remdb 0.3.103__py3-none-any.whl → 0.3.118__py3-none-any.whl

rem/sql/migrations/001_install.sql

@@ -218,6 +218,7 @@ COMMENT ON FUNCTION rebuild_kv_store() IS
 -- Returns structured columns extracted from entity records
 -- Parameters: entity_key, tenant_id (for backward compat), user_id (actual filter)
 -- Note: tenant_id parameter exists for backward compatibility but is ignored
+-- Note: Includes user-owned AND public (NULL user_id) resources
 CREATE OR REPLACE FUNCTION rem_lookup(
     p_entity_key VARCHAR(255),
     p_tenant_id VARCHAR(100),
@@ -230,13 +231,17 @@ RETURNS TABLE(
 DECLARE
     entity_table VARCHAR(100);
     query_sql TEXT;
+    effective_user_id VARCHAR(100);
 BEGIN
-    -- Use p_user_id for filtering (p_tenant_id ignored for backward compat)
+    effective_user_id := COALESCE(p_user_id, p_tenant_id);
+
     -- First lookup in KV store to get entity_type (table name)
+    -- Include user-owned AND public (NULL user_id) entries
     SELECT kv.entity_type INTO entity_table
     FROM kv_store kv
-    WHERE kv.user_id = p_user_id
-    AND kv.entity_key = p_entity_key;
+    WHERE (kv.user_id = effective_user_id OR kv.user_id IS NULL)
+    AND kv.entity_key = p_entity_key
+    LIMIT 1;
 
     -- If not found, return empty
     IF entity_table IS NULL THEN
@@ -250,73 +255,63 @@ BEGIN
             %L::VARCHAR(100) AS entity_type,
             row_to_json(t)::jsonb AS data
         FROM %I t
-        WHERE t.user_id = $1
+        WHERE (t.user_id = $1 OR t.user_id IS NULL)
         AND t.name = $2
         AND t.deleted_at IS NULL
     ', entity_table, entity_table);
 
-    RETURN QUERY EXECUTE query_sql USING p_user_id, p_entity_key;
+    RETURN QUERY EXECUTE query_sql USING effective_user_id, p_entity_key;
 END;
 $$ LANGUAGE plpgsql STABLE;
 
 COMMENT ON FUNCTION rem_lookup IS
-'REM LOOKUP query: O(1) entity lookup by natural key. Returns raw entity data as JSONB for LLM consumption. tenant_id parameter exists for backward compatibility but filtering uses user_id.';
+'REM LOOKUP: O(1) entity lookup. Returns user-owned AND public (NULL user_id) entities.';
 
 -- REM FETCH: Fetch full entity records from multiple tables
 -- Takes JSONB mapping of {table_name: [entity_keys]}, fetches all records
 -- Returns complete entity records as JSONB (not just KV store metadata)
+-- Note: Includes user-owned AND public (NULL user_id) resources
 CREATE OR REPLACE FUNCTION rem_fetch(
     p_entities_by_table JSONB,
     p_user_id VARCHAR(100)
 )
 RETURNS TABLE(
-    entity_key TEXT,
-    entity_type TEXT,
+    entity_key VARCHAR(255),
+    entity_type VARCHAR(100),
     entity_record JSONB
 ) AS $$
 DECLARE
     table_name TEXT;
-    entity_keys TEXT[];
+    entity_keys JSONB;
     query_sql TEXT;
-    result_record RECORD;
 BEGIN
-    -- Iterate over each table in the JSONB object
-    FOR table_name IN SELECT jsonb_object_keys(p_entities_by_table)
+    -- For each table in the input JSONB
+    FOR table_name, entity_keys IN SELECT * FROM jsonb_each(p_entities_by_table)
     LOOP
-        -- Extract array of keys for this table
-        entity_keys := ARRAY(
-            SELECT jsonb_array_elements_text(p_entities_by_table->table_name)
-        );
-
-        -- Build dynamic query for this table
+        -- Dynamic query to fetch records from the table
+        -- Include user-owned AND public (NULL user_id)
         query_sql := format('
             SELECT
-                t.name AS entity_key,
-                %L AS entity_type,
+                t.name::VARCHAR(255) AS entity_key,
+                %L::VARCHAR(100) AS entity_type,
                 row_to_json(t)::jsonb AS entity_record
             FROM %I t
-            WHERE t.user_id = $1
-            AND t.name = ANY($2)
+            WHERE t.name = ANY(SELECT jsonb_array_elements_text($1))
+            AND (t.user_id = $2 OR t.user_id IS NULL)
             AND t.deleted_at IS NULL
         ', table_name, table_name);
 
-        -- Execute and return rows for this table
-        FOR result_record IN EXECUTE query_sql USING p_user_id, entity_keys
-        LOOP
-            entity_key := result_record.entity_key;
-            entity_type := result_record.entity_type;
-            entity_record := result_record.entity_record;
-            RETURN NEXT;
-        END LOOP;
+        RETURN QUERY EXECUTE query_sql USING entity_keys, p_user_id;
     END LOOP;
 END;
 $$ LANGUAGE plpgsql STABLE;
 
 COMMENT ON FUNCTION rem_fetch IS
-'REM FETCH: Fetch full entity records (all columns as JSONB) from multiple tables. Takes JSONB mapping {table_name: [keys]}, fetches all records, returns unified result set. Use for hydrating LOOKUP, FUZZY, SEARCH, and TRAVERSE results.';
+'REM FETCH: Batch fetch entities. Returns user-owned AND public (NULL user_id) entities.';
 
 -- REM FUZZY: Fuzzy text search using pg_trgm similarity
 -- Returns raw entity data as JSONB for LLM consumption
+-- Note: Includes user-owned AND public (NULL user_id) resources
 CREATE OR REPLACE FUNCTION rem_fuzzy(
     p_query TEXT,
     p_tenant_id VARCHAR(100),
@@ -333,16 +328,18 @@ DECLARE
     kv_matches RECORD;
     entities_by_table JSONB := '{}'::jsonb;
     table_keys JSONB;
+    effective_user_id VARCHAR(100);
 BEGIN
-    -- First, find matching keys in KV store with similarity scores
-    -- Group by table to prepare for batch fetch
+    effective_user_id := COALESCE(p_user_id, p_tenant_id);
+
+    -- Find matching keys in KV store (user-owned AND public)
     FOR kv_matches IN
         SELECT
             kv.entity_key,
             kv.entity_type,
             similarity(kv.entity_key, p_query) AS sim_score
         FROM kv_store kv
-        WHERE kv.user_id = COALESCE(p_user_id, p_tenant_id)
+        WHERE (kv.user_id = effective_user_id OR kv.user_id IS NULL)
         AND kv.entity_key % p_query  -- Trigram similarity operator
         AND similarity(kv.entity_key, p_query) >= p_threshold
         ORDER BY sim_score DESC
@@ -365,21 +362,19 @@ BEGIN
         END IF;
     END LOOP;
 
-    -- Fetch full records using rem_fetch helper
-    -- Return raw entity data as JSONB for LLM consumption
-    -- Use p_user_id (not p_tenant_id) for actual filtering
+    -- Fetch full records using rem_fetch (which now supports NULL user_id)
     RETURN QUERY
     SELECT
         f.entity_type::VARCHAR(100),
         similarity(f.entity_key, p_query) AS similarity_score,
         f.entity_record AS data
-    FROM rem_fetch(entities_by_table, COALESCE(p_user_id, p_tenant_id)) f
+    FROM rem_fetch(entities_by_table, effective_user_id) f
     ORDER BY similarity_score DESC;
 END;
 $$ LANGUAGE plpgsql STABLE;
 
 COMMENT ON FUNCTION rem_fuzzy IS
-'REM FUZZY query: Fuzzy text search using pg_trgm. Returns raw entity data as JSONB for LLM consumption. tenant_id parameter exists for backward compatibility but filtering uses user_id.';
+'REM FUZZY: Fuzzy text search. Returns user-owned AND public (NULL user_id) entities.';
 
 -- ============================================================================
 -- REM TRAVERSE (Graph Traversal)
@@ -389,6 +384,7 @@ COMMENT ON FUNCTION rem_fuzzy IS
 -- Explores graph_edges starting from entity_key up to max_depth
 -- Uses cached kv_store.graph_edges for fast traversal (no polymorphic view!)
 -- When keys_only=false, automatically fetches full entity records
+-- Note: Includes user-owned AND public (NULL user_id) resources
 CREATE OR REPLACE FUNCTION rem_traverse(
     p_entity_key VARCHAR(255),
     p_tenant_id VARCHAR(100),  -- Backward compat parameter (not used for filtering)
@@ -411,11 +407,13 @@ DECLARE
     graph_keys RECORD;
     entities_by_table JSONB := '{}'::jsonb;
     table_keys JSONB;
+    effective_user_id VARCHAR(100);
 BEGIN
-    -- First, build graph structure from KV store
+    effective_user_id := COALESCE(p_user_id, p_tenant_id);
+
     FOR graph_keys IN
         WITH RECURSIVE graph_traversal AS (
-            -- Base case: Find starting entity
+            -- Base case: Find starting entity (user-owned OR public)
             SELECT
                 0 AS depth,
                 kv.entity_key,
@@ -425,12 +423,12 @@ BEGIN
                 NULL::REAL AS rel_weight,
                 ARRAY[kv.entity_key]::TEXT[] AS path
             FROM kv_store kv
-            WHERE kv.user_id = p_user_id
+            WHERE (kv.user_id = effective_user_id OR kv.user_id IS NULL)
             AND kv.entity_key = p_entity_key
 
             UNION ALL
 
-            -- Recursive case: Follow outbound edges from discovered entities
+            -- Recursive case: Follow outbound edges
             SELECT
                 gt.depth + 1,
                 target_kv.entity_key,
@@ -440,18 +438,13 @@ BEGIN
                 COALESCE((edge->>'weight')::REAL, 1.0) AS rel_weight,
                 gt.path || target_kv.entity_key AS path
             FROM graph_traversal gt
-            -- Join to KV store to get source entity (with cached graph_edges!)
             JOIN kv_store source_kv ON source_kv.entity_key = gt.entity_key
-                AND source_kv.user_id = p_user_id
-            -- Extract edges directly from cached kv_store.graph_edges (NO polymorphic view!)
+                AND (source_kv.user_id = effective_user_id OR source_kv.user_id IS NULL)
             CROSS JOIN LATERAL jsonb_array_elements(COALESCE(source_kv.graph_edges, '[]'::jsonb)) AS edge
-            -- Lookup target entity in KV store
             JOIN kv_store target_kv ON target_kv.entity_key = (edge->>'dst')::VARCHAR(255)
-                AND target_kv.user_id = p_user_id
+                AND (target_kv.user_id = effective_user_id OR target_kv.user_id IS NULL)
             WHERE gt.depth < p_max_depth
-            -- Filter by relationship type if specified
             AND (p_rel_type IS NULL OR (edge->>'rel_type')::VARCHAR(100) = p_rel_type)
-            -- Prevent cycles by checking path
             AND NOT (target_kv.entity_key = ANY(gt.path))
         )
         SELECT DISTINCT ON (entity_key)
@@ -463,11 +456,10 @@ BEGIN
             gt.rel_weight,
             gt.path
         FROM graph_traversal gt
-        WHERE gt.depth > 0  -- Exclude starting entity
+        WHERE gt.depth > 0
         ORDER BY gt.entity_key, gt.depth
     LOOP
         IF p_keys_only THEN
-            -- Return just graph structure (no entity_record)
             depth := graph_keys.depth;
             entity_key := graph_keys.entity_key;
             entity_type := graph_keys.entity_type;
@@ -478,7 +470,6 @@ BEGIN
             entity_record := NULL;
             RETURN NEXT;
         ELSE
-            -- Build JSONB mapping {table: [keys]} for batch fetch
             IF entities_by_table ? graph_keys.entity_type THEN
                 table_keys := entities_by_table->graph_keys.entity_type;
                 entities_by_table := jsonb_set(
@@ -496,7 +487,6 @@ BEGIN
         END IF;
     END LOOP;
 
-    -- If keys_only=false, fetch full records using rem_fetch
     IF NOT p_keys_only AND entities_by_table != '{}'::jsonb THEN
         RETURN QUERY
         SELECT
@@ -508,18 +498,19 @@ BEGIN
             NULL::REAL AS rel_weight,
             NULL::TEXT[] AS path,
             f.entity_record
-        FROM rem_fetch(entities_by_table, p_user_id) f;
+        FROM rem_fetch(entities_by_table, effective_user_id) f;
     END IF;
 END;
 $$ LANGUAGE plpgsql STABLE;
 
 COMMENT ON FUNCTION rem_traverse IS
-'REM TRAVERSE query: Recursive graph traversal using cached kv_store.graph_edges. When keys_only=false (default), automatically fetches full entity records via rem_fetch.';
+'REM TRAVERSE: Graph traversal. Returns user-owned AND public (NULL user_id) entities.';
 
 -- REM SEARCH: Vector similarity search using embeddings
 -- Joins to embeddings table for semantic search
+-- Note: Includes user-owned AND public (NULL user_id) resources
 CREATE OR REPLACE FUNCTION rem_search(
-    p_query_embedding vector(1536),
+    p_query_embedding vector,
     p_table_name VARCHAR(100),
     p_field_name VARCHAR(100),
     p_tenant_id VARCHAR(100),
@@ -537,39 +528,38 @@ DECLARE
     embeddings_table VARCHAR(200);
     source_table VARCHAR(100);
     query_sql TEXT;
+    effective_user_id VARCHAR(100);
 BEGIN
-    -- Construct embeddings table name
     embeddings_table := 'embeddings_' || p_table_name;
     source_table := p_table_name;
+    effective_user_id := COALESCE(p_user_id, p_tenant_id);
 
-    -- Dynamic query to join source table with embeddings table
-    -- Returns raw entity data as JSONB for LLM consumption
-    -- Note: Using inner product for OpenAI embeddings (normalized vectors)
-    -- Inner product <#> returns negative value, so we negate it to get [0, 1]
-    -- where 1 = perfect match, 0 = orthogonal
+    -- Uses cosine distance <=> operator (0-2 range, 0=identical)
+    -- Similarity = 1 - distance gives 0-1 range where 1 = most similar
+    -- Includes user-owned AND public (NULL user_id) resources
     query_sql := format('
         SELECT
             %L::VARCHAR(100) AS entity_type,
-            (1.0 - (e.embedding <#> $1) * -1.0)::REAL AS similarity_score,
+            (1.0 - (e.embedding <=> $1))::REAL AS similarity_score,
             row_to_json(t)::jsonb AS data
         FROM %I t
         JOIN %I e ON e.entity_id = t.id
-        WHERE t.user_id = $2
+        WHERE (t.user_id = $2 OR t.user_id IS NULL)
         AND e.field_name = $3
         AND e.provider = $4
-        AND (1.0 - (e.embedding <#> $1) * -1.0) >= $5
+        AND (1.0 - (e.embedding <=> $1)) >= $5
         AND t.deleted_at IS NULL
-        ORDER BY e.embedding <#> $1 DESC
+        ORDER BY e.embedding <=> $1
         LIMIT $6
     ', source_table, source_table, embeddings_table);
 
     RETURN QUERY EXECUTE query_sql
-    USING p_query_embedding, p_user_id, p_field_name, p_provider, p_min_similarity, p_limit;
+    USING p_query_embedding, effective_user_id, p_field_name, p_provider, p_min_similarity, p_limit;
 END;
 $$ LANGUAGE plpgsql STABLE;
 
 COMMENT ON FUNCTION rem_search IS
-'REM SEARCH query: Vector similarity search using inner product for OpenAI normalized embeddings. Returns raw entity data as JSONB for LLM consumption, scoped to user_id';
+'REM SEARCH: Vector similarity search. Returns user-owned AND public (NULL user_id) resources.';
 
 -- Function to get migration status
 CREATE OR REPLACE FUNCTION migration_status()
@@ -614,6 +604,162 @@ CREATE INDEX IF NOT EXISTS idx_rate_limits_expires ON rate_limits (expires_at);
 COMMENT ON TABLE rate_limits IS
 'UNLOGGED rate limiting table. Counts may be lost on crash (acceptable for rate limiting).';
 
+-- ============================================================================
+-- SHARED SESSIONS HELPER FUNCTIONS
+-- ============================================================================
+-- Note: The shared_sessions TABLE is created by 002_install_models.sql (auto-generated)
+-- These functions provide aggregate queries for the session sharing workflow.
+
+-- Count distinct users sharing sessions with the current user
+CREATE OR REPLACE FUNCTION fn_count_shared_with_me(
+    p_tenant_id VARCHAR(100),
+    p_user_id VARCHAR(256)
+)
+RETURNS BIGINT AS $$
+BEGIN
+    RETURN (
+        SELECT COUNT(DISTINCT owner_user_id)
+        FROM shared_sessions
+        WHERE tenant_id = p_tenant_id
+          AND shared_with_user_id = p_user_id
+          AND deleted_at IS NULL
+    );
+END;
+$$ LANGUAGE plpgsql STABLE;
+
+COMMENT ON FUNCTION fn_count_shared_with_me IS
+'Count distinct users sharing sessions with the specified user.';
+
+-- Get aggregated summary of users sharing sessions with current user
+CREATE OR REPLACE FUNCTION fn_get_shared_with_me(
+    p_tenant_id VARCHAR(100),
+    p_user_id VARCHAR(256),
+    p_limit INTEGER DEFAULT 50,
+    p_offset INTEGER DEFAULT 0
+)
+RETURNS TABLE(
+    user_id VARCHAR(256),
+    name VARCHAR(256),
+    email VARCHAR(256),
+    session_count BIGINT,
+    message_count BIGINT,
+    first_message_at TIMESTAMP,
+    last_message_at TIMESTAMP
+) AS $$
+BEGIN
+    RETURN QUERY
+    SELECT
+        ss.owner_user_id AS user_id,
+        COALESCE(u.name, ss.owner_user_id) AS name,
+        u.email AS email,
+        COUNT(DISTINCT ss.session_id)::BIGINT AS session_count,
+        COALESCE(SUM(msg_counts.msg_count), 0)::BIGINT AS message_count,
+        MIN(msg_counts.first_msg)::TIMESTAMP AS first_message_at,
+        MAX(msg_counts.last_msg)::TIMESTAMP AS last_message_at
+    FROM shared_sessions ss
+    LEFT JOIN users u ON u.user_id = ss.owner_user_id AND u.tenant_id = ss.tenant_id
+    LEFT JOIN (
+        SELECT
+            m.session_id,
+            m.user_id,
+            COUNT(*)::BIGINT AS msg_count,
+            MIN(m.created_at) AS first_msg,
+            MAX(m.created_at) AS last_msg
+        FROM messages m
+        WHERE m.tenant_id = p_tenant_id
+          AND m.deleted_at IS NULL
+        GROUP BY m.session_id, m.user_id
+    ) msg_counts ON msg_counts.session_id = ss.session_id AND msg_counts.user_id = ss.owner_user_id
+    WHERE ss.tenant_id = p_tenant_id
+      AND ss.shared_with_user_id = p_user_id
+      AND ss.deleted_at IS NULL
+    GROUP BY ss.owner_user_id, u.name, u.email
+    ORDER BY MAX(msg_counts.last_msg) DESC NULLS LAST
+    LIMIT p_limit
+    OFFSET p_offset;
+END;
+$$ LANGUAGE plpgsql STABLE;
+
+COMMENT ON FUNCTION fn_get_shared_with_me IS
+'Get aggregated summary of users sharing sessions with the specified user.';
+
+-- Count messages in sessions shared by a specific user
+CREATE OR REPLACE FUNCTION fn_count_shared_messages(
+    p_tenant_id VARCHAR(100),
+    p_recipient_user_id VARCHAR(256),
+    p_owner_user_id VARCHAR(256)
+)
+RETURNS BIGINT AS $$
+BEGIN
+    RETURN (
+        SELECT COUNT(*)
+        FROM messages m
+        WHERE m.tenant_id = p_tenant_id
+          AND m.deleted_at IS NULL
+          AND m.session_id IN (
+              SELECT ss.session_id
+              FROM shared_sessions ss
+              WHERE ss.tenant_id = p_tenant_id
+                AND ss.owner_user_id = p_owner_user_id
+                AND ss.shared_with_user_id = p_recipient_user_id
+                AND ss.deleted_at IS NULL
+          )
+    );
+END;
+$$ LANGUAGE plpgsql STABLE;
+
+COMMENT ON FUNCTION fn_count_shared_messages IS
+'Count messages in sessions shared by a specific user with the recipient.';
+
+-- Get messages from sessions shared by a specific user
+CREATE OR REPLACE FUNCTION fn_get_shared_messages(
+    p_tenant_id VARCHAR(100),
+    p_recipient_user_id VARCHAR(256),
+    p_owner_user_id VARCHAR(256),
+    p_limit INTEGER DEFAULT 50,
+    p_offset INTEGER DEFAULT 0
+)
+RETURNS TABLE(
+    id UUID,
+    content TEXT,
+    message_type VARCHAR(256),
+    session_id VARCHAR(256),
+    model VARCHAR(256),
+    token_count INTEGER,
+    created_at TIMESTAMP,
+    metadata JSONB
+) AS $$
+BEGIN
+    RETURN QUERY
+    SELECT
+        m.id,
+        m.content,
+        m.message_type,
+        m.session_id,
+        m.model,
+        m.token_count,
+        m.created_at,
+        m.metadata
+    FROM messages m
+    WHERE m.tenant_id = p_tenant_id
+      AND m.deleted_at IS NULL
+      AND m.session_id IN (
+          SELECT ss.session_id
+          FROM shared_sessions ss
+          WHERE ss.tenant_id = p_tenant_id
+            AND ss.owner_user_id = p_owner_user_id
+            AND ss.shared_with_user_id = p_recipient_user_id
+            AND ss.deleted_at IS NULL
+      )
+    ORDER BY m.created_at DESC
+    LIMIT p_limit
+    OFFSET p_offset;
+END;
+$$ LANGUAGE plpgsql STABLE;
+
+COMMENT ON FUNCTION fn_get_shared_messages IS
+'Get messages from sessions shared by a specific user with the recipient.';
+
 -- ============================================================================
 -- RECORD INSTALLATION
 -- ============================================================================
@@ -624,6 +770,43 @@ ON CONFLICT (name) DO UPDATE
 SET applied_at = CURRENT_TIMESTAMP,
     applied_by = CURRENT_USER;
 
+-- ============================================================================
+-- GRANTS FOR APPLICATION USER
+-- ============================================================================
+-- Grant permissions to remuser (the application database user)
+-- This ensures the application can run migrations and manage schema
+-- Note: remuser is created by CNPG as the database owner in bootstrap.initdb.owner
+
+DO $$
+DECLARE
+    app_user TEXT := 'remuser';
+BEGIN
+    -- Only grant if the user exists (handles different deployment scenarios)
+    IF EXISTS (SELECT 1 FROM pg_roles WHERE rolname = app_user) THEN
+        -- Grant ownership of migration tracking table so app can record migrations
+        EXECUTE format('ALTER TABLE rem_migrations OWNER TO %I', app_user);
+        EXECUTE format('ALTER TABLE kv_store OWNER TO %I', app_user);
+        EXECUTE format('ALTER TABLE rate_limits OWNER TO %I', app_user);
+
+        -- Grant usage on schema
+        EXECUTE format('GRANT ALL ON SCHEMA public TO %I', app_user);
+
+        -- Grant privileges on all tables in public schema
+        EXECUTE format('GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO %I', app_user);
+        EXECUTE format('GRANT ALL PRIVILEGES ON ALL SEQUENCES IN SCHEMA public TO %I', app_user);
+        EXECUTE format('GRANT ALL PRIVILEGES ON ALL FUNCTIONS IN SCHEMA public TO %I', app_user);
+
+        -- Set default privileges for future objects
+        EXECUTE format('ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL ON TABLES TO %I', app_user);
+        EXECUTE format('ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL ON SEQUENCES TO %I', app_user);
+        EXECUTE format('ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL ON FUNCTIONS TO %I', app_user);
+
+        RAISE NOTICE '✓ Granted permissions to application user: %', app_user;
+    ELSE
+        RAISE NOTICE 'Application user % does not exist, skipping grants', app_user;
+    END IF;
+END $$;
+
 -- ============================================================================
 -- COMPLETION
 -- ============================================================================