        query = query.select(groupBy).groupBy(groupBy);
+        if (tableNamePlural === "tracking") {
+          query = query.sum("total as count");
+        } else {
+          query = query.count("* as count");
+        }
+        const results = await query;
+        console.log("!!! results !!!", results);
+        return results.map((r) => ({
+          group: r[groupBy],
+          count: r.count ? Number(r.count) : 0
+        }));
+      } else {
+        if (tableNamePlural === "tracking") {
+          query = query.sum("total as count");
+          const [{ count }] = await query.sum("total as count");
+          console.log("!!! count !!!", count);
+          return [{
+            group: "total",
+            count: count ? Number(count) : 0
+          }];
+        } else {
+          const [{ count }] = await query.count("* as count");
+          return [{
+            group: "total",
+            count: count ? Number(count) : 0
+          }];
+        }
+      }
     }
-  ]
+  };
+}
+var RBACResolver = async (db3, table, entityName, resourceId, rights_mode) => {
+  const rbacRecords = await db3.from("rbac").where({
+    entity: entityName,
+    target_resource_id: resourceId
+  }).select("*");
+  const users = rbacRecords.filter((r) => r.access_type === "User").map((r) => ({ id: r.user_id, rights: r.rights }));
+  const roles = rbacRecords.filter((r) => r.access_type === "Role").map((r) => ({ id: r.role_id, rights: r.rights }));
+  let type = rights_mode || "private";
+  if (type === "users" && users.length === 0) type = "private";
+  if (type === "roles" && roles.length === 0) type = "private";
+  return {
+    type,
+    users,
+    roles
+  };
 };
-var addRBACfields = (schema) => {
-  if (schema.RBAC) {
-    console.log(`[EXULU] Adding rights_mode field to ${schema.name.plural} table.`);
-    schema.fields.push({
-      name: "rights_mode",
-      type: "text",
-      required: false,
-      default: "private"
+function createSDL(tables, contexts, agents, tools) {
+  const contextSchemas = [];
+  console.log("============= Agents =============", agents?.length);
+  contexts.forEach((context) => {
+    const tableName = getTableName(context.name);
+    const definition = {
+      name: {
+        singular: tableName,
+        plural: tableName?.endsWith("s") ? tableName : tableName + "s"
+      },
+      RBAC: true,
+      fields: context.fields.map((field) => ({
+        name: sanitizeName(field.name),
+        type: field.type
+      }))
+    };
+    contextSchemas.push(addRBACfields(definition));
+  });
+  contextSchemas.forEach((contextSchema) => {
+    contextSchema.fields.push({
+      // important: the contexts use the default knex timestamp 
+      // fields which are different to the regular 
+      // ExuluTableDefinition, i.e. created_at vs. createdAt.
+      name: "created_at",
+      type: "date"
     });
-    schema.fields.push({
-      name: "created_by",
-      type: "number",
-      required: true,
-      default: 0
+    contextSchema.fields.push({
+      name: "updated_at",
+      type: "date"
+    });
+    contextSchema.fields.push({
+      name: "name",
+      type: "text"
+    });
+    contextSchema.fields.push({
+      name: "description",
+      type: "text"
+    });
+    contextSchema.fields.push({
+      name: "tags",
+      type: "text"
+    });
+    contextSchema.fields.push({
+      name: "archived",
+      type: "boolean"
+    });
+  });
+  tables.forEach((table) => {
+    table.fields.push({
+      name: "createdAt",
+      type: "date"
+    });
+    table.fields.push({
+      name: "updatedAt",
+      type: "date"
     });
+  });
+  tables = [...tables, ...contextSchemas];
+  console.log("[EXULU] Creating SDL");
+  let typeDefs = `
+    scalar JSON
+    scalar Date
+    
+    type RBACData {
+      type: String!
+      users: [RBACUser!]
+      roles: [RBACRole!]
+    }
+    
+    type RBACUser {
+      id: ID!
+      rights: String!
+    }
+    
+    type RBACRole {
+      id: ID!
+      rights: String!
+    }
+    
+    input RBACInput {
+      users: [RBACUserInput!]
+      roles: [RBACRoleInput!]
+    }
+    
+    input RBACUserInput {
+      id: ID!
+      rights: String!
+    }
+    
+    input RBACRoleInput {
+      id: ID!
+      rights: String!
+    }
+    
+    type Query {
+    `;
+  let mutationDefs = `
+    type Mutation {
+    `;
+  let modelDefs = "";
+  const resolvers = { JSON: GraphQLJSON, Date: GraphQLDate, Query: {}, Mutation: {} };
+  for (const table of tables) {
+    if (table.graphql === false) {
+      continue;
+    }
+    const tableNamePlural = table.name.plural.toLowerCase();
+    const tableNameSingular = table.name.singular.toLowerCase();
+    const tableNameSingularUpperCaseFirst = table.name.singular.charAt(0).toUpperCase() + table.name.singular.slice(1);
+    console.log("[EXULU] Adding table >>>>>", tableNamePlural);
+    typeDefs += `
+      ${tableNameSingular}ById(id: ID!): ${tableNameSingular}
+      ${tableNameSingular}ByIds(ids: [ID!]!): [${tableNameSingular}]!
+      ${tableNamePlural}Pagination(limit: Int, page: Int, filters: [Filter${tableNameSingularUpperCaseFirst}], sort: SortBy): ${tableNameSingularUpperCaseFirst}PaginationResult
+      ${tableNameSingular}One(filters: [Filter${tableNameSingularUpperCaseFirst}], sort: SortBy): ${tableNameSingular}
+      ${tableNamePlural}Statistics(filters: [Filter${tableNameSingularUpperCaseFirst}], groupBy: String): [StatisticsResult]!
+    `;
+    mutationDefs += `
+      ${tableNamePlural}CreateOne(input: ${tableNameSingular}Input!): ${tableNameSingular}
+      ${tableNamePlural}UpdateOne(where: JSON!, input: ${tableNameSingular}Input!): ${tableNameSingular}
+      ${tableNamePlural}UpdateOneById(id: ID!, input: ${tableNameSingular}Input!): ${tableNameSingular}
+      ${tableNamePlural}RemoveOneById(id: ID!): ${tableNameSingular}
+    `;
+    modelDefs += createTypeDefs(table);
+    modelDefs += createFilterTypeDefs(table);
+    modelDefs += `
+type ${tableNameSingularUpperCaseFirst}PaginationResult {
+  pageInfo: PageInfo!
+  items: [${tableNameSingular}]!
+}
+type PageInfo {
+  pageCount: Int!
+  itemCount: Int!
+  currentPage: Int!
+  hasPreviousPage: Boolean!
+  hasNextPage: Boolean!
+}
+`;
+    Object.assign(resolvers.Query, createQueries(table, agents, tools, contexts));
+    Object.assign(resolvers.Mutation, createMutations(table, agents, contexts, tools));
+    if (table.RBAC) {
+      const rbacResolverName = table.name.singular;
+      if (!resolvers[rbacResolverName]) {
+        resolvers[rbacResolverName] = {};
+      }
+      resolvers[rbacResolverName].RBAC = async (parent, args, context) => {
+        const { db: db3 } = context;
+        const resourceId = parent.id;
+        const entityName = table.name.singular;
+        const rights_mode = parent.rights_mode;
+        return RBACResolver(db3, table, entityName, resourceId, rights_mode);
+      };
+    }
   }
+  typeDefs += `
+   providers: ProviderPaginationResult
+    `;
+  typeDefs += `
+    contexts: ContextPaginationResult
+    `;
+  typeDefs += `
+    contextById(id: ID!): Context
+    `;
+  typeDefs += `
+   tools: ToolPaginationResult
+    `;
+  resolvers.Query["providers"] = async (_, args, context, info) => {
+    const requestedFields = getRequestedFields(info);
+    return {
+      items: agents.map((agent) => {
+        const object = {};
+        requestedFields.forEach((field) => {
+          object[field] = agent[field];
+        });
+        return object;
+      })
+    };
+  };
+  resolvers.Query["contexts"] = async (_, args, context, info) => {
+    const data = contexts.map((context2) => ({
+      id: context2.id,
+      name: context2.name,
+      description: context2.description,
+      embedder: context2.embedder?.name || void 0,
+      slug: "/contexts/" + context2.id,
+      active: context2.active,
+      fields: context2.fields.map((field) => {
+        return {
+          ...field,
+          name: sanitizeName(field.name),
+          label: field.name
+        };
+      })
+    }));
+    const requestedFields = getRequestedFields(info);
+    return {
+      items: data.map((context2) => {
+        const object = {};
+        requestedFields.forEach((field) => {
+          object[field] = context2[field];
+        });
+        return object;
+      })
+    };
+  };
+  resolvers.Query["contextById"] = async (_, args, context, info) => {
+    let data = contexts.find((context2) => context2.id === args.id);
+    if (!data) {
+      return null;
+    }
+    const clean = {
+      id: data.id,
+      name: data.name,
+      description: data.description,
+      embedder: data.embedder?.name || void 0,
+      slug: "/contexts/" + data.id,
+      active: data.active,
+      fields: data.fields.map((field) => {
+        return {
+          ...field,
+          name: sanitizeName(field.name),
+          label: field.name
+        };
+      }),
+      configuration: data.configuration
+    };
+    const requestedFields = getRequestedFields(info);
+    const mapped = {};
+    requestedFields.forEach((field) => {
+      mapped[field] = clean[field];
+    });
+    return mapped;
+  };
+  resolvers.Query["tools"] = async (_, args, context, info) => {
+    const requestedFields = getRequestedFields(info);
+    return {
+      items: tools.map((tool2) => {
+        const object = {};
+        requestedFields.forEach((field) => {
+          object[field] = tool2[field];
+        });
+        return object;
+      })
+    };
+  };
+  modelDefs += `
+    type ProviderPaginationResult {
+    items: [Provider]!
+    }
+    `;
+  modelDefs += `
+    type ContextPaginationResult {
+    items: [Context]!
+    }
+    `;
+  modelDefs += `
+    type ToolPaginationResult {
+    items: [Tool]!
+    }
+    `;
+  typeDefs += "}\n";
+  mutationDefs += "}\n";
+  const genericTypes = `
+
+type RateLimiterRule {
+    name: String
+    rate_limit: RateLimiterRuleRateLimit
+}
+
+type RateLimiterRuleRateLimit {
+    time: Int
+    limit: Int
+}
+
+type AgentCapabilities {
+    text: Boolean
+    images: [String]
+    files: [String]
+    audio: [String]
+    video: [String]
+}
+
+type Provider {
+  id: ID!
+  name: String!
+  description: String
+  providerName: String
+  modelName: String
+  type: EnumProviderType!
+}
+
+type Context {
+    id: ID!
+    name: String!
+    description: String
+    embedder: String
+    slug: String
+    active: Boolean
+    fields: JSON
+    configuration: JSON
+}
+
+type ContextField {
+    name: String!
+    type: String!
+    unique: Boolean
+    label: String
+}
+
+type Tool {
+  id: ID!
+  name: String!
+  description: String
+  type: String
+  config: JSON
+}
+
+enum EnumProviderType {
+  agent
+  custom
+}
+
+type StatisticsResult {
+  group: String!
+  count: Int!
+}
+`;
+  const fullSDL = typeDefs + mutationDefs + modelDefs + genericTypes;
+  const schema = makeExecutableSchema({
+    typeDefs: fullSDL,
+    resolvers
+  });
+  console.log("\n\u{1F4CA} GraphQL Schema Overview\n");
+  const queriesTable = Object.keys(resolvers.Query).map((query) => ({
+    "Operation Type": "Query",
+    "Name": query,
+    "Description": "Retrieves data"
+  }));
+  const mutationsTable = Object.keys(resolvers.Mutation).map((mutation) => ({
+    "Operation Type": "Mutation",
+    "Name": mutation,
+    "Description": "Modifies data"
+  }));
+  const typesTable = tables.flatMap(
+    (table) => table.fields.map((field) => ({
+      "Type": table.name.singular,
+      "Field": field.name,
+      "Field Type": field.type,
+      "Required": field.required ? "Yes" : "No"
+    }))
+  );
+  console.log("\u{1F50D} Operations:");
+  console.table([...queriesTable, ...mutationsTable]);
+  console.log("\n\u{1F4DD} Types and Fields:");
+  console.table(typesTable);
+  console.log("\n");
   return schema;
+}
+var encryptSensitiveFields = (input) => {
+  if (input.value && input.encrypted === true) {
+    input.value = CryptoJS2.AES.encrypt(input.value, process.env.NEXTAUTH_SECRET).toString();
+  }
+  return input;
 };
-var coreSchemas = {
-  get: () => {
-    return {
-      agentsSchema: () => addRBACfields(agentsSchema),
-      agentMessagesSchema: () => addRBACfields(agentMessagesSchema),
-      agentSessionsSchema: () => addRBACfields(agentSessionsSchema),
-      usersSchema: () => addRBACfields(usersSchema),
-      rolesSchema: () => addRBACfields(rolesSchema),
-      statisticsSchema: () => addRBACfields(statisticsSchema),
-      evalResultsSchema: () => addRBACfields(evalResultsSchema),
-      jobsSchema: () => addRBACfields(jobsSchema),
-      variablesSchema: () => addRBACfields(variablesSchema),
-      rbacSchema: () => addRBACfields(rbacSchema),
-      workflowTemplatesSchema: () => addRBACfields(workflowTemplatesSchema)
-    };
+var validateCreateOrRemoveSuperAdminPermission = async (tableNamePlural, input, req) => {
+  if (tableNamePlural === "users" && input.super_admin !== void 0) {
+    const authResult = await requestValidators.authenticate(req);
+    if (authResult.error || !authResult.user) {
+      throw new Error("Authentication failed");
+    }
+    if (!authResult.user.super_admin) {
+      throw new Error("Only super administrators can modify super_admin status");
+    }
   }
 };
 
+// src/registry/routes.ts
+import { expressMiddleware } from "@as-integrations/express5";
+
 // src/registry/uppy.ts
 import "express";
 var createUppyRoutes = async (app) => {
@@ -3650,7 +3884,7 @@ var CLAUDE_MESSAGES = {
 \x1B[41m -- Anthropic token variable set by your admin is not encrypted. This poses a security risk. Please contact your admin to fix the variable used for your key. --
 \x1B[0m`,
   anthropic_token_variable_not_found: `
-\x1B[41m -- Anthropic token variable not found. Please contact to fix the variable used for your key. --
+\x1B[41m -- Anthropic token variable not found. Please contact your Exulu adminto fix the variable used for your key. --
 \x1B[0m`,
   authentication_error: `
 \x1B[41m -- Authentication error please check your IMP token and try again. --
@@ -3679,11 +3913,24 @@ Intelligence Management Platform
 import OpenAI from "openai";
 import fs2 from "fs";
 import { randomUUID } from "crypto";
+import "@opentelemetry/api";
 var REQUEST_SIZE_LIMIT = "50mb";
 var global_queues = {
   logs_cleaner: "logs-cleaner"
 };
-var { agentsSchema: agentsSchema2, evalResultsSchema: evalResultsSchema2, jobsSchema: jobsSchema2, agentSessionsSchema: agentSessionsSchema2, agentMessagesSchema: agentMessagesSchema2, rolesSchema: rolesSchema2, usersSchema: usersSchema2, variablesSchema: variablesSchema2, workflowTemplatesSchema: workflowTemplatesSchema2, rbacSchema: rbacSchema2, statisticsSchema: statisticsSchema2 } = coreSchemas.get();
+var {
+  agentsSchema: agentsSchema2,
+  evalResultsSchema: evalResultsSchema2,
+  jobsSchema: jobsSchema2,
+  agentSessionsSchema: agentSessionsSchema2,
+  agentMessagesSchema: agentMessagesSchema2,
+  rolesSchema: rolesSchema2,
+  usersSchema: usersSchema2,
+  variablesSchema: variablesSchema2,
+  workflowTemplatesSchema: workflowTemplatesSchema2,
+  rbacSchema: rbacSchema2,
+  statisticsSchema: statisticsSchema2
+} = coreSchemas.get();
 var createRecurringJobs = async () => {
   console.log("[EXULU] creating recurring jobs.");
   const recurringJobSchedulersLogs = [];
@@ -3717,8 +3964,9 @@ var createRecurringJobs = async () => {
   console.table(recurringJobSchedulersLogs);
   return queue;
 };
-var createExpressRoutes = async (app, agents, tools, contexts) => {
+var createExpressRoutes = async (app, logger, agents, tools, contexts, config, tracer) => {
   const routeLogs = [];
+  console.log("============= agents =============", agents?.length);
   var corsOptions = {
     origin: "*",
     exposedHeaders: "*",
@@ -3752,25 +4000,18 @@ var createExpressRoutes = async (app, agents, tools, contexts) => {
   }));
   console.log("Contexts:");
   console.table(contexts.map((context) => {
-    const sources = context.sources.get();
     return {
       id: context.id,
       name: context.name,
       description: context.description,
-      embedder: context.embedder.name,
+      embedder: context.embedder?.name || void 0,
       slug: "/contexts/" + context.id,
-      active: context.active,
-      sources: Array.isArray(sources) ? sources.length : 0,
-      sources_details: Array.isArray(sources) ? sources.map((source) => `${source.name} (${source.id})`).join(", ") : "No sources"
+      active: context.active
     };
   }));
   routeLogs.push(
-    { route: "/agents", method: "GET", note: "List all agents" },
-    { route: "/agents/:id", method: "GET", note: "Get specific agent" },
     { route: "/contexts", method: "GET", note: "List all contexts" },
     { route: "/contexts/:id", method: "GET", note: "Get specific context" },
-    { route: "/tools", method: "GET", note: "List all tools" },
-    { route: "/tools/:id", method: "GET", note: "Get specific tool" },
     { route: "/items/:context", method: "POST", note: "Create new item in context" },
     { route: "/items/:context", method: "GET", note: "Get items from context" },
     { route: "/items/export/:context", method: "GET", note: "Export items from context" },
@@ -3781,21 +4022,19 @@ var createExpressRoutes = async (app, agents, tools, contexts) => {
   } else {
     console.log("===========================", "[EXULU] no redis server configured, not setting up recurring jobs.", "===========================");
   }
-  const schema = createSDL(
-    [
-      usersSchema2(),
-      rolesSchema2(),
-      agentsSchema2(),
-      jobsSchema2(),
-      evalResultsSchema2(),
-      agentSessionsSchema2(),
-      agentMessagesSchema2(),
-      variablesSchema2(),
-      workflowTemplatesSchema2(),
-      statisticsSchema2(),
-      rbacSchema2()
-    ]
-  );
+  const schema = createSDL([
+    usersSchema2(),
+    rolesSchema2(),
+    agentsSchema2(),
+    jobsSchema2(),
+    evalResultsSchema2(),
+    agentSessionsSchema2(),
+    agentMessagesSchema2(),
+    variablesSchema2(),
+    workflowTemplatesSchema2(),
+    statisticsSchema2(),
+    rbacSchema2()
+  ], contexts, agents, tools);
   console.log("[EXULU] graphql server");
   const server = new ApolloServer({
     cache: new InMemoryLRUCache(),
@@ -3811,6 +4050,16 @@ var createExpressRoutes = async (app, agents, tools, contexts) => {
     express.json({ limit: REQUEST_SIZE_LIMIT }),
     expressMiddleware(server, {
       context: async ({ req }) => {
+        logger.info("================");
+        logger.info({
+          message: "Incoming Request",
+          method: req.method,
+          path: req.path,
+          requestId: "req-" + Date.now(),
+          ipAddress: req.ip,
+          userAgent: req.get("User-Agent")
+        });
+        logger.info("================");
         const authenticationResult = await requestValidators.authenticate(req);
         if (!authenticationResult.user?.id) {
           throw new Error(authenticationResult.message);
@@ -3824,113 +4073,6 @@ var createExpressRoutes = async (app, agents, tools, contexts) => {
       }
     })
   );
-  app.get(`/providers`, async (req, res) => {
-    const authenticationResult = await requestValidators.authenticate(req);
-    if (!authenticationResult.user?.id) {
-      res.status(authenticationResult.code || 500).json({ detail: `${authenticationResult.message}` });
-      return;
-    }
-    res.status(200).json(agents);
-  });
-  app.get(`/agents`, async (req, res) => {
-    const authenticationResult = await requestValidators.authenticate(req);
-    if (!authenticationResult.user?.id) {
-      res.status(authenticationResult.code || 500).json({ detail: `${authenticationResult.message}` });
-      return;
-    }
-    const { db: db3 } = await postgresClient();
-    let query = db3("agents");
-    query.select("*");
-    query = applyAccessControl(agentsSchema2(), authenticationResult.user, query);
-    const agentsFromDb = await query;
-    res.status(200).json(agentsFromDb.map((agent) => {
-      const backend = agents.find((a) => a.id === agent.backend);
-      if (!backend) {
-        return null;
-      }
-      return {
-        name: agent.name,
-        id: agent.id,
-        description: agent.description,
-        provider: backend.providerName,
-        model: backend.modelName,
-        active: agent.active,
-        type: agent.type,
-        rights_mode: agent.rights_mode,
-        slug: backend?.slug,
-        rateLimit: backend?.rateLimit,
-        image: agent.image,
-        streaming: backend?.streaming,
-        capabilities: backend?.capabilities,
-        RBAC: agent.RBAC,
-        // todo add contexts
-        availableTools: tools,
-        enabledTools: agent.tools
-      };
-    }).filter(Boolean));
-  });
-  app.get(`/agents/:id`, async (req, res) => {
-    const authenticationResult = await requestValidators.authenticate(req);
-    if (!authenticationResult.user?.id) {
-      res.status(authenticationResult.code || 500).json({ detail: `${authenticationResult.message}` });
-      return;
-    }
-    const { db: db3 } = await postgresClient();
-    const id = req.params.id;
-    if (!id) {
-      res.status(400).json({
-        message: "Missing id in request."
-      });
-      return;
-    }
-    let query = db3("agents");
-    query.select("*");
-    query = applyAccessControl(agentsSchema2(), authenticationResult.user, query);
-    query.where({ id });
-    const agent = await query.first();
-    if (!agent) {
-      res.status(400).json({
-        message: "Agent not found in database."
-      });
-      return;
-    }
-    console.log("[EXULU] agent", agent);
-    const backend = agents.find((a) => a.id === agent.backend);
-    console.log("[EXULU] agent", agent);
-    const RBAC = await RBACResolver(db3, agentsSchema2(), agentsSchema2().name.singular, agent.id, agent.rights_mode);
-    res.status(200).json({
-      ...{
-        name: agent.name,
-        id: agent.id,
-        description: agent.description,
-        provider: backend?.model?.create({ apiKey: "" }).provider,
-        model: backend?.model?.create({ apiKey: "" }).modelId,
-        active: agent.active,
-        public: agent.public,
-        image: agent.image,
-        type: agent.type,
-        rights_mode: agent.rights_mode,
-        slug: backend?.slug,
-        rateLimit: backend?.rateLimit,
-        streaming: backend?.streaming,
-        RBAC,
-        capabilities: backend?.capabilities,
-        providerApiKey: agent.providerApiKey,
-        // todo add contexts
-        availableTools: tools,
-        enabledTools: agent.tools
-      }
-    });
-  });
-  app.get("/tools", async (req, res) => {
-    res.status(200).json(tools.map((tool2) => ({
-      id: tool2.id,
-      name: tool2.name,
-      description: tool2.description,
-      type: tool2.type || "tool",
-      inputSchema: tool2.inputSchema ? zerialize(tool2.inputSchema) : null
-    })));
-  });
   app.post("/generate/agent/image", async (req, res) => {
     console.log("[EXULU] generate/agent/image", req.body);
     const authenticationResult = await requestValidators.authenticate(req);
@@ -4022,23 +4164,6 @@ Mood: friendly and intelligent.
       image: `${process.env.BACKEND}/${uuid}.png`
     });
   });
-  app.get("/tools/:id", async (req, res) => {
-    const id = req.params.id;
-    if (!id) {
-      res.status(400).json({
-        message: "Missing id in request."
-      });
-      return;
-    }
-    const tool2 = tools.find((tool3) => tool3.id === id);
-    if (!tool2) {
-      res.status(400).json({
-        message: "Tool not found."
-      });
-      return;
-    }
-    res.status(200).json(tool2);
-  });
   const deleteItem = async ({
     id,
     external_id,
@@ -4057,9 +4182,9 @@ Mood: friendly and intelligent.
     }
     const exists = await context.tableExists();
     if (!exists) {
-      throw new Error("Table with name " + context.getTableName() + " does not exist.");
+      throw new Error("Table with name " + getTableName(context.name) + " does not exist.");
     }
-    const query = db3.from(context.getTableName()).select("id");
+    const query = db3.from(getTableName(context.name)).select("id");
     if (id) {
       query.where({ id });
     }
@@ -4070,11 +4195,13 @@ Mood: friendly and intelligent.
     if (!item) {
       return null;
     }
-    const chunks = await db3.from(context.getChunksTableName()).where({ source: item.id }).select("id");
-    if (chunks.length > 0) {
-      await db3.from(context.getChunksTableName()).where({ source: item.id }).delete();
+    if (context.embedder) {
+      const chunks = await db3.from(getChunksTableName(context.name)).where({ source: item.id }).select("id");
+      if (chunks.length > 0) {
+        await db3.from(getChunksTableName(context.name)).where({ source: item.id }).delete();
+      }
     }
-    const mutation = db3.from(context.getTableName()).where({ id: item.id }).delete().returning("id");
+    const mutation = db3.from(getTableName(context.name)).where({ id: item.id }).delete().returning("id");
     const result = await mutation;
     return result;
   };
@@ -4141,19 +4268,25 @@ Mood: friendly and intelligent.
     if (!itemsTableExists) {
       await context.createItemsTable();
     }
-    const chunksTableExists = await db3.schema.hasTable(context.getChunksTableName());
-    if (!chunksTableExists) {
+    const chunksTableExists = await db3.schema.hasTable(getChunksTableName(context.name));
+    if (!chunksTableExists && context.embedder) {
       await context.createChunksTable();
     }
-    const item = await db3.from(context.getTableName()).where({ id: req.params.id }).select("*").first();
+    const item = await db3.from(getTableName(context.name)).where({ id: req.params.id }).select("*").first();
     if (!item) {
       res.status(404).json({
         message: "Item not found."
       });
       return;
     }
-    console.log("[EXULU] chunks table name.", context.getChunksTableName());
-    const chunks = await db3.from(context.getChunksTableName()).where({ source: req.params.id }).select("id", "content", "source", "embedding", "chunk_index", "created_at", "updated_at");
+    if (!context.embedder) {
+      res.status(200).json({
+        ...item
+      });
+      return;
+    }
+    console.log("[EXULU] chunks table name.", getChunksTableName(context.name));
+    const chunks = await db3.from(getChunksTableName(context.name)).where({ source: req.params.id }).select("id", "content", "source", "embedding", "chunk_index", "created_at", "updated_at");
     console.log("[EXULU] chunks", chunks);
     res.status(200).json({
       ...item,
@@ -4197,7 +4330,15 @@ Mood: friendly and intelligent.
     if (!exists) {
       await context.createItemsTable();
     }
-    const result = await context.updateItem(authenticationResult.user.id, req.params.id, req.body, authenticationResult.user.role?.id);
+    const result = await context.updateItem(
+      authenticationResult.user.id,
+      {
+        ...req.body,
+        id: req.params.id
+      },
+      authenticationResult.user.role?.id,
+      authenticationResult.user.type === "api" ? "api" : "user"
+    );
     res.status(200).json({
       message: "Item updated successfully.",
       id: result
@@ -4244,7 +4385,13 @@ Mood: friendly and intelligent.
         await context.createItemsTable();
       }
       console.log("[EXULU] inserting item", req.body);
-      const result = await context.insertItem(authenticationResult.user.id, req.body, !!req.body.upsert, authenticationResult.user.role?.id);
+      const result = await context.insertItem(
+        authenticationResult.user.id,
+        req.body,
+        !!req.body.upsert,
+        authenticationResult.user.role?.id,
+        authenticationResult.user.type === "api" ? "api" : "user"
+      );
       console.log("[EXULU] result", result);
       res.status(200).json({
         message: "Item created successfully.",
@@ -4320,72 +4467,6 @@ Mood: friendly and intelligent.
     });
     res.status(200).json(result);
   });
-  routeLogs.push({
-    route: "/items/:context",
-    method: "DELETE",
-    note: `Delete all embeddings for a context.`
-  });
-  app.delete(`items/:context`, async (req, res) => {
-    if (!req.params.context) {
-      res.status(400).json({
-        message: "Missing context in request."
-      });
-      return;
-    }
-    const context = contexts.find((context2) => context2.id === req.params.context);
-    if (!context) {
-      res.status(400).json({
-        message: "Context not found in registry."
-      });
-      return;
-    }
-    const authenticationResult = await requestValidators.authenticate(req);
-    if (!authenticationResult.user?.id) {
-      res.status(authenticationResult.code || 500).json({ detail: `${authenticationResult.message}` });
-      return;
-    }
-    await context.deleteAll();
-    res.status(200).json({
-      message: "All embeddings deleted."
-    });
-  });
-  routeLogs.push({
-    route: `/items/:context/:id`,
-    method: "DELETE",
-    note: `Delete specific embedding for a context.`
-  });
-  console.log("[EXULU] delete embedding by id");
-  app.delete(`items/:context/:id`, async (req, res) => {
-    const id = req.params.id;
-    if (!req.params.context) {
-      res.status(400).json({
-        message: "Missing context in request."
-      });
-      return;
-    }
-    const context = contexts.find((context2) => context2.id === req.params.context);
-    if (!context) {
-      res.status(400).json({
-        message: "Context not found in registry."
-      });
-      return;
-    }
-    if (!id) {
-      res.status(400).json({
-        message: "Missing id in request."
-      });
-      return;
-    }
-    const authenticationResult = await requestValidators.authenticate(req);
-    if (!authenticationResult.user?.id) {
-      res.status(authenticationResult.code || 500).json({ detail: `${authenticationResult.message}` });
-      return;
-    }
-    await context.deleteOne(id);
-    res.status(200).json({
-      message: "Embedding deleted."
-    });
-  });
   app.get("/ping", async (req, res) => {
     const authenticationResult = await requestValidators.authenticate(req);
     if (!authenticationResult.user?.id) {
@@ -4398,136 +4479,6 @@ Mood: friendly and intelligent.
       authenticated: true
     });
   });
-  console.log("[EXULU] context by id");
-  app.get(`/contexts/:id`, async (req, res) => {
-    const authenticationResult = await requestValidators.authenticate(req);
-    if (!authenticationResult.user?.id) {
-      res.status(authenticationResult.code || 500).json({ detail: `${authenticationResult.message}` });
-      return;
-    }
-    const id = req.params.id;
-    if (!id) {
-      res.status(400).json({
-        message: "Missing id in request."
-      });
-      return;
-    }
-    const context = contexts.find((context2) => context2.id === id);
-    if (!context) {
-      res.status(400).json({
-        message: "Context not found."
-      });
-      return;
-    }
-    res.status(200).json({
-      ...{
-        id: context.id,
-        name: context.name,
-        description: context.description,
-        embedder: context.embedder.name,
-        slug: "/contexts/" + context.id,
-        active: context.active,
-        fields: context.fields,
-        configuration: context.configuration,
-        sources: context.sources.get().map((source) => ({
-          id: source.id,
-          name: source.name,
-          description: source.description,
-          updaters: source.updaters.map((updater) => ({
-            id: updater.id,
-            slug: updater.slug,
-            type: updater.type,
-            configuration: updater.configuration
-          }))
-        }))
-      },
-      agents: []
-      // todo
-    });
-  });
-  console.log("[EXULU] items export by context");
-  app.get(`/items/export/:context`, async (req, res) => {
-    if (!req.params.context) {
-      res.status(400).json({
-        message: "Missing context in request."
-      });
-      return;
-    }
-    const authenticationResult = await requestValidators.authenticate(req);
-    if (!authenticationResult.user?.id) {
-      res.status(authenticationResult.code || 500).json({ detail: `${authenticationResult.message}` });
-      return;
-    }
-    const context = contexts.find((context2) => context2.id === req.params.context);
-    if (!context) {
-      res.status(400).json({
-        message: "Context not found."
-      });
-      return;
-    }
-    const items = await context.getItems({
-      page: 1,
-      // todo add pagination
-      user: authenticationResult.user?.id,
-      role: authenticationResult.user?.role?.id,
-      limit: 500
-    });
-    const csv = Papa.unparse(items);
-    const ISOTime = (/* @__PURE__ */ new Date()).toISOString();
-    res.status(200).attachment(`${context.name}-items-export-${ISOTime}.csv`).send(csv);
-  });
-  console.log("[EXULU] contexts get list");
-  app.get(`/contexts`, async (req, res) => {
-    const authenticationResult = await requestValidators.authenticate(req);
-    if (!authenticationResult.user?.id) {
-      res.status(authenticationResult.code || 500).json({ detail: `${authenticationResult.message}` });
-      return;
-    }
-    res.status(200).json(contexts.map((context) => ({
-      id: context.id,
-      name: context.name,
-      description: context.description,
-      embedder: context.embedder.name,
-      slug: "/contexts/" + context.id,
-      active: context.active,
-      fields: context.fields,
-      sources: context.sources.get().map((source) => ({
-        id: source.id,
-        name: source.name,
-        description: source.description,
-        updaters: source.updaters.map((updater) => ({
-          id: updater.id,
-          slug: updater.slug,
-          type: updater.type,
-          configuration: updater.configuration
-        }))
-      }))
-    })));
-  });
-  console.log("[EXULU] contexts");
-  contexts.forEach((context) => {
-    const sources = context.sources.get();
-    if (!Array.isArray(sources)) {
-      return;
-    }
-    sources.forEach((source) => {
-      source.updaters.forEach((updater) => {
-        if (!updater.slug) return;
-        if (updater.type === "webhook" || updater.type === "manual") {
-          routeLogs.push({
-            route: `${updater.slug}/${updater.type}/:context`,
-            method: "POST",
-            note: `Webhook updater for ${context.name}`
-          });
-          app.post(`${updater.slug}/${updater.type}/:context`, async (req, res) => {
-            res.status(200).json([]);
-            return;
-          });
-        }
-      });
-    });
-  });
-  console.log("[EXULU] agents");
   agents.forEach((agent) => {
     const slug = agent.slug;
     if (!slug) return;
@@ -4593,7 +4544,7 @@ Mood: friendly and intelligent.
         return;
       }
       console.log("[EXULU] agent tools", agentInstance.tools);
-      const enabledTools = agentInstance.tools.map(({ config, toolId }) => tools.find(({ id }) => id === toolId)).filter(Boolean);
+      const enabledTools = agentInstance.tools ? agentInstance.tools.map(({ config: config2, toolId }) => tools.find(({ id }) => id === toolId)).filter(Boolean) : [];
       console.log("[EXULU] enabled tools", enabledTools);
       const variableName = agentInstance.providerApiKey;
       const variable = await db3.from("variables").where({ name: variableName }).first();
@@ -4799,43 +4750,22 @@ import IORedis from "ioredis";
 import { Worker } from "bullmq";
 
 // src/registry/utils.ts
-import "bullmq";
 var bullmq = {
-  validate: (bullmqJob) => {
-    if (!bullmqJob.data) {
-      throw new Error(`Missing job data for job ${bullmqJob.id}.`);
-    }
-    if (!bullmqJob.data.type) {
-      throw new Error(`Missing property "type" in data for job ${bullmqJob.id}.`);
+  validate: (id, data) => {
+    if (!data) {
+      throw new Error(`Missing job data for job ${id}.`);
     }
-    if (!bullmqJob.data.inputs) {
-      throw new Error(`Missing property "inputs" in data for job ${bullmqJob.id}.`);
+    if (!data.type) {
+      throw new Error(`Missing property "type" in data for job ${id}.`);
     }
-    if (bullmqJob.data.type !== "embedder" && bullmqJob.data.type !== "workflow") {
-      throw new Error(`Property "type" in data for job ${bullmqJob.id} must be of value "embedder" or "workflow".`);
+    if (!data.inputs) {
+      throw new Error(`Missing property "inputs" in data for job ${id}.`);
     }
-    if (!bullmqJob.data.workflow && !bullmqJob.data.embedder) {
-      throw new Error(`Property "backend" in data for job ${bullmqJob.id} missing. Job  data: ${JSON.stringify(bullmqJob)}`);
+    if (data.type !== "embedder" && data.type !== "workflow") {
+      throw new Error(`Property "type" in data for job ${id} must be of value "embedder" or "workflow".`);
     }
-  },
-  process: {
-    workflow: async (bullmqJob, exuluJob, workflow, logsDir) => {
-      if (!workflow) {
-        throw new Error(`Workflow function with id: ${bullmqJob.data.backend} not found in registry.`);
-      }
-      console.log("[EXULU] starting workflow with job inputs.", bullmqJob.data.inputs);
-      const logger = new ExuluLogger(exuluJob, logsDir);
-      const output = await workflow.start({
-        job: exuluJob,
-        inputs: bullmqJob.data.inputs,
-        user: bullmqJob.data.user,
-        logger,
-        session: bullmqJob.data.session,
-        agent: bullmqJob.data.agent,
-        label: bullmqJob.data.label
-      });
-      await logger.write(`Workflow completed. ${JSON.stringify(output)}`, "INFO");
-      return output;
+    if (!data.workflow && !data.embedder) {
+      throw new Error(`Either a workflow or embedder must be set for job ${id}.`);
     }
   }
 };
@@ -4843,9 +4773,10 @@ var bullmq = {
 // src/registry/workers.ts
 import * as fs3 from "fs";
 import path2 from "path";
+import "@opentelemetry/api";
 var defaultLogsDir = path2.join(process.cwd(), "logs");
 var redisConnection;
-var createWorkers = async (queues2, contexts, _logsDir) => {
+var createWorkers = async (queues2, logger, contexts, _logsDir, tracer) => {
   if (!redisServer.host || !redisServer.port) {
     console.error("[EXULU] you are trying to start worker, but no redis server is configured in the environment.");
     throw new Error("No redis server configured in the environment, so cannot start worker.");
@@ -4864,82 +4795,27 @@ var createWorkers = async (queues2, contexts, _logsDir) => {
       async (bullmqJob) => {
         const { db: db3 } = await postgresClient();
         try {
-          bullmq.validate(bullmqJob);
-          if (bullmqJob.data.type === "embedder") {
-            if (!bullmqJob.data.updater) {
-              throw new Error("No updater set for embedder job.");
-            }
-            const context = contexts.find((context2) => context2.id === bullmqJob.data.context);
+          const data = bullmqJob.data;
+          bullmq.validate(bullmqJob.id, data);
+          if (data.type === "embedder") {
+            const context = contexts.find((context2) => context2.id === data.context);
             if (!context) {
-              throw new Error(`Context ${bullmqJob.data.context} not found in the registry.`);
+              throw new Error(`Context ${data.context} not found in the registry.`);
             }
-            if (!bullmqJob.data.embedder) {
+            if (!data.embedder) {
               throw new Error(`No embedder set for embedder job.`);
             }
-            const embedder = contexts.find((context2) => context2.embedder?.id === bullmqJob.data.embedder);
+            const embedder = contexts.find((context2) => context2.embedder?.id === data.embedder);
             if (!embedder) {
-              throw new Error(`Embedder ${bullmqJob.data.embedder} not found in the registry.`);
+              throw new Error(`Embedder ${data.embedder} not found in the registry.`);
             }
-            if (!bullmqJob.data.source) {
-              throw new Error("No source set for embedder job.");
-            }
-            const source = context.sources.get(bullmqJob.data.source);
-            if (!source) {
-              throw new Error(`Source ${bullmqJob.data.source} not found in the registry.`);
-            }
-            if (!bullmqJob.data.updater) {
-              throw new Error("No updater set for embedder job.");
-            }
-            const updater = source.updaters.find((updater2) => updater2.id === bullmqJob.data.updater);
-            if (!updater) {
-              throw new Error(`Updater ${bullmqJob.data.updater} not found in the registry.`);
-            }
-            if (!bullmqJob.data.documents) {
-              throw new Error("No input documents set for embedder job.");
-            }
-            if (!Array.isArray(bullmqJob.data.documents)) {
-              throw new Error("Input documents must be an array.");
-            }
-            const result = await embedder.upsert(bullmqJob.data.context, bullmqJob.data.documents, {
-              label: context.name,
-              trigger: bullmqJob.data.trigger || "unknown"
-            });
-            const mongoRecord = await db3.from("jobs").where({ redis: bullmqJob.id }).first();
-            if (!mongoRecord) {
-              throw new Error("Job not found in the database.");
-            }
-            const finishedAt = /* @__PURE__ */ new Date();
-            const duration = (finishedAt.getTime() - new Date(mongoRecord.createdAt).getTime()) / 1e3;
-            await db3.from("jobs").where({ redis: bullmqJob.id }).update({
-              status: "completed",
-              finishedAt,
-              duration,
-              result: JSON.stringify(result)
+            const result = await context.createAndUpsertEmbeddings(data.inputs, data.user, {
+              label: embedder.name,
+              trigger: data.trigger
             });
-            await db3.from((void 0).getTableName()).where({ id: result[0].id }).update({
-              embeddings_updated_at: (/* @__PURE__ */ new Date()).toISOString()
-            }).returning("id");
             return result;
           }
           if (bullmqJob.data.type === "workflow") {
-            const workflow = workflows.find((workflow2) => workflow2.id === bullmqJob.data.workflow);
-            if (!workflow) {
-              throw new Error(`Workflow ${bullmqJob.data.workflow} not found in the registry.`);
-            }
-            const exuluJob = await db3.from("jobs").where({ redis: bullmqJob.id }).first();
-            if (!exuluJob) {
-              throw new Error("Job not found in the database.");
-            }
-            const result = await bullmq.process.workflow(bullmqJob, exuluJob, workflow, logsDir);
-            const finishedAt = /* @__PURE__ */ new Date();
-            const duration = (finishedAt.getTime() - new Date(exuluJob.createdAt).getTime()) / 1e3;
-            await db3.from("jobs").where({ redis: bullmqJob.id }).update({
-              status: "completed",
-              finishedAt,
-              duration,
-              result: JSON.stringify(result)
-            });
-            return result;
           }
         } catch (error) {
           await db3.from("jobs").where({ redis: bullmqJob.id }).update({
@@ -5009,6 +4885,7 @@ import { StreamableHTTPServerTransport } from "@modelcontextprotocol/sdk/server/
 import { isInitializeRequest } from "@modelcontextprotocol/sdk/types.js";
 import { z as z2 } from "zod";
 import "express";
+import "@opentelemetry/api";
 var SESSION_ID_HEADER = "mcp-session-id";
 var ExuluMCP = class {
   server;
@@ -5016,7 +4893,7 @@ var ExuluMCP = class {
   express;
   constructor() {
   }
-  create = async ({ express: express3, contexts, agents, config, tools }) => {
+  create = async ({ express: express3, contexts, agents, config, tools, tracer, logger }) => {
     this.express = express3;
     if (!this.server) {
       console.log("[EXULU] Creating MCP server.");
@@ -5194,6 +5071,77 @@ var defaultAgent = new ExuluAgent({
   }
 });
 
+// src/registry/index.ts
+import { trace as trace2 } from "@opentelemetry/api";
+
+// src/registry/logger.ts
+import { OpenTelemetryTransportV3 } from "@opentelemetry/winston-transport";
+import winston from "winston";
+var createLogger = ({
+  enableOtel
+}) => {
+  const logger = winston.createLogger({
+    level: "debug",
+    format: winston.format.combine(
+      winston.format.timestamp(),
+      winston.format.errors({
+        stack: true
+      }),
+      winston.format.metadata(),
+      winston.format.json()
+    ),
+    defaultMeta: {
+      service: "Exulu",
+      environment: process.env.NODE_ENV || "development"
+    },
+    transports: [
+      new winston.transports.Console(),
+      ...enableOtel ? [new OpenTelemetryTransportV3()] : []
+    ]
+  });
+  return logger;
+};
+var logger_default = createLogger;
+
+// src/templates/contexts/code-standards.ts
+var codeStandardsContext = new ExuluContext({
+  id: "code-standards",
+  name: "Code Standards",
+  description: "Code standards that can be used with the Exulu CLI.",
+  configuration: {
+    defaultRightsMode: "public"
+  },
+  fields: [{
+    name: "Best practices",
+    type: "longText"
+  }, {
+    name: "Code style",
+    type: "longText"
+  }, {
+    name: "Tech stack",
+    type: "longText"
+  }],
+  active: true
+});
+
+// src/templates/contexts/projects.ts
+var projectsContext = new ExuluContext({
+  id: "projects",
+  name: "Projects",
+  description: "Default context that stores files and data related to projects in Exulu.",
+  configuration: {
+    defaultRightsMode: "projects"
+  },
+  fields: [{
+    name: "Type",
+    type: "text"
+  }, {
+    name: "Summary",
+    type: "longText"
+  }],
+  active: true
+});
+
 // src/registry/index.ts
 var ExuluApp = class {
   _agents = [];
@@ -5207,7 +5155,11 @@ var ExuluApp = class {
   // Factory function so we can async 
   // initialize the MCP server if needed.
   create = async ({ contexts, agents, config, tools }) => {
-    this._contexts = contexts ?? {};
+    this._contexts = {
+      ...contexts,
+      projectsContext,
+      codeStandardsContext
+    };
     this._agents = [
       claudeCodeAgent,
       defaultAgent,
@@ -5223,7 +5175,7 @@ var ExuluApp = class {
     ];
     const contextsArray = Object.values(contexts || {});
     const queues2 = [
-      ...contextsArray?.length ? contextsArray.map((context) => context.embedder.queue?.name || null) : []
+      ...contextsArray?.length ? contextsArray.map((context) => context.embedder?.queue?.name || null) : []
     ];
     this._queues = [...new Set(queues2.filter((o) => !!o))];
     if (!this._expressApp) {
@@ -5260,10 +5212,20 @@ var ExuluApp = class {
   bullmq = {
     workers: {
       create: async () => {
+        let tracer;
+        if (this._config?.telemetry?.enabled) {
+          console.log("[EXULU] telemetry enabled.");
+          tracer = trace2.getTracer("exulu", "1.0.0");
+        }
+        const logger = logger_default({
+          enableOtel: this._config?.workers?.telemetry?.enabled ?? false
+        });
         return await createWorkers(
           this._queues,
+          logger,
           Object.values(this._contexts ?? {}),
-          this._config?.workers?.logsDir
+          this._config?.workers?.logsDir,
+          tracer
         );
       }
     }
@@ -5272,14 +5234,25 @@ var ExuluApp = class {
     express: {
       init: async () => {
         if (!this._expressApp) {
-          throw new Error("Express app not initialized");
+          throw new Error("Express app not initialized.");
         }
         const app = this._expressApp;
+        let tracer;
+        if (this._config?.telemetry?.enabled) {
+          console.log("[EXULU] telemetry enabled");
+          tracer = trace2.getTracer("exulu", "1.0.0");
+        }
+        const logger = logger_default({
+          enableOtel: this._config?.telemetry?.enabled ?? false
+        });
         await createExpressRoutes(
           app,
+          logger,
           this._agents,
           this._tools,
-          Object.values(this._contexts ?? {})
+          Object.values(this._contexts ?? {}),
+          this._config,
+          tracer
         );
         if (this._config?.MCP.enabled) {
           const mcp = new ExuluMCP();
@@ -5288,7 +5261,9 @@ var ExuluApp = class {
             contexts: this._contexts,
             agents: this._agents,
             config: this._config,
-            tools: this._tools
+            tools: this._tools,
+            tracer,
+            logger
           });
           await mcp.connect();
         }
@@ -5633,8 +5608,8 @@ var ExuluTokenizer = class {
     if (!this.encoder) {
       throw new Error("Tokenizer not initialized");
     }
-    const promises2 = tokenSequences.map((tokens) => this.decode(tokens));
-    return await Promise.all(promises2);
+    const promises = tokenSequences.map((tokens) => this.decode(tokens));
+    return await Promise.all(promises);
   }
   encode(text) {
     if (!this.encoder) {
@@ -5650,8 +5625,8 @@ var ExuluTokenizer = class {
     if (!this.encoder) {
       throw new Error("Tokenizer not initialized");
     }
-    const promises2 = texts.map((text) => this.countTokens(text));
-    return await Promise.all(promises2);
+    const promises = texts.map((text) => this.countTokens(text));
+    return await Promise.all(promises);
   }
   countTokens(text) {
     if (!this.encoder) {
@@ -6701,6 +6676,48 @@ var execute = async () => {
   return;
 };
 
+// src/registry/otel.ts
+import process2 from "process";
+import { NodeSDK } from "@opentelemetry/sdk-node";
+import { getNodeAutoInstrumentations } from "@opentelemetry/auto-instrumentations-node";
+import { OTLPTraceExporter } from "@opentelemetry/exporter-trace-otlp-http";
+import { OTLPLogExporter } from "@opentelemetry/exporter-logs-otlp-http";
+import { resourceFromAttributes } from "@opentelemetry/resources";
+import { ATTR_SERVICE_NAME } from "@opentelemetry/semantic-conventions";
+import { BatchLogRecordProcessor } from "@opentelemetry/sdk-logs";
+var create = ({
+  SIGNOZ_ACCESS_TOKEN,
+  SIGNOZ_TRACES_URL,
+  SIGNOZ_LOGS_URL
+}) => {
+  console.log("[EXULU] Setting up OpenTelemetry");
+  const exporterOptions = {
+    url: SIGNOZ_TRACES_URL,
+    headers: {
+      "signoz-access-token": SIGNOZ_ACCESS_TOKEN
+    }
+  };
+  const traceExporter = new OTLPTraceExporter(exporterOptions);
+  const logExporter = new OTLPLogExporter({
+    url: SIGNOZ_LOGS_URL,
+    headers: {
+      "signoz-access-token": SIGNOZ_ACCESS_TOKEN
+    }
+  });
+  const sdk = new NodeSDK({
+    traceExporter,
+    logRecordProcessors: [new BatchLogRecordProcessor(logExporter)],
+    instrumentations: [getNodeAutoInstrumentations()],
+    resource: resourceFromAttributes({
+      [ATTR_SERVICE_NAME]: "Exulu"
+    })
+  });
+  process2.on("SIGTERM", () => {
+    sdk.shutdown().then(() => console.log("Tracing terminated")).catch((error) => console.log("Error terminating tracing", error)).finally(() => process2.exit(0));
+  });
+  return sdk;
+};
+
 // types/enums/jobs.ts
 var JOB_STATUS_ENUM = {
   completed: "completed",
@@ -6719,6 +6736,19 @@ var ExuluJobs = {
     validate: validateJob
   }
 };
+var ExuluOtel = {
+  create: ({
+    SIGNOZ_ACCESS_TOKEN,
+    SIGNOZ_TRACES_URL,
+    SIGNOZ_LOGS_URL
+  }) => {
+    return create({
+      SIGNOZ_ACCESS_TOKEN,
+      SIGNOZ_TRACES_URL,
+      SIGNOZ_LOGS_URL
+    });
+  }
+};
 var db2 = {
   init: async () => {
     await execute();
@@ -6749,9 +6779,8 @@ export {
   ExuluEmbedder,
   ExuluEval,
   ExuluJobs,
-  ExuluLogger,
+  ExuluOtel,
   queues as ExuluQueues,
-  ExuluSource,
   ExuluTool,
   ExuluZodFileType,
   db2 as db