@pleri/olam-cli 0.1.161 → 0.1.162

package/host-cp/src/plan-chat-service.mjs

@@ -53,6 +53,30 @@ const CHUNK_TYPES = new Set(['text', 'tool_use']);
 // only if the chunks schema bumps; the two must move together.
 const SCOPE_ID_RE = /^[A-Za-z0-9_.-]+$/;
 
+// B5 (plan-chat-context-window-display Phase B): tables allowlisted for
+// /v1/shape. Only these tables have server-side where-rewrite support; any
+// other table=... param gets a 400. Guards against a client enumerating
+// tables the service doesn't own.
+const ALLOWED_SHAPE_TABLES = new Set(['chunks', 'message_usage']);
+
+// B6 (plan-chat-context-window-display Phase B): context-window caps per
+// model. Mirrors CONTEXT_CAPS from @olam/intelligence/src/llm-router/providers/claude.ts.
+// Host-cp doesn't depend on intelligence, so this is a local copy. Keep in
+// sync with the canonical table (audit:pricing-coverage checks coverage).
+// Default: 200k. 1M only for claude-opus-4-7[1m].
+const CONTEXT_CAPS_LOCAL = {
+  'claude-sonnet-4-6': 200_000,
+  'claude-haiku-4-5-20251001': 200_000,
+  'claude-opus-4-7': 200_000,
+  'claude-opus-4-7[1m]': 1_000_000,
+};
+const DEFAULT_CONTEXT_CAP = 200_000;
+const THRESHOLD_PCT = 80; // emit dedup'd system chunk when ctx ≥ this %
+
+// Sentinel prefix on threshold system chunks so the dedup query can find them.
+// Keep this stable — changing it makes old dedup rows invisible to the guard.
+const THRESHOLD_CHUNK_PREFIX = 'Context approaching compaction threshold:';
+
 // PB2 — query params the server OWNS on /v1/shape. All three are stripped
 // from what we forward to upstream Electric:
 //   - `world_id` + `session_id` are SEEDS for the server-derived `where`
@@ -204,6 +228,10 @@ export function createHandler({
   shapeDebugLog,
   createWorld,
   destroyWorld,
+  /** B4 — optional override for tests. When supplied, replaces principalFromBearer
+   *  so the test harness can inject a hardcoded server-resolved actor_id and verify
+   *  the mismatch guard. Production callers omit this. */
+  resolveActor,
 }) {
   if (!pool) throw new Error('createHandler: { pool } required');
   if (typeof bearer !== 'string' || bearer.length === 0) {
@@ -236,7 +264,26 @@ export function createHandler({
     }
     const invalid = validateChunkInput(body);
     if (invalid) return badRequest(res, invalid);
-    const principal = principalFromBearer(bearer, body);
+    const principal = resolveActor
+      ? resolveActor(bearer, body)
+      : principalFromBearer(bearer, body);
+
+    // B4 — mismatch guard: if the client explicitly supplied body.actor_id
+    // and it differs from the server-resolved actor_id, reject with 400.
+    // In single-secret G1-demo mode this never fires because principalFromBearer
+    // echoes back body.actor_id. When Phase A4 lands multi-secret resolution,
+    // this guard prevents a caller from spoofing a different actor.
+    if (
+      typeof body.actor_id === 'string' &&
+      body.actor_id.length > 0 &&
+      body.actor_id !== principal.actorId
+    ) {
+      return badRequest(
+        res,
+        `actor_id mismatch: client supplied '${body.actor_id}' but bearer resolves to '${principal.actorId}'`,
+      );
+    }
+
     try {
       await pool.query(
         `INSERT INTO chunks
@@ -254,6 +301,93 @@ export function createHandler({
           body.chunk_type ?? 'text',
         ],
       );
+
+      // B4 — capture message_usage when the adapter forwarded token usage.
+      // body.usage is optional (only present on assistant turns with SDK usage).
+      if (body.usage && typeof body.usage === 'object') {
+        const usage = body.usage;
+        const model = typeof body.model === 'string' && body.model.length > 0
+          ? body.model
+          : 'claude-sonnet-4-6';
+        await pool.query(
+          `INSERT INTO message_usage
+             (world_id, session_id, message_id, actor_id, model,
+              input_tokens, output_tokens, cache_read_tokens, cache_create_tokens)
+           VALUES ($1, $2, $3, $4, $5, $6, $7, $8, $9)
+           ON CONFLICT (message_id, actor_id) DO NOTHING`,
+          [
+            body.world_id,
+            body.session_id,
+            body.message_id,
+            principal.actorId,
+            model,
+            Number(usage.input_tokens ?? 0),
+            Number(usage.output_tokens ?? 0),
+            Number(usage.cache_read_input_tokens ?? 0),
+            Number(usage.cache_creation_input_tokens ?? 0),
+          ],
+        );
+
+        // B6 — 80% threshold dedup'd system chunk.
+        // After inserting message_usage, check if the per-actor cumulative
+        // token count for this session has crossed 80% of the model's context
+        // cap. If so, and no prior threshold chunk exists for (session_id,
+        // actor_id), emit exactly one dedup'd system chunk.
+        //
+        // Token math: sum(input_tokens + cache_read_tokens + cache_create_tokens)
+        // per (session_id, actor_id), matching Claude Code statusline.
+        const contextCap = CONTEXT_CAPS_LOCAL[model] ?? DEFAULT_CONTEXT_CAP;
+        const sumResult = await pool.query(
+          `SELECT COALESCE(SUM(input_tokens + cache_read_tokens + cache_create_tokens), 0) AS total_used
+           FROM message_usage
+           WHERE session_id = $1 AND actor_id = $2`,
+          [body.session_id, principal.actorId],
+        );
+        const totalUsed = Number(sumResult.rows[0]?.total_used ?? 0);
+        const usedPct = Math.floor((totalUsed / contextCap) * 100);
+
+        if (usedPct >= THRESHOLD_PCT) {
+          // Dedup check: scan chunks for an existing threshold-crossing system
+          // chunk for this (session_id, actor_id). Prefix-match is sufficient
+          // because THRESHOLD_CHUNK_PREFIX is unique to this purpose.
+          const dupResult = await pool.query(
+            `SELECT 1 FROM chunks
+             WHERE session_id = $1 AND actor_id = $2 AND actor_type = 'system'
+               AND chunk LIKE $3
+             LIMIT 1`,
+            [body.session_id, principal.actorId, `${THRESHOLD_CHUNK_PREFIX}%`],
+          );
+          const alreadyEmitted = (dupResult.rows ?? []).length > 0;
+
+          if (!alreadyEmitted) {
+            const personaLabel = principal.actorId;
+            const thresholdChunk =
+              `${THRESHOLD_CHUNK_PREFIX} ${personaLabel} at ${usedPct}%`;
+            // Emit the threshold system chunk. Re-use the same message_id +
+            // a seq derived from the current seq + 1 to avoid PK conflict.
+            // Use body.seq + 1000 as a high-offset seq so it sorts AFTER the
+            // triggering chunk but doesn't collide with normal seq values.
+            const thresholdSeq = body.seq + 1000;
+            await pool.query(
+              `INSERT INTO chunks
+                 (world_id, session_id, message_id, seq, actor_id, actor_type, role, chunk, chunk_type)
+               VALUES ($1, $2, $3, $4, $5, $6, $7, $8, $9)
+               ON CONFLICT (message_id, seq) DO NOTHING`,
+              [
+                body.world_id,
+                body.session_id,
+                body.message_id,
+                thresholdSeq,
+                principal.actorId,
+                'system',
+                'system',
+                thresholdChunk,
+                'text',
+              ],
+            );
+          }
+        }
+      }
     } catch (err) {
       if (err && typeof err === 'object' && 'code' in err && err.code === '23505') {
         return send(res, 409, { error: 'duplicate', message: '(message_id, seq) already exists' });
@@ -276,6 +410,17 @@ export function createHandler({
     // a constant-time comparison via timingSafeEqual.
     if (!checkAuth(req)) return unauthorized(res);
 
+    // B5 — table allowlist. Only chunks + message_usage are supported; any
+    // other table= value is rejected with 400. This guards against clients
+    // probing arbitrary tables via the shape proxy.
+    const tableParam = url.searchParams.get('table');
+    if (!tableParam || !ALLOWED_SHAPE_TABLES.has(tableParam)) {
+      return badRequest(
+        res,
+        `table query param must be one of: ${[...ALLOWED_SHAPE_TABLES].join(', ')}`,
+      );
+    }
+
     // PB2 — server-derived scope. world_id + session_id query params are
     // mandatory; the regex check is the SQL-injection defence for the
     // upstream `where` interpolation below.
@@ -530,6 +675,7 @@ export async function startService(opts = {}) {
     electricUrl,
     shapeDebug: opts.shapeDebug,
     shapeDebugLog: opts.shapeDebugLog,
+    resolveActor: opts.resolveActor,
   });
   const server = http.createServer((req, res) => {
     handler(req, res).catch((err) => {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@pleri/olam-cli",
-  "version": "0.1.161",
+  "version": "0.1.162",
   "type": "module",
   "bin": {
     "olam": "./bin/olam.cjs"