package coderd

import (

"context"

"database/sql"

"encoding/json"

"errors"

"fmt"

"io"

"math"

"mime"

"net/http"

"net/http/httptest"

"net/url"

"strconv"

"strings"

"sync"

"time"

"unicode/utf8"

"github.com/go-chi/chi/v5"

"github.com/google/uuid"

"github.com/shopspring/decimal"

"github.com/sqlc-dev/pqtype"

"golang.org/x/sync/errgroup"

"golang.org/x/xerrors"

"cdr.dev/slog/v3"

"github.com/coder/coder/v2/agent/agentssh"

"github.com/coder/coder/v2/coderd/audit"

"github.com/coder/coder/v2/coderd/chatfiles"

"github.com/coder/coder/v2/coderd/database"

"github.com/coder/coder/v2/coderd/database/db2sdk"

"github.com/coder/coder/v2/coderd/database/dbauthz"

dbpubsub "github.com/coder/coder/v2/coderd/database/pubsub"

"github.com/coder/coder/v2/coderd/dynamicparameters"

"github.com/coder/coder/v2/coderd/externalauth"

"github.com/coder/coder/v2/coderd/externalauth/gitprovider"

"github.com/coder/coder/v2/coderd/httpapi"

"github.com/coder/coder/v2/coderd/httpapi/httperror"

"github.com/coder/coder/v2/coderd/httpmw"

"github.com/coder/coder/v2/coderd/pubsub"

"github.com/coder/coder/v2/coderd/rbac"

"github.com/coder/coder/v2/coderd/rbac/policy"

"github.com/coder/coder/v2/coderd/searchquery"

"github.com/coder/coder/v2/coderd/tracing"

"github.com/coder/coder/v2/coderd/util/ptr"

"github.com/coder/coder/v2/coderd/util/xjson"

"github.com/coder/coder/v2/coderd/workspaceapps"

"github.com/coder/coder/v2/coderd/wsbuilder"

"github.com/coder/coder/v2/coderd/x/chatd"

"github.com/coder/coder/v2/coderd/x/chatd/chatprovider"

"github.com/coder/coder/v2/coderd/x/gitsync"

"github.com/coder/coder/v2/codersdk"

"github.com/coder/coder/v2/codersdk/wsjson"

"github.com/coder/websocket"

)

const (

chatStreamBatchSize = 256

chatContextLimitModelConfigKey = "context_limit"

chatContextCompressionThresholdModelConfigKey = "context_compression_threshold"

defaultChatContextCompressionThreshold = int32(70)

minChatContextCompressionThreshold = int32(0)

maxChatContextCompressionThreshold = int32(100)

maxSystemPromptLenBytes = 131072 // 128 KiB

)

// chatGitRef holds the branch, remote origin, and optional chat

// ID reported by the workspace agent during a git operation.

type chatGitRef struct {

Branch string

RemoteOrigin string

ChatID uuid.UUID

}

type chatRepositoryRef struct {

Provider string

RemoteOrigin string

Branch string

Owner string

Repo string

}

type chatDiffReference struct {

PullRequestURL string

RepositoryRef *chatRepositoryRef

}

func writeChatUsageLimitExceeded(

ctx context.Context,

rw http.ResponseWriter,

limitErr *chatd.UsageLimitExceededError,

) {

httpapi.Write(ctx, rw, http.StatusConflict, codersdk.ChatUsageLimitExceededResponse{

Response: codersdk.Response{

Message: "Chat usage limit exceeded.",

},

SpentMicros: limitErr.ConsumedMicros,

LimitMicros: limitErr.LimitMicros,

ResetsAt: limitErr.PeriodEnd,

})

}

func maybeWriteLimitErr(ctx context.Context, rw http.ResponseWriter, err error) bool {

var limitErr *chatd.UsageLimitExceededError

if errors.As(err, &limitErr) {

writeChatUsageLimitExceeded(ctx, rw, limitErr)

return true

}

return false

}

func publishChatTitleChange(logger slog.Logger, ps dbpubsub.Pubsub, chat database.Chat) {

if ps == nil {

return

}

event := codersdk.ChatWatchEvent{

Kind: codersdk.ChatWatchEventKindTitleChange,

Chat: db2sdk.Chat(chat, nil, nil),

}

payload, err := json.Marshal(event)

if err != nil {

logger.Error(context.Background(), "failed to marshal chat title change event",

slog.F("chat_id", chat.ID),

slog.Error(err),

)

return

}

if err := ps.Publish(pubsub.ChatWatchEventChannel(chat.OwnerID), payload); err != nil {

logger.Error(context.Background(), "failed to publish chat title change event",

slog.F("chat_id", chat.ID),

slog.Error(err),

)

}

}

func publishChatConfigEvent(logger slog.Logger, ps dbpubsub.Pubsub, kind pubsub.ChatConfigEventKind, entityID uuid.UUID) {

payload, err := json.Marshal(pubsub.ChatConfigEvent{

Kind: kind,

EntityID: entityID,

})

if err != nil {

logger.Error(context.Background(), "failed to marshal chat config event",

slog.F("kind", kind),

slog.F("entity_id", entityID),

slog.Error(err),

)

return

}

if err := ps.Publish(pubsub.ChatConfigEventChannel, payload); err != nil {

logger.Error(context.Background(), "failed to publish chat config event",

slog.F("kind", kind),

slog.F("entity_id", entityID),

slog.Error(err),

)

}

}

// EXPERIMENTAL: this endpoint is experimental and is subject to change.

func (api *API) watchChats(rw http.ResponseWriter, r *http.Request) {

ctx := r.Context()

apiKey := httpmw.APIKey(r)

logger := api.Logger.Named("chat_watcher")

conn, err := websocket.Accept(rw, r, nil)

if err != nil {

httpapi.Write(ctx, rw, http.StatusInternalServerError, codersdk.Response{

Message: "Failed to open chat watch stream.",

Detail: err.Error(),

})

return

}

ctx, cancel := context.WithCancel(ctx)

defer cancel()

_ = conn.CloseRead(context.Background())

ctx, wsNetConn := codersdk.WebsocketNetConn(ctx, conn, websocket.MessageText)

defer wsNetConn.Close()

go httpapi.HeartbeatClose(ctx, logger, cancel, conn)

// The encoder is only written from the SubscribeWithErr callback,

// which delivers serially per subscription. Do not add a second

// write path without introducing synchronization.

encoder := json.NewEncoder(wsNetConn)

cancelSubscribe, err := api.Pubsub.SubscribeWithErr(pubsub.ChatWatchEventChannel(apiKey.UserID),

pubsub.HandleChatWatchEvent(

func(ctx context.Context, payload codersdk.ChatWatchEvent, err error) {

if err != nil {

logger.Error(ctx, "chat watch event subscription error", slog.Error(err))

return

}

if err := encoder.Encode(payload); err != nil {

logger.Debug(ctx, "failed to send chat watch event", slog.Error(err))

cancel()

return

}

},

))

if err != nil {

logger.Error(ctx, "failed to subscribe to chat watch events", slog.Error(err))

_ = conn.Close(websocket.StatusInternalError, "Failed to subscribe to chat events.")

return

}

defer cancelSubscribe()

<-ctx.Done()

}

// EXPERIMENTAL: chatsByWorkspace returns a mapping of workspace ID to

// the latest non-archived chat ID for each requested workspace.

// The query returns all matching chats and RBAC post-filters them;

// the handler then picks the latest per workspace in Go. This avoids

// the DISTINCT ON + post-filter bug where the sole candidate is

// silently dropped when the caller can't read it.

//

// TODO:

// 1. move aggregation to a SQL view with proper in-query authz so we

// can return a single row per workspace without this two-pass approach.

// 2. Restore the below router annotation and un-skip docs gen

// <at>Router /experimental/chats/by-workspace [post]

//

// @Summary Get latest chats by workspace IDs

// @ID get-latest-chats-by-workspace-ids

// @Security CoderSessionToken

// @Tags Chats

// @Accept json

// @Produce json

// @Success 200

// @x-apidocgen {"skip": true}

func (api *API) chatsByWorkspace(rw http.ResponseWriter, r *http.Request) {

ctx := r.Context()

idsParam := r.URL.Query().Get("workspace_ids")

if idsParam == "" {

httpapi.Write(ctx, rw, http.StatusOK, map[uuid.UUID]uuid.UUID{})

return

}

raw := strings.Split(idsParam, ",")

// maxWorkspaceIDs is coupled to DEFAULT_RECORDS_PER_PAGE (25) in

// site/src/components/PaginationWidget/utils.ts.

// If the page size changes, this limit should too.

const maxWorkspaceIDs = 25

if len(raw) > maxWorkspaceIDs {

httpapi.Write(ctx, rw, http.StatusBadRequest, codersdk.Response{

Message: fmt.Sprintf("Too many workspace IDs, maximum is %d.", maxWorkspaceIDs),

})

return

}

workspaceIDs := make([]uuid.UUID, 0, len(raw))

for _, s := range raw {

id, err := uuid.Parse(strings.TrimSpace(s))

if err != nil {

httpapi.Write(ctx, rw, http.StatusBadRequest, codersdk.Response{

Message: fmt.Sprintf("Invalid workspace ID %q: %s", s, err),

})

return

}

workspaceIDs = append(workspaceIDs, id)

}

chats, err := api.Database.GetChatsByWorkspaceIDs(ctx, workspaceIDs)

if httpapi.Is404Error(err) {

httpapi.ResourceNotFound(rw)

return

} else if err != nil {

httpapi.Write(ctx, rw, http.StatusInternalServerError, codersdk.Response{

Message: "Failed to get chats by workspace.",

Detail: err.Error(),

})

return

}

// The SQL orders by (workspace_id, updated_at DESC), so the first

// chat seen per workspace after RBAC filtering is the latest

// readable one.

result := make(map[uuid.UUID]uuid.UUID, len(chats))

for _, chat := range chats {

if chat.WorkspaceID.Valid {

if _, exists := result[chat.WorkspaceID.UUID]; !exists {

result[chat.WorkspaceID.UUID] = chat.ID

}

}

}

httpapi.Write(ctx, rw, http.StatusOK, result)

}

// EXPERIMENTAL: this endpoint is experimental and is subject to change.

func (api *API) listChats(rw http.ResponseWriter, r *http.Request) {

ctx := r.Context()

apiKey := httpmw.APIKey(r)

paginationParams, ok := ParsePagination(rw, r)

if !ok {

return

}

queryStr := r.URL.Query().Get("q")

searchParams, errs := searchquery.Chats(queryStr)

if len(errs) > 0 {

httpapi.Write(ctx, rw, http.StatusBadRequest, codersdk.Response{

Message: "Invalid chat search query.",

Validations: errs,

})

return

}

var labelFilter pqtype.NullRawMessage

if labelParams := r.URL.Query()["label"]; len(labelParams) > 0 {

labelMap := make(map[string]string, len(labelParams))

for _, lp := range labelParams {

key, value, ok := strings.Cut(lp, ":")

if !ok || key == "" || value == "" {

httpapi.Write(ctx, rw, http.StatusBadRequest, codersdk.Response{

Message: fmt.Sprintf("Invalid label filter: %q (expected format key:value, both must be non-empty)", lp),

})

return

}

labelMap[key] = value

}

labelsJSON, err := json.Marshal(labelMap)

if err != nil {

httpapi.Write(ctx, rw, http.StatusInternalServerError, codersdk.Response{

Message: "Failed to marshal label filter.",

Detail: err.Error(),

})

return

}

labelFilter = pqtype.NullRawMessage{

RawMessage: labelsJSON,

Valid: true,

}

}

params := database.GetChatsParams{

OwnerID: apiKey.UserID,

Archived: searchParams.Archived,

AfterID: paginationParams.AfterID,

LabelFilter: labelFilter,

// #nosec G115 - Pagination offsets are small and fit in int32

OffsetOpt: int32(paginationParams.Offset),

// #nosec G115 - Pagination limits are small and fit in int32

LimitOpt: int32(paginationParams.Limit),

}

chatRows, err := api.Database.GetChats(ctx, params)

if err != nil {

httpapi.Write(ctx, rw, http.StatusInternalServerError, codersdk.Response{

Message: "Failed to list chats.",

Detail: err.Error(),

})

return

}

// Collect root chat IDs so we can fetch their children.

rootIDs := make([]uuid.UUID, len(chatRows))

for i, row := range chatRows {

rootIDs[i] = row.Chat.ID

}

// Embed children matching the caller's archive filter so

// sidebar views don't surface state-mismatched rows.

var childRows []database.GetChildChatsByParentIDsRow

if len(rootIDs) > 0 {

childRows, err = api.Database.GetChildChatsByParentIDs(ctx, database.GetChildChatsByParentIDsParams{

ParentIds: rootIDs,

Archived: searchParams.Archived,

})

if err != nil {

httpapi.Write(ctx, rw, http.StatusInternalServerError, codersdk.Response{

Message: "Failed to list child chats.",

Detail: err.Error(),

})

return

}

}

// Collect all chat objects (root + child) for diff status lookup.

allChats := make([]database.Chat, 0, len(chatRows)+len(childRows))

for _, row := range chatRows {

allChats = append(allChats, row.Chat)

}

for _, row := range childRows {

allChats = append(allChats, row.Chat)

}

diffStatusesByChatID, err := api.getChatDiffStatusesByChatID(ctx, allChats)

if err != nil {

httpapi.Write(ctx, rw, http.StatusInternalServerError, codersdk.Response{

Message: "Failed to list chats.",

Detail: err.Error(),

})

return

}

httpapi.Write(ctx, rw, http.StatusOK, db2sdk.ChatRowsWithChildren(chatRows, childRows, diffStatusesByChatID))

}

func (api *API) getChatDiffStatusesByChatID(

ctx context.Context,

chats []database.Chat,

) (map[uuid.UUID]database.ChatDiffStatus, error) {

if len(chats) == 0 {

return map[uuid.UUID]database.ChatDiffStatus{}, nil

}

chatIDs := make([]uuid.UUID, 0, len(chats))

for _, chat := range chats {

chatIDs = append(chatIDs, chat.ID)

}

statuses, err := api.Database.GetChatDiffStatusesByChatIDs(ctx, chatIDs)

if err != nil {

return nil, xerrors.Errorf("get chat diff statuses: %w", err)

}

statusesByChatID := make(map[uuid.UUID]database.ChatDiffStatus, len(statuses))

for _, status := range statuses {

statusesByChatID[status.ChatID] = status

}

return statusesByChatID, nil

}

func planModeToNullChatPlanMode(mode codersdk.ChatPlanMode) database.NullChatPlanMode {

if mode == "" {

return database.NullChatPlanMode{}

}

return database.NullChatPlanMode{

ChatPlanMode: database.ChatPlanMode(mode),

Valid: true,

}

}

func validateChatPlanMode(mode codersdk.ChatPlanMode) bool {

switch mode {

case "", codersdk.ChatPlanModePlan:

return true

default:

return false

}

}

func parseChatExploreModelOverride(raw string) (*uuid.UUID, error) {

trimmed := strings.TrimSpace(raw)

if trimmed == "" {

//nolint:nilnil // Empty site-config value means the override is unset.

return nil, nil

}

modelConfigID, err := uuid.Parse(trimmed)

if err != nil {

return nil, xerrors.Errorf("parse explore model override: %w", err)

}

return &modelConfigID, nil

}

func formatChatExploreModelOverride(id *uuid.UUID) string {

if id == nil {

return ""

}

return id.String()

}

func validateChatExploreModelOverrideID(

ctx context.Context,

db database.Store,

id *uuid.UUID,

) (int, *codersdk.Response) {

if id == nil {

return 0, nil

}

if *id == uuid.Nil {

return http.StatusBadRequest, &codersdk.Response{

Message: "Invalid model_config_id.",

}

}

//nolint:gocritic // Validation lookup uses system context to check model

// availability independently of the caller's read permissions.

_, err := db.GetEnabledChatModelConfigByID(dbauthz.AsSystemRestricted(ctx), *id)

if err == nil {

return 0, nil

}

if xerrors.Is(err, sql.ErrNoRows) {

return http.StatusBadRequest, &codersdk.Response{

Message: "Invalid model_config_id.",

}

}

return http.StatusInternalServerError, &codersdk.Response{

Message: "Internal error validating model config override.",

Detail: err.Error(),

}

}

func (api *API) getChatExploreModelOverrideConfig(

ctx context.Context,

) (*uuid.UUID, bool, error) {

raw, err := api.Database.GetChatExploreModelOverride(ctx)

if err != nil {

return nil, false, xerrors.Errorf("get explore model override: %w", err)

}

id, err := parseChatExploreModelOverride(raw)

if err != nil {

// Degrade malformed values to unset so the admin settings page

// remains accessible and the bad value can be cleared.

api.Logger.Warn(ctx, "malformed explore model override in site config, treating as unset",

slog.F("raw_value", raw),

slog.Error(err),

)

return nil, true, nil

}

return id, false, nil

}

// EXPERIMENTAL: this endpoint is experimental and is subject to change.

func (api *API) postChats(rw http.ResponseWriter, r *http.Request) {

ctx := r.Context()

apiKey := httpmw.APIKey(r)

if !api.Authorize(r, policy.ActionCreate, rbac.ResourceChat.WithOwner(apiKey.UserID.String())) {

httpapi.Forbidden(rw)

return

}

// Cap the raw request body to prevent excessive memory use

// from large dynamic tool schemas.

r.Body = http.MaxBytesReader(rw, r.Body, int64(2*maxSystemPromptLenBytes))

var req codersdk.CreateChatRequest

if !httpapi.Read(ctx, rw, r, &req) {

return

}

aReq, commitAudit := audit.InitRequest[database.Chat](rw, &audit.RequestParams{

Audit: *api.Auditor.Load(),

Log: api.Logger,

Request: r,

Action: database.AuditActionCreate,

OrganizationID: req.OrganizationID,

})

defer commitAudit()

// Validate organization membership.

if req.OrganizationID == uuid.Nil {

httpapi.Write(ctx, rw, http.StatusBadRequest, codersdk.Response{

Message: "organization_id is required.",

})

return

}

isMember, err := httpmw.UserAuthorization(ctx).HasOrganizationMembership(req.OrganizationID)

if err != nil {

httpapi.Write(ctx, rw, http.StatusInternalServerError, codersdk.Response{

Message: "Failed to validate organization membership.",

Detail: xerrors.Errorf("check organization membership: %w", err).Error(),

})

return

}

if !isMember {

httpapi.Write(ctx, rw, http.StatusForbidden, codersdk.Response{

Message: "You are not a member of the specified organization.",

})

return

}

// Validate per-chat system prompt length.

const maxSystemPromptLen = 10000

if len(req.SystemPrompt) > maxSystemPromptLen {

httpapi.Write(ctx, rw, http.StatusBadRequest, codersdk.Response{

Message: "System prompt exceeds maximum length.",

Detail: fmt.Sprintf("System prompt must be at most %d characters, got %d.", maxSystemPromptLen, len(req.SystemPrompt)),

})

return

}

contentBlocks, titleSource, fileIDs, inputError := createChatInputFromRequest(ctx, api.Database, req)

if inputError != nil {

httpapi.Write(ctx, rw, http.StatusBadRequest, *inputError)

return

}

workspaceSelection, validationStatus, validationError := api.validateCreateChatWorkspaceSelection(ctx, r, req)

if validationError != nil {

httpapi.Write(ctx, rw, validationStatus, *validationError)

return

}

title := chatTitleFromMessage(titleSource)

if api.chatDaemon == nil {

httpapi.Write(ctx, rw, http.StatusInternalServerError, codersdk.Response{

Message: "Chat processor is unavailable.",

Detail: "Chat processor is not configured.",

})

return

}

modelConfigID, modelConfigStatus, modelConfigError := api.resolveCreateChatModelConfigID(ctx, req)

if modelConfigError != nil {

httpapi.Write(ctx, rw, modelConfigStatus, *modelConfigError)

return

}

if !validateChatPlanMode(req.PlanMode) {

httpapi.Write(ctx, rw, http.StatusBadRequest, codersdk.Response{

Message: "Invalid plan_mode value.",

})

return

}

// Validate MCP server IDs exist.

if len(req.MCPServerIDs) > 0 {

//nolint:gocritic // Need to validate MCP server IDs exist.

existingConfigs, err := api.Database.GetMCPServerConfigsByIDs(dbauthz.AsSystemRestricted(ctx), req.MCPServerIDs)

if err != nil {

httpapi.Write(ctx, rw, http.StatusInternalServerError, codersdk.Response{

Message: "Failed to validate MCP server IDs.",

Detail: err.Error(),

})

return

}

if len(existingConfigs) != len(req.MCPServerIDs) {

found := make(map[uuid.UUID]struct{}, len(existingConfigs))

for _, c := range existingConfigs {

found[c.ID] = struct{}{}

}

var missing []string

for _, id := range req.MCPServerIDs {

if _, ok := found[id]; !ok {

missing = append(missing, id.String())

}

}

httpapi.Write(ctx, rw, http.StatusBadRequest, codersdk.Response{

Message: "One or more MCP server IDs are invalid.",

Detail: fmt.Sprintf("Invalid IDs: %s", strings.Join(missing, ", ")),

})

return

}

}

mcpServerIDs := req.MCPServerIDs

if mcpServerIDs == nil {

mcpServerIDs = []uuid.UUID{}

}

labels := req.Labels

if labels == nil {

labels = map[string]string{}

}

if errs := httpapi.ValidateChatLabels(labels); len(errs) > 0 {

httpapi.Write(ctx, rw, http.StatusBadRequest, codersdk.Response{

Message: "Invalid labels.",

Validations: errs,

})

return

}

if len(req.UnsafeDynamicTools) > 250 {

httpapi.Write(ctx, rw, http.StatusBadRequest, codersdk.Response{

Message: "Too many dynamic tools.",

Detail: "Maximum 250 dynamic tools per chat.",

})

return

}

// Validate that dynamic tool names are non-empty and unique

// within the list. Name collision with built-in tools is

// checked at chatloop time when the full tool set is known.

if len(req.UnsafeDynamicTools) > 0 {

seenNames := make(map[string]struct{}, len(req.UnsafeDynamicTools))

for _, dt := range req.UnsafeDynamicTools {

if dt.Name == "" {

httpapi.Write(ctx, rw, http.StatusBadRequest, codersdk.Response{

Message: "Dynamic tool name must not be empty.",

})

return

}

if _, exists := seenNames[dt.Name]; exists {

httpapi.Write(ctx, rw, http.StatusBadRequest, codersdk.Response{

Message: "Duplicate dynamic tool name.",

Detail: fmt.Sprintf("Tool %q appears more than once.", dt.Name),

})

return

}

seenNames[dt.Name] = struct{}{}

}

}

var dynamicToolsJSON json.RawMessage

if len(req.UnsafeDynamicTools) > 0 {

var err error

dynamicToolsJSON, err = json.Marshal(req.UnsafeDynamicTools)

if err != nil {

httpapi.Write(ctx, rw, http.StatusInternalServerError, codersdk.Response{

Message: "Failed to marshal dynamic tools.",

Detail: err.Error(),

})

return

}

}

clientType := database.ChatClientTypeApi

if req.ClientType != "" {

clientType = database.ChatClientType(req.ClientType)

if !clientType.Valid() {

httpapi.Write(ctx, rw, http.StatusBadRequest, codersdk.Response{

Message: "Invalid client_type.",

Detail: fmt.Sprintf("got %q, want one of %v", req.ClientType, database.AllChatClientTypeValues()),

})

return

}

}

chat, err := api.chatDaemon.CreateChat(ctx, chatd.CreateOptions{

OrganizationID: req.OrganizationID,

OwnerID: apiKey.UserID,

WorkspaceID: workspaceSelection.WorkspaceID,

Title: title,

ModelConfigID: modelConfigID,

PlanMode: planModeToNullChatPlanMode(req.PlanMode),

ClientType: clientType,

SystemPrompt: req.SystemPrompt,

InitialUserContent: contentBlocks,

MCPServerIDs: mcpServerIDs,

Labels: labels,

DynamicTools: dynamicToolsJSON,

// IMPORTANT: users can only create root chats at the time of writing.

ParentChatID: uuid.NullUUID{},

})

if err != nil {

if maybeWriteLimitErr(ctx, rw, err) {

return

}

if database.IsForeignKeyViolation(

err,

database.ForeignKeyChatsLastModelConfigID,

database.ForeignKeyChatMessagesModelConfigID,

) {

httpapi.Write(ctx, rw, http.StatusBadRequest, codersdk.Response{

Message: "Invalid model config ID.",

Detail: err.Error(),

})

return

}

if dbauthz.IsNotAuthorizedError(err) {

httpapi.Forbidden(rw)

return

}

httpapi.Write(ctx, rw, http.StatusInternalServerError, codersdk.Response{

Message: "Failed to create chat.",

Detail: err.Error(),

})

return

}

aReq.New = chat

if chat.ParentChatID.Valid {

// Should not be possible. If we get here, something is very wrong. Bail.

httpapi.Write(ctx, rw, http.StatusInternalServerError, codersdk.Response{

Message: "Developer error: ParentChatID got set somehow in api.postChats. This should never happen.",

})

return

}

// Link any user-uploaded files referenced in the initial

// message to this newly created chat (best-effort; cap

// enforced in SQL).

unlinked, capExceeded := api.linkFilesToChat(ctx, chat.ID, fileIDs)

// Re-read the chat so the response reflects the authoritative

// database state (file links are deduped in the join table).

chat, err = api.Database.GetChatByID(ctx, chat.ID)

if err != nil {

httpapi.Write(ctx, rw, http.StatusInternalServerError, codersdk.Response{

Message: "Failed to read back chat after creation.",

Detail: err.Error(),

})

return

}

aReq.New = chat

chatFiles := api.fetchChatFileMetadata(ctx, chat.ID)

response := db2sdk.Chat(chat, nil, chatFiles)

if len(unlinked) > 0 {

if capExceeded {

response.Warnings = append(response.Warnings, fileLinkCapWarning(len(unlinked)))

} else {

response.Warnings = append(response.Warnings, fileLinkErrorWarning(len(unlinked)))

}

}

httpapi.Write(ctx, rw, http.StatusCreated, response)

}

// EXPERIMENTAL: this endpoint is experimental and is subject to change.

func (api *API) listChatModels(rw http.ResponseWriter, r *http.Request) {

ctx := r.Context()

apiKey := httpmw.APIKey(r)

//nolint:gocritic // System context required to read enabled chat models.

systemCtx := dbauthz.AsSystemRestricted(ctx)

if api.chatDaemon == nil {

httpapi.Write(ctx, rw, http.StatusInternalServerError, codersdk.Response{

Message: "Chat processor is unavailable.",

Detail: "Chat processor is not configured.",

})

return

}

enabledProviders, err := api.Database.GetEnabledChatProviders(

systemCtx,

)

if err != nil {

httpapi.Write(ctx, rw, http.StatusInternalServerError, codersdk.Response{

Message: "Failed to load chat model configuration.",

Detail: err.Error(),

})

return

}

enabledModels, err := api.Database.GetEnabledChatModelConfigs(

systemCtx,

)

if err != nil {

httpapi.Write(ctx, rw, http.StatusInternalServerError, codersdk.Response{

Message: "Failed to load chat model configuration.",

Detail: err.Error(),

})

return

}

configuredProviders := make(

[]chatprovider.ConfiguredProvider, 0, len(enabledProviders),

)

enabledProviderNames := make(map[string]struct{}, len(enabledProviders))

for _, provider := range enabledProviders {

configuredProviders = append(

configuredProviders, chatprovider.ConfiguredProvider{

ProviderID: provider.ID,

Provider: provider.Provider,

APIKey: provider.APIKey,

BaseURL: provider.BaseUrl,

CentralAPIKeyEnabled: provider.CentralApiKeyEnabled,

AllowUserAPIKey: provider.AllowUserApiKey,

AllowCentralAPIKeyFallback: provider.AllowCentralApiKeyFallback,

},

)

normalizedProvider := chatprovider.NormalizeProvider(provider.Provider)

if normalizedProvider == "" {

continue

}

enabledProviderNames[normalizedProvider] = struct{}{}

}

configuredModels := make(

[]chatprovider.ConfiguredModel, 0, len(enabledModels),

)

for _, model := range enabledModels {

configuredModels = append(configuredModels, chatprovider.ConfiguredModel{

Provider: model.Provider,

Model: model.Model,

DisplayName: model.DisplayName,

})

}

userKeyRows, err := api.Database.GetUserChatProviderKeys(ctx, apiKey.UserID)

if err != nil {

httpapi.Write(ctx, rw, http.StatusInternalServerError, codersdk.Response{

Message: "Failed to load user chat provider keys.",

Detail: err.Error(),

})

return

}

userKeys := make([]chatprovider.UserProviderKey, 0, len(userKeyRows))

for _, userKey := range userKeyRows {

userKeys = append(userKeys, chatprovider.UserProviderKey{

ChatProviderID: userKey.ChatProviderID,

APIKey: userKey.APIKey,

})

}

_, providerAvailability := chatprovider.ResolveUserProviderKeys(

ChatProviderAPIKeysFromDeploymentValues(api.DeploymentValues),

configuredProviders,

userKeys,

)

catalog := chatprovider.NewModelCatalog()

var response codersdk.ChatModelsResponse

if configured, ok := catalog.ListConfiguredModels(

configuredProviders, configuredModels, providerAvailability, enabledProviderNames,

); ok {

response = configured

} else {

response = catalog.ListConfiguredProviderAvailability(

providerAvailability,

enabledProviderNames,

)

}

httpapi.Write(ctx, rw, http.StatusOK, response)

}

func (api *API) chatCostSummary(rw http.ResponseWriter, r *http.Request) {

ctx := r.Context()

apiKey := httpmw.APIKey(r)

// Default date range: last 30 days.

now := time.Now()

defaultStart := now.AddDate(0, 0, -30)

qp := r.URL.Query()

p := httpapi.NewQueryParamParser()

startDate := p.Time(qp, defaultStart, "start_date", time.RFC3339)

endDate := p.Time(qp, now, "end_date", time.RFC3339)

p.ErrorExcessParams(qp)

if len(p.Errors) > 0 {

httpapi.Write(ctx, rw, http.StatusBadRequest, codersdk.Response{

Message: "Invalid query parameters.",

Validations: p.Errors,

})

return

}

targetUser := httpmw.UserParam(r)

if targetUser.ID != apiKey.UserID && !api.Authorize(r, policy.ActionRead, rbac.ResourceChat.WithOwner(targetUser.ID.String())) {

httpapi.Forbidden(rw)

return

}

summary, err := api.Database.GetChatCostSummary(ctx, database.GetChatCostSummaryParams{

OwnerID: targetUser.ID,

StartDate: startDate,

EndDate: endDate,

})

if err != nil {

if dbauthz.IsNotAuthorizedError(err) {

httpapi.Forbidden(rw)

return

}

httpapi.InternalServerError(rw, err)

return

}

byModel, err := api.Database.GetChatCostPerModel(ctx, database.GetChatCostPerModelParams{

OwnerID: targetUser.ID,

StartDate: startDate,

EndDate: endDate,

})

if err != nil {

if dbauthz.IsNotAuthorizedError(err) {

httpapi.Forbidden(rw)

return

}

httpapi.InternalServerError(rw, err)

return

}

byChat, err := api.Database.GetChatCostPerChat(ctx, database.GetChatCostPerChatParams{

OwnerID: targetUser.ID,

StartDate: startDate,

EndDate: endDate,

})

if err != nil {

if dbauthz.IsNotAuthorizedError(err) {

httpapi.Forbidden(rw)

return

}

httpapi.InternalServerError(rw, err)

return

}

modelBreakdowns := make([]codersdk.ChatCostModelBreakdown, 0, len(byModel))

for _, model := range byModel {

modelBreakdowns = append(modelBreakdowns, convertChatCostModelBreakdown(model))

}

chatBreakdowns := make([]codersdk.ChatCostChatBreakdown, 0, len(byChat))

for _, chat := range byChat {

chatBreakdowns = append(chatBreakdowns, convertChatCostChatBreakdown(chat))

}

// TODO(CODAGT-161): pass real organization ID

// when the HTTP endpoint supports org-scoped queries.

usageStatus, err := chatd.ResolveUsageLimitStatus(ctx, api.Database, targetUser.ID, uuid.NullUUID{}, time.Now())

if err != nil {

api.Logger.Warn(ctx, "failed to resolve usage limit status", slog.Error(err))

}

response := codersdk.ChatCostSummary{

StartDate: startDate,

EndDate: endDate,

TotalCostMicros: summary.TotalCostMicros,

PricedMessageCount: summary.PricedMessageCount,

UnpricedMessageCount: summary.UnpricedMessageCount,

TotalInputTokens: summary.TotalInputTokens,

TotalOutputTokens: summary.TotalOutputTokens,

TotalCacheReadTokens: summary.TotalCacheReadTokens,