@openparachute/agent 0.1.0

package/src/modules/permissions/sender-approval.test.ts

@@ -0,0 +1,470 @@
+/**
+ * Integration tests for the unknown-sender request_approval flow
+ * (ACTION-ITEMS item 5).
+ *
+ * Covers:
+ *  - request_approval policy fires `requestSenderApproval` on first unknown
+ *    message from a sender
+ *  - In-flight dedup: second message from the same sender while pending is
+ *    silently dropped (no second card, no second row)
+ *  - Approve path: member added, original message replayed via routeInbound,
+ *    container woken
+ *  - Deny path: pending row deleted, no member added
+ */
+import fs from 'fs';
+import { beforeEach, afterEach, describe, expect, it, vi } from 'vitest';
+
+import { initTestDb, closeDb, runMigrations } from '../../db/index.js';
+import { createAgentGroup } from '../../db/agent-groups.js';
+import { createMessagingGroup, createMessagingGroupAgent } from '../../db/messaging-groups.js';
+import { upsertUser } from './db/users.js';
+import { grantRole } from './db/user-roles.js';
+
+// Mock container runner — prevent actual docker spawn.
+vi.mock('../../container-runner.js', () => ({
+  wakeContainer: vi.fn().mockResolvedValue(undefined),
+  isContainerRunning: vi.fn().mockReturnValue(false),
+  getActiveContainerCount: vi.fn().mockReturnValue(0),
+  killContainer: vi.fn(),
+}));
+
+// Mock delivery adapter — record card deliveries for assertions.
+const deliverMock = vi.fn().mockResolvedValue('plat-msg-id');
+vi.mock('../../delivery.js', () => ({
+  getDeliveryAdapter: () => ({
+    deliver: deliverMock,
+  }),
+}));
+
+// Mock ensureUserDm to return the approver's existing messaging group
+// instead of hitting a real openDM RPC.
+vi.mock('./user-dm.js', () => ({
+  ensureUserDm: vi.fn(async (userId: string) => {
+    const { getDb } = await import('../../db/connection.js');
+    const row = getDb()
+      .prepare(
+        `SELECT mg.* FROM messaging_groups mg
+           JOIN user_dms ud ON ud.messaging_group_id = mg.id
+          WHERE ud.user_id = ?`,
+      )
+      .get(userId);
+    return row;
+  }),
+}));
+
+vi.mock('../../config.js', async () => {
+  const actual = await vi.importActual('../../config.js');
+  return { ...actual, DATA_DIR: '/tmp/paraclaw-test-sender-approval' };
+});
+
+const TEST_DIR = '/tmp/paraclaw-test-sender-approval';
+
+function now() {
+  return new Date().toISOString();
+}
+
+beforeEach(async () => {
+  if (fs.existsSync(TEST_DIR)) fs.rmSync(TEST_DIR, { recursive: true });
+  fs.mkdirSync(TEST_DIR, { recursive: true });
+  const db = initTestDb();
+  runMigrations(db);
+
+  // Side-effect imports: register hooks (permissions module) AFTER the
+  // mocks are in place so the access gate / response handler pick up the
+  // mocked delivery + user-dm helpers.
+  await import('./index.js');
+
+  // Fixtures: agent group, messaging group with request_approval, wiring,
+  // owner + DM messaging group for approver delivery.
+  createAgentGroup({ id: 'ag-1', name: 'Agent', folder: 'agent', agent_provider: null, created_at: now() });
+
+  createMessagingGroup({
+    id: 'mg-chat',
+    channel_type: 'telegram',
+    platform_id: 'chat-123',
+    name: 'Group Chat',
+    is_group: 1,
+    unknown_sender_policy: 'request_approval',
+    created_at: now(),
+  });
+  createMessagingGroupAgent({
+    id: 'mga-1',
+    messaging_group_id: 'mg-chat',
+    agent_group_id: 'ag-1',
+    engage_mode: 'pattern',
+    engage_pattern: '.',
+    sender_scope: 'all',
+    ignored_message_policy: 'drop',
+    session_mode: 'shared',
+    priority: 0,
+    created_at: now(),
+  });
+
+  // Owner user + their DM messaging group (pickApprover + ensureUserDm target).
+  upsertUser({ id: 'telegram:owner', kind: 'telegram', display_name: 'Owner', created_at: now() });
+  grantRole({
+    user_id: 'telegram:owner',
+    role: 'owner',
+    agent_group_id: null,
+    granted_by: null,
+    granted_at: now(),
+  });
+  createMessagingGroup({
+    id: 'mg-dm-owner',
+    channel_type: 'telegram',
+    platform_id: 'dm-owner',
+    name: 'Owner DM',
+    is_group: 0,
+    unknown_sender_policy: 'public',
+    created_at: now(),
+  });
+  const { getDb } = await import('../../db/connection.js');
+  getDb()
+    .prepare(
+      `INSERT INTO user_dms (user_id, channel_type, messaging_group_id, resolved_at)
+       VALUES (?, ?, ?, ?)`,
+    )
+    .run('telegram:owner', 'telegram', 'mg-dm-owner', now());
+
+  deliverMock.mockClear();
+});
+
+afterEach(() => {
+  closeDb();
+  if (fs.existsSync(TEST_DIR)) fs.rmSync(TEST_DIR, { recursive: true });
+});
+
+function stranger(text: string) {
+  return {
+    channelType: 'telegram',
+    platformId: 'chat-123',
+    threadId: null,
+    message: {
+      id: `stranger-${Math.random().toString(36).slice(2, 8)}`,
+      kind: 'chat' as const,
+      content: JSON.stringify({
+        senderId: 'tg:stranger',
+        senderName: 'Stranger',
+        text,
+      }),
+      timestamp: now(),
+    },
+  };
+}
+
+describe('unknown-sender request_approval flow', () => {
+  it('delivers an approval card on first unknown message', async () => {
+    const { routeInbound } = await import('../../router.js');
+    await routeInbound(stranger('hi'));
+
+    // Wait for the fire-and-forget requestSenderApproval to resolve.
+    await new Promise((r) => setTimeout(r, 10));
+
+    expect(deliverMock).toHaveBeenCalledTimes(1);
+    const [channel, platformId, thread, kind, content] = deliverMock.mock.calls[0];
+    expect(channel).toBe('telegram');
+    expect(platformId).toBe('dm-owner'); // delivered to owner's DM
+    expect(thread).toBeNull();
+    expect(kind).toBe('chat-sdk');
+    const payload = JSON.parse(content as string);
+    expect(payload.type).toBe('ask_question');
+    expect(payload.questionId).toMatch(/^nsa-/);
+
+    const { getDb } = await import('../../db/connection.js');
+    const rows = getDb().prepare('SELECT * FROM pending_sender_approvals').all();
+    expect(rows).toHaveLength(1);
+  });
+
+  it('dedups a second message from the same stranger while pending', async () => {
+    const { routeInbound } = await import('../../router.js');
+    await routeInbound(stranger('hello'));
+    await new Promise((r) => setTimeout(r, 10));
+    await routeInbound(stranger('are you there?'));
+    await new Promise((r) => setTimeout(r, 10));
+
+    expect(deliverMock).toHaveBeenCalledTimes(1);
+    const { getDb } = await import('../../db/connection.js');
+    const count = (getDb().prepare('SELECT COUNT(*) AS c FROM pending_sender_approvals').get() as { c: number }).c;
+    expect(count).toBe(1);
+  });
+
+  it('approve → adds member and replays the original message', async () => {
+    const { routeInbound } = await import('../../router.js');
+    const { getResponseHandlers } = await import('../../response-registry.js');
+    const { wakeContainer } = await import('../../container-runner.js');
+    (wakeContainer as unknown as ReturnType<typeof vi.fn>).mockClear();
+
+    await routeInbound(stranger('please let me in'));
+    await new Promise((r) => setTimeout(r, 10));
+
+    const { getDb } = await import('../../db/connection.js');
+    const pending = getDb().prepare('SELECT id FROM pending_sender_approvals').get() as { id: string };
+    expect(pending).toBeDefined();
+
+    // Fire the approve click through the response-handler chain.
+    for (const handler of getResponseHandlers()) {
+      const claimed = await handler({
+        questionId: pending.id,
+        value: 'approve',
+        // Chat SDK's onAction surfaces the raw platform userId (e.g. Telegram
+        // chat id). The permissions handler namespaces it with channelType to
+        // match users(id).
+        userId: 'owner',
+        channelType: 'telegram',
+        platformId: 'dm-owner',
+        threadId: null,
+      });
+      if (claimed) break;
+    }
+
+    // Member row added for the stranger against the wired agent group.
+    const member = getDb()
+      .prepare('SELECT 1 AS x FROM agent_group_members WHERE user_id = ? AND agent_group_id = ?')
+      .get('tg:stranger', 'ag-1');
+    expect(member).toBeDefined();
+
+    // Pending row cleared.
+    const stillPending = getDb().prepare('SELECT COUNT(*) AS c FROM pending_sender_approvals').get() as { c: number };
+    expect(stillPending.c).toBe(0);
+
+    // Message replayed + container woken.
+    expect(wakeContainer).toHaveBeenCalled();
+  });
+
+  it('deny → deletes the pending row without adding a member', async () => {
+    const { routeInbound } = await import('../../router.js');
+    const { getResponseHandlers } = await import('../../response-registry.js');
+
+    await routeInbound(stranger('hello'));
+    await new Promise((r) => setTimeout(r, 10));
+
+    const { getDb } = await import('../../db/connection.js');
+    const pending = getDb().prepare('SELECT id FROM pending_sender_approvals').get() as { id: string };
+    expect(pending).toBeDefined();
+
+    for (const handler of getResponseHandlers()) {
+      const claimed = await handler({
+        questionId: pending.id,
+        value: 'reject',
+        userId: 'owner', // raw platform id — handler namespaces with channelType
+        channelType: 'telegram',
+        platformId: 'dm-owner',
+        threadId: null,
+      });
+      if (claimed) break;
+    }
+
+    const count = (getDb().prepare('SELECT COUNT(*) AS c FROM pending_sender_approvals').get() as { c: number }).c;
+    expect(count).toBe(0);
+    const member = getDb()
+      .prepare('SELECT 1 AS x FROM agent_group_members WHERE user_id = ? AND agent_group_id = ?')
+      .get('tg:stranger', 'ag-1');
+    expect(member).toBeUndefined();
+  });
+
+  it('approve_and_allow → admits the sender, flips MG policy to public, and emits an audit log', async () => {
+    const { routeInbound } = await import('../../router.js');
+    const { getResponseHandlers } = await import('../../response-registry.js');
+    const { getMessagingGroup } = await import('../../db/messaging-groups.js');
+    const { log } = await import('../../log.js');
+
+    const infoSpy = vi.spyOn(log, 'info');
+
+    await routeInbound(stranger('let everyone in'));
+    await new Promise((r) => setTimeout(r, 10));
+
+    const { getDb } = await import('../../db/connection.js');
+    const pending = getDb().prepare('SELECT id FROM pending_sender_approvals').get() as { id: string };
+    expect(pending).toBeDefined();
+
+    for (const handler of getResponseHandlers()) {
+      const claimed = await handler({
+        questionId: pending.id,
+        value: 'approve_and_allow',
+        userId: 'owner',
+        channelType: 'telegram',
+        platformId: 'dm-owner',
+        threadId: null,
+      });
+      if (claimed) break;
+    }
+
+    // Sender admitted (same as 'approve' branch).
+    const member = getDb()
+      .prepare('SELECT 1 AS x FROM agent_group_members WHERE user_id = ? AND agent_group_id = ?')
+      .get('tg:stranger', 'ag-1');
+    expect(member).toBeDefined();
+
+    // MG flipped to public so future strangers skip the gate.
+    const mg = getMessagingGroup('mg-chat');
+    expect(mg?.unknown_sender_policy).toBe('public');
+
+    // Audit log entry includes operator + MG + before-state for traceability.
+    const auditCalls = infoSpy.mock.calls.filter(([, data]) => {
+      return (
+        typeof data === 'object' &&
+        data !== null &&
+        (data as { audit?: string }).audit === 'sender_approval_policy_flip'
+      );
+    });
+    expect(auditCalls).toHaveLength(1);
+    const [, auditFields] = auditCalls[0] as [string, Record<string, unknown>];
+    expect(auditFields).toMatchObject({
+      messagingGroupId: 'mg-chat',
+      agentGroupId: 'ag-1',
+      approverId: 'telegram:owner',
+      fromPolicy: 'request_approval',
+      toPolicy: 'public',
+    });
+
+    // Pending row cleared.
+    const stillPending = (getDb().prepare('SELECT COUNT(*) AS c FROM pending_sender_approvals').get() as { c: number })
+      .c;
+    expect(stillPending).toBe(0);
+
+    infoSpy.mockRestore();
+  });
+
+  it('approve_and_allow → idempotent on already-public MG, audit still fires with fromPolicy=public', async () => {
+    // Pre-flip the MG to public to simulate a second click after a prior
+    // always-allow has already happened. The button is shown unconditionally
+    // (Aaron's call) so this branch can fire even when policy is already
+    // public.
+    const { updateMessagingGroup, getMessagingGroup } = await import('../../db/messaging-groups.js');
+    updateMessagingGroup('mg-chat', { unknown_sender_policy: 'public' });
+
+    // With public policy, the access gate skips the unknown-sender flow —
+    // so we can't trigger the approval via routeInbound. Seed the pending
+    // row directly to exercise just the click handler. Upsert the sender
+    // user first so addMember's FK to users(id) holds.
+    upsertUser({ id: 'tg:later-stranger', kind: 'telegram', display_name: 'Later', created_at: now() });
+    const { createPendingSenderApproval } = await import('./db/pending-sender-approvals.js');
+    const approvalId = 'nsa-test-idempotent';
+    createPendingSenderApproval({
+      id: approvalId,
+      messaging_group_id: 'mg-chat',
+      agent_group_id: 'ag-1',
+      sender_identity: 'tg:later-stranger',
+      sender_name: 'Later',
+      original_message: JSON.stringify(stranger('hello again')),
+      approver_user_id: 'telegram:owner',
+      created_at: now(),
+      title: 'New sender',
+      options_json: '[]',
+    });
+
+    const { log } = await import('../../log.js');
+    const infoSpy = vi.spyOn(log, 'info');
+
+    const { getResponseHandlers } = await import('../../response-registry.js');
+    for (const handler of getResponseHandlers()) {
+      const claimed = await handler({
+        questionId: approvalId,
+        value: 'approve_and_allow',
+        userId: 'owner',
+        channelType: 'telegram',
+        platformId: 'dm-owner',
+        threadId: null,
+      });
+      if (claimed) break;
+    }
+
+    // Policy stays public (no regression).
+    expect(getMessagingGroup('mg-chat')?.unknown_sender_policy).toBe('public');
+
+    // Audit log fires with fromPolicy='public' so the click is traceable
+    // even when the DB write was a no-op.
+    const auditCalls = infoSpy.mock.calls.filter(([, data]) => {
+      return (
+        typeof data === 'object' &&
+        data !== null &&
+        (data as { audit?: string }).audit === 'sender_approval_policy_flip'
+      );
+    });
+    expect(auditCalls).toHaveLength(1);
+    const [, auditFields] = auditCalls[0] as [string, Record<string, unknown>];
+    expect(auditFields).toMatchObject({ fromPolicy: 'public', toPolicy: 'public' });
+
+    infoSpy.mockRestore();
+  });
+
+  it('rejects clicks from an unauthorized user (prevents self-admit via forwarded card)', async () => {
+    // Stranger triggers the approval flow; card goes to the owner.
+    const { routeInbound } = await import('../../router.js');
+    const { getResponseHandlers } = await import('../../response-registry.js');
+
+    await routeInbound(stranger('can I play'));
+    await new Promise((r) => setTimeout(r, 10));
+
+    const { getDb } = await import('../../db/connection.js');
+    const pending = getDb().prepare('SELECT id FROM pending_sender_approvals').get() as { id: string };
+    expect(pending).toBeDefined();
+
+    // A random user (not the stranger, not the owner, not an admin) tries to
+    // click the approval — e.g. they got the card forwarded. Should be
+    // rejected without admitting them.
+    for (const handler of getResponseHandlers()) {
+      const claimed = await handler({
+        questionId: pending.id,
+        value: 'approve',
+        userId: 'random-bystander', // not owner, not admin
+        channelType: 'telegram',
+        platformId: 'dm-random',
+        threadId: null,
+      });
+      if (claimed) break;
+    }
+
+    // No member added for the stranger.
+    const member = getDb()
+      .prepare('SELECT 1 AS x FROM agent_group_members WHERE user_id = ? AND agent_group_id = ?')
+      .get('tg:stranger', 'ag-1');
+    expect(member).toBeUndefined();
+
+    // Pending row is still there — a legitimate approver can still act on it.
+    const stillPending = (getDb().prepare('SELECT COUNT(*) AS c FROM pending_sender_approvals').get() as { c: number })
+      .c;
+    expect(stillPending).toBe(1);
+  });
+
+  it('accepts a click from a global admin even if they are not the designated approver', async () => {
+    // Pre-seed a separate admin user so we can click as them.
+    upsertUser({ id: 'telegram:admin-bob', kind: 'telegram', display_name: 'Bob', created_at: now() });
+    grantRole({
+      user_id: 'telegram:admin-bob',
+      role: 'admin',
+      agent_group_id: null,
+      granted_by: 'telegram:owner',
+      granted_at: now(),
+    });
+
+    const { routeInbound } = await import('../../router.js');
+    const { getResponseHandlers } = await import('../../response-registry.js');
+
+    await routeInbound(stranger('knock knock'));
+    await new Promise((r) => setTimeout(r, 10));
+
+    const { getDb } = await import('../../db/connection.js');
+    const pending = getDb().prepare('SELECT id FROM pending_sender_approvals').get() as { id: string };
+    expect(pending).toBeDefined();
+
+    // Admin clicks approve (not the designated approver, which was owner).
+    for (const handler of getResponseHandlers()) {
+      const claimed = await handler({
+        questionId: pending.id,
+        value: 'approve',
+        userId: 'admin-bob',
+        channelType: 'telegram',
+        platformId: 'dm-bob',
+        threadId: null,
+      });
+      if (claimed) break;
+    }
+
+    // Stranger admitted thanks to the admin's authority.
+    const member = getDb()
+      .prepare('SELECT 1 AS x FROM agent_group_members WHERE user_id = ? AND agent_group_id = ?')
+      .get('tg:stranger', 'ag-1');
+    expect(member).toBeDefined();
+  });
+});

package/src/modules/permissions/sender-approval.ts

@@ -0,0 +1,165 @@
+/**
+ * Unknown-sender approval flow.
+ *
+ * When `messaging_groups.unknown_sender_policy = 'request_approval'` and a
+ * non-member writes into a wired chat, the access gate drops the routing
+ * attempt and calls `requestSenderApproval` to:
+ *
+ *   1. Pick an eligible approver (owner / admin of the agent group).
+ *   2. Open / reuse a DM to that approver on a reachable channel.
+ *   3. Deliver an Approve / Deny card.
+ *   4. Record a pending_sender_approvals row that holds the original message
+ *      so it can be re-routed on approve.
+ *
+ * On approve: the handler in index.ts adds an agent_group_members row for
+ * the sender and re-invokes routeInbound with the stored event — the second
+ * routing attempt passes the gate because the user is now a member.
+ *
+ * Failure modes (logged + row NOT created, so the dedup gate lets a future
+ * attempt try again):
+ *   - No eligible approver in user_roles — fresh install, no owner yet.
+ *   - Approver has no reachable DM (no user_dms row + channel can't
+ *     openDM) — e.g. owner hasn't registered on any channel we're wired to.
+ *   - Delivery adapter missing.
+ *
+ * Dedup: `pending_sender_approvals` has UNIQUE(messaging_group_id,
+ * sender_identity). A retry / rapid second message from the same unknown
+ * sender is silently dropped (no duplicate card sent).
+ */
+import { normalizeOptions, type RawOption } from '../../channels/ask-question.js';
+import { getMessagingGroup } from '../../db/messaging-groups.js';
+import { getDeliveryAdapter } from '../../delivery.js';
+import { log } from '../../log.js';
+import { decodePlatformIdAs } from '../../platform-id.js';
+import type { InboundEvent } from '../../channels/adapter.js';
+import { appendFallbackNotice, pickApprovalDelivery, pickApprover } from '../approvals/primitive.js';
+import { createPendingSenderApproval, hasInFlightSenderApproval } from './db/pending-sender-approvals.js';
+
+// Three-button card per design doc PR #75 phase 4. The "always allow" branch
+// flips the messaging group's unknown_sender_policy to 'public' so future
+// strangers walk through with no gate. Shown unconditionally — even on
+// 'strict' MGs that wouldn't normally render this card — so the operator can
+// recover from a too-restrictive default with one click. The handler short-
+// circuits if the policy is already 'public', so the click is idempotent.
+const APPROVAL_OPTIONS: RawOption[] = [
+  { label: 'Allow', selectedLabel: '✅ Allowed', value: 'approve' },
+  { label: 'Allow & open channel', selectedLabel: '✅ Channel opened', value: 'approve_and_allow' },
+  { label: 'Deny', selectedLabel: '❌ Denied', value: 'reject' },
+];
+
+function generateId(): string {
+  return `nsa-${Date.now()}-${Math.random().toString(36).slice(2, 8)}`;
+}
+
+export interface RequestSenderApprovalInput {
+  messagingGroupId: string;
+  agentGroupId: string;
+  senderIdentity: string; // namespaced user id (channel_type:handle)
+  senderName: string | null;
+  event: InboundEvent;
+}
+
+export async function requestSenderApproval(input: RequestSenderApprovalInput): Promise<void> {
+  const { messagingGroupId, agentGroupId, senderIdentity, senderName, event } = input;
+
+  // In-flight dedup: don't spam the admin if the same unknown sender
+  // retries while a card is already pending.
+  if (hasInFlightSenderApproval(messagingGroupId, senderIdentity)) {
+    log.debug('Unknown-sender approval already in flight — dropping retry', {
+      messagingGroupId,
+      senderIdentity,
+    });
+    return;
+  }
+
+  const approvers = pickApprover(agentGroupId);
+  if (approvers.length === 0) {
+    log.warn('Unknown-sender approval skipped — no owner or admin configured', {
+      messagingGroupId,
+      agentGroupId,
+      senderIdentity,
+    });
+    return;
+  }
+
+  const originMg = getMessagingGroup(messagingGroupId);
+  const originChannelType = originMg?.channel_type ?? '';
+  const originBotId = originMg ? decodePlatformIdAs(originMg.platform_id, 'v2').botId : null;
+  const target = await pickApprovalDelivery(approvers, originChannelType, originBotId);
+  if (!target) {
+    log.warn('Unknown-sender approval skipped — no DM channel for any approver', {
+      messagingGroupId,
+      agentGroupId,
+      senderIdentity,
+    });
+    return;
+  }
+
+  const approvalId = generateId();
+  const senderDisplay = senderName && senderName.length > 0 ? senderName : senderIdentity;
+  const originName = originMg?.name ?? `a ${originChannelType} channel`;
+
+  const title = '👤 New sender';
+  const question = `${senderDisplay} wants to talk to your agent in ${originName}. Allow?`;
+  const options = normalizeOptions(APPROVAL_OPTIONS);
+
+  createPendingSenderApproval({
+    id: approvalId,
+    messaging_group_id: messagingGroupId,
+    agent_group_id: agentGroupId,
+    sender_identity: senderIdentity,
+    sender_name: senderName,
+    original_message: JSON.stringify(event),
+    approver_user_id: target.userId,
+    created_at: new Date().toISOString(),
+    title,
+    options_json: JSON.stringify(options),
+  });
+
+  const adapter = getDeliveryAdapter();
+  if (!adapter) {
+    // Without a delivery adapter, the card can't be sent. Log + leave the
+    // row in place so the admin can see it via DB or manual tooling; the
+    // dedup gate will suppress further cards until it's cleared.
+    log.error('Unknown-sender approval row created but no delivery adapter is wired', {
+      approvalId,
+    });
+    return;
+  }
+
+  try {
+    await adapter.deliver(
+      target.messagingGroup.channel_type,
+      target.messagingGroup.platform_id,
+      null,
+      'chat-sdk',
+      JSON.stringify({
+        type: 'ask_question',
+        questionId: approvalId,
+        title,
+        question: appendFallbackNotice(question, target.viaFallbackBot, originBotId),
+        options,
+      }),
+    );
+    log.info('Unknown-sender approval card delivered', {
+      approvalId,
+      senderIdentity,
+      approver: target.userId,
+      messagingGroupId,
+      agentGroupId,
+    });
+  } catch (err) {
+    log.error('Unknown-sender approval card delivery failed', {
+      approvalId,
+      err,
+    });
+  }
+}
+
+/**
+ * Option value the admin clicked that means "allow" — shared with the
+ * response handler so the two sides can't drift.
+ */
+export const APPROVE_VALUE = 'approve';
+export const APPROVE_AND_ALLOW_VALUE = 'approve_and_allow';
+export const REJECT_VALUE = 'reject';