@desplega.ai/agent-swarm 1.80.2 → 1.81.0

package/src/tests/agentmail-handlers.test.ts

@@ -0,0 +1,166 @@
+import { afterAll, beforeAll, describe, expect, test } from "bun:test";
+import { unlinkSync } from "node:fs";
+import { handleMessageReceived } from "../agentmail/handlers";
+import type { AgentMailWebhookPayload } from "../agentmail/types";
+import {
+  closeDb,
+  createAgent,
+  createUser,
+  getAllUsers,
+  getDb,
+  getTaskById,
+  initDb,
+} from "../be/db";
+import { findUserByEmail } from "../be/users";
+
+const TEST_DB_PATH = "./test-agentmail-handlers.sqlite";
+
+function eventsFor(userId: string): Array<{
+  eventType: string;
+  actor: string;
+  beforeJson: string | null;
+  afterJson: string | null;
+}> {
+  return getDb()
+    .prepare<
+      { eventType: string; actor: string; beforeJson: string | null; afterJson: string | null },
+      string
+    >(
+      "SELECT eventType, actor, beforeJson, afterJson FROM user_identity_events WHERE userId = ? ORDER BY createdAt ASC, rowid ASC",
+    )
+    .all(userId);
+}
+
+function makePayload(opts: {
+  from: string;
+  eventId?: string;
+  threadId?: string;
+  messageId?: string;
+  inboxId?: string;
+  subject?: string;
+  text?: string;
+}): AgentMailWebhookPayload {
+  return {
+    type: "event",
+    event_type: "message.received",
+    event_id: opts.eventId ?? `evt_${Math.random().toString(36).slice(2)}`,
+    message: {
+      message_id: opts.messageId ?? `msg_${Math.random().toString(36).slice(2)}`,
+      thread_id: opts.threadId ?? `thr_${Math.random().toString(36).slice(2)}`,
+      inbox_id: opts.inboxId ?? "bot@swarm.dev",
+      organization_id: "org_test",
+      from_: opts.from,
+      to: ["bot@swarm.dev"],
+      cc: [],
+      bcc: [],
+      reply_to: [],
+      subject: opts.subject ?? "Test",
+      preview: "",
+      text: opts.text ?? "Hello",
+      html: null,
+      labels: [],
+      attachments: [],
+      in_reply_to: null,
+      references: [],
+      timestamp: new Date().toISOString(),
+      created_at: new Date().toISOString(),
+      updated_at: new Date().toISOString(),
+    },
+  };
+}
+
+beforeAll(() => {
+  for (const suffix of ["", "-wal", "-shm"]) {
+    try {
+      unlinkSync(`${TEST_DB_PATH}${suffix}`);
+    } catch {}
+  }
+  initDb(TEST_DB_PATH);
+  // Ensure a lead exists so handler's findLeadAgent() returns truthy and a
+  // task gets created on the "no inbox mapping" path.
+  createAgent({ name: "LeadAgent", isLead: true, status: "idle" });
+});
+
+afterAll(() => {
+  closeDb();
+  for (const suffix of ["", "-wal", "-shm"]) {
+    try {
+      unlinkSync(`${TEST_DB_PATH}${suffix}`);
+    } catch {}
+  }
+});
+
+describe("handleMessageReceived — identity auto-link via findOrCreateUserByEmail", () => {
+  test("UNKNOWN sender → users row auto-created, identity_added event emitted, task requestedByUserId populated", async () => {
+    const before = getAllUsers().length;
+    const result = await handleMessageReceived(
+      makePayload({ from: "Alice Newcomer <alice.newcomer@example.com>" }),
+    );
+    expect(result.created).toBe(true);
+    expect(result.taskId).toBeDefined();
+
+    const user = findUserByEmail("alice.newcomer@example.com");
+    expect(user).not.toBeNull();
+    expect(user!.name).toBe("Alice Newcomer");
+    expect(getAllUsers().length).toBe(before + 1);
+
+    const events = eventsFor(user!.id);
+    expect(events.map((e) => e.eventType)).toEqual(["identity_added"]);
+    expect(events[0]!.actor).toBe("system:webhook:agentmail");
+
+    const task = getTaskById(result.taskId!);
+    expect(task).not.toBeNull();
+    expect(task!.requestedByUserId).toBe(user!.id);
+  });
+
+  test("KNOWN sender (existing users.email) → no duplicate row, auto_merge event, task requestedByUserId populated", async () => {
+    const existing = createUser({ name: "Bob Existing", email: "bob.existing@example.com" });
+    const beforeCount = getAllUsers().length;
+
+    const result = await handleMessageReceived(makePayload({ from: "bob.existing@example.com" }));
+    expect(result.created).toBe(true);
+    expect(result.taskId).toBeDefined();
+    expect(getAllUsers().length).toBe(beforeCount);
+
+    const events = eventsFor(existing.id);
+    expect(events.map((e) => e.eventType)).toContain("auto_merge");
+
+    const task = getTaskById(result.taskId!);
+    expect(task!.requestedByUserId).toBe(existing.id);
+  });
+
+  test("sender matching emailAliases (not primary email) resolves via json_each-style alias path", async () => {
+    const existing = createUser({
+      name: "Carol Alias",
+      email: "carol@example.com",
+      emailAliases: ["carol.alt@example.com", "c.alias@example.com"],
+    });
+    const beforeCount = getAllUsers().length;
+
+    const result = await handleMessageReceived(
+      makePayload({ from: "Carol Alt <carol.alt@example.com>" }),
+    );
+    expect(result.created).toBe(true);
+    expect(getAllUsers().length).toBe(beforeCount);
+
+    const events = eventsFor(existing.id);
+    expect(events.map((e) => e.eventType)).toContain("auto_merge");
+
+    const task = getTaskById(result.taskId!);
+    expect(task!.requestedByUserId).toBe(existing.id);
+  });
+
+  test("sender with no extractable email → task created, requestedByUserId remains undefined, no findOrCreateUserByEmail side-effect", async () => {
+    const beforeCount = getAllUsers().length;
+
+    const result = await handleMessageReceived(
+      makePayload({ from: "Unknown Sender (no address)" }),
+    );
+    // Handler still creates a task (lead routing path), but with no user resolved.
+    expect(result.created).toBe(true);
+    expect(getAllUsers().length).toBe(beforeCount);
+
+    const task = getTaskById(result.taskId!);
+    expect(task!.requestedByUserId).toBeFalsy();
+  });
+});

package/src/tests/github-handlers.test.ts

@@ -0,0 +1,290 @@
+/**
+ * Identity resolution tests for GitHub webhook handlers.
+ *
+ * Covers the step-3 rewire: every handler now goes through
+ * `findUserByExternalId('github', sender.login)` + the kv-backed unmapped
+ * tracker. No email auto-link path exists (Q17.A — GitHub never exposes
+ * email reliably via webhook or App-installation token).
+ *
+ * Test matrix:
+ *   - PR event from a known github user → requestedByUserId populated, no kv writes
+ *   - PR event from unknown user → requestedByUserId undefined, kv :meta + :count = 1
+ *   - Repeat PR from same unknown user → :count = 2
+ *   - Issue, comment, review events follow the same pattern
+ *   - No `enrichUserFromIntegration('github', ...)` helper is invoked (no
+ *     module-level email-fetch path exists at all).
+ */
+import { afterAll, beforeAll, beforeEach, describe, expect, test } from "bun:test";
+import { unlink } from "node:fs/promises";
+import { closeDb, createAgent, createUser, deleteKv, getDb, getKv, initDb } from "../be/db";
+import { linkIdentity } from "../be/users";
+import {
+  handleComment,
+  handleIssue,
+  handlePullRequest,
+  handlePullRequestReview,
+} from "../github/handlers";
+import { GITHUB_BOT_NAME } from "../github/mentions";
+import type {
+  CommentEvent,
+  IssueEvent,
+  PullRequestEvent,
+  PullRequestReviewEvent,
+} from "../github/types";
+
+const TEST_DB_PATH = "./test-github-handlers.sqlite";
+const UNMAPPED_NAMESPACE = "integration:unmapped:github";
+const SYSTEM_ACTOR = { kind: "system" as const, id: "test:setup" };
+
+// ── Setup ──
+
+beforeAll(async () => {
+  await unlink(TEST_DB_PATH).catch(() => {});
+  await unlink(`${TEST_DB_PATH}-wal`).catch(() => {});
+  await unlink(`${TEST_DB_PATH}-shm`).catch(() => {});
+  initDb(TEST_DB_PATH);
+  createAgent({
+    id: "lead-gh-handlers",
+    name: "GitHubHandlersTestLead",
+    status: "idle",
+    isLead: true,
+  });
+});
+
+afterAll(async () => {
+  closeDb();
+  await unlink(TEST_DB_PATH).catch(() => {});
+  await unlink(`${TEST_DB_PATH}-wal`).catch(() => {});
+  await unlink(`${TEST_DB_PATH}-shm`).catch(() => {});
+});
+
+// Clear unmapped kv rows + tasks between tests to keep assertions independent.
+beforeEach(() => {
+  const db = getDb();
+  db.prepare("DELETE FROM kv_entries WHERE namespace = ?").run(UNMAPPED_NAMESPACE);
+  db.prepare("DELETE FROM agent_tasks").run();
+});
+
+// ── Helpers ──
+
+const BASE_REPO = { full_name: "test/repo", html_url: "https://github.com/test/repo" };
+const BASE_PR = {
+  number: 1,
+  title: "Test PR",
+  body: null as string | null,
+  html_url: "https://github.com/test/repo/pull/1",
+  user: { login: "anonymous" },
+  head: { ref: "feature", sha: "abc1234567890" },
+  base: { ref: "main" },
+  merged: false,
+  merged_by: undefined,
+};
+
+function makePREvent(senderLogin: string, prNumber = 1): PullRequestEvent {
+  return {
+    action: "opened",
+    pull_request: { ...BASE_PR, number: prNumber, title: `PR #${prNumber}` },
+    repository: BASE_REPO,
+    sender: { login: senderLogin },
+  };
+}
+
+function makeIssueEvent(senderLogin: string, issueNumber = 10): IssueEvent {
+  return {
+    action: "opened",
+    issue: {
+      number: issueNumber,
+      title: `Issue #${issueNumber}`,
+      body: null,
+      html_url: `https://github.com/test/repo/issues/${issueNumber}`,
+      user: { login: senderLogin },
+    },
+    repository: BASE_REPO,
+    sender: { login: senderLogin },
+  };
+}
+
+function makeCommentEvent(senderLogin: string, body: string): CommentEvent {
+  return {
+    action: "created",
+    comment: {
+      id: 999,
+      body,
+      html_url: "https://github.com/test/repo/issues/10#issuecomment-999",
+      user: { login: senderLogin },
+    },
+    issue: { number: 10, title: "Test Issue", html_url: "https://github.com/test/repo/issues/10" },
+    repository: BASE_REPO,
+    sender: { login: senderLogin },
+  };
+}
+
+function makeReviewEvent(senderLogin: string): PullRequestReviewEvent {
+  return {
+    action: "submitted",
+    review: {
+      id: 1,
+      body: "Looks good",
+      state: "approved",
+      html_url: "https://github.com/test/repo/pull/99#pullrequestreview-1",
+      user: { login: senderLogin },
+      submitted_at: "2026-01-01T00:00:00Z",
+    },
+    pull_request: {
+      number: 99,
+      title: "Bot PR",
+      body: null,
+      html_url: "https://github.com/test/repo/pull/99",
+      user: { login: GITHUB_BOT_NAME },
+      head: { ref: "feature" },
+      base: { ref: "main" },
+    },
+    repository: BASE_REPO,
+    sender: { login: senderLogin },
+  };
+}
+
+function getMappedUserTaskCount(userId: string): number {
+  const row = getDb()
+    .prepare<{ n: number }, string>(
+      "SELECT COUNT(*) AS n FROM agent_tasks WHERE requestedByUserId = ?",
+    )
+    .get(userId);
+  return row?.n ?? 0;
+}
+
+// ── Known sender → mapped requestedByUserId, no unmapped writes ──
+
+describe("known github sender", () => {
+  test("PR event from a mapped user populates requestedByUserId and writes no kv rows", async () => {
+    const user = createUser({ name: "Mapped User", email: "mapped@example.com" });
+    linkIdentity(user.id, "github", "mapped-login", SYSTEM_ACTOR);
+
+    const result = await handlePullRequest(makePREvent("mapped-login", 100));
+    // Even if the PR doesn't create a task (no mention), the sender resolution
+    // side effects are what we're testing — assert no kv writes happened.
+    expect(result.created).toBeDefined();
+    expect(getKv(UNMAPPED_NAMESPACE, "mapped-login:meta")).toBeNull();
+    expect(getKv(UNMAPPED_NAMESPACE, "mapped-login:count")).toBeNull();
+  });
+
+  test("PR with bot assignment from mapped user puts user id on the task", async () => {
+    const user = createUser({ name: "Mapped Assigner", email: "assigner@example.com" });
+    linkIdentity(user.id, "github", "assigner", SYSTEM_ACTOR);
+
+    const event: PullRequestEvent = {
+      action: "assigned",
+      pull_request: { ...BASE_PR, number: 200, title: "Bot PR" },
+      repository: BASE_REPO,
+      sender: { login: "assigner" },
+      assignee: { login: GITHUB_BOT_NAME, id: 1 },
+    };
+    const result = await handlePullRequest(event);
+    expect(result.created).toBe(true);
+    expect(getMappedUserTaskCount(user.id)).toBe(1);
+
+    // Mapped sender → no unmapped kv writes.
+    expect(getKv(UNMAPPED_NAMESPACE, "assigner:meta")).toBeNull();
+    expect(getKv(UNMAPPED_NAMESPACE, "assigner:count")).toBeNull();
+  });
+});
+
+// ── Unknown sender → unmapped kv tracker ──
+
+describe("unknown github sender", () => {
+  test("PR event from unknown user writes :meta + :count = 1", async () => {
+    await handlePullRequest(makePREvent("ghost-login", 300));
+
+    const meta = getKv(UNMAPPED_NAMESPACE, "ghost-login:meta");
+    expect(meta).not.toBeNull();
+    expect(meta?.valueType).toBe("json");
+    const metaValue = meta?.value as {
+      lastSeenAt: string;
+      sampleEventType: string;
+      sampleContext: string;
+    };
+    expect(metaValue.sampleEventType).toBe("pull_request");
+    expect(metaValue.sampleContext).toContain("PR #300");
+
+    const count = getKv(UNMAPPED_NAMESPACE, "ghost-login:count");
+    expect(count?.valueType).toBe("integer");
+    expect(count?.value).toBe(1);
+  });
+
+  test("repeated PR events from same unknown user atomically increment count", async () => {
+    await handlePullRequest(makePREvent("repeater", 400));
+    await handlePullRequest(makePREvent("repeater", 401));
+
+    const count = getKv(UNMAPPED_NAMESPACE, "repeater:count");
+    expect(count?.value).toBe(2);
+  });
+
+  test("issue event from unknown user writes sampleEventType = 'issues'", async () => {
+    await handleIssue(makeIssueEvent("issue-ghost", 50));
+
+    const meta = getKv(UNMAPPED_NAMESPACE, "issue-ghost:meta");
+    const metaValue = meta?.value as { sampleEventType: string; sampleContext: string };
+    expect(metaValue.sampleEventType).toBe("issues");
+    expect(metaValue.sampleContext).toContain("Issue #50");
+  });
+
+  test("comment event from unknown user writes sampleEventType = 'issue_comment'", async () => {
+    // Need a bot mention to avoid early-return — handleComment still runs the
+    // sender resolution before the mention check, though, so the kv write
+    // happens either way.
+    await handleComment(
+      makeCommentEvent("comment-ghost", "just a comment without mention"),
+      "issue_comment",
+    );
+
+    const meta = getKv(UNMAPPED_NAMESPACE, "comment-ghost:meta");
+    const metaValue = meta?.value as { sampleEventType: string; sampleContext: string };
+    expect(metaValue.sampleEventType).toBe("issue_comment");
+    expect(metaValue.sampleContext).toContain("just a comment");
+  });
+
+  test("review event from unknown user writes sampleEventType = 'pull_request_review'", async () => {
+    await handlePullRequestReview(makeReviewEvent("review-ghost"));
+
+    const meta = getKv(UNMAPPED_NAMESPACE, "review-ghost:meta");
+    const metaValue = meta?.value as { sampleEventType: string; sampleContext: string };
+    expect(metaValue.sampleEventType).toBe("pull_request_review");
+    expect(metaValue.sampleContext).toContain("Review on PR #99");
+    expect(metaValue.sampleContext).toContain("approved");
+  });
+
+  test("sampleContext is truncated to 100 characters", async () => {
+    const longBody = "x".repeat(200);
+    await handleComment(makeCommentEvent("trunc-ghost", longBody), "issue_comment");
+
+    const meta = getKv(UNMAPPED_NAMESPACE, "trunc-ghost:meta");
+    const metaValue = meta?.value as { sampleContext: string };
+    expect(metaValue.sampleContext.length).toBeLessThanOrEqual(100);
+  });
+});
+
+// ── Negative: no email-enrichment helper exists for GitHub ──
+
+describe("no github email enrichment", () => {
+  test("handlers module exports no `enrichUserFromIntegration`-style helper", async () => {
+    // Q17.A — there is intentionally NO email auto-link cascade for GitHub.
+    // Confirm the module surface stays clean.
+    const mod = await import("../github/handlers");
+    const exported = Object.keys(mod);
+    expect(exported.some((name) => /enrich.*github/i.test(name))).toBe(false);
+    expect(exported.some((name) => /github.*enrich/i.test(name))).toBe(false);
+  });
+
+  test("kv entries are cleaned up by deleteKv (operator triage flow)", async () => {
+    await handlePullRequest(makePREvent("triage-target", 500));
+    expect(getKv(UNMAPPED_NAMESPACE, "triage-target:meta")).not.toBeNull();
+
+    // Simulate the operator triage action that removes the kv entry after
+    // mapping the identity manually (step-9 UI will do this).
+    deleteKv(UNMAPPED_NAMESPACE, "triage-target:meta");
+    deleteKv(UNMAPPED_NAMESPACE, "triage-target:count");
+
+    expect(getKv(UNMAPPED_NAMESPACE, "triage-target:meta")).toBeNull();
+    expect(getKv(UNMAPPED_NAMESPACE, "triage-target:count")).toBeNull();
+  });
+});