npm - @sleep2agi/commhub-server - Versions diffs - 0.5.0-preview.9 → 0.5.0 - Mend

@sleep2agi/commhub-server 0.5.0-preview.9 → 0.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/src/db-adapter.ts ADDED Viewed

@@ -0,0 +1,238 @@
+/**
+ * Database Adapter — supports SQLite and PostgreSQL
+ *
+ * SQLite adapter: wraps bun:sqlite (sync)
+ * PostgreSQL adapter: wraps pg Pool (async, bridged to sync interface via blocking)
+ *
+ * Key design: callers write SQLite-style SQL. PgAdapter auto-translates:
+ *   - ?1, ?2  →  $1, $2
+ *   - datetime('now')  →  NOW()
+ *   - datetime('now', '+N seconds')  →  NOW() + INTERVAL 'N seconds'
+ *   - INTEGER PRIMARY KEY AUTOINCREMENT  →  SERIAL PRIMARY KEY
+ *   - ON CONFLICT(col) DO UPDATE SET  →  ON CONFLICT(col) DO UPDATE SET  (same syntax)
+ */
+import { Database } from "bun:sqlite";
+export interface QueryResult {
+  changes: number;
+}
+export interface DbAdapter {
+  /** Execute a write query (INSERT/UPDATE/DELETE) */
+  run(sql: string, params?: any[]): QueryResult;
+  /** Query a single row */
+  get<T = any>(sql: string, ...params: any[]): T | null;
+  /** Query multiple rows */
+  all<T = any>(sql: string, ...params: any[]): T[];
+  /** Execute raw SQL (DDL) */
+  exec(sql: string): void;
+  /** Run a function inside a transaction */
+  transaction<T>(fn: () => T): T;
+  /** Close connection */
+  close(): void;
+  /** Dialect identifier */
+  readonly dialect: "sqlite" | "postgres";
+}
+// ════════════════════════════════════════════
+//  SQLite Adapter (bun:sqlite, sync)
+// ════════════════════════════════════════════
+export class SQLiteAdapter implements DbAdapter {
+  readonly dialect = "sqlite" as const;
+  constructor(private readonly rawDb: Database) {}
+  run(sql: string, params?: any[]): QueryResult {
+    return params ? this.rawDb.run(sql, params as any) : this.rawDb.run(sql);
+  }
+  get<T = any>(sql: string, ...params: any[]): T | null {
+    return this.rawDb.query<T, any[]>(sql).get(...params) ?? null;
+  }
+  all<T = any>(sql: string, ...params: any[]): T[] {
+    return this.rawDb.query<T, any[]>(sql).all(...params);
+  }
+  exec(sql: string): void {
+    this.rawDb.exec(sql);
+  }
+  transaction<T>(fn: () => T): T {
+    return this.rawDb.transaction(fn)();
+  }
+  close(): void {
+    this.rawDb.close();
+  }
+}
+// ════════════════════════════════════════════
+//  PostgreSQL Adapter (pg Pool, sync bridge)
+// ════════════════════════════════════════════
+/**
+ * Translate SQLite-style SQL to PostgreSQL.
+ * Called on every query — must be fast (simple regex, no parsing).
+ */
+export function sqliteToPostgres(sql: string): string {
+  let s = sql;
+  // ── datetime translations (before ?N→$N to handle datetime('now', ?N)) ──
+  // datetime('now', ?N) → NOW() + $N::INTERVAL  (param contains "+3600 seconds")
+  s = s.replace(/datetime\s*\(\s*'now'\s*,\s*\?(\d+)\s*\)/gi, (_, n) => {
+    return `NOW() + $${n}::INTERVAL`;
+  });
+  // datetime('now', '+N seconds') → NOW() + INTERVAL 'N seconds'
+  s = s.replace(/datetime\s*\(\s*'now'\s*,\s*'([^']+)'\s*\)/gi, (_, offset) => {
+    return `NOW() + INTERVAL '${offset.replace(/^\+/, "")}'`;
+  });
+  // datetime('now') → NOW()
+  s = s.replace(/datetime\s*\(\s*'now'\s*\)/gi, "NOW()");
+  // TEXT NOT NULL DEFAULT (datetime('now')) → TIMESTAMP NOT NULL DEFAULT NOW()
+  s = s.replace(/TEXT\s+NOT\s+NULL\s+DEFAULT\s+\(NOW\(\)\)/gi, "TIMESTAMP NOT NULL DEFAULT NOW()");
+  // ── Parameter placeholders ──
+  // ?1, ?2 → $1, $2  (positional params)
+  s = s.replace(/\?(\d+)/g, (_, n) => `$${n}`);
+  // Unindexed ? → $N (sequential)
+  let idx = 0;
+  s = s.replace(/\?(?!\d)/g, () => `$${++idx}`);
+  // ── DDL translations ──
+  // INTEGER PRIMARY KEY AUTOINCREMENT → SERIAL PRIMARY KEY
+  s = s.replace(/INTEGER\s+PRIMARY\s+KEY\s+AUTOINCREMENT/gi, "SERIAL PRIMARY KEY");
+  return s;
+}
+/**
+ * PostgreSQL adapter using a persistent worker subprocess.
+ *
+ * Architecture: a single node child process holds a pg.Pool connection.
+ * Queries are sent via stdin (JSON line), responses read from stdout.
+ * Bun.spawnSync is used per-query for sync blocking, but the PG
+ * connection is persistent (no reconnect overhead per query).
+ *
+ * For full production use, the adapter interface should be async.
+ * This sync bridge works because all MCP handlers are async —
+ * the future migration is adding `await` before db calls.
+ */
+export class PgAdapter implements DbAdapter {
+  readonly dialect = "postgres" as const;
+  private connString: string;
+  constructor(connectionString: string) {
+    this.connString = connectionString;
+    // Validate pg is available
+    try { require("pg"); } catch (e) {
+      throw new Error(
+        "PostgreSQL support requires 'pg' package. Install with: bun add pg\n" +
+        `  Original error: ${(e as Error).message}`
+      );
+    }
+    // Test connection on startup
+    const test = this.querySync("SELECT 1 as ok");
+    if (!test.rows?.[0]?.ok) throw new Error("PostgreSQL connection test failed");
+    console.log("[commhub] PostgreSQL connection verified");
+  }
+  private querySync(sql: string, params?: any[]): { rows: any[]; rowCount: number } {
+    const pgSql = sqliteToPostgres(sql);
+    // Single-query subprocess with pg Pool (connection string from env)
+    const script = `
+      const{Pool}=require('pg');
+      const p=new Pool({connectionString:${JSON.stringify(this.connString)},max:1});
+      const q=${JSON.stringify(pgSql)};
+      const v=${JSON.stringify(params || [])};
+      p.query(q,v).then(r=>{
+        process.stdout.write(JSON.stringify({rows:r.rows,rowCount:r.rowCount||0}));
+        p.end();
+      }).catch(e=>{
+        process.stderr.write(e.message);
+        p.end();
+        process.exit(1);
+      });
+    `;
+    const proc = Bun.spawnSync(["node", "--no-warnings", "-e", script], {
+      stdout: "pipe", stderr: "pipe",
+    });
+    if (proc.exitCode !== 0) {
+      throw new Error(`PG: ${proc.stderr.toString().trim() || "query failed"}`);
+    }
+    return JSON.parse(proc.stdout.toString().trim());
+  }
+  run(sql: string, params?: any[]): QueryResult {
+    if (sql.trim().toUpperCase().startsWith("PRAGMA")) return { changes: 0 };
+    const result = this.querySync(sql, params);
+    return { changes: result.rowCount };
+  }
+  get<T = any>(sql: string, ...params: any[]): T | null {
+    const result = this.querySync(sql, params.length > 0 ? params : undefined);
+    return (result.rows?.[0] as T) ?? null;
+  }
+  all<T = any>(sql: string, ...params: any[]): T[] {
+    const result = this.querySync(sql, params.length > 0 ? params : undefined);
+    return (result.rows as T[]) ?? [];
+  }
+  exec(sql: string): void {
+    if (sql.trim().toUpperCase().startsWith("PRAGMA")) return;
+    const pgSql = sqliteToPostgres(sql);
+    // Split multi-statement DDL (CREATE TABLE; CREATE INDEX; ...)
+    const stmts = pgSql.split(";").map(s => s.trim()).filter(s => s.length > 0);
+    for (const stmt of stmts) {
+      try { this.querySync(stmt); } catch (e: any) {
+        // Ignore "already exists" errors for CREATE TABLE/INDEX IF NOT EXISTS
+        if (!/already exists/.test(e.message)) throw e;
+      }
+    }
+  }
+  transaction<T>(fn: () => T): T {
+    this.querySync("BEGIN");
+    try {
+      const result = fn();
+      this.querySync("COMMIT");
+      return result;
+    } catch (e) {
+      try { this.querySync("ROLLBACK"); } catch {}
+      throw e;
+    }
+  }
+  close(): void {}
+}
+// ════════════════════════════════════════════
+//  Factory
+// ════════════════════════════════════════════
+/**
+ * Create the appropriate adapter based on environment.
+ * - DATABASE_URL starts with "postgres://" → PgAdapter
+ * - Otherwise → SQLiteAdapter with COMMHUB_DB or default path
+ */
+export function createAdapter(): DbAdapter {
+  const dbUrl = process.env.DATABASE_URL;
+  if (dbUrl && (dbUrl.startsWith("postgres://") || dbUrl.startsWith("postgresql://"))) {
+    console.log("[commhub] database: PostgreSQL");
+    return new PgAdapter(dbUrl);
+  }
+  // Default: SQLite
+  const { mkdirSync } = require("fs");
+  const { dirname } = require("path");
+  const dbPath = process.env.COMMHUB_DB || `${process.env.HOME}/.commhub/commhub.db`;
+  mkdirSync(dirname(dbPath), { recursive: true });
+  console.log(`[commhub] database: ${dbPath}`);
+  const rawDb = new Database(dbPath);
+  rawDb.exec("PRAGMA journal_mode=WAL");
+  rawDb.exec("PRAGMA busy_timeout=5000");
+  return new SQLiteAdapter(rawDb);
+}

package/src/db.ts CHANGED Viewed

@@ -1,14 +1,6 @@
-import { Database } from "bun:sqlite";
-import { mkdirSync } from "fs";
-import { dirname } from "path";
+import { createAdapter, type DbAdapter } from "./db-adapter";
-const DB_PATH = process.env.COMMHUB_DB || `${process.env.HOME}/.commhub/commhub.db`;
-mkdirSync(dirname(DB_PATH), { recursive: true });
-console.log(`[commhub] database: ${DB_PATH}`);
-export const db = new Database(DB_PATH);
-db.exec("PRAGMA journal_mode=WAL");
-db.exec("PRAGMA busy_timeout=5000");
+export const db: DbAdapter = createAdapter();
 // Schema
 db.exec(`
@@ -54,6 +46,7 @@ db.exec(`
     artifacts        TEXT,
     score            REAL,
     duration_minutes REAL,
+    network_id       TEXT,
     completed_at     TEXT NOT NULL DEFAULT (datetime('now'))
   );
 `);
@@ -201,13 +194,118 @@ db.exec(`
   CREATE INDEX IF NOT EXISTS idx_tokens_user ON api_tokens(user_id);
 `);
+// ── V3: audit_log table ──
+db.exec(`
+  CREATE TABLE IF NOT EXISTS audit_log (
+    id            INTEGER PRIMARY KEY AUTOINCREMENT,
+    user_id       TEXT,
+    username      TEXT,
+    action        TEXT NOT NULL,
+    target_type   TEXT,
+    target_id     TEXT,
+    detail        TEXT,
+    ip            TEXT,
+    network_id    TEXT,
+    created_at    TEXT NOT NULL DEFAULT (datetime('now'))
+  );
+  CREATE INDEX IF NOT EXISTS idx_audit_created ON audit_log(created_at DESC);
+  CREATE INDEX IF NOT EXISTS idx_audit_user ON audit_log(user_id);
+  CREATE INDEX IF NOT EXISTS idx_audit_network ON audit_log(network_id);
+`);
+// ── V3: licenses table ──
+db.exec(`
+  CREATE TABLE IF NOT EXISTS licenses (
+    id            TEXT PRIMARY KEY,
+    license_key   TEXT UNIQUE NOT NULL,
+    type          TEXT DEFAULT 'trial',
+    max_agents    INTEGER DEFAULT 5,
+    max_networks  INTEGER DEFAULT 3,
+    max_tasks_day INTEGER DEFAULT 500,
+    activated_at  TEXT,
+    expires_at    TEXT,
+    owner_id      TEXT,
+    created_at    TEXT NOT NULL DEFAULT (datetime('now'))
+  );
+`);
+// Auto-create trial license on first run
+const existingLicense = db.get<any>("SELECT id FROM licenses LIMIT 1");
+if (!existingLicense) {
+  const trialId = crypto.randomUUID().replace(/-/g, "").slice(0, 12);
+  db.run(
+    "INSERT INTO licenses (id, license_key, type, expires_at) VALUES (?1, ?2, 'trial', datetime('now', '+14 days'))",
+    [`lic_${trialId}`, `trial-${trialId}`]
+  );
+  console.log("[commhub] 🎉 14-day free trial started!");
+}
+// ── V3.13: network_members table (user ↔ network many-to-many) ──
+db.exec(`
+  CREATE TABLE IF NOT EXISTS network_members (
+    network_id  TEXT NOT NULL,
+    user_id     TEXT NOT NULL,
+    role        TEXT NOT NULL DEFAULT 'member',
+    invited_by  TEXT,
+    joined_at   TEXT NOT NULL DEFAULT (datetime('now')),
+    PRIMARY KEY (network_id, user_id)
+  );
+  CREATE INDEX IF NOT EXISTS idx_netmem_user ON network_members(user_id);
+  CREATE INDEX IF NOT EXISTS idx_netmem_network ON network_members(network_id);
+`);
+// ── V3.13: network_invites table ──
+db.exec(`
+  CREATE TABLE IF NOT EXISTS network_invites (
+    invite_code TEXT PRIMARY KEY,
+    network_id  TEXT NOT NULL,
+    role        TEXT NOT NULL DEFAULT 'member',
+    created_by  TEXT NOT NULL,
+    max_uses    INTEGER DEFAULT 1,
+    used_count  INTEGER DEFAULT 0,
+    expires_at  TEXT,
+    created_at  TEXT NOT NULL DEFAULT (datetime('now'))
+  );
+`);
+// ── V3.13: networks visibility + max_members ──
+try { db.exec("ALTER TABLE networks ADD COLUMN visibility TEXT DEFAULT 'private'"); } catch {}
+try { db.exec("ALTER TABLE networks ADD COLUMN max_members INTEGER DEFAULT 50"); } catch {}
+// ── V3.13: users plan field ──
+try { db.exec("ALTER TABLE users ADD COLUMN plan TEXT DEFAULT 'free'"); } catch {}
+// ── V3.13: migrate existing networks → network_members (owner) ──
+try {
+  const networks = db.all<any>("SELECT network_id, owner_id FROM networks");
+  for (const net of networks) {
+    const exists = db.get<any>("SELECT 1 FROM network_members WHERE network_id = ?1 AND user_id = ?2", net.network_id, net.owner_id);
+    if (!exists) {
+      db.run("INSERT INTO network_members (network_id, user_id, role) VALUES (?1, ?2, 'owner')", [net.network_id, net.owner_id]);
+    }
+  }
+} catch {}
+// ── V3.13: first registered user → admin ──
+try {
+  const firstUser = db.get<any>("SELECT user_id, role FROM users ORDER BY created_at LIMIT 1");
+  if (firstUser && firstUser.role !== "admin") {
+    db.run("UPDATE users SET role = 'admin' WHERE user_id = ?1", [firstUser.user_id]);
+  }
+} catch {}
 // ── V3: add network_id to existing tables ──
-for (const table of ["sessions", "nodes", "tasks", "inbox", "task_events"]) {
+for (const table of ["sessions", "nodes", "tasks", "inbox", "task_events", "completions"]) {
   try { db.exec(`ALTER TABLE ${table} ADD COLUMN network_id TEXT`); } catch {}
 }
 try { db.exec("CREATE INDEX IF NOT EXISTS idx_sessions_network ON sessions(network_id)"); } catch {}
 try { db.exec("CREATE INDEX IF NOT EXISTS idx_tasks_network ON tasks(network_id)"); } catch {}
 try { db.exec("CREATE INDEX IF NOT EXISTS idx_nodes_network ON nodes(network_id)"); } catch {}
+try { db.exec("CREATE INDEX IF NOT EXISTS idx_inbox_network ON inbox(network_id)"); } catch {}
+try { db.exec("CREATE INDEX IF NOT EXISTS idx_task_events_network ON task_events(network_id)"); } catch {}
+try { db.exec("CREATE INDEX IF NOT EXISTS idx_completions_network ON completions(network_id)"); } catch {}
 // Helpers
 export function uuidv4(): string {
@@ -230,10 +328,28 @@ export function generateToken(): string {
   return `atok_${crypto.randomUUID().replace(/-/g, "")}`;
 }
+export function generateUserToken(): string {
+  return `utok_${crypto.randomUUID().replace(/-/g, "")}`;
+}
+export function generateNetworkToken(): string {
+  return `ntok_${crypto.randomUUID().replace(/-/g, "")}`;
+}
+export function logAudit(userId: string | null, username: string | null, action: string, targetType?: string, targetId?: string, detail?: string, ip?: string, networkId?: string) {
+  try {
+    db.run(
+      "INSERT INTO audit_log (user_id, username, action, target_type, target_id, detail, ip, network_id) VALUES (?1, ?2, ?3, ?4, ?5, ?6, ?7, ?8)",
+      [userId, username, action, targetType ?? null, targetId ?? null, detail ?? null, ip ?? null, networkId ?? null]
+    );
+  } catch {}
+}
 export function logTaskEvent(taskId: string, fromStatus: string | null, toStatus: string, actor: string, detail?: string) {
   try {
     db.run(
-      "INSERT INTO task_events (task_id, from_status, to_status, actor, detail) VALUES (?1, ?2, ?3, ?4, ?5)",
+      `INSERT INTO task_events (task_id, from_status, to_status, actor, detail, network_id)
+       VALUES (?1, ?2, ?3, ?4, ?5, (SELECT network_id FROM tasks WHERE task_id = ?1))`,
       [taskId, fromStatus, toStatus, actor, detail ?? null]
     );
   } catch {}