@lucern/graph-primitives 0.1.0-alpha.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +29 -0
- package/dist/beliefDecay-Q_26RTc-.d.ts +72 -0
- package/dist/beliefDecay.d.ts +2 -0
- package/dist/beliefDecay.js +1628 -0
- package/dist/beliefDecay.js.map +1 -0
- package/dist/beliefEvidenceLinks-42FlR48t.d.ts +77 -0
- package/dist/beliefEvidenceLinks.d.ts +1 -0
- package/dist/beliefEvidenceLinks.js +1978 -0
- package/dist/beliefEvidenceLinks.js.map +1 -0
- package/dist/beliefLifecycle-C-AehZgF.d.ts +43 -0
- package/dist/beliefLifecycle.d.ts +1 -0
- package/dist/beliefLifecycle.js +98 -0
- package/dist/beliefLifecycle.js.map +1 -0
- package/dist/confidencePropagationDispatch.d.ts +46 -0
- package/dist/confidencePropagationDispatch.js +744 -0
- package/dist/confidencePropagationDispatch.js.map +1 -0
- package/dist/contradictions-Hdwl7zid.d.ts +71 -0
- package/dist/contradictions.d.ts +1 -0
- package/dist/contradictions.js +1557 -0
- package/dist/contradictions.js.map +1 -0
- package/dist/convex.d.ts +23 -0
- package/dist/convex.js +17 -0
- package/dist/convex.js.map +1 -0
- package/dist/edgeValidation-CeI0wc0r.d.ts +35 -0
- package/dist/edgeValidation.d.ts +2 -0
- package/dist/edgeValidation.js +307 -0
- package/dist/edgeValidation.js.map +1 -0
- package/dist/edges/contains.d.ts +6 -0
- package/dist/edges/contains.js +14 -0
- package/dist/edges/contains.js.map +1 -0
- package/dist/edges/contradicts.d.ts +6 -0
- package/dist/edges/contradicts.js +183 -0
- package/dist/edges/contradicts.js.map +1 -0
- package/dist/edges/dependsOn.d.ts +6 -0
- package/dist/edges/dependsOn.js +240 -0
- package/dist/edges/dependsOn.js.map +1 -0
- package/dist/edges/derivedFrom.d.ts +6 -0
- package/dist/edges/derivedFrom.js +14 -0
- package/dist/edges/derivedFrom.js.map +1 -0
- package/dist/edges/elaborates.d.ts +6 -0
- package/dist/edges/elaborates.js +100 -0
- package/dist/edges/elaborates.js.map +1 -0
- package/dist/edges/index.d.ts +3 -0
- package/dist/edges/index.js +556 -0
- package/dist/edges/index.js.map +1 -0
- package/dist/edges/informs.d.ts +6 -0
- package/dist/edges/informs.js +112 -0
- package/dist/edges/informs.js.map +1 -0
- package/dist/edges/propagationTypes.d.ts +39 -0
- package/dist/edges/propagationTypes.js +17 -0
- package/dist/edges/propagationTypes.js.map +1 -0
- package/dist/edges/refutes.d.ts +6 -0
- package/dist/edges/refutes.js +108 -0
- package/dist/edges/refutes.js.map +1 -0
- package/dist/edges/supports.d.ts +6 -0
- package/dist/edges/supports.js +193 -0
- package/dist/edges/supports.js.map +1 -0
- package/dist/edges/tests.d.ts +6 -0
- package/dist/edges/tests.js +14 -0
- package/dist/edges/tests.js.map +1 -0
- package/dist/edges/utils.d.ts +12 -0
- package/dist/edges/utils.js +188 -0
- package/dist/edges/utils.js.map +1 -0
- package/dist/embeddingTrigger.d.ts +24 -0
- package/dist/embeddingTrigger.js +24 -0
- package/dist/embeddingTrigger.js.map +1 -0
- package/dist/entityBridge-DMaKooYn.d.ts +59 -0
- package/dist/entityBridge.d.ts +1 -0
- package/dist/entityBridge.js +663 -0
- package/dist/entityBridge.js.map +1 -0
- package/dist/entityLifecycle-BkhRJ-XI.d.ts +69 -0
- package/dist/entityLifecycle.d.ts +1 -0
- package/dist/entityLifecycle.js +2083 -0
- package/dist/entityLifecycle.js.map +1 -0
- package/dist/entityValidation-KLZ_Xl2D.d.ts +50 -0
- package/dist/entityValidation.d.ts +3 -0
- package/dist/entityValidation.js +71 -0
- package/dist/entityValidation.js.map +1 -0
- package/dist/epistemicAnswers-DSP1slZ9.d.ts +67 -0
- package/dist/epistemicAnswers.d.ts +1 -0
- package/dist/epistemicAnswers.js +1650 -0
- package/dist/epistemicAnswers.js.map +1 -0
- package/dist/epistemicBeliefs-DtFVTp-k.d.ts +377 -0
- package/dist/epistemicBeliefs.d.ts +5 -0
- package/dist/epistemicBeliefs.js +6386 -0
- package/dist/epistemicBeliefs.js.map +1 -0
- package/dist/epistemicContractHelpers.d.ts +1 -0
- package/dist/epistemicContractHelpers.js +320 -0
- package/dist/epistemicContractHelpers.js.map +1 -0
- package/dist/epistemicContracts.d.ts +77 -0
- package/dist/epistemicContracts.js +8436 -0
- package/dist/epistemicContracts.js.map +1 -0
- package/dist/epistemicEdges-DcA8ErUG.d.ts +191 -0
- package/dist/epistemicEdges.d.ts +2 -0
- package/dist/epistemicEdges.js +2749 -0
- package/dist/epistemicEdges.js.map +1 -0
- package/dist/epistemicEvidence-Bo638XDP.d.ts +128 -0
- package/dist/epistemicEvidence.d.ts +3 -0
- package/dist/epistemicEvidence.js +3282 -0
- package/dist/epistemicEvidence.js.map +1 -0
- package/dist/epistemicHelpers-Bd9xbaib.d.ts +329 -0
- package/dist/epistemicHelpers.d.ts +4 -0
- package/dist/epistemicHelpers.js +999 -0
- package/dist/epistemicHelpers.js.map +1 -0
- package/dist/epistemicLinking-CyeLOIzN.d.ts +35 -0
- package/dist/epistemicLinking.d.ts +1 -0
- package/dist/epistemicLinking.js +1391 -0
- package/dist/epistemicLinking.js.map +1 -0
- package/dist/epistemicNodes-BpD6Koud.d.ts +167 -0
- package/dist/epistemicNodes.d.ts +2 -0
- package/dist/epistemicNodes.js +2942 -0
- package/dist/epistemicNodes.js.map +1 -0
- package/dist/epistemicQuestions-CmEeY6zQ.d.ts +214 -0
- package/dist/epistemicQuestions.d.ts +3 -0
- package/dist/epistemicQuestions.js +4993 -0
- package/dist/epistemicQuestions.js.map +1 -0
- package/dist/epistemicSources-ZazxHOK1.d.ts +25 -0
- package/dist/epistemicSources.d.ts +1 -0
- package/dist/epistemicSources.js +2025 -0
- package/dist/epistemicSources.js.map +1 -0
- package/dist/evaluators/index.d.ts +9 -0
- package/dist/evaluators/index.js +8440 -0
- package/dist/evaluators/index.js.map +1 -0
- package/dist/evaluators/lintCheckerEvaluator.d.ts +11 -0
- package/dist/evaluators/lintCheckerEvaluator.js +155 -0
- package/dist/evaluators/lintCheckerEvaluator.js.map +1 -0
- package/dist/evaluators/sentryCheckerEvaluator.d.ts +11 -0
- package/dist/evaluators/sentryCheckerEvaluator.js +126 -0
- package/dist/evaluators/sentryCheckerEvaluator.js.map +1 -0
- package/dist/evaluators/shared.d.ts +27 -0
- package/dist/evaluators/shared.js +92 -0
- package/dist/evaluators/shared.js.map +1 -0
- package/dist/evaluators/testRunnerEvaluator.d.ts +17 -0
- package/dist/evaluators/testRunnerEvaluator.js +232 -0
- package/dist/evaluators/testRunnerEvaluator.js.map +1 -0
- package/dist/evaluators/tscCheckerEvaluator.d.ts +11 -0
- package/dist/evaluators/tscCheckerEvaluator.js +189 -0
- package/dist/evaluators/tscCheckerEvaluator.js.map +1 -0
- package/dist/globalId-DKh9d_uD.d.ts +20 -0
- package/dist/globalId.d.ts +1 -0
- package/dist/globalId.js +15 -0
- package/dist/globalId.js.map +1 -0
- package/dist/graphTypes-CpgIuCdo.d.ts +52 -0
- package/dist/graphTypes.d.ts +1 -0
- package/dist/graphTypes.js +120 -0
- package/dist/graphTypes.js.map +1 -0
- package/dist/helpers-BYHIk5vU.d.ts +27 -0
- package/dist/helpers.d.ts +4 -0
- package/dist/helpers.js +313 -0
- package/dist/helpers.js.map +1 -0
- package/dist/index-Dct1T70K.d.ts +25 -0
- package/dist/index-Dq-7R-gi.d.ts +31 -0
- package/dist/index.d.ts +45 -0
- package/dist/index.js +22294 -0
- package/dist/index.js.map +1 -0
- package/dist/invariantEnforcement.d.ts +52 -0
- package/dist/invariantEnforcement.js +231 -0
- package/dist/invariantEnforcement.js.map +1 -0
- package/dist/logicalRoleInference-CJxqWi3u.d.ts +16 -0
- package/dist/logicalRoleInference.d.ts +3 -0
- package/dist/logicalRoleInference.js +64 -0
- package/dist/logicalRoleInference.js.map +1 -0
- package/dist/matcherFeedbackUtils.d.ts +33 -0
- package/dist/matcherFeedbackUtils.js +95 -0
- package/dist/matcherFeedbackUtils.js.map +1 -0
- package/dist/ontology-matching-Buhu23ss.d.ts +48 -0
- package/dist/ontology-matching.d.ts +2 -0
- package/dist/ontology-matching.js +346 -0
- package/dist/ontology-matching.js.map +1 -0
- package/dist/ontologyApproval-Ba0Jjk1k.d.ts +26 -0
- package/dist/ontologyApproval.d.ts +1 -0
- package/dist/ontologyApproval.js +78 -0
- package/dist/ontologyApproval.js.map +1 -0
- package/dist/ontologyDefinitions.d.ts +72 -0
- package/dist/ontologyDefinitions.js +635 -0
- package/dist/ontologyDefinitions.js.map +1 -0
- package/dist/ontologyHelpers.d.ts +79 -0
- package/dist/ontologyHelpers.js +81 -0
- package/dist/ontologyHelpers.js.map +1 -0
- package/dist/ontologyRegistry-B67rPJ16.d.ts +31 -0
- package/dist/ontologyRegistry.d.ts +1 -0
- package/dist/ontologyRegistry.js +296 -0
- package/dist/ontologyRegistry.js.map +1 -0
- package/dist/projectionReconciliation-CxrXYGaB.d.ts +20 -0
- package/dist/projectionReconciliation.d.ts +1 -0
- package/dist/projectionReconciliation.js +261 -0
- package/dist/projectionReconciliation.js.map +1 -0
- package/dist/projectionStaleness-CAdpIsaW.d.ts +51 -0
- package/dist/projectionStaleness.d.ts +1 -0
- package/dist/projectionStaleness.js +57 -0
- package/dist/projectionStaleness.js.map +1 -0
- package/dist/questionEvidenceLinks-BdQD0TkM.d.ts +34 -0
- package/dist/questionEvidenceLinks.d.ts +1 -0
- package/dist/questionEvidenceLinks.js +1690 -0
- package/dist/questionEvidenceLinks.js.map +1 -0
- package/dist/resolverTypes-CC8Ea2E2.d.ts +20 -0
- package/dist/resolverTypes.d.ts +4 -0
- package/dist/resolverTypes.js +3 -0
- package/dist/resolverTypes.js.map +1 -0
- package/dist/resolvers-Br1a6eLV.d.ts +14 -0
- package/dist/resolvers.d.ts +5 -0
- package/dist/resolvers.js +308 -0
- package/dist/resolvers.js.map +1 -0
- package/dist/scopeResolverCompat.d.ts +26 -0
- package/dist/scopeResolverCompat.js +242 -0
- package/dist/scopeResolverCompat.js.map +1 -0
- package/dist/text-matching-CMn2WnVD.d.ts +40 -0
- package/dist/text-matching.d.ts +2 -0
- package/dist/text-matching.js +246 -0
- package/dist/text-matching.js.map +1 -0
- package/dist/topicOntologyResolver.d.ts +80 -0
- package/dist/topicOntologyResolver.js +67 -0
- package/dist/topicOntologyResolver.js.map +1 -0
- package/dist/topicProjectOverlay.d.ts +92 -0
- package/dist/topicProjectOverlay.js +249 -0
- package/dist/topicProjectOverlay.js.map +1 -0
- package/dist/topicScope-By_zp4tt.d.ts +34 -0
- package/dist/topicScope.d.ts +3 -0
- package/dist/topicScope.js +206 -0
- package/dist/topicScope.js.map +1 -0
- package/dist/workspaceIsolation.d.ts +44 -0
- package/dist/workspaceIsolation.js +950 -0
- package/dist/workspaceIsolation.js.map +1 -0
- package/package.json +46 -0
|
@@ -0,0 +1,1391 @@
|
|
|
1
|
+
import { v } from 'convex/values';
|
|
2
|
+
import { componentsGeneric, mutationGeneric, anyApi } from 'convex/server';
|
|
3
|
+
|
|
4
|
+
// src/epistemicLinking.ts
|
|
5
|
+
componentsGeneric();
|
|
6
|
+
var internal = anyApi;
|
|
7
|
+
var mutation = mutationGeneric;
|
|
8
|
+
|
|
9
|
+
// src/graphTypes.ts
|
|
10
|
+
var EDGE_TYPE_TO_REL = {
|
|
11
|
+
// === THE SIX CANONICAL EPISTEMIC EDGE TYPES ===
|
|
12
|
+
supports: "SUPPORTS",
|
|
13
|
+
// L3↔L3: belief bears on belief (weight -1 to +1)
|
|
14
|
+
informs: "INFORMS",
|
|
15
|
+
// L2→L3: evidence bears on belief
|
|
16
|
+
depends_on: "DEPENDS_ON",
|
|
17
|
+
// L3→L3, Q→Q: structural gate
|
|
18
|
+
derived_from: "DERIVED_FROM",
|
|
19
|
+
// Any→Any: provenance chain (fork, synthesis, extraction, answer)
|
|
20
|
+
contains: "CONTAINS",
|
|
21
|
+
// Any→Any: hierarchy, scoping, membership
|
|
22
|
+
tests: "TESTS",
|
|
23
|
+
// Q→L3: question interrogates belief
|
|
24
|
+
// === L4 DECISION EDGES (derived_from with derivationType=decision) ===
|
|
25
|
+
// Kept as separate Neo4j relationship types for backward compat with L4 queries.
|
|
26
|
+
// New code should use derived_from + metadata.
|
|
27
|
+
based_on_belief: "BASED_ON_BELIEF",
|
|
28
|
+
based_on_question: "BASED_ON_QUESTION",
|
|
29
|
+
blocked_by_contradiction: "BLOCKED_BY_CONTRADICTION",
|
|
30
|
+
informed_by_theme: "INFORMED_BY_THEME",
|
|
31
|
+
// === ONTOLOGICAL EDGES (tenant-extensible, managed by ontology system) ===
|
|
32
|
+
works_at: "WORKS_AT",
|
|
33
|
+
invested_in: "INVESTED_IN",
|
|
34
|
+
competes_with: "COMPETES_WITH",
|
|
35
|
+
participates_in: "PARTICIPATES_IN",
|
|
36
|
+
founded_by: "FOUNDED_BY",
|
|
37
|
+
evaluates: "EVALUATES",
|
|
38
|
+
performs: "PERFORMS",
|
|
39
|
+
function_in: "FUNCTION_IN",
|
|
40
|
+
impacts: "IMPACTS",
|
|
41
|
+
raised_from: "RAISED_FROM",
|
|
42
|
+
mentioned_in: "MENTIONED_IN",
|
|
43
|
+
perspective_on: "PERSPECTIVE_ON",
|
|
44
|
+
about_entity: "ABOUT_ENTITY",
|
|
45
|
+
entity_referenced_in: "ENTITY_REFERENCED_IN"
|
|
46
|
+
};
|
|
47
|
+
var CANONICAL_EPISTEMIC_TYPES = /* @__PURE__ */ new Set([
|
|
48
|
+
"supports",
|
|
49
|
+
"informs",
|
|
50
|
+
"depends_on",
|
|
51
|
+
"derived_from",
|
|
52
|
+
"contains",
|
|
53
|
+
"tests"
|
|
54
|
+
]);
|
|
55
|
+
function isDeprecatedEdgeType(edgeType) {
|
|
56
|
+
if (CANONICAL_EPISTEMIC_TYPES.has(edgeType)) return false;
|
|
57
|
+
if (edgeType in EDGE_TYPE_TO_REL) return false;
|
|
58
|
+
return true;
|
|
59
|
+
}
|
|
60
|
+
|
|
61
|
+
// src/epistemicHelpers.ts
|
|
62
|
+
function getNodeLayer(nodeType) {
|
|
63
|
+
switch (nodeType) {
|
|
64
|
+
// L4: Audit targets
|
|
65
|
+
case "decision":
|
|
66
|
+
return "L4";
|
|
67
|
+
// L3: Traversal anchors
|
|
68
|
+
case "belief":
|
|
69
|
+
case "question":
|
|
70
|
+
case "theme":
|
|
71
|
+
case "deal":
|
|
72
|
+
return "L3";
|
|
73
|
+
// L2: Compression boundary
|
|
74
|
+
case "claim":
|
|
75
|
+
case "evidence":
|
|
76
|
+
case "synthesis":
|
|
77
|
+
case "answer":
|
|
78
|
+
return "L2";
|
|
79
|
+
// L1: Terminal leaves
|
|
80
|
+
case "atomic_fact":
|
|
81
|
+
case "excerpt":
|
|
82
|
+
case "source":
|
|
83
|
+
return "L1";
|
|
84
|
+
// Ontological entities
|
|
85
|
+
case "company":
|
|
86
|
+
case "person":
|
|
87
|
+
case "investor":
|
|
88
|
+
case "function":
|
|
89
|
+
case "value_chain":
|
|
90
|
+
return "ontological";
|
|
91
|
+
// Organizational containers
|
|
92
|
+
case "topic":
|
|
93
|
+
return "organizational";
|
|
94
|
+
default:
|
|
95
|
+
console.warn(
|
|
96
|
+
`[EpistemicLayer] Unknown nodeType: ${nodeType}, defaulting to L2`
|
|
97
|
+
);
|
|
98
|
+
return "L2";
|
|
99
|
+
}
|
|
100
|
+
}
|
|
101
|
+
var EDGE_LAYER_RULES = {
|
|
102
|
+
// === L4 Decision Edges ===
|
|
103
|
+
based_on_belief: {
|
|
104
|
+
from: ["L4"],
|
|
105
|
+
to: ["L3"],
|
|
106
|
+
description: "Decision \u2192 Belief (L4 \u2192 L3)"
|
|
107
|
+
},
|
|
108
|
+
based_on_question: {
|
|
109
|
+
from: ["L4"],
|
|
110
|
+
to: ["L3"],
|
|
111
|
+
description: "Decision \u2192 Question (L4 \u2192 L3)"
|
|
112
|
+
},
|
|
113
|
+
blocked_by_contradiction: {
|
|
114
|
+
from: ["L4"],
|
|
115
|
+
to: ["L3"],
|
|
116
|
+
description: "Decision \u2192 Contradiction (L4 \u2192 L3)"
|
|
117
|
+
},
|
|
118
|
+
informed_by_theme: {
|
|
119
|
+
from: ["L4"],
|
|
120
|
+
to: ["L3"],
|
|
121
|
+
description: "Decision \u2192 Theme (L4 \u2192 L3)"
|
|
122
|
+
},
|
|
123
|
+
// === Evidence Flow (L2 → L3, L2 → L1) ===
|
|
124
|
+
derived_from: {
|
|
125
|
+
from: ["L2", "L3", "L4"],
|
|
126
|
+
to: ["L1", "L2", "L3"],
|
|
127
|
+
description: "A was produced from B (provenance chain)"
|
|
128
|
+
},
|
|
129
|
+
answers: {
|
|
130
|
+
from: ["L2"],
|
|
131
|
+
to: ["L3"],
|
|
132
|
+
description: "Evidence \u2192 Question (L2 \u2192 L3)"
|
|
133
|
+
},
|
|
134
|
+
responds_to: {
|
|
135
|
+
from: ["L2"],
|
|
136
|
+
to: ["L3"],
|
|
137
|
+
description: "Answer \u2192 Question (L2 \u2192 L3)"
|
|
138
|
+
},
|
|
139
|
+
informs: {
|
|
140
|
+
from: ["L2"],
|
|
141
|
+
to: ["L3"],
|
|
142
|
+
description: "Evidence \u2192 Belief (L2 \u2192 L3)"
|
|
143
|
+
},
|
|
144
|
+
qualifies: {
|
|
145
|
+
from: ["L2"],
|
|
146
|
+
to: ["L3"],
|
|
147
|
+
description: "Evidence \u2192 Belief (L2 \u2192 L3)"
|
|
148
|
+
},
|
|
149
|
+
// === Question → Belief (L3 → L3) ===
|
|
150
|
+
tests: {
|
|
151
|
+
from: ["L3"],
|
|
152
|
+
to: ["L3"],
|
|
153
|
+
description: "Question \u2192 Belief (L3 \u2192 L3)"
|
|
154
|
+
},
|
|
155
|
+
explores: {
|
|
156
|
+
from: ["L3"],
|
|
157
|
+
to: ["L3"],
|
|
158
|
+
description: "Question \u2192 Belief assumption (L3 \u2192 L3)"
|
|
159
|
+
},
|
|
160
|
+
// === Synthesis (L2 → L2, L2 → L1) ===
|
|
161
|
+
based_on: {
|
|
162
|
+
from: ["L2"],
|
|
163
|
+
to: ["L2", "L1"],
|
|
164
|
+
description: "Synthesis \u2192 Evidence/Source (L2 \u2192 L2/L1)"
|
|
165
|
+
},
|
|
166
|
+
// === Theme Relationships (L3 → L3) ===
|
|
167
|
+
relates_to_thesis: {
|
|
168
|
+
from: ["L3"],
|
|
169
|
+
to: ["L3"],
|
|
170
|
+
description: "Belief \u2192 Theme (L3 \u2192 L3)"
|
|
171
|
+
},
|
|
172
|
+
belongs_to: {
|
|
173
|
+
from: ["L3", "L2"],
|
|
174
|
+
// Can belong to theme from L3 or L2
|
|
175
|
+
to: ["L3"],
|
|
176
|
+
description: "Any \u2192 Theme (L3/L2 \u2192 L3)"
|
|
177
|
+
},
|
|
178
|
+
plays_theme: {
|
|
179
|
+
from: ["L3"],
|
|
180
|
+
to: ["L3"],
|
|
181
|
+
description: "Deal \u2192 Theme (L3 \u2192 L3)"
|
|
182
|
+
},
|
|
183
|
+
// === Topic Hierarchy (L3 → organizational) ===
|
|
184
|
+
scoped_by: {
|
|
185
|
+
from: ["L3"],
|
|
186
|
+
to: ["organizational"],
|
|
187
|
+
description: "Belief/Question \u2192 Topic (L3 \u2192 organizational)"
|
|
188
|
+
},
|
|
189
|
+
// === Deal/Company ===
|
|
190
|
+
evaluates: {
|
|
191
|
+
from: ["L3"],
|
|
192
|
+
to: ["ontological"],
|
|
193
|
+
description: "Deal \u2192 Company (L3 \u2192 ontological)"
|
|
194
|
+
},
|
|
195
|
+
// === People (ontological → ontological, ontological → L3) ===
|
|
196
|
+
perspective_on: {
|
|
197
|
+
from: ["ontological"],
|
|
198
|
+
to: ["L3"],
|
|
199
|
+
description: "Person \u2192 Belief/Theme (ontological \u2192 L3)"
|
|
200
|
+
},
|
|
201
|
+
works_at: {
|
|
202
|
+
from: ["ontological"],
|
|
203
|
+
to: ["ontological"],
|
|
204
|
+
description: "Person \u2192 Company (ontological \u2192 ontological)"
|
|
205
|
+
},
|
|
206
|
+
// === Value Chain (ontological) ===
|
|
207
|
+
participates_in: {
|
|
208
|
+
from: ["ontological"],
|
|
209
|
+
to: ["ontological"],
|
|
210
|
+
description: "Company \u2192 ValueChain (ontological \u2192 ontological)"
|
|
211
|
+
},
|
|
212
|
+
performs: {
|
|
213
|
+
from: ["ontological"],
|
|
214
|
+
to: ["ontological"],
|
|
215
|
+
description: "Company \u2192 Function (ontological \u2192 ontological)"
|
|
216
|
+
},
|
|
217
|
+
function_in: {
|
|
218
|
+
from: ["ontological"],
|
|
219
|
+
to: ["ontological"],
|
|
220
|
+
description: "Function \u2192 ValueChain (ontological \u2192 ontological)"
|
|
221
|
+
},
|
|
222
|
+
impacts: {
|
|
223
|
+
from: ["L3"],
|
|
224
|
+
to: ["ontological"],
|
|
225
|
+
description: "Theme \u2192 ValueChain (L3 \u2192 ontological)"
|
|
226
|
+
},
|
|
227
|
+
// === Investment (ontological) ===
|
|
228
|
+
invested_in: {
|
|
229
|
+
from: ["ontological"],
|
|
230
|
+
to: ["ontological"],
|
|
231
|
+
description: "Investor \u2192 Company (ontological \u2192 ontological)"
|
|
232
|
+
},
|
|
233
|
+
raised_from: {
|
|
234
|
+
from: ["ontological"],
|
|
235
|
+
to: ["ontological"],
|
|
236
|
+
description: "Company \u2192 Investor (ontological \u2192 ontological)"
|
|
237
|
+
},
|
|
238
|
+
// === Entity↔Belief Bridge (OE-B) ===
|
|
239
|
+
about_entity: {
|
|
240
|
+
from: ["L3"],
|
|
241
|
+
to: ["ontological"],
|
|
242
|
+
description: "Belief/Question/Theme \u2192 Entity (L3 \u2192 ontological)"
|
|
243
|
+
},
|
|
244
|
+
entity_referenced_in: {
|
|
245
|
+
from: ["ontological"],
|
|
246
|
+
to: ["L2"],
|
|
247
|
+
description: "Entity \u2192 Evidence (ontological \u2192 L2)"
|
|
248
|
+
},
|
|
249
|
+
mentioned_in: {
|
|
250
|
+
from: ["ontological"],
|
|
251
|
+
to: ["L1"],
|
|
252
|
+
description: "Entity \u2192 Source document (ontological \u2192 L1)"
|
|
253
|
+
},
|
|
254
|
+
founded_by: {
|
|
255
|
+
from: ["ontological"],
|
|
256
|
+
to: ["ontological"],
|
|
257
|
+
description: "Company \u2192 Person (ontological \u2192 ontological)"
|
|
258
|
+
},
|
|
259
|
+
competes_with: {
|
|
260
|
+
from: ["ontological"],
|
|
261
|
+
to: ["ontological"],
|
|
262
|
+
description: "Company \u2192 Company (ontological \u2192 ontological)"
|
|
263
|
+
},
|
|
264
|
+
contains: {
|
|
265
|
+
from: ["ontological"],
|
|
266
|
+
to: ["ontological"],
|
|
267
|
+
description: "ValueChain \u2192 Function (ontological \u2192 ontological)"
|
|
268
|
+
},
|
|
269
|
+
// === Lifecycle (same layer only) ===
|
|
270
|
+
supersedes: {
|
|
271
|
+
from: ["L4", "L3", "L2", "L1", "ontological", "organizational"],
|
|
272
|
+
to: ["L4", "L3", "L2", "L1", "ontological", "organizational"],
|
|
273
|
+
description: "NewNode \u2192 OldNode (same layer only - validated separately)"
|
|
274
|
+
},
|
|
275
|
+
same_as: {
|
|
276
|
+
from: ["L4", "L3", "L2", "L1", "ontological", "organizational"],
|
|
277
|
+
to: ["L4", "L3", "L2", "L1", "ontological", "organizational"],
|
|
278
|
+
description: "Duplicate detection (same layer only - validated separately)"
|
|
279
|
+
},
|
|
280
|
+
// === Same-Type: Belief ↔ Belief (L3 → L3) ===
|
|
281
|
+
depends_on: {
|
|
282
|
+
from: ["L3"],
|
|
283
|
+
to: ["L3"],
|
|
284
|
+
description: "Belief B requires Belief A (L3 \u2192 L3)"
|
|
285
|
+
},
|
|
286
|
+
reinforces: {
|
|
287
|
+
from: ["L3"],
|
|
288
|
+
to: ["L3"],
|
|
289
|
+
description: "Beliefs strengthen each other (L3 \u2192 L3)"
|
|
290
|
+
},
|
|
291
|
+
parent_of: {
|
|
292
|
+
from: ["L3", "organizational"],
|
|
293
|
+
to: ["L3", "organizational"],
|
|
294
|
+
description: "A is higher-level than B (L3 \u2192 L3, organizational \u2192 organizational)"
|
|
295
|
+
},
|
|
296
|
+
child_of: {
|
|
297
|
+
from: ["L3"],
|
|
298
|
+
to: ["L3"],
|
|
299
|
+
description: "Belief A is more specific (L3 \u2192 L3)"
|
|
300
|
+
},
|
|
301
|
+
// === Same-Type: Question ↔ Question (L3 → L3) ===
|
|
302
|
+
prerequisite_for: {
|
|
303
|
+
from: ["L3"],
|
|
304
|
+
to: ["L3"],
|
|
305
|
+
description: "Question A must be answered first (L3 \u2192 L3)"
|
|
306
|
+
},
|
|
307
|
+
parallel_to: {
|
|
308
|
+
from: ["L3"],
|
|
309
|
+
to: ["L3"],
|
|
310
|
+
description: "Same topic, different angles (L3 \u2192 L3)"
|
|
311
|
+
},
|
|
312
|
+
// === Same-Type: Evidence ↔ Evidence (L2 → L2) ===
|
|
313
|
+
corroborates: {
|
|
314
|
+
from: ["L2"],
|
|
315
|
+
to: ["L2"],
|
|
316
|
+
description: "Independent support (L2 \u2192 L2)"
|
|
317
|
+
},
|
|
318
|
+
extends: {
|
|
319
|
+
from: ["L2"],
|
|
320
|
+
to: ["L2"],
|
|
321
|
+
description: "Adds depth (L2 \u2192 L2)"
|
|
322
|
+
},
|
|
323
|
+
same_source_as: {
|
|
324
|
+
from: ["L2"],
|
|
325
|
+
to: ["L2"],
|
|
326
|
+
description: "Same document/study (L2 \u2192 L2)"
|
|
327
|
+
},
|
|
328
|
+
same_theme_as: {
|
|
329
|
+
from: ["L2"],
|
|
330
|
+
to: ["L2"],
|
|
331
|
+
description: "Same topic/entity (L2 \u2192 L2)"
|
|
332
|
+
},
|
|
333
|
+
// === NEW: Deep Epistemic Analysis Edges (Phase: Schema Upgrade) ===
|
|
334
|
+
assumes: {
|
|
335
|
+
from: ["L3"],
|
|
336
|
+
to: ["L3"],
|
|
337
|
+
description: "Hidden dependency - Belief B implicitly assumes Belief A (L3 \u2192 L3)"
|
|
338
|
+
},
|
|
339
|
+
would_predict: {
|
|
340
|
+
from: ["L3"],
|
|
341
|
+
to: ["L2"],
|
|
342
|
+
description: "Pre-registered prediction - If Belief true, expect Evidence (L3 \u2192 L2)"
|
|
343
|
+
},
|
|
344
|
+
analogous_to: {
|
|
345
|
+
from: ["L3"],
|
|
346
|
+
to: ["L3"],
|
|
347
|
+
description: "Explicit analogy - Belief A is like Belief B (L3 \u2192 L3)"
|
|
348
|
+
},
|
|
349
|
+
independent_of: {
|
|
350
|
+
from: ["L2"],
|
|
351
|
+
to: ["L2"],
|
|
352
|
+
description: "True evidence independence - Evidence A independent of B (L2 \u2192 L2)"
|
|
353
|
+
}
|
|
354
|
+
// NOTE: Deprecated edge types (supports, contradicts, derived_from, cites,
|
|
355
|
+
// summarizes, related_to, partially_answers, blocks, refines, branches_from)
|
|
356
|
+
// have been REMOVED from the system. Use compliant alternatives instead.
|
|
357
|
+
};
|
|
358
|
+
function validateEdgeLayers(edgeType, fromLayer, toLayer) {
|
|
359
|
+
const rules = EDGE_LAYER_RULES[edgeType];
|
|
360
|
+
if (!rules) {
|
|
361
|
+
console.warn(
|
|
362
|
+
`[EdgeValidation] Unknown edge type: ${edgeType}, allowing by default`
|
|
363
|
+
);
|
|
364
|
+
return { valid: true };
|
|
365
|
+
}
|
|
366
|
+
if (edgeType === "supersedes") {
|
|
367
|
+
if (fromLayer !== toLayer) {
|
|
368
|
+
return {
|
|
369
|
+
valid: false,
|
|
370
|
+
reason: `${edgeType} edges must be between nodes of the same layer. Got ${fromLayer} \u2192 ${toLayer}`
|
|
371
|
+
};
|
|
372
|
+
}
|
|
373
|
+
return { valid: true };
|
|
374
|
+
}
|
|
375
|
+
if (!rules.from.includes(fromLayer)) {
|
|
376
|
+
return {
|
|
377
|
+
valid: false,
|
|
378
|
+
reason: `Edge type '${edgeType}' does not allow source layer ${fromLayer}. Allowed: ${rules.from.join(", ")}`
|
|
379
|
+
};
|
|
380
|
+
}
|
|
381
|
+
if (!rules.to.includes(toLayer)) {
|
|
382
|
+
return {
|
|
383
|
+
valid: false,
|
|
384
|
+
reason: `Edge type '${edgeType}' does not allow target layer ${toLayer}. Allowed: ${rules.to.join(", ")}`
|
|
385
|
+
};
|
|
386
|
+
}
|
|
387
|
+
return { valid: true };
|
|
388
|
+
}
|
|
389
|
+
var api = anyApi;
|
|
390
|
+
componentsGeneric();
|
|
391
|
+
|
|
392
|
+
// ../access-control/src/topicProjectOverlay.ts
|
|
393
|
+
var LEGACY_SCOPE_FIELD = "graphScopeProjectId";
|
|
394
|
+
function readNonEmptyString(value) {
|
|
395
|
+
if (typeof value !== "string") {
|
|
396
|
+
return;
|
|
397
|
+
}
|
|
398
|
+
const normalized = value.trim();
|
|
399
|
+
return normalized.length > 0 ? normalized : void 0;
|
|
400
|
+
}
|
|
401
|
+
function readStringArray(value) {
|
|
402
|
+
if (!Array.isArray(value)) {
|
|
403
|
+
return [];
|
|
404
|
+
}
|
|
405
|
+
return value.map((entry) => readNonEmptyString(entry)).filter((entry) => Boolean(entry));
|
|
406
|
+
}
|
|
407
|
+
function readMetadata(topic) {
|
|
408
|
+
return topic.metadata && typeof topic.metadata === "object" ? topic.metadata : {};
|
|
409
|
+
}
|
|
410
|
+
function readLegacyProjectId(value) {
|
|
411
|
+
if (!value) {
|
|
412
|
+
return;
|
|
413
|
+
}
|
|
414
|
+
return readNonEmptyString(value[LEGACY_SCOPE_FIELD]);
|
|
415
|
+
}
|
|
416
|
+
function coerceVisibility(value) {
|
|
417
|
+
return value === "private" || value === "team" || value === "firm" || value === "external" || value === "public" ? value : void 0;
|
|
418
|
+
}
|
|
419
|
+
function coerceStatus(value) {
|
|
420
|
+
return value === "active" || value === "archived" || value === "watching" ? value : void 0;
|
|
421
|
+
}
|
|
422
|
+
function mapProjectType(topic, metadata) {
|
|
423
|
+
const explicit = readNonEmptyString(metadata.projectType);
|
|
424
|
+
if (explicit) {
|
|
425
|
+
return explicit;
|
|
426
|
+
}
|
|
427
|
+
if (topic.type === "theme") {
|
|
428
|
+
return "thematic";
|
|
429
|
+
}
|
|
430
|
+
return readNonEmptyString(topic.type) || "general";
|
|
431
|
+
}
|
|
432
|
+
function isProjectLikeTopic(topic) {
|
|
433
|
+
const metadata = readMetadata(topic);
|
|
434
|
+
return topic.type === "theme" || topic.type === "thematic" || topic.type === "deal" || topic.type === "monitoring" || readLegacyProjectId(topic) !== void 0 || readNonEmptyString(metadata.projectType) !== void 0;
|
|
435
|
+
}
|
|
436
|
+
async function resolveTopicDoc(ctx, scopeId) {
|
|
437
|
+
if (ctx?.db && typeof ctx.db.get === "function") {
|
|
438
|
+
try {
|
|
439
|
+
const directTopic = await ctx.db.get(scopeId);
|
|
440
|
+
if (directTopic) {
|
|
441
|
+
return directTopic;
|
|
442
|
+
}
|
|
443
|
+
} catch {
|
|
444
|
+
}
|
|
445
|
+
}
|
|
446
|
+
if (typeof ctx.runQuery !== "function") {
|
|
447
|
+
return null;
|
|
448
|
+
}
|
|
449
|
+
try {
|
|
450
|
+
const topic = await ctx.runQuery(api.topics.get, {
|
|
451
|
+
id: String(scopeId)
|
|
452
|
+
});
|
|
453
|
+
if (topic?.name !== void 0 && topic?.type !== void 0) {
|
|
454
|
+
return topic;
|
|
455
|
+
}
|
|
456
|
+
} catch {
|
|
457
|
+
}
|
|
458
|
+
try {
|
|
459
|
+
const topic = await ctx.runQuery(api.topics.getByLegacyScopeId, {
|
|
460
|
+
projectId: String(scopeId)
|
|
461
|
+
});
|
|
462
|
+
if (topic?.name !== void 0 && topic?.type !== void 0) {
|
|
463
|
+
return topic;
|
|
464
|
+
}
|
|
465
|
+
} catch {
|
|
466
|
+
}
|
|
467
|
+
return null;
|
|
468
|
+
}
|
|
469
|
+
function materializeTopicProjectOverlay(topic, idMode = "legacy") {
|
|
470
|
+
const metadata = readMetadata(topic);
|
|
471
|
+
const topicId = String(topic._id);
|
|
472
|
+
const legacyProjectId = readLegacyProjectId(topic) || readLegacyProjectId(metadata) || readNonEmptyString(metadata.legacyProjectId);
|
|
473
|
+
const storageProjectId = legacyProjectId || topicId;
|
|
474
|
+
const outwardId = idMode === "topic" ? topicId : storageProjectId;
|
|
475
|
+
const visibility = coerceVisibility(topic.visibility) || coerceVisibility(metadata.visibility) || "private";
|
|
476
|
+
const status = coerceStatus(topic.status) || coerceStatus(metadata.status) || "active";
|
|
477
|
+
const createdAt = typeof topic.createdAt === "number" ? topic.createdAt : typeof topic._creationTime === "number" ? topic._creationTime : 0;
|
|
478
|
+
const updatedAt = typeof topic.updatedAt === "number" ? topic.updatedAt : typeof metadata.updatedAt === "number" ? metadata.updatedAt : createdAt;
|
|
479
|
+
return {
|
|
480
|
+
...metadata,
|
|
481
|
+
_id: outwardId,
|
|
482
|
+
projectId: outwardId,
|
|
483
|
+
topicId,
|
|
484
|
+
storageProjectId,
|
|
485
|
+
legacyProjectId,
|
|
486
|
+
name: readNonEmptyString(topic.name) || "Untitled Theme",
|
|
487
|
+
type: mapProjectType(topic, metadata),
|
|
488
|
+
description: readNonEmptyString(topic.description),
|
|
489
|
+
ownerId: readNonEmptyString(metadata.ownerId) || readNonEmptyString(topic.createdBy) || "system",
|
|
490
|
+
sharedWith: readStringArray(metadata.sharedWith),
|
|
491
|
+
visibility,
|
|
492
|
+
tenantId: readNonEmptyString(topic.tenantId) || readNonEmptyString(metadata.tenantId),
|
|
493
|
+
workspaceId: readNonEmptyString(topic.workspaceId) || readNonEmptyString(metadata.workspaceId),
|
|
494
|
+
status,
|
|
495
|
+
tags: readStringArray(metadata.tags),
|
|
496
|
+
chatCount: typeof metadata.chatCount === "number" ? metadata.chatCount : 0,
|
|
497
|
+
artifactCount: typeof metadata.artifactCount === "number" ? metadata.artifactCount : 0,
|
|
498
|
+
lastActivityAt: typeof metadata.lastActivityAt === "number" ? metadata.lastActivityAt : updatedAt,
|
|
499
|
+
_creationTime: typeof topic._creationTime === "number" ? topic._creationTime : createdAt,
|
|
500
|
+
createdAt,
|
|
501
|
+
updatedAt
|
|
502
|
+
};
|
|
503
|
+
}
|
|
504
|
+
async function resolveTopicProjectOverlay(ctx, scopeId, options = {}) {
|
|
505
|
+
const topic = await resolveTopicDoc(ctx, scopeId);
|
|
506
|
+
if (!topic) {
|
|
507
|
+
return null;
|
|
508
|
+
}
|
|
509
|
+
if (options.projectLikeOnly !== false && !isProjectLikeTopic(topic)) {
|
|
510
|
+
return null;
|
|
511
|
+
}
|
|
512
|
+
return materializeTopicProjectOverlay(topic, options.idMode);
|
|
513
|
+
}
|
|
514
|
+
async function listTopicProjectOverlays(ctx, options = {}) {
|
|
515
|
+
let allTopics = [];
|
|
516
|
+
if (ctx?.db?.query && typeof ctx.db.query === "function") {
|
|
517
|
+
try {
|
|
518
|
+
allTopics = await ctx.db.query("topics").collect();
|
|
519
|
+
} catch {
|
|
520
|
+
allTopics = [];
|
|
521
|
+
}
|
|
522
|
+
}
|
|
523
|
+
if (allTopics.length === 0 && typeof ctx.runQuery === "function") {
|
|
524
|
+
allTopics = (await ctx.runQuery(api.topics.list, {}) ?? []) || [];
|
|
525
|
+
}
|
|
526
|
+
return allTopics.filter(
|
|
527
|
+
(topic) => options.projectLikeOnly === false || isProjectLikeTopic(topic)
|
|
528
|
+
).map((topic) => materializeTopicProjectOverlay(topic, options.idMode));
|
|
529
|
+
}
|
|
530
|
+
|
|
531
|
+
// ../access-control/src/projectGrantsBridge.ts
|
|
532
|
+
var PROJECT_GRANT_STATUSES = ["active", "revoked", "expired"];
|
|
533
|
+
function normalizeString(value) {
|
|
534
|
+
if (typeof value !== "string") {
|
|
535
|
+
return;
|
|
536
|
+
}
|
|
537
|
+
const trimmed = value.trim();
|
|
538
|
+
return trimmed.length > 0 ? trimmed : void 0;
|
|
539
|
+
}
|
|
540
|
+
async function resolveGrantScopeIds(ctx, args) {
|
|
541
|
+
const topicId = normalizeString(args.topicId);
|
|
542
|
+
const projectId = normalizeString(args.projectId);
|
|
543
|
+
for (const scopeId of [topicId, projectId]) {
|
|
544
|
+
if (!scopeId) {
|
|
545
|
+
continue;
|
|
546
|
+
}
|
|
547
|
+
try {
|
|
548
|
+
const overlay = await resolveTopicProjectOverlay(ctx, scopeId, {
|
|
549
|
+
idMode: "legacy",
|
|
550
|
+
projectLikeOnly: false
|
|
551
|
+
});
|
|
552
|
+
if (overlay) {
|
|
553
|
+
return {
|
|
554
|
+
topicId: normalizeString(overlay.topicId) ?? topicId,
|
|
555
|
+
projectId: normalizeString(overlay.projectId) ?? projectId ?? scopeId
|
|
556
|
+
};
|
|
557
|
+
}
|
|
558
|
+
} catch {
|
|
559
|
+
}
|
|
560
|
+
}
|
|
561
|
+
return { topicId, projectId };
|
|
562
|
+
}
|
|
563
|
+
async function normalizeProjectGrantRow(ctx, row) {
|
|
564
|
+
const scope = await resolveGrantScopeIds(ctx, {
|
|
565
|
+
topicId: row.topicId,
|
|
566
|
+
projectId: row.projectId
|
|
567
|
+
});
|
|
568
|
+
return {
|
|
569
|
+
...row,
|
|
570
|
+
...scope.topicId ? { topicId: scope.topicId } : {},
|
|
571
|
+
...scope.projectId ?? scope.topicId ? { projectId: scope.projectId ?? scope.topicId } : {}
|
|
572
|
+
};
|
|
573
|
+
}
|
|
574
|
+
async function normalizeProjectGrantRows(ctx, rows) {
|
|
575
|
+
return await Promise.all(rows.map((row) => normalizeProjectGrantRow(ctx, row)));
|
|
576
|
+
}
|
|
577
|
+
async function listProjectGrantsByPrincipal(ctx, principalId) {
|
|
578
|
+
const rows = await Promise.all(
|
|
579
|
+
PROJECT_GRANT_STATUSES.map(
|
|
580
|
+
(status) => ctx.db.query("projectGrants").withIndex(
|
|
581
|
+
"by_principal_status",
|
|
582
|
+
(q) => q.eq("principalId", principalId).eq("status", status)
|
|
583
|
+
).collect()
|
|
584
|
+
)
|
|
585
|
+
);
|
|
586
|
+
return await normalizeProjectGrantRows(ctx, rows.flat());
|
|
587
|
+
}
|
|
588
|
+
async function listProjectGrantsByGroup(ctx, groupId) {
|
|
589
|
+
const rows = await Promise.all(
|
|
590
|
+
PROJECT_GRANT_STATUSES.map(
|
|
591
|
+
(status) => ctx.db.query("projectGrants").withIndex(
|
|
592
|
+
"by_group_status",
|
|
593
|
+
(q) => q.eq("groupId", groupId).eq("status", status)
|
|
594
|
+
).collect()
|
|
595
|
+
)
|
|
596
|
+
);
|
|
597
|
+
return await normalizeProjectGrantRows(ctx, rows.flat());
|
|
598
|
+
}
|
|
599
|
+
function buildScopeMatchers(inputScopeId, resolved) {
|
|
600
|
+
return new Set(
|
|
601
|
+
[inputScopeId, resolved.topicId, resolved.projectId].map((value) => normalizeString(value)).filter((value) => Boolean(value))
|
|
602
|
+
);
|
|
603
|
+
}
|
|
604
|
+
function matchesResolvedScope(row, scopeIds) {
|
|
605
|
+
const rowTopicId = normalizeString(row.topicId);
|
|
606
|
+
const rowProjectId = normalizeString(row.projectId);
|
|
607
|
+
return rowTopicId !== void 0 && scopeIds.has(rowTopicId) || rowProjectId !== void 0 && scopeIds.has(rowProjectId);
|
|
608
|
+
}
|
|
609
|
+
async function bridgeListProjectGrantsByTopicAndPrincipal(ctx, topicId, principalId) {
|
|
610
|
+
const resolved = await resolveGrantScopeIds(ctx, { topicId });
|
|
611
|
+
const scopeIds = buildScopeMatchers(topicId, resolved);
|
|
612
|
+
const rows = await listProjectGrantsByPrincipal(ctx, principalId);
|
|
613
|
+
return rows.filter((row) => matchesResolvedScope(row, scopeIds));
|
|
614
|
+
}
|
|
615
|
+
async function bridgeListProjectGrantsByTopicAndGroup(ctx, topicId, groupId) {
|
|
616
|
+
const resolved = await resolveGrantScopeIds(ctx, { topicId });
|
|
617
|
+
const scopeIds = buildScopeMatchers(topicId, resolved);
|
|
618
|
+
const rows = await listProjectGrantsByGroup(ctx, groupId);
|
|
619
|
+
return rows.filter((row) => matchesResolvedScope(row, scopeIds));
|
|
620
|
+
}
|
|
621
|
+
async function bridgeListProjectGrantsByPrincipalStatus(ctx, principalId, status) {
|
|
622
|
+
const rows = await listProjectGrantsByPrincipal(ctx, principalId);
|
|
623
|
+
return rows.filter((row) => row.status === status);
|
|
624
|
+
}
|
|
625
|
+
async function bridgeListProjectGrantsByGroupStatus(ctx, groupId, status) {
|
|
626
|
+
const rows = await listProjectGrantsByGroup(ctx, groupId);
|
|
627
|
+
return rows.filter((row) => row.status === status);
|
|
628
|
+
}
|
|
629
|
+
async function bridgeInsertProjectGrant(ctx, value) {
|
|
630
|
+
const resolved = await resolveGrantScopeIds(ctx, value);
|
|
631
|
+
return await ctx.db.insert("projectGrants", {
|
|
632
|
+
...value,
|
|
633
|
+
...resolved.topicId ? { topicId: resolved.topicId } : {},
|
|
634
|
+
...resolved.projectId ?? resolved.topicId ? { projectId: resolved.projectId ?? resolved.topicId } : {}
|
|
635
|
+
});
|
|
636
|
+
}
|
|
637
|
+
|
|
638
|
+
// ../access-control/src/resolvers.ts
|
|
639
|
+
async function findUserByClerkId(ctx, clerkId) {
|
|
640
|
+
const normalizedClerkId = clerkId.trim();
|
|
641
|
+
if (!normalizedClerkId) {
|
|
642
|
+
return null;
|
|
643
|
+
}
|
|
644
|
+
if (typeof ctx.runQuery === "function") {
|
|
645
|
+
try {
|
|
646
|
+
const bridgedUser = await ctx.runQuery(api.users.getUserByClerkId, {
|
|
647
|
+
clerkId: normalizedClerkId
|
|
648
|
+
});
|
|
649
|
+
if (bridgedUser) {
|
|
650
|
+
return bridgedUser;
|
|
651
|
+
}
|
|
652
|
+
} catch {
|
|
653
|
+
}
|
|
654
|
+
}
|
|
655
|
+
try {
|
|
656
|
+
const users = await ctx.db.query("users").collect();
|
|
657
|
+
return users.find((user) => String(user.clerkId ?? "") === normalizedClerkId) ?? null;
|
|
658
|
+
} catch {
|
|
659
|
+
return null;
|
|
660
|
+
}
|
|
661
|
+
}
|
|
662
|
+
async function findUserByPrincipalId(ctx, principalId) {
|
|
663
|
+
const normalizedPrincipalId = principalId.trim();
|
|
664
|
+
if (!normalizedPrincipalId) {
|
|
665
|
+
return null;
|
|
666
|
+
}
|
|
667
|
+
try {
|
|
668
|
+
const users = await ctx.db.query("users").collect();
|
|
669
|
+
return users.find(
|
|
670
|
+
(user) => String(user.defaultPrincipalId ?? "") === normalizedPrincipalId
|
|
671
|
+
) ?? null;
|
|
672
|
+
} catch {
|
|
673
|
+
return null;
|
|
674
|
+
}
|
|
675
|
+
}
|
|
676
|
+
async function findAgentByPrincipalId(ctx, principalId) {
|
|
677
|
+
const normalizedPrincipalId = principalId.trim();
|
|
678
|
+
if (!normalizedPrincipalId) {
|
|
679
|
+
return null;
|
|
680
|
+
}
|
|
681
|
+
if (typeof ctx.runQuery === "function") {
|
|
682
|
+
try {
|
|
683
|
+
const bridgedAgent = await ctx.runQuery(
|
|
684
|
+
api.agents.getAgentByPrincipalId,
|
|
685
|
+
{
|
|
686
|
+
principalId: normalizedPrincipalId
|
|
687
|
+
}
|
|
688
|
+
);
|
|
689
|
+
if (bridgedAgent) {
|
|
690
|
+
return bridgedAgent;
|
|
691
|
+
}
|
|
692
|
+
} catch {
|
|
693
|
+
}
|
|
694
|
+
}
|
|
695
|
+
try {
|
|
696
|
+
const agents = await ctx.db.query("agents").collect();
|
|
697
|
+
return agents.find(
|
|
698
|
+
(agent) => String(agent.principalId ?? "") === normalizedPrincipalId
|
|
699
|
+
) ?? null;
|
|
700
|
+
} catch {
|
|
701
|
+
return null;
|
|
702
|
+
}
|
|
703
|
+
}
|
|
704
|
+
function defaultResolvers() {
|
|
705
|
+
return {
|
|
706
|
+
async getProject(ctx, topicId) {
|
|
707
|
+
return await resolveTopicProjectOverlay(ctx, topicId, {
|
|
708
|
+
idMode: "legacy",
|
|
709
|
+
projectLikeOnly: false
|
|
710
|
+
});
|
|
711
|
+
},
|
|
712
|
+
async listTopics(ctx) {
|
|
713
|
+
return await listTopicProjectOverlays(ctx, { idMode: "legacy" });
|
|
714
|
+
},
|
|
715
|
+
async listTopicsByOwner(ctx, ownerId) {
|
|
716
|
+
const topics = await listTopicProjectOverlays(ctx, { idMode: "legacy" });
|
|
717
|
+
return topics.filter((topic) => topic.ownerId === ownerId);
|
|
718
|
+
},
|
|
719
|
+
async listTopicsByVisibility(ctx, visibility) {
|
|
720
|
+
const topics = await listTopicProjectOverlays(ctx, { idMode: "legacy" });
|
|
721
|
+
return topics.filter((topic) => topic.visibility === visibility);
|
|
722
|
+
},
|
|
723
|
+
async listProjectGrantsByProjectAndPrincipal(ctx, topicId, principalId) {
|
|
724
|
+
return await bridgeListProjectGrantsByTopicAndPrincipal(
|
|
725
|
+
ctx,
|
|
726
|
+
topicId,
|
|
727
|
+
principalId
|
|
728
|
+
);
|
|
729
|
+
},
|
|
730
|
+
async listProjectGrantsByProjectAndGroup(ctx, topicId, groupId) {
|
|
731
|
+
return await bridgeListProjectGrantsByTopicAndGroup(ctx, topicId, groupId);
|
|
732
|
+
},
|
|
733
|
+
async listProjectGrantsByPrincipalStatus(ctx, principalId, status) {
|
|
734
|
+
return await bridgeListProjectGrantsByPrincipalStatus(
|
|
735
|
+
ctx,
|
|
736
|
+
principalId,
|
|
737
|
+
status
|
|
738
|
+
);
|
|
739
|
+
},
|
|
740
|
+
async listProjectGrantsByGroupStatus(ctx, groupId, status) {
|
|
741
|
+
return await bridgeListProjectGrantsByGroupStatus(ctx, groupId, status);
|
|
742
|
+
},
|
|
743
|
+
async insertProjectGrant(ctx, value) {
|
|
744
|
+
return await bridgeInsertProjectGrant(ctx, value);
|
|
745
|
+
},
|
|
746
|
+
async getAgentByPrincipalId(ctx, principalId) {
|
|
747
|
+
return await findAgentByPrincipalId(ctx, principalId);
|
|
748
|
+
},
|
|
749
|
+
async getUserByClerkId(ctx, clerkId) {
|
|
750
|
+
return await findUserByClerkId(ctx, clerkId);
|
|
751
|
+
},
|
|
752
|
+
async getUserByPrincipalId(ctx, principalId) {
|
|
753
|
+
return await findUserByPrincipalId(ctx, principalId);
|
|
754
|
+
}
|
|
755
|
+
};
|
|
756
|
+
}
|
|
757
|
+
var resolverOverrides = {};
|
|
758
|
+
function resolveAccessControlAppResolvers(_ctx) {
|
|
759
|
+
return {
|
|
760
|
+
...defaultResolvers(),
|
|
761
|
+
...resolverOverrides
|
|
762
|
+
};
|
|
763
|
+
}
|
|
764
|
+
|
|
765
|
+
// ../access-control/src/principalContext.ts
|
|
766
|
+
function requireCanonicalResolvedUser(user, clerkId) {
|
|
767
|
+
const resolved = user;
|
|
768
|
+
if (!resolved) {
|
|
769
|
+
throw new Error(
|
|
770
|
+
`[AccessControl] Canonical user identity required for ${clerkId}. Sync users.upsertUser before user-bound access checks.`
|
|
771
|
+
);
|
|
772
|
+
}
|
|
773
|
+
const { mcRole, defaultTenantId, defaultWorkspaceId, defaultPrincipalId } = resolved;
|
|
774
|
+
if (mcRole !== "platform_admin" && mcRole !== "tenant_admin" && mcRole !== "workspace_admin" && mcRole !== "editor" && mcRole !== "viewer" && mcRole !== "auditor" && mcRole !== "service_agent") {
|
|
775
|
+
throw new Error(
|
|
776
|
+
`[AccessControl] Canonical MC role required for ${clerkId}. Re-sync Master Control identity before user-bound access checks.`
|
|
777
|
+
);
|
|
778
|
+
}
|
|
779
|
+
if (typeof defaultTenantId !== "string" || defaultTenantId.trim().length === 0) {
|
|
780
|
+
throw new Error(
|
|
781
|
+
`[AccessControl] Canonical home tenant required for ${clerkId}. Re-sync Master Control identity before user-bound access checks.`
|
|
782
|
+
);
|
|
783
|
+
}
|
|
784
|
+
if (typeof defaultWorkspaceId !== "string" || defaultWorkspaceId.trim().length === 0) {
|
|
785
|
+
throw new Error(
|
|
786
|
+
`[AccessControl] Canonical home workspace required for ${clerkId}. Re-sync Master Control identity before user-bound access checks.`
|
|
787
|
+
);
|
|
788
|
+
}
|
|
789
|
+
if (typeof defaultPrincipalId !== "string" || defaultPrincipalId.trim().length === 0) {
|
|
790
|
+
throw new Error(
|
|
791
|
+
`[AccessControl] Canonical federated principal required for ${clerkId}. Re-sync Master Control identity before user-bound access checks.`
|
|
792
|
+
);
|
|
793
|
+
}
|
|
794
|
+
return {
|
|
795
|
+
mcRole,
|
|
796
|
+
defaultTenantId: defaultTenantId.trim(),
|
|
797
|
+
defaultWorkspaceId: defaultWorkspaceId.trim(),
|
|
798
|
+
defaultPrincipalId: defaultPrincipalId.trim()
|
|
799
|
+
};
|
|
800
|
+
}
|
|
801
|
+
function isPrincipalIdInput(value) {
|
|
802
|
+
return value.startsWith("user:") || value.startsWith("group:") || value.startsWith("service:") || value.startsWith("agent:") || value.startsWith("external_viewer:");
|
|
803
|
+
}
|
|
804
|
+
async function resolveCanonicalUserRecord(ctx, actorId) {
|
|
805
|
+
const normalizedActorId = actorId.trim();
|
|
806
|
+
const clerkId = isPrincipalIdInput(normalizedActorId) && normalizedActorId.startsWith("user:") ? normalizedActorId.slice("user:".length) : normalizedActorId;
|
|
807
|
+
const resolvers = resolveAccessControlAppResolvers();
|
|
808
|
+
const resolvedByClerkId = await resolvers.getUserByClerkId(ctx, clerkId);
|
|
809
|
+
if (resolvedByClerkId) {
|
|
810
|
+
return {
|
|
811
|
+
resolvedUser: resolvedByClerkId,
|
|
812
|
+
clerkId,
|
|
813
|
+
contextClerkId: clerkId
|
|
814
|
+
};
|
|
815
|
+
}
|
|
816
|
+
const resolvedByPrincipalId = await resolvers.getUserByPrincipalId(
|
|
817
|
+
ctx,
|
|
818
|
+
normalizedActorId
|
|
819
|
+
);
|
|
820
|
+
return {
|
|
821
|
+
resolvedUser: resolvedByPrincipalId ?? null,
|
|
822
|
+
clerkId,
|
|
823
|
+
contextClerkId: normalizedActorId.startsWith("user:") && clerkId.length > 0 ? clerkId : normalizedActorId
|
|
824
|
+
};
|
|
825
|
+
}
|
|
826
|
+
function uniqRoles(roles) {
|
|
827
|
+
const roleSet = /* @__PURE__ */ new Set();
|
|
828
|
+
for (const role of roles) {
|
|
829
|
+
if (role === "platform_admin" || role === "tenant_admin" || role === "workspace_admin" || role === "editor" || role === "viewer" || role === "auditor" || role === "service_agent") {
|
|
830
|
+
roleSet.add(role);
|
|
831
|
+
}
|
|
832
|
+
}
|
|
833
|
+
return [...roleSet];
|
|
834
|
+
}
|
|
835
|
+
function normalizeGroupIds(value) {
|
|
836
|
+
if (!Array.isArray(value)) {
|
|
837
|
+
return [];
|
|
838
|
+
}
|
|
839
|
+
return [...new Set(
|
|
840
|
+
value.filter((entry) => typeof entry === "string").map((entry) => entry.trim()).filter(Boolean)
|
|
841
|
+
)];
|
|
842
|
+
}
|
|
843
|
+
function requireServiceAgentUser(user, actorId) {
|
|
844
|
+
const canonicalUser = requireCanonicalResolvedUser(user, actorId);
|
|
845
|
+
if (canonicalUser.mcRole !== "service_agent") {
|
|
846
|
+
throw new Error(
|
|
847
|
+
`[AccessControl] Canonical service_agent identity required for ${actorId}. Sync users.upsertUser before agent-bound access checks.`
|
|
848
|
+
);
|
|
849
|
+
}
|
|
850
|
+
return canonicalUser;
|
|
851
|
+
}
|
|
852
|
+
function requireCanonicalResolvedAgent(agent, actorId) {
|
|
853
|
+
const resolved = agent;
|
|
854
|
+
if (!resolved) {
|
|
855
|
+
throw new Error(
|
|
856
|
+
`[AccessControl] Agent "${actorId}" not found in agents or users table.`
|
|
857
|
+
);
|
|
858
|
+
}
|
|
859
|
+
if (typeof resolved.principalId !== "string" || resolved.principalId.trim().length === 0) {
|
|
860
|
+
throw new Error(
|
|
861
|
+
`[AccessControl] Canonical agent principalId required for ${actorId}.`
|
|
862
|
+
);
|
|
863
|
+
}
|
|
864
|
+
if (typeof resolved.tenantId !== "string" || resolved.tenantId.trim().length === 0) {
|
|
865
|
+
throw new Error(
|
|
866
|
+
`[AccessControl] Canonical home tenant required for ${actorId}.`
|
|
867
|
+
);
|
|
868
|
+
}
|
|
869
|
+
if (typeof resolved.workspaceId !== "string" || resolved.workspaceId.trim().length === 0) {
|
|
870
|
+
throw new Error(
|
|
871
|
+
`[AccessControl] Canonical home workspace required for ${actorId}.`
|
|
872
|
+
);
|
|
873
|
+
}
|
|
874
|
+
return {
|
|
875
|
+
principalId: resolved.principalId.trim(),
|
|
876
|
+
tenantId: resolved.tenantId.trim(),
|
|
877
|
+
workspaceId: resolved.workspaceId.trim(),
|
|
878
|
+
roles: uniqRoles(Array.isArray(resolved.roles) ? resolved.roles : []) ?? ["service_agent"],
|
|
879
|
+
groupIds: normalizeGroupIds(resolved.groupIds)
|
|
880
|
+
};
|
|
881
|
+
}
|
|
882
|
+
async function resolvePrincipalContext(ctx, actorId) {
|
|
883
|
+
if (actorId.startsWith("agent:")) {
|
|
884
|
+
const resolvers = resolveAccessControlAppResolvers();
|
|
885
|
+
const resolvedAgent = await resolvers.getAgentByPrincipalId(ctx, actorId);
|
|
886
|
+
if (resolvedAgent) {
|
|
887
|
+
const agent = requireCanonicalResolvedAgent(
|
|
888
|
+
resolvedAgent,
|
|
889
|
+
actorId
|
|
890
|
+
);
|
|
891
|
+
return {
|
|
892
|
+
principalId: agent.principalId,
|
|
893
|
+
principalType: "service",
|
|
894
|
+
clerkId: actorId,
|
|
895
|
+
tenantId: agent.tenantId,
|
|
896
|
+
workspaceId: agent.workspaceId,
|
|
897
|
+
roles: agent.roles.length > 0 ? agent.roles : ["service_agent"],
|
|
898
|
+
groupIds: agent.groupIds,
|
|
899
|
+
isPlatformAdmin: false,
|
|
900
|
+
isTenantAdmin: false,
|
|
901
|
+
isWorkspaceAdmin: false,
|
|
902
|
+
isSystemFallback: false
|
|
903
|
+
};
|
|
904
|
+
}
|
|
905
|
+
const resolvedUser2 = await resolvers.getUserByClerkId(
|
|
906
|
+
ctx,
|
|
907
|
+
actorId
|
|
908
|
+
);
|
|
909
|
+
if (!resolvedUser2) {
|
|
910
|
+
throw new Error(
|
|
911
|
+
`[AccessControl] Agent "${actorId}" not found in agents or users table.`
|
|
912
|
+
);
|
|
913
|
+
}
|
|
914
|
+
const user2 = requireServiceAgentUser(
|
|
915
|
+
resolvedUser2,
|
|
916
|
+
actorId
|
|
917
|
+
);
|
|
918
|
+
console.warn(
|
|
919
|
+
`[AccessControl] Deprecated legacy service-agent fallback for ${actorId}; migrate this principal into identity.agents.`
|
|
920
|
+
);
|
|
921
|
+
return {
|
|
922
|
+
principalId: user2.defaultPrincipalId,
|
|
923
|
+
principalType: "service",
|
|
924
|
+
clerkId: actorId,
|
|
925
|
+
tenantId: user2.defaultTenantId,
|
|
926
|
+
workspaceId: user2.defaultWorkspaceId,
|
|
927
|
+
roles: ["service_agent"],
|
|
928
|
+
groupIds: normalizeGroupIds(resolvedUser2?.principalGroupIds),
|
|
929
|
+
isPlatformAdmin: false,
|
|
930
|
+
isTenantAdmin: false,
|
|
931
|
+
isWorkspaceAdmin: false,
|
|
932
|
+
isSystemFallback: false
|
|
933
|
+
};
|
|
934
|
+
}
|
|
935
|
+
const {
|
|
936
|
+
resolvedUser,
|
|
937
|
+
contextClerkId
|
|
938
|
+
} = await resolveCanonicalUserRecord(ctx, actorId);
|
|
939
|
+
const user = requireCanonicalResolvedUser(
|
|
940
|
+
resolvedUser,
|
|
941
|
+
contextClerkId
|
|
942
|
+
);
|
|
943
|
+
if (!user.defaultPrincipalId) {
|
|
944
|
+
throw new Error(
|
|
945
|
+
`[AccessControl] Canonical federated principal required for ${contextClerkId}. Re-sync Master Control identity before user-bound access checks.`
|
|
946
|
+
);
|
|
947
|
+
}
|
|
948
|
+
if (user.mcRole === "service_agent") {
|
|
949
|
+
return {
|
|
950
|
+
principalId: user.defaultPrincipalId,
|
|
951
|
+
principalType: "service",
|
|
952
|
+
clerkId: contextClerkId,
|
|
953
|
+
tenantId: user.defaultTenantId,
|
|
954
|
+
workspaceId: user.defaultWorkspaceId,
|
|
955
|
+
roles: ["service_agent"],
|
|
956
|
+
groupIds: normalizeGroupIds(resolvedUser?.principalGroupIds),
|
|
957
|
+
isPlatformAdmin: false,
|
|
958
|
+
isTenantAdmin: false,
|
|
959
|
+
isWorkspaceAdmin: false,
|
|
960
|
+
isSystemFallback: false
|
|
961
|
+
};
|
|
962
|
+
}
|
|
963
|
+
const principalId = user.defaultPrincipalId;
|
|
964
|
+
const effectiveRole = user.mcRole;
|
|
965
|
+
const roles = effectiveRole === "platform_admin" ? ["platform_admin", "tenant_admin"] : effectiveRole === "tenant_admin" ? ["tenant_admin"] : [effectiveRole];
|
|
966
|
+
const tenantId = user.defaultTenantId;
|
|
967
|
+
const workspaceId = user.defaultWorkspaceId;
|
|
968
|
+
const isPlatformAdmin = effectiveRole === "platform_admin";
|
|
969
|
+
return {
|
|
970
|
+
principalId,
|
|
971
|
+
principalType: "user",
|
|
972
|
+
clerkId: contextClerkId,
|
|
973
|
+
tenantId,
|
|
974
|
+
workspaceId,
|
|
975
|
+
roles: uniqRoles(roles),
|
|
976
|
+
groupIds: normalizeGroupIds(resolvedUser?.principalGroupIds),
|
|
977
|
+
isPlatformAdmin,
|
|
978
|
+
isTenantAdmin: isPlatformAdmin || effectiveRole === "tenant_admin",
|
|
979
|
+
isWorkspaceAdmin: isPlatformAdmin || effectiveRole === "tenant_admin" || effectiveRole === "workspace_admin",
|
|
980
|
+
isSystemFallback: false
|
|
981
|
+
};
|
|
982
|
+
}
|
|
983
|
+
|
|
984
|
+
// ../access-control/src/access.ts
|
|
985
|
+
function isTopicInPrincipalTenant(topic, principalTenantId) {
|
|
986
|
+
if (!topic.tenantId) {
|
|
987
|
+
return false;
|
|
988
|
+
}
|
|
989
|
+
if (!principalTenantId) {
|
|
990
|
+
return false;
|
|
991
|
+
}
|
|
992
|
+
return String(topic.tenantId) === String(principalTenantId);
|
|
993
|
+
}
|
|
994
|
+
function isTopicInPrincipalWorkspace(topic, principalWorkspaceId) {
|
|
995
|
+
if (!topic.workspaceId) {
|
|
996
|
+
return false;
|
|
997
|
+
}
|
|
998
|
+
if (!principalWorkspaceId) {
|
|
999
|
+
return false;
|
|
1000
|
+
}
|
|
1001
|
+
return String(topic.workspaceId) === String(principalWorkspaceId);
|
|
1002
|
+
}
|
|
1003
|
+
function isLegacyUnscopedTopic(topic) {
|
|
1004
|
+
return !topic.tenantId || !topic.workspaceId;
|
|
1005
|
+
}
|
|
1006
|
+
function isGrantScopeAlignedToTopic(topic, grant) {
|
|
1007
|
+
if (topic.tenantId && grant.tenantId && String(topic.tenantId) !== String(grant.tenantId)) {
|
|
1008
|
+
return false;
|
|
1009
|
+
}
|
|
1010
|
+
if (topic.workspaceId && grant.workspaceId && String(topic.workspaceId) !== String(grant.workspaceId)) {
|
|
1011
|
+
return false;
|
|
1012
|
+
}
|
|
1013
|
+
return true;
|
|
1014
|
+
}
|
|
1015
|
+
function isGrantSourceAllowedForVisibility(visibility, source) {
|
|
1016
|
+
if (source !== "external_share") {
|
|
1017
|
+
return true;
|
|
1018
|
+
}
|
|
1019
|
+
return visibility === "external" || visibility === "public";
|
|
1020
|
+
}
|
|
1021
|
+
function isGrantActive(grant) {
|
|
1022
|
+
if (grant.status !== "active") {
|
|
1023
|
+
return false;
|
|
1024
|
+
}
|
|
1025
|
+
if (grant.expiresAt !== void 0 && grant.expiresAt <= Date.now()) {
|
|
1026
|
+
return false;
|
|
1027
|
+
}
|
|
1028
|
+
return true;
|
|
1029
|
+
}
|
|
1030
|
+
async function hasPrincipalGrant(ctx, args) {
|
|
1031
|
+
const grants = await resolveAccessControlAppResolvers().listProjectGrantsByProjectAndPrincipal(
|
|
1032
|
+
ctx,
|
|
1033
|
+
args.topic._id,
|
|
1034
|
+
args.principalId
|
|
1035
|
+
);
|
|
1036
|
+
if (grants.some(
|
|
1037
|
+
(grant) => isGrantActive(grant) && isGrantScopeAlignedToTopic(args.topic, grant) && isGrantSourceAllowedForVisibility(
|
|
1038
|
+
args.topic.visibility,
|
|
1039
|
+
grant.source
|
|
1040
|
+
) && (!args.principalIsExternal || args.topic.visibility === "public" || grant.source === "external_share")
|
|
1041
|
+
)) {
|
|
1042
|
+
return true;
|
|
1043
|
+
}
|
|
1044
|
+
return false;
|
|
1045
|
+
}
|
|
1046
|
+
async function hasGroupGrant(ctx, args) {
|
|
1047
|
+
if (args.groupIds.length === 0) {
|
|
1048
|
+
return false;
|
|
1049
|
+
}
|
|
1050
|
+
for (const groupId of args.groupIds) {
|
|
1051
|
+
const grants = await resolveAccessControlAppResolvers().listProjectGrantsByProjectAndGroup(ctx, args.topic._id, groupId);
|
|
1052
|
+
if (grants.some(
|
|
1053
|
+
(grant) => isGrantActive(grant) && isGrantScopeAlignedToTopic(args.topic, grant) && isGrantSourceAllowedForVisibility(
|
|
1054
|
+
args.topic.visibility,
|
|
1055
|
+
grant.source
|
|
1056
|
+
)
|
|
1057
|
+
)) {
|
|
1058
|
+
return true;
|
|
1059
|
+
}
|
|
1060
|
+
}
|
|
1061
|
+
return false;
|
|
1062
|
+
}
|
|
1063
|
+
function isExternalPrincipal(_ctx, _args) {
|
|
1064
|
+
return false;
|
|
1065
|
+
}
|
|
1066
|
+
async function evaluateTopicAccessDetailed(ctx, args) {
|
|
1067
|
+
if (args.legacyUserId) {
|
|
1068
|
+
return {
|
|
1069
|
+
hasAccess: true,
|
|
1070
|
+
isAdmin: false,
|
|
1071
|
+
isOwner: false,
|
|
1072
|
+
isShared: false,
|
|
1073
|
+
hasGrant: true,
|
|
1074
|
+
isFirmVisible: true,
|
|
1075
|
+
isExternalVisible: false,
|
|
1076
|
+
isPublicVisible: false,
|
|
1077
|
+
isTenantScopeMatch: true,
|
|
1078
|
+
isWorkspaceScopeMatch: true,
|
|
1079
|
+
isPrincipalExternal: false
|
|
1080
|
+
};
|
|
1081
|
+
}
|
|
1082
|
+
const topic = await resolveAccessControlAppResolvers().getProject(
|
|
1083
|
+
ctx,
|
|
1084
|
+
args.topicId
|
|
1085
|
+
);
|
|
1086
|
+
if (!topic) {
|
|
1087
|
+
return {
|
|
1088
|
+
hasAccess: false,
|
|
1089
|
+
isAdmin: false,
|
|
1090
|
+
isOwner: false,
|
|
1091
|
+
isShared: false,
|
|
1092
|
+
hasGrant: false,
|
|
1093
|
+
isFirmVisible: false,
|
|
1094
|
+
isExternalVisible: false,
|
|
1095
|
+
isPublicVisible: false,
|
|
1096
|
+
isTenantScopeMatch: false,
|
|
1097
|
+
isWorkspaceScopeMatch: false,
|
|
1098
|
+
isPrincipalExternal: false
|
|
1099
|
+
};
|
|
1100
|
+
}
|
|
1101
|
+
const { principalContext, legacyUserId } = args;
|
|
1102
|
+
const userIsAdmin = principalContext.isPlatformAdmin;
|
|
1103
|
+
const isOwner = topic.ownerId === legacyUserId;
|
|
1104
|
+
const isShared = (topic.sharedWith ?? []).includes(legacyUserId);
|
|
1105
|
+
const principalIsExternal = await isExternalPrincipal(ctx, {
|
|
1106
|
+
groupIds: principalContext.groupIds,
|
|
1107
|
+
topicTenantId: topic.tenantId,
|
|
1108
|
+
topicWorkspaceId: topic.workspaceId
|
|
1109
|
+
});
|
|
1110
|
+
const hasPrincipalGrantResult = await hasPrincipalGrant(ctx, {
|
|
1111
|
+
topic,
|
|
1112
|
+
principalId: principalContext.principalId,
|
|
1113
|
+
principalIsExternal
|
|
1114
|
+
});
|
|
1115
|
+
const hasGroupGrantResult = await hasGroupGrant(ctx, {
|
|
1116
|
+
topic,
|
|
1117
|
+
groupIds: principalContext.groupIds
|
|
1118
|
+
});
|
|
1119
|
+
const hasGrant = isShared || hasPrincipalGrantResult || hasGroupGrantResult;
|
|
1120
|
+
const legacyUnscoped = isLegacyUnscopedTopic(topic);
|
|
1121
|
+
const tenantScopeMatch = isTopicInPrincipalTenant(
|
|
1122
|
+
topic,
|
|
1123
|
+
principalContext.tenantId
|
|
1124
|
+
);
|
|
1125
|
+
const workspaceScopeMatch = isTopicInPrincipalWorkspace(
|
|
1126
|
+
topic,
|
|
1127
|
+
principalContext.workspaceId
|
|
1128
|
+
);
|
|
1129
|
+
const isPublicVisible = topic.visibility === "public";
|
|
1130
|
+
const isFirmVisible = topic.visibility === "firm" && !legacyUnscoped && tenantScopeMatch && workspaceScopeMatch && !principalIsExternal;
|
|
1131
|
+
const hasScopedGrant = hasGrant && (legacyUnscoped || tenantScopeMatch && workspaceScopeMatch);
|
|
1132
|
+
const isExternalVisible = topic.visibility === "external" && hasScopedGrant;
|
|
1133
|
+
const hasAccess = userIsAdmin || isOwner || hasScopedGrant || isPublicVisible || isFirmVisible;
|
|
1134
|
+
return {
|
|
1135
|
+
hasAccess,
|
|
1136
|
+
isAdmin: userIsAdmin,
|
|
1137
|
+
isOwner,
|
|
1138
|
+
isShared,
|
|
1139
|
+
hasGrant,
|
|
1140
|
+
isFirmVisible,
|
|
1141
|
+
isExternalVisible,
|
|
1142
|
+
isPublicVisible,
|
|
1143
|
+
isTenantScopeMatch: tenantScopeMatch,
|
|
1144
|
+
isWorkspaceScopeMatch: workspaceScopeMatch,
|
|
1145
|
+
isPrincipalExternal: principalIsExternal
|
|
1146
|
+
};
|
|
1147
|
+
}
|
|
1148
|
+
async function checkTopicAccessDetailed(ctx, topicId, userId) {
|
|
1149
|
+
const principalContext = await resolvePrincipalContext(ctx, userId);
|
|
1150
|
+
return evaluateTopicAccessDetailed(ctx, {
|
|
1151
|
+
topicId,
|
|
1152
|
+
legacyUserId: userId,
|
|
1153
|
+
principalContext
|
|
1154
|
+
});
|
|
1155
|
+
}
|
|
1156
|
+
async function checkTopicAccess(ctx, topicId, userId) {
|
|
1157
|
+
const result = await checkTopicAccessDetailed(ctx, topicId, userId);
|
|
1158
|
+
return result.hasAccess;
|
|
1159
|
+
}
|
|
1160
|
+
var checkProjectAccess = checkTopicAccess;
|
|
1161
|
+
var permissiveReturn = v.optional(v.any());
|
|
1162
|
+
var looseJsonObject = v.record(v.string(), v.any());
|
|
1163
|
+
var looseJsonArray = v.array(v.any());
|
|
1164
|
+
v.union(
|
|
1165
|
+
v.string(),
|
|
1166
|
+
v.number(),
|
|
1167
|
+
v.boolean(),
|
|
1168
|
+
v.null(),
|
|
1169
|
+
looseJsonObject,
|
|
1170
|
+
looseJsonArray
|
|
1171
|
+
);
|
|
1172
|
+
|
|
1173
|
+
// src/epistemicLinking.ts
|
|
1174
|
+
var RELATION_TO_EDGE_TYPE = {
|
|
1175
|
+
// Cross-type: Evidence → Belief
|
|
1176
|
+
supports: "informs",
|
|
1177
|
+
// with weight > 0
|
|
1178
|
+
contradicts: "informs",
|
|
1179
|
+
// with weight < 0
|
|
1180
|
+
// Cross-type: Question → Belief
|
|
1181
|
+
tests: "tests",
|
|
1182
|
+
// Cross-type: Evidence → Question
|
|
1183
|
+
answers: "derived_from",
|
|
1184
|
+
partial: "derived_from",
|
|
1185
|
+
// with lower weight
|
|
1186
|
+
context: "derived_from",
|
|
1187
|
+
// with even lower weight
|
|
1188
|
+
// Same-type: Belief ↔ Belief
|
|
1189
|
+
depends_on: "depends_on",
|
|
1190
|
+
reinforces: "supports",
|
|
1191
|
+
parent: "contains",
|
|
1192
|
+
child: "contains",
|
|
1193
|
+
// Same-type: Question ↔ Question
|
|
1194
|
+
prerequisite: "prerequisite_for",
|
|
1195
|
+
parallel: "parallel_to",
|
|
1196
|
+
// Same-type: Evidence ↔ Evidence
|
|
1197
|
+
corroborates: "corroborates",
|
|
1198
|
+
extends: "extends",
|
|
1199
|
+
same_source: "same_source_as",
|
|
1200
|
+
same_theme: "same_theme_as",
|
|
1201
|
+
// Generic
|
|
1202
|
+
adjacent: "related_to",
|
|
1203
|
+
related: "related_to",
|
|
1204
|
+
informs: "informs"
|
|
1205
|
+
};
|
|
1206
|
+
function getEdgeWeight(relation) {
|
|
1207
|
+
switch (relation) {
|
|
1208
|
+
case "supports":
|
|
1209
|
+
case "corroborates":
|
|
1210
|
+
return 0.7;
|
|
1211
|
+
case "contradicts":
|
|
1212
|
+
return -0.7;
|
|
1213
|
+
case "qualifies":
|
|
1214
|
+
case "partial":
|
|
1215
|
+
return 0.4;
|
|
1216
|
+
case "context":
|
|
1217
|
+
case "adjacent":
|
|
1218
|
+
return 0.2;
|
|
1219
|
+
case "depends_on":
|
|
1220
|
+
case "parent":
|
|
1221
|
+
case "prerequisite":
|
|
1222
|
+
return 0.8;
|
|
1223
|
+
case "child":
|
|
1224
|
+
return 0.6;
|
|
1225
|
+
case "parallel":
|
|
1226
|
+
case "extends":
|
|
1227
|
+
case "same_theme":
|
|
1228
|
+
case "same_source":
|
|
1229
|
+
return 0.5;
|
|
1230
|
+
default:
|
|
1231
|
+
return 0.5;
|
|
1232
|
+
}
|
|
1233
|
+
}
|
|
1234
|
+
function buildDeterministicEdgeGlobalId(fromGlobalId, toGlobalId, edgeType) {
|
|
1235
|
+
return `edge_link_${edgeType}_${fromGlobalId}_${toGlobalId}`;
|
|
1236
|
+
}
|
|
1237
|
+
var linkBeliefToBelief = mutation({
|
|
1238
|
+
args: {
|
|
1239
|
+
fromBeliefId: v.id("epistemicNodes"),
|
|
1240
|
+
toBeliefId: v.id("epistemicNodes"),
|
|
1241
|
+
relation: v.string(),
|
|
1242
|
+
// "depends_on" | "supports" | "contains" | "contradicts" | "adjacent"
|
|
1243
|
+
userId: v.string(),
|
|
1244
|
+
rationale: v.optional(v.string())
|
|
1245
|
+
},
|
|
1246
|
+
returns: permissiveReturn,
|
|
1247
|
+
handler: async (ctx, args) => {
|
|
1248
|
+
const fromBelief = await ctx.db.get(args.fromBeliefId);
|
|
1249
|
+
const toBelief = await ctx.db.get(args.toBeliefId);
|
|
1250
|
+
if (!fromBelief || !toBelief || fromBelief.nodeType !== "belief" || toBelief.nodeType !== "belief") {
|
|
1251
|
+
throw new Error("One or both beliefs not found");
|
|
1252
|
+
}
|
|
1253
|
+
if (fromBelief.projectId) {
|
|
1254
|
+
const hasAccess = await checkProjectAccess(
|
|
1255
|
+
ctx,
|
|
1256
|
+
fromBelief.projectId,
|
|
1257
|
+
args.userId
|
|
1258
|
+
);
|
|
1259
|
+
if (!hasAccess) {
|
|
1260
|
+
throw new Error("No permission to link these beliefs");
|
|
1261
|
+
}
|
|
1262
|
+
}
|
|
1263
|
+
const fromNode = fromBelief;
|
|
1264
|
+
const toNode = toBelief;
|
|
1265
|
+
if (fromNode && toNode) {
|
|
1266
|
+
const edgeType = RELATION_TO_EDGE_TYPE[args.relation] || "related_to";
|
|
1267
|
+
const weight = getEdgeWeight(args.relation);
|
|
1268
|
+
const fromLayer = fromNode.epistemicLayer || getNodeLayer(fromNode.nodeType);
|
|
1269
|
+
const toLayer = toNode.epistemicLayer || getNodeLayer(toNode.nodeType);
|
|
1270
|
+
const validation = validateEdgeLayers(edgeType, fromLayer, toLayer);
|
|
1271
|
+
if (!validation.valid) {
|
|
1272
|
+
console.warn(
|
|
1273
|
+
`[EpistemicLinking] Invalid edge blocked: ${validation.reason}`
|
|
1274
|
+
);
|
|
1275
|
+
} else if (isDeprecatedEdgeType(edgeType)) {
|
|
1276
|
+
console.error(
|
|
1277
|
+
`[EpistemicLinking] FORBIDDEN edge type '${edgeType}' blocked. Use compliant edge types.`
|
|
1278
|
+
);
|
|
1279
|
+
} else {
|
|
1280
|
+
const edgeGlobalId = buildDeterministicEdgeGlobalId(
|
|
1281
|
+
fromNode.globalId,
|
|
1282
|
+
toNode.globalId,
|
|
1283
|
+
edgeType
|
|
1284
|
+
);
|
|
1285
|
+
await ctx.scheduler.runAfter(0, internal.neo4jEdgeAPI.createEdge, {
|
|
1286
|
+
globalId: edgeGlobalId,
|
|
1287
|
+
fromGlobalId: fromNode.globalId,
|
|
1288
|
+
toGlobalId: toNode.globalId,
|
|
1289
|
+
edgeType,
|
|
1290
|
+
weight,
|
|
1291
|
+
context: args.rationale || `Linked as ${args.relation}`,
|
|
1292
|
+
topicId: fromBelief.projectId ? String(fromBelief.projectId) : void 0,
|
|
1293
|
+
createdBy: args.userId,
|
|
1294
|
+
fromNodeType: "belief",
|
|
1295
|
+
toNodeType: "belief",
|
|
1296
|
+
fromLayer,
|
|
1297
|
+
toLayer
|
|
1298
|
+
});
|
|
1299
|
+
}
|
|
1300
|
+
}
|
|
1301
|
+
return { success: true };
|
|
1302
|
+
}
|
|
1303
|
+
});
|
|
1304
|
+
var linkQuestionToQuestion = mutation({
|
|
1305
|
+
args: {
|
|
1306
|
+
fromQuestionId: v.id("epistemicNodes"),
|
|
1307
|
+
toQuestionId: v.id("epistemicNodes"),
|
|
1308
|
+
relation: v.string(),
|
|
1309
|
+
// "parent" | "child" | "prerequisite" | "parallel" | "contradicts" | "adjacent"
|
|
1310
|
+
userId: v.string(),
|
|
1311
|
+
rationale: v.optional(v.string())
|
|
1312
|
+
},
|
|
1313
|
+
returns: permissiveReturn,
|
|
1314
|
+
handler: async (_ctx, _args) => {
|
|
1315
|
+
console.log(
|
|
1316
|
+
"[EpistemicLinking] Question-to-question linking is deprecated and disabled."
|
|
1317
|
+
);
|
|
1318
|
+
return { success: true, deprecated: true };
|
|
1319
|
+
}
|
|
1320
|
+
});
|
|
1321
|
+
var linkEvidenceToEvidence = mutation({
|
|
1322
|
+
args: {
|
|
1323
|
+
fromInsightId: v.id("epistemicNodes"),
|
|
1324
|
+
toInsightId: v.id("epistemicNodes"),
|
|
1325
|
+
relation: v.string(),
|
|
1326
|
+
// "corroborates" | "contradicts" | "extends" | "same_source" | "same_theme" | "adjacent"
|
|
1327
|
+
userId: v.string(),
|
|
1328
|
+
rationale: v.optional(v.string())
|
|
1329
|
+
},
|
|
1330
|
+
returns: permissiveReturn,
|
|
1331
|
+
handler: async (ctx, args) => {
|
|
1332
|
+
const fromInsight = await ctx.db.get(args.fromInsightId);
|
|
1333
|
+
const toInsight = await ctx.db.get(args.toInsightId);
|
|
1334
|
+
if (!fromInsight || !toInsight) {
|
|
1335
|
+
throw new Error("One or both insights not found");
|
|
1336
|
+
}
|
|
1337
|
+
if (fromInsight.projectId) {
|
|
1338
|
+
const hasAccess = await checkProjectAccess(
|
|
1339
|
+
ctx,
|
|
1340
|
+
fromInsight.projectId,
|
|
1341
|
+
args.userId
|
|
1342
|
+
);
|
|
1343
|
+
if (!hasAccess) {
|
|
1344
|
+
throw new Error("No permission to link these evidence items");
|
|
1345
|
+
}
|
|
1346
|
+
}
|
|
1347
|
+
const fromNode = fromInsight.nodeType === "evidence" ? fromInsight : null;
|
|
1348
|
+
const toNode = toInsight.nodeType === "evidence" ? toInsight : null;
|
|
1349
|
+
if (fromNode && toNode) {
|
|
1350
|
+
const edgeType = RELATION_TO_EDGE_TYPE[args.relation] || "related_to";
|
|
1351
|
+
const weight = getEdgeWeight(args.relation);
|
|
1352
|
+
const fromLayer = fromNode.epistemicLayer || getNodeLayer(fromNode.nodeType);
|
|
1353
|
+
const toLayer = toNode.epistemicLayer || getNodeLayer(toNode.nodeType);
|
|
1354
|
+
const validation = validateEdgeLayers(edgeType, fromLayer, toLayer);
|
|
1355
|
+
if (!validation.valid) {
|
|
1356
|
+
console.warn(
|
|
1357
|
+
`[EpistemicLinking] Invalid edge blocked: ${validation.reason}`
|
|
1358
|
+
);
|
|
1359
|
+
} else if (isDeprecatedEdgeType(edgeType)) {
|
|
1360
|
+
console.error(
|
|
1361
|
+
`[EpistemicLinking] FORBIDDEN edge type '${edgeType}' blocked. Use compliant edge types.`
|
|
1362
|
+
);
|
|
1363
|
+
} else {
|
|
1364
|
+
const edgeGlobalId = buildDeterministicEdgeGlobalId(
|
|
1365
|
+
fromNode.globalId,
|
|
1366
|
+
toNode.globalId,
|
|
1367
|
+
edgeType
|
|
1368
|
+
);
|
|
1369
|
+
await ctx.scheduler.runAfter(0, internal.neo4jEdgeAPI.createEdge, {
|
|
1370
|
+
globalId: edgeGlobalId,
|
|
1371
|
+
fromGlobalId: fromNode.globalId,
|
|
1372
|
+
toGlobalId: toNode.globalId,
|
|
1373
|
+
edgeType,
|
|
1374
|
+
weight,
|
|
1375
|
+
context: args.rationale || `Linked as ${args.relation}`,
|
|
1376
|
+
topicId: fromInsight.projectId ? String(fromInsight.projectId) : void 0,
|
|
1377
|
+
createdBy: args.userId,
|
|
1378
|
+
fromNodeType: "evidence",
|
|
1379
|
+
toNodeType: "evidence",
|
|
1380
|
+
fromLayer,
|
|
1381
|
+
toLayer
|
|
1382
|
+
});
|
|
1383
|
+
}
|
|
1384
|
+
}
|
|
1385
|
+
return { success: true };
|
|
1386
|
+
}
|
|
1387
|
+
});
|
|
1388
|
+
|
|
1389
|
+
export { linkBeliefToBelief, linkEvidenceToEvidence, linkQuestionToQuestion };
|
|
1390
|
+
//# sourceMappingURL=epistemicLinking.js.map
|
|
1391
|
+
//# sourceMappingURL=epistemicLinking.js.map
|