@way_marks/server 0.9.0 → 1.0.0

package/dist/db/database.js

@@ -49,6 +49,40 @@ exports.getActionsWithFiltering = getActionsWithFiltering;
 exports.archiveOldActions = archiveOldActions;
 exports.getArchivedActionsWithFiltering = getArchivedActionsWithFiltering;
 exports.getSummaryStats = getSummaryStats;
+exports.createSession = createSession;
+exports.getSession = getSession;
+exports.getAllSessions = getAllSessions;
+exports.getSessionActions = getSessionActions;
+exports.rollbackSession = rollbackSession;
+exports.markSessionRolledBack = markSessionRolledBack;
+exports.addTeamMember = addTeamMember;
+exports.getTeamMember = getTeamMember;
+exports.getTeamMemberByEmail = getTeamMemberByEmail;
+exports.getAllTeamMembers = getAllTeamMembers;
+exports.removeTeamMember = removeTeamMember;
+exports.addApprovalRoute = addApprovalRoute;
+exports.getApprovalRoute = getApprovalRoute;
+exports.getAllApprovalRoutes = getAllApprovalRoutes;
+exports.updateApprovalRoute = updateApprovalRoute;
+exports.deleteApprovalRoute = deleteApprovalRoute;
+exports.createApprovalRequest = createApprovalRequest;
+exports.getApprovalRequest = getApprovalRequest;
+exports.getSessionApprovalRequests = getSessionApprovalRequests;
+exports.getPendingApprovals = getPendingApprovals;
+exports.submitApprovalDecision = submitApprovalDecision;
+exports.getApprovalDecisions = getApprovalDecisions;
+exports.addEscalationRule = addEscalationRule;
+exports.getEscalationRule = getEscalationRule;
+exports.getAllEscalationRules = getAllEscalationRules;
+exports.updateEscalationRule = updateEscalationRule;
+exports.deleteEscalationRule = deleteEscalationRule;
+exports.createEscalationRequest = createEscalationRequest;
+exports.getEscalationRequest = getEscalationRequest;
+exports.getPendingEscalations = getPendingEscalations;
+exports.getStaleApprovals = getStaleApprovals;
+exports.submitEscalationDecision = submitEscalationDecision;
+exports.getEscalationDecisions = getEscalationDecisions;
+exports.getEscalationHistory = getEscalationHistory;
 const better_sqlite3_1 = __importDefault(require("better-sqlite3"));
 const fs = __importStar(require("fs"));
 const path = __importStar(require("path"));
@@ -138,6 +172,30 @@ try {
     db.exec("ALTER TABLE action_log ADD COLUMN source TEXT DEFAULT 'mcp'");
 }
 catch { }
+// Migrate v6: Phase 1 — Session-level rollback
+try {
+    db.exec('ALTER TABLE action_log ADD COLUMN rollback_group TEXT');
+}
+catch { }
+try {
+    db.exec('ALTER TABLE action_log ADD COLUMN is_reversible INTEGER DEFAULT 1');
+}
+catch { }
+try {
+    db.exec('ALTER TABLE action_log ADD COLUMN revert_action_id TEXT');
+}
+catch { }
+// Phase 1: Create sessions table
+db.exec(`
+  CREATE TABLE IF NOT EXISTS sessions (
+    session_id TEXT PRIMARY KEY,
+    user_id TEXT,
+    project_id TEXT,
+    created_at DATETIME DEFAULT CURRENT_TIMESTAMP,
+    rolled_back_at DATETIME,
+    status TEXT NOT NULL DEFAULT 'active'
+  )
+`);
 // Indexes for query performance
 try {
     db.exec('CREATE INDEX IF NOT EXISTS idx_action_id ON action_log(action_id)');
@@ -192,9 +250,25 @@ db.exec(`
     event_type TEXT NOT NULL DEFAULT 'execution',
     observation_context TEXT,
     request_source TEXT DEFAULT 'direct',
-    source TEXT DEFAULT 'mcp'
+    source TEXT DEFAULT 'mcp',
+    rollback_group TEXT,
+    is_reversible INTEGER DEFAULT 1,
+    revert_action_id TEXT
   )
 `);
+// Phase 1: Add same columns to archive (migrations)
+try {
+    db.exec('ALTER TABLE action_archive ADD COLUMN rollback_group TEXT');
+}
+catch { }
+try {
+    db.exec('ALTER TABLE action_archive ADD COLUMN is_reversible INTEGER DEFAULT 1');
+}
+catch { }
+try {
+    db.exec('ALTER TABLE action_archive ADD COLUMN revert_action_id TEXT');
+}
+catch { }
 // Phase 3: Add indexes on archive table
 try {
     db.exec('CREATE INDEX IF NOT EXISTS idx_archive_action_id ON action_archive(action_id)');
@@ -204,6 +278,174 @@ try {
     db.exec('CREATE INDEX IF NOT EXISTS idx_archive_created_at ON action_archive(created_at DESC)');
 }
 catch { }
+// Phase 1: Add indexes for session rollback
+try {
+    db.exec('CREATE INDEX IF NOT EXISTS idx_action_session ON action_log(session_id, status)');
+}
+catch { }
+try {
+    db.exec('CREATE INDEX IF NOT EXISTS idx_action_rollback_group ON action_log(rollback_group)');
+}
+catch { }
+try {
+    db.exec('CREATE INDEX IF NOT EXISTS idx_sessions_status ON sessions(status, created_at DESC)');
+}
+catch { }
+try {
+    db.exec('CREATE INDEX IF NOT EXISTS idx_archive_session ON action_archive(session_id)');
+}
+catch { }
+// Phase 2: Create team_members table
+db.exec(`
+  CREATE TABLE IF NOT EXISTS team_members (
+    member_id TEXT PRIMARY KEY,
+    name TEXT NOT NULL,
+    email TEXT NOT NULL UNIQUE,
+    slack_id TEXT,
+    role TEXT DEFAULT 'approver',
+    added_at DATETIME DEFAULT CURRENT_TIMESTAMP,
+    added_by TEXT,
+    status TEXT DEFAULT 'active'
+  )
+`);
+// Phase 2: Create approval_routes table (rules for who approves what)
+db.exec(`
+  CREATE TABLE IF NOT EXISTS approval_routes (
+    route_id TEXT PRIMARY KEY,
+    name TEXT NOT NULL,
+    description TEXT,
+    condition_type TEXT DEFAULT 'all_sessions',
+    condition_json TEXT,
+    required_approvers INTEGER DEFAULT 1,
+    approver_ids TEXT NOT NULL,
+    created_at DATETIME DEFAULT CURRENT_TIMESTAMP,
+    created_by TEXT,
+    status TEXT DEFAULT 'active'
+  )
+`);
+// Phase 2: Create approval_requests table (pending/completed approvals)
+db.exec(`
+  CREATE TABLE IF NOT EXISTS approval_requests (
+    request_id TEXT PRIMARY KEY,
+    session_id TEXT NOT NULL,
+    route_id TEXT NOT NULL,
+    triggered_by TEXT NOT NULL,
+    triggered_at DATETIME DEFAULT CURRENT_TIMESTAMP,
+    status TEXT DEFAULT 'pending',
+    completed_at DATETIME,
+    approver_ids TEXT NOT NULL,
+    approved_count INTEGER DEFAULT 0,
+    rejected_count INTEGER DEFAULT 0,
+    approval_details TEXT
+  )
+`);
+// Phase 2: Create approval_decisions table (audit trail)
+db.exec(`
+  CREATE TABLE IF NOT EXISTS approval_decisions (
+    decision_id TEXT PRIMARY KEY,
+    request_id TEXT NOT NULL,
+    approver_id TEXT NOT NULL,
+    decision TEXT NOT NULL,
+    reason TEXT,
+    decided_at DATETIME DEFAULT CURRENT_TIMESTAMP
+  )
+`);
+// Phase 2: Add indexes for team tables
+try {
+    db.exec('CREATE INDEX IF NOT EXISTS idx_team_members_email ON team_members(email)');
+}
+catch { }
+try {
+    db.exec('CREATE INDEX IF NOT EXISTS idx_team_members_status ON team_members(status)');
+}
+catch { }
+try {
+    db.exec('CREATE INDEX IF NOT EXISTS idx_approval_routes_status ON approval_routes(status)');
+}
+catch { }
+try {
+    db.exec('CREATE INDEX IF NOT EXISTS idx_approval_requests_session ON approval_requests(session_id)');
+}
+catch { }
+try {
+    db.exec('CREATE INDEX IF NOT EXISTS idx_approval_requests_status ON approval_requests(status)');
+}
+catch { }
+try {
+    db.exec('CREATE INDEX IF NOT EXISTS idx_approval_requests_triggered ON approval_requests(triggered_at DESC)');
+}
+catch { }
+try {
+    db.exec('CREATE INDEX IF NOT EXISTS idx_approval_decisions_request ON approval_decisions(request_id)');
+}
+catch { }
+try {
+    db.exec('CREATE INDEX IF NOT EXISTS idx_approval_decisions_approver ON approval_decisions(approver_id)');
+}
+catch { }
+// Phase 3: Create escalation_rules table
+db.exec(`
+  CREATE TABLE IF NOT EXISTS escalation_rules (
+    rule_id TEXT PRIMARY KEY,
+    name TEXT NOT NULL,
+    description TEXT,
+    timeout_hours INTEGER DEFAULT 24,
+    escalation_targets TEXT NOT NULL,
+    created_at DATETIME DEFAULT CURRENT_TIMESTAMP,
+    created_by TEXT,
+    status TEXT DEFAULT 'active'
+  )
+`);
+// Phase 3: Create escalation_requests table
+db.exec(`
+  CREATE TABLE IF NOT EXISTS escalation_requests (
+    request_id TEXT PRIMARY KEY,
+    approval_request_id TEXT NOT NULL,
+    session_id TEXT NOT NULL,
+    escalation_triggered_at DATETIME,
+    escalation_deadline DATETIME,
+    escalation_targets TEXT NOT NULL,
+    status TEXT DEFAULT 'pending',
+    decided_at DATETIME,
+    decision TEXT
+  )
+`);
+// Phase 3: Create escalation_decisions table
+db.exec(`
+  CREATE TABLE IF NOT EXISTS escalation_decisions (
+    decision_id TEXT PRIMARY KEY,
+    escalation_request_id TEXT NOT NULL,
+    target_id TEXT NOT NULL,
+    decision TEXT NOT NULL,
+    reason TEXT,
+    decided_at DATETIME DEFAULT CURRENT_TIMESTAMP
+  )
+`);
+// Phase 3: Add indexes for escalation tables
+try {
+    db.exec('CREATE INDEX IF NOT EXISTS idx_escalation_rules_status ON escalation_rules(status)');
+}
+catch { }
+try {
+    db.exec('CREATE INDEX IF NOT EXISTS idx_escalation_requests_approval ON escalation_requests(approval_request_id)');
+}
+catch { }
+try {
+    db.exec('CREATE INDEX IF NOT EXISTS idx_escalation_requests_deadline ON escalation_requests(escalation_deadline)');
+}
+catch { }
+try {
+    db.exec('CREATE INDEX IF NOT EXISTS idx_escalation_requests_status ON escalation_requests(status)');
+}
+catch { }
+try {
+    db.exec('CREATE INDEX IF NOT EXISTS idx_escalation_decisions_request ON escalation_decisions(escalation_request_id)');
+}
+catch { }
+try {
+    db.exec('CREATE INDEX IF NOT EXISTS idx_escalation_decisions_target ON escalation_decisions(target_id)');
+}
+catch { }
 const insertStmt = db.prepare(`
   INSERT INTO action_log (action_id, session_id, tool_name, target_path, input_payload, before_snapshot, status, decision, policy_reason, matched_rule, event_type, observation_context, request_source, source)
   VALUES (@action_id, @session_id, @tool_name, @target_path, @input_payload, @before_snapshot, @status, @decision, @policy_reason, @matched_rule, @event_type, @observation_context, @request_source, @source)
@@ -441,4 +683,305 @@ function getSummaryStats() {
         topPaths,
     };
 }
+// Phase 1: Session management functions
+function createSession(session_id, user_id, project_id) {
+    db.prepare(`
+    INSERT OR IGNORE INTO sessions (session_id, user_id, project_id, status)
+    VALUES (?, ?, ?, 'active')
+  `).run(session_id, user_id ?? null, project_id ?? null);
+}
+function getSession(session_id) {
+    return db.prepare(`
+    SELECT * FROM sessions WHERE session_id = ?
+  `).get(session_id);
+}
+function getAllSessions() {
+    return db.prepare(`
+    SELECT * FROM sessions ORDER BY created_at DESC
+  `).all();
+}
+function getSessionActions(session_id) {
+    return db.prepare(`
+    SELECT * FROM action_log
+    WHERE session_id = ?
+    ORDER BY created_at ASC
+  `).all(session_id);
+}
+function rollbackSession(session_id) {
+    try {
+        // Start transaction
+        const transaction = db.transaction(() => {
+            // Get all actions in session
+            const actions = getSessionActions(session_id);
+            if (actions.length === 0) {
+                throw new Error(`Session ${session_id} has no actions to rollback`);
+            }
+            // Check if all actions are reversible
+            const nonReversible = actions.filter(a => a.is_reversible === 0);
+            if (nonReversible.length > 0) {
+                throw new Error(`${nonReversible.length} action(s) in session are not reversible`);
+            }
+            // For each action, perform rollback
+            let rolledBackCount = 0;
+            for (const action of actions) {
+                // Mark as rolled back
+                markRolledBack(action.action_id);
+                rolledBackCount++;
+                // If before_snapshot exists, restore it (for write_file actions)
+                if (action.before_snapshot) {
+                    try {
+                        const snapshot = JSON.parse(action.before_snapshot);
+                        if (snapshot.file_path && snapshot.content !== undefined) {
+                            // This will be handled by the rollback manager
+                            // We just mark it as rolled back here
+                        }
+                    }
+                    catch { }
+                }
+            }
+            // Mark session as rolled back
+            db.prepare(`
+        UPDATE sessions
+        SET rolled_back_at = datetime('now'), status = 'rolled_back'
+        WHERE session_id = ?
+      `).run(session_id);
+            return rolledBackCount;
+        });
+        const actionsRolledBack = transaction();
+        return {
+            success: true,
+            session_id,
+            actions_rolled_back: actionsRolledBack,
+        };
+    }
+    catch (error) {
+        return {
+            success: false,
+            session_id,
+            actions_rolled_back: 0,
+            error: error.message,
+        };
+    }
+}
+function markSessionRolledBack(session_id) {
+    db.prepare(`
+    UPDATE sessions
+    SET rolled_back_at = datetime('now'), status = 'rolled_back'
+    WHERE session_id = ?
+  `).run(session_id);
+}
+// Phase 2: Team member functions
+function addTeamMember(member_id, name, email, added_by, slack_id) {
+    db.prepare(`
+    INSERT OR REPLACE INTO team_members (member_id, name, email, slack_id, added_by, status)
+    VALUES (?, ?, ?, ?, ?, 'active')
+  `).run(member_id, name, email, slack_id ?? null, added_by);
+}
+function getTeamMember(member_id) {
+    return db.prepare(`
+    SELECT * FROM team_members WHERE member_id = ?
+  `).get(member_id);
+}
+function getTeamMemberByEmail(email) {
+    return db.prepare(`
+    SELECT * FROM team_members WHERE email = ?
+  `).get(email);
+}
+function getAllTeamMembers() {
+    return db.prepare(`
+    SELECT * FROM team_members WHERE status = 'active' ORDER BY name ASC
+  `).all();
+}
+function removeTeamMember(member_id) {
+    db.prepare(`
+    UPDATE team_members SET status = 'inactive' WHERE member_id = ?
+  `).run(member_id);
+}
+// Phase 2: Approval route functions
+function addApprovalRoute(route_id, name, approver_ids, created_by, description, condition_type, condition_json) {
+    db.prepare(`
+    INSERT OR REPLACE INTO approval_routes (route_id, name, description, condition_type, condition_json, approver_ids, created_by, status)
+    VALUES (?, ?, ?, ?, ?, ?, ?, 'active')
+  `).run(route_id, name, description ?? null, condition_type ?? 'all_sessions', condition_json ?? null, JSON.stringify(approver_ids), created_by);
+}
+function getApprovalRoute(route_id) {
+    return db.prepare(`
+    SELECT * FROM approval_routes WHERE route_id = ?
+  `).get(route_id);
+}
+function getAllApprovalRoutes() {
+    return db.prepare(`
+    SELECT * FROM approval_routes WHERE status = 'active' ORDER BY name ASC
+  `).all();
+}
+function updateApprovalRoute(route_id, updates) {
+    const current = getApprovalRoute(route_id);
+    if (!current)
+        throw new Error(`Route ${route_id} not found`);
+    db.prepare(`
+    UPDATE approval_routes
+    SET name = ?, description = ?, approver_ids = ?
+    WHERE route_id = ?
+  `).run(updates.name ?? current.name, updates.description ?? current.description, updates.approver_ids ? JSON.stringify(updates.approver_ids) : current.approver_ids, route_id);
+}
+function deleteApprovalRoute(route_id) {
+    db.prepare(`
+    UPDATE approval_routes SET status = 'inactive' WHERE route_id = ?
+  `).run(route_id);
+}
+// Phase 2: Approval request functions
+function createApprovalRequest(request_id, session_id, route_id, triggered_by, approver_ids) {
+    db.prepare(`
+    INSERT INTO approval_requests (request_id, session_id, route_id, triggered_by, approver_ids, status)
+    VALUES (?, ?, ?, ?, ?, 'pending')
+  `).run(request_id, session_id, route_id, triggered_by, JSON.stringify(approver_ids));
+}
+function getApprovalRequest(request_id) {
+    return db.prepare(`
+    SELECT * FROM approval_requests WHERE request_id = ?
+  `).get(request_id);
+}
+function getSessionApprovalRequests(session_id) {
+    return db.prepare(`
+    SELECT * FROM approval_requests WHERE session_id = ? ORDER BY triggered_at DESC
+  `).all(session_id);
+}
+function getPendingApprovals(approver_id) {
+    if (approver_id) {
+        return db.prepare(`
+      SELECT * FROM approval_requests
+      WHERE status = 'pending' AND approver_ids LIKE ?
+      ORDER BY triggered_at DESC
+    `).all(`%"${approver_id}"%`);
+    }
+    return db.prepare(`
+    SELECT * FROM approval_requests WHERE status = 'pending' ORDER BY triggered_at DESC
+  `).all();
+}
+function submitApprovalDecision(decision_id, request_id, approver_id, decision, reason) {
+    // Insert decision
+    db.prepare(`
+    INSERT INTO approval_decisions (decision_id, request_id, approver_id, decision, reason)
+    VALUES (?, ?, ?, ?, ?)
+  `).run(decision_id, request_id, approver_id, decision, reason ?? null);
+    // Update approval request counts
+    const request = getApprovalRequest(request_id);
+    if (!request)
+        throw new Error(`Request ${request_id} not found`);
+    const decisions = db.prepare(`
+    SELECT decision FROM approval_decisions WHERE request_id = ?
+  `).all(request_id);
+    const approvedCount = decisions.filter(d => d.decision === 'approve').length;
+    const rejectedCount = decisions.filter(d => d.decision === 'reject').length;
+    const approverIds = JSON.parse(request.approver_ids);
+    // Determine new status
+    let newStatus = 'pending';
+    if (rejectedCount > 0) {
+        newStatus = 'rejected';
+    }
+    else if (approvedCount >= approverIds.length) {
+        newStatus = 'approved';
+    }
+    db.prepare(`
+    UPDATE approval_requests
+    SET approved_count = ?, rejected_count = ?, status = ?, completed_at = ?
+    WHERE request_id = ?
+  `).run(approvedCount, rejectedCount, newStatus, newStatus !== 'pending' ? new Date().toISOString() : null, request_id);
+}
+function getApprovalDecisions(request_id) {
+    return db.prepare(`
+    SELECT * FROM approval_decisions WHERE request_id = ? ORDER BY decided_at ASC
+  `).all(request_id);
+}
+// Phase 3: Escalation rule functions
+function addEscalationRule(rule_id, name, escalation_targets, created_by, description, timeout_hours) {
+    db.prepare(`
+    INSERT OR REPLACE INTO escalation_rules (rule_id, name, description, timeout_hours, escalation_targets, created_by, status)
+    VALUES (?, ?, ?, ?, ?, ?, 'active')
+  `).run(rule_id, name, description ?? null, timeout_hours ?? 24, JSON.stringify(escalation_targets), created_by);
+}
+function getEscalationRule(rule_id) {
+    return db.prepare(`
+    SELECT * FROM escalation_rules WHERE rule_id = ?
+  `).get(rule_id);
+}
+function getAllEscalationRules() {
+    return db.prepare(`
+    SELECT * FROM escalation_rules WHERE status = 'active' ORDER BY name ASC
+  `).all();
+}
+function updateEscalationRule(rule_id, updates) {
+    const current = getEscalationRule(rule_id);
+    if (!current)
+        throw new Error(`Rule ${rule_id} not found`);
+    db.prepare(`
+    UPDATE escalation_rules
+    SET name = ?, description = ?, timeout_hours = ?, escalation_targets = ?
+    WHERE rule_id = ?
+  `).run(updates.name ?? current.name, updates.description ?? current.description, updates.timeout_hours ?? current.timeout_hours, updates.escalation_targets ? JSON.stringify(updates.escalation_targets) : current.escalation_targets, rule_id);
+}
+function deleteEscalationRule(rule_id) {
+    db.prepare(`
+    UPDATE escalation_rules SET status = 'inactive' WHERE rule_id = ?
+  `).run(rule_id);
+}
+// Phase 3: Escalation request functions
+function createEscalationRequest(request_id, approval_request_id, session_id, escalation_targets, deadline) {
+    db.prepare(`
+    INSERT INTO escalation_requests (request_id, approval_request_id, session_id, escalation_triggered_at, escalation_deadline, escalation_targets, status)
+    VALUES (?, ?, ?, datetime('now'), ?, ?, 'pending')
+  `).run(request_id, approval_request_id, session_id, deadline, JSON.stringify(escalation_targets));
+}
+function getEscalationRequest(request_id) {
+    return db.prepare(`
+    SELECT * FROM escalation_requests WHERE request_id = ?
+  `).get(request_id);
+}
+function getPendingEscalations() {
+    return db.prepare(`
+    SELECT * FROM escalation_requests WHERE status = 'pending' ORDER BY escalation_deadline ASC
+  `).all();
+}
+function getStaleApprovals(now) {
+    return db.prepare(`
+    SELECT DISTINCT ar.request_id as approval_request_id, ar.session_id
+    FROM approval_requests ar
+    WHERE ar.status = 'pending'
+      AND ar.triggered_at < ?
+      AND NOT EXISTS (
+        SELECT 1 FROM escalation_requests er
+        WHERE er.approval_request_id = ar.request_id
+      )
+  `).all(now);
+}
+function submitEscalationDecision(decision_id, escalation_request_id, target_id, decision, reason) {
+    db.prepare(`
+    INSERT INTO escalation_decisions (decision_id, escalation_request_id, target_id, decision, reason)
+    VALUES (?, ?, ?, ?, ?)
+  `).run(decision_id, escalation_request_id, target_id, decision, reason ?? null);
+    // Update escalation request status if all targets have decided
+    const request = getEscalationRequest(escalation_request_id);
+    if (!request)
+        return;
+    const decisions = db.prepare(`
+    SELECT DISTINCT decision FROM escalation_decisions WHERE escalation_request_id = ?
+  `).all(escalation_request_id);
+    const hasBlockDecision = decisions.some(d => d.decision === 'block');
+    const newStatus = hasBlockDecision ? 'blocked' : 'proceeded';
+    db.prepare(`
+    UPDATE escalation_requests
+    SET status = ?, decided_at = datetime('now'), decision = ?
+    WHERE request_id = ?
+  `).run(newStatus, newStatus, escalation_request_id);
+}
+function getEscalationDecisions(escalation_request_id) {
+    return db.prepare(`
+    SELECT * FROM escalation_decisions WHERE escalation_request_id = ? ORDER BY decided_at ASC
+  `).all(escalation_request_id);
+}
+function getEscalationHistory(session_id) {
+    return db.prepare(`
+    SELECT * FROM escalation_requests WHERE session_id = ? ORDER BY escalation_triggered_at DESC
+  `).all(session_id);
+}
 exports.default = db;