mirror of
https://github.com/Memo-2023/mana-monorepo.git
synced 2026-05-14 19:41:09 +02:00
cb9a9bb42e
Flips `meImages` out of USER_LEVEL_TABLES so it lives under the same
tenancy model as every other data table (tags, scenes, tasks, …).
Precursor to the Wardrobe module, which is space-scoped across all
six space types — leaving meImages user-global would leave an
inconsistency where the Wardrobe catalog is per-space but its
reference input is cross-space, plus a latent privacy leak in shared
spaces (agents in a brand-space would see the owner's entire pool).
Plan: docs/plans/me-images-space-scope-migration.md.
Key decisions:
- Strict scope, no cross-space fallback. Switching into a brand-space
with no uploaded face shows an empty state and links back to
/profile/me-images; it does not quietly reach into the personal-
space pool. Keeps the mental model clean.
- auth.users.image remains pinned to personal-space primary-avatar.
Only a primary change inside personal space triggers the Better
Auth sync; brand/club/family/team/practice primaries stay local.
- Single Dexie v40 upgrade: stamps `spaceId=_personal:<uid>`
sentinel, `authorId=<uid>`, `visibility='space'` on every existing
row and drops the legacy `userId` column. Dexie upgrades block app
startup, so by the time the new code's scopedForModule reads run,
every row is already space-stamped. reconcileSentinels() on the
next active-space bootstrap rewrites `_personal:<uid>` to the real
personal-space id, same path v28 used.
- Legacy-avatar migration (M2.5) now pins its row to
`_personal:<uid>` explicitly — the legacy avatar is the user's
global SSO identity and belongs in the personal space even if the
migration happens to fire while the user is in a brand space.
Code changes:
- types.ts: LocalMeImage gains spaceId/authorId/visibility (all
optional — stamped by hook). Public MeImage exposes spaceId for
queries that want to branch on space type.
- database.ts: meImages out of USER_LEVEL_TABLES; new v40 upgrade
block that stamps sentinels + drops userId in one pass.
- queries.ts: all four hooks (useAllMeImages, useMeImagesByKind,
useReferenceImages, useImageByPrimary) read via scopedForModule.
Scope-switch triggers automatic re-render via the existing
scopedTable filter path.
- stores/me-images.svelte.ts: setPrimaryInTx uses scopedForModule so
a setPrimary in Brand-space never clears Personal-space's holder.
syncAvatarToAuth gates on activeSpace.type==='personal' so non-
personal primary changes don't leak into Better Auth.
createMeImage accepts optional spaceId override — the legacy-
avatar migration uses it, regular uploads let the hook stamp the
active space.
- migration/legacy-avatar.ts: explicitly passes
spaceId=_personal:<uid> to pin the legacy row into personal space.
- MeImagesView.svelte: subtle badge in the intro card shows the
active space ("Persönlich" for personal, space name otherwise) so
users notice when the pool changes on space switch.
- packages/mana-tool-registry/src/modules/me.ts: me.listReferenceImages
filters pulled rows by row.spaceId === ctx.spaceId. mana-sync
returns all spaces the user belongs to; the tool only wants the
active space's subset.
No schema/index change on meImages (non-indexed fields, pool size
small enough for in-memory scopedTable filter). If perf matters
later, adding [spaceId+kind] is a 5-minute follow-up.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
|
||
|---|---|---|
| .. | ||
| agent-loop-improvements-m1.md | ||
| ai-mission-key-grant.md | ||
| articles-homepage.md | ||
| articles-module.md | ||
| broadcast-module.md | ||
| data-export-v2.md | ||
| event-discovery.md | ||
| invoices-module.md | ||
| library-module.md | ||
| mail-module-plan.md | ||
| mana-mcp-and-personas.md | ||
| mana-research-service.md | ||
| me-images-and-reference-generation.md | ||
| me-images-space-scope-migration.md | ||
| multi-agent-workbench.md | ||
| news-research-module.md | ||
| per-space-vs-user-global-tags.md | ||
| planner-function-calling.md | ||
| README.md | ||
| scene-scope-empty-state.md | ||
| shared-space-smoketest.md | ||
| social-relay-module.md | ||
| space-scoped-data-model.md | ||
| spaces-foundation.md | ||
| team-workbench.md | ||
| tipps-module.md | ||
| wardrobe-module.md | ||
| website-builder.md | ||
| workbench-cards-migration.md | ||
| workbench-templates.md | ||
Plans
Design + rollout plans, grouped by topic. Plans are long-form docs with baked-in decisions, phasing, open questions, and (when shipped) a history section with commit refs.
AI / Workbench roadmap
The Mana AI Workbench has evolved in three successive planned waves — each one laying foundations the next one relies on:
User hat einen Companion (v0 — shipped before these docs)
│
▼
AI Missions + Proposals + Policy + Revert
│
▼
Mission Key-Grants ← ai-mission-key-grant.md ✅
(encrypted inputs decryptable by the server runner)
│
▼
Multi-Agent Workbench ← multi-agent-workbench.md ✅
(named agents, per-agent policy/memory/budget,
identity-aware Actor, scene→agent lens)
│
▼
Team Workbench ← team-workbench.md 📝 (not started)
(multi-user + shared AI context,
admin lens on team members)
| Plan | Status | Scope |
|---|---|---|
ai-mission-key-grant.md |
✅ Shipped | Per-mission RSA-wrapped key grant so mana-ai can decrypt allowlisted encrypted records when user opts in. |
multi-agent-workbench.md |
✅ Shipped | Identity-aware Actor + named AI agents owning missions + per-agent policy + scene lens. 28 tools across 11 modules including server-side web-research. |
workbench-templates.md |
✅ T1 Shipped | Generalised templates: 3 agent-templates + 3 non-AI workbench starter-kits. Seed-handler registry for per-module data seeding. |
team-workbench.md |
📝 Forward-looking | TeamSpace with membership, team-encrypted records, admin lens on team members. Reuses Actor.principalId + key-wrapping patterns from the two above. |
Cross-references:
- Architecture narrative:
docs/architecture/COMPANION_BRAIN_ARCHITECTURE.md§20 (AI Workbench base), §21 (Mission Grants), §22 (Multi-Agent), §23 (Reasoning Loop + Research + Debug) - Non-plan ideas backlog:
docs/future/AI_AGENTS_IDEAS.md - Service-internal notes:
services/mana-ai/CLAUDE.md - Webapp-internal notes:
apps/mana/CLAUDE.md→ "AI Workbench" section
Other plans
| Plan | Topic |
|---|---|
mail-module-plan.md |
Mail module — IMAP/SMTP integration |
news-research-module.md |
News + research pipeline |