@prmichaelsen/remember-mcp 3.0.0 → 3.13.0

package/src/tools/update-relationship.ts

@@ -7,6 +7,8 @@ import type { RelationshipUpdate } from '../types/memory.js';
 import { getMemoryCollection } from '../weaviate/schema.js';
 import { logger } from '../utils/logger.js';
 import { handleToolError } from '../utils/error-handler.js';
+import { createDebugLogger } from '../utils/debug.js';
+import type { AuthContext } from '../types/auth.js';
 
 /**
  * Tool definition for remember_update_relationship
@@ -89,9 +91,15 @@ export interface UpdateRelationshipResult {
  */
 export async function handleUpdateRelationship(
   args: UpdateRelationshipArgs,
-  userId: string
+  userId: string,
+  authContext?: AuthContext
 ): Promise<string> {
+  const debug = createDebugLogger({ tool: 'remember_update_relationship', userId, operation: 'update relationship' });
+
   try {
+    debug.info('Tool invoked');
+    debug.trace('Arguments', { args });
+
     logger.info('Updating relationship', { userId, relationshipId: args.relationship_id });
 
     const collection = getMemoryCollection(userId);
@@ -184,6 +192,7 @@ export async function handleUpdateRelationship(
 
     return JSON.stringify(result, null, 2);
   } catch (error) {
+    debug.error('Tool failed', { error: error instanceof Error ? error.message : String(error) });
     handleToolError(error, {
       toolName: 'remember_update_relationship',
       operation: 'update relationship',

package/src/types/access-result.spec.ts

@@ -0,0 +1,193 @@
+import type {
+  AccessResult,
+  AccessGranted,
+  AccessInsufficientTrust,
+  AccessBlocked,
+  AccessNoPermission,
+  AccessNotFound,
+  AccessDeleted,
+  AccessResultStatus,
+} from './access-result.js';
+import type { Memory } from './memory.js';
+import { DEFAULT_GHOST_CONFIG, type GhostConfig, type TrustEnforcementMode } from './ghost-config.js';
+
+// Minimal Memory fixture for testing type narrowing
+const mockMemory: Memory = {
+  id: 'mem-1',
+  user_id: 'user-owner',
+  doc_type: 'memory',
+  content: 'Test memory',
+  type: 'note',
+  weight: 0.5,
+  trust: 0.5,
+  location: { gps: null, address: null, source: 'unavailable', confidence: 0, is_approximate: true },
+  context: { timestamp: '2026-01-01T00:00:00Z', source: { type: 'manual' } },
+  relationships: [],
+  access_count: 0,
+  created_at: '2026-01-01T00:00:00Z',
+  updated_at: '2026-01-01T00:00:00Z',
+  version: 1,
+  tags: [],
+  base_weight: 0.5,
+} as Memory;
+
+describe('AccessResult type narrowing', () => {
+  it('narrows to AccessGranted', () => {
+    const result: AccessResult = {
+      status: 'granted',
+      memory: mockMemory,
+      access_level: 'owner',
+    };
+    if (result.status === 'granted') {
+      expect(result.memory.id).toBe('mem-1');
+      expect(result.access_level).toBe('owner');
+    }
+  });
+
+  it('narrows to AccessGranted with trusted level', () => {
+    const result: AccessResult = {
+      status: 'granted',
+      memory: mockMemory,
+      access_level: 'trusted',
+    };
+    if (result.status === 'granted') {
+      expect(result.access_level).toBe('trusted');
+    }
+  });
+
+  it('narrows to AccessInsufficientTrust', () => {
+    const result: AccessResult = {
+      status: 'insufficient_trust',
+      memory_id: 'mem-1',
+      required_trust: 0.75,
+      actual_trust: 0.25,
+      attempts_remaining: 2,
+    };
+    if (result.status === 'insufficient_trust') {
+      expect(result.required_trust).toBe(0.75);
+      expect(result.actual_trust).toBe(0.25);
+      expect(result.attempts_remaining).toBe(2);
+    }
+  });
+
+  it('narrows to AccessBlocked', () => {
+    const result: AccessResult = {
+      status: 'blocked',
+      memory_id: 'mem-1',
+      reason: 'Repeated unauthorized attempts',
+      blocked_at: '2026-01-15T10:00:00Z',
+    };
+    if (result.status === 'blocked') {
+      expect(result.reason).toBe('Repeated unauthorized attempts');
+      expect(result.blocked_at).toBe('2026-01-15T10:00:00Z');
+    }
+  });
+
+  it('narrows to AccessNoPermission', () => {
+    const result: AccessResult = {
+      status: 'no_permission',
+      owner_user_id: 'user-owner',
+      accessor_user_id: 'user-accessor',
+    };
+    if (result.status === 'no_permission') {
+      expect(result.owner_user_id).toBe('user-owner');
+      expect(result.accessor_user_id).toBe('user-accessor');
+    }
+  });
+
+  it('narrows to AccessNotFound', () => {
+    const result: AccessResult = {
+      status: 'not_found',
+      memory_id: 'mem-missing',
+    };
+    if (result.status === 'not_found') {
+      expect(result.memory_id).toBe('mem-missing');
+    }
+  });
+
+  it('narrows to AccessDeleted', () => {
+    const result: AccessResult = {
+      status: 'deleted',
+      memory_id: 'mem-deleted',
+      deleted_at: '2026-01-10T08:00:00Z',
+    };
+    if (result.status === 'deleted') {
+      expect(result.memory_id).toBe('mem-deleted');
+      expect(result.deleted_at).toBe('2026-01-10T08:00:00Z');
+    }
+  });
+
+  it('switch statement covers all variants exhaustively', () => {
+    const results: AccessResult[] = [
+      { status: 'granted', memory: mockMemory, access_level: 'owner' },
+      { status: 'insufficient_trust', memory_id: 'mem-1', required_trust: 0.5, actual_trust: 0.1, attempts_remaining: 1 },
+      { status: 'blocked', memory_id: 'mem-1', reason: 'blocked', blocked_at: '2026-01-01T00:00:00Z' },
+      { status: 'no_permission', owner_user_id: 'owner', accessor_user_id: 'accessor' },
+      { status: 'not_found', memory_id: 'mem-1' },
+      { status: 'deleted', memory_id: 'mem-1', deleted_at: '2026-01-01T00:00:00Z' },
+    ];
+
+    const statuses: AccessResultStatus[] = [];
+    for (const result of results) {
+      switch (result.status) {
+        case 'granted':
+          statuses.push(result.status);
+          break;
+        case 'insufficient_trust':
+          statuses.push(result.status);
+          break;
+        case 'blocked':
+          statuses.push(result.status);
+          break;
+        case 'no_permission':
+          statuses.push(result.status);
+          break;
+        case 'not_found':
+          statuses.push(result.status);
+          break;
+        case 'deleted':
+          statuses.push(result.status);
+          break;
+      }
+    }
+
+    expect(statuses).toEqual([
+      'granted',
+      'insufficient_trust',
+      'blocked',
+      'no_permission',
+      'not_found',
+      'deleted',
+    ]);
+  });
+});
+
+describe('GhostConfig defaults', () => {
+  it('has correct default values', () => {
+    expect(DEFAULT_GHOST_CONFIG.enabled).toBe(false);
+    expect(DEFAULT_GHOST_CONFIG.public_ghost_enabled).toBe(false);
+    expect(DEFAULT_GHOST_CONFIG.default_friend_trust).toBe(0.25);
+    expect(DEFAULT_GHOST_CONFIG.default_public_trust).toBe(0);
+    expect(DEFAULT_GHOST_CONFIG.per_user_trust).toEqual({});
+    expect(DEFAULT_GHOST_CONFIG.blocked_users).toEqual([]);
+    expect(DEFAULT_GHOST_CONFIG.enforcement_mode).toBe('query');
+  });
+
+  it('GhostConfig accepts valid per_user_trust overrides', () => {
+    const config: GhostConfig = {
+      ...DEFAULT_GHOST_CONFIG,
+      enabled: true,
+      per_user_trust: { 'user-friend': 0.75, 'user-close': 1.0 },
+    };
+    expect(config.per_user_trust['user-friend']).toBe(0.75);
+    expect(config.per_user_trust['user-close']).toBe(1.0);
+  });
+
+  it('GhostConfig accepts all enforcement modes', () => {
+    const modes: TrustEnforcementMode[] = ['query', 'prompt', 'hybrid'];
+    for (const mode of modes) {
+      const config: GhostConfig = { ...DEFAULT_GHOST_CONFIG, enforcement_mode: mode };
+      expect(config.enforcement_mode).toBe(mode);
+    }
+  });
+});

package/src/types/access-result.ts

@@ -0,0 +1,62 @@
+/**
+ * Discriminated union for type-safe access control responses.
+ * See agent/design/access-control-result-pattern.md
+ */
+
+import type { Memory } from './memory.js';
+
+/** Access granted — owner or trusted cross-user access */
+export interface AccessGranted {
+  status: 'granted';
+  memory: Memory;
+  access_level: 'owner' | 'trusted';
+}
+
+/** Trust level insufficient for this memory */
+export interface AccessInsufficientTrust {
+  status: 'insufficient_trust';
+  memory_id: string;
+  required_trust: number;
+  actual_trust: number;
+  attempts_remaining: number;
+}
+
+/** Access blocked after repeated unauthorized attempts */
+export interface AccessBlocked {
+  status: 'blocked';
+  memory_id: string;
+  reason: string;
+  blocked_at: string; // ISO 8601
+}
+
+/** No ghost/permission relationship exists */
+export interface AccessNoPermission {
+  status: 'no_permission';
+  owner_user_id: string;
+  accessor_user_id: string;
+}
+
+/** Memory not found */
+export interface AccessNotFound {
+  status: 'not_found';
+  memory_id: string;
+}
+
+/** Memory was deleted */
+export interface AccessDeleted {
+  status: 'deleted';
+  memory_id: string;
+  deleted_at: string; // ISO 8601
+}
+
+/** Discriminated union of all access result variants */
+export type AccessResult =
+  | AccessGranted
+  | AccessInsufficientTrust
+  | AccessBlocked
+  | AccessNoPermission
+  | AccessNotFound
+  | AccessDeleted;
+
+/** All possible access result statuses */
+export type AccessResultStatus = AccessResult['status'];

package/src/types/auth.ts

@@ -0,0 +1,52 @@
+/**
+ * Auth types for group membership validation and access control.
+ *
+ * These types define the contract for credentials providers and
+ * the AuthContext threaded through tool handlers.
+ */
+
+export interface GroupPermissions {
+  can_read: boolean;
+  can_publish: boolean;
+  can_revise: boolean;
+  can_propose: boolean;
+  can_overwrite: boolean;
+  can_comment: boolean;
+  can_retract_own: boolean;
+  can_retract_any: boolean;
+  can_manage_members: boolean;
+  can_moderate: boolean;
+}
+
+export interface GroupMembership {
+  group_id: string;
+  permissions: GroupPermissions;
+}
+
+export interface UserCredentials {
+  user_id: string;
+  group_memberships: GroupMembership[];
+}
+
+/** Ghost conversation context — resolved server-side, never from tool args */
+export interface GhostModeContext {
+  /** The ghost owner's user ID (whose memories are being searched) */
+  owner_user_id: string;
+  /** The accessor's user ID (who is chatting with the ghost) */
+  accessor_user_id: string;
+  /** Resolved trust level (looked up from GhostConfig, not user-supplied) */
+  accessor_trust_level: number;
+}
+
+export interface AuthContext {
+  accessToken: string | null;
+  credentials: UserCredentials | null;
+  /** Present when the server is running in ghost conversation mode */
+  ghostMode?: GhostModeContext;
+}
+
+export type WriteMode = 'owner_only' | 'group_editors' | 'anyone';
+
+export interface CredentialsProvider {
+  getCredentials(accessToken: string, userId: string): Promise<UserCredentials>;
+}

package/src/types/ghost-config.ts

@@ -0,0 +1,46 @@
+/**
+ * Ghost/persona configuration types.
+ * See agent/design/local.ghost-persona-system.md
+ *
+ * GhostConfig is stored in Firestore at users/{ownerUserId}/ghost_config.
+ * Trust is owned by remember-mcp (not passed per-request) to prevent
+ * prompt injection tampering.
+ */
+
+/** Trust enforcement mode — how memories are filtered for cross-user access */
+export type TrustEnforcementMode = 'query' | 'prompt' | 'hybrid';
+
+/**
+ * Per-user ghost configuration stored in Firestore.
+ *
+ * - query mode (default): memories above threshold never returned from Weaviate
+ * - prompt mode: all memories returned, formatted/redacted by trust level
+ * - hybrid mode: query filter for trust 0.0, prompt filter for rest
+ */
+export interface GhostConfig {
+  /** Whether ghost conversations are enabled for this user (default: false) */
+  enabled: boolean;
+  /** Allow non-friends (strangers) to initiate ghost conversations (default: false) */
+  public_ghost_enabled: boolean;
+  /** Default trust level for friends (default: 0.25 — metadata only) */
+  default_friend_trust: number;
+  /** Default trust level for strangers (default: 0 — existence only) */
+  default_public_trust: number;
+  /** Per-user trust level overrides: userId → trust level (0-1) */
+  per_user_trust: Record<string, number>;
+  /** Users blocked from ghost access entirely */
+  blocked_users: string[];
+  /** How trust is enforced when filtering memories (default: 'query') */
+  enforcement_mode: TrustEnforcementMode;
+}
+
+/** Default GhostConfig values for a new user */
+export const DEFAULT_GHOST_CONFIG: GhostConfig = {
+  enabled: false,
+  public_ghost_enabled: false,
+  default_friend_trust: 0.25,
+  default_public_trust: 0,
+  per_user_trust: {},
+  blocked_users: [],
+  enforcement_mode: 'query',
+};

package/src/types/memory.ts

@@ -56,7 +56,10 @@ export type ContentType =
   | 'system'
   | 'action'
   | 'audit'
-  | 'history';
+  | 'history'
+  // Cross-user & Threading
+  | 'ghost'
+  | 'comment';
 
 /**
  * GPS coordinates
@@ -201,6 +204,11 @@ export interface Memory {
   deleted_at?: Date | null; // Timestamp when memory was soft-deleted (null = not deleted)
   deleted_by?: string; // User ID who deleted the memory
   deletion_reason?: string; // Optional reason for deletion
+
+  // Publication Tracking (Memory Collection Pattern v2)
+  // Managed by remember_publish / remember_retract — do NOT modify directly
+  space_ids?: string[]; // Spaces this memory has been published to
+  group_ids?: string[]; // Groups this memory has been published to
 }
 
 /**

package/src/types/preferences.ts

@@ -109,7 +109,7 @@ export const DEFAULT_PREFERENCES: Omit<UserPreferences, 'user_id' | 'created_at'
     share_with_memories: true,
   },
   privacy: {
-    default_trust_level: 0.5,
+    default_trust_level: 0.25,
     allow_cross_user_access: false,
     auto_approve_requests: false,
     audit_logging: true,
@@ -169,7 +169,7 @@ export const PREFERENCE_DESCRIPTIONS = {
     share_with_memories: 'Include location data in memories (default: true)',
   },
   privacy: {
-    default_trust_level: 'Default trust level for new memories, 0-1 (default: 0.5)',
+    default_trust_level: 'Default trust level for new memories, 0-1 (default: 0.25)',
     allow_cross_user_access: 'Allow other users to request access to memories (default: false)',
     auto_approve_requests: 'Automatically approve access requests (default: false)',
     audit_logging: 'Enable audit logging for preference changes (default: true)',

package/src/utils/auth-helpers.spec.ts

@@ -0,0 +1,75 @@
+import { canModerate, canModerateAny } from './auth-helpers.js';
+import type { AuthContext, GroupPermissions } from '../types/auth.js';
+
+const BASE_PERMISSIONS: GroupPermissions = {
+  can_read: true,
+  can_publish: true,
+  can_revise: false,
+  can_propose: false,
+  can_overwrite: false,
+  can_comment: true,
+  can_retract_own: true,
+  can_retract_any: false,
+  can_manage_members: false,
+  can_moderate: false,
+};
+
+function makeAuthContext(groups: Array<{ group_id: string; can_moderate: boolean }>): AuthContext {
+  return {
+    accessToken: 'tok',
+    credentials: {
+      user_id: 'user-1',
+      group_memberships: groups.map(g => ({
+        group_id: g.group_id,
+        permissions: { ...BASE_PERMISSIONS, can_moderate: g.can_moderate },
+      })),
+    },
+  };
+}
+
+describe('canModerate', () => {
+  it('returns false for undefined authContext', () => {
+    expect(canModerate(undefined, 'group-1')).toBe(false);
+  });
+
+  it('returns false for null credentials', () => {
+    expect(canModerate({ accessToken: null, credentials: null }, 'group-1')).toBe(false);
+  });
+
+  it('returns false when user is not a member of the group', () => {
+    const auth = makeAuthContext([{ group_id: 'other-group', can_moderate: true }]);
+    expect(canModerate(auth, 'group-1')).toBe(false);
+  });
+
+  it('returns false when user is a member but not a moderator', () => {
+    const auth = makeAuthContext([{ group_id: 'group-1', can_moderate: false }]);
+    expect(canModerate(auth, 'group-1')).toBe(false);
+  });
+
+  it('returns true when user has can_moderate on the group', () => {
+    const auth = makeAuthContext([{ group_id: 'group-1', can_moderate: true }]);
+    expect(canModerate(auth, 'group-1')).toBe(true);
+  });
+});
+
+describe('canModerateAny', () => {
+  it('returns false for undefined authContext', () => {
+    expect(canModerateAny(undefined)).toBe(false);
+  });
+
+  it('returns false when no group has can_moderate', () => {
+    const auth = makeAuthContext([
+      { group_id: 'g1', can_moderate: false },
+      { group_id: 'g2', can_moderate: false },
+    ]);
+    expect(canModerateAny(auth)).toBe(false);
+  });
+
+  it('returns true when any group has can_moderate', () => {
+    const auth = makeAuthContext([
+      { group_id: 'g1', can_moderate: false },
+      { group_id: 'g2', can_moderate: true },
+    ]);
+    expect(canModerateAny(auth)).toBe(true);
+  });
+});

package/src/utils/auth-helpers.ts

@@ -0,0 +1,25 @@
+/**
+ * Auth helper utilities for permission checking.
+ */
+
+import type { AuthContext } from '../types/auth.js';
+
+/**
+ * Check if the user has can_moderate permission for a specific group.
+ */
+export function canModerate(authContext: AuthContext | undefined, groupId: string): boolean {
+  if (!authContext?.credentials) return false;
+  const membership = authContext.credentials.group_memberships
+    .find(m => m.group_id === groupId);
+  return membership?.permissions.can_moderate ?? false;
+}
+
+/**
+ * Check if the user has can_moderate permission for ANY group.
+ * Useful for space-level moderation where there's no specific group context.
+ */
+export function canModerateAny(authContext: AuthContext | undefined): boolean {
+  if (!authContext?.credentials) return false;
+  return authContext.credentials.group_memberships
+    .some(m => m.permissions.can_moderate);
+}