@okrlinkhub/agent-bridge 0.1.0 → 2.0.0

package/dist/component/permissions.js

@@ -1,241 +1,118 @@
 import { v } from "convex/values";
-import { mutation, query, internalQuery } from "./_generated/server.js";
-// --- Permission result type ---
-const permissionResultValidator = v.object({
+import { mutation, query } from "./_generated/server.js";
+import { patternMatchesAvailableFunctions } from "./agentBridgeUtils.js";
+const permissionRuleValidator = v.object({
+    pattern: v.string(),
     permission: v.union(v.literal("allow"), v.literal("deny"), v.literal("rate_limited")),
     rateLimitConfig: v.optional(v.object({
         requestsPerHour: v.number(),
-        tokenBudget: v.number(),
+        tokenBudget: v.optional(v.number()),
     })),
-    matchedPattern: v.optional(v.string()),
 });
-// --- Pattern matching utilities ---
-/**
- * Calculate specificity score for a pattern.
- * More specific patterns (longer fixed prefix before the first wildcard)
- * get higher scores.
- */
-function patternSpecificity(pattern) {
-    const wildcardIndex = pattern.indexOf("*");
-    if (wildcardIndex === -1)
-        return pattern.length;
-    return wildcardIndex;
-}
-/**
- * Check if a function name matches a permission pattern.
- * Supports "*" as a wildcard that matches any characters.
- * Examples: "okr:*" matches "okr:getObjectives", "*" matches anything.
- */
-function matchesPattern(functionName, pattern) {
-    if (pattern === "*")
-        return true;
-    // Escape regex special chars except *, then replace * with .*
-    const escaped = pattern.replace(/[.+?^${}()|[\]\\]/g, "\\$&");
-    const regexStr = "^" + escaped.replace(/\*/g, ".*") + "$";
-    const regex = new RegExp(regexStr);
-    return regex.test(functionName);
-}
-// --- Public functions ---
-/**
- * Set a permission for an agent on a specific app.
- * If a permission with the same agentId + appName + functionPattern exists, it is updated.
- */
-export const setPermission = mutation({
+export const setAgentPermissions = mutation({
     args: {
-        agentId: v.string(),
-        appName: v.string(),
-        functionPattern: v.string(),
-        permission: v.union(v.literal("allow"), v.literal("deny"), v.literal("rate_limited")),
-        rateLimitConfig: v.optional(v.object({
-            requestsPerHour: v.number(),
-            tokenBudget: v.number(),
-        })),
-        createdBy: v.string(),
+        agentId: v.id("agents"),
+        rules: v.array(permissionRuleValidator),
+        availableFunctionKeys: v.array(v.string()),
     },
-    returns: v.string(),
+    returns: v.number(),
     handler: async (ctx, args) => {
-        // Check for existing permission with same pattern
-        const existing = await ctx.db
-            .query("functionPermissions")
-            .withIndex("by_agent_and_app", (q) => q.eq("agentId", args.agentId).eq("appName", args.appName))
-            .collect();
-        const match = existing.find((p) => p.functionPattern === args.functionPattern);
-        if (match) {
-            await ctx.db.patch(match._id, {
-                permission: args.permission,
-                rateLimitConfig: args.rateLimitConfig,
-                createdBy: args.createdBy,
-                createdAt: Date.now(),
-            });
-            return match._id;
+        for (const rule of args.rules) {
+            const isValid = patternMatchesAvailableFunctions(rule.pattern, args.availableFunctionKeys);
+            if (!isValid) {
+                throw new Error(`Pattern "${rule.pattern}" does not match any configured function`);
+            }
         }
-        const id = await ctx.db.insert("functionPermissions", {
-            agentId: args.agentId,
-            appName: args.appName,
-            functionPattern: args.functionPattern,
-            permission: args.permission,
-            rateLimitConfig: args.rateLimitConfig,
-            createdAt: Date.now(),
-            createdBy: args.createdBy,
-        });
-        return id;
-    },
-});
-/**
- * Remove a specific permission.
- */
-export const removePermission = mutation({
-    args: {
-        agentId: v.string(),
-        appName: v.string(),
-        functionPattern: v.string(),
-    },
-    returns: v.boolean(),
-    handler: async (ctx, args) => {
-        const perms = await ctx.db
-            .query("functionPermissions")
-            .withIndex("by_agent_and_app", (q) => q.eq("agentId", args.agentId).eq("appName", args.appName))
-            .collect();
-        const match = perms.find((p) => p.functionPattern === args.functionPattern);
-        if (!match)
-            return false;
-        await ctx.db.delete(match._id);
-        return true;
-    },
-});
-/**
- * Check permission for a specific function call.
- * Applies pattern matching with specificity ordering (most specific pattern wins).
- * Default: deny if no matching pattern is found.
- */
-export const checkPermission = query({
-    args: {
-        agentId: v.string(),
-        appName: v.string(),
-        functionName: v.string(),
-    },
-    returns: permissionResultValidator,
-    handler: async (ctx, args) => {
-        const permissions = await ctx.db
-            .query("functionPermissions")
-            .withIndex("by_agent_and_app", (q) => q.eq("agentId", args.agentId).eq("appName", args.appName))
+        const existingRules = await ctx.db
+            .query("agentPermissions")
+            .withIndex("by_agentId", (q) => q.eq("agentId", args.agentId))
             .collect();
-        // Find all matching patterns and sort by specificity (most specific first)
-        const matches = permissions
-            .filter((p) => matchesPattern(args.functionName, p.functionPattern))
-            .sort((a, b) => patternSpecificity(b.functionPattern) -
-            patternSpecificity(a.functionPattern));
-        if (matches.length === 0) {
-            // Default: deny
-            return { permission: "deny" };
+        for (const existingRule of existingRules) {
+            await ctx.db.delete(existingRule._id);
+        }
+        for (const rule of args.rules) {
+            await ctx.db.insert("agentPermissions", {
+                agentId: args.agentId,
+                functionPattern: rule.pattern,
+                permission: rule.permission,
+                rateLimitConfig: rule.rateLimitConfig,
+                updatedAt: Date.now(),
+            });
         }
-        // Most specific pattern wins
-        const best = matches[0];
-        return {
-            permission: best.permission,
-            rateLimitConfig: best.rateLimitConfig,
-            matchedPattern: best.functionPattern,
-        };
+        return args.rules.length;
     },
 });
-/**
- * List all permissions for an agent on a specific app.
- */
-export const listPermissions = query({
+export const listAgentPermissions = query({
     args: {
-        agentId: v.string(),
-        appName: v.string(),
+        agentId: v.id("agents"),
     },
     returns: v.array(v.object({
         functionPattern: v.string(),
         permission: v.union(v.literal("allow"), v.literal("deny"), v.literal("rate_limited")),
         rateLimitConfig: v.optional(v.object({
             requestsPerHour: v.number(),
-            tokenBudget: v.number(),
+            tokenBudget: v.optional(v.number()),
         })),
-        createdAt: v.number(),
-        createdBy: v.string(),
+        updatedAt: v.number(),
     })),
     handler: async (ctx, args) => {
-        const perms = await ctx.db
-            .query("functionPermissions")
-            .withIndex("by_agent_and_app", (q) => q.eq("agentId", args.agentId).eq("appName", args.appName))
+        const rules = await ctx.db
+            .query("agentPermissions")
+            .withIndex("by_agentId", (q) => q.eq("agentId", args.agentId))
             .collect();
-        return perms.map((p) => ({
-            functionPattern: p.functionPattern,
-            permission: p.permission,
-            rateLimitConfig: p.rateLimitConfig,
-            createdAt: p.createdAt,
-            createdBy: p.createdBy,
+        return rules.map((rule) => ({
+            functionPattern: rule.functionPattern,
+            permission: rule.permission,
+            rateLimitConfig: rule.rateLimitConfig,
+            updatedAt: rule.updatedAt,
         }));
     },
 });
-/**
- * Remove all permissions for a specific agent on a specific app.
- */
-export const clearPermissions = mutation({
+export const setFunctionOverrides = mutation({
     args: {
-        agentId: v.string(),
-        appName: v.string(),
+        overrides: v.array(v.object({
+            key: v.string(),
+            enabled: v.boolean(),
+            globalRateLimit: v.optional(v.number()),
+        })),
+        availableFunctionKeys: v.array(v.string()),
     },
     returns: v.number(),
     handler: async (ctx, args) => {
-        const perms = await ctx.db
-            .query("functionPermissions")
-            .withIndex("by_agent_and_app", (q) => q.eq("agentId", args.agentId).eq("appName", args.appName))
-            .collect();
-        for (const perm of perms) {
-            await ctx.db.delete(perm._id);
+        for (const override of args.overrides) {
+            if (!args.availableFunctionKeys.includes(override.key)) {
+                throw new Error(`Function "${override.key}" is not exposed in config`);
+            }
+            const existing = await ctx.db
+                .query("agentFunctions")
+                .withIndex("by_key", (q) => q.eq("key", override.key))
+                .unique();
+            if (existing) {
+                await ctx.db.patch(existing._id, {
+                    enabled: override.enabled,
+                    globalRateLimit: override.globalRateLimit,
+                });
+            }
+            else {
+                await ctx.db.insert("agentFunctions", {
+                    key: override.key,
+                    enabled: override.enabled,
+                    globalRateLimit: override.globalRateLimit,
+                });
+            }
         }
-        return perms.length;
+        return args.overrides.length;
     },
 });
-/**
- * Debug helper: show permission matching for a specific function call.
- */
-export const debugMatchPermission = query({
-    args: {
-        agentId: v.string(),
-        appName: v.string(),
-        functionName: v.string(),
-    },
-    returns: v.object({
-        functionName: v.string(),
-        permissions: v.array(v.object({
-            functionPattern: v.string(),
-            permission: v.union(v.literal("allow"), v.literal("deny"), v.literal("rate_limited")),
-            specificity: v.number(),
-        })),
-        matches: v.array(v.object({
-            functionPattern: v.string(),
-            permission: v.union(v.literal("allow"), v.literal("deny"), v.literal("rate_limited")),
-            specificity: v.number(),
-        })),
-        bestMatch: v.optional(v.object({
-            functionPattern: v.string(),
-            permission: v.union(v.literal("allow"), v.literal("deny"), v.literal("rate_limited")),
-            specificity: v.number(),
-        })),
-    }),
-    handler: async (ctx, args) => {
-        const permissions = await ctx.db
-            .query("functionPermissions")
-            .withIndex("by_agent_and_app", (q) => q.eq("agentId", args.agentId).eq("appName", args.appName))
-            .collect();
-        const withSpecificity = permissions.map((p) => ({
-            functionPattern: p.functionPattern,
-            permission: p.permission,
-            specificity: patternSpecificity(p.functionPattern),
-        }));
-        const matches = withSpecificity
-            .filter((p) => matchesPattern(args.functionName, p.functionPattern))
-            .sort((a, b) => b.specificity - a.specificity);
-        return {
-            functionName: args.functionName,
-            permissions: withSpecificity,
-            matches,
-            bestMatch: matches[0],
-        };
+export const listFunctionOverrides = query({
+    args: {},
+    returns: v.array(v.object({
+        key: v.string(),
+        enabled: v.boolean(),
+        globalRateLimit: v.optional(v.number()),
+    })),
+    handler: async (ctx) => {
+        return await ctx.db.query("agentFunctions").collect();
     },
 });
 //# sourceMappingURL=permissions.js.map

package/dist/component/permissions.js.map

@@ -1 +1 @@
-{"version":3,"file":"permissions.js","sourceRoot":"","sources":["../../src/component/permissions.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,eAAe,CAAC;AAClC,OAAO,EAAE,QAAQ,EAAE,KAAK,EAAE,aAAa,EAAE,MAAM,wBAAwB,CAAC;AAExE,iCAAiC;AAEjC,MAAM,yBAAyB,GAAG,CAAC,CAAC,MAAM,CAAC;IACzC,UAAU,EAAE,CAAC,CAAC,KAAK,CACjB,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,EAClB,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,EACjB,CAAC,CAAC,OAAO,CAAC,cAAc,CAAC,CAC1B;IACD,eAAe,EAAE,CAAC,CAAC,QAAQ,CACzB,CAAC,CAAC,MAAM,CAAC;QACP,eAAe,EAAE,CAAC,CAAC,MAAM,EAAE;QAC3B,WAAW,EAAE,CAAC,CAAC,MAAM,EAAE;KACxB,CAAC,CACH;IACD,cAAc,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;CACvC,CAAC,CAAC;AAEH,qCAAqC;AAErC;;;;GAIG;AACH,SAAS,kBAAkB,CAAC,OAAe;IACzC,MAAM,aAAa,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;IAC3C,IAAI,aAAa,KAAK,CAAC,CAAC;QAAE,OAAO,OAAO,CAAC,MAAM,CAAC;IAChD,OAAO,aAAa,CAAC;AACvB,CAAC;AAED;;;;GAIG;AACH,SAAS,cAAc,CAAC,YAAoB,EAAE,OAAe;IAC3D,IAAI,OAAO,KAAK,GAAG;QAAE,OAAO,IAAI,CAAC;IACjC,8DAA8D;IAC9D,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,oBAAoB,EAAE,MAAM,CAAC,CAAC;IAC9D,MAAM,QAAQ,GAAG,GAAG,GAAG,OAAO,CAAC,OAAO,CAAC,KAAK,EAAE,IAAI,CAAC,GAAG,GAAG,CAAC;IAC1D,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,QAAQ,CAAC,CAAC;IACnC,OAAO,KAAK,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;AAClC,CAAC;AAED,2BAA2B;AAE3B;;;GAGG;AACH,MAAM,CAAC,MAAM,aAAa,GAAG,QAAQ,CAAC;IACpC,IAAI,EAAE;QACJ,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE;QACnB,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE;QACnB,eAAe,EAAE,CAAC,CAAC,MAAM,EAAE;QAC3B,UAAU,EAAE,CAAC,CAAC,KAAK,CACjB,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,EAClB,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,EACjB,CAAC,CAAC,OAAO,CAAC,cAAc,CAAC,CAC1B;QACD,eAAe,EAAE,CAAC,CAAC,QAAQ,CACzB,CAAC,CAAC,MAAM,CAAC;YACP,eAAe,EAAE,CAAC,CAAC,MAAM,EAAE;YAC3B,WAAW,EAAE,CAAC,CAAC,MAAM,EAAE;SACxB,CAAC,CACH;QACD,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE;KACtB;IACD,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE;IACnB,OAAO,EAAE,KAAK,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;QAC3B,kDAAkD;QAClD,MAAM,QAAQ,GAAG,MAAM,GAAG,CAAC,EAAE;aAC1B,KAAK,CAAC,qBAAqB,CAAC;aAC5B,SAAS,CAAC,kBAAkB,EAAE,CAAC,CAAC,EAAE,EAAE,CACnC,CAAC,CAAC,EAAE,CAAC,SAAS,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC,EAAE,CAAC,SAAS,EAAE,IAAI,CAAC,OAAO,CAAC,CAC1D;aACA,OAAO,EAAE,CAAC;QAEb,MAAM,KAAK,GAAG,QAAQ,CAAC,IAAI,CACzB,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,eAAe,KAAK,IAAI,CAAC,eAAe,CAClD,CAAC;QAEF,IAAI,KAAK,EAAE,CAAC;YACV,MAAM,GAAG,CAAC,EAAE,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,EAAE;gBAC5B,UAAU,EAAE,IAAI,CAAC,UAAU;gBAC3B,eAAe,EAAE,IAAI,CAAC,eAAe;gBACrC,SAAS,EAAE,IAAI,CAAC,SAAS;gBACzB,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;aACtB,CAAC,CAAC;YACH,OAAO,KAAK,CAAC,GAAG,CAAC;QACnB,CAAC;QAED,MAAM,EAAE,GAAG,MAAM,GAAG,CAAC,EAAE,CAAC,MAAM,CAAC,qBAAqB,EAAE;YACpD,OAAO,EAAE,IAAI,CAAC,OAAO;YACrB,OAAO,EAAE,IAAI,CAAC,OAAO;YACrB,eAAe,EAAE,IAAI,CAAC,eAAe;YACrC,UAAU,EAAE,IAAI,CAAC,UAAU;YAC3B,eAAe,EAAE,IAAI,CAAC,eAAe;YACrC,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;YACrB,SAAS,EAAE,IAAI,CAAC,SAAS;SAC1B,CAAC,CAAC;QACH,OAAO,EAAE,CAAC;IACZ,CAAC;CACF,CAAC,CAAC;AAEH;;GAEG;AACH,MAAM,CAAC,MAAM,gBAAgB,GAAG,QAAQ,CAAC;IACvC,IAAI,EAAE;QACJ,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE;QACnB,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE;QACnB,eAAe,EAAE,CAAC,CAAC,MAAM,EAAE;KAC5B;IACD,OAAO,EAAE,CAAC,CAAC,OAAO,EAAE;IACpB,OAAO,EAAE,KAAK,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;QAC3B,MAAM,KAAK,GAAG,MAAM,GAAG,CAAC,EAAE;aACvB,KAAK,CAAC,qBAAqB,CAAC;aAC5B,SAAS,CAAC,kBAAkB,EAAE,CAAC,CAAC,EAAE,EAAE,CACnC,CAAC,CAAC,EAAE,CAAC,SAAS,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC,EAAE,CAAC,SAAS,EAAE,IAAI,CAAC,OAAO,CAAC,CAC1D;aACA,OAAO,EAAE,CAAC;QAEb,MAAM,KAAK,GAAG,KAAK,CAAC,IAAI,CACtB,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,eAAe,KAAK,IAAI,CAAC,eAAe,CAClD,CAAC;QAEF,IAAI,CAAC,KAAK;YAAE,OAAO,KAAK,CAAC;QAEzB,MAAM,GAAG,CAAC,EAAE,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAC/B,OAAO,IAAI,CAAC;IACd,CAAC;CACF,CAAC,CAAC;AAEH;;;;GAIG;AACH,MAAM,CAAC,MAAM,eAAe,GAAG,KAAK,CAAC;IACnC,IAAI,EAAE;QACJ,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE;QACnB,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE;QACnB,YAAY,EAAE,CAAC,CAAC,MAAM,EAAE;KACzB;IACD,OAAO,EAAE,yBAAyB;IAClC,OAAO,EAAE,KAAK,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;QAC3B,MAAM,WAAW,GAAG,MAAM,GAAG,CAAC,EAAE;aAC7B,KAAK,CAAC,qBAAqB,CAAC;aAC5B,SAAS,CAAC,kBAAkB,EAAE,CAAC,CAAC,EAAE,EAAE,CACnC,CAAC,CAAC,EAAE,CAAC,SAAS,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC,EAAE,CAAC,SAAS,EAAE,IAAI,CAAC,OAAO,CAAC,CAC1D;aACA,OAAO,EAAE,CAAC;QAEb,2EAA2E;QAC3E,MAAM,OAAO,GAAG,WAAW;aACxB,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,cAAc,CAAC,IAAI,CAAC,YAAY,EAAE,CAAC,CAAC,eAAe,CAAC,CAAC;aACnE,IAAI,CACH,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CACP,kBAAkB,CAAC,CAAC,CAAC,eAAe,CAAC;YACrC,kBAAkB,CAAC,CAAC,CAAC,eAAe,CAAC,CACxC,CAAC;QAEJ,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACzB,gBAAgB;YAChB,OAAO,EAAE,UAAU,EAAE,MAAe,EAAE,CAAC;QACzC,CAAC;QAED,6BAA6B;QAC7B,MAAM,IAAI,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC;QACxB,OAAO;YACL,UAAU,EAAE,IAAI,CAAC,UAAU;YAC3B,eAAe,EAAE,IAAI,CAAC,eAAe;YACrC,cAAc,EAAE,IAAI,CAAC,eAAe;SACrC,CAAC;IACJ,CAAC;CACF,CAAC,CAAC;AAEH;;GAEG;AACH,MAAM,CAAC,MAAM,eAAe,GAAG,KAAK,CAAC;IACnC,IAAI,EAAE;QACJ,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE;QACnB,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE;KACpB;IACD,OAAO,EAAE,CAAC,CAAC,KAAK,CACd,CAAC,CAAC,MAAM,CAAC;QACP,eAAe,EAAE,CAAC,CAAC,MAAM,EAAE;QAC3B,UAAU,EAAE,CAAC,CAAC,KAAK,CACjB,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,EAClB,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,EACjB,CAAC,CAAC,OAAO,CAAC,cAAc,CAAC,CAC1B;QACD,eAAe,EAAE,CAAC,CAAC,QAAQ,CACzB,CAAC,CAAC,MAAM,CAAC;YACP,eAAe,EAAE,CAAC,CAAC,MAAM,EAAE;YAC3B,WAAW,EAAE,CAAC,CAAC,MAAM,EAAE;SACxB,CAAC,CACH;QACD,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE;QACrB,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE;KACtB,CAAC,CACH;IACD,OAAO,EAAE,KAAK,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;QAC3B,MAAM,KAAK,GAAG,MAAM,GAAG,CAAC,EAAE;aACvB,KAAK,CAAC,qBAAqB,CAAC;aAC5B,SAAS,CAAC,kBAAkB,EAAE,CAAC,CAAC,EAAE,EAAE,CACnC,CAAC,CAAC,EAAE,CAAC,SAAS,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC,EAAE,CAAC,SAAS,EAAE,IAAI,CAAC,OAAO,CAAC,CAC1D;aACA,OAAO,EAAE,CAAC;QAEb,OAAO,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACvB,eAAe,EAAE,CAAC,CAAC,eAAe;YAClC,UAAU,EAAE,CAAC,CAAC,UAAU;YACxB,eAAe,EAAE,CAAC,CAAC,eAAe;YAClC,SAAS,EAAE,CAAC,CAAC,SAAS;YACtB,SAAS,EAAE,CAAC,CAAC,SAAS;SACvB,CAAC,CAAC,CAAC;IACN,CAAC;CACF,CAAC,CAAC;AAEH;;GAEG;AACH,MAAM,CAAC,MAAM,gBAAgB,GAAG,QAAQ,CAAC;IACvC,IAAI,EAAE;QACJ,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE;QACnB,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE;KACpB;IACD,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE;IACnB,OAAO,EAAE,KAAK,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;QAC3B,MAAM,KAAK,GAAG,MAAM,GAAG,CAAC,EAAE;aACvB,KAAK,CAAC,qBAAqB,CAAC;aAC5B,SAAS,CAAC,kBAAkB,EAAE,CAAC,CAAC,EAAE,EAAE,CACnC,CAAC,CAAC,EAAE,CAAC,SAAS,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC,EAAE,CAAC,SAAS,EAAE,IAAI,CAAC,OAAO,CAAC,CAC1D;aACA,OAAO,EAAE,CAAC;QAEb,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,MAAM,GAAG,CAAC,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAChC,CAAC;QAED,OAAO,KAAK,CAAC,MAAM,CAAC;IACtB,CAAC;CACF,CAAC,CAAC;AAEH;;GAEG;AACH,MAAM,CAAC,MAAM,oBAAoB,GAAG,KAAK,CAAC;IACxC,IAAI,EAAE;QACJ,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE;QACnB,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE;QACnB,YAAY,EAAE,CAAC,CAAC,MAAM,EAAE;KACzB;IACD,OAAO,EAAE,CAAC,CAAC,MAAM,CAAC;QAChB,YAAY,EAAE,CAAC,CAAC,MAAM,EAAE;QACxB,WAAW,EAAE,CAAC,CAAC,KAAK,CAClB,CAAC,CAAC,MAAM,CAAC;YACP,eAAe,EAAE,CAAC,CAAC,MAAM,EAAE;YAC3B,UAAU,EAAE,CAAC,CAAC,KAAK,CACjB,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,EAClB,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,EACjB,CAAC,CAAC,OAAO,CAAC,cAAc,CAAC,CAC1B;YACD,WAAW,EAAE,CAAC,CAAC,MAAM,EAAE;SACxB,CAAC,CACH;QACD,OAAO,EAAE,CAAC,CAAC,KAAK,CACd,CAAC,CAAC,MAAM,CAAC;YACP,eAAe,EAAE,CAAC,CAAC,MAAM,EAAE;YAC3B,UAAU,EAAE,CAAC,CAAC,KAAK,CACjB,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,EAClB,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,EACjB,CAAC,CAAC,OAAO,CAAC,cAAc,CAAC,CAC1B;YACD,WAAW,EAAE,CAAC,CAAC,MAAM,EAAE;SACxB,CAAC,CACH;QACD,SAAS,EAAE,CAAC,CAAC,QAAQ,CACnB,CAAC,CAAC,MAAM,CAAC;YACP,eAAe,EAAE,CAAC,CAAC,MAAM,EAAE;YAC3B,UAAU,EAAE,CAAC,CAAC,KAAK,CACjB,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,EAClB,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,EACjB,CAAC,CAAC,OAAO,CAAC,cAAc,CAAC,CAC1B;YACD,WAAW,EAAE,CAAC,CAAC,MAAM,EAAE;SACxB,CAAC,CACH;KACF,CAAC;IACF,OAAO,EAAE,KAAK,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;QAC3B,MAAM,WAAW,GAAG,MAAM,GAAG,CAAC,EAAE;aAC7B,KAAK,CAAC,qBAAqB,CAAC;aAC5B,SAAS,CAAC,kBAAkB,EAAE,CAAC,CAAC,EAAE,EAAE,CACnC,CAAC,CAAC,EAAE,CAAC,SAAS,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC,EAAE,CAAC,SAAS,EAAE,IAAI,CAAC,OAAO,CAAC,CAC1D;aACA,OAAO,EAAE,CAAC;QAEb,MAAM,eAAe,GAAG,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YAC9C,eAAe,EAAE,CAAC,CAAC,eAAe;YAClC,UAAU,EAAE,CAAC,CAAC,UAAU;YACxB,WAAW,EAAE,kBAAkB,CAAC,CAAC,CAAC,eAAe,CAAC;SACnD,CAAC,CAAC,CAAC;QAEJ,MAAM,OAAO,GAAG,eAAe;aAC5B,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,cAAc,CAAC,IAAI,CAAC,YAAY,EAAE,CAAC,CAAC,eAAe,CAAC,CAAC;aACnE,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,GAAG,CAAC,CAAC,WAAW,CAAC,CAAC;QAEjD,OAAO;YACL,YAAY,EAAE,IAAI,CAAC,YAAY;YAC/B,WAAW,EAAE,eAAe;YAC5B,OAAO;YACP,SAAS,EAAE,OAAO,CAAC,CAAC,CAAC;SACtB,CAAC;IACJ,CAAC;CACF,CAAC,CAAC"}
+{"version":3,"file":"permissions.js","sourceRoot":"","sources":["../../src/component/permissions.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,eAAe,CAAC;AAClC,OAAO,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,wBAAwB,CAAC;AACzD,OAAO,EAAE,gCAAgC,EAAE,MAAM,uBAAuB,CAAC;AAEzE,MAAM,uBAAuB,GAAG,CAAC,CAAC,MAAM,CAAC;IACvC,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE;IACnB,UAAU,EAAE,CAAC,CAAC,KAAK,CACjB,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,EAClB,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,EACjB,CAAC,CAAC,OAAO,CAAC,cAAc,CAAC,CAC1B;IACD,eAAe,EAAE,CAAC,CAAC,QAAQ,CACzB,CAAC,CAAC,MAAM,CAAC;QACP,eAAe,EAAE,CAAC,CAAC,MAAM,EAAE;QAC3B,WAAW,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;KACpC,CAAC,CACH;CACF,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,mBAAmB,GAAG,QAAQ,CAAC;IAC1C,IAAI,EAAE;QACJ,OAAO,EAAE,CAAC,CAAC,EAAE,CAAC,QAAQ,CAAC;QACvB,KAAK,EAAE,CAAC,CAAC,KAAK,CAAC,uBAAuB,CAAC;QACvC,qBAAqB,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;KAC3C;IACD,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE;IACnB,OAAO,EAAE,KAAK,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;QAC3B,KAAK,MAAM,IAAI,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;YAC9B,MAAM,OAAO,GAAG,gCAAgC,CAC9C,IAAI,CAAC,OAAO,EACZ,IAAI,CAAC,qBAAqB,CAC3B,CAAC;YACF,IAAI,CAAC,OAAO,EAAE,CAAC;gBACb,MAAM,IAAI,KAAK,CACb,YAAY,IAAI,CAAC,OAAO,0CAA0C,CACnE,CAAC;YACJ,CAAC;QACH,CAAC;QAED,MAAM,aAAa,GAAG,MAAM,GAAG,CAAC,EAAE;aAC/B,KAAK,CAAC,kBAAkB,CAAC;aACzB,SAAS,CAAC,YAAY,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,SAAS,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC;aAC7D,OAAO,EAAE,CAAC;QAEb,KAAK,MAAM,YAAY,IAAI,aAAa,EAAE,CAAC;YACzC,MAAM,GAAG,CAAC,EAAE,CAAC,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC;QACxC,CAAC;QAED,KAAK,MAAM,IAAI,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;YAC9B,MAAM,GAAG,CAAC,EAAE,CAAC,MAAM,CAAC,kBAAkB,EAAE;gBACtC,OAAO,EAAE,IAAI,CAAC,OAAO;gBACrB,eAAe,EAAE,IAAI,CAAC,OAAO;gBAC7B,UAAU,EAAE,IAAI,CAAC,UAAU;gBAC3B,eAAe,EAAE,IAAI,CAAC,eAAe;gBACrC,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;aACtB,CAAC,CAAC;QACL,CAAC;QAED,OAAO,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC;IAC3B,CAAC;CACF,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,oBAAoB,GAAG,KAAK,CAAC;IACxC,IAAI,EAAE;QACJ,OAAO,EAAE,CAAC,CAAC,EAAE,CAAC,QAAQ,CAAC;KACxB;IACD,OAAO,EAAE,CAAC,CAAC,KAAK,CACd,CAAC,CAAC,MAAM,CAAC;QACP,eAAe,EAAE,CAAC,CAAC,MAAM,EAAE;QAC3B,UAAU,EAAE,CAAC,CAAC,KAAK,CACjB,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,EAClB,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,EACjB,CAAC,CAAC,OAAO,CAAC,cAAc,CAAC,CAC1B;QACD,eAAe,EAAE,CAAC,CAAC,QAAQ,CACzB,CAAC,CAAC,MAAM,CAAC;YACP,eAAe,EAAE,CAAC,CAAC,MAAM,EAAE;YAC3B,WAAW,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;SACpC,CAAC,CACH;QACD,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE;KACtB,CAAC,CACH;IACD,OAAO,EAAE,KAAK,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;QAC3B,MAAM,KAAK,GAAG,MAAM,GAAG,CAAC,EAAE;aACvB,KAAK,CAAC,kBAAkB,CAAC;aACzB,SAAS,CAAC,YAAY,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,SAAS,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC;aAC7D,OAAO,EAAE,CAAC;QAEb,OAAO,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;YAC1B,eAAe,EAAE,IAAI,CAAC,eAAe;YACrC,UAAU,EAAE,IAAI,CAAC,UAAU;YAC3B,eAAe,EAAE,IAAI,CAAC,eAAe;YACrC,SAAS,EAAE,IAAI,CAAC,SAAS;SAC1B,CAAC,CAAC,CAAC;IACN,CAAC;CACF,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,oBAAoB,GAAG,QAAQ,CAAC;IAC3C,IAAI,EAAE;QACJ,SAAS,EAAE,CAAC,CAAC,KAAK,CAChB,CAAC,CAAC,MAAM,CAAC;YACP,GAAG,EAAE,CAAC,CAAC,MAAM,EAAE;YACf,OAAO,EAAE,CAAC,CAAC,OAAO,EAAE;YACpB,eAAe,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;SACxC,CAAC,CACH;QACD,qBAAqB,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;KAC3C;IACD,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE;IACnB,OAAO,EAAE,KAAK,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;QAC3B,KAAK,MAAM,QAAQ,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;YACtC,IAAI,CAAC,IAAI,CAAC,qBAAqB,CAAC,QAAQ,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;gBACvD,MAAM,IAAI,KAAK,CAAC,aAAa,QAAQ,CAAC,GAAG,4BAA4B,CAAC,CAAC;YACzE,CAAC;YAED,MAAM,QAAQ,GAAG,MAAM,GAAG,CAAC,EAAE;iBAC1B,KAAK,CAAC,gBAAgB,CAAC;iBACvB,SAAS,CAAC,QAAQ,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,KAAK,EAAE,QAAQ,CAAC,GAAG,CAAC,CAAC;iBACrD,MAAM,EAAE,CAAC;YACZ,IAAI,QAAQ,EAAE,CAAC;gBACb,MAAM,GAAG,CAAC,EAAE,CAAC,KAAK,CAAC,QAAQ,CAAC,GAAG,EAAE;oBAC/B,OAAO,EAAE,QAAQ,CAAC,OAAO;oBACzB,eAAe,EAAE,QAAQ,CAAC,eAAe;iBAC1C,CAAC,CAAC;YACL,CAAC;iBAAM,CAAC;gBACN,MAAM,GAAG,CAAC,EAAE,CAAC,MAAM,CAAC,gBAAgB,EAAE;oBACpC,GAAG,EAAE,QAAQ,CAAC,GAAG;oBACjB,OAAO,EAAE,QAAQ,CAAC,OAAO;oBACzB,eAAe,EAAE,QAAQ,CAAC,eAAe;iBAC1C,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAED,OAAO,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC;IAC/B,CAAC;CACF,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,qBAAqB,GAAG,KAAK,CAAC;IACzC,IAAI,EAAE,EAAE;IACR,OAAO,EAAE,CAAC,CAAC,KAAK,CACd,CAAC,CAAC,MAAM,CAAC;QACP,GAAG,EAAE,CAAC,CAAC,MAAM,EAAE;QACf,OAAO,EAAE,CAAC,CAAC,OAAO,EAAE;QACpB,eAAe,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;KACxC,CAAC,CACH;IACD,OAAO,EAAE,KAAK,EAAE,GAAG,EAAE,EAAE;QACrB,OAAO,MAAM,GAAG,CAAC,EAAE,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC,OAAO,EAAE,CAAC;IACxD,CAAC;CACF,CAAC,CAAC"}

package/dist/component/schema.d.ts

@@ -1,175 +1,77 @@
 declare const _default: import("convex/server").SchemaDefinition<{
-    provisioningTokens: import("convex/server").TableDefinition<import("convex/values").VObject<{
-        createdBy: string;
-        department: string;
-        employeeEmail: string;
-        maxApps: number;
-        tokenHash: string;
-        usedCount: number;
-        expiresAt: number;
-        isActive: boolean;
-    }, {
-        tokenHash: import("convex/values").VString<string, "required">;
-        employeeEmail: import("convex/values").VString<string, "required">;
-        department: import("convex/values").VString<string, "required">;
-        maxApps: import("convex/values").VFloat64<number, "required">;
-        usedCount: import("convex/values").VFloat64<number, "required">;
-        expiresAt: import("convex/values").VFloat64<number, "required">;
-        isActive: import("convex/values").VBoolean<boolean, "required">;
-        createdBy: import("convex/values").VString<string, "required">;
-    }, "required", "createdBy" | "department" | "employeeEmail" | "maxApps" | "tokenHash" | "usedCount" | "expiresAt" | "isActive">, {
-        by_token_hash: ["tokenHash", "_creationTime"];
-        by_email: ["employeeEmail", "_creationTime"];
-    }, {}, {}>;
-    registeredAgents: import("convex/server").TableDefinition<import("convex/values").VObject<{
-        revokedBy?: string | undefined;
-        revokedAt?: number | undefined;
-        agentId: string;
-        department: string;
-        employeeEmail: string;
-        isActive: boolean;
-        firstRegisteredAt: number;
-        lastSeenAt: number;
-    }, {
-        agentId: import("convex/values").VString<string, "required">;
-        employeeEmail: import("convex/values").VString<string, "required">;
-        department: import("convex/values").VString<string, "required">;
-        firstRegisteredAt: import("convex/values").VFloat64<number, "required">;
-        lastSeenAt: import("convex/values").VFloat64<number, "required">;
-        isActive: import("convex/values").VBoolean<boolean, "required">;
-        revokedAt: import("convex/values").VFloat64<number | undefined, "optional">;
-        revokedBy: import("convex/values").VString<string | undefined, "optional">;
-    }, "required", "agentId" | "department" | "employeeEmail" | "revokedBy" | "isActive" | "firstRegisteredAt" | "lastSeenAt" | "revokedAt">, {
-        by_agent_id: ["agentId", "_creationTime"];
-        by_email: ["employeeEmail", "_creationTime"];
-    }, {}, {}>;
-    agentAppInstances: import("convex/server").TableDefinition<import("convex/values").VObject<{
-        appName: string;
-        agentId: string;
-        expiresAt: number;
-        instanceTokenHash: string;
-        registeredAt: number;
-        lastActivityAt: number;
-        monthlyRequests: number;
-    }, {
-        agentId: import("convex/values").VString<string, "required">;
-        appName: import("convex/values").VString<string, "required">;
-        instanceTokenHash: import("convex/values").VString<string, "required">;
-        registeredAt: import("convex/values").VFloat64<number, "required">;
-        expiresAt: import("convex/values").VFloat64<number, "required">;
-        lastActivityAt: import("convex/values").VFloat64<number, "required">;
-        monthlyRequests: import("convex/values").VFloat64<number, "required">;
-    }, "required", "appName" | "agentId" | "expiresAt" | "instanceTokenHash" | "registeredAt" | "lastActivityAt" | "monthlyRequests">, {
-        by_instance_token_hash: ["instanceTokenHash", "_creationTime"];
-        by_agent_and_app: ["agentId", "appName", "_creationTime"];
-    }, {}, {}>;
-    functionRegistry: import("convex/server").TableDefinition<import("convex/values").VObject<{
-        description?: string | undefined;
-        appName: string;
-        functionName: string;
-        functionHandle: string;
-        functionType: "query" | "mutation" | "action";
-        registeredAt: number;
+    agents: import("convex/server").TableDefinition<import("convex/values").VObject<{
+        lastUsed?: number | undefined;
+        enabled: boolean;
+        name: string;
+        rateLimit: number;
+        apiKeyHash: string;
+        createdAt: number;
     }, {
-        appName: import("convex/values").VString<string, "required">;
-        functionName: import("convex/values").VString<string, "required">;
-        functionHandle: import("convex/values").VString<string, "required">;
-        functionType: import("convex/values").VUnion<"query" | "mutation" | "action", [import("convex/values").VLiteral<"query", "required">, import("convex/values").VLiteral<"mutation", "required">, import("convex/values").VLiteral<"action", "required">], "required", never>;
-        description: import("convex/values").VString<string | undefined, "optional">;
-        registeredAt: import("convex/values").VFloat64<number, "required">;
-    }, "required", "appName" | "functionName" | "description" | "functionHandle" | "functionType" | "registeredAt">, {
-        by_app_and_function: ["appName", "functionName", "_creationTime"];
+        name: import("convex/values").VString<string, "required">;
+        apiKeyHash: import("convex/values").VString<string, "required">;
+        enabled: import("convex/values").VBoolean<boolean, "required">;
+        rateLimit: import("convex/values").VFloat64<number, "required">;
+        lastUsed: import("convex/values").VFloat64<number | undefined, "optional">;
+        createdAt: import("convex/values").VFloat64<number, "required">;
+    }, "required", "enabled" | "name" | "rateLimit" | "apiKeyHash" | "lastUsed" | "createdAt">, {
+        by_apiKeyHash: ["apiKeyHash", "_creationTime"];
+        by_enabled: ["enabled", "_creationTime"];
     }, {}, {}>;
-    functionPermissions: import("convex/server").TableDefinition<import("convex/values").VObject<{
+    agentPermissions: import("convex/server").TableDefinition<import("convex/values").VObject<{
         rateLimitConfig?: {
+            tokenBudget?: number | undefined;
             requestsPerHour: number;
-            tokenBudget: number;
         } | undefined;
-        appName: string;
-        agentId: string;
-        permission: "allow" | "deny" | "rate_limited";
+        agentId: import("convex/values").GenericId<"agents">;
         functionPattern: string;
-        createdBy: string;
-        createdAt: number;
+        permission: "allow" | "deny" | "rate_limited";
+        updatedAt: number;
     }, {
-        agentId: import("convex/values").VString<string, "required">;
-        appName: import("convex/values").VString<string, "required">;
+        agentId: import("convex/values").VId<import("convex/values").GenericId<"agents">, "required">;
         functionPattern: import("convex/values").VString<string, "required">;
         permission: import("convex/values").VUnion<"allow" | "deny" | "rate_limited", [import("convex/values").VLiteral<"allow", "required">, import("convex/values").VLiteral<"deny", "required">, import("convex/values").VLiteral<"rate_limited", "required">], "required", never>;
         rateLimitConfig: import("convex/values").VObject<{
+            tokenBudget?: number | undefined;
             requestsPerHour: number;
-            tokenBudget: number;
         } | undefined, {
             requestsPerHour: import("convex/values").VFloat64<number, "required">;
-            tokenBudget: import("convex/values").VFloat64<number, "required">;
+            tokenBudget: import("convex/values").VFloat64<number | undefined, "optional">;
         }, "optional", "requestsPerHour" | "tokenBudget">;
-        createdAt: import("convex/values").VFloat64<number, "required">;
-        createdBy: import("convex/values").VString<string, "required">;
-    }, "required", "appName" | "agentId" | "permission" | "functionPattern" | "createdBy" | "rateLimitConfig" | "createdAt" | "rateLimitConfig.requestsPerHour" | "rateLimitConfig.tokenBudget">, {
-        by_agent_and_app: ["agentId", "appName", "_creationTime"];
-        by_app_and_pattern: ["appName", "functionPattern", "_creationTime"];
+        updatedAt: import("convex/values").VFloat64<number, "required">;
+    }, "required", "agentId" | "functionPattern" | "permission" | "rateLimitConfig" | "updatedAt" | "rateLimitConfig.requestsPerHour" | "rateLimitConfig.tokenBudget">, {
+        by_agentId: ["agentId", "_creationTime"];
     }, {}, {}>;
-    accessLog: import("convex/server").TableDefinition<import("convex/values").VObject<{
-        durationMs?: number | undefined;
-        errorMessage?: string | undefined;
-        appName: string;
-        agentId: string;
-        functionCalled: string;
-        permission: string;
-        timestamp: number;
+    agentFunctions: import("convex/server").TableDefinition<import("convex/values").VObject<{
+        globalRateLimit?: number | undefined;
+        enabled: boolean;
+        key: string;
     }, {
-        timestamp: import("convex/values").VFloat64<number, "required">;
-        agentId: import("convex/values").VString<string, "required">;
-        appName: import("convex/values").VString<string, "required">;
-        functionCalled: import("convex/values").VString<string, "required">;
-        permission: import("convex/values").VString<string, "required">;
-        errorMessage: import("convex/values").VString<string | undefined, "optional">;
-        durationMs: import("convex/values").VFloat64<number | undefined, "optional">;
-    }, "required", "appName" | "agentId" | "durationMs" | "errorMessage" | "functionCalled" | "permission" | "timestamp">, {
-        by_agent_and_timestamp: ["agentId", "timestamp", "_creationTime"];
-        by_app_and_function: ["appName", "functionCalled", "_creationTime"];
+        key: import("convex/values").VString<string, "required">;
+        enabled: import("convex/values").VBoolean<boolean, "required">;
+        globalRateLimit: import("convex/values").VFloat64<number | undefined, "optional">;
+    }, "required", "enabled" | "key" | "globalRateLimit">, {
+        by_key: ["key", "_creationTime"];
     }, {}, {}>;
-    appConfigs: import("convex/server").TableDefinition<import("convex/values").VObject<{
-        appName: string;
-        defaultPermissions: {
-            rateLimitConfig?: {
-                requestsPerHour: number;
-                tokenBudget: number;
-            } | undefined;
-            permission: "allow" | "deny" | "rate_limited";
-            pattern: string;
-        }[];
-        configuredAt: number;
+    agentLogs: import("convex/server").TableDefinition<import("convex/values").VObject<{
+        error?: string | undefined;
+        result?: any;
+        agentId: import("convex/values").GenericId<"agents">;
+        functionKey: string;
+        args: any;
+        duration: number;
+        timestamp: number;
     }, {
-        appName: import("convex/values").VString<string, "required">;
-        defaultPermissions: import("convex/values").VArray<{
-            rateLimitConfig?: {
-                requestsPerHour: number;
-                tokenBudget: number;
-            } | undefined;
-            permission: "allow" | "deny" | "rate_limited";
-            pattern: string;
-        }[], import("convex/values").VObject<{
-            rateLimitConfig?: {
-                requestsPerHour: number;
-                tokenBudget: number;
-            } | undefined;
-            permission: "allow" | "deny" | "rate_limited";
-            pattern: string;
-        }, {
-            pattern: import("convex/values").VString<string, "required">;
-            permission: import("convex/values").VUnion<"allow" | "deny" | "rate_limited", [import("convex/values").VLiteral<"allow", "required">, import("convex/values").VLiteral<"deny", "required">, import("convex/values").VLiteral<"rate_limited", "required">], "required", never>;
-            rateLimitConfig: import("convex/values").VObject<{
-                requestsPerHour: number;
-                tokenBudget: number;
-            } | undefined, {
-                requestsPerHour: import("convex/values").VFloat64<number, "required">;
-                tokenBudget: import("convex/values").VFloat64<number, "required">;
-            }, "optional", "requestsPerHour" | "tokenBudget">;
-        }, "required", "permission" | "rateLimitConfig" | "rateLimitConfig.requestsPerHour" | "rateLimitConfig.tokenBudget" | "pattern">, "required">;
-        configuredAt: import("convex/values").VFloat64<number, "required">;
-    }, "required", "appName" | "defaultPermissions" | "configuredAt">, {
-        by_app_name: ["appName", "_creationTime"];
+        agentId: import("convex/values").VId<import("convex/values").GenericId<"agents">, "required">;
+        functionKey: import("convex/values").VString<string, "required">;
+        args: import("convex/values").VAny<any, "required", string>;
+        result: import("convex/values").VAny<any, "optional", string>;
+        error: import("convex/values").VString<string | undefined, "optional">;
+        duration: import("convex/values").VFloat64<number, "required">;
+        timestamp: import("convex/values").VFloat64<number, "required">;
+    }, "required", "agentId" | "functionKey" | "args" | "duration" | "error" | "result" | "timestamp" | `args.${string}` | `result.${string}`>, {
+        by_agentId_and_timestamp: ["agentId", "timestamp", "_creationTime"];
+        by_functionKey: ["functionKey", "_creationTime"];
+        by_timestamp: ["timestamp", "_creationTime"];
     }, {}, {}>;
 }, true>;
 export default _default;

package/dist/component/schema.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"schema.d.ts","sourceRoot":"","sources":["../../src/component/schema.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAGA,wBAgHG"}
+{"version":3,"file":"schema.d.ts","sourceRoot":"","sources":["../../src/component/schema.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAGA,wBA+CG"}