leedab 0.1.8 → 0.2.0

package/dist/dashboard/static/index.html

@@ -80,24 +80,6 @@
       letter-spacing: -0.01em;
     }
 
-    .header-badge {
-      display: flex;
-      align-items: center;
-      gap: 5px;
-      padding: 3px 8px;
-      background: rgba(34, 197, 94, 0.1);
-      border-radius: 20px;
-      font-size: 11px;
-      color: var(--green);
-      font-weight: 500;
-    }
-
-    .header-badge-dot {
-      width: 6px;
-      height: 6px;
-      border-radius: 50%;
-      background: var(--green);
-    }
 
     .header-nav {
       display: flex;
@@ -533,18 +515,14 @@
 <body>
   <div class="header">
     <div class="header-left">
-      <span class="header-title">LeedAB</span>
-      <div class="header-badge">
-        <div class="header-badge-dot"></div>
-        On
-      </div>
+      <a href="/" class="header-title" style="text-decoration:none;color:inherit">LeedAB</a>
     </div>
     <div class="header-nav">
-      <a href="/console.html">
+      <a href="/admin">
         <svg width="14" height="14" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round">
-          <rect x="2" y="3" width="20" height="14" rx="2" ry="2"/><line x1="8" y1="21" x2="16" y2="21"/><line x1="12" y1="17" x2="12" y2="21"/>
+          <path d="M17 21v-2a4 4 0 0 0-4-4H5a4 4 0 0 0-4 4v2"/><circle cx="9" cy="7" r="4"/><path d="M23 21v-2a4 4 0 0 0-3-3.87"/><path d="M16 3.13a4 4 0 0 1 0 7.75"/>
         </svg>
-        Console
+        Admin
       </a>
       <a href="/sessions.html">
         <svg width="14" height="14" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round">

package/dist/dashboard/static/sessions.html

@@ -20,17 +20,9 @@
 
   <div class="page-header">
     <div class="page-header-left">
-      <span class="page-header-title">Sessions</span>
+      <a href="/" class="page-header-title" style="text-decoration:none;color:inherit">LeedAB</a>
     </div>
     <div class="page-nav">
-      <a href="/">
-        <svg width="14" height="14" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="m22 2-7 20-4-9-9-4 20-7Z"/><path d="M22 2 11 13"/></svg>
-        Chat
-      </a>
-      <a href="/console.html">
-        <svg width="14" height="14" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><rect x="2" y="3" width="20" height="14" rx="2" ry="2"/><line x1="8" y1="21" x2="16" y2="21"/><line x1="12" y1="17" x2="12" y2="21"/></svg>
-        Console
-      </a>
       <button class="theme-btn" onclick="toggleTheme()" title="Toggle theme">
         <svg id="theme-icon-sun" width="14" height="14" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><circle cx="12" cy="12" r="5"/><line x1="12" y1="1" x2="12" y2="3"/><line x1="12" y1="21" x2="12" y2="23"/><line x1="4.22" y1="4.22" x2="5.64" y2="5.64"/><line x1="18.36" y1="18.36" x2="19.78" y2="19.78"/><line x1="1" y1="12" x2="3" y2="12"/><line x1="21" y1="12" x2="23" y2="12"/><line x1="4.22" y1="19.78" x2="5.64" y2="18.36"/><line x1="18.36" y1="5.64" x2="19.78" y2="4.22"/></svg>
         <svg id="theme-icon-moon" width="14" height="14" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round" style="display:none"><path d="M21 12.79A9 9 0 1 1 11.21 3 7 7 0 0 0 21 12.79z"/></svg>
@@ -83,6 +75,16 @@
       color: var(--text-dim);
     }
 
+    .session-summary {
+      color: var(--text-secondary) !important;
+      font-size: 13px !important;
+      margin-bottom: 2px;
+      overflow: hidden;
+      text-overflow: ellipsis;
+      white-space: nowrap;
+      max-width: 500px;
+    }
+
     .session-meta {
       font-size: 12px;
       color: var(--text-faint);
@@ -140,28 +142,22 @@
           const date = s.updatedAt ? new Date(s.updatedAt).toLocaleDateString("en-US", {
             month: "short", day: "numeric", hour: "numeric", minute: "2-digit"
           }) : "";
-          // Derive channel and label from key like "agent:main:telegram:direct:123"
+          // Derive channel from key like "agent:main:telegram:direct:123"
           const parts = (s.key || "").split(":");
           let channel = "console";
-          let label = s.key || s.sessionId || "unknown";
-          if (parts[2] === "telegram") {
-            channel = "telegram";
-            label = parts.slice(2).join(":");
-          } else if (parts[2] === "cron") {
-            channel = "cron";
-            label = parts.slice(2).join(":");
-          } else if (parts[2] === "subagent") {
-            channel = "subagent";
-            label = parts.slice(2).join(":");
-          } else if (parts.length >= 3) {
-            label = parts.slice(2).join(":");
-          }
+          if (parts[2] === "telegram") channel = "telegram";
+          else if (parts[2] === "cron") channel = "cron";
+          else if (parts[2] === "subagent") channel = "subagent";
+
+          const title = s.senderName || channel;
+          const summary = s.summary ? escapeHtml(s.summary) : "";
           const tokens = s.totalTokens != null ? `${(s.totalTokens / 1000).toFixed(1)}k tokens` : "";
           const sid = s.sessionId || s.key || "";
           return `
             <a class="session-item" href="/?session=${encodeURIComponent(sid)}">
               <div class="session-info">
-                <h3>${escapeHtml(label)}</h3>
+                <h3>${escapeHtml(title)}</h3>
+                ${summary ? `<p class="session-summary">${summary}</p>` : ""}
                 <p>${escapeHtml(s.model || "")} ${tokens ? "· " + tokens : ""}</p>
               </div>
               <div class="session-meta">

package/dist/license.d.ts

@@ -6,6 +6,9 @@ export interface LicenseInfo {
     seatsUsed: number;
     maxSeats: number;
     validatedAt: string;
+    email?: string;
+    name?: string;
+    orgName?: string;
 }
 /**
  * Validate a license key against the API.

package/dist/license.js

@@ -2,8 +2,10 @@ import { readFile, writeFile, mkdir } from "node:fs/promises";
 import { resolve } from "node:path";
 import { STATE_DIR } from "./paths.js";
 const LICENSE_PATH = resolve(STATE_DIR, "license.json");
-const VERIFY_URL = "https://api.leedab.com/api/v1/licensing/verify";
+const API_URL = process.env.LEEDAB_API_URL || "https://api.leedab.com/api/v1";
+const VERIFY_URL = `${API_URL}/licensing/verify`;
 const REVALIDATE_DAYS = 7;
+const REVALIDATE_DAYS_TRIAL = 1;
 /**
  * Validate a license key against the API.
  */
@@ -14,6 +16,7 @@ export async function validateLicenseKey(key) {
             Authorization: `Bearer ${key}`,
             "Content-Type": "application/json",
         },
+        signal: AbortSignal.timeout(8000),
     });
     if (!res.ok) {
         return {
@@ -35,6 +38,9 @@ export async function validateLicenseKey(key) {
         seatsUsed: data.seats_used ?? 0,
         maxSeats: data.max_seats ?? 1,
         validatedAt: new Date().toISOString(),
+        email: data.email ?? undefined,
+        name: data.name ?? undefined,
+        orgName: data.org_name ?? undefined,
     };
 }
 /**
@@ -63,7 +69,8 @@ function isStale(license) {
     const validated = new Date(license.validatedAt).getTime();
     const now = Date.now();
     const daysSince = (now - validated) / (1000 * 60 * 60 * 24);
-    return daysSince > REVALIDATE_DAYS;
+    const maxDays = license.status === "trialing" ? REVALIDATE_DAYS_TRIAL : REVALIDATE_DAYS;
+    return daysSince > maxDays;
 }
 /**
  * Ensure we have a valid license. Returns the license if valid.
@@ -74,8 +81,10 @@ export async function ensureLicense() {
     const cached = await loadLicense();
     if (!cached)
         return null;
+    // Re-validate if fresh but missing fields added after initial cache (one-time migration).
+    const needsMigration = cached.valid && !cached.email;
     // If cached and fresh, trust it
-    if (cached.valid && !isStale(cached)) {
+    if (cached.valid && !isStale(cached) && !needsMigration) {
         return cached;
     }
     // Revalidate

package/dist/team/permissions.d.ts

@@ -0,0 +1,65 @@
+/**
+ * Local team store. This is the single source of truth for who can reach the
+ * agent and what they can run. No cloud membership is required.
+ *
+ * Shape persisted at ~/.leedab/team-permissions.json:
+ * {
+ *   "version": 2,
+ *   "members": {
+ *     "<uuid>": {
+ *       "name": "Jane",
+ *       "email": "jane@example.com",   // optional
+ *       "role": "member",
+ *       "joined_at": "2026-04-13T...",
+ *       "handles": { "telegram": "6549960466" },
+ *       "allowedWorkflows": [],
+ *       "allowedChannels": ["telegram"]
+ *     }
+ *   }
+ * }
+ */
+export declare const OVERLAY_PATH: string;
+export type ChannelName = "whatsapp" | "telegram" | "teams" | "dashboard";
+export type MemberRole = "owner" | "admin" | "member";
+export interface MemberHandles {
+    whatsapp?: string;
+    telegram?: string;
+    teams?: string;
+}
+export interface MemberPermissions {
+    name: string;
+    email?: string;
+    role: MemberRole;
+    joined_at: string;
+    handles: MemberHandles;
+    allowedWorkflows: string[];
+    allowedChannels: ChannelName[];
+}
+export interface Overlay {
+    version: 2;
+    members: Record<string, MemberPermissions>;
+}
+export declare const EMPTY_PERMISSIONS: Omit<MemberPermissions, "name" | "role" | "joined_at">;
+export declare function readOverlay(): Promise<Overlay>;
+/** Atomic write: write a sibling temp file then rename. */
+export declare function writeOverlay(overlay: Overlay): Promise<void>;
+export declare function getMemberPermissions(memberId: string): Promise<MemberPermissions | null>;
+/** Update only the permission fields (handles/workflows/channels) for an existing member. */
+export declare function setMemberPermissions(memberId: string, perms: Partial<Pick<MemberPermissions, "handles" | "allowedWorkflows" | "allowedChannels">>): Promise<MemberPermissions | null>;
+/** Add a new member and return their full record including generated id. */
+export declare function addLocalMember(data: {
+    name: string;
+    email?: string;
+    role: MemberRole;
+}): Promise<{
+    id: string;
+} & MemberPermissions>;
+/** Remove a member. Returns true if the member existed. */
+export declare function removeLocalMember(id: string): Promise<boolean>;
+/** Update a member's role. */
+export declare function setMemberRole(id: string, role: MemberRole): Promise<boolean>;
+/** Update a member's identity fields (name, email). */
+export declare function updateMemberIdentity(id: string, fields: {
+    name?: string;
+    email?: string;
+}): Promise<void>;

package/dist/team/permissions.js

@@ -0,0 +1,138 @@
+import { readFile, writeFile, rename, mkdir } from "node:fs/promises";
+import { randomUUID } from "node:crypto";
+import { resolve, dirname } from "node:path";
+import { STATE_DIR } from "../paths.js";
+/**
+ * Local team store. This is the single source of truth for who can reach the
+ * agent and what they can run. No cloud membership is required.
+ *
+ * Shape persisted at ~/.leedab/team-permissions.json:
+ * {
+ *   "version": 2,
+ *   "members": {
+ *     "<uuid>": {
+ *       "name": "Jane",
+ *       "email": "jane@example.com",   // optional
+ *       "role": "member",
+ *       "joined_at": "2026-04-13T...",
+ *       "handles": { "telegram": "6549960466" },
+ *       "allowedWorkflows": [],
+ *       "allowedChannels": ["telegram"]
+ *     }
+ *   }
+ * }
+ */
+export const OVERLAY_PATH = resolve(STATE_DIR, "team-permissions.json");
+export const EMPTY_PERMISSIONS = {
+    handles: {},
+    allowedWorkflows: [],
+    allowedChannels: [],
+};
+function emptyOverlay() {
+    return { version: 2, members: {} };
+}
+export async function readOverlay() {
+    try {
+        const raw = await readFile(OVERLAY_PATH, "utf-8");
+        const parsed = JSON.parse(raw);
+        if (!parsed || typeof parsed !== "object" || !parsed.members) {
+            return emptyOverlay();
+        }
+        // Migrate v1 entries (no name/role/joined_at) gracefully
+        const members = {};
+        for (const [id, entry] of Object.entries(parsed.members)) {
+            members[id] = {
+                name: entry.name ?? entry.username ?? id.slice(0, 8),
+                email: entry.email,
+                role: entry.role ?? "member",
+                joined_at: entry.joined_at ?? new Date().toISOString(),
+                handles: entry.handles ?? {},
+                allowedWorkflows: entry.allowedWorkflows ?? [],
+                allowedChannels: entry.allowedChannels ?? [],
+            };
+        }
+        return { version: 2, members };
+    }
+    catch {
+        return emptyOverlay();
+    }
+}
+/** Atomic write: write a sibling temp file then rename. */
+export async function writeOverlay(overlay) {
+    await mkdir(dirname(OVERLAY_PATH), { recursive: true });
+    const tmp = `${OVERLAY_PATH}.${process.pid}.tmp`;
+    await writeFile(tmp, JSON.stringify(overlay, null, 2) + "\n", "utf-8");
+    await rename(tmp, OVERLAY_PATH);
+}
+export async function getMemberPermissions(memberId) {
+    const overlay = await readOverlay();
+    return overlay.members[memberId] ?? null;
+}
+/** Update only the permission fields (handles/workflows/channels) for an existing member. */
+export async function setMemberPermissions(memberId, perms) {
+    const overlay = await readOverlay();
+    const existing = overlay.members[memberId];
+    if (!existing)
+        return null;
+    const updated = {
+        ...existing,
+        handles: perms.handles !== undefined
+            ? { ...existing.handles, ...perms.handles }
+            : existing.handles,
+        allowedWorkflows: perms.allowedWorkflows !== undefined
+            ? [...perms.allowedWorkflows]
+            : existing.allowedWorkflows,
+        allowedChannels: perms.allowedChannels !== undefined
+            ? [...perms.allowedChannels]
+            : existing.allowedChannels,
+    };
+    overlay.members[memberId] = updated;
+    await writeOverlay(overlay);
+    return updated;
+}
+/** Add a new member and return their full record including generated id. */
+export async function addLocalMember(data) {
+    const overlay = await readOverlay();
+    const id = randomUUID();
+    const member = {
+        name: data.name.trim(),
+        email: data.email?.trim().toLowerCase() || undefined,
+        role: data.role,
+        joined_at: new Date().toISOString(),
+        handles: {},
+        allowedWorkflows: [],
+        allowedChannels: [],
+    };
+    overlay.members[id] = member;
+    await writeOverlay(overlay);
+    return { id, ...member };
+}
+/** Remove a member. Returns true if the member existed. */
+export async function removeLocalMember(id) {
+    const overlay = await readOverlay();
+    if (!overlay.members[id])
+        return false;
+    delete overlay.members[id];
+    await writeOverlay(overlay);
+    return true;
+}
+/** Update a member's role. */
+export async function setMemberRole(id, role) {
+    const overlay = await readOverlay();
+    if (!overlay.members[id])
+        return false;
+    overlay.members[id].role = role;
+    await writeOverlay(overlay);
+    return true;
+}
+/** Update a member's identity fields (name, email). */
+export async function updateMemberIdentity(id, fields) {
+    const overlay = await readOverlay();
+    if (!overlay.members[id])
+        return;
+    if (fields.name)
+        overlay.members[id].name = fields.name;
+    if (fields.email !== undefined)
+        overlay.members[id].email = fields.email;
+    await writeOverlay(overlay);
+}

package/dist/team/syncAllowlists.d.ts

@@ -0,0 +1,7 @@
+/**
+ * Rebuild per-channel allowlists in openclaw.json from the team overlay.
+ * The overlay is the source of truth; this writer is idempotent.
+ */
+export declare function syncAllowlists(options?: {
+    restart?: boolean;
+}): Promise<void>;

package/dist/team/syncAllowlists.js

@@ -0,0 +1,62 @@
+import { readFile, writeFile } from "node:fs/promises";
+import { resolve } from "node:path";
+import { execFile } from "node:child_process";
+import { promisify } from "node:util";
+import { STATE_DIR } from "../paths.js";
+import { resolveOpenClawBin, openclawEnv } from "../openclaw.js";
+import { readOverlay } from "./permissions.js";
+const execFileAsync = promisify(execFile);
+const MESSAGING_CHANNELS = ["whatsapp", "telegram", "teams"];
+/**
+ * Rebuild per-channel allowlists in openclaw.json from the team overlay.
+ * The overlay is the source of truth; this writer is idempotent.
+ */
+export async function syncAllowlists(options = {}) {
+    const configPath = resolve(STATE_DIR, "openclaw.json");
+    let config;
+    try {
+        const raw = await readFile(configPath, "utf-8");
+        config = JSON.parse(raw);
+    }
+    catch {
+        // No config yet — nothing to sync into.
+        return;
+    }
+    if (!config.channels)
+        config.channels = {};
+    const overlay = await readOverlay();
+    for (const channel of MESSAGING_CHANNELS) {
+        const handles = [];
+        for (const perms of Object.values(overlay.members)) {
+            if (!perms.allowedChannels?.includes(channel))
+                continue;
+            const handle = perms.handles[channel];
+            if (handle && handle.trim())
+                handles.push(handle.trim());
+        }
+        if (!config.channels[channel]) {
+            // Channel not registered locally; skip — we don't want to invent it.
+            continue;
+        }
+        const deduped = Array.from(new Set(handles));
+        config.channels[channel].allowFrom = deduped;
+        // allowlist with an empty list is invalid in openclaw ≥2026.3.31;
+        // an empty set is semantically equivalent to blocking anyway.
+        config.channels[channel].dmPolicy = deduped.length > 0 ? "allowlist" : "disabled";
+    }
+    await writeFile(configPath, JSON.stringify(config, null, 2) + "\n");
+    if (options.restart !== false) {
+        await restartGatewayQuietly();
+    }
+}
+async function restartGatewayQuietly() {
+    try {
+        const bin = resolveOpenClawBin();
+        const env = openclawEnv(STATE_DIR);
+        await execFileAsync(bin, ["gateway", "health"], { env, timeout: 3000 });
+        await execFileAsync(bin, ["gateway", "restart"], { env, timeout: 10000 });
+    }
+    catch {
+        // Gateway not running — nothing to restart.
+    }
+}

package/dist/team.d.ts

@@ -1,17 +1,20 @@
-export type Role = "admin" | "member" | "owner";
+import { type ChannelName, type MemberHandles, type MemberRole } from "./team/permissions.js";
+export type Role = MemberRole;
 export interface TeamMember {
     id: string;
-    user_id: number;
-    email: string;
-    username: string;
+    name: string;
+    email?: string;
     role: Role;
     joined_at: string;
+    handles: MemberHandles;
+    allowedWorkflows: string[];
+    allowedChannels: ChannelName[];
 }
 export declare function loadTeam(): Promise<TeamMember[]>;
-export declare function addMember(member: {
+export declare function addMember(data: {
     name: string;
-    email: string;
+    email?: string;
     role: Role;
 }): Promise<TeamMember>;
-export declare function removeMember(memberId: string): Promise<boolean>;
+export declare function removeMember(id: string): Promise<boolean>;
 export declare function updateRole(memberId: string, role: Role): Promise<boolean>;

package/dist/team.js

@@ -1,75 +1,69 @@
-import { loadLicense } from "./license.js";
-const API_URL = "https://api.leedab.com/api/v1";
-/**
- * Get the license key for API auth.
- */
-async function getAuthHeader() {
-    const license = await loadLicense();
-    if (!license?.key) {
-        throw new Error("No license key found. Run `leedab onboard` first.");
-    }
-    return {
-        Authorization: `Bearer ${license.key}`,
-        "Content-Type": "application/json",
-    };
-}
-/**
- * Get the user's organization slug.
- */
-async function getOrgSlug(headers) {
-    const res = await fetch(`${API_URL}/organizations`, { headers });
-    if (!res.ok) {
-        throw new Error("Failed to fetch organizations.");
-    }
-    const data = await res.json();
-    if (!data.length) {
-        throw new Error("No organization found. Create one in the dashboard first.");
-    }
-    return data[0].slug;
-}
+import { userInfo } from "node:os";
+import { readOverlay, addLocalMember, removeLocalMember, setMemberRole, updateMemberIdentity, } from "./team/permissions.js";
+import { ensureLicense } from "./license.js";
 export async function loadTeam() {
-    const headers = await getAuthHeader();
-    const slug = await getOrgSlug(headers);
-    const res = await fetch(`${API_URL}/organizations/${slug}/members/`, { headers });
-    if (!res.ok) {
-        throw new Error("Failed to fetch team members.");
+    const overlay = await readOverlay();
+    const entries = Object.entries(overlay.members);
+    // ensureLicense re-validates if email/name fields are missing (one-time migration).
+    const license = await ensureLicense().catch(() => null);
+    const licenseEmail = license?.email;
+    const licenseName = license?.name || licenseEmail?.split("@")[0];
+    // Seed the install owner on first use so they always appear in the list.
+    if (entries.length === 0) {
+        const owner = await addLocalMember({
+            name: licenseName || userInfo().username,
+            email: licenseEmail,
+            role: "owner",
+        });
+        return [{
+                id: owner.id,
+                name: owner.name,
+                email: owner.email,
+                role: owner.role,
+                joined_at: owner.joined_at,
+                handles: owner.handles,
+                allowedWorkflows: owner.allowedWorkflows,
+                allowedChannels: owner.allowedChannels,
+            }];
     }
-    const data = await res.json();
-    return data.members;
-}
-export async function addMember(member) {
-    const headers = await getAuthHeader();
-    const slug = await getOrgSlug(headers);
-    const res = await fetch(`${API_URL}/organizations/${slug}/invites/`, {
-        method: "POST",
-        headers,
-        body: JSON.stringify({
-            email: member.email,
-            role: member.role,
-        }),
-    });
-    if (!res.ok) {
-        const err = await res.json().catch(() => ({}));
-        throw new Error(err.error || "Failed to add team member.");
+    // Auto-update owner entry if it was seeded with the OS username before
+    // license name/email were available.
+    if (licenseName && licenseName !== userInfo().username) {
+        const ownerEntry = entries.find(([, m]) => m.role === "owner" && m.name === userInfo().username);
+        if (ownerEntry) {
+            await updateMemberIdentity(ownerEntry[0], { name: licenseName, email: licenseEmail });
+            ownerEntry[1].name = licenseName;
+            if (licenseEmail)
+                ownerEntry[1].email = licenseEmail;
+        }
     }
-    return await res.json();
+    return entries.map(([id, m]) => ({
+        id,
+        name: m.name,
+        email: m.email,
+        role: m.role,
+        joined_at: m.joined_at,
+        handles: { ...m.handles },
+        allowedWorkflows: [...m.allowedWorkflows],
+        allowedChannels: [...m.allowedChannels],
+    }));
+}
+export async function addMember(data) {
+    const result = await addLocalMember(data);
+    return {
+        id: result.id,
+        name: result.name,
+        email: result.email,
+        role: result.role,
+        joined_at: result.joined_at,
+        handles: result.handles,
+        allowedWorkflows: result.allowedWorkflows,
+        allowedChannels: result.allowedChannels,
+    };
 }
-export async function removeMember(memberId) {
-    const headers = await getAuthHeader();
-    const slug = await getOrgSlug(headers);
-    const res = await fetch(`${API_URL}/organizations/${slug}/members/${memberId}/`, {
-        method: "DELETE",
-        headers,
-    });
-    return res.ok;
+export async function removeMember(id) {
+    return removeLocalMember(id);
 }
 export async function updateRole(memberId, role) {
-    const headers = await getAuthHeader();
-    const slug = await getOrgSlug(headers);
-    const res = await fetch(`${API_URL}/organizations/${slug}/members/${memberId}/`, {
-        method: "PUT",
-        headers,
-        body: JSON.stringify({ role }),
-    });
-    return res.ok;
+    return setMemberRole(memberId, role);
 }

package/dist/templates/verticals/supply-chain/WORKFLOWS.md

@@ -22,6 +22,7 @@ When you write a Python script to generate a document from a template, save thes
 
 ---
 
+<a id="payroll_calculator"></a>
 ## 1. Payroll Calculator
 
 **Trigger:** User says "run payroll", "calculate payroll", "process payroll for [period]", or uploads attendance/salary files.
@@ -45,6 +46,7 @@ When you write a Python script to generate a document from a template, save thes
 
 ---
 
+<a id="credit_note_generator"></a>
 ## 2. Credit Note Generator
 
 **Trigger:** User says "generate credit notes", "create credit notes for [period]", or uploads deduction data.
@@ -72,6 +74,7 @@ When you write a Python script to generate a document from a template, save thes
 
 ---
 
+<a id="deduction_reconciler"></a>
 ## 3. Deduction Reconciler
 
 **Trigger:** User says "reconcile deductions", "check deductions", or uploads credit notes + payout sheets.
@@ -96,6 +99,7 @@ When you write a Python script to generate a document from a template, save thes
 
 ---
 
+<a id="attendance_importer"></a>
 ## 4. Attendance Importer
 
 **Trigger:** User says "import attendance", "process attendance for [period]", or uploads client attendance sheets.
@@ -121,6 +125,7 @@ When you write a Python script to generate a document from a template, save thes
 
 ---
 
+<a id="driver_clearance"></a>
 ## 5. Driver Clearance
 
 **Trigger:** User says "process clearance", "driver offboarding", or uploads clearance data.