Consolidates the two parallel RBAC frameworks into a single route-level
authorization system and adds the missing pieces needed for a managed-onboarding
pilot: an endpoint to list pending invites, sane visibility defaults for
pockets/groups so invited teammates actually see shared work, and audit
logging on every denial.
RBAC consolidation
- New ACTIONS table (src/pocketpaw/ee/guards/actions.py) is the single source
of truth for every guarded action → (minimum role, stable deny code).
Covers workspace, group, message, pocket, agent, session, KB, invite,
and billing — 32 rows total.
- New audit helpers (src/pocketpaw/ee/guards/audit.py): log_denial() +
log_privileged_action() backed by the existing append-only audit log.
- New FastAPI deps: require_action(), require_action_any_workspace(),
require_group_action(), require_membership(), require_agent_owner_or_admin(),
require_pocket_edit(), require_pocket_owner().
- Route-level enforcement across workspace/chat/pockets/agents/sessions/kb
routers; permission checks removed from service bodies where now redundant.
- Group role model extended to 3 tiers (owner > admin > member), with per-member
override via Group.member_roles. Admin tier enforced via resolve_group_role()
and the updated _require_group_admin helper.
- Legacy ee/cloud/shared/permissions.py deleted; legacy require_role shim
removed from ee/cloud/shared/deps.py.
- Matrix test (tests/cloud/test_rbac_matrix.py) iterates every ACTIONS entry
across every peer role, verifying both allow and deny paths and the exact
Forbidden.code. Meta-test enforces coverage.
- Redundant tests/cloud/test_permissions.py removed.
Invite list endpoint
- GET /workspaces/{workspace_id}/invites returns all pending invites,
admin-only via require_action("invite.create"). Wires the admin UX for
listing + copy-link + revoke.
Visibility defaults
- Pocket.visibility default flipped "private" → "workspace" so new pockets
are visible to all workspace members out of the box. Owners can tighten
per-pocket via the Share tab.
- Group.type default flipped "public" → "private" so new groups are
invite-only. Public channels remain explicit via type="channel" or "public".
- CreateGroupRequest and UpdateGroupRequest updated; GroupService.update_group
now supports type changes. list_groups() treats "channel" same as "public"
for workspace-wide readability.
- Existing tests updated to match new defaults.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- Add profile picture upload endpoints for agents and users
- Serve uploaded avatars from ~/.pocketpaw/uploads/ with static files mount
- Exempt /uploads paths from dashboard auth middleware
- Add "channel" to allowed group types in schema and model
- Stream agent tool_use and thinking events to WebSocket clients
- Add soul-protocol to enterprise dependencies
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Resolves one trivial conflict in dashboard_lifecycle.py — comment
wording difference ("Seed default admin user" vs "Seed default admin
user and workspace"). Took the base branch's more descriptive version.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Chat persistence bridge that saves both user and agent messages to the
cloud Message collection regardless of which chat system produced them:
- User messages: saved via hook in WebSocket adapter handle_message()
- Agent responses: saved via outbound message bus subscriber (stream accumulation)
- Auto-creates cloud session + group for runtime WebSocket chats
- Session history endpoint now finds these messages via group_id
This unifies the two chat systems — runtime file memory + cloud MongoDB.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
When an agent's response contains a ripple UI spec, the bridge now
automatically creates a Pocket document with the spec, workspace
visibility, and agent attribution. The pocket_id is broadcast to
the group so the frontend can navigate to it.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The agent was ignoring knowledge because it was injected as fake
user/assistant messages in history. Now knowledge context is appended
to the system prompt with explicit instructions to use it.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Full knowledge engine with ingest → LLM compile → index → BM25 search:
- knowledge/models.py: RawDoc, WikiArticle, Concept, KnowledgeIndex, LintIssue
- knowledge/store.py: File-based wiki store (.md with frontmatter + index.json)
- knowledge/ingest.py: Text extraction from PDF, images, URLs, docx, text files
- knowledge/compiler.py: LLM compiles raw docs into structured wiki articles
- knowledge/indexer.py: Concept extraction, backlinks, categories
- knowledge/search.py: BM25 search over compiled wiki (no vector DB needed)
- knowledge/linter.py: LLM health checks — inconsistencies, gaps, suggestions
- knowledge/__init__.py: KnowledgeEngine public API
Scope-agnostic — works at any level:
KnowledgeEngine(scope="agent:abc")
KnowledgeEngine(scope="workspace:ws1")
KnowledgeEngine(scope="pocket:p1")
Agent bridge now injects knowledge context before agent responses.
ee/cloud/agents/knowledge.py is now a thin wrapper over KnowledgeEngine.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Replace old cloud router mounting in v1/__init__.py and Socket.IO wrapping
in serve.py with unified mount_cloud() entry point. Delete 9 legacy files
(flat routers, deps, socketio_server, models/room). Add cross-domain event
handlers for invite acceptance, message stats, pocket sharing, and member
removal cleanup.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Move MongoDB/Beanie init logic to ee/cloud/shared/db.py (with
get_client accessor), make ee/cloud/db.py a backward-compat re-export.
Add ee/cloud/shared/deps.py with reusable FastAPI dependencies:
current_user, current_user_id, current_workspace_id,
optional_workspace_id, and require_role() factory.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
