@open-mercato/ai-assistant 0.6.2-develop.3461.1.605f31c2c9 → 0.6.2

package/src/modules/ai_assistant/api/ai/conversations/import/route.ts

@@ -0,0 +1,122 @@
+import { NextResponse, type NextRequest } from 'next/server'
+import type { OpenApiRouteDoc } from '@open-mercato/shared/lib/openapi'
+import { getAuthFromRequest } from '@open-mercato/shared/lib/auth/server'
+import { createRequestContainer } from '@open-mercato/shared/lib/di/container'
+import type { RbacService } from '@open-mercato/core/modules/auth/services/rbacService'
+import { aiChatConversationImportSchema } from '../../../../data/validators'
+import { hasRequiredFeatures } from '../../../../lib/auth'
+import {
+  createConversationStorage,
+  serializeAiChatConversation,
+} from '../../../../lib/conversation-storage'
+
+const REQUIRED_FEATURE = 'ai_assistant.view'
+
+export const openApi: OpenApiRouteDoc = {
+  tag: 'AI Assistant',
+  summary: 'Lazily import a localStorage AI chat conversation',
+  methods: {
+    POST: {
+      operationId: 'aiAssistantImportConversation',
+      summary: 'Import a conversation that previously lived only in browser localStorage.',
+      description:
+        'Idempotent: messages with `clientMessageId` already present in the server transcript are ' +
+        'skipped and counted in `skippedMessageCount`. New messages are appended with the original ' +
+        '`clientMessageId` so subsequent retries continue to dedupe. Up to 100 messages per request. ' +
+        'Attachment previews stored as `data:` URLs in the source localStorage record MUST NOT be ' +
+        'forwarded to this endpoint; the UI strips them before upload.',
+      responses: [
+        {
+          status: 200,
+          description: 'Import result including imported/skipped counters.',
+          mediaType: 'application/json',
+        },
+      ],
+      errors: [
+        { status: 400, description: 'Invalid request body.' },
+        { status: 401, description: 'Unauthenticated caller.' },
+        { status: 403, description: 'Caller lacks the `ai_assistant.view` feature.' },
+      ],
+    },
+  },
+}
+
+export const metadata = {
+  POST: { requireAuth: true, requireFeatures: [REQUIRED_FEATURE] },
+}
+
+function jsonError(
+  status: number,
+  message: string,
+  code: string,
+  extra?: Record<string, unknown>,
+): NextResponse {
+  return NextResponse.json({ error: message, code, ...(extra ?? {}) }, { status })
+}
+
+export async function POST(req: NextRequest): Promise<Response> {
+  const auth = await getAuthFromRequest(req)
+  if (!auth) return jsonError(401, 'Unauthorized', 'unauthenticated')
+
+  let rawBody: unknown
+  try {
+    rawBody = await req.json()
+  } catch {
+    return jsonError(400, 'Request body must be valid JSON.', 'validation_error')
+  }
+  const parseResult = aiChatConversationImportSchema.safeParse(rawBody)
+  if (!parseResult.success) {
+    return jsonError(400, 'Invalid import payload.', 'validation_error', {
+      issues: parseResult.error.issues,
+    })
+  }
+
+  try {
+    const container = await createRequestContainer()
+    const rbacService = container.resolve<RbacService>('rbacService')
+    const acl = await rbacService.loadAcl(auth.sub, {
+      tenantId: auth.tenantId,
+      organizationId: auth.orgId,
+    })
+    if (!hasRequiredFeatures([REQUIRED_FEATURE], acl.features, acl.isSuperAdmin, rbacService)) {
+      return jsonError(403, `Caller lacks required feature "${REQUIRED_FEATURE}".`, 'forbidden')
+    }
+    if (!auth.tenantId) {
+      return jsonError(400, 'Caller is not bound to a tenant.', 'tenant_required')
+    }
+
+    const repo = createConversationStorage(container)
+    const result = await repo.importLocalConversation(
+      {
+        conversation: {
+          conversationId: parseResult.data.conversation.conversationId,
+          agentId: parseResult.data.conversation.agentId,
+          title: parseResult.data.conversation.title ?? null,
+          status: parseResult.data.conversation.status,
+          pageContext: parseResult.data.conversation.pageContext ?? null,
+        },
+        messages: parseResult.data.messages,
+      },
+      {
+        tenantId: auth.tenantId,
+        organizationId: auth.orgId ?? null,
+        userId: auth.sub,
+      },
+    )
+    return NextResponse.json({
+      conversation: serializeAiChatConversation(result.conversation),
+      importedMessageCount: result.importedMessageCount,
+      skippedMessageCount: result.skippedMessageCount,
+    })
+  } catch (error) {
+    if (error instanceof Error && error.name === 'AiChatConversationAccessError') {
+      return jsonError(404, error.message, 'conversation_not_found')
+    }
+    console.error('[AI Conversation Import] Failure:', error)
+    return jsonError(
+      500,
+      error instanceof Error ? error.message : 'Failed to import conversation.',
+      'internal_error',
+    )
+  }
+}

package/src/modules/ai_assistant/api/ai/conversations/route.ts

@@ -0,0 +1,241 @@
+import { NextResponse, type NextRequest } from 'next/server'
+import type { OpenApiRouteDoc } from '@open-mercato/shared/lib/openapi'
+import { getAuthFromRequest } from '@open-mercato/shared/lib/auth/server'
+import { createRequestContainer } from '@open-mercato/shared/lib/di/container'
+import type { RbacService } from '@open-mercato/core/modules/auth/services/rbacService'
+import {
+  aiChatConversationCreateSchema,
+  aiChatConversationListQuerySchema,
+} from '../../../data/validators'
+import { hasRequiredFeatures } from '../../../lib/auth'
+import {
+  createConversationStorage,
+  serializeAiChatConversation,
+} from '../../../lib/conversation-storage'
+
+const REQUIRED_FEATURE = 'ai_assistant.view'
+const MANAGE_CONVERSATIONS_FEATURE = 'ai_assistant.conversations.manage'
+
+export const openApi: OpenApiRouteDoc = {
+  tag: 'AI Assistant',
+  summary: 'Server-side AI chat conversations',
+  methods: {
+    GET: {
+      operationId: 'aiAssistantListConversations',
+      summary: 'List AI chat conversations visible to the caller.',
+      description:
+        'Returns `{ items, nextCursor }` for the authenticated caller, ordered by `lastMessageAt` ' +
+        'descending. View-only callers receive only their own conversations. Callers with ' +
+        '`ai_assistant.conversations.manage` may list conversations across users in the same ' +
+        'tenant/organization. The ' +
+        '`agent` and `status` filters are optional; `cursor` is the ISO timestamp returned by a ' +
+        'previous response.',
+      responses: [
+        {
+          status: 200,
+          description: 'Caller-owned conversation summaries.',
+          mediaType: 'application/json',
+        },
+      ],
+      errors: [
+        { status: 400, description: 'Invalid query parameters.' },
+        { status: 401, description: 'Unauthenticated caller.' },
+        { status: 403, description: 'Caller lacks the `ai_assistant.view` feature.' },
+      ],
+    },
+    POST: {
+      operationId: 'aiAssistantCreateConversation',
+      summary: 'Idempotently create a new AI chat conversation.',
+      description:
+        'If a non-deleted conversation already exists with the supplied `conversationId` for the ' +
+        'authenticated caller in this tenant/org, returns the existing summary. Otherwise creates a ' +
+        'fresh row and writes the owner-participant row in the same transaction.',
+      responses: [
+        {
+          status: 200,
+          description: 'Existing conversation (idempotent path).',
+          mediaType: 'application/json',
+        },
+        {
+          status: 201,
+          description: 'Newly created conversation.',
+          mediaType: 'application/json',
+        },
+      ],
+      errors: [
+        { status: 400, description: 'Invalid request body.' },
+        { status: 401, description: 'Unauthenticated caller.' },
+        { status: 403, description: 'Caller lacks the `ai_assistant.view` feature.' },
+      ],
+    },
+  },
+}
+
+export const metadata = {
+  GET: { requireAuth: true, requireFeatures: [REQUIRED_FEATURE] },
+  POST: { requireAuth: true, requireFeatures: [REQUIRED_FEATURE] },
+}
+
+function jsonError(
+  status: number,
+  message: string,
+  code: string,
+  extra?: Record<string, unknown>,
+): NextResponse {
+  return NextResponse.json({ error: message, code, ...(extra ?? {}) }, { status })
+}
+
+async function loadCallerContext(req: NextRequest): Promise<
+  | { kind: 'unauthorized' }
+  | { kind: 'forbidden' }
+  | { kind: 'missing-tenant' }
+  | {
+      kind: 'ok'
+      tenantId: string
+      organizationId: string | null
+      userId: string
+      canManageConversations: boolean
+    }
+> {
+  const auth = await getAuthFromRequest(req)
+  if (!auth) return { kind: 'unauthorized' }
+  const container = await createRequestContainer()
+  const rbacService = container.resolve<RbacService>('rbacService')
+  const acl = await rbacService.loadAcl(auth.sub, {
+    tenantId: auth.tenantId,
+    organizationId: auth.orgId,
+  })
+  if (!hasRequiredFeatures([REQUIRED_FEATURE], acl.features, acl.isSuperAdmin, rbacService)) {
+    return { kind: 'forbidden' }
+  }
+  const canManageConversations = hasRequiredFeatures(
+    [MANAGE_CONVERSATIONS_FEATURE],
+    acl.features,
+    acl.isSuperAdmin,
+    rbacService,
+  )
+  if (!auth.tenantId) {
+    return { kind: 'missing-tenant' }
+  }
+  return {
+    kind: 'ok',
+    tenantId: auth.tenantId,
+    organizationId: auth.orgId ?? null,
+    userId: auth.sub,
+    canManageConversations,
+  }
+}
+
+export async function GET(req: NextRequest): Promise<Response> {
+  const callerCtx = await loadCallerContext(req)
+  if (callerCtx.kind === 'unauthorized') return jsonError(401, 'Unauthorized', 'unauthenticated')
+  if (callerCtx.kind === 'forbidden') {
+    return jsonError(403, `Caller lacks required feature "${REQUIRED_FEATURE}".`, 'forbidden')
+  }
+  if (callerCtx.kind === 'missing-tenant') {
+    return NextResponse.json({ items: [], nextCursor: null })
+  }
+
+  const url = new URL(req.url)
+  const parseResult = aiChatConversationListQuerySchema.safeParse({
+    agent: url.searchParams.get('agent') ?? undefined,
+    status: url.searchParams.get('status') ?? undefined,
+    limit: url.searchParams.get('limit') ?? undefined,
+    cursor: url.searchParams.get('cursor') ?? undefined,
+  })
+  if (!parseResult.success) {
+    return jsonError(400, 'Invalid query parameters.', 'validation_error', {
+      issues: parseResult.error.issues,
+    })
+  }
+
+  try {
+    const container = await createRequestContainer()
+    const repo = createConversationStorage(container)
+    const result = await repo.list(
+      {
+        tenantId: callerCtx.tenantId,
+        organizationId: callerCtx.organizationId,
+        userId: callerCtx.userId,
+        canManageConversations: callerCtx.canManageConversations,
+      },
+      {
+        agentId: parseResult.data.agent ?? null,
+        status: parseResult.data.status ?? null,
+        limit: parseResult.data.limit,
+        cursor: parseResult.data.cursor ?? null,
+      },
+    )
+    return NextResponse.json({
+      items: result.items.map(serializeAiChatConversation),
+      nextCursor: result.nextCursor,
+    })
+  } catch (error) {
+    console.error('[AI Conversations GET] Failure:', error)
+    return jsonError(
+      500,
+      error instanceof Error ? error.message : 'Failed to list conversations.',
+      'internal_error',
+    )
+  }
+}
+
+export async function POST(req: NextRequest): Promise<Response> {
+  const callerCtx = await loadCallerContext(req)
+  if (callerCtx.kind === 'unauthorized') return jsonError(401, 'Unauthorized', 'unauthenticated')
+  if (callerCtx.kind === 'forbidden') {
+    return jsonError(403, `Caller lacks required feature "${REQUIRED_FEATURE}".`, 'forbidden')
+  }
+  if (callerCtx.kind === 'missing-tenant') {
+    return jsonError(400, 'Caller is not bound to a tenant.', 'tenant_required')
+  }
+
+  let rawBody: unknown
+  try {
+    rawBody = await req.json()
+  } catch {
+    return jsonError(400, 'Request body must be valid JSON.', 'validation_error')
+  }
+
+  const parseResult = aiChatConversationCreateSchema.safeParse(rawBody)
+  if (!parseResult.success) {
+    return jsonError(400, 'Invalid conversation payload.', 'validation_error', {
+      issues: parseResult.error.issues,
+    })
+  }
+
+  try {
+    const container = await createRequestContainer()
+    const repo = createConversationStorage(container)
+    const ctx = {
+      tenantId: callerCtx.tenantId,
+      organizationId: callerCtx.organizationId,
+      userId: callerCtx.userId,
+      canManageConversations: false,
+    }
+    const beforeRow = parseResult.data.conversationId
+      ? await repo.getById(parseResult.data.conversationId, ctx)
+      : null
+    const row = await repo.createOrGet(
+      {
+        conversationId: parseResult.data.conversationId,
+        agentId: parseResult.data.agentId,
+        title: parseResult.data.title ?? null,
+        pageContext: parseResult.data.pageContext ?? null,
+      },
+      ctx,
+    )
+    const status = beforeRow ? 200 : 201
+    return NextResponse.json(serializeAiChatConversation(row), { status })
+  } catch (error) {
+    if (error instanceof Error && error.name === 'AiChatConversationAccessError') {
+      return jsonError(404, error.message, 'conversation_not_found')
+    }
+    console.error('[AI Conversations POST] Failure:', error)
+    return jsonError(
+      500,
+      error instanceof Error ? error.message : 'Failed to create conversation.',
+      'internal_error',
+    )
+  }
+}

package/src/modules/ai_assistant/data/entities/AiChatConversation.ts

@@ -0,0 +1,2 @@
+export { AiChatConversation } from '../entities'
+export type { AiChatConversation as default } from '../entities'

package/src/modules/ai_assistant/data/entities/AiChatConversationParticipant.ts

@@ -0,0 +1,2 @@
+export { AiChatConversationParticipant } from '../entities'
+export type { AiChatConversationParticipant as default } from '../entities'

package/src/modules/ai_assistant/data/entities/AiChatMessage.ts

@@ -0,0 +1,2 @@
+export { AiChatMessage } from '../entities'
+export type { AiChatMessage as default } from '../entities'

package/src/modules/ai_assistant/data/entities.ts

@@ -669,3 +669,258 @@ export class AiAgentMutationPolicyOverride {
   @Property({ name: 'updated_at', type: Date, onUpdate: () => new Date() })
   updatedAt: Date = new Date()
 }
+
+/**
+ * Tenant-scoped durable record of a typed AI chat session.
+ *
+ * Owner-only MVP per spec `2026-05-05-ai-chat-server-side-conversation-storage`.
+ * The `participants` table prepares for future sharing without a schema
+ * rewrite — the owner row is always written in the same transaction as the
+ * conversation row (see `AiChatConversationRepository.createOrGet`).
+ *
+ * `conversationId` is the stable, client-visible identifier. It is unique
+ * within `(tenant_id, organization_id)` so an idempotent `createOrGet` can
+ * accept a client-generated UUID. Pending mutation approvals already store
+ * the same id in `AiPendingAction.conversationId` — the chat-history schema
+ * deliberately matches that contract so a future foreign key can be added
+ * without churn.
+ *
+ * `imported_from_local_at` flags conversations that the UI lazily migrated
+ * from `localStorage`. The flag is informational only; once a row exists it
+ * is always the source of truth for that conversation.
+ */
+@Entity({ tableName: 'ai_chat_conversations' })
+@Index({
+  name: 'ai_chat_conversations_tenant_org_conv_uq',
+  expression:
+    'create unique index "ai_chat_conversations_tenant_org_conv_uq" on "ai_chat_conversations" ("tenant_id", "organization_id", "conversation_id") where "organization_id" is not null and "deleted_at" is null',
+})
+@Index({
+  name: 'ai_chat_conversations_tenant_conv_null_org_uq',
+  expression:
+    'create unique index "ai_chat_conversations_tenant_conv_null_org_uq" on "ai_chat_conversations" ("tenant_id", "conversation_id") where "organization_id" is null and "deleted_at" is null',
+})
+@Index({
+  name: 'ai_chat_conversations_tenant_org_owner_agent_idx',
+  properties: ['tenantId', 'organizationId', 'ownerUserId', 'agentId', 'status', 'lastMessageAt'],
+})
+@Index({
+  name: 'ai_chat_conversations_tenant_org_deleted_idx',
+  properties: ['tenantId', 'organizationId', 'deletedAt'],
+})
+export class AiChatConversation {
+  [OptionalProps]?:
+    | 'createdAt'
+    | 'updatedAt'
+    | 'organizationId'
+    | 'title'
+    | 'status'
+    | 'visibility'
+    | 'pageContext'
+    | 'lastMessageAt'
+    | 'importedFromLocalAt'
+    | 'deletedAt'
+
+  @PrimaryKey({ type: 'uuid', defaultRaw: 'gen_random_uuid()' })
+  id!: string
+
+  @Property({ name: 'tenant_id', type: 'uuid' })
+  tenantId!: string
+
+  @Property({ name: 'organization_id', type: 'uuid', nullable: true })
+  organizationId?: string | null
+
+  @Property({ name: 'conversation_id', type: 'text' })
+  conversationId!: string
+
+  @Property({ name: 'agent_id', type: 'text' })
+  agentId!: string
+
+  @Property({ name: 'owner_user_id', type: 'uuid' })
+  ownerUserId!: string
+
+  @Property({ name: 'title', type: 'text', nullable: true })
+  title?: string | null
+
+  @Property({ name: 'status', type: 'text', default: 'open' })
+  status: 'open' | 'closed' = 'open'
+
+  @Property({ name: 'visibility', type: 'text', default: 'private' })
+  visibility: 'private' | 'shared' | 'organization' = 'private'
+
+  @Property({ name: 'page_context', type: 'jsonb', nullable: true })
+  pageContext?: Record<string, unknown> | null
+
+  @Property({ name: 'last_message_at', type: Date, nullable: true })
+  lastMessageAt?: Date | null
+
+  @Property({ name: 'imported_from_local_at', type: Date, nullable: true })
+  importedFromLocalAt?: Date | null
+
+  @Property({ name: 'created_at', type: Date, onCreate: () => new Date() })
+  createdAt: Date = new Date()
+
+  @Property({ name: 'updated_at', type: Date, onUpdate: () => new Date() })
+  updatedAt: Date = new Date()
+
+  @Property({ name: 'deleted_at', type: Date, nullable: true })
+  deletedAt?: Date | null
+}
+
+/**
+ * Membership row for an `AiChatConversation`.
+ *
+ * MVP always writes exactly one row per conversation with `role = 'owner'`,
+ * written transactionally alongside the conversation. Sharing extensions
+ * append additional rows with `role IN ('viewer', 'commenter', ...)`. The
+ * access predicate is "is the caller an undeleted participant" — see
+ * `AiChatConversationRepository.assertAccessible`.
+ *
+ * `last_read_at` is reserved for future unread/share UX and is unused in MVP.
+ */
+@Entity({ tableName: 'ai_chat_conversation_participants' })
+@Index({
+  name: 'ai_chat_conv_participants_tenant_org_conv_user_uq',
+  expression:
+    'create unique index "ai_chat_conv_participants_tenant_org_conv_user_uq" on "ai_chat_conversation_participants" ("tenant_id", "organization_id", "conversation_id", "user_id") where "organization_id" is not null',
+})
+@Index({
+  name: 'ai_chat_conv_participants_tenant_conv_user_null_org_uq',
+  expression:
+    'create unique index "ai_chat_conv_participants_tenant_conv_user_null_org_uq" on "ai_chat_conversation_participants" ("tenant_id", "conversation_id", "user_id") where "organization_id" is null',
+})
+@Index({
+  name: 'ai_chat_conv_participants_tenant_org_user_conv_idx',
+  properties: ['tenantId', 'organizationId', 'userId', 'conversationId'],
+})
+export class AiChatConversationParticipant {
+  [OptionalProps]?:
+    | 'createdAt'
+    | 'updatedAt'
+    | 'organizationId'
+    | 'role'
+    | 'lastReadAt'
+
+  @PrimaryKey({ type: 'uuid', defaultRaw: 'gen_random_uuid()' })
+  id!: string
+
+  @Property({ name: 'tenant_id', type: 'uuid' })
+  tenantId!: string
+
+  @Property({ name: 'organization_id', type: 'uuid', nullable: true })
+  organizationId?: string | null
+
+  @Property({ name: 'conversation_id', type: 'text' })
+  conversationId!: string
+
+  @Property({ name: 'user_id', type: 'uuid' })
+  userId!: string
+
+  @Property({ name: 'role', type: 'text', default: 'owner' })
+  role: 'owner' | 'viewer' | 'commenter' = 'owner'
+
+  @Property({ name: 'last_read_at', type: Date, nullable: true })
+  lastReadAt?: Date | null
+
+  @Property({ name: 'created_at', type: Date, onCreate: () => new Date() })
+  createdAt: Date = new Date()
+
+  @Property({ name: 'updated_at', type: Date, onUpdate: () => new Date() })
+  updatedAt: Date = new Date()
+}
+
+/**
+ * Append-only message row for an `AiChatConversation`.
+ *
+ * `client_message_id` is the idempotency key for retries and lazy imports
+ * from `localStorage`. The partial unique index allows a non-null
+ * `clientMessageId` to dedupe within the conversation while leaving
+ * server-only rows (assistant turns persisted from the streaming dispatcher)
+ * free of the constraint.
+ *
+ * `ui_parts` stores the serializable subset of `AiChatMessageUiPart[]` so the
+ * chat surface can re-render record cards, mutation-preview cards, etc.
+ * across reloads. Attachment previews (`data:` URLs and transient blob
+ * URLs) MUST NOT be persisted here — the UI strips them before upload.
+ */
+@Entity({ tableName: 'ai_chat_messages' })
+@Index({
+  name: 'ai_chat_messages_tenant_org_conv_client_id_uq',
+  expression:
+    'create unique index "ai_chat_messages_tenant_org_conv_client_id_uq" on "ai_chat_messages" ("tenant_id", "organization_id", "conversation_id", "client_message_id") where "organization_id" is not null and "client_message_id" is not null and "deleted_at" is null',
+})
+@Index({
+  name: 'ai_chat_messages_tenant_conv_client_id_null_org_uq',
+  expression:
+    'create unique index "ai_chat_messages_tenant_conv_client_id_null_org_uq" on "ai_chat_messages" ("tenant_id", "conversation_id", "client_message_id") where "organization_id" is null and "client_message_id" is not null and "deleted_at" is null',
+})
+@Index({
+  name: 'ai_chat_messages_tenant_org_conv_created_idx',
+  properties: ['tenantId', 'organizationId', 'conversationId', 'createdAt'],
+})
+@Index({
+  name: 'ai_chat_messages_tenant_org_deleted_idx',
+  properties: ['tenantId', 'organizationId', 'deletedAt'],
+})
+export class AiChatMessage {
+  [OptionalProps]?:
+    | 'createdAt'
+    | 'updatedAt'
+    | 'organizationId'
+    | 'clientMessageId'
+    | 'uiParts'
+    | 'attachmentIds'
+    | 'filesMetadata'
+    | 'model'
+    | 'metadata'
+    | 'createdByUserId'
+    | 'deletedAt'
+
+  @PrimaryKey({ type: 'uuid', defaultRaw: 'gen_random_uuid()' })
+  id!: string
+
+  @Property({ name: 'tenant_id', type: 'uuid' })
+  tenantId!: string
+
+  @Property({ name: 'organization_id', type: 'uuid', nullable: true })
+  organizationId?: string | null
+
+  @Property({ name: 'conversation_id', type: 'text' })
+  conversationId!: string
+
+  @Property({ name: 'client_message_id', type: 'text', nullable: true })
+  clientMessageId?: string | null
+
+  @Property({ name: 'role', type: 'text' })
+  role!: 'user' | 'assistant' | 'system'
+
+  @Property({ name: 'content', type: 'text' })
+  content!: string
+
+  @Property({ name: 'ui_parts', type: 'jsonb', nullable: true })
+  uiParts?: unknown[] | null
+
+  @Property({ name: 'attachment_ids', type: 'jsonb', nullable: true })
+  attachmentIds?: string[] | null
+
+  @Property({ name: 'files_metadata', type: 'jsonb', nullable: true })
+  filesMetadata?: Array<Record<string, unknown>> | null
+
+  @Property({ name: 'model', type: 'text', nullable: true })
+  model?: string | null
+
+  @Property({ name: 'metadata', type: 'jsonb', nullable: true })
+  metadata?: Record<string, unknown> | null
+
+  @Property({ name: 'created_by_user_id', type: 'uuid', nullable: true })
+  createdByUserId?: string | null
+
+  @Property({ name: 'created_at', type: Date, onCreate: () => new Date() })
+  createdAt: Date = new Date()
+
+  @Property({ name: 'updated_at', type: Date, onUpdate: () => new Date() })
+  updatedAt: Date = new Date()
+
+  @Property({ name: 'deleted_at', type: Date, nullable: true })
+  deletedAt?: Date | null
+}