Till JS 74bbfda212 feat(ai): Mission Grant consent UI + Workbench audit tab ... Phase 3 — user-facing side of the Mission Key-Grant rollout. Users can now opt into server-side execution, revoke it, and inspect every decrypt the runner has performed. Webapp: - MissionGrantDialog explains the scope (record count, tables, TTL, audit visibility, revocation) and calls requestMissionGrant. Error paths render distinctly for ZK, not-configured, missing vault. - Mission detail shows a Server-Zugriff box with status pill (aktiv/abgelaufen/nicht erteilt), Neu-erteilen + Zurückziehen buttons. Only renders for missions with at least one encrypted- table input. - store.ts: setMissionGrant / revokeMissionGrant helpers, Proxy- stripped like the rest of the store's writes. - Workbench adds a Timeline/Datenzugriff tab switch. Audit tab queries the new GET /api/v1/me/ai-audit endpoint, renders decrypt events with color-coded status pills (ok/failed/scope-violation) and stable reason strings. - getManaAiUrl() added to api/config for the audit fetch. mana-ai: - GET /api/v1/me/ai-audit (JWT-gated via shared-hono authMiddleware) backed by readDecryptAudit() — withUser + RLS double-gate so a user can only read their own rows. - Limit capped at 1000, newest-first. Missions without a grant continue to work exactly as before; the grant UI is purely additive. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>		2026-04-15 13:53:11 +02:00
..
src	feat(ai): Mission Grant consent UI + Workbench audit tab	2026-04-15 13:53:11 +02:00
CLAUDE.md	feat(mana-ai): encrypted resolver + tick uses Mission Grant to decrypt scoped inputs	2026-04-15 13:42:31 +02:00
Dockerfile	feat(mana-ai): scaffold server-side Mission Runner (v0.1)	2026-04-14 23:48:30 +02:00
package.json	feat(mana-ai): Prometheus /metrics endpoint + status.mana.how integration	2026-04-15 01:41:40 +02:00
tsconfig.json	feat(mana-ai): scaffold server-side Mission Runner (v0.1)	2026-04-14 23:48:30 +02:00