GT AI OS Community v2.0.33 - Add NVIDIA NIM and Nemotron agents

- Updated python_coding_microproject.csv to use NVIDIA NIM Kimi K2
- Updated kali_linux_shell_simulator.csv to use NVIDIA NIM Kimi K2
  - Made more general-purpose (flexible targets, expanded tools)
- Added nemotron-mini-agent.csv for fast local inference via Ollama
- Added nemotron-agent.csv for advanced reasoning via Ollama
- Added wiki page: Projects for NVIDIA NIMs and Nemotron

scripts/postgresql/migrations/T004_update_validate_resource_share.sql

@@ -0,0 +1,78 @@
+-- Migration T004: Update validate_resource_share Trigger Function
+-- Purpose: Allow team owners and admins to share resources without requiring team membership
+-- Dependencies: T003_team_resource_shares.sql
+-- Author: GT 2.0 Development Team
+-- Date: 2025-01-07
+--
+-- Changes:
+-- - Add team owner bypass check (owners don't need team membership)
+-- - Add admin/developer role bypass check (admins can share to any team)
+-- - Preserve original team membership + share permission check for regular users
+--
+-- This migration is idempotent via CREATE OR REPLACE FUNCTION
+
+SET search_path TO tenant_test_company;
+
+CREATE OR REPLACE FUNCTION validate_resource_share()
+RETURNS trigger
+LANGUAGE plpgsql
+AS $$
+DECLARE
+    user_team_permission VARCHAR(20);
+    is_team_owner BOOLEAN;
+    user_role VARCHAR(50);
+    user_tenant_id UUID;
+    team_tenant_id UUID;
+BEGIN
+    -- Check if user is team owner
+    SELECT (owner_id = NEW.shared_by), tenant_id INTO is_team_owner, team_tenant_id
+    FROM teams
+    WHERE id = NEW.team_id;
+
+    -- Allow team owners to share
+    IF is_team_owner THEN
+        RETURN NEW;
+    END IF;
+
+    -- Check if user is admin/developer (bypass membership requirement)
+    SELECT u.user_type, u.tenant_id INTO user_role, user_tenant_id
+    FROM users u
+    WHERE u.id = NEW.shared_by;
+
+    -- Allow admins/developers in the same tenant
+    IF user_role IN ('admin', 'developer', 'super_admin') AND user_tenant_id = team_tenant_id THEN
+        RETURN NEW;
+    END IF;
+
+    -- Check if the user has 'share' permission on the team
+    SELECT team_permission INTO user_team_permission
+    FROM team_memberships
+    WHERE team_id = NEW.team_id
+      AND user_id = NEW.shared_by;
+
+    IF user_team_permission IS NULL THEN
+        RAISE EXCEPTION 'User % is not a member of team %', NEW.shared_by, NEW.team_id;
+    END IF;
+
+    IF user_team_permission != 'share' THEN
+        RAISE EXCEPTION 'User % does not have share permission on team %', NEW.shared_by, NEW.team_id;
+    END IF;
+
+    RETURN NEW;
+END;
+$$;
+
+-- Verification: Check that the function exists
+DO $$
+BEGIN
+    IF EXISTS (
+        SELECT 1 FROM pg_proc p
+        JOIN pg_namespace n ON p.pronamespace = n.oid
+        WHERE n.nspname = 'tenant_test_company'
+          AND p.proname = 'validate_resource_share'
+    ) THEN
+        RAISE NOTICE 'SUCCESS: T004 migration completed - validate_resource_share function updated';
+    ELSE
+        RAISE EXCEPTION 'FAILED: T004 migration - validate_resource_share function not found';
+    END IF;
+END $$;