@xalia/agent 0.6.2 → 0.6.4

package/dist/agent/src/chat/server/openSession.js

@@ -1,6 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.OpenSession = exports.GUEST_TOKEN_PREFIX = exports.DEFAULT_NUM_MESSGAES = void 0;
+exports.OpenSession = exports.ChatSessionAgentEventHandler = exports.ChatSessionMessageSender = exports.GUEST_TOKEN_PREFIX = exports.DEFAULT_NUM_MESSGAES = void 0;
 const assert_1 = require("assert");
 const sdk_1 = require("@xalia/xmcp/sdk");
 const agent_1 = require("../../agent/agent");
@@ -43,6 +43,140 @@ class DBCheckpointWriter {
         return this.db.sessionCheckpointSet(this.sessionId, checkpoint);
     }
 }
+class ChatSessionMessageSender {
+    constructor(connectionManager, sessionParticipants) {
+        this.connectionManager = connectionManager;
+        this.sessionParticipants = sessionParticipants;
+    }
+    broadcast(msg) {
+        const users = new Set(this.sessionParticipants.keys());
+        this.connectionManager.sendToUsers(users, msg);
+    }
+    sendTo(userUUID, msg) {
+        this.connectionManager.sendToUsers(new Set([userUUID]), msg);
+    }
+}
+exports.ChatSessionMessageSender = ChatSessionMessageSender;
+class ChatSessionPlatform {
+    constructor(sender, sessionUUID, ownerUUID) {
+        this.sender = sender;
+        this.sessionUUID = sessionUUID;
+        this.ownerUUID = ownerUUID;
+    }
+    // IPlatform.openUrl
+    openUrl(url, authResultP, display_name) {
+        // These requests are always passed to the original owner, since it is
+        // their settings that will be used for all MCP servers.
+        this.sender.broadcast({
+            type: "authentication_started",
+            session_id: this.sessionUUID,
+            url,
+        });
+        this.sender.sendTo(this.ownerUUID, {
+            type: "authenticate",
+            session_id: this.sessionUUID,
+            url,
+            display_name,
+        });
+        // TODO: auth timeout
+        // Don't stall this function waiting for authentication
+        void authResultP.then((result) => {
+            this.sender.broadcast({
+                type: "authentication_finished",
+                session_id: this.sessionUUID,
+                url,
+                result,
+            });
+        });
+    }
+    // IPlatform.load
+    load(filename) {
+        if (process.env.DEVELOPMENT === "1") {
+            return nodePlatform_1.NODE_PLATFORM.load(filename);
+        }
+        throw new errors_1.ChatErrorMessage("Platform.load not implemented");
+    }
+    // IPlatform.renderHTML
+    renderHTML(html) {
+        return new Promise((r) => {
+            this.sender.broadcast({
+                type: "render_html",
+                html,
+                session_id: this.sessionUUID,
+            });
+            r();
+        });
+    }
+}
+class ChatSessionAgentEventHandler {
+    constructor(sessionUUID, sender, approvalManager, contextManager) {
+        this.sessionUUID = sessionUUID;
+        this.sender = sender;
+        this.approvalManager = approvalManager;
+        this.contextManager = contextManager;
+    }
+    onCompletion(result) {
+        logger.debug(`[OpenSession.onCompletion] : ${JSON.stringify(result)}`);
+        // Nothing to broadcast. Caller will receive this via onAgentMessage.
+        this.contextManager.processAgentResponse(result);
+    }
+    onImage(image) {
+        logger.debug(`[OpenSession.onImage] : ${image.image_url.url}`);
+        throw new Error("[OpenSession.onImage] unimplemented");
+    }
+    onToolCallResult(result) {
+        logger.debug(`[onToolCallResult] : ${JSON.stringify(result)}`);
+        const toolCallMessage = this.contextManager.processToolCallResult(result);
+        this.sender.broadcast(toolCallMessage);
+    }
+    async onToolCall(toolCall, agentTool) {
+        if (agentTool) {
+            // "Agent" tools are considered internal to the agent, and are always
+            // permitted.  Inform all clients and immediately approve.
+            this.sender.broadcast({
+                type: "tool_call",
+                tool_call: toolCall,
+                session_id: this.sessionUUID,
+            });
+            return true;
+        }
+        // TODO: Need a proper mapping to/from MCP calls to tool names
+        const [serverName, tool] = toolCall.function.name.split("__");
+        const { approved, requested } = await this.approvalManager.getApproval(serverName, tool, toolCall);
+        // For now, the frontend uses the tool_call data in the
+        // "approve_tool_call" request to display the tool call data.  If approval
+        // was requested in this way, don't send the "tool_call" message as well.
+        if (approved && !requested) {
+            this.sender.broadcast({
+                type: "tool_call",
+                tool_call: toolCall,
+                session_id: this.sessionUUID,
+            });
+        }
+        return approved;
+    }
+    onAgentMessage(msg, end) {
+        logger.debug(`[OpenSession.onAgentMessage] msg: ${msg}, end: ${String(end)}`);
+        // Inform the contextManager and broadcast the ServerAgentMessageChunk
+        const agentMsgChunk = this.contextManager.processAgentMessage(msg, end);
+        this.sender.broadcast(agentMsgChunk);
+        return Promise.resolve();
+    }
+    onReasoning(reasoning) {
+        return new Promise((r) => {
+            logger.debug(`[OpenSession.onReasoning]${reasoning}`);
+            if (reasoning.length > 0) {
+                this.sender.broadcast({
+                    type: "agent_reasoning_chunk",
+                    reasoning,
+                    session_id: this.sessionUUID,
+                });
+            }
+            r();
+        });
+    }
+}
+exports.ChatSessionAgentEventHandler = ChatSessionAgentEventHandler;
 /**
  * Describes a Session (conversation) with connected participants.
  *
@@ -54,7 +188,7 @@ class DBCheckpointWriter {
  * tool approvals and other interactions).
  */
 class OpenSession {
-    constructor(db, agent, sessionData, savedAgentProfile, isPersisted, sessionParticipants, agentProfilePreferences, skillManager, contextManager, connectionManager, approvalManager, fileManager) {
+    constructor(db, agent, sessionData, savedAgentProfile, isPersisted, sessionParticipants, agentProfilePreferences, skillManager, contextManager, sender, approvalManager, fileManager) {
         this.db = db;
         this.agent = agent;
         this.sessionUUID = sessionData.session_uuid;
@@ -65,7 +199,7 @@ class OpenSession {
         this.sessionParticipants = sessionParticipants;
         this.agentProfilePreferences = agentProfilePreferences;
         this.skillManager = skillManager;
-        this.connectionManager = connectionManager;
+        this.sender = sender;
         this.messageQueue = new asyncQueue_1.AsyncQueue((m) => this.processMessage(m));
         this.userMessageQueue = new multiAsyncQueue_1.MultiAsyncQueue((m) => this.processUserMessages(m));
         this.contextManager = contextManager;
@@ -81,23 +215,12 @@ class OpenSession {
     static async init(db, isPersisted, sessionData, savedAgentProfile, sessionMessages, sessionParticipants, ownerData, ownerApiKey, sessionCheckpoint, llmUrl, xmcpUrl, connectionManager) {
         const sessionId = sessionData.session_uuid;
         const fileManager = await sessionFileManager_1.ChatSessionFileManager.init(db, sessionId);
-        const contextManager = new chatContextManager_1.ChatContextManager(savedAgentProfile.profile.system_prompt, sessionMessages, sessionId, ownerData.uuid, sessionCheckpoint, llmUrl, savedAgentProfile.profile.model || DEFAULT_CHAT_LLM_MODEL, ownerApiKey, new DBCheckpointWriter(db, sessionId), fileManager);
-        if (sessionData.workspace) {
-            const ws = sessionData.workspace;
-            contextManager.setWorkspace((0, agent_1.createUserMessage)(ws.message, ws.imageB64));
-        }
-        const openSession = new OpenSession(db, {}, // Placeholder - will be replaced after agent creation
-        sessionData, savedAgentProfile, isPersisted, sessionParticipants, savedAgentProfile.preferences, {}, // Placeholder - will be replaced after agent creation
-        contextManager, connectionManager, new approvalManager_1.ApprovalManager(), fileManager);
-        // Initialize an empty agent (to ensure there are no callbacks before
-        // the OpenSession and client are fully set up).
-        const xmcpConfig = sdk_1.Configuration.new(ownerApiKey, xmcpUrl, false);
-        const [agent, skillManager] = await (0, agentUtils_1.createAgentWithoutSkills)(llmUrl, savedAgentProfile.profile, DEFAULT_CHAT_LLM_MODEL, openSession, openSession, contextManager, ownerApiKey, xmcpConfig, undefined, true);
-        await (0, tools_1.addDefaultChatTools)(agent, ownerData.timezone, openSession, fileManager, llmUrl, ownerApiKey);
-        // Update OpenSession with real agent and skillManager
-        openSession.agent = agent;
-        openSession.skillManager = skillManager;
-        await openSession.restoreMcpSettings(savedAgentProfile.profile.mcp_settings);
+        const sender = new ChatSessionMessageSender(connectionManager, sessionParticipants);
+        const platform = new ChatSessionPlatform(sender, sessionId, ownerData.uuid);
+        const toolApprovalManager = new approvalManager_1.ToolApprovalManager(sessionData.session_uuid, savedAgentProfile.uuid, savedAgentProfile.preferences, sender, new approvalManager_1.DbAgentPreferencesWriter(db));
+        const { agent, skillManager, contextManager } = await createContextAndAgent(sessionId, savedAgentProfile.profile.system_prompt, savedAgentProfile.profile.model || DEFAULT_CHAT_LLM_MODEL, sessionMessages, sessionData.workspace, sessionCheckpoint, ownerData, ownerApiKey, llmUrl, xmcpUrl, fileManager, sender, platform, toolApprovalManager);
+        const openSession = new OpenSession(db, agent, sessionData, savedAgentProfile, isPersisted, sessionParticipants, savedAgentProfile.preferences, skillManager, contextManager, sender, toolApprovalManager, fileManager);
+        // Note, MCP servers have not been enabled yet
         return openSession;
     }
     static async initWithEmptySession(db, sessionData, llmUrl, xmcpUrl, connectionManager) {
@@ -108,12 +231,19 @@ class OpenSession {
             throw new errors_1.ChatErrorMessage("failed finding owners default api key");
         }
         const sessionParticipants = new Map();
-        sessionParticipants.set(sessionData.user_uuid, {
-            user_uuid: sessionData.user_uuid,
-            nickname: ownerData.nickname || "",
-            email: ownerData.email,
-            role: "owner",
-        });
+        if (sessionData.participants && sessionData.participants.length > 0) {
+            sessionData.participants.forEach((p) => {
+                sessionParticipants.set(p.user_uuid, p);
+            });
+        }
+        else {
+            sessionParticipants.set(sessionData.user_uuid, {
+                user_uuid: sessionData.user_uuid,
+                nickname: ownerData.nickname || "",
+                email: ownerData.email,
+                role: "owner",
+            });
+        }
         return OpenSession.init(db, false /* isPersisted */, sessionData, savedAgentProfile, sessionMessages, sessionParticipants, ownerData, ownerApiKey, sessionCheckpoint, llmUrl, xmcpUrl, connectionManager);
     }
     static async initWithExistingSession(db, sessionId, llmUrl, xmcpUrl, connectionManager) {
@@ -141,14 +271,22 @@ class OpenSession {
     getParticipants() {
         return this.sessionParticipants;
     }
-    sendSessionData(connectionId, clientMessageId) {
+    async sendSessionData(connectionId, clientMessageId, restoreMcpState) {
         logger.info(`[SessionRegistry] sending session data for session ${this.sessionUUID}`);
         const sessionInfo = this.serverSessionInfo(clientMessageId);
-        this.connectionManager.sendToConnection(connectionId, sessionInfo);
+        const connMgr = this.sender.connectionManager;
+        connMgr.sendToConnection(connectionId, sessionInfo);
+        // This could be cleaner.  If the session has just been created, we must
+        // restore the mcp servers.  However, we cannot do that until the client
+        // has initialized itself (in case we need auth messages), hence it must
+        // happen at this stage, BEFORE we call sendMcpSettings below.
+        if (restoreMcpState) {
+            await this.restoreMcpSettings(this.savedAgentProfile.profile.mcp_settings);
+        }
         // send session file info
         const fileDescriptors = this.sessionFileManager.listFiles();
         fileDescriptors.forEach((descriptor) => {
-            this.connectionManager.sendToConnection(connectionId, {
+            connMgr.sendToConnection(connectionId, {
                 type: "session_file_changed",
                 session_id: this.sessionUUID,
                 descriptor,
@@ -158,18 +296,18 @@ class OpenSession {
         // send conversation history
         const conversationMessages = this.contextManager.getConversationMessages();
         conversationMessages.forEach((message) => {
-            this.connectionManager.sendToConnection(connectionId, message);
+            connMgr.sendToConnection(connectionId, message);
         });
         // add MCP settings
         this.sendMcpSettings(connectionId);
         // add system prompt and model
         const agentProfile = this.agent.getAgentProfile();
-        this.connectionManager.sendToConnection(connectionId, {
+        connMgr.sendToConnection(connectionId, {
             type: "system_prompt_updated",
             system_prompt: agentProfile.system_prompt,
             session_id: this.sessionUUID,
         });
-        this.connectionManager.sendToConnection(connectionId, {
+        connMgr.sendToConnection(connectionId, {
             type: "model_updated",
             model: agentProfile.model || "",
             session_id: this.sessionUUID,
@@ -212,7 +350,7 @@ class OpenSession {
                 }
             }
             catch (e) {
-                this.broadcast({
+                this.sender.broadcast({
                     type: "session_error",
                     message: `Error adding MCP server ${server_name}: ${String(e)}`,
                     session_id: this.sessionUUID,
@@ -230,10 +368,10 @@ class OpenSession {
     handleError(err, from) {
         const sendError = (msg) => {
             if (from) {
-                this.sendTo(from, msg);
+                this.sender.sendTo(from, msg);
             }
             else {
-                this.broadcast(msg);
+                this.sender.broadcast(msg);
             }
         };
         if (err instanceof errors_1.ChatFatalError) {
@@ -262,150 +400,9 @@ class OpenSession {
         }
         return true;
     }
-    broadcast(msg) {
-        const users = new Set(this.sessionParticipants.keys());
-        this.connectionManager.sendToUsers(users, msg);
-    }
-    sendTo(user_uuid, msg) {
-        this.connectionManager.sendToUsers(new Set([user_uuid]), msg);
-    }
-    // IPlatform.openUrl
-    openUrl(url, authResultP, display_name) {
-        // These requests are always passed to the original owner, since it is
-        // their settings that will be used for all MCP servers.
-        this.broadcast({
-            type: "authentication_started",
-            session_id: this.sessionUUID,
-            url,
-        });
-        this.sendTo(this.userUUID, {
-            type: "authenticate",
-            session_id: this.sessionUUID,
-            url,
-            display_name,
-        });
-        // TODO: auth timeout
-        // Don't stall this function waiting for authentication
-        void authResultP.then((result) => {
-            this.sendTo(this.userUUID, {
-                type: "authentication_finished",
-                session_id: this.sessionUUID,
-                url,
-                result,
-            });
-        });
-    }
-    // IPlatform.load
-    load(filename) {
-        if (process.env.DEVELOPMENT === "1") {
-            return nodePlatform_1.NODE_PLATFORM.load(filename);
-        }
-        throw new errors_1.ChatErrorMessage("Platform.load not implemented");
-    }
-    // IPlatform.renderHTML
-    renderHTML(html) {
-        return new Promise((r) => {
-            this.broadcast({
-                type: "render_html",
-                html,
-                session_id: this.sessionUUID,
-            });
-            r();
-        });
-    }
-    // IAgentEventHandler.onCompletion
-    onCompletion(result) {
-        logger.debug(`[OpenSession.onCompletion] : ${JSON.stringify(result)}`);
-        // Nothing to broadcast. Caller will receive this via onAgentMessage.
-        this.contextManager.processAgentResponse(result);
-    }
-    // IAgentEventHandler.onImage
-    onImage(image) {
-        logger.debug(`[OpenSession.onImage] : ${image.image_url.url}`);
-        throw new Error("[OpenSession.onImage] unimplemented");
-    }
-    // IAgentEventHandler.onToolCallResult
-    onToolCallResult(result) {
-        logger.debug(`[onToolCallResult] : ${JSON.stringify(result)}`);
-        const toolCallMessage = this.contextManager.processToolCallResult(result);
-        this.broadcast(toolCallMessage);
-    }
-    // IAgentEventHandler.onToolCall
-    async onToolCall(toolCall, agentTool) {
-        if (agentTool) {
-            // "Agent" tools are considered internal to the agent, and are always
-            // permitted.  Inform all clients and immediately approve.
-            this.broadcast({
-                type: "tool_call",
-                tool_call: toolCall,
-                session_id: this.sessionUUID,
-            });
-            return true;
-        }
-        // TODO: Need a proper mapping to/from MCP calls to tool names
-        const [serverName, tool] = toolCall.function.name.split("__");
-        const autoApproved = (0, sdk_1.prefsGetAutoApprove)(this.agentProfilePreferences, serverName, tool);
-        if (!autoApproved) {
-            const { id, resultP } = this.approvalManager.startApproval(toolCall.function.name);
-            this.broadcast({
-                type: "approve_tool_call",
-                id,
-                tool_call: toolCall,
-                session_id: this.sessionUUID,
-            });
-            try {
-                logger.debug(`[OpenSession.onToolCall] awaiting approval ${id}`);
-                const { approved, auto_approve } = await resultP;
-                logger.debug(`[OpenSession.onToolCall] approval ${id}: ${String(approved)}`);
-                if (auto_approve) {
-                    logger.debug("[OpenSession.onToolCall] auto_approve set. updated preferences");
-                    const autoApprovalMsg = await this.onSetAutoApproval(serverName, tool, true);
-                    if (autoApprovalMsg) {
-                        this.broadcast(autoApprovalMsg);
-                    }
-                }
-                return approved;
-            }
-            catch (e) {
-                logger.debug(`[OpenSession.onToolCall] error waiting for approval ${id}: ` +
-                    String(e));
-                return false;
-            }
-        }
-        else {
-            this.broadcast({
-                type: "tool_call",
-                tool_call: toolCall,
-                session_id: this.sessionUUID,
-            });
-            return true;
-        }
-    }
-    // IAgentEventHandler.onAgentMessage
-    // eslint-disable-next-line @typescript-eslint/require-await
-    async onAgentMessage(msg, end) {
-        logger.debug(`[OpenSession.onAgentMessage] msg: ${msg}, end: ${String(end)}`);
-        // Inform the contextManager and broadcast the ServerAgentMessageChunk
-        const agentMsgChunk = this.contextManager.processAgentMessage(msg, end);
-        this.broadcast(agentMsgChunk);
-    }
-    // IAgentEventHandler.onReasoning
-    onReasoning(reasoning) {
-        return new Promise((r) => {
-            logger.debug(`[OpenSession.onReasoning]${reasoning}`);
-            if (reasoning.length > 0) {
-                this.broadcast({
-                    type: "agent_reasoning_chunk",
-                    reasoning,
-                    session_id: this.sessionUUID,
-                });
-            }
-            r();
-        });
-    }
     // ISessionFileManagerEventHandler.onFileDeleted
     onFileDeleted(name) {
-        this.broadcast({
+        this.sender.broadcast({
             type: "session_file_deleted",
             session_id: this.sessionUUID,
             name,
@@ -413,7 +410,7 @@ class OpenSession {
     }
     // ISessionFileManagerEventHandler.onFileChanged
     onFileChanged(entry, new_file) {
-        this.broadcast({
+        this.sender.broadcast({
             type: "session_file_changed",
             session_id: this.sessionUUID,
             descriptor: {
@@ -435,7 +432,7 @@ class OpenSession {
         // Validate user is in session
         if (!this.sessionParticipants.get(from)) {
             logger.warn(`User ${from} not in session ${this.sessionUUID} - ignoring message`);
-            this.sendTo(from, {
+            this.sender.sendTo(from, {
                 type: "session_error",
                 message: "You are not a participant in this session",
                 session_id: this.sessionUUID,
@@ -445,7 +442,7 @@ class OpenSession {
         }
         // Enqueue message for processing
         if (!this.messageQueue.tryEnqueue({ msg: message, from })) {
-            this.sendTo(from, this.addSessionContext({
+            this.sender.sendTo(from, this.addSessionContext({
                 type: "session_error",
                 message: "message queue full. try again later",
                 client_message_id: message.client_message_id,
@@ -462,7 +459,7 @@ class OpenSession {
             const mcpServer = this.skillManager.getMcpServer(server_name);
             const tools = mcpServer.getTools();
             const enabled_tools = Array.from(mcpServer.getEnabledTools().keys());
-            this.connectionManager.sendToConnection(connectionId, {
+            this.sender.connectionManager.sendToConnection(connectionId, {
                 type: "mcp_server_added",
                 server_name,
                 tools,
@@ -485,7 +482,7 @@ class OpenSession {
             let broadcastMsg = undefined;
             switch (msg.type) {
                 case "msg":
-                    broadcastMsg = this.handleUserMessage(msg, queuedMessage.from);
+                    broadcastMsg = await this.handleUserMessage(msg, queuedMessage.from);
                     break;
                 case "add_mcp_server":
                     broadcastMsg = await this.handleAddMcpServer(msg.server_name, msg.enable_all);
@@ -506,14 +503,7 @@ class OpenSession {
                     broadcastMsg = await this.handleDisableAllMcpServerTools(msg.server_name);
                     break;
                 case "tool_call_approval_result":
-                    if (this.approvalManager.approvalResult(msg.id, msg.result, msg.auto_approve)) {
-                        broadcastMsg = {
-                            type: "tool_call_approval_result",
-                            id: msg.id,
-                            result: msg.result,
-                            session_id: this.sessionUUID,
-                        };
-                    }
+                    this.approvalManager.onApprovalResult(msg);
                     break;
                 case "session_file_get_content":
                     void this.handleSessionFileGetContent(msg, queuedMessage.from);
@@ -525,7 +515,7 @@ class OpenSession {
                     await this.handleSessionFilePutContent(msg);
                     break;
                 case "set_auto_approval":
-                    broadcastMsg = await this.onSetAutoApproval(msg.server_name, msg.tool, msg.auto_approve);
+                    broadcastMsg = await this.approvalManager.setAutoApprove(msg.server_name, msg.tool, msg.auto_approve);
                     break;
                 case "set_system_prompt":
                     broadcastMsg = await this.handleSetSystemPrompt(msg.system_prompt);
@@ -553,11 +543,11 @@ class OpenSession {
             if (broadcastMsg) {
                 if (broadcastMsg instanceof Array) {
                     broadcastMsg.map((msg) => {
-                        this.broadcast(msg);
+                        this.sender.broadcast(msg);
                     });
                 }
                 else {
-                    this.broadcast(broadcastMsg);
+                    this.sender.broadcast(broadcastMsg);
                 }
             }
         }
@@ -573,7 +563,7 @@ class OpenSession {
             await this.db.sessionUpdateAccessToken(this.sessionUUID, accessToken);
             this.accessToken = accessToken;
         }
-        this.sendTo(from, {
+        this.sender.sendTo(from, {
             type: "session_shared",
             access_token: this.accessToken,
             client_message_id: msg.client_message_id,
@@ -604,13 +594,9 @@ class OpenSession {
         this.contextManager.addMessages(llmUserMessages);
         return this.contextManager.endAgentResponse();
     }
-    /**
-     * `processUserMessage` logic when agent is active.  Start the Agent loop,
-     * adding all agent messages to the context. Extract the new DB messages.
-     */
     async processUserMessagesActive(msgs) {
         const { llmUserMessages, agentFirstChunk } = this.contextManager.startAgentResponse(msgs);
-        this.broadcast(agentFirstChunk);
+        this.sender.broadcast(agentFirstChunk);
         try {
             await this.agent.userMessagesRaw(llmUserMessages);
         }
@@ -618,20 +604,18 @@ class OpenSession {
             logger.warn(`[OpenSession.processUserMessages] agent error: ${String(e)}`);
             // Errors during agent replies must be turned into messages.
             const errMsg = `error from LLM: ${String(e)}`;
-            await this.onAgentMessage(errMsg, true);
-            const err = this.contextManager.revertAgentResponse(errMsg);
-            this.broadcast(err);
-            // return await this.processuserMessagesActive(msgs);
+            this.contextManager.revertAgentResponse(errMsg);
+            throw new Error(errMsg);
         }
         return this.contextManager.endAgentResponse();
     }
     async processUserMessages(msgs) {
-        const newSessionMessages = this.agentPaused
-            ? this.processUserMessagePaused(msgs)
-            : await this.processUserMessagesActive(msgs);
-        logger.debug("[processUserMessages] newSessionMessages: " +
-            JSON.stringify(newSessionMessages));
         try {
+            const newSessionMessages = this.agentPaused
+                ? this.processUserMessagePaused(msgs)
+                : await this.processUserMessagesActive(msgs);
+            logger.debug("[processUserMessages] newSessionMessages: " +
+                JSON.stringify(newSessionMessages));
             // Append to in-memory conversation and write to the DB
             const dbsm = this.db.createTypedClient(dbSessionMessages_1.DbSessionMessages);
             await dbsm.append(this.sessionUUID, newSessionMessages);
@@ -642,28 +626,32 @@ class OpenSession {
             }
         }
     }
-    handleUserMessage(msg, from) {
+    async handleUserMessage(msg, from) {
         // Return a ServerUserMessage for broadcast.  The actual message is places
         // on a queue to be dealt with in another loop.  This allows Agent
         // processing of user messages to depend on other messages.
         (0, assert_1.strict)(msg);
         (0, assert_1.strict)(from);
         // Assign the user message_idx and attempt to enqueue.
-        const userMessage = this.contextManager.processUserMessage(msg, from);
+        const user = this.sessionParticipants.get(from);
+        if (!user) {
+            throw new Error(`unrecognized user ${from}`);
+        }
+        const userMessage = this.contextManager.processUserMessage(msg, from, user.nickname);
         if (!userMessage) {
             return;
         }
         // Special case for the first message of the session
         if (userMessage.message_idx === conversation_1.MESSAGE_INDEX_START_VALUE) {
             // No need to wait for this to complete before broadcasting.
-            void this.onFirstMessage(userMessage);
+            await this.onFirstMessage(userMessage);
         }
         if (!this.userMessageQueue.tryEnqueue(userMessage)) {
             // We failed to enqueue - revert the `getNextMessageIdx`
             // NOTE: Nothing should await between `getNextMessageIdx` and
             // `freeMessageIdx` here.
             this.contextManager.unprocessUserMessage(userMessage);
-            this.sendTo(from, {
+            this.sender.sendTo(from, {
                 type: "session_error",
                 message: "failed to queue message.  try again later.",
                 session_id: this.sessionUUID,
@@ -703,13 +691,28 @@ class OpenSession {
             await this.db.sessionUpdateTitle(this.sessionUUID, this.sessionTitle);
         }
         (0, assert_1.strict)(this.isPersisted);
-        // Broadcast the SessionUpdated message
-        const msg = {
-            type: "session_update",
-            session_id: this.sessionUUID,
-            title: this.sessionTitle,
-        };
-        this.broadcast(msg);
+        // Send session created notification
+        const sessionInfo = this.serverSessionInfo("");
+        if (this.teamUUID) {
+            // Team session: notify all members about the new session
+            try {
+                const teamMembers = await this.db.teamGetMembers(this.teamUUID);
+                const teamMemberIds = new Set(teamMembers.map((m) => m.user_uuid));
+                this.sender.connectionManager.sendToUsers(teamMemberIds, sessionInfo);
+                logger.info(`[OpenSession] notified ${String(teamMemberIds.size)} team members` +
+                    ` about new session ${this.sessionUUID} in team ${this.teamUUID}`);
+            }
+            catch (error) {
+                logger.error("[OpenSession] Error notifying team members about session" +
+                    `${this.sessionUUID}: ${String(error)}`);
+            }
+        }
+        else {
+            // If this is a user session, notify the session owner
+            this.sender.connectionManager.sendToUsers(new Set([this.userUUID]), sessionInfo);
+            logger.info(`[OpenSession] notified session owner ${this.userUUID} about ` +
+                `new session ${this.sessionUUID}`);
+        }
     }
     async handleAddMcpServer(serverName, enableAll) {
         logger.info(`[onAddMcpServer]: Adding server ${serverName} ` +
@@ -862,7 +865,7 @@ class OpenSession {
             name: msg.name,
             data_url,
         };
-        this.sendTo(from, contentMsg);
+        this.sender.sendTo(from, contentMsg);
     }
     async handleSessionFileDelete(msg) {
         await this.sessionFileManager.deleteFile(msg.name);
@@ -882,18 +885,6 @@ class OpenSession {
         // `ISessionFileManagerEventHandler.onFileChanged` if the deletion
         // succeeds.  We broadcast in that callback.
     }
-    async onSetAutoApproval(serverName, tool, autoApprove) {
-        if ((0, sdk_1.prefsSetAutoApprove)(this.agentProfilePreferences, serverName, tool, autoApprove)) {
-            await this.db.updateAgentProfilePreferences(this.agentProfileUUID, this.agentProfilePreferences);
-            return {
-                type: "tool_auto_approval_set",
-                server_name: serverName,
-                tool,
-                auto_approve: autoApprove,
-                session_id: this.sessionUUID,
-            };
-        }
-    }
     ensureMcpServer(serverName) {
         return this.skillManager.getMcpServer(serverName);
     }
@@ -916,18 +907,18 @@ class OpenSession {
      * This only updates the local participant map - actual membership
      * tracking is handled by SessionRegistry.
      */
-    addParticipant(userId, role) {
-        this.sessionParticipants.set(userId, role);
+    addParticipant(userId, participant) {
+        this.sessionParticipants.set(userId, participant);
         // Broadcast result to all session participants
         const broadcastMessage = {
             type: "user_added",
             user_uuid: userId,
             role: "participant",
-            nickname: role.nickname,
-            email: role.email,
+            nickname: participant.nickname,
+            email: participant.email,
             session_id: this.sessionUUID,
         };
-        this.broadcast(broadcastMessage);
+        this.sender.broadcast(broadcastMessage);
     }
     /**
      * Remove participant from session (called by SessionRegistry).
@@ -942,7 +933,7 @@ class OpenSession {
             user_uuid: userId,
             session_id: this.sessionUUID,
         };
-        this.broadcast(broadcastMessage);
+        this.sender.broadcast(broadcastMessage);
     }
     getSessionParticipants() {
         return Array.from(this.sessionParticipants.entries()).map(([userId, user]) => ({
@@ -1029,3 +1020,15 @@ async function loadSessionData(db, sessionId) {
         sessionParticipants: (0, database_1.createSessionParticipantMap)(sessionParticipants),
     };
 }
+async function createContextAndAgent(sessionUUID, systemPrompt, model, sessionMessages, workspace, sessionCheckpoint, ownerData, ownerApiKey, llmUrl, xmcpUrl, fileManager, sender, platform, approvalManager) {
+    const contextManager = new chatContextManager_1.ChatContextManager(systemPrompt, sessionMessages, sessionUUID, ownerData.uuid, sessionCheckpoint, llmUrl, model, ownerApiKey, undefined, // TODO
+    fileManager);
+    if (workspace) {
+        contextManager.setWorkspace((0, agent_1.createUserMessage)(workspace.message, workspace.imageB64));
+    }
+    const eventHandler = new ChatSessionAgentEventHandler(sessionUUID, sender, approvalManager, contextManager);
+    const xmcpConfig = sdk_1.Configuration.new(ownerApiKey, xmcpUrl, false);
+    const [agent, skillManager] = await (0, agentUtils_1.createAgentWithoutSkills)(llmUrl, model, eventHandler, platform, contextManager, ownerApiKey, xmcpConfig, undefined, true);
+    await (0, tools_1.addDefaultChatTools)(agent, ownerData.timezone, platform, fileManager, llmUrl, ownerApiKey);
+    return { agent, skillManager, contextManager };
+}