@open-mercato/ai-assistant 0.6.2-develop.3461.1.605f31c2c9 → 0.6.2

package/src/modules/ai_assistant/api/ai/chat/route.ts

@@ -28,6 +28,7 @@ import {
 } from '../../../lib/model-allowlist'
 import { AiTenantModelAllowlistRepository } from '../../../data/repositories/AiTenantModelAllowlistRepository'
 import { AiAgentRuntimeOverrideRepository } from '../../../data/repositories/AiAgentRuntimeOverrideRepository'
+import { createConversationStorage } from '../../../lib/conversation-storage'
 import type { EntityManager } from '@mikro-orm/postgresql'
 
 const MAX_MESSAGES = 100
@@ -35,8 +36,23 @@ const MAX_MESSAGES = 100
 const agentIdPattern = /^[a-z0-9_]+\.[a-z0-9_]+$/
 
 const chatMessageSchema = z.object({
+  id: z.string().min(1).max(128).optional(),
   role: z.enum(['user', 'assistant', 'system']),
   content: z.string(),
+  uiParts: z.array(z.unknown()).optional(),
+  files: z
+    .array(
+      z
+        .object({
+          id: z.string().optional(),
+          name: z.string().optional(),
+          type: z.string().optional(),
+          mimeType: z.string().optional(),
+          size: z.number().optional(),
+        })
+        .passthrough(),
+    )
+    .optional(),
 })
 
 const pageContextSchema = z
@@ -189,6 +205,204 @@ function statusForDenyCode(code: AgentPolicyDenyCode): number {
   }
 }
 
+function extractDataPayload(eventBlock: string): string | null {
+  const dataLines = eventBlock
+    .split('\n')
+    .filter((line) => line.startsWith('data:'))
+    .map((line) => (line.startsWith('data: ') ? line.slice(6) : line.slice(5)))
+  if (dataLines.length === 0) return null
+  return dataLines.join('\n')
+}
+
+function extractUiPartsFromToolOutput(output: unknown): unknown[] {
+  let parsed = output
+  if (typeof output === 'string') {
+    const trimmed = output.trim()
+    if (!trimmed.startsWith('{') && !trimmed.startsWith('[')) return []
+    try {
+      parsed = JSON.parse(trimmed) as unknown
+    } catch {
+      return []
+    }
+  }
+  if (!parsed || typeof parsed !== 'object') return []
+  const value = parsed as Record<string, unknown>
+  const parts: unknown[] = []
+  if (value.status === 'pending-confirmation' || value.status === 'awaiting-confirmation') {
+    const pendingActionId =
+      typeof value.pendingActionId === 'string' && value.pendingActionId.length > 0
+        ? value.pendingActionId
+        : null
+    if (pendingActionId) {
+      parts.push({
+        componentId: 'mutation-preview-card',
+        pendingActionId,
+        payload: {
+          pendingActionId,
+          expiresAt: typeof value.expiresAt === 'string' ? value.expiresAt : undefined,
+          agentId:
+            typeof value.agentId === 'string'
+              ? value.agentId
+              : typeof value.agent === 'string'
+                ? value.agent
+                : undefined,
+          toolName: typeof value.toolName === 'string' ? value.toolName : undefined,
+        },
+      })
+    }
+  }
+  if (value.uiPart && typeof value.uiPart === 'object') parts.push(value.uiPart)
+  if (Array.isArray(value.uiParts)) parts.push(...value.uiParts)
+  return parts
+}
+
+function extractAssistantSnapshot(
+  raw: string,
+  contentType: string | null,
+): { content: string; uiParts: unknown[] } {
+  if (!contentType?.includes('event-stream')) {
+    return { content: raw, uiParts: [] }
+  }
+  let content = ''
+  const uiParts: unknown[] = []
+  for (const block of raw.split('\n\n')) {
+    const data = extractDataPayload(block)
+    if (!data || data === '[DONE]') continue
+    try {
+      const parsed = JSON.parse(data) as Record<string, unknown>
+      if (parsed.type === 'text-delta' && typeof parsed.delta === 'string') {
+        content += parsed.delta
+      } else if (parsed.type === 'text' && typeof parsed.content === 'string') {
+        content += parsed.content
+      } else if (parsed.type === 'tool-output-available') {
+        uiParts.push(...extractUiPartsFromToolOutput(parsed.output))
+      }
+    } catch {
+      // Ignore SSE comments and malformed provider chunks.
+    }
+  }
+  return { content, uiParts }
+}
+
+async function persistChatTurnStart(input: {
+  container: Awaited<ReturnType<typeof createRequestContainer>>
+  tenantId: string | null | undefined
+  organizationId: string | null | undefined
+  userId: string
+  agentId: string
+  conversationId: string | null
+  pageContext?: Record<string, unknown>
+  messages: AiChatRequest['messages']
+  attachmentIds?: string[]
+}): Promise<{ conversationId: string; userClientMessageId: string | null } | null> {
+  if (!input.tenantId || !input.conversationId) return null
+  const repo = createConversationStorage(input.container)
+  const ctx = {
+    tenantId: input.tenantId,
+    organizationId: input.organizationId ?? null,
+    userId: input.userId,
+  }
+  await repo.createOrGet(
+    {
+      conversationId: input.conversationId,
+      agentId: input.agentId,
+      pageContext: input.pageContext ?? null,
+    },
+    ctx,
+  )
+  const userMessage = [...input.messages].reverse().find((message) => message.role === 'user')
+  if (!userMessage) return { conversationId: input.conversationId, userClientMessageId: null }
+  await repo.appendMessage(
+    input.conversationId,
+    {
+      clientMessageId: userMessage.id,
+      role: 'user',
+      content: userMessage.content,
+      uiParts: userMessage.uiParts,
+      attachmentIds: input.attachmentIds,
+      files: userMessage.files?.map((file, index) => {
+        const id = file.id ?? input.attachmentIds?.[index]
+        const mimeType = file.mimeType ?? file.type
+        return {
+          ...(id ? { id } : {}),
+          ...(file.name ? { name: file.name } : {}),
+          ...(mimeType ? { mimeType } : {}),
+          ...(typeof file.size === 'number' ? { size: file.size } : {}),
+        }
+      }),
+    },
+    ctx,
+  )
+  return {
+    conversationId: input.conversationId,
+    userClientMessageId: userMessage.id ?? null,
+  }
+}
+
+function persistAssistantOnStreamCompletion(input: {
+  response: Response
+  container: Awaited<ReturnType<typeof createRequestContainer>>
+  tenantId: string | null | undefined
+  organizationId: string | null | undefined
+  userId: string
+  conversationId: string
+  userClientMessageId: string | null
+}): Response {
+  if (!input.response.body || !input.tenantId) return input.response
+  const tenantId = input.tenantId
+  const { readable, writable } = new TransformStream<Uint8Array, Uint8Array>()
+  const writer = writable.getWriter()
+  const decoder = new TextDecoder()
+  const contentType = input.response.headers.get('content-type')
+
+  async function pump(): Promise<void> {
+    const reader = input.response.body!.getReader()
+    let raw = ''
+    try {
+      for (;;) {
+        const { value, done } = await reader.read()
+        if (done) break
+        if (!value) continue
+        raw += decoder.decode(value, { stream: true })
+        await writer.write(value)
+      }
+      raw += decoder.decode()
+      const assistant = extractAssistantSnapshot(raw, contentType)
+      if (assistant.content.trim() || assistant.uiParts.length > 0) {
+        const repo = createConversationStorage(input.container)
+        await repo.appendMessage(
+          input.conversationId,
+          {
+            clientMessageId: input.userClientMessageId
+              ? `${input.userClientMessageId}:assistant`
+              : undefined,
+            role: 'assistant',
+            content: assistant.content,
+            uiParts: assistant.uiParts,
+          },
+          {
+            tenantId,
+            organizationId: input.organizationId ?? null,
+            userId: input.userId,
+          },
+        )
+      }
+    } catch (error) {
+      console.error('[AI Chat Agent] Conversation persistence failure:', error)
+    } finally {
+      reader.releaseLock()
+      await writer.close().catch(() => undefined)
+    }
+  }
+
+  void pump()
+  return new Response(readable, {
+    status: input.response.status,
+    statusText: input.response.statusText,
+    headers: input.response.headers,
+  })
+}
+
 export async function POST(req: NextRequest): Promise<Response> {
   const auth = await getAuthFromRequest(req)
   if (!auth) {
@@ -419,7 +633,27 @@ export async function POST(req: NextRequest): Promise<Response> {
         ? resolveLoopBudgetPreset(rawLoopBudget)
         : undefined
 
-    return await runAiAgentText({
+    const effectiveConversationId = bodyResult.data.sessionId ?? bodyResult.data.conversationId ?? null
+    let persistedTurn:
+      | { conversationId: string; userClientMessageId: string | null }
+      | null = null
+    try {
+      persistedTurn = await persistChatTurnStart({
+        container,
+        tenantId: auth.tenantId ?? null,
+        organizationId: auth.orgId ?? null,
+        userId: auth.sub,
+        agentId,
+        conversationId: effectiveConversationId,
+        pageContext: bodyResult.data.pageContext,
+        messages: bodyResult.data.messages,
+        attachmentIds: bodyResult.data.attachmentIds,
+      })
+    } catch (error) {
+      console.error('[AI Chat Agent] Failed to persist user message:', error)
+    }
+
+    const response = await runAiAgentText({
       agentId,
       messages: bodyResult.data.messages as unknown as UIMessage[],
       attachmentIds: bodyResult.data.attachmentIds,
@@ -439,6 +673,16 @@ export async function POST(req: NextRequest): Promise<Response> {
       loop: loopFromPreset,
       emitLoopTrace: true,
     })
+    if (!persistedTurn) return response
+    return persistAssistantOnStreamCompletion({
+      response,
+      container,
+      tenantId: auth.tenantId ?? null,
+      organizationId: auth.orgId ?? null,
+      userId: auth.sub,
+      conversationId: persistedTurn.conversationId,
+      userClientMessageId: persistedTurn.userClientMessageId,
+    })
   } catch (error) {
     if (error instanceof AgentPolicyError) {
       return jsonError(statusForDenyCode(error.code), error.message, error.code)

package/src/modules/ai_assistant/api/ai/conversations/[conversationId]/route.ts

@@ -0,0 +1,320 @@
+import { NextResponse, type NextRequest } from 'next/server'
+import { z } from 'zod'
+import type { OpenApiRouteDoc } from '@open-mercato/shared/lib/openapi'
+import { getAuthFromRequest } from '@open-mercato/shared/lib/auth/server'
+import { createRequestContainer } from '@open-mercato/shared/lib/di/container'
+import type { RbacService } from '@open-mercato/core/modules/auth/services/rbacService'
+import {
+  aiChatConversationTranscriptQuerySchema,
+  aiChatConversationUpdateSchema,
+} from '../../../../data/validators'
+import { hasRequiredFeatures } from '../../../../lib/auth'
+import {
+  createConversationStorage,
+  serializeAiChatConversation,
+  serializeAiChatMessage,
+} from '../../../../lib/conversation-storage'
+
+const REQUIRED_FEATURE = 'ai_assistant.view'
+const MANAGE_CONVERSATIONS_FEATURE = 'ai_assistant.conversations.manage'
+
+const conversationIdParamSchema = z.object({
+  conversationId: z
+    .string()
+    .trim()
+    .min(1, 'conversationId must be a non-empty string')
+    .max(128, 'conversationId exceeds the maximum length of 128 characters'),
+})
+
+export const openApi: OpenApiRouteDoc = {
+  tag: 'AI Assistant',
+  summary: 'Per-conversation AI chat operations',
+  methods: {
+    GET: {
+      operationId: 'aiAssistantGetConversation',
+      summary: 'Fetch a conversation summary and recent transcript.',
+      description:
+        'Returns `{ conversation, messages, nextCursor }` for the supplied `conversationId`. ' +
+        'View-only callers can load only their own conversations. Callers with ' +
+        '`ai_assistant.conversations.manage` can load conversations across users in the same ' +
+        'tenant/organization. Messages are ordered ascending by `createdAt`. The `before` cursor ' +
+        'returns the next older page when paging back through long transcripts.',
+      responses: [
+        {
+          status: 200,
+          description: 'Conversation transcript page for the authenticated owner.',
+          mediaType: 'application/json',
+        },
+      ],
+      errors: [
+        { status: 400, description: 'Invalid path or query parameters.' },
+        { status: 401, description: 'Unauthenticated caller.' },
+        { status: 403, description: 'Caller lacks the `ai_assistant.view` feature.' },
+        { status: 404, description: 'No conversation accessible to the caller.' },
+      ],
+    },
+    PATCH: {
+      operationId: 'aiAssistantUpdateConversation',
+      summary: 'Update an existing conversation.',
+      description:
+        'Accepts a partial body containing any of `title`, `status`, `pageContext`. Setting ' +
+        '`status` to `closed` archives the conversation while keeping its transcript intact. ' +
+        'View-only callers can update only their own conversations; conversation managers can ' +
+        'update conversations in the same tenant/organization.',
+      responses: [
+        {
+          status: 200,
+          description: 'Updated conversation summary.',
+          mediaType: 'application/json',
+        },
+      ],
+      errors: [
+        { status: 400, description: 'Invalid request body.' },
+        { status: 401, description: 'Unauthenticated caller.' },
+        { status: 403, description: 'Caller lacks the `ai_assistant.view` feature.' },
+        { status: 404, description: 'No conversation accessible to the caller.' },
+      ],
+    },
+    DELETE: {
+      operationId: 'aiAssistantDeleteConversation',
+      summary: 'Soft-delete a conversation and its messages.',
+      description:
+        'View-only callers can delete only their own conversations. Callers with ' +
+        '`ai_assistant.conversations.manage` can delete conversations in the same tenant/organization. ' +
+        'Marks the conversation row and every undeleted message row with a `deleted_at` timestamp ' +
+        'in one transaction. The transcript remains in the database for audit/restore until a future ' +
+        'retention worker hard-deletes it.',
+      responses: [
+        {
+          status: 200,
+          description: 'Soft-delete acknowledgment.',
+          mediaType: 'application/json',
+        },
+      ],
+      errors: [
+        { status: 401, description: 'Unauthenticated caller.' },
+        { status: 403, description: 'Caller lacks the `ai_assistant.view` feature.' },
+        { status: 404, description: 'No conversation accessible to the caller.' },
+      ],
+    },
+  },
+}
+
+export const metadata = {
+  GET: { requireAuth: true, requireFeatures: [REQUIRED_FEATURE] },
+  PATCH: { requireAuth: true, requireFeatures: [REQUIRED_FEATURE] },
+  DELETE: { requireAuth: true, requireFeatures: [REQUIRED_FEATURE] },
+}
+
+interface RouteContext {
+  params: Promise<{ conversationId: string }>
+}
+
+function jsonError(
+  status: number,
+  message: string,
+  code: string,
+  extra?: Record<string, unknown>,
+): NextResponse {
+  return NextResponse.json({ error: message, code, ...(extra ?? {}) }, { status })
+}
+
+async function resolveCallerContext(req: NextRequest, context: RouteContext): Promise<
+  | { kind: 'unauthorized' }
+  | { kind: 'forbidden' }
+  | { kind: 'missing-tenant' }
+  | { kind: 'invalid-id'; issues: unknown }
+  | {
+      kind: 'ok'
+      tenantId: string
+      organizationId: string | null
+      userId: string
+      conversationId: string
+      canManageConversations: boolean
+    }
+> {
+  const auth = await getAuthFromRequest(req)
+  if (!auth) return { kind: 'unauthorized' }
+  const rawParams = await context.params
+  const parseResult = conversationIdParamSchema.safeParse(rawParams)
+  if (!parseResult.success) {
+    return { kind: 'invalid-id', issues: parseResult.error.issues }
+  }
+  const container = await createRequestContainer()
+  const rbacService = container.resolve<RbacService>('rbacService')
+  const acl = await rbacService.loadAcl(auth.sub, {
+    tenantId: auth.tenantId,
+    organizationId: auth.orgId,
+  })
+  if (!hasRequiredFeatures([REQUIRED_FEATURE], acl.features, acl.isSuperAdmin, rbacService)) {
+    return { kind: 'forbidden' }
+  }
+  const canManageConversations = hasRequiredFeatures(
+    [MANAGE_CONVERSATIONS_FEATURE],
+    acl.features,
+    acl.isSuperAdmin,
+    rbacService,
+  )
+  if (!auth.tenantId) return { kind: 'missing-tenant' }
+  return {
+    kind: 'ok',
+    tenantId: auth.tenantId,
+    organizationId: auth.orgId ?? null,
+    userId: auth.sub,
+    conversationId: parseResult.data.conversationId,
+    canManageConversations,
+  }
+}
+
+export async function GET(req: NextRequest, context: RouteContext): Promise<Response> {
+  const callerCtx = await resolveCallerContext(req, context)
+  if (callerCtx.kind === 'unauthorized') return jsonError(401, 'Unauthorized', 'unauthenticated')
+  if (callerCtx.kind === 'invalid-id') {
+    return jsonError(400, 'Invalid conversation id.', 'validation_error', {
+      issues: callerCtx.issues,
+    })
+  }
+  if (callerCtx.kind === 'forbidden') {
+    return jsonError(403, `Caller lacks required feature "${REQUIRED_FEATURE}".`, 'forbidden')
+  }
+  if (callerCtx.kind === 'missing-tenant') {
+    return jsonError(404, 'Conversation not found.', 'conversation_not_found')
+  }
+
+  const url = new URL(req.url)
+  const queryResult = aiChatConversationTranscriptQuerySchema.safeParse({
+    limit: url.searchParams.get('limit') ?? undefined,
+    before: url.searchParams.get('before') ?? undefined,
+  })
+  if (!queryResult.success) {
+    return jsonError(400, 'Invalid query parameters.', 'validation_error', {
+      issues: queryResult.error.issues,
+    })
+  }
+
+  try {
+    const container = await createRequestContainer()
+    const repo = createConversationStorage(container)
+    const transcript = await repo.getTranscript(
+      callerCtx.conversationId,
+      {
+        tenantId: callerCtx.tenantId,
+        organizationId: callerCtx.organizationId,
+        userId: callerCtx.userId,
+        canManageConversations: callerCtx.canManageConversations,
+      },
+      {
+        limit: queryResult.data.limit,
+        before: queryResult.data.before ?? null,
+      },
+    )
+    if (!transcript) {
+      return jsonError(404, 'Conversation not found.', 'conversation_not_found')
+    }
+    return NextResponse.json({
+      conversation: serializeAiChatConversation(transcript.conversation),
+      messages: transcript.messages.map(serializeAiChatMessage),
+      nextCursor: transcript.nextCursor,
+    })
+  } catch (error) {
+    console.error('[AI Conversation GET] Failure:', error)
+    return jsonError(
+      500,
+      error instanceof Error ? error.message : 'Failed to load conversation.',
+      'internal_error',
+    )
+  }
+}
+
+export async function PATCH(req: NextRequest, context: RouteContext): Promise<Response> {
+  const callerCtx = await resolveCallerContext(req, context)
+  if (callerCtx.kind === 'unauthorized') return jsonError(401, 'Unauthorized', 'unauthenticated')
+  if (callerCtx.kind === 'invalid-id') {
+    return jsonError(400, 'Invalid conversation id.', 'validation_error', {
+      issues: callerCtx.issues,
+    })
+  }
+  if (callerCtx.kind === 'forbidden') {
+    return jsonError(403, `Caller lacks required feature "${REQUIRED_FEATURE}".`, 'forbidden')
+  }
+  if (callerCtx.kind === 'missing-tenant') {
+    return jsonError(404, 'Conversation not found.', 'conversation_not_found')
+  }
+
+  let rawBody: unknown
+  try {
+    rawBody = await req.json()
+  } catch {
+    return jsonError(400, 'Request body must be valid JSON.', 'validation_error')
+  }
+  const parseResult = aiChatConversationUpdateSchema.safeParse(rawBody)
+  if (!parseResult.success) {
+    return jsonError(400, 'Invalid conversation patch.', 'validation_error', {
+      issues: parseResult.error.issues,
+    })
+  }
+
+  try {
+    const container = await createRequestContainer()
+    const repo = createConversationStorage(container)
+    const row = await repo.update(
+      callerCtx.conversationId,
+      parseResult.data,
+      {
+        tenantId: callerCtx.tenantId,
+        organizationId: callerCtx.organizationId,
+        userId: callerCtx.userId,
+        canManageConversations: callerCtx.canManageConversations,
+      },
+    )
+    return NextResponse.json(serializeAiChatConversation(row))
+  } catch (error) {
+    if (error instanceof Error && error.name === 'AiChatConversationAccessError') {
+      return jsonError(404, 'Conversation not found.', 'conversation_not_found')
+    }
+    console.error('[AI Conversation PATCH] Failure:', error)
+    return jsonError(
+      500,
+      error instanceof Error ? error.message : 'Failed to update conversation.',
+      'internal_error',
+    )
+  }
+}
+
+export async function DELETE(req: NextRequest, context: RouteContext): Promise<Response> {
+  const callerCtx = await resolveCallerContext(req, context)
+  if (callerCtx.kind === 'unauthorized') return jsonError(401, 'Unauthorized', 'unauthenticated')
+  if (callerCtx.kind === 'invalid-id') {
+    return jsonError(400, 'Invalid conversation id.', 'validation_error', {
+      issues: callerCtx.issues,
+    })
+  }
+  if (callerCtx.kind === 'forbidden') {
+    return jsonError(403, `Caller lacks required feature "${REQUIRED_FEATURE}".`, 'forbidden')
+  }
+  if (callerCtx.kind === 'missing-tenant') {
+    return jsonError(404, 'Conversation not found.', 'conversation_not_found')
+  }
+
+  try {
+    const container = await createRequestContainer()
+    const repo = createConversationStorage(container)
+    await repo.softDelete(callerCtx.conversationId, {
+      tenantId: callerCtx.tenantId,
+      organizationId: callerCtx.organizationId,
+      userId: callerCtx.userId,
+      canManageConversations: callerCtx.canManageConversations,
+    })
+    return NextResponse.json({ ok: true })
+  } catch (error) {
+    if (error instanceof Error && error.name === 'AiChatConversationAccessError') {
+      return jsonError(404, 'Conversation not found.', 'conversation_not_found')
+    }
+    console.error('[AI Conversation DELETE] Failure:', error)
+    return jsonError(
+      500,
+      error instanceof Error ? error.message : 'Failed to delete conversation.',
+      'internal_error',
+    )
+  }
+}

package/src/modules/ai_assistant/api/ai/conversations/__tests__/route.test.ts

@@ -0,0 +1,93 @@
+const authMock = jest.fn()
+const loadAclMock = jest.fn()
+const hasAllFeaturesMock = jest.fn()
+const createRequestContainerMock = jest.fn()
+const listConversationsMock = jest.fn()
+
+jest.mock('@open-mercato/shared/lib/auth/server', () => ({
+  getAuthFromRequest: (...args: unknown[]) => authMock(...args),
+}))
+
+jest.mock('@open-mercato/shared/lib/di/container', () => ({
+  createRequestContainer: (...args: unknown[]) => createRequestContainerMock(...args),
+}))
+
+jest.mock('../../../../lib/conversation-storage', () => ({
+  createConversationStorage: jest.fn(() => ({
+    list: (...args: unknown[]) => listConversationsMock(...args),
+  })),
+  serializeAiChatConversation: (row: unknown) => row,
+}))
+
+import { GET } from '../route'
+
+function buildRequest(query = ''): Request {
+  return new Request(`http://localhost/api/ai_assistant/ai/conversations${query}`, {
+    method: 'GET',
+  })
+}
+
+describe('GET /api/ai/conversations', () => {
+  beforeEach(() => {
+    jest.clearAllMocks()
+    authMock.mockResolvedValue({
+      sub: 'user-1',
+      tenantId: 'tenant-1',
+      orgId: 'org-1',
+    })
+    hasAllFeaturesMock.mockImplementation((required: string[], features: string[]) =>
+      required.every((feature) => features.includes(feature)),
+    )
+    createRequestContainerMock.mockResolvedValue({
+      resolve: (name: string) => {
+        if (name === 'rbacService') {
+          return {
+            loadAcl: (...args: unknown[]) => loadAclMock(...args),
+            hasAllFeatures: (...args: unknown[]) => hasAllFeaturesMock(...args),
+          }
+        }
+        return null
+      },
+    })
+    loadAclMock.mockResolvedValue({
+      features: ['ai_assistant.view'],
+      isSuperAdmin: false,
+    })
+    listConversationsMock.mockResolvedValue({ items: [], nextCursor: null })
+  })
+
+  it('passes owner-only scope to storage for view-only callers', async () => {
+    const response = await GET(buildRequest('?agent=catalog.assistant') as any)
+    expect(response.status).toBe(200)
+    expect(listConversationsMock).toHaveBeenCalledWith(
+      {
+        tenantId: 'tenant-1',
+        organizationId: 'org-1',
+        userId: 'user-1',
+        canManageConversations: false,
+      },
+      expect.objectContaining({
+        agentId: 'catalog.assistant',
+      }),
+    )
+  })
+
+  it('passes tenant-scoped manage scope when the caller has conversation management', async () => {
+    loadAclMock.mockResolvedValueOnce({
+      features: ['ai_assistant.view', 'ai_assistant.conversations.manage'],
+      isSuperAdmin: false,
+    })
+
+    const response = await GET(buildRequest() as any)
+    expect(response.status).toBe(200)
+    expect(listConversationsMock).toHaveBeenCalledWith(
+      expect.objectContaining({
+        tenantId: 'tenant-1',
+        organizationId: 'org-1',
+        userId: 'user-1',
+        canManageConversations: true,
+      }),
+      expect.any(Object),
+    )
+  })
+})