@myrialabs/clopen 0.1.9 → 0.2.0

package/backend/lib/snapshot/snapshot-service.ts

@@ -285,47 +285,18 @@ export class SnapshotService {
 	 */
 	async checkRestoreConflicts(
 		sessionId: string,
-		targetCheckpointMessageId: string,
-		projectPath?: string
+		targetCheckpointMessageId: string | null,
+		projectPath?: string,
+		targetPath?: string[]
 	): Promise<RestoreConflictCheck> {
 		const sessionSnapshots = snapshotQueries.getBySessionId(sessionId);
+		const isInitialRestore = targetCheckpointMessageId === null;
 
-		const targetIndex = sessionSnapshots.findIndex(
-			s => s.message_id === targetCheckpointMessageId
+		// Build expected state at target (branch-aware when targetPath is provided)
+		const expectedState = this.buildExpectedState(
+			sessionSnapshots, targetCheckpointMessageId, targetPath
 		);
 
-		if (targetIndex === -1) {
-			return { hasConflicts: false, conflicts: [], checkpointsToUndo: [] };
-		}
-
-		// Build expected state at target (same bidirectional algorithm as restoreSessionScoped)
-		// This determines ALL files that would be affected by the restore
-		const expectedState = new Map<string, string>(); // filepath → expectedHash
-
-		for (let i = 0; i <= targetIndex; i++) {
-			const snap = sessionSnapshots[i];
-			if (!snap.session_changes) continue;
-			try {
-				const changes = JSON.parse(snap.session_changes) as SessionScopedChanges;
-				for (const [filepath, change] of Object.entries(changes)) {
-					expectedState.set(filepath, change.newHash);
-				}
-			} catch { /* skip malformed */ }
-		}
-
-		for (let i = targetIndex + 1; i < sessionSnapshots.length; i++) {
-			const snap = sessionSnapshots[i];
-			if (!snap.session_changes) continue;
-			try {
-				const changes = JSON.parse(snap.session_changes) as SessionScopedChanges;
-				for (const [filepath, change] of Object.entries(changes)) {
-					if (!expectedState.has(filepath)) {
-						expectedState.set(filepath, change.oldHash);
-					}
-				}
-			} catch { /* skip malformed */ }
-		}
-
 		if (expectedState.size === 0) {
 			return { hasConflicts: false, conflicts: [], checkpointsToUndo: [] };
 		}
@@ -354,8 +325,13 @@ export class SnapshotService {
 
 		// Determine reference time for cross-session conflict check
 		// Use min(targetTime, currentHeadTime) to cover both undo and redo
-		const targetSnapshot = sessionSnapshots[targetIndex];
-		const targetTime = targetSnapshot.created_at;
+		// For initial restore, use the session's created_at or the earliest snapshot time
+		const targetSnapshot = isInitialRestore
+			? null
+			: sessionSnapshots.find(s => s.message_id === targetCheckpointMessageId) || null;
+		const targetTime = targetSnapshot
+			? targetSnapshot.created_at
+			: (sessionSnapshots[0]?.created_at || new Date(0).toISOString());
 		let referenceTime = targetTime;
 
 		const currentHead = sessionQueries.getHead(sessionId);
@@ -384,7 +360,9 @@ export class SnapshotService {
 
 		// Check for cross-session conflicts
 		const conflicts: RestoreConflict[] = [];
-		const projectId = targetSnapshot.project_id;
+		const projectId = targetSnapshot
+			? targetSnapshot.project_id
+			: (sessionSnapshots[0]?.project_id || '');
 		const allProjectSnapshots = this.getAllProjectSnapshots(projectId);
 
 		for (const otherSnap of allProjectSnapshots) {
@@ -472,60 +450,29 @@ export class SnapshotService {
 	 * Restore to a checkpoint using session-scoped changes.
 	 * Works in both directions (forward and backward).
 	 *
-	 * Algorithm:
-	 * 1. Walk snapshots [0..targetIndex] → build expected file state at target
-	 * 2. Walk snapshots [targetIndex+1..end] → files changed only after target need reverting
-	 * 3. For each file in the expected state map, compare with current disk and restore if different
+	 * When targetPath is provided, uses branch-aware algorithm:
+	 * 1. Only apply changes from snapshots on the path (root → target)
+	 * 2. Revert ALL changes from snapshots on other branches
+	 * 3. Compare expected state with disk and restore if different
 	 * 4. Update in-memory baseline to match restored state
+	 *
+	 * Falls back to linear algorithm when targetPath is not provided.
 	 */
 	async restoreSessionScoped(
 		projectPath: string,
 		sessionId: string,
-		targetCheckpointMessageId: string,
-		conflictResolutions?: ConflictResolution
+		targetCheckpointMessageId: string | null,
+		conflictResolutions?: ConflictResolution,
+		targetPath?: string[]
 	): Promise<{ restoredFiles: number; skippedFiles: number }> {
 		try {
 			const sessionSnapshots = snapshotQueries.getBySessionId(sessionId);
 
-			const targetIndex = sessionSnapshots.findIndex(
-				s => s.message_id === targetCheckpointMessageId
-			);
-
-			if (targetIndex === -1) {
-				debug.warn('snapshot', 'Target checkpoint snapshot not found');
-				return { restoredFiles: 0, skippedFiles: 0 };
-			}
-
 			// Build expected file state at the target checkpoint
-			// filepath → hash that the file should be at the target
-			const expectedState = new Map<string, string>();
-
-			// Walk snapshots from first to target (inclusive): apply forward changes
-			for (let i = 0; i <= targetIndex; i++) {
-				const snap = sessionSnapshots[i];
-				if (!snap.session_changes) continue;
-				try {
-					const changes = JSON.parse(snap.session_changes) as SessionScopedChanges;
-					for (const [filepath, change] of Object.entries(changes)) {
-						expectedState.set(filepath, change.newHash);
-					}
-				} catch { /* skip */ }
-			}
-
-			// Walk snapshots after target: files changed only after target need reverting to oldHash
-			for (let i = targetIndex + 1; i < sessionSnapshots.length; i++) {
-				const snap = sessionSnapshots[i];
-				if (!snap.session_changes) continue;
-				try {
-					const changes = JSON.parse(snap.session_changes) as SessionScopedChanges;
-					for (const [filepath, change] of Object.entries(changes)) {
-						if (!expectedState.has(filepath)) {
-							// File was first changed AFTER target → revert to pre-change state
-							expectedState.set(filepath, change.oldHash);
-						}
-					}
-				} catch { /* skip */ }
-			}
+			// Branch-aware when targetPath is provided
+			const expectedState = this.buildExpectedState(
+				sessionSnapshots, targetCheckpointMessageId, targetPath
+			);
 
 			debug.log('snapshot', `Restore to checkpoint: ${expectedState.size} files in expected state`);
 
@@ -600,6 +547,124 @@ export class SnapshotService {
 	// Helpers
 	// ========================================================================
 
+	/**
+	 * Build the expected file state map for a restore operation.
+	 *
+	 * Branch-aware algorithm (when targetPath is provided):
+	 * 1. Separate snapshots into path (root→target) vs non-path
+	 * 2. Forward walk: only apply newHash from snapshots on the path (in path order)
+	 * 3. Revert walk: revert ALL non-path snapshots using oldHash (first-wins)
+	 *
+	 * This correctly handles multi-branch checkpoint trees by NOT including
+	 * changes from other branches in the forward walk.
+	 *
+	 * Fallback linear algorithm (when targetPath is not provided):
+	 * Walks all snapshots chronologically — only correct for single-branch paths.
+	 */
+	private buildExpectedState(
+		sessionSnapshots: MessageSnapshot[],
+		targetCheckpointMessageId: string | null,
+		targetPath?: string[]
+	): Map<string, string> {
+		const expectedState = new Map<string, string>();
+		const isInitialRestore = targetCheckpointMessageId === null;
+
+		if (isInitialRestore) {
+			// Revert ALL snapshots → everything goes back to oldHash (first-wins)
+			for (const snap of sessionSnapshots) {
+				if (!snap.session_changes) continue;
+				try {
+					const changes = JSON.parse(snap.session_changes as string) as SessionScopedChanges;
+					for (const [filepath, change] of Object.entries(changes)) {
+						if (!expectedState.has(filepath)) {
+							expectedState.set(filepath, change.oldHash);
+						}
+					}
+				} catch { /* skip malformed */ }
+			}
+		} else if (targetPath && targetPath.length > 0) {
+			// Branch-aware restore: only include snapshots on the path from root to target
+			const pathSet = new Set(targetPath);
+
+			// Separate snapshots into path vs non-path
+			const snapshotByMsgId = new Map<string, MessageSnapshot>();
+			const nonPathSnapshots: MessageSnapshot[] = [];
+
+			for (const snap of sessionSnapshots) {
+				if (pathSet.has(snap.message_id)) {
+					snapshotByMsgId.set(snap.message_id, snap);
+				} else {
+					nonPathSnapshots.push(snap);
+				}
+			}
+
+			// Forward walk: apply path snapshots in path order (root → target)
+			// Later path snapshots overwrite earlier ones for the same file (correct)
+			for (const cpId of targetPath) {
+				const snap = snapshotByMsgId.get(cpId);
+				if (!snap?.session_changes) continue;
+				try {
+					const changes = JSON.parse(snap.session_changes as string) as SessionScopedChanges;
+					for (const [filepath, change] of Object.entries(changes)) {
+						expectedState.set(filepath, change.newHash);
+					}
+				} catch { /* skip malformed */ }
+			}
+
+			// Revert all non-path snapshots (changes on other branches)
+			// Process in chronological order with first-wins semantics:
+			// if two non-path snapshots change the same file, the earliest one's
+			// oldHash is used (state before any branch diverged)
+			for (const snap of nonPathSnapshots) {
+				if (!snap.session_changes) continue;
+				try {
+					const changes = JSON.parse(snap.session_changes as string) as SessionScopedChanges;
+					for (const [filepath, change] of Object.entries(changes)) {
+						if (!expectedState.has(filepath)) {
+							expectedState.set(filepath, change.oldHash);
+						}
+					}
+				} catch { /* skip malformed */ }
+			}
+		} else {
+			// Fallback: linear algorithm (no path info available)
+			const targetIndex = sessionSnapshots.findIndex(
+				s => s.message_id === targetCheckpointMessageId
+			);
+
+			if (targetIndex === -1) {
+				debug.warn('snapshot', 'Target checkpoint snapshot not found (linear fallback)');
+				return expectedState;
+			}
+
+			for (let i = 0; i <= targetIndex; i++) {
+				const snap = sessionSnapshots[i];
+				if (!snap.session_changes) continue;
+				try {
+					const changes = JSON.parse(snap.session_changes as string) as SessionScopedChanges;
+					for (const [filepath, change] of Object.entries(changes)) {
+						expectedState.set(filepath, change.newHash);
+					}
+				} catch { /* skip malformed */ }
+			}
+
+			for (let i = targetIndex + 1; i < sessionSnapshots.length; i++) {
+				const snap = sessionSnapshots[i];
+				if (!snap.session_changes) continue;
+				try {
+					const changes = JSON.parse(snap.session_changes as string) as SessionScopedChanges;
+					for (const [filepath, change] of Object.entries(changes)) {
+						if (!expectedState.has(filepath)) {
+							expectedState.set(filepath, change.oldHash);
+						}
+					}
+				} catch { /* skip malformed */ }
+			}
+		}
+
+		return expectedState;
+	}
+
 	/**
 	 * Calculate line-level change stats for changed files.
 	 */

package/backend/lib/utils/ws.ts

@@ -67,6 +67,12 @@ interface ConnectionState {
 	chatSessionIds: Set<string>;
 	/** Cleanup functions called automatically on unregister (connection close) */
 	cleanups: Set<() => void>;
+	/** Whether this connection has been authenticated */
+	authenticated: boolean;
+	/** User role (admin or member) — set by auth handler */
+	role: 'admin' | 'member' | null;
+	/** Hash of the session token used for this connection */
+	sessionTokenHash: string | null;
 }
 
 /**
@@ -140,7 +146,7 @@ class WSServer {
 		const id = crypto.randomUUID();
 		this.rawToId.set(raw, id);
 		this.connections.set(id, conn);
-		this.connectionState.set(id, { userId: null, projectId: null, chatSessionIds: new Set(), cleanups: new Set() });
+		this.connectionState.set(id, { userId: null, projectId: null, chatSessionIds: new Set(), cleanups: new Set(), authenticated: false, role: null, sessionTokenHash: null });
 
 		this.metrics.totalConnections = this.connections.size;
 		debug.log('websocket', `Connection registered: ${id} (total: ${this.connections.size})`);
@@ -516,6 +522,64 @@ class WSServer {
 		return this.connectionState.get(id);
 	}
 
+	/**
+	 * Set authentication state for a connection.
+	 * Called by auth handlers after successful login/setup/invite.
+	 */
+	setAuth(conn: WSConnection, userId: string, role: 'admin' | 'member', sessionTokenHash: string): void {
+		const wsId = this.ensureRegistered(conn);
+		const state = this.connectionState.get(wsId);
+		if (state) {
+			state.authenticated = true;
+			state.role = role;
+			state.sessionTokenHash = sessionTokenHash;
+		}
+		// Also set userId via existing method (handles room management)
+		this.setUser(conn, userId);
+		debug.log('websocket', `Connection ${wsId} authenticated: userId=${userId}, role=${role}`);
+	}
+
+	/**
+	 * Get the role for a connection.
+	 */
+	getRole(conn: WSConnection): 'admin' | 'member' | null {
+		const id = this.resolveId(conn);
+		if (!id) return null;
+		return this.connectionState.get(id)?.role ?? null;
+	}
+
+	/**
+	 * Check if a connection is authenticated.
+	 */
+	isAuthenticated(conn: WSConnection): boolean {
+		const id = this.resolveId(conn);
+		if (!id) return false;
+		return this.connectionState.get(id)?.authenticated ?? false;
+	}
+
+	/**
+	 * Get remote IP address of a connection.
+	 */
+	getRemoteAddress(conn: WSConnection): string {
+		const raw = (conn as any).raw;
+		return raw?.remoteAddress ?? 'unknown';
+	}
+
+	/**
+	 * Clear authentication state for a connection (logout).
+	 */
+	clearAuth(conn: WSConnection): void {
+		const id = this.resolveId(conn);
+		if (!id) return;
+		const state = this.connectionState.get(id);
+		if (state) {
+			state.authenticated = false;
+			state.role = null;
+			state.sessionTokenHash = null;
+		}
+		debug.log('websocket', `Connection ${id} auth cleared`);
+	}
+
 	/**
 	 * Check if connection can receive data (backpressure check)
 	 */

package/backend/ws/auth/index.ts

@@ -0,0 +1,17 @@
+import { createRouter } from '$shared/utils/ws-server';
+import { t } from 'elysia';
+import { statusHandler } from './status';
+import { loginHandler } from './login';
+import { inviteHandler } from './invites';
+import { usersHandler } from './users';
+
+export const authRouter = createRouter()
+	.merge(statusHandler)
+	.merge(loginHandler)
+	.merge(inviteHandler)
+	.merge(usersHandler)
+	// Declare auth:error event (emitted by auth gate in WSRouter)
+	.emit('auth:error', t.Object({
+		error: t.String(),
+		blockedAction: t.String()
+	}));

package/backend/ws/auth/invites.ts

@@ -0,0 +1,84 @@
+import { t } from 'elysia';
+import { createRouter } from '$shared/utils/ws-server';
+import { createInvite, listInvites, revokeInvite } from '$backend/lib/auth/auth-service';
+import { ws } from '$backend/lib/utils/ws';
+
+export const inviteHandler = createRouter()
+	// Create invite token (admin only — enforced by auth gate)
+	.http('auth:create-invite', {
+		data: t.Object({
+			label: t.Optional(t.String()),
+			maxUses: t.Optional(t.Number({ minimum: 0 })),
+			expiresInMinutes: t.Optional(t.Number({ minimum: 1 }))
+		}),
+		response: t.Object({
+			inviteToken: t.String(),
+			invite: t.Object({
+				id: t.String(),
+				role: t.String(),
+				label: t.Union([t.String(), t.Null()]),
+				max_uses: t.Number(),
+				use_count: t.Number(),
+				expires_at: t.Union([t.String(), t.Null()]),
+				created_at: t.String()
+			})
+		})
+	}, async ({ data, conn }) => {
+		const userId = ws.getUserId(conn);
+		const result = createInvite(userId, {
+			label: data.label,
+			maxUses: data.maxUses,
+			expiresInMinutes: data.expiresInMinutes
+		});
+
+		return {
+			inviteToken: result.inviteToken,
+			invite: {
+				id: result.invite!.id,
+				role: result.invite!.role,
+				label: result.invite!.label,
+				max_uses: result.invite!.max_uses,
+				use_count: result.invite!.use_count,
+				expires_at: result.invite!.expires_at,
+				created_at: result.invite!.created_at
+			}
+		};
+	})
+
+	// List all invites (admin only)
+	.http('auth:list-invites', {
+		data: t.Object({}),
+		response: t.Array(t.Object({
+			id: t.String(),
+			role: t.String(),
+			label: t.Union([t.String(), t.Null()]),
+			max_uses: t.Number(),
+			use_count: t.Number(),
+			expires_at: t.Union([t.String(), t.Null()]),
+			created_at: t.String()
+		}))
+	}, async () => {
+		const invites = listInvites();
+		return invites.map(inv => ({
+			id: inv.id,
+			role: inv.role,
+			label: inv.label,
+			max_uses: inv.max_uses,
+			use_count: inv.use_count,
+			expires_at: inv.expires_at,
+			created_at: inv.created_at
+		}));
+	})
+
+	// Revoke invite (admin only)
+	.http('auth:revoke-invite', {
+		data: t.Object({
+			id: t.String({ minLength: 1 })
+		}),
+		response: t.Object({
+			success: t.Boolean()
+		})
+	}, async ({ data }) => {
+		revokeInvite(data.id);
+		return { success: true };
+	});