@way_marks/server 0.9.0 → 2.0.0

package/dist/db/database.js

@@ -49,6 +49,40 @@ exports.getActionsWithFiltering = getActionsWithFiltering;
 exports.archiveOldActions = archiveOldActions;
 exports.getArchivedActionsWithFiltering = getArchivedActionsWithFiltering;
 exports.getSummaryStats = getSummaryStats;
+exports.createSession = createSession;
+exports.getSession = getSession;
+exports.getAllSessions = getAllSessions;
+exports.getSessionActions = getSessionActions;
+exports.rollbackSession = rollbackSession;
+exports.markSessionRolledBack = markSessionRolledBack;
+exports.addTeamMember = addTeamMember;
+exports.getTeamMember = getTeamMember;
+exports.getTeamMemberByEmail = getTeamMemberByEmail;
+exports.getAllTeamMembers = getAllTeamMembers;
+exports.removeTeamMember = removeTeamMember;
+exports.addApprovalRoute = addApprovalRoute;
+exports.getApprovalRoute = getApprovalRoute;
+exports.getAllApprovalRoutes = getAllApprovalRoutes;
+exports.updateApprovalRoute = updateApprovalRoute;
+exports.deleteApprovalRoute = deleteApprovalRoute;
+exports.createApprovalRequest = createApprovalRequest;
+exports.getApprovalRequest = getApprovalRequest;
+exports.getSessionApprovalRequests = getSessionApprovalRequests;
+exports.getPendingApprovals = getPendingApprovals;
+exports.submitApprovalDecision = submitApprovalDecision;
+exports.getApprovalDecisions = getApprovalDecisions;
+exports.addEscalationRule = addEscalationRule;
+exports.getEscalationRule = getEscalationRule;
+exports.getAllEscalationRules = getAllEscalationRules;
+exports.updateEscalationRule = updateEscalationRule;
+exports.deleteEscalationRule = deleteEscalationRule;
+exports.createEscalationRequest = createEscalationRequest;
+exports.getEscalationRequest = getEscalationRequest;
+exports.getPendingEscalations = getPendingEscalations;
+exports.getStaleApprovals = getStaleApprovals;
+exports.submitEscalationDecision = submitEscalationDecision;
+exports.getEscalationDecisions = getEscalationDecisions;
+exports.getEscalationHistory = getEscalationHistory;
 const better_sqlite3_1 = __importDefault(require("better-sqlite3"));
 const fs = __importStar(require("fs"));
 const path = __importStar(require("path"));
@@ -56,169 +90,403 @@ const PROJECT_ROOT = process.env.WAYMARK_PROJECT_ROOT || process.cwd();
 const DB_PATH = process.env.WAYMARK_DB_PATH
     || path.join(PROJECT_ROOT, '.waymark', 'waymark.db');
 const DB_DIR = path.dirname(DB_PATH);
-// Ensure database directory exists
-if (!fs.existsSync(DB_DIR)) {
-    fs.mkdirSync(DB_DIR, { recursive: true });
-}
-const db = new better_sqlite3_1.default(DB_PATH);
-// Create table on startup
-db.exec(`
-  CREATE TABLE IF NOT EXISTS action_log (
-    id INTEGER PRIMARY KEY AUTOINCREMENT,
-    action_id TEXT UNIQUE NOT NULL,
-    session_id TEXT NOT NULL,
-    tool_name TEXT NOT NULL,
-    target_path TEXT,
-    input_payload TEXT NOT NULL,
-    before_snapshot TEXT,
-    after_snapshot TEXT,
-    status TEXT NOT NULL DEFAULT 'pending',
-    error_message TEXT,
-    stdout TEXT,
-    stderr TEXT,
-    rolled_back INTEGER NOT NULL DEFAULT 0,
-    rolled_back_at TEXT,
-    created_at DATETIME DEFAULT CURRENT_TIMESTAMP
-  )
-`);
-// Migrate existing DBs — add stdout/stderr if not present
-try {
-    db.exec('ALTER TABLE action_log ADD COLUMN stdout TEXT');
-}
-catch { }
-try {
-    db.exec('ALTER TABLE action_log ADD COLUMN stderr TEXT');
-}
-catch { }
-// Migrate v2: policy engine columns
-try {
-    db.exec("ALTER TABLE action_log ADD COLUMN decision TEXT NOT NULL DEFAULT 'allow'");
-}
-catch { }
-try {
-    db.exec('ALTER TABLE action_log ADD COLUMN policy_reason TEXT');
-}
-catch { }
-try {
-    db.exec('ALTER TABLE action_log ADD COLUMN matched_rule TEXT');
-}
-catch { }
-// Migrate v3: approval flow columns
-try {
-    db.exec('ALTER TABLE action_log ADD COLUMN approved_at TEXT');
-}
-catch { }
-try {
-    db.exec('ALTER TABLE action_log ADD COLUMN approved_by TEXT');
-}
-catch { }
-try {
-    db.exec('ALTER TABLE action_log ADD COLUMN rejected_at TEXT');
-}
-catch { }
-try {
-    db.exec('ALTER TABLE action_log ADD COLUMN rejected_reason TEXT');
-}
-catch { }
-// Migrate v4: Phase 1 — plan mode logging visibility
-try {
-    db.exec("ALTER TABLE action_log ADD COLUMN event_type TEXT NOT NULL DEFAULT 'execution'");
-}
-catch { }
-try {
-    db.exec('ALTER TABLE action_log ADD COLUMN observation_context TEXT');
-}
-catch { }
-try {
-    db.exec('ALTER TABLE action_log ADD COLUMN request_source TEXT DEFAULT \'direct\'');
-}
-catch { }
-// Migrate v5: Phase 5B — CLI action logging (GitHub Copilot CLI wrapper)
-try {
-    db.exec("ALTER TABLE action_log ADD COLUMN source TEXT DEFAULT 'mcp'");
-}
-catch { }
-// Indexes for query performance
-try {
-    db.exec('CREATE INDEX IF NOT EXISTS idx_action_id ON action_log(action_id)');
-}
-catch { }
-try {
-    db.exec('CREATE INDEX IF NOT EXISTS idx_status ON action_log(status)');
-}
-catch { }
-try {
-    db.exec('CREATE INDEX IF NOT EXISTS idx_session_id ON action_log(session_id)');
-}
-catch { }
-// Phase 3: Add indexes for pagination and filtering
-try {
-    db.exec('CREATE INDEX IF NOT EXISTS idx_tool_name ON action_log(tool_name)');
-}
-catch { }
-try {
-    db.exec('CREATE INDEX IF NOT EXISTS idx_created_at ON action_log(created_at DESC)');
-}
-catch { }
-try {
-    db.exec('CREATE INDEX IF NOT EXISTS idx_status_created ON action_log(status, created_at DESC)');
-}
-catch { }
-// Phase 3: Create archive table (same schema as action_log)
-db.exec(`
-  CREATE TABLE IF NOT EXISTS action_archive (
-    id INTEGER PRIMARY KEY AUTOINCREMENT,
-    action_id TEXT UNIQUE NOT NULL,
-    session_id TEXT NOT NULL,
-    tool_name TEXT NOT NULL,
-    target_path TEXT,
-    input_payload TEXT NOT NULL,
-    before_snapshot TEXT,
-    after_snapshot TEXT,
-    status TEXT NOT NULL DEFAULT 'pending',
-    error_message TEXT,
-    stdout TEXT,
-    stderr TEXT,
-    rolled_back INTEGER NOT NULL DEFAULT 0,
-    rolled_back_at TEXT,
-    created_at DATETIME DEFAULT CURRENT_TIMESTAMP,
-    decision TEXT NOT NULL DEFAULT 'allow',
-    policy_reason TEXT,
-    matched_rule TEXT,
-    approved_at TEXT,
-    approved_by TEXT,
-    rejected_at TEXT,
-    rejected_reason TEXT,
-    event_type TEXT NOT NULL DEFAULT 'execution',
-    observation_context TEXT,
-    request_source TEXT DEFAULT 'direct',
-    source TEXT DEFAULT 'mcp'
-  )
-`);
-// Phase 3: Add indexes on archive table
-try {
-    db.exec('CREATE INDEX IF NOT EXISTS idx_archive_action_id ON action_archive(action_id)');
-}
-catch { }
-try {
-    db.exec('CREATE INDEX IF NOT EXISTS idx_archive_created_at ON action_archive(created_at DESC)');
-}
-catch { }
-const insertStmt = db.prepare(`
-  INSERT INTO action_log (action_id, session_id, tool_name, target_path, input_payload, before_snapshot, status, decision, policy_reason, matched_rule, event_type, observation_context, request_source, source)
-  VALUES (@action_id, @session_id, @tool_name, @target_path, @input_payload, @before_snapshot, @status, @decision, @policy_reason, @matched_rule, @event_type, @observation_context, @request_source, @source)
-`);
-const updateStmt = db.prepare(`
-  UPDATE action_log
-  SET status = COALESCE(@status, status),
-      after_snapshot = COALESCE(@after_snapshot, after_snapshot),
-      error_message = COALESCE(@error_message, error_message),
-      stdout = COALESCE(@stdout, stdout),
-      stderr = COALESCE(@stderr, stderr)
-  WHERE action_id = @action_id
-`);
+// Lazy-load database to allow tests to mock it
+let db = null;
+let initialized = false;
+function initializeSchema(database) {
+    if (initialized)
+        return;
+    initialized = true;
+    // Create table on startup
+    database.exec(`
+    CREATE TABLE IF NOT EXISTS action_log (
+      id INTEGER PRIMARY KEY AUTOINCREMENT,
+      action_id TEXT UNIQUE NOT NULL,
+      session_id TEXT NOT NULL,
+      tool_name TEXT NOT NULL,
+      target_path TEXT,
+      input_payload TEXT NOT NULL,
+      before_snapshot TEXT,
+      after_snapshot TEXT,
+      status TEXT NOT NULL DEFAULT 'pending',
+      error_message TEXT,
+      stdout TEXT,
+      stderr TEXT,
+      rolled_back INTEGER NOT NULL DEFAULT 0,
+      rolled_back_at TEXT,
+      created_at DATETIME DEFAULT CURRENT_TIMESTAMP
+    )
+  `);
+    // Migrate existing DBs — add stdout/stderr if not present
+    try {
+        database.exec('ALTER TABLE action_log ADD COLUMN stdout TEXT');
+    }
+    catch { }
+    try {
+        database.exec('ALTER TABLE action_log ADD COLUMN stderr TEXT');
+    }
+    catch { }
+    // Migrate v2: policy engine columns
+    try {
+        database.exec("ALTER TABLE action_log ADD COLUMN decision TEXT NOT NULL DEFAULT 'allow'");
+    }
+    catch { }
+    try {
+        database.exec('ALTER TABLE action_log ADD COLUMN policy_reason TEXT');
+    }
+    catch { }
+    try {
+        database.exec('ALTER TABLE action_log ADD COLUMN matched_rule TEXT');
+    }
+    catch { }
+    // Migrate v3: approval flow columns
+    try {
+        database.exec('ALTER TABLE action_log ADD COLUMN approved_at TEXT');
+    }
+    catch { }
+    try {
+        database.exec('ALTER TABLE action_log ADD COLUMN approved_by TEXT');
+    }
+    catch { }
+    try {
+        database.exec('ALTER TABLE action_log ADD COLUMN rejected_at TEXT');
+    }
+    catch { }
+    try {
+        database.exec('ALTER TABLE action_log ADD COLUMN rejected_reason TEXT');
+    }
+    catch { }
+    // Migrate v4: Phase 1 — plan mode logging visibility
+    try {
+        database.exec("ALTER TABLE action_log ADD COLUMN event_type TEXT NOT NULL DEFAULT 'execution'");
+    }
+    catch { }
+    try {
+        database.exec('ALTER TABLE action_log ADD COLUMN observation_context TEXT');
+    }
+    catch { }
+    try {
+        database.exec('ALTER TABLE action_log ADD COLUMN request_source TEXT DEFAULT \'direct\'');
+    }
+    catch { }
+    // Migrate v5: Phase 5B — CLI action logging (GitHub Copilot CLI wrapper)
+    try {
+        database.exec("ALTER TABLE action_log ADD COLUMN source TEXT DEFAULT 'mcp'");
+    }
+    catch { }
+    // Migrate v6: Phase 1 — Session-level rollback
+    try {
+        database.exec('ALTER TABLE action_log ADD COLUMN rollback_group TEXT');
+    }
+    catch { }
+    try {
+        database.exec('ALTER TABLE action_log ADD COLUMN is_reversible INTEGER DEFAULT 1');
+    }
+    catch { }
+    try {
+        database.exec('ALTER TABLE action_log ADD COLUMN revert_action_id TEXT');
+    }
+    catch { }
+    // Phase 1: Create sessions table
+    database.exec(`
+    CREATE TABLE IF NOT EXISTS sessions (
+      session_id TEXT PRIMARY KEY,
+      user_id TEXT,
+      project_id TEXT,
+      created_at DATETIME DEFAULT CURRENT_TIMESTAMP,
+      rolled_back_at DATETIME,
+      status TEXT NOT NULL DEFAULT 'active'
+    )
+  `);
+    // Indexes for query performance
+    try {
+        database.exec('CREATE INDEX IF NOT EXISTS idx_action_id ON action_log(action_id)');
+    }
+    catch { }
+    try {
+        database.exec('CREATE INDEX IF NOT EXISTS idx_status ON action_log(status)');
+    }
+    catch { }
+    try {
+        database.exec('CREATE INDEX IF NOT EXISTS idx_session_id ON action_log(session_id)');
+    }
+    catch { }
+    // Phase 3: Add indexes for pagination and filtering
+    try {
+        database.exec('CREATE INDEX IF NOT EXISTS idx_tool_name ON action_log(tool_name)');
+    }
+    catch { }
+    try {
+        database.exec('CREATE INDEX IF NOT EXISTS idx_created_at ON action_log(created_at DESC)');
+    }
+    catch { }
+    try {
+        database.exec('CREATE INDEX IF NOT EXISTS idx_status_created ON action_log(status, created_at DESC)');
+    }
+    catch { }
+    // Phase 3: Create archive table (same schema as action_log)
+    database.exec(`
+    CREATE TABLE IF NOT EXISTS action_archive (
+      id INTEGER PRIMARY KEY AUTOINCREMENT,
+      action_id TEXT UNIQUE NOT NULL,
+      session_id TEXT NOT NULL,
+      tool_name TEXT NOT NULL,
+      target_path TEXT,
+      input_payload TEXT NOT NULL,
+      before_snapshot TEXT,
+      after_snapshot TEXT,
+      status TEXT NOT NULL DEFAULT 'pending',
+      error_message TEXT,
+      stdout TEXT,
+      stderr TEXT,
+      rolled_back INTEGER NOT NULL DEFAULT 0,
+      rolled_back_at TEXT,
+      created_at DATETIME DEFAULT CURRENT_TIMESTAMP,
+      decision TEXT NOT NULL DEFAULT 'allow',
+      policy_reason TEXT,
+      matched_rule TEXT,
+      approved_at TEXT,
+      approved_by TEXT,
+      rejected_at TEXT,
+      rejected_reason TEXT,
+      event_type TEXT NOT NULL DEFAULT 'execution',
+      observation_context TEXT,
+      request_source TEXT DEFAULT 'direct',
+      source TEXT DEFAULT 'mcp',
+      rollback_group TEXT,
+      is_reversible INTEGER DEFAULT 1,
+      revert_action_id TEXT
+    )
+  `);
+    // Phase 1: Add same columns to archive (migrations)
+    try {
+        database.exec('ALTER TABLE action_archive ADD COLUMN rollback_group TEXT');
+    }
+    catch { }
+    try {
+        database.exec('ALTER TABLE action_archive ADD COLUMN is_reversible INTEGER DEFAULT 1');
+    }
+    catch { }
+    try {
+        database.exec('ALTER TABLE action_archive ADD COLUMN revert_action_id TEXT');
+    }
+    catch { }
+    // Phase 3: Add indexes on archive table
+    try {
+        database.exec('CREATE INDEX IF NOT EXISTS idx_archive_action_id ON action_archive(action_id)');
+    }
+    catch { }
+    try {
+        database.exec('CREATE INDEX IF NOT EXISTS idx_archive_created_at ON action_archive(created_at DESC)');
+    }
+    catch { }
+    // Phase 1: Add indexes for session rollback
+    try {
+        database.exec('CREATE INDEX IF NOT EXISTS idx_action_session ON action_log(session_id, status)');
+    }
+    catch { }
+    try {
+        database.exec('CREATE INDEX IF NOT EXISTS idx_action_rollback_group ON action_log(rollback_group)');
+    }
+    catch { }
+    try {
+        database.exec('CREATE INDEX IF NOT EXISTS idx_sessions_status ON sessions(status, created_at DESC)');
+    }
+    catch { }
+    try {
+        database.exec('CREATE INDEX IF NOT EXISTS idx_archive_session ON action_archive(session_id)');
+    }
+    catch { }
+    // Phase 2: Create team_members table
+    database.exec(`
+    CREATE TABLE IF NOT EXISTS team_members (
+      member_id TEXT PRIMARY KEY,
+      name TEXT NOT NULL,
+      email TEXT NOT NULL UNIQUE,
+      slack_id TEXT,
+      role TEXT DEFAULT 'approver',
+      added_at DATETIME DEFAULT CURRENT_TIMESTAMP,
+      added_by TEXT,
+      status TEXT DEFAULT 'active'
+    )
+  `);
+    // Phase 2: Create approval_routes table (rules for who approves what)
+    database.exec(`
+    CREATE TABLE IF NOT EXISTS approval_routes (
+      route_id TEXT PRIMARY KEY,
+      name TEXT NOT NULL,
+      description TEXT,
+      condition_type TEXT DEFAULT 'all_sessions',
+      condition_json TEXT,
+      required_approvers INTEGER DEFAULT 1,
+      approver_ids TEXT NOT NULL,
+      created_at DATETIME DEFAULT CURRENT_TIMESTAMP,
+      created_by TEXT,
+      status TEXT DEFAULT 'active'
+    )
+  `);
+    // Phase 2: Create approval_requests table (pending/completed approvals)
+    database.exec(`
+    CREATE TABLE IF NOT EXISTS approval_requests (
+      request_id TEXT PRIMARY KEY,
+      session_id TEXT NOT NULL,
+      route_id TEXT NOT NULL,
+      triggered_by TEXT NOT NULL,
+      triggered_at DATETIME DEFAULT CURRENT_TIMESTAMP,
+      status TEXT DEFAULT 'pending',
+      completed_at DATETIME,
+      approver_ids TEXT NOT NULL,
+      approved_count INTEGER DEFAULT 0,
+      rejected_count INTEGER DEFAULT 0,
+      approval_details TEXT
+    )
+  `);
+    // Phase 2: Create approval_decisions table (audit trail)
+    database.exec(`
+    CREATE TABLE IF NOT EXISTS approval_decisions (
+      decision_id TEXT PRIMARY KEY,
+      request_id TEXT NOT NULL,
+      approver_id TEXT NOT NULL,
+      decision TEXT NOT NULL,
+      reason TEXT,
+      decided_at DATETIME DEFAULT CURRENT_TIMESTAMP
+    )
+  `);
+    // Phase 2: Add indexes for team tables
+    try {
+        database.exec('CREATE INDEX IF NOT EXISTS idx_team_members_email ON team_members(email)');
+    }
+    catch { }
+    try {
+        database.exec('CREATE INDEX IF NOT EXISTS idx_team_members_status ON team_members(status)');
+    }
+    catch { }
+    try {
+        database.exec('CREATE INDEX IF NOT EXISTS idx_approval_routes_status ON approval_routes(status)');
+    }
+    catch { }
+    try {
+        database.exec('CREATE INDEX IF NOT EXISTS idx_approval_requests_session ON approval_requests(session_id)');
+    }
+    catch { }
+    try {
+        database.exec('CREATE INDEX IF NOT EXISTS idx_approval_requests_status ON approval_requests(status)');
+    }
+    catch { }
+    try {
+        database.exec('CREATE INDEX IF NOT EXISTS idx_approval_requests_triggered ON approval_requests(triggered_at DESC)');
+    }
+    catch { }
+    try {
+        database.exec('CREATE INDEX IF NOT EXISTS idx_approval_decisions_request ON approval_decisions(request_id)');
+    }
+    catch { }
+    try {
+        database.exec('CREATE INDEX IF NOT EXISTS idx_approval_decisions_approver ON approval_decisions(approver_id)');
+    }
+    catch { }
+    // Phase 3: Create escalation_rules table
+    database.exec(`
+    CREATE TABLE IF NOT EXISTS escalation_rules (
+      rule_id TEXT PRIMARY KEY,
+      name TEXT NOT NULL,
+      description TEXT,
+      timeout_hours INTEGER DEFAULT 24,
+      escalation_targets TEXT NOT NULL,
+      created_at DATETIME DEFAULT CURRENT_TIMESTAMP,
+      created_by TEXT,
+      status TEXT DEFAULT 'active'
+    )
+  `);
+    // Phase 3: Create escalation_requests table
+    database.exec(`
+    CREATE TABLE IF NOT EXISTS escalation_requests (
+      request_id TEXT PRIMARY KEY,
+      approval_request_id TEXT NOT NULL,
+      session_id TEXT NOT NULL,
+      escalation_triggered_at DATETIME,
+      escalation_deadline DATETIME,
+      escalation_targets TEXT NOT NULL,
+      status TEXT DEFAULT 'pending',
+      decided_at DATETIME,
+      decision TEXT
+    )
+  `);
+    // Phase 3: Create escalation_decisions table
+    database.exec(`
+    CREATE TABLE IF NOT EXISTS escalation_decisions (
+      decision_id TEXT PRIMARY KEY,
+      escalation_request_id TEXT NOT NULL,
+      target_id TEXT NOT NULL,
+      decision TEXT NOT NULL,
+      reason TEXT,
+      decided_at DATETIME DEFAULT CURRENT_TIMESTAMP
+    )
+  `);
+    // Phase 3: Add indexes for escalation tables
+    try {
+        database.exec('CREATE INDEX IF NOT EXISTS idx_escalation_rules_status ON escalation_rules(status)');
+    }
+    catch { }
+    try {
+        database.exec('CREATE INDEX IF NOT EXISTS idx_escalation_requests_approval ON escalation_requests(approval_request_id)');
+    }
+    catch { }
+    try {
+        database.exec('CREATE INDEX IF NOT EXISTS idx_escalation_requests_deadline ON escalation_requests(escalation_deadline)');
+    }
+    catch { }
+    try {
+        database.exec('CREATE INDEX IF NOT EXISTS idx_escalation_requests_status ON escalation_requests(status)');
+    }
+    catch { }
+    try {
+        database.exec('CREATE INDEX IF NOT EXISTS idx_escalation_decisions_request ON escalation_decisions(escalation_request_id)');
+    }
+    catch { }
+    try {
+        database.exec('CREATE INDEX IF NOT EXISTS idx_escalation_decisions_target ON escalation_decisions(target_id)');
+    }
+    catch { }
+}
+function getDb() {
+    if (!db) {
+        // Ensure database directory exists
+        if (!fs.existsSync(DB_DIR)) {
+            fs.mkdirSync(DB_DIR, { recursive: true });
+        }
+        db = new better_sqlite3_1.default(DB_PATH);
+        initializeSchema(db);
+    }
+    return db;
+}
+let insertStmt = null;
+let updateStmt = null;
+function getInsertStmt() {
+    if (!insertStmt) {
+        insertStmt = getDb().prepare(`
+      INSERT INTO action_log (action_id, session_id, tool_name, target_path, input_payload, before_snapshot, status, decision, policy_reason, matched_rule, event_type, observation_context, request_source, source)
+      VALUES (@action_id, @session_id, @tool_name, @target_path, @input_payload, @before_snapshot, @status, @decision, @policy_reason, @matched_rule, @event_type, @observation_context, @request_source, @source)
+    `);
+    }
+    return insertStmt;
+}
+function getUpdateStmt() {
+    if (!updateStmt) {
+        updateStmt = getDb().prepare(`
+      UPDATE action_log
+      SET status = COALESCE(@status, status),
+          after_snapshot = COALESCE(@after_snapshot, after_snapshot),
+          error_message = COALESCE(@error_message, error_message),
+          stdout = COALESCE(@stdout, stdout),
+          stderr = COALESCE(@stderr, stderr)
+      WHERE action_id = @action_id
+    `);
+    }
+    return updateStmt;
+}
 function insertAction(params) {
-    insertStmt.run({
+    getInsertStmt().run({
         action_id: params.action_id,
         session_id: params.session_id,
         tool_name: params.tool_name,
@@ -236,7 +504,7 @@ function insertAction(params) {
     });
 }
 function updateAction(action_id, params) {
-    updateStmt.run({
+    getUpdateStmt().run({
         action_id,
         status: params.status ?? null,
         after_snapshot: params.after_snapshot ?? null,
@@ -246,24 +514,24 @@ function updateAction(action_id, params) {
     });
 }
 function getActions() {
-    return db.prepare(`
+    return getDb().prepare(`
     SELECT * FROM action_log ORDER BY created_at DESC LIMIT 100
   `).all();
 }
 function getAction(action_id) {
-    return db.prepare(`
+    return getDb().prepare(`
     SELECT * FROM action_log WHERE action_id = ?
   `).get(action_id);
 }
 function markRolledBack(action_id) {
-    db.prepare(`
+    getDb().prepare(`
     UPDATE action_log
     SET rolled_back = 1, rolled_back_at = datetime('now')
     WHERE action_id = ?
   `).run(action_id);
 }
 function getSessions() {
-    return db.prepare(`
+    return getDb().prepare(`
     SELECT session_id,
            COUNT(*) as action_count,
            MAX(created_at) as latest
@@ -273,7 +541,7 @@ function getSessions() {
   `).all();
 }
 function approveAction(action_id, approved_by, after_snapshot) {
-    db.prepare(`
+    getDb().prepare(`
     UPDATE action_log
     SET status = 'success',
         decision = 'allow',
@@ -284,7 +552,7 @@ function approveAction(action_id, approved_by, after_snapshot) {
   `).run({ action_id, approved_by, after_snapshot: after_snapshot ?? null });
 }
 function rejectAction(action_id, reason) {
-    db.prepare(`
+    getDb().prepare(`
     UPDATE action_log
     SET status = 'rejected',
         decision = 'rejected',
@@ -294,7 +562,7 @@ function rejectAction(action_id, reason) {
   `).run({ action_id, reason });
 }
 function getPendingCount() {
-    const row = db.prepare(`
+    const row = getDb().prepare(`
     SELECT COUNT(*) as count FROM action_log WHERE status = 'pending'
   `).get();
     return row.count;
@@ -318,12 +586,12 @@ function getActionsWithFiltering(filter = {}) {
         params.search = `%${filter.search}%`;
     }
     // Get total count
-    const countRow = db.prepare(`
+    const countRow = getDb().prepare(`
     SELECT COUNT(*) as count FROM action_log WHERE ${where}
   `).get(params);
     const totalCount = countRow.count;
     // Get paginated results
-    const actions = db.prepare(`
+    const actions = getDb().prepare(`
     SELECT * FROM action_log WHERE ${where}
     ORDER BY created_at DESC
     LIMIT @limit OFFSET @offset
@@ -341,12 +609,12 @@ function archiveOldActions(daysOld = 30) {
     cutoffDate.setDate(cutoffDate.getDate() - daysOld);
     const cutoffStr = cutoffDate.toISOString();
     // Copy old actions to archive
-    const result = db.prepare(`
+    const result = getDb().prepare(`
     INSERT OR IGNORE INTO action_archive
     SELECT * FROM action_log WHERE created_at < @cutoff
   `).run({ cutoff: cutoffStr });
     // Delete from main table (but keep recent entries)
-    const deleteStmt = db.prepare(`
+    const deleteStmt = getDb().prepare(`
     DELETE FROM action_log WHERE created_at < @cutoff
     AND id NOT IN (
       SELECT id FROM action_log ORDER BY created_at DESC LIMIT 1000
@@ -373,11 +641,11 @@ function getArchivedActionsWithFiltering(filter = {}) {
         where += ' AND (action_id LIKE @search OR target_path LIKE @search)';
         params.search = `%${filter.search}%`;
     }
-    const countRow = db.prepare(`
+    const countRow = getDb().prepare(`
     SELECT COUNT(*) as count FROM action_archive WHERE ${where}
   `).get(params);
     const totalCount = countRow.count;
-    const actions = db.prepare(`
+    const actions = getDb().prepare(`
     SELECT * FROM action_archive WHERE ${where}
     ORDER BY created_at DESC
     LIMIT @limit OFFSET @offset
@@ -395,34 +663,34 @@ function getSummaryStats() {
     const today = new Date(now.getFullYear(), now.getMonth(), now.getDate()).toISOString();
     const weekAgo = new Date(now.getTime() - 7 * 24 * 60 * 60 * 1000).toISOString();
     const monthAgo = new Date(now.getTime() - 30 * 24 * 60 * 60 * 1000).toISOString();
-    const total = db.prepare(`
+    const total = getDb().prepare(`
     SELECT COUNT(*) as count FROM action_log
   `).get();
-    const pending = db.prepare(`
+    const pending = getDb().prepare(`
     SELECT COUNT(*) as count FROM action_log WHERE status = 'pending'
   `).get();
-    const approved = db.prepare(`
+    const approved = getDb().prepare(`
     SELECT COUNT(*) as count FROM action_log WHERE status = 'success' OR decision = 'allow'
   `).get();
-    const rejected = db.prepare(`
+    const rejected = getDb().prepare(`
     SELECT COUNT(*) as count FROM action_log WHERE status = 'rejected' OR decision = 'rejected'
   `).get();
-    const todayCount = db.prepare(`
+    const todayCount = getDb().prepare(`
     SELECT COUNT(*) as count FROM action_log WHERE created_at >= @today
   `).get({ today });
-    const weekCount = db.prepare(`
+    const weekCount = getDb().prepare(`
     SELECT COUNT(*) as count FROM action_log WHERE created_at >= @weekAgo
   `).get({ weekAgo });
-    const monthCount = db.prepare(`
+    const monthCount = getDb().prepare(`
     SELECT COUNT(*) as count FROM action_log WHERE created_at >= @monthAgo
   `).get({ monthAgo });
-    const topTools = db.prepare(`
+    const topTools = getDb().prepare(`
     SELECT tool_name as tool, COUNT(*) as count FROM action_log
     GROUP BY tool_name
     ORDER BY count DESC
     LIMIT 5
   `).all();
-    const topPaths = db.prepare(`
+    const topPaths = getDb().prepare(`
     SELECT target_path as path, COUNT(*) as count FROM action_log
     WHERE target_path IS NOT NULL
     GROUP BY target_path
@@ -441,4 +709,305 @@ function getSummaryStats() {
         topPaths,
     };
 }
+// Phase 1: Session management functions
+function createSession(session_id, user_id, project_id) {
+    getDb().prepare(`
+    INSERT OR IGNORE INTO sessions (session_id, user_id, project_id, status)
+    VALUES (?, ?, ?, 'active')
+  `).run(session_id, user_id ?? null, project_id ?? null);
+}
+function getSession(session_id) {
+    return getDb().prepare(`
+    SELECT * FROM sessions WHERE session_id = ?
+  `).get(session_id);
+}
+function getAllSessions() {
+    return getDb().prepare(`
+    SELECT * FROM sessions ORDER BY created_at DESC
+  `).all();
+}
+function getSessionActions(session_id) {
+    return getDb().prepare(`
+    SELECT * FROM action_log
+    WHERE session_id = ?
+    ORDER BY created_at ASC
+  `).all(session_id);
+}
+function rollbackSession(session_id) {
+    try {
+        // Start transaction
+        const transaction = getDb().transaction(() => {
+            // Get all actions in session
+            const actions = getSessionActions(session_id);
+            if (actions.length === 0) {
+                throw new Error(`Session ${session_id} has no actions to rollback`);
+            }
+            // Check if all actions are reversible
+            const nonReversible = actions.filter(a => a.is_reversible === 0);
+            if (nonReversible.length > 0) {
+                throw new Error(`${nonReversible.length} action(s) in session are not reversible`);
+            }
+            // For each action, perform rollback
+            let rolledBackCount = 0;
+            for (const action of actions) {
+                // Mark as rolled back
+                markRolledBack(action.action_id);
+                rolledBackCount++;
+                // If before_snapshot exists, restore it (for write_file actions)
+                if (action.before_snapshot) {
+                    try {
+                        const snapshot = JSON.parse(action.before_snapshot);
+                        if (snapshot.file_path && snapshot.content !== undefined) {
+                            // This will be handled by the rollback manager
+                            // We just mark it as rolled back here
+                        }
+                    }
+                    catch { }
+                }
+            }
+            // Mark session as rolled back
+            getDb().prepare(`
+        UPDATE sessions
+        SET rolled_back_at = datetime('now'), status = 'rolled_back'
+        WHERE session_id = ?
+      `).run(session_id);
+            return rolledBackCount;
+        });
+        const actionsRolledBack = transaction();
+        return {
+            success: true,
+            session_id,
+            actions_rolled_back: actionsRolledBack,
+        };
+    }
+    catch (error) {
+        return {
+            success: false,
+            session_id,
+            actions_rolled_back: 0,
+            error: error.message,
+        };
+    }
+}
+function markSessionRolledBack(session_id) {
+    getDb().prepare(`
+    UPDATE sessions
+    SET rolled_back_at = datetime('now'), status = 'rolled_back'
+    WHERE session_id = ?
+  `).run(session_id);
+}
+// Phase 2: Team member functions
+function addTeamMember(member_id, name, email, added_by, slack_id) {
+    getDb().prepare(`
+    INSERT OR REPLACE INTO team_members (member_id, name, email, slack_id, added_by, status)
+    VALUES (?, ?, ?, ?, ?, 'active')
+  `).run(member_id, name, email, slack_id ?? null, added_by);
+}
+function getTeamMember(member_id) {
+    return getDb().prepare(`
+    SELECT * FROM team_members WHERE member_id = ?
+  `).get(member_id);
+}
+function getTeamMemberByEmail(email) {
+    return getDb().prepare(`
+    SELECT * FROM team_members WHERE email = ?
+  `).get(email);
+}
+function getAllTeamMembers() {
+    return getDb().prepare(`
+    SELECT * FROM team_members WHERE status = 'active' ORDER BY name ASC
+  `).all();
+}
+function removeTeamMember(member_id) {
+    getDb().prepare(`
+    UPDATE team_members SET status = 'inactive' WHERE member_id = ?
+  `).run(member_id);
+}
+// Phase 2: Approval route functions
+function addApprovalRoute(route_id, name, approver_ids, created_by, description, condition_type, condition_json) {
+    getDb().prepare(`
+    INSERT OR REPLACE INTO approval_routes (route_id, name, description, condition_type, condition_json, approver_ids, created_by, status)
+    VALUES (?, ?, ?, ?, ?, ?, ?, 'active')
+  `).run(route_id, name, description ?? null, condition_type ?? 'all_sessions', condition_json ?? null, JSON.stringify(approver_ids), created_by);
+}
+function getApprovalRoute(route_id) {
+    return getDb().prepare(`
+    SELECT * FROM approval_routes WHERE route_id = ?
+  `).get(route_id);
+}
+function getAllApprovalRoutes() {
+    return getDb().prepare(`
+    SELECT * FROM approval_routes WHERE status = 'active' ORDER BY name ASC
+  `).all();
+}
+function updateApprovalRoute(route_id, updates) {
+    const current = getApprovalRoute(route_id);
+    if (!current)
+        throw new Error(`Route ${route_id} not found`);
+    getDb().prepare(`
+    UPDATE approval_routes
+    SET name = ?, description = ?, approver_ids = ?
+    WHERE route_id = ?
+  `).run(updates.name ?? current.name, updates.description ?? current.description, updates.approver_ids ? JSON.stringify(updates.approver_ids) : current.approver_ids, route_id);
+}
+function deleteApprovalRoute(route_id) {
+    getDb().prepare(`
+    UPDATE approval_routes SET status = 'inactive' WHERE route_id = ?
+  `).run(route_id);
+}
+// Phase 2: Approval request functions
+function createApprovalRequest(request_id, session_id, route_id, triggered_by, approver_ids) {
+    getDb().prepare(`
+    INSERT INTO approval_requests (request_id, session_id, route_id, triggered_by, approver_ids, status)
+    VALUES (?, ?, ?, ?, ?, 'pending')
+  `).run(request_id, session_id, route_id, triggered_by, JSON.stringify(approver_ids));
+}
+function getApprovalRequest(request_id) {
+    return getDb().prepare(`
+    SELECT * FROM approval_requests WHERE request_id = ?
+  `).get(request_id);
+}
+function getSessionApprovalRequests(session_id) {
+    return getDb().prepare(`
+    SELECT * FROM approval_requests WHERE session_id = ? ORDER BY triggered_at DESC
+  `).all(session_id);
+}
+function getPendingApprovals(approver_id) {
+    if (approver_id) {
+        return getDb().prepare(`
+      SELECT * FROM approval_requests
+      WHERE status = 'pending' AND approver_ids LIKE ?
+      ORDER BY triggered_at DESC
+    `).all(`%"${approver_id}"%`);
+    }
+    return getDb().prepare(`
+    SELECT * FROM approval_requests WHERE status = 'pending' ORDER BY triggered_at DESC
+  `).all();
+}
+function submitApprovalDecision(decision_id, request_id, approver_id, decision, reason) {
+    // Insert decision
+    getDb().prepare(`
+    INSERT INTO approval_decisions (decision_id, request_id, approver_id, decision, reason)
+    VALUES (?, ?, ?, ?, ?)
+  `).run(decision_id, request_id, approver_id, decision, reason ?? null);
+    // Update approval request counts
+    const request = getApprovalRequest(request_id);
+    if (!request)
+        throw new Error(`Request ${request_id} not found`);
+    const decisions = getDb().prepare(`
+    SELECT decision FROM approval_decisions WHERE request_id = ?
+  `).all(request_id);
+    const approvedCount = decisions.filter(d => d.decision === 'approve').length;
+    const rejectedCount = decisions.filter(d => d.decision === 'reject').length;
+    const approverIds = JSON.parse(request.approver_ids);
+    // Determine new status
+    let newStatus = 'pending';
+    if (rejectedCount > 0) {
+        newStatus = 'rejected';
+    }
+    else if (approvedCount >= approverIds.length) {
+        newStatus = 'approved';
+    }
+    getDb().prepare(`
+    UPDATE approval_requests
+    SET approved_count = ?, rejected_count = ?, status = ?, completed_at = ?
+    WHERE request_id = ?
+  `).run(approvedCount, rejectedCount, newStatus, newStatus !== 'pending' ? new Date().toISOString() : null, request_id);
+}
+function getApprovalDecisions(request_id) {
+    return getDb().prepare(`
+    SELECT * FROM approval_decisions WHERE request_id = ? ORDER BY decided_at ASC
+  `).all(request_id);
+}
+// Phase 3: Escalation rule functions
+function addEscalationRule(rule_id, name, escalation_targets, created_by, description, timeout_hours) {
+    getDb().prepare(`
+    INSERT OR REPLACE INTO escalation_rules (rule_id, name, description, timeout_hours, escalation_targets, created_by, status)
+    VALUES (?, ?, ?, ?, ?, ?, 'active')
+  `).run(rule_id, name, description ?? null, timeout_hours ?? 24, JSON.stringify(escalation_targets), created_by);
+}
+function getEscalationRule(rule_id) {
+    return getDb().prepare(`
+    SELECT * FROM escalation_rules WHERE rule_id = ?
+  `).get(rule_id);
+}
+function getAllEscalationRules() {
+    return getDb().prepare(`
+    SELECT * FROM escalation_rules WHERE status = 'active' ORDER BY name ASC
+  `).all();
+}
+function updateEscalationRule(rule_id, updates) {
+    const current = getEscalationRule(rule_id);
+    if (!current)
+        throw new Error(`Rule ${rule_id} not found`);
+    getDb().prepare(`
+    UPDATE escalation_rules
+    SET name = ?, description = ?, timeout_hours = ?, escalation_targets = ?
+    WHERE rule_id = ?
+  `).run(updates.name ?? current.name, updates.description ?? current.description, updates.timeout_hours ?? current.timeout_hours, updates.escalation_targets ? JSON.stringify(updates.escalation_targets) : current.escalation_targets, rule_id);
+}
+function deleteEscalationRule(rule_id) {
+    getDb().prepare(`
+    UPDATE escalation_rules SET status = 'inactive' WHERE rule_id = ?
+  `).run(rule_id);
+}
+// Phase 3: Escalation request functions
+function createEscalationRequest(request_id, approval_request_id, session_id, escalation_targets, deadline) {
+    getDb().prepare(`
+    INSERT INTO escalation_requests (request_id, approval_request_id, session_id, escalation_triggered_at, escalation_deadline, escalation_targets, status)
+    VALUES (?, ?, ?, datetime('now'), ?, ?, 'pending')
+  `).run(request_id, approval_request_id, session_id, deadline, JSON.stringify(escalation_targets));
+}
+function getEscalationRequest(request_id) {
+    return getDb().prepare(`
+    SELECT * FROM escalation_requests WHERE request_id = ?
+  `).get(request_id);
+}
+function getPendingEscalations() {
+    return getDb().prepare(`
+    SELECT * FROM escalation_requests WHERE status = 'pending' ORDER BY escalation_deadline ASC
+  `).all();
+}
+function getStaleApprovals(now) {
+    return getDb().prepare(`
+    SELECT DISTINCT ar.request_id as approval_request_id, ar.session_id
+    FROM approval_requests ar
+    WHERE ar.status = 'pending'
+      AND ar.triggered_at < ?
+      AND NOT EXISTS (
+        SELECT 1 FROM escalation_requests er
+        WHERE er.approval_request_id = ar.request_id
+      )
+  `).all(now);
+}
+function submitEscalationDecision(decision_id, escalation_request_id, target_id, decision, reason) {
+    getDb().prepare(`
+    INSERT INTO escalation_decisions (decision_id, escalation_request_id, target_id, decision, reason)
+    VALUES (?, ?, ?, ?, ?)
+  `).run(decision_id, escalation_request_id, target_id, decision, reason ?? null);
+    // Update escalation request status if all targets have decided
+    const request = getEscalationRequest(escalation_request_id);
+    if (!request)
+        return;
+    const decisions = getDb().prepare(`
+    SELECT DISTINCT decision FROM escalation_decisions WHERE escalation_request_id = ?
+  `).all(escalation_request_id);
+    const hasBlockDecision = decisions.some(d => d.decision === 'block');
+    const newStatus = hasBlockDecision ? 'blocked' : 'proceeded';
+    getDb().prepare(`
+    UPDATE escalation_requests
+    SET status = ?, decided_at = datetime('now'), decision = ?
+    WHERE request_id = ?
+  `).run(newStatus, newStatus, escalation_request_id);
+}
+function getEscalationDecisions(escalation_request_id) {
+    return getDb().prepare(`
+    SELECT * FROM escalation_decisions WHERE escalation_request_id = ? ORDER BY decided_at ASC
+  `).all(escalation_request_id);
+}
+function getEscalationHistory(session_id) {
+    return getDb().prepare(`
+    SELECT * FROM escalation_requests WHERE session_id = ? ORDER BY escalation_triggered_at DESC
+  `).all(session_id);
+}
 exports.default = db;