npm - @sleep2agi/commhub-server - Versions diffs - 0.5.0-preview.27 → 0.5.0-preview.29 - Mend

@sleep2agi/commhub-server 0.5.0-preview.27 → 0.5.0-preview.29

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/README.md CHANGED Viewed

@@ -18,7 +18,7 @@ PORT=9200 COMMHUB_AUTH_TOKEN=your-secret bunx @sleep2agi/commhub-server
 - REST: `http://0.0.0.0:9200/api/*` (Dashboard / 监控)
 - Health: `http://0.0.0.0:9200/health`
-## MCP 工具 (17 个)
+## MCP 工具 (18 个)
 ### Agent 端 (从 Agent 调用)
 | 工具 | 说明 |
@@ -43,22 +43,50 @@ PORT=9200 COMMHUB_AUTH_TOKEN=your-secret bunx @sleep2agi/commhub-server
 | `get_session_status` | 单 session 详情 |
 | `broadcast` | 群发消息 |
-## REST API
+## REST API (33 端点)
 | 端点 | 方法 | 说明 |
 |------|------|------|
 | `/health` | GET | 健康检查 (无需 auth) |
+| `/mcp` | POST | MCP Streamable HTTP |
+| **认证** | | |
+| `/api/auth/register` | POST | 注册 → utok_ + ntok_ |
+| `/api/auth/login` | POST | 登录 → utok_ |
+| `/api/auth/me` | GET | 当前用户信息 |
+| `/api/auth/me` | PUT | 修改资料 |
+| `/api/auth/password` | POST | 修改密码 |
+| `/api/auth/tokens` | GET | Token 列表 |
+| `/api/auth/tokens` | POST | 创建 Token |
+| `/api/auth/tokens/:id` | DELETE | 撤销 Token |
+| `/api/auth/node-token` | POST | 创建节点网络 Token (ntok_) |
+| **网络** | | |
+| `/api/networks` | GET | 我的网络列表（成员网络） |
+| `/api/networks` | POST | 创建网络 |
+| `/api/networks/:id` | GET | 网络详情 + 统计 |
+| `/api/networks/:id` | PUT | 重命名网络 |
+| `/api/networks/:id` | DELETE | 删除网络 |
+| `/api/networks/:id/members` | GET | 成员列表 |
+| `/api/networks/:id/members` | POST | 添加成员 |
+| `/api/networks/:id/members/:uid` | PUT | 修改成员角色 |
+| `/api/networks/:id/members/:uid` | DELETE | 移除成员 |
+| `/api/networks/:id/invite` | POST | 生成邀请码 |
+| `/api/networks/join` | POST | 用邀请码加入 |
+| **数据** | | |
 | `/api/status` | GET | 所有 session |
-| `/api/tasks` | GET | 任务列表 (支持 status/from_name/to_name/task_id/limit 过滤) |
-| `/api/nodes` | GET | 节点持久化信息 |
-| `/api/task_events` | GET | 任务审计日志 |
+| `/api/tasks` | GET | 任务列表 |
+| `/api/nodes` | GET | 节点信息 |
+| `/api/stats` | GET | 统计汇总 |
 | `/api/messages` | GET | 消息列表 |
 | `/api/completions` | GET | 完成记录 |
-| `/mcp` | POST | MCP Streamable HTTP |
+| `/api/task_events` | GET | 任务审计日志 |
+| `/api/audit-log` | GET | 操作审计日志 |
+| `/api/users` | GET | 用户列表 (admin) |
+| `/api/license` | GET | License 状态 |
+| `/api/license/activate` | POST | 激活授权码 |
-## 数据表 (11 表)
+## 数据表 (13 表)
-自动创建，支持 SQLite 和 PostgreSQL
+自动创建，SQLite
 | 表 | 说明 |
 |---|------|
@@ -68,6 +96,13 @@ PORT=9200 COMMHUB_AUTH_TOKEN=your-secret bunx @sleep2agi/commhub-server
 | `nodes` | 持久化节点身份 (11 列, 独立于 session) |
 | `completions` | 完成记录 (7 列) |
 | `task_events` | 审计日志 (7 列, 每次状态变化记录) |
+| `users` | 用户 (username/password_hash/role/plan) |
+| `networks` | 网络 (name/owner/visibility/max_members) |
+| `api_tokens` | API Token (utok_/ntok_/atok_ + scope + network) |
+| `audit_log` | 操作审计 (user/action/target/ip) |
+| `licenses` | License (type/expires/limits) |
+| `network_members` | 网络成员 (user ↔ network + role) |
+| `network_invites` | 邀请码 (code/role/max_uses/expires) |
 任务状态机:
 ```

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@sleep2agi/commhub-server",
-  "version": "0.5.0-preview.27",
+  "version": "0.5.0-preview.29",
   "description": "CommHub Server \u2014 AI Agent communication hub with MCP protocol, multi-network isolation, user auth, and 18 MCP tools.",
   "type": "module",
   "main": "src/index.ts",

package/src/auth.ts CHANGED Viewed

@@ -22,6 +22,7 @@ export interface AuthResult {
 export function register(username: string, password: string, email?: string, displayName?: string): AuthResult {
   if (!username || username.length < 2) return { ok: false, error: "username must be at least 2 characters" };
+  if (username.length > 50) return { ok: false, error: "username too long (max 50)" };
   if (!password || password.length < 6) return { ok: false, error: "password must be at least 6 characters" };
   if (!/^[a-zA-Z0-9_\-\u4e00-\u9fff]+$/.test(username)) return { ok: false, error: "username contains invalid characters" };
@@ -157,7 +158,23 @@ export function getUserNetworks(userId: string) {
     userId);
 }
+// Quota limits by plan
+const QUOTAS: Record<string, { max_networks_owned: number; max_networks_joined: number }> = {
+  free:  { max_networks_owned: 2, max_networks_joined: 3 },
+  pro:   { max_networks_owned: 10, max_networks_joined: 20 },
+  admin: { max_networks_owned: Infinity, max_networks_joined: Infinity },
+};
 export function createNetwork(userId: string, name: string, description?: string) {
+  // Quota check
+  const user = db.get<any>("SELECT plan, role FROM users WHERE user_id = ?1", userId);
+  const plan = user?.role === "admin" ? "admin" : (user?.plan || "free");
+  const quota = QUOTAS[plan] || QUOTAS.free;
+  const ownedCount = db.get<{ cnt: number }>("SELECT COUNT(*) as cnt FROM networks WHERE owner_id = ?1", userId);
+  if ((ownedCount?.cnt || 0) >= quota.max_networks_owned) {
+    return { ok: false, error: `quota exceeded: max ${quota.max_networks_owned} networks for ${plan} plan` };
+  }
   const existing = db.get<any>(
     "SELECT network_id FROM networks WHERE owner_id = ?1 AND network_name = ?2",
     userId, name);
@@ -203,6 +220,12 @@ export function deleteNetwork(userId: string, networkId: string): { ok: boolean;
 }
 export function createToken(userId: string, name: string, networkId?: string): { ok: boolean; token?: string; token_id?: string; error?: string } {
+  // Security: verify user is a member of the target network
+  if (networkId) {
+    const role = getUserNetworkRole(userId, networkId);
+    if (!role) return { ok: false, error: "not a member of this network" };
+    if (role === "viewer") return { ok: false, error: "viewer cannot create full-access network tokens" };
+  }
   const token = generateToken();
   const tokenId = generateId("tok");
   db.run(

package/src/db-adapter.ts CHANGED Viewed

@@ -50,7 +50,7 @@ export class SQLiteAdapter implements DbAdapter {
   constructor(private readonly rawDb: Database) {}
   run(sql: string, params?: any[]): QueryResult {
-    return this.rawDb.run(sql, params as any);
+    return params ? this.rawDb.run(sql, params as any) : this.rawDb.run(sql);
   }
   get<T = any>(sql: string, ...params: any[]): T | null {

package/src/db.ts CHANGED Viewed

@@ -46,6 +46,7 @@ db.exec(`
     artifacts        TEXT,
     score            REAL,
     duration_minutes REAL,
+    network_id       TEXT,
     completed_at     TEXT NOT NULL DEFAULT (datetime('now'))
   );
 `);
@@ -296,12 +297,15 @@ try {
 } catch {}
 // ── V3: add network_id to existing tables ──
-for (const table of ["sessions", "nodes", "tasks", "inbox", "task_events"]) {
+for (const table of ["sessions", "nodes", "tasks", "inbox", "task_events", "completions"]) {
   try { db.exec(`ALTER TABLE ${table} ADD COLUMN network_id TEXT`); } catch {}
 }
 try { db.exec("CREATE INDEX IF NOT EXISTS idx_sessions_network ON sessions(network_id)"); } catch {}
 try { db.exec("CREATE INDEX IF NOT EXISTS idx_tasks_network ON tasks(network_id)"); } catch {}
 try { db.exec("CREATE INDEX IF NOT EXISTS idx_nodes_network ON nodes(network_id)"); } catch {}
+try { db.exec("CREATE INDEX IF NOT EXISTS idx_inbox_network ON inbox(network_id)"); } catch {}
+try { db.exec("CREATE INDEX IF NOT EXISTS idx_task_events_network ON task_events(network_id)"); } catch {}
+try { db.exec("CREATE INDEX IF NOT EXISTS idx_completions_network ON completions(network_id)"); } catch {}
 // Helpers
 export function uuidv4(): string {
@@ -344,7 +348,8 @@ export function logAudit(userId: string | null, username: string | null, action:
 export function logTaskEvent(taskId: string, fromStatus: string | null, toStatus: string, actor: string, detail?: string) {
   try {
     db.run(
-      "INSERT INTO task_events (task_id, from_status, to_status, actor, detail) VALUES (?1, ?2, ?3, ?4, ?5)",
+      `INSERT INTO task_events (task_id, from_status, to_status, actor, detail, network_id)
+       VALUES (?1, ?2, ?3, ?4, ?5, (SELECT network_id FROM tasks WHERE task_id = ?1))`,
       [taskId, fromStatus, toStatus, actor, detail ?? null]
     );
   } catch {}

package/src/index.ts CHANGED Viewed

@@ -7,6 +7,7 @@ import { createSSEStream, pushEvent, pushBroadcast, getSSEStats } from "./push.j
 import { register, login, resolveToken, getUserNetworks, getUserAllNetworks, createNetwork, deleteNetwork, renameNetwork, changePassword, listTokens, createToken, revokeToken, getNetworkMembers, getUserNetworkRole, addNetworkMember, updateMemberRole, removeNetworkMember, createInvite, joinByInvite, createNetworkTokenForNode, type AuthUser } from "./auth.js";
 const PORT = Number(process.env.PORT) || 9200;
+const HOST = process.env.HOST || "0.0.0.0";
 const AUTH_TOKEN = process.env.COMMHUB_AUTH_TOKEN;
 // ── Rate limiter (in-memory, per IP) ──
@@ -33,12 +34,12 @@ setInterval(() => {
 }, 300000);
 // ── Factory: 每个请求创建新的 McpServer（stateless 模式）──
-function createServer(clientIP?: string, enforceNetworkId?: string | null): McpServer {
+function createServer(clientIP?: string, enforceNetworkId?: string | null, enforceUserId?: string | null): McpServer {
   const server = new McpServer({
     name: "commhub",
     version: "0.5.0",
   });
-  registerTools(server, clientIP, enforceNetworkId);
+  registerTools(server, clientIP, enforceNetworkId, enforceUserId);
   return server;
 }
@@ -72,12 +73,77 @@ function resolveRequestAuth(req: Request): { userId: string; networkId: string |
   return { userId: resolved.user.user_id, networkId: resolved.networkId, username: resolved.user.username };
 }
+type RestNetworkScope = {
+  networkId: string | null;
+  networkIds: string[] | null;
+  denied?: string;
+};
+function getUserNetworkIds(userId: string): string[] {
+  return db.all<{ network_id: string }>(
+    "SELECT network_id FROM network_members WHERE user_id = ?1",
+    userId
+  ).map((row) => row.network_id);
+}
+function resolveRestNetworkScope(url: URL, authCtx: { userId: string; networkId: string | null } | null, isAdmin: boolean): RestNetworkScope {
+  const requested = url.searchParams.get("network_id");
+  // Legacy global token or open dev mode keeps the old global behavior.
+  if (!authCtx) return { networkId: requested || null, networkIds: null };
+  // Network tokens are forcibly scoped to their bound network.
+  if (authCtx.networkId) return { networkId: authCtx.networkId, networkIds: null };
+  // System admins may intentionally inspect all networks.
+  if (isAdmin) return { networkId: requested || null, networkIds: null };
+  if (requested) {
+    const role = getUserNetworkRole(authCtx.userId, requested);
+    if (!role) return { networkId: null, networkIds: [], denied: "access denied to requested network" };
+    return { networkId: requested, networkIds: null };
+  }
+  return { networkId: null, networkIds: getUserNetworkIds(authCtx.userId) };
+}
+function addNetworkScope(sql: string, params: any[], scope: RestNetworkScope, column = "network_id"): string {
+  if (scope.networkId) {
+    sql += ` AND ${column} = ?${params.length + 1}`;
+    params.push(scope.networkId);
+  } else if (scope.networkIds) {
+    if (scope.networkIds.length === 0) {
+      sql += " AND 1=0";
+    } else {
+      const placeholders = scope.networkIds.map((_, i) => `?${params.length + i + 1}`).join(", ");
+      sql += ` AND ${column} IN (${placeholders})`;
+      params.push(...scope.networkIds);
+    }
+  }
+  return sql;
+}
+function singleNetworkId(scope: RestNetworkScope): string | null {
+  if (scope.networkId) return scope.networkId;
+  if (scope.networkIds?.length === 1) return scope.networkIds[0];
+  return null;
+}
+function canRestWriteNetwork(authCtx: { userId: string; networkId: string | null } | null, networkId: string | null, isAdmin: boolean): boolean {
+  if (!authCtx) return true; // legacy global token or open dev mode
+  if (isAdmin) return true;
+  if (!networkId) return false;
+  const role = getUserNetworkRole(authCtx.userId, networkId);
+  return !!role && role !== "viewer";
+}
 // ── REST input schema ───────────────────────────────
 const TaskSchema = z.object({
   alias: z.string().min(1).max(200),
   task: z.string().min(1).max(10000),
   priority: z.enum(["high", "normal", "low"]).default("normal"),
   from: z.string().max(200).optional(),
+  network_id: z.string().max(200).optional(),
 });
 const BroadcastSchema = z.object({
@@ -137,6 +203,7 @@ setInterval(() => {
 Bun.serve({
   port: PORT,
+  hostname: HOST,
   idleTimeout: 255, // max value: keep SSE connections alive (seconds)
   async fetch(req, server) {
@@ -164,10 +231,18 @@ Bun.serve({
       // V3: resolve token → enforce network_id in all MCP tools
       const authCtx = resolveRequestAuth(req);
       const enforceNetId = authCtx?.networkId || null;
+      // utok_ (no network binding) cannot use MCP — only ntok_/atok_/global token
+      if (authCtx && !authCtx.networkId) {
+        return withCors(req, Response.json({
+          jsonrpc: "2.0",
+          error: { code: -32000, message: "User token (utok_) cannot access MCP. Use a network token (ntok_) instead." },
+          id: null,
+        }, { status: 403 }));
+      }
       const transport = new WebStandardStreamableHTTPServerTransport({
         sessionIdGenerator: undefined,
       });
-      const server = createServer(clientIP, enforceNetId);
+      const server = createServer(clientIP, enforceNetId, authCtx?.userId || null);
       await server.connect(transport);
       const response = await transport.handleRequest(req);
       // Disconnect after response to prevent McpServer leak
@@ -261,7 +336,7 @@ Bun.serve({
       if (!token) return withCors(req, Response.json({ ok: false, error: "token required" }, { status: 401 }));
       const resolved = resolveToken(token);
       if (!resolved) return withCors(req, Response.json({ ok: false, error: "invalid token" }, { status: 401 }));
-      const networks = getUserNetworks(resolved.user.user_id);
+      const networks = getUserAllNetworks(resolved.user.user_id);
       return withCors(req, Response.json({ ok: true, user: resolved.user, networks, current_network: resolved.networkId }));
     }
@@ -363,7 +438,12 @@ Bun.serve({
       if (!token) return withCors(req, Response.json({ ok: false, error: "token required" }, { status: 401 }));
       const resolved = resolveToken(token);
       if (!resolved) return withCors(req, Response.json({ ok: false, error: "invalid token" }, { status: 401 }));
-      // V3.13: return all networks user is a member of (not just owner)
+      // V3.13: ntok_ can only see its bound network; utok_ sees all member networks
+      if (resolved.networkId) {
+        // ntok_ — only return the bound network
+        const net = db.get<any>("SELECT * FROM networks WHERE network_id = ?1", resolved.networkId);
+        return withCors(req, Response.json({ ok: true, networks: net ? [net] : [] }));
+      }
       const networks = getUserAllNetworks(resolved.user.user_id);
       return withCors(req, Response.json({ ok: true, networks }));
     }
@@ -469,8 +549,9 @@ Bun.serve({
       const networkId = netDetailMatch[1];
       const network = db.get<any>("SELECT * FROM networks WHERE network_id = ?1", networkId);
       if (!network) return withCors(req, Response.json({ ok: false, error: "network not found" }, { status: 404 }));
-      // Ownership check: only owner or admin can view
-      if (network.owner_id !== resolved.user.user_id && resolved.user.role !== "admin") {
+      // Membership check: must be a member or system admin
+      const viewerRole = getUserNetworkRole(resolved.user.user_id, networkId);
+      if (!viewerRole && resolved.user.role !== "admin") {
         return withCors(req, Response.json({ ok: false, error: "access denied" }, { status: 403 }));
       }
       // Get network stats
@@ -536,15 +617,27 @@ Bun.serve({
     const authErr = requireAuth(req);
     if (authErr) return withCors(req, authErr);
+    // Resolve network scope for REST queries — enforce isolation
+    // Token-bound networkId takes precedence (ntok_ → forced), then query param
+    const restAuth = resolveRequestAuth(req);
+    const isAdmin = !!(restAuth?.username && db.get<any>("SELECT role FROM users WHERE username = ?1", restAuth.username)?.role === "admin");
+    const restScope = resolveRestNetworkScope(url, restAuth, isAdmin);
+    if (restScope.denied) {
+      return withCors(req, Response.json({ ok: false, error: restScope.denied }, { status: 403 }));
+    }
     // ── REST: all sessions status ──
     if (url.pathname === "/api/status") {
       const cutoff = new Date(Date.now() - 10 * 60 * 1000).toISOString().replace("T", " ").slice(0, 19);
-      db.run("UPDATE sessions SET status = 'offline' WHERE updated_at < ?1 AND status != 'offline'", [cutoff]);
-      const netFilter = url.searchParams.get("network_id");
-      const sql = netFilter
-        ? "SELECT * FROM sessions WHERE network_id = ?1 ORDER BY updated_at DESC"
-        : "SELECT * FROM sessions ORDER BY updated_at DESC";
-      const sessions = netFilter ? db.all(sql, netFilter) : db.all(sql);
+      const staleParams: any[] = [cutoff];
+      let staleSql = "UPDATE sessions SET status = 'offline' WHERE updated_at < ?1 AND status != 'offline'";
+      staleSql = addNetworkScope(staleSql, staleParams, restScope);
+      db.run(staleSql, staleParams);
+      const params: any[] = [];
+      let sql = "SELECT * FROM sessions WHERE 1=1";
+      sql = addNetworkScope(sql, params, restScope);
+      sql += " ORDER BY updated_at DESC";
+      const sessions = db.all(sql, ...params);
       return withCors(req, Response.json({ ok: true, sessions }));
     }
@@ -561,18 +654,40 @@ Bun.serve({
         return withCors(req, Response.json({ error: "invalid input", details: parsed.error.format() }, { status: 400 }));
       }
       const body = parsed.data;
+      let taskNetId: string | null = null;
+      if (restAuth?.networkId) {
+        taskNetId = restAuth.networkId;
+      } else if (body.network_id) {
+        if (restAuth && !isAdmin && !getUserNetworkRole(restAuth.userId, body.network_id)) {
+          return withCors(req, Response.json({ ok: false, error: "access denied to requested network" }, { status: 403 }));
+        }
+        taskNetId = body.network_id;
+      } else {
+        taskNetId = restAuth ? singleNetworkId(restScope) : null;
+      }
+      if (restAuth && !taskNetId) {
+        return withCors(req, Response.json({ ok: false, error: "network_id required for user token when multiple networks are available" }, { status: 400 }));
+      }
+      if (!canRestWriteNetwork(restAuth, taskNetId, isAdmin)) {
+        return withCors(req, Response.json({ ok: false, error: "permission_denied" }, { status: 403 }));
+      }
       const id = crypto.randomUUID();
       const fromSession = body.from || "api";
       db.run(
-        `INSERT INTO inbox (id, session_name, type, priority, content, from_session)
-         VALUES (?1, ?2, 'task', ?3, ?4, ?5)`,
-        [id, body.alias, body.priority, body.task, fromSession]
+        `INSERT INTO inbox (id, session_name, type, priority, content, from_session, network_id)
+         VALUES (?1, ?2, 'task', ?3, ?4, ?5, ?6)`,
+        [id, body.alias, body.priority, body.task, fromSession, taskNetId]
       );
       // SSE push: 秒达
-      const pending = db.get<{ cnt: number }>(
-        "SELECT COUNT(*) as cnt FROM inbox WHERE session_name = ?1 AND acked = 0",
-        body.alias);
-      pushEvent(body.alias, { type: "new_task", inbox_count: pending?.cnt ?? 1, priority: body.priority, from: fromSession });
+      const pendingParams: any[] = [body.alias];
+      let pendingSql = "SELECT COUNT(*) as cnt FROM inbox WHERE session_name = ?1 AND acked = 0";
+      if (taskNetId) { pendingSql += " AND network_id = ?2"; pendingParams.push(taskNetId); }
+      const pending = db.get<{ cnt: number }>(pendingSql, ...pendingParams);
+      const sessionParams: any[] = [body.alias];
+      let sessionSql = "SELECT 1 FROM sessions WHERE alias = ?1";
+      if (taskNetId) { sessionSql += " AND network_id = ?2"; sessionParams.push(taskNetId); }
+      const targetSession = db.get<any>(sessionSql, ...sessionParams);
+      if (targetSession) pushEvent(body.alias, { type: "new_task", inbox_count: pending?.cnt ?? 1, priority: body.priority, from: fromSession });
       return withCors(req, Response.json({ ok: true, message_id: id }));
     }
@@ -589,18 +704,25 @@ Bun.serve({
         return withCors(req, Response.json({ error: "invalid input", details: parsed.error.format() }, { status: 400 }));
       }
       const body = parsed.data;
-      let sql = "SELECT alias FROM sessions WHERE alias IS NOT NULL";
+      if (restAuth && !restScope.networkId && !isAdmin) {
+        return withCors(req, Response.json({ ok: false, error: "network_id required for user token when broadcasting" }, { status: 400 }));
+      }
+      if (!canRestWriteNetwork(restAuth, restScope.networkId, isAdmin)) {
+        return withCors(req, Response.json({ ok: false, error: "permission_denied" }, { status: 403 }));
+      }
+      let sql = "SELECT alias, network_id FROM sessions WHERE alias IS NOT NULL";
       const params: any[] = [];
+      sql = addNetworkScope(sql, params, restScope);
       if (body.filter_server) { sql += " AND server = ?"; params.push(body.filter_server); }
       if (body.filter_status) { sql += " AND status = ?"; params.push(body.filter_status); }
-      const targets = db.all<{ alias: string }>(sql, ...params);
+      const targets = db.all<{ alias: string; network_id: string | null }>(sql, ...params);
       const ids: string[] = [];
       for (const t of targets) {
         const id = crypto.randomUUID();
         db.run(
-          `INSERT INTO inbox (id, session_name, type, priority, content, from_session)
-           VALUES (?1, ?2, 'broadcast', 'normal', ?3, 'api')`,
-          [id, t.alias, body.message]
+          `INSERT INTO inbox (id, session_name, type, priority, content, from_session, network_id)
+           VALUES (?1, ?2, 'broadcast', 'normal', ?3, 'api', ?4)`,
+          [id, t.alias, body.message, t.network_id]
         );
         ids.push(id);
       }
@@ -658,36 +780,49 @@ Bun.serve({
     // ── REST: recent messages (for Dashboard communication graph) ──
     if (url.pathname === "/api/messages") {
-      const limit = Number(url.searchParams.get("limit")) || 100;
+      const limit = Math.min(Number(url.searchParams.get("limit")) || 100, 500);
       const since = url.searchParams.get("since") ?? new Date(Date.now() - 3600000).toISOString().replace("T", " ").slice(0, 19);
-      const rows = db.all(
-        "SELECT id, session_name as to_alias, from_session as from_alias, type, priority, content, created_at FROM inbox WHERE created_at >= ?1 ORDER BY created_at DESC LIMIT ?2",
-        since, limit);
+      const params: any[] = [since];
+      let sql = "SELECT id, session_name as to_alias, from_session as from_alias, type, priority, content, created_at, network_id FROM inbox WHERE created_at >= ?1";
+      sql = addNetworkScope(sql, params, restScope);
+      sql += ` ORDER BY created_at DESC LIMIT ?${params.length + 1}`;
+      params.push(limit);
+      const rows = db.all(sql, ...params);
       return withCors(req, Response.json({ ok: true, messages: rows }));
     }
     // ── REST: stats summary ──
     if (url.pathname === "/api/stats") {
-      const n = url.searchParams.get("network_id");
-      // Parameterized queries to prevent SQL injection
-      const taskStats = n
-        ? db.all<any>("SELECT status, COUNT(*) as count FROM tasks WHERE network_id = ?1 GROUP BY status", n)
-        : db.all<any>("SELECT status, COUNT(*) as count FROM tasks GROUP BY status");
-      const sessionStats = n
-        ? db.all<any>("SELECT status, COUNT(*) as count FROM sessions WHERE network_id = ?1 GROUP BY status", n)
-        : db.all<any>("SELECT status, COUNT(*) as count FROM sessions GROUP BY status");
-      const totalTasks = n
-        ? db.get<{ cnt: number }>("SELECT COUNT(*) as cnt FROM tasks WHERE network_id = ?1", n)
-        : db.get<{ cnt: number }>("SELECT COUNT(*) as cnt FROM tasks");
-      const totalNodes = n
-        ? db.get<{ cnt: number }>("SELECT COUNT(*) as cnt FROM nodes WHERE network_id = ?1", n)
-        : db.get<{ cnt: number }>("SELECT COUNT(*) as cnt FROM nodes");
-      const recentTasks = n
-        ? db.all<any>("SELECT task_id, from_name, to_name, status, created_at FROM tasks WHERE network_id = ?1 ORDER BY created_at DESC LIMIT 5", n)
-        : db.all<any>("SELECT task_id, from_name, to_name, status, created_at FROM tasks ORDER BY created_at DESC LIMIT 5");
+      const taskStatsParams: any[] = [];
+      let taskStatsSql = "SELECT status, COUNT(*) as count FROM tasks WHERE 1=1";
+      taskStatsSql = addNetworkScope(taskStatsSql, taskStatsParams, restScope);
+      taskStatsSql += " GROUP BY status";
+      const taskStats = db.all<any>(taskStatsSql, ...taskStatsParams);
+      const sessionStatsParams: any[] = [];
+      let sessionStatsSql = "SELECT status, COUNT(*) as count FROM sessions WHERE 1=1";
+      sessionStatsSql = addNetworkScope(sessionStatsSql, sessionStatsParams, restScope);
+      sessionStatsSql += " GROUP BY status";
+      const sessionStats = db.all<any>(sessionStatsSql, ...sessionStatsParams);
+      const totalTasksParams: any[] = [];
+      let totalTasksSql = "SELECT COUNT(*) as cnt FROM tasks WHERE 1=1";
+      totalTasksSql = addNetworkScope(totalTasksSql, totalTasksParams, restScope);
+      const totalTasks = db.get<{ cnt: number }>(totalTasksSql, ...totalTasksParams);
+      const totalNodesParams: any[] = [];
+      let totalNodesSql = "SELECT COUNT(*) as cnt FROM nodes WHERE 1=1";
+      totalNodesSql = addNetworkScope(totalNodesSql, totalNodesParams, restScope);
+      const totalNodes = db.get<{ cnt: number }>(totalNodesSql, ...totalNodesParams);
+      const recentTasksParams: any[] = [];
+      let recentTasksSql = "SELECT task_id, from_name, to_name, status, created_at FROM tasks WHERE 1=1";
+      recentTasksSql = addNetworkScope(recentTasksSql, recentTasksParams, restScope);
+      recentTasksSql += " ORDER BY created_at DESC LIMIT 5";
+      const recentTasks = db.all<any>(recentTasksSql, ...recentTasksParams);
       return withCors(req, Response.json({
         ok: true,
-        network_id: n || null,
+        network_id: restScope.networkId || null,
         tasks: { total: totalTasks?.cnt || 0, by_status: taskStats },
         sessions: { by_status: sessionStats },
         nodes: { total: totalNodes?.cnt || 0 },
@@ -720,10 +855,11 @@ Bun.serve({
     if (url.pathname === "/api/task_events") {
       const taskId = url.searchParams.get("task_id");
       const limit = Math.min(Number(url.searchParams.get("limit")) || 50, 500);
-      let sql = "SELECT * FROM task_events";
+      let sql = "SELECT * FROM task_events WHERE 1=1";
       const params: any[] = [];
-      if (taskId) { sql += " WHERE task_id = ?1"; params.push(taskId); }
-      sql += " ORDER BY created_at DESC LIMIT ?";
+      sql = addNetworkScope(sql, params, restScope);
+      if (taskId) { sql += ` AND task_id = ?${params.length + 1}`; params.push(taskId); }
+      sql += ` ORDER BY created_at DESC LIMIT ?${params.length + 1}`;
       params.push(limit);
       const rows = db.all(sql, ...params);
       return withCors(req, Response.json({ ok: true, events: rows, count: rows.length }));
@@ -733,10 +869,9 @@ Bun.serve({
     if (url.pathname === "/api/nodes") {
       const nodeId = url.searchParams.get("node_id");
       const alias = url.searchParams.get("alias");
-      const netFilter = url.searchParams.get("network_id");
       let sql = "SELECT * FROM nodes WHERE 1=1";
       const params: any[] = [];
-      if (netFilter) { sql += ` AND network_id = ?${params.length + 1}`; params.push(netFilter); }
+      sql = addNetworkScope(sql, params, restScope);
       if (nodeId) { sql += ` AND node_id = ?${params.length + 1}`; params.push(nodeId); }
       if (alias) { sql += ` AND alias = ?${params.length + 1}`; params.push(alias); }
       sql += " ORDER BY updated_at DESC";
@@ -750,12 +885,11 @@ Bun.serve({
       const status = url.searchParams.get("status");
       const toName = url.searchParams.get("to_name");
       const fromName = url.searchParams.get("from_name");
-      const netFilter = url.searchParams.get("network_id");
       const limit = Math.min(Number(url.searchParams.get("limit")) || 50, 200);
       let sql = "SELECT * FROM tasks WHERE 1=1";
       const params: any[] = [];
-      if (netFilter) { sql += ` AND network_id = ?${params.length + 1}`; params.push(netFilter); }
+      sql = addNetworkScope(sql, params, restScope);
       if (taskId) { sql += ` AND task_id = ?${params.length + 1}`; params.push(taskId); }
       if (status) { sql += ` AND status = ?${params.length + 1}`; params.push(status); }
       if (toName) { sql += ` AND to_name = ?${params.length + 1}`; params.push(toName); }
@@ -764,16 +898,22 @@ Bun.serve({
       params.push(limit);
       const rows = db.all(sql, ...params);
-      const stats = netFilter
-        ? db.all<any>("SELECT status, COUNT(*) as count FROM tasks WHERE network_id = ?1 GROUP BY status", netFilter)
-        : db.all<any>("SELECT status, COUNT(*) as count FROM tasks GROUP BY status");
+      const statsParams: any[] = [];
+      let statsSql = "SELECT status, COUNT(*) as count FROM tasks WHERE 1=1";
+      statsSql = addNetworkScope(statsSql, statsParams, restScope);
+      statsSql += " GROUP BY status";
+      const stats = db.all<any>(statsSql, ...statsParams);
       return withCors(req, Response.json({ ok: true, tasks: rows, count: rows.length, stats }));
     }
     // ── REST: recent completions ──
     if (url.pathname === "/api/completions") {
       const since = url.searchParams.get("since") ?? new Date(Date.now() - 86400000).toISOString();
-      const rows = db.all("SELECT * FROM completions WHERE completed_at >= ?1 ORDER BY completed_at DESC LIMIT 100", since);
+      const params: any[] = [since];
+      let sql = "SELECT * FROM completions WHERE completed_at >= ?1";
+      sql = addNetworkScope(sql, params, restScope);
+      sql += " ORDER BY completed_at DESC LIMIT 100";
+      const rows = db.all(sql, ...params);
       return withCors(req, Response.json({ ok: true, completions: rows }));
     }
@@ -894,8 +1034,8 @@ console.log(`
 ║   Transport: Streamable HTTP (Bun native)         ║
 ║   Auth: ${AUTH_TOKEN ? "ENABLED (Bearer token)" : "DISABLED (set COMMHUB_AUTH_TOKEN)"}${"".padEnd(AUTH_TOKEN ? 5 : 0)}║
 ║                                                   ║
-║   MCP:    http://0.0.0.0:${PORT}/mcp                 ║
-║   REST:   http://0.0.0.0:${PORT}/api                 ║
-║   Health: http://0.0.0.0:${PORT}/health               ║
+║   MCP:    http://${HOST}:${PORT}/mcp                 ║
+║   REST:   http://${HOST}:${PORT}/api                 ║
+║   Health: http://${HOST}:${PORT}/health               ║
 ╚══════════════════════════════════════════════════╝
 `);

package/src/tools.ts CHANGED Viewed

@@ -2,14 +2,38 @@ import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
 import { z } from "zod/v4";
 import { db, uuidv4, logTaskEvent } from "./db.js";
 import { pushEvent, pushBroadcast } from "./push.js";
+import { getUserNetworkRole } from "./auth.js";
 function ts(): string {
   return new Date().toTimeString().slice(0, 8);
 }
-export function registerTools(server: McpServer, clientIP?: string, enforceNetworkId?: string | null) {
+export function registerTools(server: McpServer, clientIP?: string, enforceNetworkId?: string | null, enforceUserId?: string | null) {
   // If enforceNetworkId is set, override any client-supplied network_id
   const getNetworkId = (clientNetId?: string | null) => enforceNetworkId ?? clientNetId ?? null;
+  // Check if the user has write access to the enforced network
+  // utok_ (no networkId) cannot do MCP writes — only ntok_/atok_ with network binding can
+  const canWrite = (): boolean => {
+    if (!enforceUserId) return true; // legacy global token mode, allow
+    if (!enforceNetworkId) return false; // utok_ has no network → cannot write MCP
+    const role = getUserNetworkRole(enforceUserId, enforceNetworkId);
+    return !!role && role !== "viewer"; // owner/admin/member can write, viewer cannot
+  };
+  const addScope = (sql: string, params: any[], networkId?: string | null, column = "network_id"): string => {
+    if (!networkId) return sql;
+    sql += ` AND ${column} = ?${params.length + 1}`;
+    params.push(networkId);
+    return sql;
+  };
+  const scopedSessionStatus = (alias: string, networkId?: string | null) => {
+    const params: any[] = [alias];
+    let sql = "SELECT status FROM sessions WHERE alias = ?1";
+    sql = addScope(sql, params, networkId);
+    return db.get<any>(sql, ...params);
+  };
   // ═══════════════════════════════════════════
   //  Child Agent Tools (4)
   // ═══════════════════════════════════════════
@@ -42,6 +66,9 @@ export function registerTools(server: McpServer, clientIP?: string, enforceNetwo
     },
     async ({ resume_id, alias, status, task, output, score, progress, server: srv, hostname: hn, agent: ag, project_dir: pd, version: ver, tmux_name: tmux, node_id, session_id, config_path, channels, model: mdl, node_name: nn, network_id: netId }) => {
       const effectiveNetId = getNetworkId(netId);
+      if (!canWrite()) {
+        return { content: [{ type: "text" as const, text: JSON.stringify({ ok: false, error: "permission_denied" }) }] };
+      }
       console.log(`[${ts()}] ${alias} (${resume_id.slice(0, 8)}) → report_status: ${status}${task ? " | " + task.slice(0, 60) : ""}${effectiveNetId ? " [net]" : ""}`);
       const trimmedOutput = output?.slice(0, 4000);
@@ -66,23 +93,25 @@ export function registerTools(server: McpServer, clientIP?: string, enforceNetwo
              session_id = COALESCE(?16, sessions.session_id), config_path = COALESCE(?17, sessions.config_path),
              channels = COALESCE(?18, sessions.channels), network_id = COALESCE(?19, sessions.network_id),
              last_seen_at = datetime('now'), updated_at = datetime('now')`,
-          [resume_id, alias, tmux ?? null, srv ?? null, clientIP ?? null, hn ?? null, ag ?? null, pd ?? null, ver ?? null, status, task ?? null, trimmedOutput ?? null, progress ?? null, score ?? null, node_id ?? null, session_id ?? null, config_path ?? null, channels ?? null, netId ?? null]
+          [resume_id, alias, tmux ?? null, srv ?? null, clientIP ?? null, hn ?? null, ag ?? null, pd ?? null, ver ?? null, status, task ?? null, trimmedOutput ?? null, progress ?? null, score ?? null, node_id ?? null, session_id ?? null, config_path ?? null, channels ?? null, effectiveNetId ?? null]
         );
       });
       // V2: sync tasks table — report_status(working) → tasks.running
       if (status === "working" && task) {
         try {
-          const runResult = db.run(
-            `UPDATE tasks SET status = 'running', started_at = datetime('now')
-             WHERE to_name = ?1 AND status IN ('delivered', 'acked') AND content = ?2`,
-            [alias, task]
-          );
+          const runParams: any[] = [alias, task];
+          let runSql = `UPDATE tasks SET status = 'running', started_at = datetime('now')
+             WHERE to_name = ?1 AND status IN ('delivered', 'acked') AND content = ?2`;
+          runSql = addScope(runSql, runParams, effectiveNetId);
+          const runResult = db.run(runSql, runParams);
           if (runResult.changes > 0) {
             // Find task_id for logging
-            const t = db.get<{ task_id: string }>(
-              "SELECT task_id FROM tasks WHERE to_name = ?1 AND content = ?2 AND status = 'running' ORDER BY started_at DESC LIMIT 1",
-              alias, task);
+            const findParams: any[] = [alias, task];
+            let findSql = "SELECT task_id FROM tasks WHERE to_name = ?1 AND content = ?2 AND status = 'running'";
+            findSql = addScope(findSql, findParams, effectiveNetId);
+            findSql += " ORDER BY started_at DESC LIMIT 1";
+            const t = db.get<{ task_id: string }>(findSql, ...findParams);
             if (t) logTaskEvent(t.task_id, null, "running", alias);
           }
         } catch {}
@@ -94,8 +123,8 @@ export function registerTools(server: McpServer, clientIP?: string, enforceNetwo
           // Extract runtime from agent field (e.g., "agent-node:codex" → "codex-sdk")
           const nodeRuntime = ag?.includes(":") ? ag.split(":")[1] + "-sdk" : ag ?? null;
           db.run(
-            `INSERT INTO nodes (node_id, node_name, alias, runtime, model, config_path, channels, server, hostname, updated_at)
-             VALUES (?1, ?2, ?3, ?4, ?5, ?6, ?7, ?8, ?9, datetime('now'))
+            `INSERT INTO nodes (node_id, node_name, alias, runtime, model, config_path, channels, server, hostname, network_id, updated_at)
+             VALUES (?1, ?2, ?3, ?4, ?5, ?6, ?7, ?8, ?9, ?10, datetime('now'))
              ON CONFLICT(node_id) DO UPDATE SET
                node_name = COALESCE(?2, nodes.node_name),
                alias = COALESCE(?3, nodes.alias),
@@ -105,16 +134,18 @@ export function registerTools(server: McpServer, clientIP?: string, enforceNetwo
                channels = COALESCE(?7, nodes.channels),
                server = COALESCE(?8, nodes.server),
                hostname = COALESCE(?9, nodes.hostname),
+               network_id = COALESCE(?10, nodes.network_id),
                updated_at = datetime('now')`,
-            [node_id, nn || alias, alias, nodeRuntime, mdl ?? null, config_path ?? null, channels ?? null, srv ?? null, hn ?? null]
+            [node_id, nn || alias, alias, nodeRuntime, mdl ?? null, config_path ?? null, channels ?? null, srv ?? null, hn ?? null, effectiveNetId ?? null]
           );
         } catch {}
       }
       // inbox uses alias for routing
-      const row = db.get<{ cnt: number }>(
-        "SELECT COUNT(*) as cnt FROM inbox WHERE session_name = ?1 AND acked = 0",
-        alias);
+      const inboxParams: any[] = [alias];
+      let inboxSql = "SELECT COUNT(*) as cnt FROM inbox WHERE session_name = ?1 AND acked = 0";
+      inboxSql = addScope(inboxSql, inboxParams, effectiveNetId);
+      const row = db.get<{ cnt: number }>(inboxSql, ...inboxParams);
       return {
         content: [
@@ -142,43 +173,53 @@ export function registerTools(server: McpServer, clientIP?: string, enforceNetwo
       artifacts: z.array(z.string().max(2000)).max(50).optional().describe("Output URLs or file paths"),
       score: z.number().min(0).max(10).optional(),
       duration_minutes: z.number().min(0).optional(),
+      network_id: z.string().max(200).optional().describe("Network scope"),
     },
-    async ({ alias, task, result, artifacts, score, duration_minutes }) => {
-      console.log(`[${ts()}] ${alias} → report_completion: ${task.slice(0, 60)}`);
+    async ({ alias, task, result, artifacts, score, duration_minutes, network_id: netId }) => {
+      const effectiveNetId = getNetworkId(netId);
+      if (!canWrite()) {
+        return { content: [{ type: "text" as const, text: JSON.stringify({ ok: false, error: "permission_denied" }) }] };
+      }
+      console.log(`[${ts()}] ${alias} → report_completion: ${task.slice(0, 60)}${effectiveNetId ? " [net]" : ""}`);
       const id = uuidv4();
-      const taskUpdateChanges = db.transaction(() => {
-        db.run(
-          `INSERT INTO completions (id, session_name, task, result, artifacts, score, duration_minutes)
-           VALUES (?1, ?2, ?3, ?4, ?5, ?6, ?7)`,
-          [id, alias, task, result, artifacts ? JSON.stringify(artifacts) : null, score ?? null, duration_minutes ?? null]
-        );
+      let updatedTaskId: string | null = null;
+      db.transaction(() => {
         db.run(
-          `UPDATE sessions SET status = 'idle', task = NULL, progress = 0, updated_at = datetime('now')
-           WHERE alias = ?1`,
-          [alias]
+          `INSERT INTO completions (id, session_name, task, result, artifacts, score, duration_minutes, network_id)
+           VALUES (?1, ?2, ?3, ?4, ?5, ?6, ?7, ?8)`,
+          [id, alias, task, result, artifacts ? JSON.stringify(artifacts) : null, score ?? null, duration_minutes ?? null, effectiveNetId ?? null]
         );
+        const sessionParams: any[] = [alias];
+        let sessionSql = `UPDATE sessions SET status = 'idle', task = NULL, progress = 0, updated_at = datetime('now')
+           WHERE alias = ?1`;
+        sessionSql = addScope(sessionSql, sessionParams, effectiveNetId);
+        db.run(sessionSql, sessionParams);
         // V2: sync tasks table — try by task_id first, then by content
-        const tu = db.run(
-          `UPDATE tasks SET status = 'replied', result = ?1, completed_at = datetime('now')
-           WHERE task_id = ?2 AND status IN ('delivered', 'acked', 'running')`,
-          [result.slice(0, 4000), task]
-        );
+        const taskParams: any[] = [result.slice(0, 4000), task];
+        let taskSql = `UPDATE tasks SET status = 'replied', result = ?1, completed_at = datetime('now')
+           WHERE task_id = ?2 AND status IN ('delivered', 'acked', 'running')`;
+        taskSql = addScope(taskSql, taskParams, effectiveNetId);
+        const tu = db.run(taskSql, taskParams);
         if (tu.changes === 0) {
-          const match = db.get<{ task_id: string }>(
-            `SELECT task_id FROM tasks WHERE to_name = ?1 AND content = ?2
-             AND status IN ('delivered', 'acked', 'running') ORDER BY created_at DESC LIMIT 1`,
-            alias, task);
+          const matchParams: any[] = [alias, task];
+          let matchSql = `SELECT task_id FROM tasks WHERE to_name = ?1 AND content = ?2
+             AND status IN ('delivered', 'acked', 'running')`;
+          matchSql = addScope(matchSql, matchParams, effectiveNetId);
+          matchSql += " ORDER BY created_at DESC LIMIT 1";
+          const match = db.get<{ task_id: string }>(matchSql, ...matchParams);
           if (match) {
-            db.run(`UPDATE tasks SET status = 'replied', result = ?1, completed_at = datetime('now') WHERE task_id = ?2`,
-              [result.slice(0, 4000), match.task_id]);
+            const matchUpdateParams: any[] = [result.slice(0, 4000), match.task_id];
+            let matchUpdateSql = "UPDATE tasks SET status = 'replied', result = ?1, completed_at = datetime('now') WHERE task_id = ?2";
+            matchUpdateSql = addScope(matchUpdateSql, matchUpdateParams, effectiveNetId);
+            db.run(matchUpdateSql, matchUpdateParams);
+            updatedTaskId = match.task_id;
           }
+        } else {
+          updatedTaskId = task;
         }
-        return tu.changes;
       });
       // Log event after transaction
-      const updatedTaskId = taskUpdateChanges > 0 ? task : (db.get<{ task_id: string }>(
-        "SELECT task_id FROM tasks WHERE to_name = ?1 AND status = 'replied' ORDER BY completed_at DESC LIMIT 1",
-        alias)?.task_id);
       if (updatedTaskId) logTaskEvent(updatedTaskId, null, "replied", alias, "report_completion");
       return {
@@ -195,16 +236,20 @@ export function registerTools(server: McpServer, clientIP?: string, enforceNetwo
       limit: z.number().min(1).max(100).optional().default(10),
     },
     async ({ alias, limit }) => {
-      const rows0 = db.get<{ cnt: number }>(
-        "SELECT COUNT(*) as cnt FROM inbox WHERE session_name = ?1 AND acked = 0",
-        alias);
+      const effectiveNetId = getNetworkId(null);
+      const countParams: any[] = [alias];
+      let countSql = "SELECT COUNT(*) as cnt FROM inbox WHERE session_name = ?1 AND acked = 0";
+      countSql = addScope(countSql, countParams, effectiveNetId);
+      const rows0 = db.get<{ cnt: number }>(countSql, ...countParams);
       console.log(`[${ts()}] ${alias} → get_inbox: ${rows0?.cnt ?? 0} pending messages`);
-      const rows = db.all(
-        `SELECT id, type, priority, content, context, from_session, created_at
-         FROM inbox WHERE session_name = ?1 AND acked = 0
-         ORDER BY CASE priority WHEN 'high' THEN 0 WHEN 'normal' THEN 1 ELSE 2 END, created_at
-         LIMIT ?2`,
-        alias, limit);
+      const rowsParams: any[] = [alias];
+      let rowsSql = `SELECT id, type, priority, content, context, from_session, created_at, network_id
+         FROM inbox WHERE session_name = ?1 AND acked = 0`;
+      rowsSql = addScope(rowsSql, rowsParams, effectiveNetId);
+      rowsSql += ` ORDER BY CASE priority WHEN 'high' THEN 0 WHEN 'normal' THEN 1 ELSE 2 END, created_at
+         LIMIT ?${rowsParams.length + 1}`;
+      rowsParams.push(limit);
+      const rows = db.all(rowsSql, ...rowsParams);
       return {
         content: [{ type: "text" as const, text: JSON.stringify({ ok: true, messages: rows }) }],
@@ -221,8 +266,13 @@ export function registerTools(server: McpServer, clientIP?: string, enforceNetwo
       response: z.string().max(10000).optional(),
     },
     async ({ alias, message_id, response }) => {
+      const effectiveNetId = getNetworkId(null);
+      if (!canWrite()) return { content: [{ type: "text" as const, text: JSON.stringify({ ok: false, error: "permission_denied" }) }] };
       console.log(`[${ts()}] ${alias} → ack_inbox: ${message_id.slice(0, 8)}`);
-      const result = db.run("UPDATE inbox SET acked = 1 WHERE id = ?1 AND session_name = ?2", [message_id, alias]);
+      const ackParams: any[] = [message_id, alias];
+      let ackSql = "UPDATE inbox SET acked = 1 WHERE id = ?1 AND session_name = ?2";
+      ackSql = addScope(ackSql, ackParams, effectiveNetId);
+      const result = db.run(ackSql, ackParams);
       if (result.changes === 0) {
         return {
           content: [{ type: "text" as const, text: JSON.stringify({ ok: false, error: "message not found or not yours" }) }],
@@ -230,10 +280,10 @@ export function registerTools(server: McpServer, clientIP?: string, enforceNetwo
       }
       // V2: sync tasks table — ack_inbox means delivered→acked
       try {
-        const ackResult = db.run(
-          `UPDATE tasks SET status = 'acked' WHERE task_id = ?1 AND status = 'delivered'`,
-          [message_id]
-        );
+        const taskParams: any[] = [message_id];
+        let taskSql = "UPDATE tasks SET status = 'acked' WHERE task_id = ?1 AND status = 'delivered'";
+        taskSql = addScope(taskSql, taskParams, effectiveNetId);
+        const ackResult = db.run(taskSql, taskParams);
         if (ackResult.changes > 0) logTaskEvent(message_id, "delivered", "acked", alias);
       } catch {}
       return {
@@ -260,7 +310,10 @@ export function registerTools(server: McpServer, clientIP?: string, enforceNetwo
       const sessions = db.transaction(() => {
         const cutoff = new Date(Date.now() - 10 * 60 * 1000).toISOString().replace("T", " ").slice(0, 19);
-        db.run("UPDATE sessions SET status = 'offline' WHERE updated_at < ?1 AND status != 'offline'", [cutoff]);
+        const staleParams: any[] = [cutoff];
+        let staleSql = "UPDATE sessions SET status = 'offline' WHERE updated_at < ?1 AND status != 'offline'";
+        staleSql = addScope(staleSql, staleParams, effectiveNetId);
+        db.run(staleSql, staleParams);
         let sql = "SELECT * FROM sessions WHERE 1=1";
         const params: any[] = [];
@@ -271,8 +324,11 @@ export function registerTools(server: McpServer, clientIP?: string, enforceNetwo
         return db.all(sql, ...params);
       });
-      const summary = db.all(
-        "SELECT status, COUNT(*) as count FROM sessions GROUP BY status");
+      const summaryParams: any[] = [];
+      let summarySql = "SELECT status, COUNT(*) as count FROM sessions WHERE 1=1";
+      summarySql = addScope(summarySql, summaryParams, effectiveNetId);
+      summarySql += " GROUP BY status";
+      const summary = db.all(summarySql, ...summaryParams);
       return {
         content: [
@@ -290,14 +346,23 @@ export function registerTools(server: McpServer, clientIP?: string, enforceNetwo
     "Get detailed status of a specific session by alias.",
     { alias: z.string().min(1).max(200).describe("Session alias") },
     async ({ alias }) => {
+      const effectiveNetId = getNetworkId(null);
       console.log(`[${ts()}] hub → get_session_status: ${alias}`);
-      const session = db.get("SELECT * FROM sessions WHERE alias = ?1", alias);
-      const pending = db.get<{ cnt: number }>(
-        "SELECT COUNT(*) as cnt FROM inbox WHERE session_name = ?1 AND acked = 0",
-        alias);
-      const recent = db.all(
-        "SELECT * FROM completions WHERE session_name = ?1 ORDER BY completed_at DESC LIMIT 5",
-        alias);
+      const sessionParams: any[] = [alias];
+      let sessionSql = "SELECT * FROM sessions WHERE alias = ?1";
+      sessionSql = addScope(sessionSql, sessionParams, effectiveNetId);
+      const session = db.get(sessionSql, ...sessionParams);
+      const pendingParams: any[] = [alias];
+      let pendingSql = "SELECT COUNT(*) as cnt FROM inbox WHERE session_name = ?1 AND acked = 0";
+      pendingSql = addScope(pendingSql, pendingParams, effectiveNetId);
+      const pending = db.get<{ cnt: number }>(pendingSql, ...pendingParams);
+      const recentParams: any[] = [alias];
+      let recentSql = "SELECT * FROM completions WHERE session_name = ?1";
+      recentSql = addScope(recentSql, recentParams, effectiveNetId);
+      recentSql += " ORDER BY completed_at DESC LIMIT 5";
+      const recent = db.all(recentSql, ...recentParams);
       return {
         content: [
@@ -325,6 +390,11 @@ export function registerTools(server: McpServer, clientIP?: string, enforceNetwo
     async ({ alias, task, priority, context, from_session, ttl_seconds, network_id: netId }) => {
       const effectiveNetId = getNetworkId(netId);
+      // Role check: viewer cannot send tasks
+      if (!canWrite()) {
+        return { content: [{ type: "text" as const, text: JSON.stringify({ ok: false, error: "permission_denied", message: "Viewer role cannot send tasks" }) }] };
+      }
       // License check
       const license = db.get<any>("SELECT type, expires_at FROM licenses ORDER BY created_at LIMIT 1");
       if (license?.expires_at) {
@@ -344,23 +414,24 @@ export function registerTools(server: McpServer, clientIP?: string, enforceNetwo
         db.run(
           `INSERT INTO inbox (id, session_name, type, priority, content, context, from_session, requires_response, network_id)
            VALUES (?1, ?2, 'task', ?3, ?4, ?5, ?6, 'reply', ?7)`,
-          [id, alias, priority, task, context ?? null, from_session, effectiveNetId]
+          [id, alias, priority, task, context ?? null, from_session, effectiveNetId ?? null]
         );
         db.run(
           `INSERT INTO tasks (task_id, from_name, to_name, priority, status, content, requires_response, created_at, delivered_at, expires_at, network_id)
            VALUES (?1, ?2, ?3, ?4, 'delivered', ?5, 'reply', datetime('now'), datetime('now'), datetime('now', ?6), ?7)`,
-          [id, from_session, alias, priority, task, `+${ttl_seconds || 3600} seconds`, effectiveNetId]
+          [id, from_session, alias, priority, task, `+${ttl_seconds || 3600} seconds`, effectiveNetId ?? null]
         );
       });
       logTaskEvent(id, null, "delivered", from_session, `→ ${alias}`);
-      const session = db.get<any>("SELECT status FROM sessions WHERE alias = ?1", alias);
+      const session = scopedSessionStatus(alias, effectiveNetId);
       // SSE push by alias
-      const pending = db.get<{ cnt: number }>(
-        "SELECT COUNT(*) as cnt FROM inbox WHERE session_name = ?1 AND acked = 0",
-        alias);
-      pushEvent(alias, { type: "new_task", inbox_count: pending?.cnt ?? 1, priority, from: from_session });
+      const pendingParams: any[] = [alias];
+      let pendingSql = "SELECT COUNT(*) as cnt FROM inbox WHERE session_name = ?1 AND acked = 0";
+      pendingSql = addScope(pendingSql, pendingParams, effectiveNetId);
+      const pending = db.get<{ cnt: number }>(pendingSql, ...pendingParams);
+      if (session) pushEvent(alias, { type: "new_task", inbox_count: pending?.cnt ?? 1, priority, from: from_session });
       return {
         content: [
@@ -386,17 +457,19 @@ export function registerTools(server: McpServer, clientIP?: string, enforceNetwo
       from_session: z.string().max(200).optional().default("hub"),
     },
     async ({ alias, message, from_session }) => {
+      const effectiveNetId = getNetworkId(null);
+      if (!canWrite()) return { content: [{ type: "text" as const, text: JSON.stringify({ ok: false, error: "permission_denied" }) }] };
       console.log(`[${ts()}] ${from_session} → send_message → ${alias}: ${message.slice(0, 60)}`);
       const id = uuidv4();
       db.run(
-        `INSERT INTO inbox (id, session_name, type, priority, content, from_session)
-         VALUES (?1, ?2, 'message', 'normal', ?3, ?4)`,
-        [id, alias, message, from_session]
+        `INSERT INTO inbox (id, session_name, type, priority, content, from_session, network_id)
+         VALUES (?1, ?2, 'message', 'normal', ?3, ?4, ?5)`,
+        [id, alias, message, from_session, effectiveNetId ?? null]
       );
-      const session = db.get<any>("SELECT status FROM sessions WHERE alias = ?1", alias);
+      const session = scopedSessionStatus(alias, effectiveNetId);
-      pushEvent(alias, { type: "new_message", message, from: from_session, message_id: id });
+      if (session) pushEvent(alias, { type: "new_message", message, from: from_session, message_id: id });
       return {
         content: [
@@ -425,22 +498,24 @@ export function registerTools(server: McpServer, clientIP?: string, enforceNetwo
       from_session: z.string().max(200).optional().default("hub"),
     },
     async ({ alias, text, in_reply_to, status: replyStatus, from_session }) => {
+      const effectiveNetId = getNetworkId(null);
+      if (!canWrite()) return { content: [{ type: "text" as const, text: JSON.stringify({ ok: false, error: "permission_denied" }) }] };
       console.log(`[${ts()}] ${from_session} → send_reply (${replyStatus}) → ${alias}: ${text.slice(0, 60)}`);
       const id = uuidv4();
       const replyLogged = db.transaction(() => {
         db.run(
-          `INSERT INTO inbox (id, session_name, type, priority, content, from_session, in_reply_to, requires_response)
-           VALUES (?1, ?2, 'reply', 'normal', ?3, ?4, ?5, 'none')`,
-          [id, alias, text, from_session, in_reply_to ?? null]
+          `INSERT INTO inbox (id, session_name, type, priority, content, from_session, in_reply_to, requires_response, network_id)
+           VALUES (?1, ?2, 'reply', 'normal', ?3, ?4, ?5, 'none', ?6)`,
+          [id, alias, text, from_session, in_reply_to ?? null, effectiveNetId ?? null]
         );
         // 更新 tasks 表
         if (in_reply_to) {
-          const result = db.run(
-            `UPDATE tasks SET status = ?1, result = ?2, completed_at = datetime('now')
-             WHERE task_id = ?3 AND status IN ('created', 'delivered', 'acked', 'running')`,
-            [replyStatus, text, in_reply_to]
-          );
+          const updateParams: any[] = [replyStatus, text, in_reply_to];
+          let updateSql = `UPDATE tasks SET status = ?1, result = ?2, completed_at = datetime('now')
+             WHERE task_id = ?3 AND status IN ('created', 'delivered', 'acked', 'running')`;
+          updateSql = addScope(updateSql, updateParams, effectiveNetId);
+          const result = db.run(updateSql, updateParams);
           if (result.changes === 0) {
             console.log(`[${ts()}] ⚠ send_reply: task ${in_reply_to?.slice(0, 8)} not found or already terminal`);
             return false;
@@ -453,8 +528,8 @@ export function registerTools(server: McpServer, clientIP?: string, enforceNetwo
       // Log event after commit (outside transaction)
       if (replyLogged && in_reply_to) logTaskEvent(in_reply_to, null, replyStatus, from_session, text.slice(0, 200));
-      const session = db.get<any>("SELECT status FROM sessions WHERE alias = ?1", alias);
-      pushEvent(alias, { type: "new_reply", from: from_session, message_id: id, in_reply_to, status: replyStatus });
+      const session = scopedSessionStatus(alias, effectiveNetId);
+      if (session) pushEvent(alias, { type: "new_reply", from: from_session, message_id: id, in_reply_to, status: replyStatus });
       return {
         content: [{
@@ -474,11 +549,13 @@ export function registerTools(server: McpServer, clientIP?: string, enforceNetwo
       from_session: z.string().max(200).optional().default("hub"),
     },
     async ({ task_id, from_session }) => {
+      const effectiveNetId = getNetworkId(null);
+      if (!canWrite()) return { content: [{ type: "text" as const, text: JSON.stringify({ ok: false, error: "permission_denied" }) }] };
       console.log(`[${ts()}] ${from_session} → send_ack → task ${task_id.slice(0, 8)}`);
-      const result = db.run(
-        `UPDATE tasks SET status = 'acked' WHERE task_id = ?1 AND status IN ('created', 'delivered')`,
-        [task_id]
-      );
+      const updateParams: any[] = [task_id];
+      let updateSql = "UPDATE tasks SET status = 'acked' WHERE task_id = ?1 AND status IN ('created', 'delivered')";
+      updateSql = addScope(updateSql, updateParams, effectiveNetId);
+      const result = db.run(updateSql, updateParams);
       if (result.changes > 0) logTaskEvent(task_id, "delivered", "acked", from_session);
       return {
         content: [{
@@ -498,9 +575,14 @@ export function registerTools(server: McpServer, clientIP?: string, enforceNetwo
       from_session: z.string().max(200).optional().default("hub"),
     },
     async ({ task_id, from_session }) => {
+      const effectiveNetId = getNetworkId(null);
+      if (!canWrite()) return { content: [{ type: "text" as const, text: JSON.stringify({ ok: false, error: "permission_denied" }) }] };
       console.log(`[${ts()}] ${from_session} → retry_task → ${task_id.slice(0, 8)}`);
       // Find the original task
-      const task = db.get<any>("SELECT * FROM tasks WHERE task_id = ?1", task_id);
+      const taskParams: any[] = [task_id];
+      let taskSql = "SELECT * FROM tasks WHERE task_id = ?1";
+      taskSql = addScope(taskSql, taskParams, effectiveNetId);
+      const task = db.get<any>(taskSql, ...taskParams);
       if (!task) {
         return { content: [{ type: "text" as const, text: JSON.stringify({ ok: false, error: "task not found" }) }] };
       }
@@ -509,22 +591,24 @@ export function registerTools(server: McpServer, clientIP?: string, enforceNetwo
       }
       db.transaction(() => {
         // Reset task status
-        db.run(
-          `UPDATE tasks SET status = 'delivered', result = NULL, completed_at = NULL, started_at = NULL, delivered_at = datetime('now'), expires_at = datetime('now', '+1 hour')
-           WHERE task_id = ?1`,
-          [task_id]
-        );
+        const updateParams: any[] = [task_id];
+        let updateSql = `UPDATE tasks SET status = 'delivered', result = NULL, completed_at = NULL, started_at = NULL, delivered_at = datetime('now'), expires_at = datetime('now', '+1 hour')
+           WHERE task_id = ?1`;
+        updateSql = addScope(updateSql, updateParams, effectiveNetId);
+        db.run(updateSql, updateParams);
         // Re-queue in inbox with new ID (original ID may already exist)
         const retryInboxId = uuidv4();
         db.run(
-          `INSERT INTO inbox (id, session_name, type, priority, content, from_session, requires_response)
-           VALUES (?1, ?2, 'task', ?3, ?4, ?5, 'reply')`,
-          [retryInboxId, task.to_name, task.priority, task.content, from_session]
+          `INSERT INTO inbox (id, session_name, type, priority, content, from_session, requires_response, network_id)
+           VALUES (?1, ?2, 'task', ?3, ?4, ?5, 'reply', ?6)`,
+          [retryInboxId, task.to_name, task.priority, task.content, from_session, effectiveNetId ?? task.network_id ?? null]
         );
       });
       logTaskEvent(task_id, task.status, "delivered", from_session, "retry");
       // SSE push
-      pushEvent(task.to_name, { type: "new_task", inbox_count: 1, priority: task.priority, from: from_session });
+      if (scopedSessionStatus(task.to_name, effectiveNetId ?? task.network_id)) {
+        pushEvent(task.to_name, { type: "new_task", inbox_count: 1, priority: task.priority, from: from_session });
+      }
       return {
         content: [{ type: "text" as const, text: JSON.stringify({ ok: true, task_id, retried_to: task.to_name }) }],
       };
@@ -539,7 +623,11 @@ export function registerTools(server: McpServer, clientIP?: string, enforceNetwo
       task_id: z.string().min(1).max(200).describe("Task ID to query"),
     },
     async ({ task_id }) => {
-      const task = db.get<any>("SELECT * FROM tasks WHERE task_id = ?1", task_id);
+      const effectiveNetId = getNetworkId(null);
+      const params: any[] = [task_id];
+      let sql = "SELECT * FROM tasks WHERE task_id = ?1";
+      sql = addScope(sql, params, effectiveNetId);
+      const task = db.get<any>(sql, ...params);
       return {
         content: [{
           type: "text" as const,
@@ -573,8 +661,11 @@ export function registerTools(server: McpServer, clientIP?: string, enforceNetwo
       const tasks = db.all(sql, ...params);
       // Stats
-      const stats = db.all(
-        "SELECT status, COUNT(*) as count FROM tasks GROUP BY status");
+      const statsParams: any[] = [];
+      let statsSql = "SELECT status, COUNT(*) as count FROM tasks WHERE 1=1";
+      statsSql = addScope(statsSql, statsParams, effectiveNetId);
+      statsSql += " GROUP BY status";
+      const stats = db.all(statsSql, ...statsParams);
       return {
         content: [{
@@ -595,15 +686,20 @@ export function registerTools(server: McpServer, clientIP?: string, enforceNetwo
       from_session: z.string().max(200).optional().default("hub"),
     },
     async ({ task_id, reason, from_session }) => {
+      const effectiveNetId = getNetworkId(null);
+      if (!canWrite()) return { content: [{ type: "text" as const, text: JSON.stringify({ ok: false, error: "permission_denied" }) }] };
       console.log(`[${ts()}] ${from_session} → cancel_task → ${task_id.slice(0, 8)}`);
-      const result = db.run(
-        `UPDATE tasks SET status = 'cancelled', result = ?1, completed_at = datetime('now')
-         WHERE task_id = ?2 AND status IN ('created', 'delivered', 'acked', 'running')`,
-        [reason || "cancelled by " + from_session, task_id]
-      );
+      const updateParams: any[] = [reason || "cancelled by " + from_session, task_id];
+      let updateSql = `UPDATE tasks SET status = 'cancelled', result = ?1, completed_at = datetime('now')
+         WHERE task_id = ?2 AND status IN ('created', 'delivered', 'acked', 'running')`;
+      updateSql = addScope(updateSql, updateParams, effectiveNetId);
+      const result = db.run(updateSql, updateParams);
       // Also ack the inbox entry to prevent agent from picking it up
       if (result.changes > 0) {
-        db.run("UPDATE inbox SET acked = 1 WHERE id = ?1 AND acked = 0", [task_id]);
+        const inboxParams: any[] = [task_id];
+        let inboxSql = "UPDATE inbox SET acked = 1 WHERE id = ?1 AND acked = 0";
+        inboxSql = addScope(inboxSql, inboxParams, effectiveNetId);
+        db.run(inboxSql, inboxParams);
         logTaskEvent(task_id, null, "cancelled", from_session, reason || undefined);
       }
       return {
@@ -622,8 +718,13 @@ export function registerTools(server: McpServer, clientIP?: string, enforceNetwo
       from_session: z.string().max(200).optional().default("hub"),
     },
     async ({ task_id, new_alias, from_session }) => {
+      const effectiveNetId = getNetworkId(null);
+      if (!canWrite()) return { content: [{ type: "text" as const, text: JSON.stringify({ ok: false, error: "permission_denied" }) }] };
       console.log(`[${ts()}] ${from_session} → reassign_task → ${task_id.slice(0, 8)} → ${new_alias}`);
-      const task = db.get<any>("SELECT * FROM tasks WHERE task_id = ?1", task_id);
+      const taskParams: any[] = [task_id];
+      let taskSql = "SELECT * FROM tasks WHERE task_id = ?1";
+      taskSql = addScope(taskSql, taskParams, effectiveNetId);
+      const task = db.get<any>(taskSql, ...taskParams);
       if (!task) return { content: [{ type: "text" as const, text: JSON.stringify({ ok: false, error: "task not found" }) }] };
       if (["replied", "failed", "cancelled", "expired"].includes(task.status)) {
         return { content: [{ type: "text" as const, text: JSON.stringify({ ok: false, error: `task is terminal (${task.status})` }) }] };
@@ -631,14 +732,24 @@ export function registerTools(server: McpServer, clientIP?: string, enforceNetwo
       const oldAlias = task.to_name;
       db.transaction(() => {
         // Ack old inbox to prevent original agent from picking it up
-        db.run("UPDATE inbox SET acked = 1 WHERE id = ?1 AND acked = 0", [task_id]);
-        db.run("UPDATE tasks SET to_name = ?1, status = 'delivered', started_at = NULL, delivered_at = datetime('now') WHERE task_id = ?2", [new_alias, task_id]);
+        const inboxParams: any[] = [task_id];
+        let inboxSql = "UPDATE inbox SET acked = 1 WHERE id = ?1 AND acked = 0";
+        inboxSql = addScope(inboxSql, inboxParams, effectiveNetId);
+        db.run(inboxSql, inboxParams);
+        const updateParams: any[] = [new_alias, task_id];
+        let updateSql = "UPDATE tasks SET to_name = ?1, status = 'delivered', started_at = NULL, delivered_at = datetime('now') WHERE task_id = ?2";
+        updateSql = addScope(updateSql, updateParams, effectiveNetId);
+        db.run(updateSql, updateParams);
         const newInboxId = uuidv4();
-        db.run("INSERT INTO inbox (id, session_name, type, priority, content, from_session, requires_response) VALUES (?1, ?2, 'task', ?3, ?4, ?5, 'reply')",
-          [newInboxId, new_alias, task.priority, task.content, from_session]);
+        db.run("INSERT INTO inbox (id, session_name, type, priority, content, from_session, requires_response, network_id) VALUES (?1, ?2, 'task', ?3, ?4, ?5, 'reply', ?6)",
+          [newInboxId, new_alias, task.priority, task.content, from_session, effectiveNetId ?? task.network_id ?? null]);
       });
       logTaskEvent(task_id, task.status, "delivered", from_session, `reassign: ${oldAlias} → ${new_alias}`);
-      pushEvent(new_alias, { type: "new_task", inbox_count: 1, priority: task.priority, from: from_session });
+      if (scopedSessionStatus(new_alias, effectiveNetId ?? task.network_id)) {
+        pushEvent(new_alias, { type: "new_task", inbox_count: 1, priority: task.priority, from: from_session });
+      }
       return { content: [{ type: "text" as const, text: JSON.stringify({ ok: true, task_id, reassigned_from: oldAlias, reassigned_to: new_alias }) }] };
     }
   );
@@ -653,22 +764,24 @@ export function registerTools(server: McpServer, clientIP?: string, enforceNetwo
       network_id: z.string().max(200).optional().describe("Broadcast within a specific network"),
     },
     async ({ message, filter_server, filter_status, network_id: netId }) => {
-      console.log(`[${ts()}] hub → broadcast: ${message.slice(0, 60)}${netId ? " [net=" + netId.slice(0, 12) + "]" : ""}`);
-      let sql = "SELECT alias FROM sessions WHERE alias IS NOT NULL";
+      const effectiveNetId = getNetworkId(netId);
+      if (!canWrite()) return { content: [{ type: "text" as const, text: JSON.stringify({ ok: false, error: "permission_denied" }) }] };
+      console.log(`[${ts()}] hub → broadcast: ${message.slice(0, 60)}${effectiveNetId ? " [net=" + effectiveNetId.slice(0, 12) + "]" : ""}`);
+      let sql = "SELECT alias, network_id FROM sessions WHERE alias IS NOT NULL";
       const params: any[] = [];
-      if (netId) { sql += " AND network_id = ?"; params.push(netId); }
+      sql = addScope(sql, params, effectiveNetId);
       if (filter_server) { sql += " AND server = ?"; params.push(filter_server); }
       if (filter_status) { sql += " AND status = ?"; params.push(filter_status); }
-      const targets = db.all<{ alias: string }>(sql, ...params);
+      const targets = db.all<{ alias: string; network_id: string | null }>(sql, ...params);
       const ids: string[] = [];
       for (const t of targets) {
         const id = uuidv4();
         db.run(
-          `INSERT INTO inbox (id, session_name, type, priority, content, from_session)
-           VALUES (?1, ?2, 'broadcast', 'normal', ?3, 'hub')`,
-          [id, t.alias, message]
+          `INSERT INTO inbox (id, session_name, type, priority, content, from_session, network_id)
+           VALUES (?1, ?2, 'broadcast', 'normal', ?3, 'hub', ?4)`,
+          [id, t.alias, message, effectiveNetId ?? t.network_id ?? null]
         );
         ids.push(id);
       }
@@ -692,16 +805,19 @@ export function registerTools(server: McpServer, clientIP?: string, enforceNetwo
     {
       since: z.string().optional().describe("ISO 8601 datetime, default last 24h"),
       alias: z.string().max(200).optional().describe("Filter by session alias"),
+      network_id: z.string().max(200).optional().describe("Filter by network"),
       limit: z.number().min(1).max(500).optional().default(50),
     },
-    async ({ since, alias, limit }) => {
+    async ({ since, alias, network_id: netId, limit }) => {
+      const effectiveNetId = getNetworkId(netId);
       console.log(`[${ts()}] hub → get_completions${alias ? ": " + alias : ""}`);
       const cutoff = since ?? new Date(Date.now() - 24 * 60 * 60 * 1000).toISOString();
       let sql = "SELECT * FROM completions WHERE completed_at >= ?1";
       const params: any[] = [cutoff];
+      sql = addScope(sql, params, effectiveNetId);
       if (alias) {
-        sql += " AND session_name = ?2";
+        sql += ` AND session_name = ?${params.length + 1}`;
         params.push(alias);
       }