@openparachute/agent 0.1.1 → 0.2.0

package/src/modules/permissions/sender-approval.test.ts

@@ -1,470 +0,0 @@
-/**
- * Integration tests for the unknown-sender request_approval flow
- * (ACTION-ITEMS item 5).
- *
- * Covers:
- *  - request_approval policy fires `requestSenderApproval` on first unknown
- *    message from a sender
- *  - In-flight dedup: second message from the same sender while pending is
- *    silently dropped (no second card, no second row)
- *  - Approve path: member added, original message replayed via routeInbound,
- *    container woken
- *  - Deny path: pending row deleted, no member added
- */
-import fs from 'fs';
-import { beforeEach, afterEach, describe, expect, it, vi } from 'vitest';
-
-import { initTestDb, closeDb, runMigrations } from '../../db/index.js';
-import { createAgentGroup } from '../../db/agent-groups.js';
-import { createMessagingGroup, createMessagingGroupAgent } from '../../db/messaging-groups.js';
-import { upsertUser } from './db/users.js';
-import { grantRole } from './db/user-roles.js';
-
-// Mock container runner — prevent actual docker spawn.
-vi.mock('../../container-runner.js', () => ({
-  wakeContainer: vi.fn().mockResolvedValue(undefined),
-  isContainerRunning: vi.fn().mockReturnValue(false),
-  getActiveContainerCount: vi.fn().mockReturnValue(0),
-  killContainer: vi.fn(),
-}));
-
-// Mock delivery adapter — record card deliveries for assertions.
-const deliverMock = vi.fn().mockResolvedValue('plat-msg-id');
-vi.mock('../../delivery.js', () => ({
-  getDeliveryAdapter: () => ({
-    deliver: deliverMock,
-  }),
-}));
-
-// Mock ensureUserDm to return the approver's existing messaging group
-// instead of hitting a real openDM RPC.
-vi.mock('./user-dm.js', () => ({
-  ensureUserDm: vi.fn(async (userId: string) => {
-    const { getDb } = await import('../../db/connection.js');
-    const row = getDb()
-      .prepare(
-        `SELECT mg.* FROM messaging_groups mg
-           JOIN user_dms ud ON ud.messaging_group_id = mg.id
-          WHERE ud.user_id = ?`,
-      )
-      .get(userId);
-    return row;
-  }),
-}));
-
-vi.mock('../../config.js', async () => {
-  const actual = await vi.importActual('../../config.js');
-  return { ...actual, DATA_DIR: '/tmp/paraclaw-test-sender-approval' };
-});
-
-const TEST_DIR = '/tmp/paraclaw-test-sender-approval';
-
-function now() {
-  return new Date().toISOString();
-}
-
-beforeEach(async () => {
-  if (fs.existsSync(TEST_DIR)) fs.rmSync(TEST_DIR, { recursive: true });
-  fs.mkdirSync(TEST_DIR, { recursive: true });
-  const db = initTestDb();
-  runMigrations(db);
-
-  // Side-effect imports: register hooks (permissions module) AFTER the
-  // mocks are in place so the access gate / response handler pick up the
-  // mocked delivery + user-dm helpers.
-  await import('./index.js');
-
-  // Fixtures: agent group, messaging group with request_approval, wiring,
-  // owner + DM messaging group for approver delivery.
-  createAgentGroup({ id: 'ag-1', name: 'Agent', folder: 'agent', agent_provider: null, created_at: now() });
-
-  createMessagingGroup({
-    id: 'mg-chat',
-    channel_type: 'telegram',
-    platform_id: 'chat-123',
-    name: 'Group Chat',
-    is_group: 1,
-    unknown_sender_policy: 'request_approval',
-    created_at: now(),
-  });
-  createMessagingGroupAgent({
-    id: 'mga-1',
-    messaging_group_id: 'mg-chat',
-    agent_group_id: 'ag-1',
-    engage_mode: 'pattern',
-    engage_pattern: '.',
-    sender_scope: 'all',
-    ignored_message_policy: 'drop',
-    session_mode: 'shared',
-    priority: 0,
-    created_at: now(),
-  });
-
-  // Owner user + their DM messaging group (pickApprover + ensureUserDm target).
-  upsertUser({ id: 'telegram:owner', kind: 'telegram', display_name: 'Owner', created_at: now() });
-  grantRole({
-    user_id: 'telegram:owner',
-    role: 'owner',
-    agent_group_id: null,
-    granted_by: null,
-    granted_at: now(),
-  });
-  createMessagingGroup({
-    id: 'mg-dm-owner',
-    channel_type: 'telegram',
-    platform_id: 'dm-owner',
-    name: 'Owner DM',
-    is_group: 0,
-    unknown_sender_policy: 'public',
-    created_at: now(),
-  });
-  const { getDb } = await import('../../db/connection.js');
-  getDb()
-    .prepare(
-      `INSERT INTO user_dms (user_id, channel_type, messaging_group_id, resolved_at)
-       VALUES (?, ?, ?, ?)`,
-    )
-    .run('telegram:owner', 'telegram', 'mg-dm-owner', now());
-
-  deliverMock.mockClear();
-});
-
-afterEach(() => {
-  closeDb();
-  if (fs.existsSync(TEST_DIR)) fs.rmSync(TEST_DIR, { recursive: true });
-});
-
-function stranger(text: string) {
-  return {
-    channelType: 'telegram',
-    platformId: 'chat-123',
-    threadId: null,
-    message: {
-      id: `stranger-${Math.random().toString(36).slice(2, 8)}`,
-      kind: 'chat' as const,
-      content: JSON.stringify({
-        senderId: 'tg:stranger',
-        senderName: 'Stranger',
-        text,
-      }),
-      timestamp: now(),
-    },
-  };
-}
-
-describe('unknown-sender request_approval flow', () => {
-  it('delivers an approval card on first unknown message', async () => {
-    const { routeInbound } = await import('../../router.js');
-    await routeInbound(stranger('hi'));
-
-    // Wait for the fire-and-forget requestSenderApproval to resolve.
-    await new Promise((r) => setTimeout(r, 10));
-
-    expect(deliverMock).toHaveBeenCalledTimes(1);
-    const [channel, platformId, thread, kind, content] = deliverMock.mock.calls[0];
-    expect(channel).toBe('telegram');
-    expect(platformId).toBe('dm-owner'); // delivered to owner's DM
-    expect(thread).toBeNull();
-    expect(kind).toBe('chat-sdk');
-    const payload = JSON.parse(content as string);
-    expect(payload.type).toBe('ask_question');
-    expect(payload.questionId).toMatch(/^nsa-/);
-
-    const { getDb } = await import('../../db/connection.js');
-    const rows = getDb().prepare('SELECT * FROM pending_sender_approvals').all();
-    expect(rows).toHaveLength(1);
-  });
-
-  it('dedups a second message from the same stranger while pending', async () => {
-    const { routeInbound } = await import('../../router.js');
-    await routeInbound(stranger('hello'));
-    await new Promise((r) => setTimeout(r, 10));
-    await routeInbound(stranger('are you there?'));
-    await new Promise((r) => setTimeout(r, 10));
-
-    expect(deliverMock).toHaveBeenCalledTimes(1);
-    const { getDb } = await import('../../db/connection.js');
-    const count = (getDb().prepare('SELECT COUNT(*) AS c FROM pending_sender_approvals').get() as { c: number }).c;
-    expect(count).toBe(1);
-  });
-
-  it('approve → adds member and replays the original message', async () => {
-    const { routeInbound } = await import('../../router.js');
-    const { getResponseHandlers } = await import('../../response-registry.js');
-    const { wakeContainer } = await import('../../container-runner.js');
-    (wakeContainer as unknown as ReturnType<typeof vi.fn>).mockClear();
-
-    await routeInbound(stranger('please let me in'));
-    await new Promise((r) => setTimeout(r, 10));
-
-    const { getDb } = await import('../../db/connection.js');
-    const pending = getDb().prepare('SELECT id FROM pending_sender_approvals').get() as { id: string };
-    expect(pending).toBeDefined();
-
-    // Fire the approve click through the response-handler chain.
-    for (const handler of getResponseHandlers()) {
-      const claimed = await handler({
-        questionId: pending.id,
-        value: 'approve',
-        // Chat SDK's onAction surfaces the raw platform userId (e.g. Telegram
-        // chat id). The permissions handler namespaces it with channelType to
-        // match users(id).
-        userId: 'owner',
-        channelType: 'telegram',
-        platformId: 'dm-owner',
-        threadId: null,
-      });
-      if (claimed) break;
-    }
-
-    // Member row added for the stranger against the wired agent group.
-    const member = getDb()
-      .prepare('SELECT 1 AS x FROM agent_group_members WHERE user_id = ? AND agent_group_id = ?')
-      .get('tg:stranger', 'ag-1');
-    expect(member).toBeDefined();
-
-    // Pending row cleared.
-    const stillPending = getDb().prepare('SELECT COUNT(*) AS c FROM pending_sender_approvals').get() as { c: number };
-    expect(stillPending.c).toBe(0);
-
-    // Message replayed + container woken.
-    expect(wakeContainer).toHaveBeenCalled();
-  });
-
-  it('deny → deletes the pending row without adding a member', async () => {
-    const { routeInbound } = await import('../../router.js');
-    const { getResponseHandlers } = await import('../../response-registry.js');
-
-    await routeInbound(stranger('hello'));
-    await new Promise((r) => setTimeout(r, 10));
-
-    const { getDb } = await import('../../db/connection.js');
-    const pending = getDb().prepare('SELECT id FROM pending_sender_approvals').get() as { id: string };
-    expect(pending).toBeDefined();
-
-    for (const handler of getResponseHandlers()) {
-      const claimed = await handler({
-        questionId: pending.id,
-        value: 'reject',
-        userId: 'owner', // raw platform id — handler namespaces with channelType
-        channelType: 'telegram',
-        platformId: 'dm-owner',
-        threadId: null,
-      });
-      if (claimed) break;
-    }
-
-    const count = (getDb().prepare('SELECT COUNT(*) AS c FROM pending_sender_approvals').get() as { c: number }).c;
-    expect(count).toBe(0);
-    const member = getDb()
-      .prepare('SELECT 1 AS x FROM agent_group_members WHERE user_id = ? AND agent_group_id = ?')
-      .get('tg:stranger', 'ag-1');
-    expect(member).toBeUndefined();
-  });
-
-  it('approve_and_allow → admits the sender, flips MG policy to public, and emits an audit log', async () => {
-    const { routeInbound } = await import('../../router.js');
-    const { getResponseHandlers } = await import('../../response-registry.js');
-    const { getMessagingGroup } = await import('../../db/messaging-groups.js');
-    const { log } = await import('../../log.js');
-
-    const infoSpy = vi.spyOn(log, 'info');
-
-    await routeInbound(stranger('let everyone in'));
-    await new Promise((r) => setTimeout(r, 10));
-
-    const { getDb } = await import('../../db/connection.js');
-    const pending = getDb().prepare('SELECT id FROM pending_sender_approvals').get() as { id: string };
-    expect(pending).toBeDefined();
-
-    for (const handler of getResponseHandlers()) {
-      const claimed = await handler({
-        questionId: pending.id,
-        value: 'approve_and_allow',
-        userId: 'owner',
-        channelType: 'telegram',
-        platformId: 'dm-owner',
-        threadId: null,
-      });
-      if (claimed) break;
-    }
-
-    // Sender admitted (same as 'approve' branch).
-    const member = getDb()
-      .prepare('SELECT 1 AS x FROM agent_group_members WHERE user_id = ? AND agent_group_id = ?')
-      .get('tg:stranger', 'ag-1');
-    expect(member).toBeDefined();
-
-    // MG flipped to public so future strangers skip the gate.
-    const mg = getMessagingGroup('mg-chat');
-    expect(mg?.unknown_sender_policy).toBe('public');
-
-    // Audit log entry includes operator + MG + before-state for traceability.
-    const auditCalls = infoSpy.mock.calls.filter(([, data]) => {
-      return (
-        typeof data === 'object' &&
-        data !== null &&
-        (data as { audit?: string }).audit === 'sender_approval_policy_flip'
-      );
-    });
-    expect(auditCalls).toHaveLength(1);
-    const [, auditFields] = auditCalls[0] as [string, Record<string, unknown>];
-    expect(auditFields).toMatchObject({
-      messagingGroupId: 'mg-chat',
-      agentGroupId: 'ag-1',
-      approverId: 'telegram:owner',
-      fromPolicy: 'request_approval',
-      toPolicy: 'public',
-    });
-
-    // Pending row cleared.
-    const stillPending = (getDb().prepare('SELECT COUNT(*) AS c FROM pending_sender_approvals').get() as { c: number })
-      .c;
-    expect(stillPending).toBe(0);
-
-    infoSpy.mockRestore();
-  });
-
-  it('approve_and_allow → idempotent on already-public MG, audit still fires with fromPolicy=public', async () => {
-    // Pre-flip the MG to public to simulate a second click after a prior
-    // always-allow has already happened. The button is shown unconditionally
-    // (Aaron's call) so this branch can fire even when policy is already
-    // public.
-    const { updateMessagingGroup, getMessagingGroup } = await import('../../db/messaging-groups.js');
-    updateMessagingGroup('mg-chat', { unknown_sender_policy: 'public' });
-
-    // With public policy, the access gate skips the unknown-sender flow —
-    // so we can't trigger the approval via routeInbound. Seed the pending
-    // row directly to exercise just the click handler. Upsert the sender
-    // user first so addMember's FK to users(id) holds.
-    upsertUser({ id: 'tg:later-stranger', kind: 'telegram', display_name: 'Later', created_at: now() });
-    const { createPendingSenderApproval } = await import('./db/pending-sender-approvals.js');
-    const approvalId = 'nsa-test-idempotent';
-    createPendingSenderApproval({
-      id: approvalId,
-      messaging_group_id: 'mg-chat',
-      agent_group_id: 'ag-1',
-      sender_identity: 'tg:later-stranger',
-      sender_name: 'Later',
-      original_message: JSON.stringify(stranger('hello again')),
-      approver_user_id: 'telegram:owner',
-      created_at: now(),
-      title: 'New sender',
-      options_json: '[]',
-    });
-
-    const { log } = await import('../../log.js');
-    const infoSpy = vi.spyOn(log, 'info');
-
-    const { getResponseHandlers } = await import('../../response-registry.js');
-    for (const handler of getResponseHandlers()) {
-      const claimed = await handler({
-        questionId: approvalId,
-        value: 'approve_and_allow',
-        userId: 'owner',
-        channelType: 'telegram',
-        platformId: 'dm-owner',
-        threadId: null,
-      });
-      if (claimed) break;
-    }
-
-    // Policy stays public (no regression).
-    expect(getMessagingGroup('mg-chat')?.unknown_sender_policy).toBe('public');
-
-    // Audit log fires with fromPolicy='public' so the click is traceable
-    // even when the DB write was a no-op.
-    const auditCalls = infoSpy.mock.calls.filter(([, data]) => {
-      return (
-        typeof data === 'object' &&
-        data !== null &&
-        (data as { audit?: string }).audit === 'sender_approval_policy_flip'
-      );
-    });
-    expect(auditCalls).toHaveLength(1);
-    const [, auditFields] = auditCalls[0] as [string, Record<string, unknown>];
-    expect(auditFields).toMatchObject({ fromPolicy: 'public', toPolicy: 'public' });
-
-    infoSpy.mockRestore();
-  });
-
-  it('rejects clicks from an unauthorized user (prevents self-admit via forwarded card)', async () => {
-    // Stranger triggers the approval flow; card goes to the owner.
-    const { routeInbound } = await import('../../router.js');
-    const { getResponseHandlers } = await import('../../response-registry.js');
-
-    await routeInbound(stranger('can I play'));
-    await new Promise((r) => setTimeout(r, 10));
-
-    const { getDb } = await import('../../db/connection.js');
-    const pending = getDb().prepare('SELECT id FROM pending_sender_approvals').get() as { id: string };
-    expect(pending).toBeDefined();
-
-    // A random user (not the stranger, not the owner, not an admin) tries to
-    // click the approval — e.g. they got the card forwarded. Should be
-    // rejected without admitting them.
-    for (const handler of getResponseHandlers()) {
-      const claimed = await handler({
-        questionId: pending.id,
-        value: 'approve',
-        userId: 'random-bystander', // not owner, not admin
-        channelType: 'telegram',
-        platformId: 'dm-random',
-        threadId: null,
-      });
-      if (claimed) break;
-    }
-
-    // No member added for the stranger.
-    const member = getDb()
-      .prepare('SELECT 1 AS x FROM agent_group_members WHERE user_id = ? AND agent_group_id = ?')
-      .get('tg:stranger', 'ag-1');
-    expect(member).toBeUndefined();
-
-    // Pending row is still there — a legitimate approver can still act on it.
-    const stillPending = (getDb().prepare('SELECT COUNT(*) AS c FROM pending_sender_approvals').get() as { c: number })
-      .c;
-    expect(stillPending).toBe(1);
-  });
-
-  it('accepts a click from a global admin even if they are not the designated approver', async () => {
-    // Pre-seed a separate admin user so we can click as them.
-    upsertUser({ id: 'telegram:admin-bob', kind: 'telegram', display_name: 'Bob', created_at: now() });
-    grantRole({
-      user_id: 'telegram:admin-bob',
-      role: 'admin',
-      agent_group_id: null,
-      granted_by: 'telegram:owner',
-      granted_at: now(),
-    });
-
-    const { routeInbound } = await import('../../router.js');
-    const { getResponseHandlers } = await import('../../response-registry.js');
-
-    await routeInbound(stranger('knock knock'));
-    await new Promise((r) => setTimeout(r, 10));
-
-    const { getDb } = await import('../../db/connection.js');
-    const pending = getDb().prepare('SELECT id FROM pending_sender_approvals').get() as { id: string };
-    expect(pending).toBeDefined();
-
-    // Admin clicks approve (not the designated approver, which was owner).
-    for (const handler of getResponseHandlers()) {
-      const claimed = await handler({
-        questionId: pending.id,
-        value: 'approve',
-        userId: 'admin-bob',
-        channelType: 'telegram',
-        platformId: 'dm-bob',
-        threadId: null,
-      });
-      if (claimed) break;
-    }
-
-    // Stranger admitted thanks to the admin's authority.
-    const member = getDb()
-      .prepare('SELECT 1 AS x FROM agent_group_members WHERE user_id = ? AND agent_group_id = ?')
-      .get('tg:stranger', 'ag-1');
-    expect(member).toBeDefined();
-  });
-});

package/src/modules/permissions/sender-approval.ts

@@ -1,165 +0,0 @@
-/**
- * Unknown-sender approval flow.
- *
- * When `messaging_groups.unknown_sender_policy = 'request_approval'` and a
- * non-member writes into a wired chat, the access gate drops the routing
- * attempt and calls `requestSenderApproval` to:
- *
- *   1. Pick an eligible approver (owner / admin of the agent group).
- *   2. Open / reuse a DM to that approver on a reachable channel.
- *   3. Deliver an Approve / Deny card.
- *   4. Record a pending_sender_approvals row that holds the original message
- *      so it can be re-routed on approve.
- *
- * On approve: the handler in index.ts adds an agent_group_members row for
- * the sender and re-invokes routeInbound with the stored event — the second
- * routing attempt passes the gate because the user is now a member.
- *
- * Failure modes (logged + row NOT created, so the dedup gate lets a future
- * attempt try again):
- *   - No eligible approver in user_roles — fresh install, no owner yet.
- *   - Approver has no reachable DM (no user_dms row + channel can't
- *     openDM) — e.g. owner hasn't registered on any channel we're wired to.
- *   - Delivery adapter missing.
- *
- * Dedup: `pending_sender_approvals` has UNIQUE(messaging_group_id,
- * sender_identity). A retry / rapid second message from the same unknown
- * sender is silently dropped (no duplicate card sent).
- */
-import { normalizeOptions, type RawOption } from '../../channels/ask-question.js';
-import { getMessagingGroup } from '../../db/messaging-groups.js';
-import { getDeliveryAdapter } from '../../delivery.js';
-import { log } from '../../log.js';
-import { decodePlatformIdAs } from '../../platform-id.js';
-import type { InboundEvent } from '../../channels/adapter.js';
-import { appendFallbackNotice, pickApprovalDelivery, pickApprover } from '../approvals/primitive.js';
-import { createPendingSenderApproval, hasInFlightSenderApproval } from './db/pending-sender-approvals.js';
-
-// Three-button card per design doc PR #75 phase 4. The "always allow" branch
-// flips the messaging group's unknown_sender_policy to 'public' so future
-// strangers walk through with no gate. Shown unconditionally — even on
-// 'strict' MGs that wouldn't normally render this card — so the operator can
-// recover from a too-restrictive default with one click. The handler short-
-// circuits if the policy is already 'public', so the click is idempotent.
-const APPROVAL_OPTIONS: RawOption[] = [
-  { label: 'Allow', selectedLabel: '✅ Allowed', value: 'approve' },
-  { label: 'Allow & open channel', selectedLabel: '✅ Channel opened', value: 'approve_and_allow' },
-  { label: 'Deny', selectedLabel: '❌ Denied', value: 'reject' },
-];
-
-function generateId(): string {
-  return `nsa-${Date.now()}-${Math.random().toString(36).slice(2, 8)}`;
-}
-
-export interface RequestSenderApprovalInput {
-  messagingGroupId: string;
-  agentGroupId: string;
-  senderIdentity: string; // namespaced user id (channel_type:handle)
-  senderName: string | null;
-  event: InboundEvent;
-}
-
-export async function requestSenderApproval(input: RequestSenderApprovalInput): Promise<void> {
-  const { messagingGroupId, agentGroupId, senderIdentity, senderName, event } = input;
-
-  // In-flight dedup: don't spam the admin if the same unknown sender
-  // retries while a card is already pending.
-  if (hasInFlightSenderApproval(messagingGroupId, senderIdentity)) {
-    log.debug('Unknown-sender approval already in flight — dropping retry', {
-      messagingGroupId,
-      senderIdentity,
-    });
-    return;
-  }
-
-  const approvers = pickApprover(agentGroupId);
-  if (approvers.length === 0) {
-    log.warn('Unknown-sender approval skipped — no owner or admin configured', {
-      messagingGroupId,
-      agentGroupId,
-      senderIdentity,
-    });
-    return;
-  }
-
-  const originMg = getMessagingGroup(messagingGroupId);
-  const originChannelType = originMg?.channel_type ?? '';
-  const originBotId = originMg ? decodePlatformIdAs(originMg.platform_id, 'v2').botId : null;
-  const target = await pickApprovalDelivery(approvers, originChannelType, originBotId);
-  if (!target) {
-    log.warn('Unknown-sender approval skipped — no DM channel for any approver', {
-      messagingGroupId,
-      agentGroupId,
-      senderIdentity,
-    });
-    return;
-  }
-
-  const approvalId = generateId();
-  const senderDisplay = senderName && senderName.length > 0 ? senderName : senderIdentity;
-  const originName = originMg?.name ?? `a ${originChannelType} channel`;
-
-  const title = '👤 New sender';
-  const question = `${senderDisplay} wants to talk to your agent in ${originName}. Allow?`;
-  const options = normalizeOptions(APPROVAL_OPTIONS);
-
-  createPendingSenderApproval({
-    id: approvalId,
-    messaging_group_id: messagingGroupId,
-    agent_group_id: agentGroupId,
-    sender_identity: senderIdentity,
-    sender_name: senderName,
-    original_message: JSON.stringify(event),
-    approver_user_id: target.userId,
-    created_at: new Date().toISOString(),
-    title,
-    options_json: JSON.stringify(options),
-  });
-
-  const adapter = getDeliveryAdapter();
-  if (!adapter) {
-    // Without a delivery adapter, the card can't be sent. Log + leave the
-    // row in place so the admin can see it via DB or manual tooling; the
-    // dedup gate will suppress further cards until it's cleared.
-    log.error('Unknown-sender approval row created but no delivery adapter is wired', {
-      approvalId,
-    });
-    return;
-  }
-
-  try {
-    await adapter.deliver(
-      target.messagingGroup.channel_type,
-      target.messagingGroup.platform_id,
-      null,
-      'chat-sdk',
-      JSON.stringify({
-        type: 'ask_question',
-        questionId: approvalId,
-        title,
-        question: appendFallbackNotice(question, target.viaFallbackBot, originBotId),
-        options,
-      }),
-    );
-    log.info('Unknown-sender approval card delivered', {
-      approvalId,
-      senderIdentity,
-      approver: target.userId,
-      messagingGroupId,
-      agentGroupId,
-    });
-  } catch (err) {
-    log.error('Unknown-sender approval card delivery failed', {
-      approvalId,
-      err,
-    });
-  }
-}
-
-/**
- * Option value the admin clicked that means "allow" — shared with the
- * response handler so the two sides can't drift.
- */
-export const APPROVE_VALUE = 'approve';
-export const APPROVE_AND_ALLOW_VALUE = 'approve_and_allow';
-export const REJECT_VALUE = 'reject';