Gate tools login with Caveau access

includes/LegalTools.php

@@ -24,7 +24,7 @@ final class DbnLegalToolsService
         $limit = max(1, min(10, $limit));
 
         $trace = [
-            $this->trace('Query interpretation', 'Searching Dave Jr Legal private corpus plus the subscribed family-legal package.', 'complete'),
+            $this->trace('Query interpretation', 'Searching Do Better Norge private corpus plus the subscribed family-legal package.', 'complete'),
             $this->trace('Search tools used', 'ClientRagPipeline::searchAll with keyword mode, private corpus enabled, shared package filter set to family-legal.', 'running'),
         ];
 
@@ -397,7 +397,7 @@ PROMPT;
             dbnToolsAbort('The family-legal corpus package is not active.', 503, 'package_unavailable');
         }
         if (!dbnToolsHasActiveSubscription($clientId, (int)$package['id'])) {
-            dbnToolsAbort('Dave Jr Legal does not have an active family-legal subscription.', 503, 'subscription_missing');
+            dbnToolsAbort('Do Better Norge does not have an active family-legal subscription.', 503, 'subscription_missing');
         }
         return $package;
     }
@@ -468,7 +468,7 @@ PROMPT;
         return [
             'title' => $title,
             'excerpt' => dbnToolsExcerpt((string)($chunk['content'] ?? ''), 620),
-            'package_or_corpus' => (string)($chunk['source_name'] ?? $chunk['source_type'] ?? 'Dave Jr Legal'),
+            'package_or_corpus' => (string)($chunk['source_name'] ?? $chunk['source_type'] ?? 'Do Better Norge'),
             'score' => $score,
             'document_id' => isset($chunk['document_id']) ? (int)$chunk['document_id'] : null,
             'chunk_id' => isset($chunk['id']) ? (int)$chunk['id'] : null,
@@ -535,7 +535,7 @@ PROMPT;
         $rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
         foreach ($rows as &$row) {
             $row['similarity'] = 0.25;
-            $row['source_name'] = 'Dave Jr Legal private corpus';
+            $row['source_name'] = 'Do Better Norge private corpus';
             $row['source_type'] = 'private';
         }
         return $rows;

includes/bootstrap.php

@@ -110,17 +110,29 @@ dbnToolsStartSession();
 
 function dbnToolsIsAuthenticated(): bool
 {
-    return !empty($_SESSION['dbn_tools_authenticated']);
+    return !empty($_SESSION['dbn_tools_authenticated'])
+        && !empty($_SESSION['dbn_tools_user_id'])
+        && !empty($_SESSION['dbn_tools_client_id'])
+        && (string)($_SESSION['dbn_tools_client_slug'] ?? '') === dbnToolsClientSlug();
 }
 
-function dbnToolsAuthEmail(): ?string
+function dbnToolsAuthenticatedUser(): ?array
 {
-    return dbnToolsEnv('DBN_TOOLS_AUTH_EMAIL');
+    if (!dbnToolsIsAuthenticated()) {
+        return null;
+    }
+
+    return [
+        'user_id' => isset($_SESSION['dbn_tools_user_id']) ? (int)$_SESSION['dbn_tools_user_id'] : null,
+        'client_id' => isset($_SESSION['dbn_tools_client_id']) ? (int)$_SESSION['dbn_tools_client_id'] : null,
+        'email' => (string)($_SESSION['dbn_tools_user_email'] ?? ''),
+        'role' => (string)($_SESSION['dbn_tools_user_role'] ?? ''),
+    ];
 }
 
-function dbnToolsAuthPasswordHash(): ?string
+function dbnToolsRequiredPackageSlug(): string
 {
-    return dbnToolsEnv('DBN_TOOLS_AUTH_PASSWORD_HASH');
+    return dbnToolsEnv('DBN_CAVEAU_PACKAGE_SLUG') ?: 'family-legal';
 }
 
 function dbnToolsAnonymousSessionId(): string
@@ -168,7 +180,7 @@ function dbnToolsRequireMethod(string $method): void
 function dbnToolsRequireAuth(): void
 {
     if (!dbnToolsIsAuthenticated()) {
-        dbnToolsError('Passcode session required.', 401, 'session_required');
+        dbnToolsError('Caveau session required.', 401, 'session_required');
     }
 }
 
@@ -354,7 +366,7 @@ function dbnToolsRagDb(): PDO
 
 function dbnToolsClientSlug(): string
 {
-    return dbnToolsEnv('DBN_CAVEAU_CLIENT_SLUG') ?: 'dave-jr-legal';
+    return dbnToolsEnv('DBN_CAVEAU_CLIENT_SLUG') ?: 'dobetter';
 }
 
 function dbnToolsFetchClient(?PDO $db = null): ?array
@@ -370,11 +382,53 @@ function dbnToolsRequireClient(): array
 {
     $client = dbnToolsFetchClient();
     if (!$client || empty($client['is_active'])) {
-        dbnToolsAbort('Dave Jr Legal client tenant is not active or was not found.', 503, 'client_unavailable');
+        dbnToolsAbort('Do Better Norge client tenant is not active or was not found.', 503, 'client_unavailable');
     }
     return $client;
 }
 
+function dbnToolsFetchActiveClientUser(string $email, int $clientId, ?PDO $db = null): ?array
+{
+    $db = $db ?: dbnToolsDb();
+    $stmt = $db->prepare(
+        'SELECT id, client_id, username, email, display_name, password_hash, role, is_active
+         FROM client_users
+         WHERE client_id = ? AND email = ? AND is_active = 1
+         LIMIT 1'
+    );
+    $stmt->execute([$clientId, $email]);
+    $row = $stmt->fetch(PDO::FETCH_ASSOC);
+    return $row ?: null;
+}
+
+function dbnToolsCanUsePackage(int $clientId, string $packageSlug, ?PDO $db = null): array
+{
+    $db = $db ?: dbnToolsDb();
+    $package = dbnToolsFetchPackage($packageSlug, $db);
+    if (!$package || empty($package['is_active'])) {
+        return [
+            'ok' => false,
+            'status' => 503,
+            'code' => 'package_unavailable',
+            'message' => "The {$packageSlug} corpus package is not active.",
+        ];
+    }
+
+    if (!dbnToolsHasActiveSubscription($clientId, (int)$package['id'], $db)) {
+        return [
+            'ok' => false,
+            'status' => 403,
+            'code' => 'subscription_missing',
+            'message' => 'This Caveau workspace does not have access to the required corpus package.',
+        ];
+    }
+
+    return [
+        'ok' => true,
+        'package' => $package,
+    ];
+}
+
 function dbnToolsFetchPackage(string $slug = 'family-legal', ?PDO $db = null): ?array
 {
     $db = $db ?: dbnToolsDb();