whatsapp_notifier 0.7.0 → 0.8.0

data/lib/whatsapp_notifier/services/web_automation/media.ts

@@ -34,7 +34,7 @@ export interface MediaMeta {
     capturedAt: number; // epoch ms
 }
 
-export type MediaSkipReason = 'unsupported_type' | 'too_large' | 'disk_full';
+export type MediaSkipReason = 'unsupported_type' | 'too_large';
 export type MediaFailureReason = MediaSkipReason | 'expired' | 'download_failed' | 'invalid_id';
 
 // The verdict captureInbound merges into the inbound payload. Structurally
@@ -76,6 +76,13 @@ export function maxDiskBytes(): number {
     return envLimit('WHATSAPP_MEDIA_MAX_DISK_BYTES', 5 * 1024 * 1024 * 1024); // 5GB
 }
 
+// Per-user rolling cap (default 1GB). This is the cap that actually shapes disk
+// use: maxDiskBytes() is only an absolute global backstop now. NaN-safe like
+// the others so a malformed env can't silently disable eviction.
+export function maxUserBytes(): number {
+    return envLimit('WHATSAPP_MEDIA_MAX_USER_BYTES', 1024 * 1024 * 1024); // 1GB
+}
+
 // ── Root + cap accounting ──
 
 // index.ts wires this to <SESSION_BASE_DIR>/media; tests to a tmp dir.
@@ -110,6 +117,24 @@ function computeDiskBytes(): number {
     return total;
 }
 
+// Payload bytes stored for ONE user — sidecars excluded, exactly as
+// computeDiskBytes counts them, so the per-user total and the global total
+// stay on the same scale and the eviction decrement keeps cachedDiskBytes
+// honest.
+export function userDirBytes(userId: string): number {
+    const safeUser = sanitizeId(userId);
+    if (!safeUser) return 0;
+    let total = 0;
+    try {
+        const dir = join(mediaRootResolver(), safeUser);
+        for (const file of readdirSync(dir)) {
+            if (isSidecarName(file)) continue;
+            try { total += statSync(join(dir, file)).size; } catch (_) { /* raced a delete */ }
+        }
+    } catch (_) { /* user dir not created yet → nothing stored */ }
+    return total;
+}
+
 // ── Id sanitization + path layout ──
 
 // Both route params become path segments, so they must be reduced to a safe
@@ -170,6 +195,12 @@ export function writeMedia(
         };
         writeFileSync(paths.metaPath, JSON.stringify(sidecar));
         if (cachedDiskBytes !== null) cachedDiskBytes += data.byteLength;
+        // WhatsApp's own model: keep the recent media, roll the old off. The
+        // newly written file pushed this user over their cap? Evict their
+        // oldest until they fit again. An evicted item is not lost — the host
+        // re-downloads it on demand via POST /media/:userId/refetch when an
+        // operator opens that bubble.
+        enforceUserCap(userId);
         return true;
     } catch (e) {
         console.error(`Failed to persist media ${messageId} for ${userId}`, e);
@@ -177,6 +208,53 @@ export function writeMedia(
     }
 }
 
+// Roll the user back under maxUserBytes() by deleting their OLDEST media pair
+// (by file mtime — same pairing/ordering logic as sweepExpired) one at a time.
+// Bounded by the file count: each pass either deletes one pair or stops, so it
+// can never spin (a user already at/under the cap exits immediately, and a
+// single oversize file that alone exceeds the cap is deleted once and the loop
+// ends with the dir empty). cachedDiskBytes is decremented per eviction so
+// downloadPolicy's global backstop and mediaDiskBytes stay accurate.
+export function enforceUserCap(userId: string): number {
+    const safeUser = sanitizeId(userId);
+    if (!safeUser) return 0;
+    const cap = maxUserBytes();
+    const dir = join(mediaRootResolver(), safeUser);
+
+    let evicted = 0;
+    let total = userDirBytes(userId);
+    // Bound the loop by the directory's file count — defensive belt over the
+    // total-shrinks-each-pass invariant.
+    let guard = 0;
+    while (total > cap) {
+        const oldest = oldestMediaName(dir);
+        if (!oldest) break; // nothing left to evict (cap smaller than 0 bytes is impossible)
+        // deleteMedia decrements cachedDiskBytes by the payload size for us.
+        deleteMedia(userId, oldest);
+        evicted += 1;
+        total = userDirBytes(userId);
+        guard += 1;
+        if (guard > 100000) break; // pathological safety valve
+    }
+    return evicted;
+}
+
+// The user's oldest media payload by capturedAt (sidecar) / mtime (fallback) —
+// same age source sweepExpired uses — or null when the dir holds no payloads.
+// Sidecars are skipped; an orphaned sidecar is left for sweepExpired to reap.
+function oldestMediaName(dir: string): string | null {
+    let oldestName: string | null = null;
+    let oldestAt = Infinity;
+    try {
+        for (const file of readdirSync(dir)) {
+            if (isSidecarName(file)) continue;
+            const at = capturedAtFor(join(dir, file), `${join(dir, file)}${SIDECAR_SUFFIX}`);
+            if (at < oldestAt) { oldestAt = at; oldestName = file; }
+        }
+    } catch (_) { /* dir gone → nothing to evict */ }
+    return oldestName;
+}
+
 // Returns the sidecar when BOTH the bytes and the sidecar are present —
 // captureInbound uses this to skip re-downloading on a reconnect backfill.
 export function mediaExists(userId: string, messageId: string): MediaMeta | null {
@@ -257,7 +335,14 @@ export function downloadPolicy(type: string, size: number, viewOnce = false): Me
     if (viewOnce || !DOWNLOADABLE_TYPES.has(type)) return { download: false, reason: 'unsupported_type' };
     const cap = type === 'document' ? maxDocumentBytes() : INLINE_MEDIA_MAX_BYTES;
     if (size > cap) return { download: false, reason: 'too_large' };
-    if (mediaDiskBytes() + size > maxDiskBytes()) return { download: false, reason: 'disk_full' };
+    // No disk check here any more. A user is NEVER skipped on disk grounds:
+    // the per-user 1GB cap is enforced AFTER each successful write by
+    // enforceUserCap, which rolls the user's OLDEST media off (WhatsApp's
+    // tap-to-download model — an evicted item re-downloads on demand). Because
+    // we download-then-evict, we only ever write at most one per-message cap
+    // (≤25MB) over the limit before rolling back under it — harmless. The
+    // per-MESSAGE size gate above still stands; maxDiskBytes() remains only an
+    // absolute global backstop that the per-user cap keeps us far beneath.
     return { download: true };
 }
 
@@ -320,8 +405,13 @@ export async function resolveMediaForMessage(
     deps: { timeoutMs?: number } = {}
 ): Promise<MediaResolution> {
     // Must mirror normalizeInbound's messageId fallback (inbound.ts) so the
-    // stored file is addressable by the id the host received.
-    const messageId = (msg?.id && msg.id._serialized) || `${msg?.from || ''}-${msg?.timestamp}`;
+    // stored file is addressable by the id the host received. Like there, the
+    // fallback keys on the COUNTERPARTY: on fromMe the `from` is the
+    // operator's own jid, shared by every chat — keying on it would store the
+    // bytes under one id while the wire advertises another (host GET 404s),
+    // and two same-second sends to different customers would collide on disk.
+    const counterparty = (msg?.fromMe ? msg?.to : msg?.from) || '';
+    const messageId = (msg?.id && msg.id._serialized) || `${counterparty}-${msg?.timestamp}`;
     if (!mediaPaths(userId, messageId)) {
         return { mediaStatus: 'unavailable', mediaError: 'invalid_id' };
     }

data/lib/whatsapp_notifier/services/web_automation/send.test.ts

@@ -0,0 +1,20 @@
+import { test, expect } from 'bun:test';
+import { sentMessageId } from './send';
+
+// The id the host stores against its outbound record — it MUST be the real
+// serialized WhatsApp id so the fromMe echo of this send dedupes on it.
+test('sentMessageId returns the serialized id of the sent message', () => {
+    const sent = { id: { _serialized: 'true_919999000001@c.us_ABC' } };
+    expect(sentMessageId(sent)).toBe('true_919999000001@c.us_ABC');
+});
+
+// Null fallback, never a fabricated id: a made-up id matches no echo but
+// would still occupy the host's unique message-id slot, blocking the echo
+// from being adopted onto the right record.
+test('sentMessageId falls back to null when no id is available', () => {
+    expect(sentMessageId(undefined)).toBeNull();          // library resolved nothing
+    expect(sentMessageId(null)).toBeNull();
+    expect(sentMessageId({})).toBeNull();                 // Message without an id
+    expect(sentMessageId({ id: {} })).toBeNull();         // id without a serialization
+    expect(sentMessageId({ id: { _serialized: '' } })).toBeNull(); // empty id is no id
+});

data/lib/whatsapp_notifier/services/web_automation/send.ts

@@ -0,0 +1,17 @@
+// /send response helpers (pure, unit-testable — see send.test.ts).
+//
+// Kept separate from index.ts (which calls Bun.serve() at import time) so the
+// wire shape can be tested without booting the server or whatsapp-web.js.
+
+// The real WhatsApp id of a just-sent message, for the /send response. Hosts
+// store it on their outbound record so the message_create echo of this very
+// send (two-way capture replays our own messages too) dedupes on messageId
+// instead of duplicating as an "operator app" bubble.
+//
+// Null — never a fabricated id — when the library hands nothing back: a
+// made-up id matches no echo, yet would still occupy the host's unique
+// message-id slot and block the echo from being adopted onto the right
+// record.
+export function sentMessageId(sent: any): string | null {
+    return (sent && sent.id && sent.id._serialized) || null;
+}

data/lib/whatsapp_notifier/version.rb

@@ -1,4 +1,4 @@
 module WhatsAppNotifier
-  VERSION = "0.7.0"
+  VERSION = "0.8.0"
 
 end

data/lib/whatsapp_notifier/web_adapter.rb

@@ -18,9 +18,13 @@ module WhatsAppNotifier
     }.freeze
 
     # Optional inbound keys introduced by the 0.7.0 service (media verdict +
-    # sender display name). Mapped ONLY when the wire payload carries them, so
-    # hosts can key-gate on has_media presence: a missing key means "0.6.0
-    # service, no media support", while has_media: false means "text message".
+    # sender display name) and the 0.8.0 service (two-way capture). Mapped
+    # ONLY when the wire payload carries them, so hosts can key-gate on
+    # presence: a missing has_media means "0.6.0 service, no media support"
+    # (while has_media: false means "text message"), and a missing from_me
+    # means "customer message or pre-0.8.0 service". `to` carries the
+    # counterparty chat id on operator-sent (from_me) messages — the id the
+    # host threads the conversation on.
     INBOUND_OPTIONAL_KEYS = {
       has_media: %w[hasMedia has_media],
       media_status: %w[mediaStatus media_status],
@@ -28,7 +32,9 @@ module WhatsAppNotifier
       media_mime: %w[mediaMime media_mime],
       media_filename: %w[mediaFilename media_filename],
       media_size: %w[mediaSize media_size],
-      sender_name: %w[senderName sender_name]
+      sender_name: %w[senderName sender_name],
+      to: %w[to],
+      from_me: %w[fromMe from_me]
     }.freeze
 
     def self.default_base_url
@@ -54,7 +60,12 @@ module WhatsAppNotifier
       response = request(:post, "/send/#{user_id}", body: body)
       {
         success: response.fetch("success"),
-        message_id: payload[:idempotency_key] || "local-#{Time.now.to_i}",
+        # Prefer the service-issued WhatsApp message id (0.8.0): it is the key
+        # the host dedupes the send's own fromMe echo on, so a real id must
+        # win over the locally fabricated one. The fallback keeps 0.7.0
+        # services (no messageId in the response) working unchanged.
+        message_id: response["messageId"] || response["message_id"] ||
+                    payload[:idempotency_key] || "local-#{Time.now.to_i}",
         session: session,
         error_message: response["error"]
       }
@@ -109,6 +120,29 @@ module WhatsAppNotifier
       }
     end
 
+    # On-demand re-download (WhatsApp tap-to-download). The host calls this when
+    # an operator opens a media bubble whose bytes the service no longer holds
+    # (rolled off by the per-user cap or expired by TTL): the service re-pulls
+    # THAT one message's media and stores it, after which the host fetches it
+    # with the usual fetch_media GET. Returns { mime:, filename:, size:, status: }
+    # on success, or nil when the media is gone upstream (404) — same nil-on-404
+    # contract as fetch_media, so a host that gets nil can grey the bubble out.
+    # A 0.7.0 service mid-rollout has no /refetch route and also answers 404 →
+    # nil, indistinguishable from gone, which is the safe degrade.
+    def refetch_media(message_id:, chat_id:, metadata: {})
+      user_id = user_id_from(metadata)
+      body = { messageId: message_id, chatId: chat_id }
+      response = request(:post, "/media/#{user_id}/refetch", body: body, allow_404: true)
+      return nil unless response["success"]
+
+      {
+        mime: response["mediaMime"] || response["media_mime"],
+        filename: response["mediaFilename"] || response["media_filename"],
+        size: response["mediaSize"] || response["media_size"],
+        status: response["mediaStatus"] || response["media_status"]
+      }
+    end
+
     # Removes the service's copy after the host has attached the bytes.
     # Idempotent on the service side: deleting absent media still succeeds.
     # A 0.6.0 service mid-rollout has no /media routes and answers 404 —
@@ -120,6 +154,31 @@ module WhatsAppNotifier
       { success: response.fetch("success", false) }
     end
 
+    # Lists the paired number's 1:1 chats for history-sync discovery. Returns
+    # [{ id:, name:, last_message_at: }] newest-first; the service caps the
+    # list at its newest 500 and excludes groups/status/privacy chats. The
+    # route is token-gated like /media and raises the standard error on any
+    # non-2xx (401 when the user never paired or isn't ready).
+    def list_chats(metadata: {})
+      user_id = user_id_from(metadata)
+      response = request(:get, "/chats/#{user_id}")
+      Array(response["chats"]).map { |chat| map_chat_summary(chat) }
+    end
+
+    # Replays one chat's history through the service's live-capture
+    # normalizer and returns it synchronously (no queue, no webhook) —
+    # oldest-first, mapped exactly like fetch_inbound messages, including
+    # from_me/to on the operator's side of the conversation. History media
+    # arrives marked unavailable by design (media_error "history"): the
+    # service never bulk-downloads old media; live capture handles bytes
+    # going forward.
+    def fetch_history(chat_id:, limit: 50, metadata: {})
+      user_id = user_id_from(metadata)
+      body = { chatId: chat_id, limit: clamp_history_limit(limit) }
+      response = request(:post, "/history/#{user_id}", body: body)
+      Array(response["messages"]).map { |m| map_inbound_message(m) }
+    end
+
     # Logs the user out of WhatsApp and clears their saved session on the service.
     def logout(metadata: {})
       user_id = user_id_from(metadata)
@@ -127,12 +186,33 @@ module WhatsAppNotifier
       { success: response.fetch("success", false) }
     end
 
+    # Mirrors the service-side clamp (history.ts) so a host-passed limit can
+    # never balloon one request into a session-stalling bulk fetch.
+    HISTORY_LIMIT_DEFAULT = 50
+    HISTORY_LIMIT_RANGE = (1..200).freeze
+
     private
 
     def user_id_from(metadata)
       (metadata[:user_id] || metadata["user_id"] || "default").to_s
     end
 
+    def clamp_history_limit(limit)
+      Integer(limit).clamp(HISTORY_LIMIT_RANGE.min, HISTORY_LIMIT_RANGE.max)
+    rescue ArgumentError, TypeError
+      # Non-integer garbage falls back to the default — the service does the
+      # same, so both layers agree on the effective page size.
+      HISTORY_LIMIT_DEFAULT
+    end
+
+    def map_chat_summary(chat)
+      {
+        id: chat["id"],
+        name: chat["name"],
+        last_message_at: chat.key?("lastMessageAt") ? chat["lastMessageAt"] : chat["last_message_at"]
+      }
+    end
+
     def map_inbound_message(message)
       mapped = {
         from: message["from"],

data/lib/whatsapp_notifier.rb

@@ -74,6 +74,18 @@ module WhatsAppNotifier
       client.delete_media(message_id: message_id, provider: provider, metadata: metadata)
     end
 
+    def refetch_media(message_id:, chat_id:, provider: nil, metadata: {})
+      client.refetch_media(message_id: message_id, chat_id: chat_id, provider: provider, metadata: metadata)
+    end
+
+    def list_chats(provider: nil, metadata: {})
+      client.list_chats(provider: provider, metadata: metadata)
+    end
+
+    def fetch_history(chat_id:, limit: 50, provider: nil, metadata: {})
+      client.fetch_history(chat_id: chat_id, limit: limit, provider: provider, metadata: metadata)
+    end
+
     def logout(provider: nil, metadata: {})
       client.logout(provider: provider, metadata: metadata)
     end

data/spec/client_spec.rb

@@ -77,7 +77,8 @@ RSpec.describe WhatsAppNotifier::Client do
         fetch_qr_code: "qr",
         connection_status: { state: "AUTHENTICATED", authenticated: true },
         fetch_media: { body: "bytes", mime: "image/jpeg", filename: nil, size: 5 },
-        delete_media: { success: true }
+        delete_media: { success: true },
+        refetch_media: { mime: "image/jpeg", filename: nil, size: 5, status: "available" }
       )
       client = described_class.new(configuration: config)
 
@@ -85,6 +86,32 @@ RSpec.describe WhatsAppNotifier::Client do
         .to include(body: "bytes", size: 5)
       expect(client.delete_media(message_id: "m1", provider: :web_automation, metadata: { user_id: 1 }))
         .to eq(success: true)
+      expect(client.refetch_media(message_id: "m1", chat_id: "919@c.us", provider: :web_automation, metadata: { user_id: 1 }))
+        .to include(status: "available")
+    end
+  end
+
+  it "delegates list_chats and fetch_history to the provider" do
+    Dir.mktmpdir do |dir|
+      config.provider = :web_automation
+      config.web_automation_enabled = true
+      config.web_session_path = File.join(dir, "session.json")
+      adapter = double(
+        send_message: { success: true, session: {} },
+        fetch_qr_code: "qr",
+        connection_status: { state: "AUTHENTICATED", authenticated: true },
+        list_chats: [{ id: "919@c.us", name: "Asha", last_message_at: 9 }],
+        fetch_history: [{ from: "919@c.us", body: "old", message_id: "h1" }]
+      )
+      config.web_adapter = adapter
+      client = described_class.new(configuration: config)
+
+      expect(client.list_chats(provider: :web_automation, metadata: { user_id: 1 }))
+        .to eq([{ id: "919@c.us", name: "Asha", last_message_at: 9 }])
+      expect(client.fetch_history(chat_id: "919@c.us", provider: :web_automation, metadata: { user_id: 1 }))
+        .to eq([{ from: "919@c.us", body: "old", message_id: "h1" }])
+      # The default page size survives the delegation chain untouched.
+      expect(adapter).to have_received(:fetch_history).with(chat_id: "919@c.us", limit: 50, metadata: { user_id: 1 })
     end
   end
 

data/spec/generators/install_service_generator_spec.rb

@@ -58,7 +58,7 @@ RSpec.describe "WhatsAppNotifier::Generators::InstallServiceGenerator" do
       generator.copy_service_files
 
       sources = generator.copied.map(&:first)
-      expect(sources).to match_array(%w[index.ts inbound.ts init_gate.ts media.ts metrics.ts sessions.ts package.json bun.lock])
+      expect(sources).to match_array(%w[index.ts history.ts inbound.ts init_gate.ts media.ts metrics.ts send.ts sessions.ts package.json bun.lock])
       expect(sources.grep(/test|node_modules|\.wwebjs|\.puppeteer/)).to be_empty
       expect(generator.copied.map(&:last)).to all(start_with("whatsapp_service/"))
     end

data/spec/providers/web_automation_spec.rb

@@ -137,31 +137,36 @@ RSpec.describe WhatsAppNotifier::Providers::WebAutomation do
     end
   end
 
-  it "fetches and deletes media via the adapter when enabled" do
+  it "fetches, deletes and refetches media via the adapter when enabled" do
     Dir.mktmpdir do |dir|
       adapter = double(
         fetch_qr_code: "qr", connection_status: {},
         fetch_media: { body: "bytes", mime: "image/jpeg", filename: "a.jpg", size: 5 },
-        delete_media: { success: true }
+        delete_media: { success: true },
+        refetch_media: { mime: "image/jpeg", filename: "a.jpg", size: 5, status: "available" }
       )
       config = build_config(path: File.join(dir, "session.json"), adapter: adapter)
       provider = described_class.new(configuration: config)
 
       expect(provider.fetch_media(message_id: "m1", metadata: { user_id: 1 })).to include(mime: "image/jpeg")
       expect(provider.delete_media(message_id: "m1", metadata: { user_id: 1 })).to eq(success: true)
+      expect(provider.refetch_media(message_id: "m1", chat_id: "919@c.us", metadata: { user_id: 1 }))
+        .to include(status: "available")
       expect(adapter).to have_received(:fetch_media).with(message_id: "m1", metadata: { user_id: 1 })
       expect(adapter).to have_received(:delete_media).with(message_id: "m1", metadata: { user_id: 1 })
+      expect(adapter).to have_received(:refetch_media).with(message_id: "m1", chat_id: "919@c.us", metadata: { user_id: 1 })
     end
   end
 
   it "raises on the media helpers when the provider is disabled" do
     Dir.mktmpdir do |dir|
-      adapter = double(fetch_qr_code: "qr", connection_status: {}, fetch_media: nil, delete_media: { success: true })
+      adapter = double(fetch_qr_code: "qr", connection_status: {}, fetch_media: nil, delete_media: { success: true }, refetch_media: nil)
       config = build_config(path: File.join(dir, "session.json"), adapter: adapter, enabled: false)
       provider = described_class.new(configuration: config)
 
       expect { provider.fetch_media(message_id: "m1") }.to raise_error(WhatsAppNotifier::ConfigurationError, /disabled/)
       expect { provider.delete_media(message_id: "m1") }.to raise_error(WhatsAppNotifier::ConfigurationError, /disabled/)
+      expect { provider.refetch_media(message_id: "m1", chat_id: "919@c.us") }.to raise_error(WhatsAppNotifier::ConfigurationError, /disabled/)
     end
   end
 
@@ -173,6 +178,59 @@ RSpec.describe WhatsAppNotifier::Providers::WebAutomation do
 
       expect { provider.fetch_media(message_id: "m1") }.to raise_error(WhatsAppNotifier::ConfigurationError, /media fetch/)
       expect { provider.delete_media(message_id: "m1") }.to raise_error(WhatsAppNotifier::ConfigurationError, /media deletion/)
+      expect { provider.refetch_media(message_id: "m1", chat_id: "919@c.us") }.to raise_error(WhatsAppNotifier::ConfigurationError, /media refetch/)
+    end
+  end
+
+  it "lists chats and fetches history via the adapter when enabled" do
+    Dir.mktmpdir do |dir|
+      adapter = double(
+        fetch_qr_code: "qr", connection_status: {},
+        list_chats: [{ id: "919@c.us", name: "Asha", last_message_at: 9 }],
+        fetch_history: [{ from: "919@c.us", body: "old", message_id: "h1" }]
+      )
+      config = build_config(path: File.join(dir, "session.json"), adapter: adapter)
+      provider = described_class.new(configuration: config)
+
+      expect(provider.list_chats(metadata: { user_id: 1 })).to eq([{ id: "919@c.us", name: "Asha", last_message_at: 9 }])
+      expect(provider.fetch_history(chat_id: "919@c.us", limit: 20, metadata: { user_id: 1 }))
+        .to eq([{ from: "919@c.us", body: "old", message_id: "h1" }])
+      expect(adapter).to have_received(:list_chats).with(metadata: { user_id: 1 })
+      expect(adapter).to have_received(:fetch_history).with(chat_id: "919@c.us", limit: 20, metadata: { user_id: 1 })
+    end
+  end
+
+  it "defaults the history limit to 50 through the provider" do
+    Dir.mktmpdir do |dir|
+      adapter = double(fetch_qr_code: "qr", connection_status: {}, fetch_history: [])
+      config = build_config(path: File.join(dir, "session.json"), adapter: adapter)
+      provider = described_class.new(configuration: config)
+
+      provider.fetch_history(chat_id: "919@c.us")
+
+      expect(adapter).to have_received(:fetch_history).with(chat_id: "919@c.us", limit: 50, metadata: {})
+    end
+  end
+
+  it "raises on the history helpers when the provider is disabled" do
+    Dir.mktmpdir do |dir|
+      adapter = double(fetch_qr_code: "qr", connection_status: {}, list_chats: [], fetch_history: [])
+      config = build_config(path: File.join(dir, "session.json"), adapter: adapter, enabled: false)
+      provider = described_class.new(configuration: config)
+
+      expect { provider.list_chats }.to raise_error(WhatsAppNotifier::ConfigurationError, /disabled/)
+      expect { provider.fetch_history(chat_id: "919@c.us") }.to raise_error(WhatsAppNotifier::ConfigurationError, /disabled/)
+    end
+  end
+
+  it "raises on the history helpers when the adapter lacks history support" do
+    Dir.mktmpdir do |dir|
+      adapter = double(fetch_qr_code: "qr", connection_status: {})
+      config = build_config(path: File.join(dir, "session.json"), adapter: adapter)
+      provider = described_class.new(configuration: config)
+
+      expect { provider.list_chats }.to raise_error(WhatsAppNotifier::ConfigurationError, /chat listing/)
+      expect { provider.fetch_history(chat_id: "919@c.us") }.to raise_error(WhatsAppNotifier::ConfigurationError, /history replay/)
     end
   end