@way_marks/server 0.9.0 → 2.0.0

package/dist/approval/manager.js

@@ -0,0 +1,249 @@
+"use strict";
+/**
+ * Approval Manager — Core logic for team approval routing
+ *
+ * Responsibilities:
+ * - Determine which approvers are required for a given session rollback
+ * - Create approval requests (pending approvals)
+ * - Process approval decisions (approve/reject)
+ * - Check if all required approvals are satisfied
+ * - Track approval history and audit trail
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.determineRequiredApprovers = determineRequiredApprovers;
+exports.createApprovalRequestForSession = createApprovalRequestForSession;
+exports.submitApprovalDecision = submitApprovalDecision;
+exports.getApprovalStatus = getApprovalStatus;
+exports.canProceedWithRollback = canProceedWithRollback;
+exports.getPendingApprovalsForUser = getPendingApprovalsForUser;
+exports.getApprovalHistory = getApprovalHistory;
+const database_1 = require("../db/database");
+/**
+ * Determine if a session rollback requires approval based on routes
+ */
+function determineRequiredApprovers(session, actions) {
+    const routes = (0, database_1.getAllApprovalRoutes)();
+    // Collect all unique approvers from matching routes
+    const requiredApprovers = new Set();
+    const matchedRoutes = [];
+    for (const route of routes) {
+        if (routeMatches(route, session, actions)) {
+            matchedRoutes.push(route);
+            const approvers = JSON.parse(route.approver_ids);
+            approvers.forEach(a => requiredApprovers.add(a));
+        }
+    }
+    const approverArray = Array.from(requiredApprovers);
+    const requiresApproval = approverArray.length > 0;
+    return {
+        requiresApproval,
+        requiredApprovers: approverArray,
+        routes: matchedRoutes,
+        reason: requiresApproval
+            ? `${matchedRoutes.length} approval route(s) matched`
+            : 'No approval routes matched',
+    };
+}
+/**
+ * Check if an approval route matches the given session
+ */
+function routeMatches(route, session, actions) {
+    const condition_type = route.condition_type || 'all_sessions';
+    switch (condition_type) {
+        case 'all_sessions':
+            return true;
+        case 'tool_name':
+            // Match if any action uses specified tool
+            if (!route.condition_json)
+                return false;
+            try {
+                const condition = JSON.parse(route.condition_json);
+                return actions.some(a => a.tool_name === condition.value);
+            }
+            catch {
+                return false;
+            }
+        case 'action_count':
+            // Match if action count exceeds threshold
+            if (!route.condition_json)
+                return false;
+            try {
+                const condition = JSON.parse(route.condition_json);
+                const threshold = condition.value || 5;
+                return actions.length >= threshold;
+            }
+            catch {
+                return false;
+            }
+        case 'risk_level':
+            // Match if any action is flagged as high-risk
+            if (!route.condition_json)
+                return false;
+            try {
+                const condition = JSON.parse(route.condition_json);
+                // Check if any action has is_reversible = 0 (irreversible = high risk)
+                return actions.some(a => a.is_reversible === 0);
+            }
+            catch {
+                return false;
+            }
+        default:
+            return false;
+    }
+}
+/**
+ * Create an approval request for a session rollback
+ * Returns request_id and list of required approvers
+ */
+function createApprovalRequestForSession(session_id, session, actions, triggered_by) {
+    try {
+        const check = determineRequiredApprovers(session, actions);
+        if (!check.requiresApproval) {
+            // No approval needed
+            return {
+                success: true,
+                request_id: '', // No request created
+                requires_approval: false,
+                required_approvers: [],
+                pending_approvers: [],
+            };
+        }
+        // Create approval request
+        const request_id = `approval-${session_id}-${Date.now()}`;
+        const route_id = check.routes[0].route_id; // Use first matching route
+        (0, database_1.createApprovalRequest)(request_id, session_id, route_id, triggered_by, check.requiredApprovers);
+        return {
+            success: true,
+            request_id,
+            requires_approval: true,
+            required_approvers: check.requiredApprovers,
+            pending_approvers: check.requiredApprovers, // All are pending initially
+        };
+    }
+    catch (error) {
+        return {
+            success: false,
+            request_id: '',
+            requires_approval: false,
+            required_approvers: [],
+            pending_approvers: [],
+            error: error.message,
+        };
+    }
+}
+/**
+ * Submit an approval decision (approve or reject)
+ */
+function submitApprovalDecision(request_id, approver_id, decision, reason) {
+    try {
+        const request = (0, database_1.getApprovalRequest)(request_id);
+        if (!request) {
+            throw new Error(`Approval request ${request_id} not found`);
+        }
+        // Verify approver is authorized for this request
+        const approvers = JSON.parse(request.approver_ids);
+        if (!approvers.includes(approver_id)) {
+            throw new Error(`${approver_id} is not authorized to approve this request`);
+        }
+        // Check if already decided by this approver
+        const existingDecisions = (0, database_1.getApprovalDecisions)(request_id);
+        if (existingDecisions.some(d => d.approver_id === approver_id)) {
+            throw new Error(`${approver_id} has already made a decision on this request`);
+        }
+        // Record decision
+        const decision_id = `decision-${request_id}-${approver_id}-${Date.now()}`;
+        (0, database_1.submitApprovalDecision)(decision_id, request_id, approver_id, decision, reason);
+        // Return updated status
+        return getApprovalStatus(request_id);
+    }
+    catch (error) {
+        throw new Error(`Failed to submit decision: ${error.message}`);
+    }
+}
+/**
+ * Get the current approval status
+ */
+function getApprovalStatus(request_id) {
+    const request = (0, database_1.getApprovalRequest)(request_id);
+    if (!request) {
+        throw new Error(`Approval request ${request_id} not found`);
+    }
+    const decisions = (0, database_1.getApprovalDecisions)(request_id);
+    const approvers = JSON.parse(request.approver_ids);
+    const pendingApprovers = approvers.filter(a => !decisions.some(d => d.approver_id === a));
+    const approvedCount = decisions.filter(d => d.decision === 'approve').length;
+    const rejectedCount = decisions.filter(d => d.decision === 'reject').length;
+    // Determine if we can proceed
+    let can_proceed = false;
+    const approverIds = JSON.parse(request.approver_ids);
+    let status = 'pending';
+    if (rejectedCount > 0) {
+        status = 'rejected';
+        can_proceed = false;
+    }
+    else if (approvedCount >= approverIds.length) {
+        status = 'approved';
+        can_proceed = true;
+    }
+    else if (approvedCount > 0 && rejectedCount === 0) {
+        status = 'mixed';
+        can_proceed = false;
+    }
+    return {
+        request_id,
+        status,
+        approved_count: approvedCount,
+        rejected_count: rejectedCount,
+        pending_count: pendingApprovers.length,
+        required_approvers: approverIds.length,
+        decisions: decisions.map(d => ({
+            approver_id: d.approver_id,
+            decision: d.decision,
+            reason: d.reason ?? undefined,
+        })),
+        can_proceed,
+    };
+}
+/**
+ * Check if all required approvals are satisfied for a session rollback
+ */
+function canProceedWithRollback(request_id) {
+    try {
+        const status = getApprovalStatus(request_id);
+        return status.can_proceed;
+    }
+    catch {
+        return false;
+    }
+}
+/**
+ * Get all pending approvals for a specific approver
+ */
+function getPendingApprovalsForUser(approver_id) {
+    const allRequests = (0, database_1.getSessionApprovalRequests)(''); // Get all (filter by approver below)
+    // Filter: only pending requests where user is an approver and hasn't decided
+    return allRequests.filter(req => {
+        if (req.status !== 'pending')
+            return false;
+        const approvers = JSON.parse(req.approver_ids);
+        if (!approvers.includes(approver_id))
+            return false;
+        const decisions = (0, database_1.getApprovalDecisions)(req.request_id);
+        return !decisions.some(d => d.approver_id === approver_id);
+    });
+}
+/**
+ * Get approval history for a session
+ */
+function getApprovalHistory(session_id) {
+    return (0, database_1.getSessionApprovalRequests)(session_id);
+}
+exports.default = {
+    determineRequiredApprovers,
+    createApprovalRequestForSession,
+    submitApprovalDecision,
+    getApprovalStatus,
+    canProceedWithRollback,
+    getPendingApprovalsForUser,
+    getApprovalHistory,
+};