palaryn 0.1.0 → 0.3.2

package/src/saas/routes.ts

@@ -0,0 +1,2178 @@
+import { Router, Request, Response } from 'express';
+import * as crypto from 'crypto';
+import { randomUUID } from 'crypto';
+import { GatewayConfig } from '../types/config';
+import {
+  UserStore, WorkspaceStore, WorkspaceMemberStore,
+  UserApiKeyStore, SessionStore, PolicyStore,
+  RateLimitConfigStore, BudgetConfigStore,
+  WorkspaceRateLimitConfig, WorkspaceBudgetConfig,
+} from '../storage/interfaces';
+import { InMemoryPolicyStore, InMemoryRateLimitConfigStore, InMemoryBudgetConfigStore } from '../storage/memory';
+import { Gateway } from '../server/gateway';
+import { TrustScoreCalculator } from '../trust/calculator';
+import { SessionReplayEngine } from '../replay/engine';
+import { PlanEnforcer } from '../billing/plan-enforcer';
+import { PlanTier } from '../types/subscription';
+import { MODEL_PRICING, resolveModelPricing } from '../budget/model-pricing';
+
+export interface SaaSRouteDeps {
+  config: GatewayConfig;
+  userStore: UserStore;
+  workspaceStore: WorkspaceStore;
+  workspaceMemberStore: WorkspaceMemberStore;
+  userApiKeyStore: UserApiKeyStore;
+  sessionStore: SessionStore;
+  gateway: Gateway;
+  policyStore?: PolicyStore;
+  rateLimitConfigStore?: RateLimitConfigStore;
+  budgetConfigStore?: BudgetConfigStore;
+}
+
+/** Extract a route param as string (Express 5 returns string | string[]). */
+function param(req: Request, name: string): string {
+  const val = req.params[name];
+  return Array.isArray(val) ? val[0] : val;
+}
+
+/**
+ * Require session authentication for all SaaS routes.
+ */
+function requireSession(req: Request, res: Response): boolean {
+  if (!(req as any).sessionUser) {
+    res.status(401).json({ error: 'Session authentication required' });
+    return false;
+  }
+  return true;
+}
+
+export function createSaaSRouter(deps: SaaSRouteDeps): Router {
+  const router = Router();
+  const { config, userStore, workspaceStore, workspaceMemberStore, userApiKeyStore, sessionStore, gateway } = deps;
+
+  // ---------------------------------------------------------------------------
+  // User Profile
+  // ---------------------------------------------------------------------------
+
+  router.get('/user/profile', (req: Request, res: Response) => {
+    if (!requireSession(req, res)) return;
+    const user = (req as any).sessionUser;
+    res.json({
+      id: user.id,
+      email: user.email,
+      display_name: user.display_name,
+      avatar_url: user.avatar_url,
+      status: user.status,
+      onboarding_completed: user.onboarding_completed,
+      created_at: user.created_at,
+    });
+  });
+
+  router.put('/user/profile', (req: Request, res: Response) => {
+    if (!requireSession(req, res)) return;
+    const user = (req as any).sessionUser;
+    const { display_name } = req.body;
+
+    if (!display_name || typeof display_name !== 'string' || display_name.trim().length === 0) {
+      res.status(400).json({ error: 'display_name is required' });
+      return;
+    }
+    if (display_name.length > 100) {
+      res.status(400).json({ error: 'display_name must be 100 characters or less' });
+      return;
+    }
+
+    const updated = userStore.update(user.id, {
+      display_name: display_name.trim(),
+      updated_at: new Date().toISOString(),
+    });
+    res.json(updated);
+  });
+
+  router.put('/user/onboarding', (req: Request, res: Response) => {
+    if (!requireSession(req, res)) return;
+    const user = (req as any).sessionUser;
+    const updated = userStore.update(user.id, {
+      onboarding_completed: true,
+      updated_at: new Date().toISOString(),
+    });
+    res.json(updated);
+  });
+
+  // ---------------------------------------------------------------------------
+  // Workspaces
+  // ---------------------------------------------------------------------------
+
+  router.get('/workspaces', (req: Request, res: Response) => {
+    if (!requireSession(req, res)) return;
+    const user = (req as any).sessionUser;
+    const memberships = workspaceMemberStore.getByUser(user.id);
+    const workspaces = memberships.map(m => {
+      const ws = workspaceStore.getById(m.workspace_id);
+      return ws ? { ...ws, role: m.role } : null;
+    }).filter(Boolean);
+    res.json({ workspaces });
+  });
+
+  router.post('/workspaces', (req: Request, res: Response) => {
+    if (!requireSession(req, res)) return;
+    const user = (req as any).sessionUser;
+    const { name, slug } = req.body;
+
+    if (!name || typeof name !== 'string' || name.trim().length === 0) {
+      res.status(400).json({ error: 'name is required' });
+      return;
+    }
+
+    // Enforce workspace limit based on user's highest plan
+    const userWorkspaces = workspaceMemberStore.getByUser(user.id)
+      .filter(m => m.role === 'owner')
+      .map(m => workspaceStore.getById(m.workspace_id))
+      .filter(Boolean);
+    // Determine the highest plan the user owns
+    const planPriority: Record<string, number> = { free: 0, pro: 1, business: 2, enterprise: 3 };
+    let highestPlan: PlanTier = 'free';
+    for (const ws of userWorkspaces) {
+      const p = (ws!.plan || 'free') as PlanTier;
+      if ((planPriority[p] || 0) > (planPriority[highestPlan] || 0)) {
+        highestPlan = p;
+      }
+    }
+    const wsLimitCheck = PlanEnforcer.checkWorkspaceLimit(highestPlan, userWorkspaces.length);
+    if (!wsLimitCheck.allowed) {
+      res.status(403).json({ error: wsLimitCheck.reason });
+      return;
+    }
+
+    // Generate slug from name if not provided
+    const wsSlug = (slug || name).toLowerCase().replace(/[^a-z0-9-]/g, '-').replace(/-+/g, '-').slice(0, 63);
+
+    if (workspaceStore.getBySlug(wsSlug)) {
+      res.status(409).json({ error: 'Workspace slug already taken' });
+      return;
+    }
+
+    const now = new Date().toISOString();
+    const workspaceId = randomUUID();
+
+    workspaceStore.create({
+      id: workspaceId,
+      name: name.trim(),
+      slug: wsSlug,
+      owner_user_id: user.id,
+      plan: 'free',
+      settings: {},
+      created_at: now,
+      updated_at: now,
+    });
+
+    workspaceMemberStore.create({
+      id: randomUUID(),
+      workspace_id: workspaceId,
+      user_id: user.id,
+      role: 'owner',
+      joined_at: now,
+    });
+
+    // Update session to point to this workspace
+    const sessionData = (req as any).sessionData;
+    if (sessionData) {
+      sessionStore.update(sessionData.id, { workspace_id: workspaceId });
+    }
+
+    const workspace = workspaceStore.getById(workspaceId);
+    res.status(201).json(workspace);
+  });
+
+  router.get('/workspaces/:id', (req: Request, res: Response) => {
+    if (!requireSession(req, res)) return;
+    const user = (req as any).sessionUser;
+    const workspaceId = param(req, 'id');
+
+    const membership = workspaceMemberStore.getByWorkspaceAndUser(workspaceId, user.id);
+    if (!membership) {
+      res.status(403).json({ error: 'Not a member of this workspace' });
+      return;
+    }
+
+    const workspace = workspaceStore.getById(workspaceId);
+    if (!workspace) {
+      res.status(404).json({ error: 'Workspace not found' });
+      return;
+    }
+
+    res.json({ ...workspace, role: membership.role });
+  });
+
+  // ---------------------------------------------------------------------------
+  // Workspace Stats (Dashboard)
+  // ---------------------------------------------------------------------------
+
+  router.get('/workspaces/:id/stats', (req: Request, res: Response) => {
+    if (!requireSession(req, res)) return;
+    const user = (req as any).sessionUser;
+    const workspaceId = param(req, 'id');
+
+    const membership = workspaceMemberStore.getByWorkspaceAndUser(workspaceId, user.id);
+    if (!membership) {
+      res.status(403).json({ error: 'Not a member of this workspace' });
+      return;
+    }
+
+    // Gather stats from the gateway's audit store
+    // Match events by workspace UUID or slug (Android clients send slug as workspace_id)
+    const workspace = workspaceStore.getById(workspaceId);
+    const wsSlug = workspace?.slug;
+    const allEvents = gateway.getAuditLogger().getAllEvents();
+    const wsEvents = allEvents.filter(e => e.workspace_id === workspaceId || (wsSlug && e.workspace_id === wsSlug));
+    const recentEvents = wsEvents.filter(e => {
+      const age = Date.now() - new Date(e.timestamp).getTime();
+      return age < 86400_000; // Last 24 hours
+    });
+
+    const members = workspaceMemberStore.getByWorkspace(workspaceId);
+    const apiKeys = userApiKeyStore.getByWorkspace(workspaceId);
+
+    res.json({
+      total_requests: wsEvents.length,
+      requests_24h: recentEvents.length,
+      members: members.length,
+      api_keys: apiKeys.filter(k => !k.revoked).length,
+      recent_events: recentEvents.slice(-10).reverse(),
+    });
+  });
+
+  // ---------------------------------------------------------------------------
+  // Events (filterable, sortable, paginated)
+  // ---------------------------------------------------------------------------
+
+  router.get('/workspaces/:id/events', (req: Request, res: Response) => {
+    if (!requireSession(req, res)) return;
+    const user = (req as any).sessionUser;
+    const workspaceId = param(req, 'id');
+
+    const membership = workspaceMemberStore.getByWorkspaceAndUser(workspaceId, user.id);
+    if (!membership) {
+      res.status(403).json({ error: 'Not a member of this workspace' });
+      return;
+    }
+
+    const workspace = workspaceStore.getById(workspaceId);
+    const wsSlug = workspace?.slug;
+    const allEvents = gateway.getAuditLogger().getAllEvents();
+
+    // Filter to this workspace (strict match — no ws_default fallback)
+    let events = allEvents.filter(
+      e => e.workspace_id === workspaceId || (wsSlug && e.workspace_id === wsSlug)
+    );
+
+    // Query params
+    const eventType = req.query.event_type as string | undefined;
+    const toolName = req.query.tool as string | undefined;
+    const actorId = req.query.actor as string | undefined;
+    const status = req.query.status as string | undefined;
+    const search = req.query.q as string | undefined;
+    const since = req.query.since as string | undefined;
+    const sort = (req.query.sort as string) || 'desc';
+    const limit = Math.min(parseInt(req.query.limit as string) || 50, 200);
+    const offset = parseInt(req.query.offset as string) || 0;
+
+    // Apply filters
+    if (eventType) {
+      const types = eventType.split(',');
+      events = events.filter(e => types.includes(e.event_type));
+    }
+    if (toolName) {
+      events = events.filter(e => e.tool_name?.includes(toolName));
+    }
+    if (actorId) {
+      events = events.filter(e => e.actor_id?.includes(actorId));
+    }
+    if (status) {
+      const statuses = status.split(',');
+      events = events.filter(e => {
+        const s = (e.metadata?.status as string) || (e.metadata?.decision as string) || '';
+        return statuses.some(st => s.includes(st));
+      });
+    }
+    if (search) {
+      const q = search.toLowerCase();
+      events = events.filter(e =>
+        e.tool_name?.toLowerCase().includes(q) ||
+        e.actor_id?.toLowerCase().includes(q) ||
+        e.task_id?.toLowerCase().includes(q) ||
+        e.event_type?.toLowerCase().includes(q)
+      );
+    }
+    if (since) {
+      events = events.filter(e => e.timestamp >= since);
+    }
+
+    // Sort
+    events.sort((a, b) => {
+      const cmp = a.timestamp.localeCompare(b.timestamp);
+      return sort === 'asc' ? cmp : -cmp;
+    });
+
+    const total = events.length;
+    const paged = events.slice(offset, offset + limit);
+
+    res.json({ events: paged, total, offset, limit });
+  });
+
+  // ---------------------------------------------------------------------------
+  // API Keys
+  // ---------------------------------------------------------------------------
+
+  router.get('/workspaces/:id/api-keys', (req: Request, res: Response) => {
+    if (!requireSession(req, res)) return;
+    const user = (req as any).sessionUser;
+    const workspaceId = param(req, 'id');
+
+    const membership = workspaceMemberStore.getByWorkspaceAndUser(workspaceId, user.id);
+    if (!membership) {
+      res.status(403).json({ error: 'Not a member of this workspace' });
+      return;
+    }
+
+    const keys = userApiKeyStore.getByWorkspace(workspaceId);
+    // Never return the hash, only metadata
+    res.json({
+      api_keys: keys.map(k => ({
+        id: k.id,
+        prefix: k.key_prefix,
+        name: k.name,
+        roles: k.roles,
+        tags: k.tags || [],
+        revoked: k.revoked,
+        last_used_at: k.last_used_at,
+        created_at: k.created_at,
+      })),
+    });
+  });
+
+  router.post('/workspaces/:id/api-keys', (req: Request, res: Response) => {
+    if (!requireSession(req, res)) return;
+    const user = (req as any).sessionUser;
+    const workspaceId = param(req, 'id');
+
+    const membership = workspaceMemberStore.getByWorkspaceAndUser(workspaceId, user.id);
+    if (!membership || (membership.role !== 'owner' && membership.role !== 'admin')) {
+      res.status(403).json({ error: 'Only workspace owners and admins can create API keys' });
+      return;
+    }
+
+    const { name, roles, tags } = req.body;
+    if (!name || typeof name !== 'string') {
+      res.status(400).json({ error: 'name is required' });
+      return;
+    }
+
+    // Validate tags
+    const parsedTags: string[] = Array.isArray(tags)
+      ? tags.filter((t: unknown) => typeof t === 'string' && t.length > 0).slice(0, 20)
+      : [];
+
+    // Enforce API key limit based on workspace plan
+    const wsForKeyLimit = workspaceStore.getById(workspaceId);
+    if (wsForKeyLimit) {
+      const plan = (wsForKeyLimit.plan || 'free') as PlanTier;
+      const currentKeys = userApiKeyStore.getByWorkspace(workspaceId).filter(k => !k.revoked);
+      const keyLimitCheck = PlanEnforcer.checkApiKeyLimit(plan, currentKeys.length);
+      if (!keyLimitCheck.allowed) {
+        res.status(403).json({ error: keyLimitCheck.reason });
+        return;
+      }
+    }
+
+    // Generate a random API key (pn_<32 random hex chars>) with salted hash
+    const rawKey = `pn_${crypto.randomBytes(32).toString('hex')}`;
+    const salt = crypto.randomBytes(16).toString('hex');
+    const hash = crypto.createHash('sha256').update(salt + rawKey).digest('hex');
+    const keyHash = `${salt}:${hash}`; // salted format: "salt:hash"
+    const keyPrefix = rawKey.slice(0, 11); // "pn_" + first 8 hex
+
+    const apiKey = {
+      id: randomUUID(),
+      key_hash: keyHash,
+      key_prefix: keyPrefix,
+      user_id: user.id,
+      workspace_id: workspaceId,
+      name: name.trim(),
+      roles: Array.isArray(roles) ? roles : ['agent'],
+      tags: parsedTags,
+      revoked: false,
+      created_at: new Date().toISOString(),
+    };
+
+    userApiKeyStore.create(apiKey);
+
+    // Return the plaintext key only once
+    res.status(201).json({
+      id: apiKey.id,
+      key: rawKey,
+      prefix: keyPrefix,
+      name: apiKey.name,
+      roles: apiKey.roles,
+      tags: apiKey.tags,
+      workspace_id: workspaceId,
+      created_at: apiKey.created_at,
+    });
+  });
+
+  router.delete('/workspaces/:id/api-keys/:keyId', (req: Request, res: Response) => {
+    if (!requireSession(req, res)) return;
+    const user = (req as any).sessionUser;
+    const workspaceId = param(req, 'id');
+    const keyId = param(req, 'keyId');
+
+    const membership = workspaceMemberStore.getByWorkspaceAndUser(workspaceId, user.id);
+    if (!membership || (membership.role !== 'owner' && membership.role !== 'admin')) {
+      res.status(403).json({ error: 'Only workspace owners and admins can revoke API keys' });
+      return;
+    }
+
+    const key = userApiKeyStore.getById(keyId);
+    if (!key || key.workspace_id !== workspaceId) {
+      res.status(404).json({ error: 'API key not found' });
+      return;
+    }
+
+    userApiKeyStore.update(keyId, { revoked: true });
+    res.json({ status: 'ok', id: keyId });
+  });
+
+  router.patch('/workspaces/:id/api-keys/:keyId', (req: Request, res: Response) => {
+    if (!requireSession(req, res)) return;
+    const user = (req as any).sessionUser;
+    const workspaceId = param(req, 'id');
+    const keyId = param(req, 'keyId');
+
+    const membership = workspaceMemberStore.getByWorkspaceAndUser(workspaceId, user.id);
+    if (!membership || (membership.role !== 'owner' && membership.role !== 'admin')) {
+      res.status(403).json({ error: 'Only workspace owners and admins can update API keys' });
+      return;
+    }
+
+    const key = userApiKeyStore.getById(keyId);
+    if (!key || key.workspace_id !== workspaceId) {
+      res.status(404).json({ error: 'API key not found' });
+      return;
+    }
+
+    const updates: Record<string, unknown> = {};
+    if (req.body.name !== undefined && typeof req.body.name === 'string') {
+      updates.name = req.body.name.trim();
+    }
+    if (Array.isArray(req.body.tags)) {
+      updates.tags = req.body.tags.filter((t: unknown) => typeof t === 'string' && t.length > 0).slice(0, 20);
+    }
+
+    if (Object.keys(updates).length === 0) {
+      res.status(400).json({ error: 'No valid fields to update (supported: name, tags)' });
+      return;
+    }
+
+    const updated = userApiKeyStore.update(keyId, updates as any);
+    if (!updated) {
+      res.status(500).json({ error: 'Failed to update API key' });
+      return;
+    }
+
+    res.json({
+      id: updated.id,
+      key_prefix: updated.key_prefix,
+      name: updated.name,
+      roles: updated.roles,
+      tags: updated.tags || [],
+      revoked: updated.revoked,
+      last_used_at: updated.last_used_at,
+      created_at: updated.created_at,
+    });
+  });
+
+  // ---------------------------------------------------------------------------
+  // Traces
+  // ---------------------------------------------------------------------------
+
+  router.get('/workspaces/:id/traces', (req: Request, res: Response) => {
+    if (!requireSession(req, res)) return;
+    const user = (req as any).sessionUser;
+    const workspaceId = param(req, 'id');
+
+    const membership = workspaceMemberStore.getByWorkspaceAndUser(workspaceId, user.id);
+    if (!membership) {
+      res.status(403).json({ error: 'Not a member of this workspace' });
+      return;
+    }
+
+    const limit = Math.min(parseInt(req.query.limit as string) || 50, 200);
+    const offset = parseInt(req.query.offset as string) || 0;
+    const statusFilter = req.query.status as string | undefined;
+    const toolFilter = req.query.tool as string | undefined;
+    const eventTypeFilter = req.query.event_type as string | undefined;
+
+    const allEvents = gateway.getAuditLogger().getAllEvents();
+    // Match events by workspace UUID or slug (Android clients send slug as workspace_id)
+    const wsForTraces = workspaceStore.getById(workspaceId);
+    const slugForTraces = wsForTraces?.slug;
+    let wsEvents = allEvents
+      .filter(e => e.workspace_id === workspaceId || (slugForTraces && e.workspace_id === slugForTraces));
+
+    // Apply server-side filters
+    if (statusFilter) {
+      const sf = statusFilter.toLowerCase();
+      wsEvents = wsEvents.filter(e => {
+        const decision = (e.metadata?.decision as string || '').toLowerCase();
+        const status = (e.metadata?.status as string || '').toLowerCase();
+        return decision.includes(sf) || status.includes(sf) || e.event_type.toLowerCase().includes(sf);
+      });
+    }
+    if (toolFilter) {
+      const tf = toolFilter.toLowerCase();
+      wsEvents = wsEvents.filter(e => (e.tool_name || '').toLowerCase().includes(tf));
+    }
+    if (eventTypeFilter) {
+      const ef = eventTypeFilter.toLowerCase();
+      wsEvents = wsEvents.filter(e => e.event_type.toLowerCase().includes(ef));
+    }
+
+    wsEvents.sort((a, b) => b.timestamp.localeCompare(a.timestamp));
+
+    res.json({
+      traces: wsEvents.slice(offset, offset + limit),
+      total: wsEvents.length,
+      limit,
+      offset,
+    });
+  });
+
+  router.delete('/workspaces/:id/traces', (req: Request, res: Response) => {
+    if (!requireSession(req, res)) return;
+    const user = (req as any).sessionUser;
+    const workspaceId = param(req, 'id');
+
+    const membership = workspaceMemberStore.getByWorkspaceAndUser(workspaceId, user.id);
+    if (!membership || (membership.role !== 'owner' && membership.role !== 'admin')) {
+      res.status(403).json({ error: 'Admin or owner access required' });
+      return;
+    }
+
+    gateway.getAuditLogger().clear();
+    res.json({ status: 'ok', message: 'All traces cleared' });
+  });
+
+  router.delete('/workspaces/:id/traces/:taskId', (req: Request, res: Response) => {
+    if (!requireSession(req, res)) return;
+    const user = (req as any).sessionUser;
+    const workspaceId = param(req, 'id');
+    const taskId = param(req, 'taskId');
+
+    const membership = workspaceMemberStore.getByWorkspaceAndUser(workspaceId, user.id);
+    if (!membership || (membership.role !== 'owner' && membership.role !== 'admin')) {
+      res.status(403).json({ error: 'Admin or owner access required' });
+      return;
+    }
+
+    gateway.getAuditLogger().deleteByTaskId(taskId);
+    res.json({ status: 'ok', message: `Trace ${taskId} deleted` });
+  });
+
+  router.delete('/workspaces/:id/sessions/:sessionId', (req: Request, res: Response) => {
+    if (!requireSession(req, res)) return;
+    const user = (req as any).sessionUser;
+    const workspaceId = param(req, 'id');
+    const sessionId = param(req, 'sessionId');
+
+    const membership = workspaceMemberStore.getByWorkspaceAndUser(workspaceId, user.id);
+    if (!membership || (membership.role !== 'owner' && membership.role !== 'admin')) {
+      res.status(403).json({ error: 'Admin or owner access required' });
+      return;
+    }
+
+    gateway.getAuditLogger().deleteBySessionId(sessionId);
+    res.json({ status: 'ok', message: `Session ${sessionId} traces deleted` });
+  });
+
+  // ---------------------------------------------------------------------------
+  // Sessions (grouped traces)
+  // ---------------------------------------------------------------------------
+
+  router.get('/workspaces/:id/sessions', (req: Request, res: Response) => {
+    if (!requireSession(req, res)) return;
+    const user = (req as any).sessionUser;
+    const workspaceId = param(req, 'id');
+
+    const membership = workspaceMemberStore.getByWorkspaceAndUser(workspaceId, user.id);
+    if (!membership) {
+      res.status(403).json({ error: 'Not a member of this workspace' });
+      return;
+    }
+
+    const limit = Math.min(parseInt(req.query.limit as string) || 50, 200);
+    const offset = parseInt(req.query.offset as string) || 0;
+
+    const allEvents = gateway.getAuditLogger().getAllEvents();
+    const wsForSessions = workspaceStore.getById(workspaceId);
+    const slugForSessions = wsForSessions?.slug;
+    const wsEvents = allEvents.filter(
+      e => e.workspace_id === workspaceId || (slugForSessions && e.workspace_id === slugForSessions)
+    );
+
+    // Group events by session_id (falling back to tool_call_id for old events)
+    const sessionMap = new Map<string, typeof wsEvents>();
+    for (const e of wsEvents) {
+      const key = e.session_id || e.tool_call_id || e.task_id;
+      if (!sessionMap.has(key)) sessionMap.set(key, []);
+      sessionMap.get(key)!.push(e);
+    }
+
+    // Build session summaries
+    const sessions: Array<{
+      session_id: string;
+      tool_call_count: number;
+      first_timestamp: string;
+      last_timestamp: string;
+      duration_ms: number;
+      actor_id: string;
+      platform: string;
+      tools_used: string[];
+      overall_status: string;
+      status_counts: { ok: number; blocked: number; error: number; approval: number; redacted: number };
+    }> = [];
+
+    for (const [sessionId, events] of sessionMap) {
+      events.sort((a, b) => a.timestamp.localeCompare(b.timestamp));
+      const first = events[0];
+      const last = events[events.length - 1];
+
+      // Count unique tool_call_ids (each represents one tool call)
+      const toolCallIds = new Set(events.map(e => e.tool_call_id));
+      const receivedEvents = events.filter(e => e.event_type === 'TOOL_CALL_RECEIVED');
+      const toolCallCount = Math.max(receivedEvents.length, 1);
+
+      // Unique tools
+      const toolsUsed = [...new Set(events.map(e => e.tool_name).filter(Boolean))];
+
+      // Derive status counts per tool_call_id
+      const statusCounts = { ok: 0, blocked: 0, error: 0, approval: 0, redacted: 0 };
+      for (const tcId of toolCallIds) {
+        const tcEvents = events.filter(e => e.tool_call_id === tcId);
+        const hasDeny = tcEvents.some(e => e.event_type === 'POLICY_DECIDED' && e.metadata?.decision === 'deny');
+        const hasApproval = tcEvents.some(e => e.event_type === 'APPROVAL_REQUESTED');
+        const hasError = tcEvents.some(e => e.event_type === 'TOOL_EXECUTED' && e.metadata?.status === 'error');
+        const hasRedaction = tcEvents.some(e =>
+          e.event_type === 'DLP_SCANNED' && Array.isArray(e.metadata?.detected) && (e.metadata!.detected as string[]).length > 0
+        );
+        if (hasDeny) statusCounts.blocked++;
+        else if (hasError) statusCounts.error++;
+        else if (hasApproval) statusCounts.approval++;
+        else statusCounts.ok++;
+        // Redacted is orthogonal — a call can be ok AND redacted
+        if (hasRedaction) statusCounts.redacted++;
+      }
+
+      // Overall status: worst status across calls
+      let overallStatus = 'ok';
+      if (statusCounts.blocked > 0) overallStatus = 'blocked';
+      else if (statusCounts.error > 0) overallStatus = 'error';
+      else if (statusCounts.approval > 0) overallStatus = 'approval';
+
+      sessions.push({
+        session_id: sessionId,
+        tool_call_count: toolCallCount,
+        first_timestamp: first.timestamp,
+        last_timestamp: last.timestamp,
+        duration_ms: new Date(last.timestamp).getTime() - new Date(first.timestamp).getTime(),
+        actor_id: first.actor_id || '',
+        platform: (first.metadata?.platform as string) || 'unknown',
+        tools_used: toolsUsed,
+        overall_status: overallStatus,
+        status_counts: statusCounts,
+      });
+    }
+
+    // Sort newest first
+    sessions.sort((a, b) => b.first_timestamp.localeCompare(a.first_timestamp));
+
+    res.json({
+      sessions: sessions.slice(offset, offset + limit),
+      total: sessions.length,
+    });
+  });
+
+  router.get('/workspaces/:id/sessions/:sessionId', (req: Request, res: Response) => {
+    if (!requireSession(req, res)) return;
+    const user = (req as any).sessionUser;
+    const workspaceId = param(req, 'id');
+    const sessionId = param(req, 'sessionId');
+
+    const membership = workspaceMemberStore.getByWorkspaceAndUser(workspaceId, user.id);
+    if (!membership) {
+      res.status(403).json({ error: 'Not a member of this workspace' });
+      return;
+    }
+
+    const allEvents = gateway.getAuditLogger().getAllEvents();
+    const workspace = workspaceStore.getById(workspaceId);
+    const wsSlug = workspace?.slug;
+
+    // Find events by session_id, filtered to this workspace
+    const sessionEvents = allEvents.filter(
+      e => e.session_id === sessionId &&
+        (e.workspace_id === workspaceId || (wsSlug && e.workspace_id === wsSlug))
+    );
+
+    // If no events found by session_id, try treating sessionId as a tool_call_id (backward compat)
+    const events = sessionEvents.length > 0
+      ? sessionEvents
+      : allEvents.filter(
+          e => e.tool_call_id === sessionId &&
+            (e.workspace_id === workspaceId || (wsSlug && e.workspace_id === wsSlug))
+        );
+
+    // Group by tool_call_id
+    const toolCallMap = new Map<string, typeof events>();
+    for (const e of events) {
+      const tcId = e.tool_call_id;
+      if (!toolCallMap.has(tcId)) toolCallMap.set(tcId, []);
+      toolCallMap.get(tcId)!.push(e);
+    }
+
+    const toolCalls: Array<{
+      tool_call_id: string;
+      task_id: string;
+      tool_name: string;
+      timestamp: string;
+      duration_ms: number;
+      status: string;
+      events: typeof events;
+    }> = [];
+
+    for (const [tcId, tcEvents] of toolCallMap) {
+      tcEvents.sort((a, b) => a.timestamp.localeCompare(b.timestamp));
+      const first = tcEvents[0];
+      const last = tcEvents[tcEvents.length - 1];
+      const resultEvent = tcEvents.find(e => e.event_type === 'TOOL_RESULT_RETURNED');
+      const durationMs = (resultEvent?.metadata?.duration_ms as number) ||
+        (new Date(last.timestamp).getTime() - new Date(first.timestamp).getTime());
+
+      // Derive status
+      const hasDeny = tcEvents.some(e => e.event_type === 'POLICY_DECIDED' && e.metadata?.decision === 'deny');
+      const hasApproval = tcEvents.some(e => e.event_type === 'APPROVAL_REQUESTED');
+      const hasError = tcEvents.some(e => e.event_type === 'TOOL_EXECUTED' && e.metadata?.status === 'error');
+      let status = 'ok';
+      if (hasDeny) status = 'blocked';
+      else if (hasError) status = 'error';
+      else if (hasApproval) status = 'approval';
+
+      toolCalls.push({
+        tool_call_id: tcId,
+        task_id: first.task_id,
+        tool_name: first.tool_name || 'unknown',
+        timestamp: first.timestamp,
+        duration_ms: durationMs,
+        status,
+        events: tcEvents,
+      });
+    }
+
+    // Sort by timestamp
+    toolCalls.sort((a, b) => a.timestamp.localeCompare(b.timestamp));
+
+    res.json({
+      session_id: sessionId,
+      tool_calls: toolCalls,
+      total_events: events.length,
+    });
+  });
+
+  // ---------------------------------------------------------------------------
+  // Budgets
+  // ---------------------------------------------------------------------------
+
+  router.get('/workspaces/:id/budgets', (req: Request, res: Response) => {
+    if (!requireSession(req, res)) return;
+    const user = (req as any).sessionUser;
+    const workspaceId = param(req, 'id');
+
+    const membership = workspaceMemberStore.getByWorkspaceAndUser(workspaceId, user.id);
+    if (!membership) {
+      res.status(403).json({ error: 'Not a member of this workspace' });
+      return;
+    }
+
+    const spending = gateway.getBudgetManager().getSpendingSummary();
+
+    // Use workspace-specific budget config if available, otherwise global
+    const budgetConfigStore = gateway.getBudgetConfigStore();
+    const wsConfig = budgetConfigStore?.getByWorkspaceId(workspaceId);
+    const effectiveConfig = wsConfig ? { ...config.budget, ...wsConfig } : config.budget;
+    const is_custom = !!wsConfig;
+
+    res.json({
+      workspace_id: workspaceId,
+      config: effectiveConfig,
+      spending,
+      is_custom,
+    });
+  });
+
+  // ---------------------------------------------------------------------------
+  // Approvals (proxy to gateway's ApprovalManager)
+  // ---------------------------------------------------------------------------
+
+  router.get('/workspaces/:id/approvals', (req: Request, res: Response) => {
+    if (!requireSession(req, res)) return;
+    const user = (req as any).sessionUser;
+    const workspaceId = param(req, 'id');
+
+    const membership = workspaceMemberStore.getByWorkspaceAndUser(workspaceId, user.id);
+    if (!membership) {
+      res.status(403).json({ error: 'Not a member of this workspace' });
+      return;
+    }
+
+    const pending = gateway.getPendingApprovals(workspaceId);
+    // Strip the JWT token — frontend only sees approval metadata
+    const approvals = pending.map(a => ({
+      approval_id: a.approval_id,
+      tool_call_id: a.tool_call_id,
+      task_id: a.task_id,
+      workspace_id: a.workspace_id,
+      actor_id: a.actor_id,
+      tool_name: a.tool_name,
+      tool_capability: a.tool_capability,
+      args_summary: a.args_summary,
+      scope: a.scope,
+      reason: a.reason,
+      status: a.status,
+      created_at: a.created_at,
+      expires_at: a.expires_at,
+    }));
+
+    res.json({ approvals });
+  });
+
+  router.post('/workspaces/:id/approvals/:approvalId/approve', async (req: Request, res: Response) => {
+    if (!requireSession(req, res)) return;
+    const user = (req as any).sessionUser;
+    const workspaceId = param(req, 'id');
+    const approvalId = param(req, 'approvalId');
+
+    const membership = workspaceMemberStore.getByWorkspaceAndUser(workspaceId, user.id);
+    if (!membership) {
+      res.status(403).json({ error: 'Not a member of this workspace' });
+      return;
+    }
+
+    // Verify approval exists and belongs to this workspace
+    const approval = gateway.getApprovalManager().getApproval(approvalId);
+    if (!approval) {
+      res.status(404).json({ error: 'Approval not found' });
+      return;
+    }
+    if (approval.workspace_id !== workspaceId) {
+      res.status(404).json({ error: 'Approval not found' });
+      return;
+    }
+
+    try {
+      await gateway.getApprovalManager().resolveById(approvalId, user.id, true);
+    } catch (err) {
+      const message = err instanceof Error ? err.message : 'Approval failed';
+      res.status(400).json({ error: message });
+      return;
+    }
+
+    res.json({ status: 'approved', approval_id: approvalId });
+  });
+
+  router.post('/workspaces/:id/approvals/:approvalId/deny', async (req: Request, res: Response) => {
+    if (!requireSession(req, res)) return;
+    const user = (req as any).sessionUser;
+    const workspaceId = param(req, 'id');
+    const approvalId = param(req, 'approvalId');
+
+    const membership = workspaceMemberStore.getByWorkspaceAndUser(workspaceId, user.id);
+    if (!membership) {
+      res.status(403).json({ error: 'Not a member of this workspace' });
+      return;
+    }
+
+    const approvalRecord = gateway.getApprovalManager().getApproval(approvalId);
+    if (!approvalRecord) {
+      res.status(404).json({ error: 'Approval not found' });
+      return;
+    }
+    if (approvalRecord.workspace_id !== workspaceId) {
+      res.status(404).json({ error: 'Approval not found' });
+      return;
+    }
+
+    const reason = req.body?.reason || 'Denied via SaaS dashboard';
+    try {
+      await gateway.getApprovalManager().resolveById(approvalId, user.id, false, reason);
+    } catch (err) {
+      const message = err instanceof Error ? err.message : 'Denial failed';
+      res.status(400).json({ error: message });
+      return;
+    }
+
+    res.json({ status: 'denied', approval_id: approvalId });
+  });
+
+  // ---------------------------------------------------------------------------
+  // Policies (workspace-aware CRUD)
+  // ---------------------------------------------------------------------------
+
+  // Ensure a PolicyStore is available on the gateway
+  if (!gateway.getPolicyStore()) {
+    gateway.setStores({ policyStore: deps.policyStore || new InMemoryPolicyStore() });
+  }
+  const policyStore = gateway.getPolicyStore()!;
+
+  router.get('/workspaces/:id/policies', (req: Request, res: Response) => {
+    if (!requireSession(req, res)) return;
+    const user = (req as any).sessionUser;
+    const workspaceId = param(req, 'id');
+
+    const membership = workspaceMemberStore.getByWorkspaceAndUser(workspaceId, user.id);
+    if (!membership) {
+      res.status(403).json({ error: 'Not a member of this workspace' });
+      return;
+    }
+
+    const { policy, is_custom } = gateway.getWorkspacePolicy(workspaceId);
+    res.json({ policy, is_custom });
+  });
+
+  router.put('/workspaces/:id/policies', (req: Request, res: Response) => {
+    if (!requireSession(req, res)) return;
+    const user = (req as any).sessionUser;
+    const workspaceId = param(req, 'id');
+
+    const membership = workspaceMemberStore.getByWorkspaceAndUser(workspaceId, user.id);
+    if (!membership) {
+      res.status(403).json({ error: 'Not a member of this workspace' });
+      return;
+    }
+    if (!['owner', 'admin'].includes(membership.role)) {
+      res.status(403).json({ error: 'Only workspace owners and admins can modify policies' });
+      return;
+    }
+
+    const body = req.body;
+    const validation = gateway.validatePolicy(body);
+    if (!validation.valid) {
+      res.status(400).json({ valid: false, errors: validation.errors });
+      return;
+    }
+
+    policyStore.set(workspaceId, body);
+
+    gateway.getAuditLogger().log({
+      event_type: 'POLICY_UPDATED',
+      tool_call_id: '',
+      task_id: '',
+      workspace_id: workspaceId,
+      actor_id: user.id,
+      tool_name: '',
+      metadata: { policy_name: body.name, policy_version: body.version, updated_by: user.id },
+    });
+
+    res.json({ policy: body, is_custom: true });
+  });
+
+  router.delete('/workspaces/:id/policies', (req: Request, res: Response) => {
+    if (!requireSession(req, res)) return;
+    const user = (req as any).sessionUser;
+    const workspaceId = param(req, 'id');
+
+    const membership = workspaceMemberStore.getByWorkspaceAndUser(workspaceId, user.id);
+    if (!membership) {
+      res.status(403).json({ error: 'Not a member of this workspace' });
+      return;
+    }
+    if (!['owner', 'admin'].includes(membership.role)) {
+      res.status(403).json({ error: 'Only workspace owners and admins can modify policies' });
+      return;
+    }
+
+    policyStore.delete(workspaceId);
+
+    gateway.getAuditLogger().log({
+      event_type: 'POLICY_RESET',
+      tool_call_id: '',
+      task_id: '',
+      workspace_id: workspaceId,
+      actor_id: user.id,
+      tool_name: '',
+      metadata: { reset_by: user.id },
+    });
+
+    const policy = gateway.getCurrentPolicy();
+    res.json({ status: 'reset', policy, is_custom: false });
+  });
+
+  router.post('/workspaces/:id/policies/validate', (req: Request, res: Response) => {
+    if (!requireSession(req, res)) return;
+    const user = (req as any).sessionUser;
+    const workspaceId = param(req, 'id');
+
+    const membership = workspaceMemberStore.getByWorkspaceAndUser(workspaceId, user.id);
+    if (!membership) {
+      res.status(403).json({ error: 'Not a member of this workspace' });
+      return;
+    }
+
+    const body = req.body;
+    const validation = gateway.validatePolicy(body);
+    res.json(validation);
+  });
+
+  // ---------------------------------------------------------------------------
+  // Policy Rule Generation (LLM-powered)
+  // ---------------------------------------------------------------------------
+
+  // Per-user rate limiter for LLM rule generation: 10 requests per hour
+  const LLM_RATE_LIMIT_MAX = 10;
+  const LLM_RATE_LIMIT_WINDOW_MS = 60 * 60 * 1000; // 1 hour
+  const llmRateLimitHits = new Map<string, number[]>();
+
+  // Periodic cleanup to prevent memory leaks
+  setInterval(() => {
+    const now = Date.now();
+    for (const [userId, timestamps] of llmRateLimitHits) {
+      const valid = timestamps.filter(t => now - t < LLM_RATE_LIMIT_WINDOW_MS);
+      if (valid.length === 0) {
+        llmRateLimitHits.delete(userId);
+      } else {
+        llmRateLimitHits.set(userId, valid);
+      }
+    }
+  }, LLM_RATE_LIMIT_WINDOW_MS).unref();
+
+  router.post('/workspaces/:id/policies/generate-rule', async (req: Request, res: Response) => {
+    if (!requireSession(req, res)) return;
+    const user = (req as any).sessionUser;
+    const workspaceId = param(req, 'id');
+
+    const membership = workspaceMemberStore.getByWorkspaceAndUser(workspaceId, user.id);
+    if (!membership) {
+      res.status(403).json({ error: 'Not a member of this workspace' });
+      return;
+    }
+
+    const apiKey = process.env.PALARYN_LLM_API_KEY;
+    if (!apiKey) {
+      res.status(503).json({ error: 'AI rule generation is not configured. Set PALARYN_LLM_API_KEY environment variable.' });
+      return;
+    }
+
+    const { description } = req.body;
+    if (!description || typeof description !== 'string' || description.trim().length === 0) {
+      res.status(400).json({ error: 'description is required' });
+      return;
+    }
+
+    const trimmed = description.trim().slice(0, 500);
+
+    // Per-user rate limit check (after validation, before LLM call)
+    const now = Date.now();
+    const userTimestamps = llmRateLimitHits.get(user.id) || [];
+    const windowStart = now - LLM_RATE_LIMIT_WINDOW_MS;
+    const validTimestamps = userTimestamps.filter(t => t > windowStart);
+
+    if (validTimestamps.length >= LLM_RATE_LIMIT_MAX) {
+      const retryAfterMs = LLM_RATE_LIMIT_WINDOW_MS - (now - validTimestamps[0]);
+      res.status(429).json({
+        error: `You've reached the limit of ${LLM_RATE_LIMIT_MAX} AI generations per hour. Please try again later.`,
+        retry_after_ms: retryAfterMs,
+      });
+      return;
+    }
+
+    validTimestamps.push(now);
+    llmRateLimitHits.set(user.id, validTimestamps);
+
+    const systemPrompt = `You are a policy rule generator for Palaryn, an AI agent gateway. Given a natural language description, generate a single JSON PolicyRule object.
+
+The PolicyRule schema:
+{
+  "name": string,           // Short kebab-case name for the rule
+  "description": string,    // Human-readable description
+  "effect": "ALLOW" | "DENY" | "REQUIRE_APPROVAL" | "TRANSFORM",
+  "priority": number,       // Lower = higher precedence (1-100)
+  "conditions": {
+    "tools": string[],           // Tool names: "http.request", "slack.post_message", etc.
+    "tool_match": string,        // Regex pattern for tool name matching
+    "capabilities": string[],    // "read", "write", "delete", "admin"
+    "actors": string[],          // Actor/agent IDs
+    "actor_types": string[],     // "agent", "user", "system"
+    "domains": string[],         // URL domains: "api.github.com", "*.googleapis.com"
+    "domain_blocklist": string[],// Blocked domains
+    "methods": string[],         // HTTP methods: "GET", "POST", "PUT", "DELETE", "PATCH"
+    "labels": string[],          // Context labels
+    "platforms": string[],       // Source platforms: "langgraph", "claude_code", "n8n", "custom"
+    "workspace_ids": string[]    // Specific workspace IDs
+  },
+  "approval": {                  // Only when effect is REQUIRE_APPROVAL
+    "scope": string,
+    "ttl_seconds": number,
+    "reason": string
+  }
+}
+
+Rules:
+- Only include condition fields that are relevant to the description. Omit empty arrays.
+- Use "DENY" for blocking, "ALLOW" for permitting, "REQUIRE_APPROVAL" when human approval is needed.
+- For domain wildcards use "*.example.com" format.
+- IMPORTANT: Always pair capabilities with matching methods. read → ["GET","HEAD","OPTIONS"], write → ["POST","PUT","PATCH"], delete → ["DELETE"], admin → all methods.
+- When the description says "read-only", set capabilities to ["read"] AND methods to ["GET","HEAD","OPTIONS"].
+- Return ONLY the JSON object, no markdown fences, no explanation.
+
+Examples:
+Input: "Allow GET requests to GitHub and Google APIs"
+Output: {"name":"allow-get-github-google","description":"Allow GET requests to GitHub and Google APIs","effect":"ALLOW","priority":10,"conditions":{"tools":["http.request"],"capabilities":["read"],"methods":["GET"],"domains":["api.github.com","*.googleapis.com"]}}
+
+Input: "Block all delete operations"
+Output: {"name":"block-delete-ops","description":"Block all delete operations","effect":"DENY","priority":5,"conditions":{"capabilities":["delete"],"methods":["DELETE"]}}
+
+Input: "Allow read-only access"
+Output: {"name":"allow-read-only","description":"Allow read-only access","effect":"ALLOW","priority":10,"conditions":{"capabilities":["read"],"methods":["GET","HEAD","OPTIONS"]}}
+
+Input: "Require approval for write operations to Slack"
+Output: {"name":"approve-slack-writes","description":"Require approval for write operations to Slack","effect":"REQUIRE_APPROVAL","priority":15,"conditions":{"capabilities":["write"],"methods":["POST","PUT","PATCH"],"domains":["api.slack.com"]},"approval":{"scope":"team_lead","ttl_seconds":3600,"reason":"Write operations to Slack require approval"}}`;
+
+    try {
+      const controller = new AbortController();
+      const timeout = setTimeout(() => controller.abort(), 15000);
+
+      // Detect provider from API key prefix
+      const isOpenAI = apiKey.startsWith('sk-proj-') || apiKey.startsWith('sk-');
+      const llmUrl = isOpenAI
+        ? 'https://api.openai.com/v1/chat/completions'
+        : 'https://api.anthropic.com/v1/messages';
+      const llmHeaders: Record<string, string> = isOpenAI
+        ? { 'Content-Type': 'application/json', 'Authorization': `Bearer ${apiKey}` }
+        : { 'Content-Type': 'application/json', 'x-api-key': apiKey, 'anthropic-version': '2023-06-01' };
+      const llmBody = isOpenAI
+        ? JSON.stringify({
+            model: 'gpt-4.1-mini',
+            max_tokens: 1024,
+            messages: [
+              { role: 'system', content: systemPrompt },
+              { role: 'user', content: trimmed },
+            ],
+          })
+        : JSON.stringify({
+            model: 'claude-sonnet-4-5-20241022',
+            max_tokens: 1024,
+            system: systemPrompt,
+            messages: [{ role: 'user', content: trimmed }],
+          });
+
+      const llmRes = await fetch(llmUrl, {
+        method: 'POST',
+        headers: llmHeaders,
+        body: llmBody,
+        signal: controller.signal,
+      });
+
+      clearTimeout(timeout);
+
+      if (!llmRes.ok) {
+        const errBody = await llmRes.text();
+        console.error('[generate-rule] LLM API error:', llmRes.status, errBody);
+        res.status(502).json({ error: 'Failed to generate rule. LLM API returned an error.' });
+        return;
+      }
+
+      const llmData = await llmRes.json() as any;
+      const text = isOpenAI
+        ? (llmData.choices?.[0]?.message?.content || '')
+        : (llmData.content?.[0]?.text || '');
+
+      // Strip markdown code fences if present
+      const cleaned = text.replace(/^```(?:json)?\s*/i, '').replace(/\s*```\s*$/i, '').trim();
+
+      let rule;
+      try {
+        rule = JSON.parse(cleaned);
+      } catch {
+        console.error('[generate-rule] Failed to parse LLM output:', cleaned);
+        res.status(500).json({ error: 'Failed to parse generated rule. Please try rephrasing your description.' });
+        return;
+      }
+
+      // Normalize effect to uppercase
+      if (rule.effect && typeof rule.effect === 'string') {
+        rule.effect = rule.effect.toUpperCase();
+      }
+
+      // Ensure required fields exist
+      if (!rule.name) rule.name = 'generated-rule';
+      if (!rule.conditions) rule.conditions = {};
+      if (!rule.effect) rule.effect = 'DENY';
+
+      // Strip unknown top-level fields
+      const validKeys = ['name', 'description', 'effect', 'priority', 'conditions', 'transformations', 'approval'];
+      for (const key of Object.keys(rule)) {
+        if (!validKeys.includes(key)) delete rule[key];
+      }
+
+      res.json({ rule });
+    } catch (err) {
+      if ((err as Error).name === 'AbortError') {
+        res.status(504).json({ error: 'Rule generation timed out. Please try again.' });
+        return;
+      }
+      console.error('[generate-rule] Unexpected error:', err);
+      res.status(500).json({ error: 'Failed to generate rule. Please try again.' });
+    }
+  });
+
+  // ---------------------------------------------------------------------------
+  // Security (DLP detections dashboard)
+  // ---------------------------------------------------------------------------
+
+  router.get('/workspaces/:id/security', (req: Request, res: Response) => {
+    if (!requireSession(req, res)) return;
+    const user = (req as any).sessionUser;
+    const workspaceId = param(req, 'id');
+
+    const membership = workspaceMemberStore.getByWorkspaceAndUser(workspaceId, user.id);
+    if (!membership) {
+      res.status(403).json({ error: 'Not a member of this workspace' });
+      return;
+    }
+
+    const limit = Math.min(parseInt(req.query.limit as string) || 50, 200);
+    const offset = parseInt(req.query.offset as string) || 0;
+    const severity = req.query.severity as string | undefined;
+    const tool = req.query.tool as string | undefined;
+    const actor = req.query.actor as string | undefined;
+    const q = req.query.q as string | undefined;
+
+    const allDlpEvents = gateway.getAuditLogger().getEventsByType('DLP_SCANNED');
+    const workspace = workspaceStore.getById(workspaceId);
+    const wsSlug = workspace?.slug;
+    const wsEvents = allDlpEvents
+      .filter(e => e.workspace_id === workspaceId || (wsSlug && e.workspace_id === wsSlug))
+      .sort((a, b) => b.timestamp.localeCompare(a.timestamp));
+
+    // Apply optional filters
+    let filtered = wsEvents;
+    if (severity) filtered = filtered.filter(e => (e.metadata?.severity as string) === severity);
+    if (tool) filtered = filtered.filter(e => e.tool_name.toLowerCase().includes(tool.toLowerCase()));
+    if (actor) filtered = filtered.filter(e => e.actor_id.toLowerCase().includes(actor.toLowerCase()));
+    if (q) {
+      const ql = q.toLowerCase();
+      filtered = filtered.filter(e =>
+        e.tool_name.toLowerCase().includes(ql) ||
+        e.actor_id.toLowerCase().includes(ql) ||
+        ((e.metadata?.detected as string[]) || []).some(p => p.toLowerCase().includes(ql))
+      );
+    }
+
+    // Compute severity stats over filtered results
+    let high = 0, medium = 0, low = 0;
+    const patternSet = new Set<string>();
+    for (const e of filtered) {
+      const sev = e.metadata?.severity as string;
+      if (sev === 'high') high++;
+      else if (sev === 'medium') medium++;
+      else low++;
+      const detected = e.metadata?.detected as string[];
+      if (Array.isArray(detected)) {
+        for (const p of detected) patternSet.add(p);
+      }
+    }
+
+    res.json({
+      events: filtered.slice(offset, offset + limit),
+      total: filtered.length,
+      limit,
+      offset,
+      stats: {
+        total: filtered.length,
+        high,
+        medium,
+        low,
+        unique_patterns: patternSet.size,
+      },
+    });
+  });
+
+  // ---------------------------------------------------------------------------
+  // Workspace Switch
+  // ---------------------------------------------------------------------------
+
+  router.post('/workspaces/:id/switch', (req: Request, res: Response) => {
+    if (!requireSession(req, res)) return;
+    const user = (req as any).sessionUser;
+    const workspaceId = param(req, 'id');
+
+    const membership = workspaceMemberStore.getByWorkspaceAndUser(workspaceId, user.id);
+    if (!membership) {
+      res.status(403).json({ error: 'Not a member of this workspace' });
+      return;
+    }
+
+    const workspace = workspaceStore.getById(workspaceId);
+    if (!workspace) {
+      res.status(404).json({ error: 'Workspace not found' });
+      return;
+    }
+
+    // Update session to point to this workspace
+    const sessionData = (req as any).sessionData;
+    if (sessionData) {
+      sessionStore.update(sessionData.id, { workspace_id: workspaceId });
+    }
+
+    res.json({ ...workspace, role: membership.role });
+  });
+
+  // ---------------------------------------------------------------------------
+  // Members
+  // ---------------------------------------------------------------------------
+
+  router.get('/workspaces/:id/members', (req: Request, res: Response) => {
+    if (!requireSession(req, res)) return;
+    const user = (req as any).sessionUser;
+    const workspaceId = param(req, 'id');
+
+    const membership = workspaceMemberStore.getByWorkspaceAndUser(workspaceId, user.id);
+    if (!membership) {
+      res.status(403).json({ error: 'Not a member of this workspace' });
+      return;
+    }
+
+    const members = workspaceMemberStore.getByWorkspace(workspaceId);
+    const enriched = members.map(m => {
+      const u = userStore.getById(m.user_id);
+      return {
+        id: m.id,
+        user_id: m.user_id,
+        role: m.role,
+        joined_at: m.joined_at,
+        email: u?.email || '',
+        display_name: u?.display_name || '',
+      };
+    });
+
+    res.json({ members: enriched, viewer_role: membership.role });
+  });
+
+  router.put('/workspaces/:id/members/:memberId', (req: Request, res: Response) => {
+    if (!requireSession(req, res)) return;
+    const user = (req as any).sessionUser;
+    const workspaceId = param(req, 'id');
+    const memberId = param(req, 'memberId');
+
+    const membership = workspaceMemberStore.getByWorkspaceAndUser(workspaceId, user.id);
+    if (!membership || (membership.role !== 'owner' && membership.role !== 'admin')) {
+      res.status(403).json({ error: 'Only workspace owners and admins can change roles' });
+      return;
+    }
+
+    const target = workspaceMemberStore.getById(memberId);
+    if (!target || target.workspace_id !== workspaceId) {
+      res.status(404).json({ error: 'Member not found' });
+      return;
+    }
+
+    // Cannot change own role
+    if (target.user_id === user.id) {
+      res.status(400).json({ error: 'Cannot change your own role' });
+      return;
+    }
+
+    const { role } = req.body;
+    const validRoles = ['owner', 'admin', 'member', 'viewer'];
+    if (!role || !validRoles.includes(role)) {
+      res.status(400).json({ error: `role must be one of: ${validRoles.join(', ')}` });
+      return;
+    }
+
+    const updated = workspaceMemberStore.update(memberId, { role });
+    res.json(updated);
+  });
+
+  router.delete('/workspaces/:id/members/:memberId', (req: Request, res: Response) => {
+    if (!requireSession(req, res)) return;
+    const user = (req as any).sessionUser;
+    const workspaceId = param(req, 'id');
+    const memberId = param(req, 'memberId');
+
+    const membership = workspaceMemberStore.getByWorkspaceAndUser(workspaceId, user.id);
+    if (!membership || (membership.role !== 'owner' && membership.role !== 'admin')) {
+      res.status(403).json({ error: 'Only workspace owners and admins can remove members' });
+      return;
+    }
+
+    const target = workspaceMemberStore.getById(memberId);
+    if (!target || target.workspace_id !== workspaceId) {
+      res.status(404).json({ error: 'Member not found' });
+      return;
+    }
+
+    // Cannot remove yourself
+    if (target.user_id === user.id) {
+      res.status(400).json({ error: 'Cannot remove yourself' });
+      return;
+    }
+
+    // Prevent removing the last owner
+    if (target.role === 'owner') {
+      const owners = workspaceMemberStore.getByWorkspace(workspaceId).filter(m => m.role === 'owner');
+      if (owners.length <= 1) {
+        res.status(400).json({ error: 'Cannot remove the last owner' });
+        return;
+      }
+    }
+
+    workspaceMemberStore.delete(memberId);
+    res.json({ status: 'ok', id: memberId });
+  });
+
+  router.post('/workspaces/:id/members', (req: Request, res: Response) => {
+    if (!requireSession(req, res)) return;
+    const user = (req as any).sessionUser;
+    const workspaceId = param(req, 'id');
+
+    const membership = workspaceMemberStore.getByWorkspaceAndUser(workspaceId, user.id);
+    if (!membership || (membership.role !== 'owner' && membership.role !== 'admin')) {
+      res.status(403).json({ error: 'Only workspace owners and admins can add members' });
+      return;
+    }
+
+    const { email, role } = req.body;
+    if (!email || typeof email !== 'string') {
+      res.status(400).json({ error: 'email is required' });
+      return;
+    }
+
+    // Enforce member limit based on workspace plan
+    const wsForLimit = workspaceStore.getById(workspaceId);
+    if (wsForLimit) {
+      const plan = (wsForLimit.plan || 'free') as PlanTier;
+      const currentMembers = workspaceMemberStore.getByWorkspace(workspaceId);
+      const memberLimitCheck = PlanEnforcer.checkMemberLimit(plan, currentMembers.length);
+      if (!memberLimitCheck.allowed) {
+        res.status(403).json({ error: memberLimitCheck.reason });
+        return;
+      }
+    }
+
+    const validRoles = ['admin', 'member', 'viewer'];
+    const memberRole = validRoles.includes(role) ? role : 'member';
+
+    const targetUser = userStore.getByEmail(email.trim().toLowerCase());
+    if (!targetUser) {
+      res.status(404).json({ error: 'User not found' });
+      return;
+    }
+
+    // Check if already a member
+    const existing = workspaceMemberStore.getByWorkspaceAndUser(workspaceId, targetUser.id);
+    if (existing) {
+      res.status(409).json({ error: 'User is already a member of this workspace' });
+      return;
+    }
+
+    const newMember = {
+      id: randomUUID(),
+      workspace_id: workspaceId,
+      user_id: targetUser.id,
+      role: memberRole,
+      joined_at: new Date().toISOString(),
+    };
+
+    workspaceMemberStore.create(newMember);
+
+    const enriched = {
+      id: newMember.id,
+      user_id: targetUser.id,
+      role: newMember.role,
+      joined_at: newMember.joined_at,
+      email: targetUser.email,
+      display_name: targetUser.display_name,
+    };
+
+    res.status(201).json(enriched);
+  });
+
+  // ---------------------------------------------------------------------------
+  // Trace Detail (single task)
+  // ---------------------------------------------------------------------------
+
+  router.get('/workspaces/:id/traces/:taskId', (req: Request, res: Response) => {
+    if (!requireSession(req, res)) return;
+    const user = (req as any).sessionUser;
+    const workspaceId = param(req, 'id');
+    const taskId = param(req, 'taskId');
+
+    const membership = workspaceMemberStore.getByWorkspaceAndUser(workspaceId, user.id);
+    if (!membership) {
+      res.status(403).json({ error: 'Not a member of this workspace' });
+      return;
+    }
+
+    const events = gateway.getTaskTrace(taskId);
+    // Filter to events belonging to this workspace
+    const workspace = workspaceStore.getById(workspaceId);
+    const wsSlug = workspace?.slug;
+    const filteredEvents = events.filter(
+      e => e.workspace_id === workspaceId || (wsSlug && e.workspace_id === wsSlug)
+    );
+
+    // Cap at 200 events to prevent UI overload
+    res.json({
+      task_id: taskId,
+      events: filteredEvents.slice(0, 200),
+      total: filteredEvents.length,
+    });
+  });
+
+  // ---------------------------------------------------------------------------
+  // Dashboard Stats (aggregated metrics for dashboard widgets)
+  // ---------------------------------------------------------------------------
+
+  router.get('/workspaces/:id/dashboard/stats', (req: Request, res: Response) => {
+    if (!requireSession(req, res)) return;
+    const user = (req as any).sessionUser;
+    const workspaceId = param(req, 'id');
+
+    const membership = workspaceMemberStore.getByWorkspaceAndUser(workspaceId, user.id);
+    if (!membership) {
+      res.status(403).json({ error: 'Not a member of this workspace' });
+      return;
+    }
+
+    const workspace = workspaceStore.getById(workspaceId);
+    const wsSlug = workspace?.slug;
+
+    // Use the audit logger's getEventStats for aggregated metrics
+    // Pass both workspace UUID and slug to match events (no ws_default — strict isolation)
+    const stats = gateway.getAuditLogger().getEventStats(workspaceId, 24);
+    const slugStats = wsSlug ? gateway.getAuditLogger().getEventStats(wsSlug, 24) : null;
+
+    // Merge stats from UUID and slug matches only
+    const allStats = [stats, slugStats].filter((s): s is NonNullable<typeof s> => s !== null);
+    const mergeSum = (fn: (s: typeof stats) => number) => allStats.reduce((acc, s) => acc + fn(s), 0);
+    const metrics = {
+      requests_per_minute: Math.round(mergeSum(s => s.requests_per_minute) * 10) / 10,
+      blocked_24h: mergeSum(s => s.blocked_count),
+      avg_latency_ms: Math.round(stats.avg_duration_ms || slugStats?.avg_duration_ms || 0),
+      active_agents: mergeSum(s => s.active_agents),
+      pending_approvals: gateway.getPendingApprovals(workspaceId).length,
+      budget_burn_percent: 0,
+    };
+
+    // Compute budget burn
+    const spending = gateway.getBudgetManager().getSpendingSummary();
+    const budgetConfig = config.budget;
+    if (budgetConfig.workspace_monthly_budget_usd && budgetConfig.workspace_monthly_budget_usd > 0) {
+      metrics.budget_burn_percent = Math.round(
+        (spending.workspace_monthly_total / budgetConfig.workspace_monthly_budget_usd) * 100
+      );
+    }
+
+    // Shield score: compute from policy breakdown (across all matching workspace IDs)
+    const totalDecisions = allStats.reduce((acc, s) => acc + Object.values(s.policy_breakdown).reduce((sum, n) => sum + n, 0), 0);
+    const allowCount = allStats.reduce((acc, s) => acc + (s.policy_breakdown['allow'] || 0), 0);
+    const transformCount = allStats.reduce((acc, s) => acc + (s.policy_breakdown['transform'] || 0), 0);
+    const approvalCount = allStats.reduce((acc, s) => acc + (s.policy_breakdown['require_approval'] || 0), 0);
+    const denyCount = allStats.reduce((acc, s) => acc + (s.policy_breakdown['deny'] || 0), 0);
+
+    const shield_score = {
+      score: totalDecisions > 0 ? Math.round(((allowCount + transformCount) / totalDecisions) * 100) : 100,
+      total: totalDecisions,
+      breakdown: {
+        allowed_percent: totalDecisions > 0 ? Math.round((allowCount / totalDecisions) * 100) : 100,
+        transformed_percent: totalDecisions > 0 ? Math.round((transformCount / totalDecisions) * 100) : 0,
+        approval_percent: totalDecisions > 0 ? Math.round((approvalCount / totalDecisions) * 100) : 0,
+        blocked_percent: totalDecisions > 0 ? Math.round((denyCount / totalDecisions) * 100) : 0,
+        allowed_count: allowCount,
+        transformed_count: transformCount,
+        approval_count: approvalCount,
+        blocked_count: denyCount,
+      },
+    };
+
+    // Pipeline throughput from stats (merged across all matching workspace IDs)
+    const pipeline_throughput = stats.pipeline_throughput.map(stage => ({
+      ...stage,
+      passed: allStats.reduce((acc, s) => acc + (s.pipeline_throughput.find(t => t.stage === stage.stage)?.passed || 0), 0),
+      failed: allStats.reduce((acc, s) => acc + (s.pipeline_throughput.find(t => t.stage === stage.stage)?.failed || 0), 0),
+    }));
+
+    res.json({
+      metrics,
+      shield_score,
+      pipeline_throughput,
+    });
+  });
+
+  // ---------------------------------------------------------------------------
+  // Anomaly Baseline (for anomaly radar widget)
+  // ---------------------------------------------------------------------------
+
+  router.get('/workspaces/:id/anomalies/baseline', (req: Request, res: Response) => {
+    if (!requireSession(req, res)) return;
+    const user = (req as any).sessionUser;
+    const workspaceId = param(req, 'id');
+
+    const membership = workspaceMemberStore.getByWorkspaceAndUser(workspaceId, user.id);
+    if (!membership) {
+      res.status(403).json({ error: 'Not a member of this workspace' });
+      return;
+    }
+
+    const detector = gateway.getAnomalyDetector();
+    if (!detector) {
+      res.json({ current: {}, baseline: {}, alerts: [] });
+      return;
+    }
+
+    const report = detector.getBaselineReport(workspaceId);
+    res.json(report);
+  });
+
+  // ---------------------------------------------------------------------------
+  // Agent Trust Score
+  // ---------------------------------------------------------------------------
+
+  router.get('/workspaces/:id/agents/:actorId/trust', (req: Request, res: Response) => {
+    if (!requireSession(req, res)) return;
+    const user = (req as any).sessionUser;
+    const workspaceId = param(req, 'id');
+    const actorId = param(req, 'actorId');
+
+    const membership = workspaceMemberStore.getByWorkspaceAndUser(workspaceId, user.id);
+    if (!membership) {
+      res.status(403).json({ error: 'Not a member of this workspace' });
+      return;
+    }
+
+    const detector = gateway.getAnomalyDetector();
+    if (!detector) {
+      res.json({ actor_id: actorId, score: 100, risk_level: 'low', breakdown: {}, calculated_at: new Date().toISOString() });
+      return;
+    }
+
+    const calculator = new TrustScoreCalculator(
+      detector,
+      gateway.getAuditLogger(),
+      gateway.getBudgetManager(),
+    );
+
+    res.json(calculator.calculate(actorId));
+  });
+
+  router.get('/workspaces/:id/agents/trust-leaderboard', (req: Request, res: Response) => {
+    if (!requireSession(req, res)) return;
+    const user = (req as any).sessionUser;
+    const workspaceId = param(req, 'id');
+
+    const membership = workspaceMemberStore.getByWorkspaceAndUser(workspaceId, user.id);
+    if (!membership) {
+      res.status(403).json({ error: 'Not a member of this workspace' });
+      return;
+    }
+
+    // Get distinct actor IDs from workspace events
+    const workspace = workspaceStore.getById(workspaceId);
+    const wsSlug = workspace?.slug;
+    const allEvents = gateway.getAuditLogger().getAllEvents();
+    const actorIds = new Set<string>();
+    for (const e of allEvents) {
+      if (e.workspace_id === workspaceId || (wsSlug && e.workspace_id === wsSlug)) {
+        if (e.actor_id) actorIds.add(e.actor_id);
+      }
+    }
+
+    const detector = gateway.getAnomalyDetector();
+    if (!detector || actorIds.size === 0) {
+      res.json({ agents: [] });
+      return;
+    }
+
+    const calculator = new TrustScoreCalculator(
+      detector,
+      gateway.getAuditLogger(),
+      gateway.getBudgetManager(),
+    );
+
+    const leaderboard = calculator.getLeaderboard([...actorIds]);
+    res.json({ agents: leaderboard });
+  });
+
+  // ---------------------------------------------------------------------------
+  // Session Replay
+  // ---------------------------------------------------------------------------
+
+  router.post('/workspaces/:id/replay', (req: Request, res: Response) => {
+    if (!requireSession(req, res)) return;
+    const user = (req as any).sessionUser;
+    const workspaceId = param(req, 'id');
+
+    const membership = workspaceMemberStore.getByWorkspaceAndUser(workspaceId, user.id);
+    if (!membership) {
+      res.status(403).json({ error: 'Not a member of this workspace' });
+      return;
+    }
+
+    const { task_id, policy_pack_path } = req.body;
+    if (!task_id || typeof task_id !== 'string') {
+      res.status(400).json({ error: 'task_id is required' });
+      return;
+    }
+    if (!policy_pack_path || typeof policy_pack_path !== 'string') {
+      res.status(400).json({ error: 'policy_pack_path is required' });
+      return;
+    }
+
+    const engine = new SessionReplayEngine(gateway.getAuditLogger());
+    const result = engine.replay(task_id, policy_pack_path);
+    res.json(result);
+  });
+
+  // ---------------------------------------------------------------------------
+  // LLM Usage (model/provider breakdown)
+  // ---------------------------------------------------------------------------
+
+  router.get('/workspaces/:id/llm-usage', (req: Request, res: Response) => {
+    if (!requireSession(req, res)) return;
+    const user = (req as any).sessionUser;
+    const workspaceId = param(req, 'id');
+
+    const membership = workspaceMemberStore.getByWorkspaceAndUser(workspaceId, user.id);
+    if (!membership) {
+      res.status(403).json({ error: 'Not a member of this workspace' });
+      return;
+    }
+
+    const range = (req.query.range as string) || '24h';
+    const rangeMs: Record<string, number> = {
+      '1h': 3_600_000,
+      '6h': 21_600_000,
+      '24h': 86_400_000,
+      '7d': 604_800_000,
+      '30d': 2_592_000_000,
+    };
+    const windowMs = rangeMs[range] || rangeMs['24h'];
+    const cutoff = Date.now() - windowMs;
+
+    const workspace = workspaceStore.getById(workspaceId);
+    const wsSlug = workspace?.slug;
+    const allEvents = gateway.getAuditLogger().getAllEvents();
+
+    // Filter events that have model metadata and belong to this workspace
+    const wsEvents = allEvents.filter(e => {
+      if (e.workspace_id !== workspaceId && (!wsSlug || e.workspace_id !== wsSlug)) return false;
+      if (new Date(e.timestamp).getTime() < cutoff) return false;
+      return e.metadata?.model;
+    });
+
+    // Aggregate by model
+    const modelMap = new Map<string, {
+      model: string;
+      provider: string;
+      requests: number;
+      input_tokens: number;
+      output_tokens: number;
+      cost_usd: number;
+      total_latency_ms: number;
+    }>();
+
+    let totalRequests = 0;
+    let totalCostUsd = 0;
+    let totalTokens = 0;
+    let totalLatencyMs = 0;
+
+    for (const e of wsEvents) {
+      const model = e.metadata!.model as string;
+      const provider = (e.metadata!.provider as string) || 'unknown';
+      const inputTokens = (e.metadata!.input_tokens as number) || 0;
+      const outputTokens = (e.metadata!.output_tokens as number) || 0;
+      const costUsd = (e.metadata!.cost_usd as number) || 0;
+      const durationMs = (e.metadata!.duration_ms as number) || 0;
+
+      let entry = modelMap.get(model);
+      if (!entry) {
+        entry = { model, provider, requests: 0, input_tokens: 0, output_tokens: 0, cost_usd: 0, total_latency_ms: 0 };
+        modelMap.set(model, entry);
+      }
+
+      entry.requests++;
+      entry.input_tokens += inputTokens;
+      entry.output_tokens += outputTokens;
+      entry.cost_usd += costUsd;
+      entry.total_latency_ms += durationMs;
+
+      totalRequests++;
+      totalCostUsd += costUsd;
+      totalTokens += inputTokens + outputTokens;
+      totalLatencyMs += durationMs;
+    }
+
+    const byModel = Array.from(modelMap.values()).map(m => ({
+      model: m.model,
+      provider: m.provider,
+      requests: m.requests,
+      input_tokens: m.input_tokens,
+      output_tokens: m.output_tokens,
+      cost_usd: m.cost_usd,
+      avg_latency_ms: m.requests > 0 ? Math.round(m.total_latency_ms / m.requests) : 0,
+    })).sort((a, b) => b.requests - a.requests);
+
+    // Build time series (bucket events into intervals)
+    const bucketCount = Math.min(24, Math.max(6, Math.floor(windowMs / 3_600_000)));
+    const bucketMs = windowMs / bucketCount;
+    const timeSeries: { timestamp: string; requests: number; cost_usd: number; tokens: number }[] = [];
+
+    for (let i = 0; i < bucketCount; i++) {
+      const bucketStart = cutoff + i * bucketMs;
+      const bucketEnd = bucketStart + bucketMs;
+      let requests = 0;
+      let cost = 0;
+      let tokens = 0;
+
+      for (const e of wsEvents) {
+        const t = new Date(e.timestamp).getTime();
+        if (t >= bucketStart && t < bucketEnd) {
+          requests++;
+          cost += (e.metadata!.cost_usd as number) || 0;
+          tokens += ((e.metadata!.input_tokens as number) || 0) + ((e.metadata!.output_tokens as number) || 0);
+        }
+      }
+
+      timeSeries.push({
+        timestamp: new Date(bucketStart).toISOString(),
+        requests,
+        cost_usd: cost,
+        tokens,
+      });
+    }
+
+    res.json({
+      summary: {
+        total_requests: totalRequests,
+        total_cost_usd: totalCostUsd,
+        total_tokens: totalTokens,
+        avg_latency_ms: totalRequests > 0 ? Math.round(totalLatencyMs / totalRequests) : 0,
+      },
+      by_model: byModel,
+      time_series: timeSeries,
+    });
+  });
+
+  // ---------------------------------------------------------------------------
+  // Per-Workspace Rate Limit Configuration
+  // ---------------------------------------------------------------------------
+
+  // Ensure stores are available on the gateway
+  if (!gateway.getRateLimitConfigStore()) {
+    gateway.setStores({ rateLimitConfigStore: deps.rateLimitConfigStore || new InMemoryRateLimitConfigStore() });
+  }
+  const rateLimitConfigStore = gateway.getRateLimitConfigStore()!;
+
+  if (!gateway.getBudgetConfigStore()) {
+    gateway.setStores({ budgetConfigStore: deps.budgetConfigStore || new InMemoryBudgetConfigStore() });
+  }
+  const budgetConfigStore = gateway.getBudgetConfigStore()!;
+
+  router.get('/workspaces/:id/rate-limits', (req: Request, res: Response) => {
+    if (!requireSession(req, res)) return;
+    const user = (req as any).sessionUser;
+    const workspaceId = param(req, 'id');
+
+    const membership = workspaceMemberStore.getByWorkspaceAndUser(workspaceId, user.id);
+    if (!membership) {
+      res.status(403).json({ error: 'Not a member of this workspace' });
+      return;
+    }
+
+    const wsConfig = rateLimitConfigStore.getByWorkspaceId(workspaceId);
+    const globalConfig = config.rate_limit || { enabled: false, actor_max_per_window: 100, workspace_max_per_window: 500, window_ms: 60000 };
+    const effectiveConfig = wsConfig ? { ...globalConfig, ...wsConfig } : globalConfig;
+
+    res.json({ config: effectiveConfig, is_custom: !!wsConfig });
+  });
+
+  router.put('/workspaces/:id/rate-limits', (req: Request, res: Response) => {
+    if (!requireSession(req, res)) return;
+    const user = (req as any).sessionUser;
+    const workspaceId = param(req, 'id');
+
+    const membership = workspaceMemberStore.getByWorkspaceAndUser(workspaceId, user.id);
+    if (!membership) {
+      res.status(403).json({ error: 'Not a member of this workspace' });
+      return;
+    }
+    if (!['owner', 'admin'].includes(membership.role)) {
+      res.status(403).json({ error: 'Only workspace owners and admins can modify rate limits' });
+      return;
+    }
+
+    const body = req.body as WorkspaceRateLimitConfig;
+
+    // Validate: all values must be positive numbers if present
+    const errors: string[] = [];
+    if (body.actor_max_per_window !== undefined && (typeof body.actor_max_per_window !== 'number' || body.actor_max_per_window <= 0)) {
+      errors.push('actor_max_per_window must be a positive number');
+    }
+    if (body.workspace_max_per_window !== undefined && (typeof body.workspace_max_per_window !== 'number' || body.workspace_max_per_window <= 0)) {
+      errors.push('workspace_max_per_window must be a positive number');
+    }
+    if (body.window_ms !== undefined && (typeof body.window_ms !== 'number' || body.window_ms <= 0)) {
+      errors.push('window_ms must be a positive number');
+    }
+    if (errors.length > 0) {
+      res.status(400).json({ error: 'Validation failed', errors });
+      return;
+    }
+
+    const clean: WorkspaceRateLimitConfig = {};
+    if (body.actor_max_per_window !== undefined) clean.actor_max_per_window = body.actor_max_per_window;
+    if (body.workspace_max_per_window !== undefined) clean.workspace_max_per_window = body.workspace_max_per_window;
+    if (body.window_ms !== undefined) clean.window_ms = body.window_ms;
+
+    rateLimitConfigStore.set(workspaceId, clean);
+
+    gateway.getAuditLogger().log({
+      event_type: 'RATE_LIMIT_CONFIG_UPDATED' as any,
+      tool_call_id: '',
+      task_id: '',
+      workspace_id: workspaceId,
+      actor_id: user.id,
+      tool_name: '',
+      metadata: { config: clean, updated_by: user.id },
+    });
+
+    const globalConfig = config.rate_limit || { enabled: false, actor_max_per_window: 100, workspace_max_per_window: 500, window_ms: 60000 };
+    res.json({ config: { ...globalConfig, ...clean }, is_custom: true });
+  });
+
+  router.delete('/workspaces/:id/rate-limits', (req: Request, res: Response) => {
+    if (!requireSession(req, res)) return;
+    const user = (req as any).sessionUser;
+    const workspaceId = param(req, 'id');
+
+    const membership = workspaceMemberStore.getByWorkspaceAndUser(workspaceId, user.id);
+    if (!membership) {
+      res.status(403).json({ error: 'Not a member of this workspace' });
+      return;
+    }
+    if (!['owner', 'admin'].includes(membership.role)) {
+      res.status(403).json({ error: 'Only workspace owners and admins can modify rate limits' });
+      return;
+    }
+
+    rateLimitConfigStore.delete(workspaceId);
+
+    gateway.getAuditLogger().log({
+      event_type: 'RATE_LIMIT_CONFIG_RESET' as any,
+      tool_call_id: '',
+      task_id: '',
+      workspace_id: workspaceId,
+      actor_id: user.id,
+      tool_name: '',
+      metadata: { reset_by: user.id },
+    });
+
+    const globalConfig = config.rate_limit || { enabled: false, actor_max_per_window: 100, workspace_max_per_window: 500, window_ms: 60000 };
+    res.json({ status: 'reset', config: globalConfig, is_custom: false });
+  });
+
+  // ---------------------------------------------------------------------------
+  // Per-Workspace Budget Configuration
+  // ---------------------------------------------------------------------------
+
+  router.get('/workspaces/:id/budget-config', (req: Request, res: Response) => {
+    if (!requireSession(req, res)) return;
+    const user = (req as any).sessionUser;
+    const workspaceId = param(req, 'id');
+
+    const membership = workspaceMemberStore.getByWorkspaceAndUser(workspaceId, user.id);
+    if (!membership) {
+      res.status(403).json({ error: 'Not a member of this workspace' });
+      return;
+    }
+
+    const wsConfig = budgetConfigStore.getByWorkspaceId(workspaceId);
+    const effectiveConfig = wsConfig ? { ...config.budget, ...wsConfig } : config.budget;
+
+    res.json({ config: effectiveConfig, is_custom: !!wsConfig });
+  });
+
+  router.put('/workspaces/:id/budget-config', (req: Request, res: Response) => {
+    if (!requireSession(req, res)) return;
+    const user = (req as any).sessionUser;
+    const workspaceId = param(req, 'id');
+
+    const membership = workspaceMemberStore.getByWorkspaceAndUser(workspaceId, user.id);
+    if (!membership) {
+      res.status(403).json({ error: 'Not a member of this workspace' });
+      return;
+    }
+    if (!['owner', 'admin'].includes(membership.role)) {
+      res.status(403).json({ error: 'Only workspace owners and admins can modify budget config' });
+      return;
+    }
+
+    const body = req.body as WorkspaceBudgetConfig;
+
+    // Validate: all values must be positive numbers if present
+    const errors: string[] = [];
+    const numFields: (keyof WorkspaceBudgetConfig)[] = [
+      'task_budget_usd', 'user_daily_budget_usd', 'user_monthly_budget_usd',
+      'workspace_daily_budget_usd', 'workspace_monthly_budget_usd',
+      'max_steps_per_task', 'max_retries_per_call', 'max_wall_clock_ms',
+    ];
+    for (const field of numFields) {
+      const val = body[field];
+      if (val !== undefined && (typeof val !== 'number' || val <= 0)) {
+        errors.push(`${field} must be a positive number`);
+      }
+    }
+    if (errors.length > 0) {
+      res.status(400).json({ error: 'Validation failed', errors });
+      return;
+    }
+
+    const clean: WorkspaceBudgetConfig = {};
+    for (const field of numFields) {
+      if (body[field] !== undefined) (clean as any)[field] = body[field];
+    }
+
+    budgetConfigStore.set(workspaceId, clean);
+
+    gateway.getAuditLogger().log({
+      event_type: 'BUDGET_CONFIG_UPDATED' as any,
+      tool_call_id: '',
+      task_id: '',
+      workspace_id: workspaceId,
+      actor_id: user.id,
+      tool_name: '',
+      metadata: { config: clean, updated_by: user.id },
+    });
+
+    res.json({ config: { ...config.budget, ...clean }, is_custom: true });
+  });
+
+  router.delete('/workspaces/:id/budget-config', (req: Request, res: Response) => {
+    if (!requireSession(req, res)) return;
+    const user = (req as any).sessionUser;
+    const workspaceId = param(req, 'id');
+
+    const membership = workspaceMemberStore.getByWorkspaceAndUser(workspaceId, user.id);
+    if (!membership) {
+      res.status(403).json({ error: 'Not a member of this workspace' });
+      return;
+    }
+    if (!['owner', 'admin'].includes(membership.role)) {
+      res.status(403).json({ error: 'Only workspace owners and admins can modify budget config' });
+      return;
+    }
+
+    budgetConfigStore.delete(workspaceId);
+
+    gateway.getAuditLogger().log({
+      event_type: 'BUDGET_CONFIG_RESET' as any,
+      tool_call_id: '',
+      task_id: '',
+      workspace_id: workspaceId,
+      actor_id: user.id,
+      tool_name: '',
+      metadata: { reset_by: user.id },
+    });
+
+    res.json({ status: 'reset', config: config.budget, is_custom: false });
+  });
+
+  // ---------------------------------------------------------------------------
+  // Model Pricing: Get merged pricing (built-in + workspace overrides)
+  // ---------------------------------------------------------------------------
+
+  router.get('/workspaces/:id/model-pricing', (req: Request, res: Response) => {
+    if (!requireSession(req, res)) return;
+    const user = (req as any).sessionUser;
+    const workspaceId = param(req, 'id');
+
+    const membership = workspaceMemberStore.getByWorkspaceAndUser(workspaceId, user.id);
+    if (!membership) {
+      res.status(403).json({ error: 'Not a member of this workspace' });
+      return;
+    }
+
+    // Get workspace-level budget config overrides (if any)
+    const wsConfig = budgetConfigStore.getByWorkspaceId(workspaceId);
+    const workspaceOverrides = wsConfig?.token_pricing;
+
+    // Merge: built-in pricing as base, workspace overrides on top
+    const merged: Record<string, { input_per_token: number; output_per_token: number; source: string }> = {};
+
+    for (const [model, pricing] of Object.entries(MODEL_PRICING)) {
+      merged[model] = {
+        input_per_token: pricing.input_per_token,
+        output_per_token: pricing.output_per_token,
+        source: 'built-in',
+      };
+    }
+
+    if (workspaceOverrides) {
+      for (const [model, pricing] of Object.entries(workspaceOverrides)) {
+        merged[model] = {
+          input_per_token: pricing.input_per_token,
+          output_per_token: pricing.output_per_token,
+          source: 'workspace',
+        };
+      }
+    }
+
+    res.json({
+      models: merged,
+      has_workspace_overrides: !!workspaceOverrides,
+    });
+  });
+
+  // ---------------------------------------------------------------------------
+  // Admin: Update Workspace Plan (platform admin only)
+  // ---------------------------------------------------------------------------
+
+  const VALID_PLANS: PlanTier[] = ['free', 'pro', 'business', 'enterprise'];
+
+  router.put('/workspaces/:id/plan', (req: Request, res: Response) => {
+    if (!requireSession(req, res)) return;
+    const user = (req as any).sessionUser;
+
+    const adminEmail = process.env.SEED_ADMIN_EMAIL;
+    if (!adminEmail || user.email !== adminEmail) {
+      res.status(403).json({ error: 'Platform admin access required' });
+      return;
+    }
+
+    const { plan } = req.body || {};
+    if (!plan || !VALID_PLANS.includes(plan)) {
+      res.status(400).json({ error: `Invalid plan. Must be one of: ${VALID_PLANS.join(', ')}` });
+      return;
+    }
+
+    const workspaceId = param(req, 'id');
+    const workspace = workspaceStore.getById(workspaceId);
+    if (!workspace) {
+      res.status(404).json({ error: 'Workspace not found' });
+      return;
+    }
+
+    const updated = workspaceStore.update(workspaceId, { plan, updated_at: new Date().toISOString() });
+    res.json(updated);
+  });
+
+  return router;
+}