@syntheos/chiasm 0.2.0

package/src/server.ts

@@ -0,0 +1,310 @@
+import "./tracing.ts";
+import { createServer, type ServerResponse } from "node:http";
+import { createReadStream, existsSync } from "node:fs";
+import { createHash, randomBytes } from "node:crypto";
+import { stat } from "node:fs/promises";
+import { extname, resolve, sep } from "node:path";
+import { fileURLToPath } from "node:url";
+import { initDb } from "./db/schema.ts";
+import { pruneTaskUpdates, lookupAgentKey, createAgentKey, listAgentKeys, revokeAgentKey, markStaleTasks } from "./db/queries.ts";
+import { emitEvent } from "./axon.ts";
+import { handleTaskRoutes } from "./routes/tasks.ts";
+
+const DB_PATH = process.env.DB_PATH ?? "./chiasm.db";
+const ADMIN_KEY = process.env.CHIASM_API_KEY;
+const AUTH_DISABLED = process.env.CHIASM_AUTH === "disabled";
+const HOST = process.env.HOST ?? "0.0.0.0";
+const CORS_ALLOW_ORIGIN = process.env.CORS_ALLOW_ORIGIN;
+
+// ---------------------------------------------------------------------------
+// Startup self-check: fail closed if auth is not explicitly configured
+// ---------------------------------------------------------------------------
+if (!ADMIN_KEY && !AUTH_DISABLED) {
+  console.error("FATAL: CHIASM_API_KEY is not set.");
+  console.error("  Set CHIASM_API_KEY to enable auth (recommended), or");
+  console.error("  set CHIASM_AUTH=disabled to explicitly run without auth.");
+  process.exit(1);
+}
+
+function envInt(value: string | undefined, fallback: number): number {
+  const parsed = Number.parseInt(value ?? "", 10);
+  return Number.isFinite(parsed) ? parsed : fallback;
+}
+
+const PORT = envInt(process.env.PORT, 4300);
+const BODY_MAX_BYTES = envInt(process.env.BODY_MAX_BYTES, 64 * 1024);
+const TASKS_DEFAULT_LIMIT = envInt(process.env.TASKS_DEFAULT_LIMIT, 500);
+const TASKS_MAX_LIMIT = envInt(process.env.TASKS_MAX_LIMIT, 1000);
+const FEED_DEFAULT_LIMIT = envInt(process.env.FEED_DEFAULT_LIMIT, 50);
+const FEED_MAX_LIMIT = envInt(process.env.FEED_MAX_LIMIT, 200);
+const TASK_UPDATE_MAX_ROWS = envInt(process.env.TASK_UPDATE_MAX_ROWS, 5000);
+const TASK_UPDATE_MAX_AGE_DAYS = envInt(process.env.TASK_UPDATE_MAX_AGE_DAYS, 30);
+
+const FRONTEND_BUILD_DIR = resolve(fileURLToPath(new URL("../frontend/build/", import.meta.url)));
+const FRONTEND_INDEX_FILE = resolve(FRONTEND_BUILD_DIR, "index.html");
+const HAS_FRONTEND_BUILD = existsSync(FRONTEND_INDEX_FILE);
+
+const MIME_TYPES: Record<string, string> = {
+  ".css": "text/css; charset=utf-8",
+  ".html": "text/html; charset=utf-8",
+  ".ico": "image/x-icon",
+  ".jpg": "image/jpeg",
+  ".js": "application/javascript; charset=utf-8",
+  ".json": "application/json; charset=utf-8",
+  ".png": "image/png",
+  ".svg": "image/svg+xml; charset=utf-8",
+  ".txt": "text/plain; charset=utf-8",
+  ".webp": "image/webp",
+};
+
+const db = initDb(DB_PATH);
+pruneTaskUpdates(db, TASK_UPDATE_MAX_ROWS, TASK_UPDATE_MAX_AGE_DAYS);
+setInterval(() => {
+  pruneTaskUpdates(db, TASK_UPDATE_MAX_ROWS, TASK_UPDATE_MAX_AGE_DAYS);
+}, 5 * 60 * 1000).unref();
+
+// Heartbeat stale-check: mark tasks as stale if heartbeat is overdue
+const HEARTBEAT_CHECK_MS = envInt(process.env.HEARTBEAT_CHECK_MS, 60_000);
+setInterval(() => {
+  const staleTasks = markStaleTasks(db, 2);
+  for (const task of staleTasks) {
+    emitEvent("tasks", "task.stale", {
+      agent: task.agent, project: task.project,
+      title: task.title, task_id: task.id,
+    });
+  }
+}, HEARTBEAT_CHECK_MS).unref();
+
+// ============================================================================
+// AUTH - per-agent keys with admin escalation
+// ============================================================================
+
+import type { AuthIdentity } from "./types.ts";
+export type { AuthIdentity } from "./types.ts";
+
+function hashKey(key: string): string {
+  return createHash("sha256").update(key).digest("hex");
+}
+
+function resolveAuth(authHeader: string | undefined): AuthIdentity | null {
+  // Explicit opt-in to no-auth mode
+  if (AUTH_DISABLED) return { role: "admin", agent: null };
+
+  if (!authHeader?.startsWith("Bearer ")) return null;
+  const token = authHeader.slice(7);
+
+  // Check admin key first
+  if (token === ADMIN_KEY) return { role: "admin", agent: null };
+
+  // Check per-agent keys
+  const keyRecord = lookupAgentKey(db, hashKey(token));
+  if (keyRecord) return { role: "agent", agent: keyRecord.agent };
+
+  return null;
+}
+
+// ============================================================================
+// ROUTING HELPERS
+// ============================================================================
+
+function isApiRequest(pathname: string): boolean {
+  return pathname === "/health" || pathname === "/tasks" || pathname === "/feed"
+    || /^\/tasks(\/\d+)?(\/\w+)?(\/\d+)?$/.test(pathname)
+    || pathname.startsWith("/admin/")
+    || pathname.startsWith("/claims")
+    || pathname.startsWith("/queue");
+}
+
+function applyCors(reqOrigin: string | undefined, res: ServerResponse) {
+  if (!CORS_ALLOW_ORIGIN) return;
+  if (CORS_ALLOW_ORIGIN === "*" || reqOrigin === CORS_ALLOW_ORIGIN) {
+    res.setHeader("Access-Control-Allow-Origin", CORS_ALLOW_ORIGIN === "*" ? "*" : reqOrigin ?? CORS_ALLOW_ORIGIN);
+    res.setHeader("Access-Control-Allow-Methods", "GET, POST, PATCH, DELETE, OPTIONS");
+    res.setHeader("Access-Control-Allow-Headers", "Content-Type, Authorization");
+    res.setHeader("Vary", "Origin");
+  }
+}
+
+function jsonResponse(res: ServerResponse, data: unknown, status = 200) {
+  res.writeHead(status, { "Content-Type": "application/json" });
+  res.end(JSON.stringify(data));
+}
+
+async function readJsonBody(req: import("node:http").IncomingMessage, maxBytes: number): Promise<Record<string, unknown>> {
+  return new Promise((resolve, reject) => {
+    const chunks: Buffer[] = [];
+    let total = 0;
+    let settled = false;
+    const onData = (chunk: Buffer) => {
+      if (settled) return;
+      total += chunk.length;
+      if (total > maxBytes) { settled = true; req.off("data", onData); req.off("end", onEnd); req.resume(); reject(new Error("Request body too large")); return; }
+      chunks.push(chunk);
+    };
+    const onEnd = () => {
+      if (settled) return;
+      settled = true;
+      if (chunks.length === 0) { resolve({}); return; }
+      try {
+        const parsed = JSON.parse(Buffer.concat(chunks).toString());
+        if (parsed === null || typeof parsed !== "object" || Array.isArray(parsed)) { reject(new Error("Request body must be a JSON object")); return; }
+        resolve(parsed as Record<string, unknown>);
+      } catch { reject(new Error("Invalid JSON")); }
+    };
+    const onError = (err: Error) => { if (!settled) { settled = true; reject(err); } };
+    req.on("data", onData);
+    req.on("end", onEnd);
+    req.on("error", onError);
+  });
+}
+
+// ============================================================================
+// ADMIN ROUTES - key management (admin-only)
+// ============================================================================
+
+async function handleAdminRoutes(
+  req: import("node:http").IncomingMessage,
+  res: ServerResponse,
+  pathname: string,
+  identity: AuthIdentity,
+) {
+  if (identity.role !== "admin") {
+    return jsonResponse(res, { error: "Admin access required" }, 403);
+  }
+
+  // POST /admin/keys - create agent key
+  if (pathname === "/admin/keys" && req.method === "POST") {
+    try {
+      const body = await readJsonBody(req, BODY_MAX_BYTES);
+      const agent = body.agent;
+      if (!agent || typeof agent !== "string") {
+        return jsonResponse(res, { error: "agent (string) required" }, 400);
+      }
+      const rawKey = "mc_" + randomBytes(32).toString("hex");
+      const record = createAgentKey(db, agent, hashKey(rawKey), rawKey.slice(0, 11));
+      return jsonResponse(res, {
+        id: record.id,
+        agent: record.agent,
+        key: rawKey,
+        prefix: record.key_prefix,
+        created_at: record.created_at,
+        warning: "Store this key now. It cannot be retrieved again.",
+      }, 201);
+    } catch (err) {
+      return jsonResponse(res, { error: err instanceof Error ? err.message : "Bad request" }, 400);
+    }
+  }
+
+  // GET /admin/keys - list keys (no secrets)
+  if (pathname === "/admin/keys" && req.method === "GET") {
+    return jsonResponse(res, listAgentKeys(db));
+  }
+
+  // DELETE /admin/keys/:id - revoke key
+  const keyMatch = pathname.match(/^\/admin\/keys\/(\d+)$/);
+  if (keyMatch && req.method === "DELETE") {
+    const revoked = revokeAgentKey(db, parseInt(keyMatch[1], 10));
+    if (!revoked) return jsonResponse(res, { error: "Key not found" }, 404);
+    return jsonResponse(res, { ok: true, revoked: true });
+  }
+
+  return jsonResponse(res, { error: "Not found" }, 404);
+}
+
+// ============================================================================
+// STATIC FILE SERVING
+// ============================================================================
+
+function sendFile(res: ServerResponse, filePath: string, method: string) {
+  const contentType = MIME_TYPES[extname(filePath).toLowerCase()] ?? "application/octet-stream";
+  res.writeHead(200, { "Content-Type": contentType });
+  if (method === "HEAD") { res.end(); return; }
+  const stream = createReadStream(filePath);
+  stream.on("error", () => { if (!res.writableEnded) res.end(); });
+  stream.pipe(res);
+}
+
+async function serveFrontend(pathname: string, method: string, res: ServerResponse) {
+  if (!HAS_FRONTEND_BUILD || (method !== "GET" && method !== "HEAD")) return false;
+  const decodedPathname = decodeURIComponent(pathname);
+  const requestedPath = decodedPathname === "/" ? "/index.html" : decodedPathname;
+  const resolvedPath = resolve(FRONTEND_BUILD_DIR, `.${requestedPath}`);
+  const buildDirWithSep = FRONTEND_BUILD_DIR.endsWith(sep) ? FRONTEND_BUILD_DIR : FRONTEND_BUILD_DIR + sep;
+  if (resolvedPath !== FRONTEND_BUILD_DIR && !resolvedPath.startsWith(buildDirWithSep)) return false;
+  try {
+    const fileStat = await stat(resolvedPath);
+    if (fileStat.isFile()) { sendFile(res, resolvedPath, method); return true; }
+  } catch { /* fall through */ }
+  if (extname(pathname)) return false;
+  sendFile(res, FRONTEND_INDEX_FILE, method);
+  return true;
+}
+
+// ============================================================================
+// HTTP SERVER
+// ============================================================================
+
+const server = createServer(async (req, res) => {
+  applyCors(req.headers.origin, res);
+
+  if (req.method === "OPTIONS") {
+    res.writeHead(204);
+    return res.end();
+  }
+
+  try {
+    const url = new URL(req.url!, `http://${req.headers.host}`);
+    const pathname = url.pathname;
+
+    // Health check - always open
+    if (pathname === "/health" && req.method === "GET") {
+      res.writeHead(200, { "Content-Type": "application/json" });
+      return res.end(JSON.stringify({ status: "ok", version: "0.2.0" }));
+    }
+
+    // Auth gate for all API requests
+    if (isApiRequest(pathname)) {
+      const identity = resolveAuth(req.headers.authorization);
+      if (!identity) {
+        res.writeHead(401, { "Content-Type": "application/json" });
+        return res.end(JSON.stringify({ error: "Unauthorized" }));
+      }
+
+      // Admin routes
+      if (pathname.startsWith("/admin/")) {
+        return handleAdminRoutes(req, res, pathname, identity);
+      }
+
+      // Task routes - pass identity for agent enforcement
+      handleTaskRoutes(db, req, res, pathname, {
+        bodyMaxBytes: BODY_MAX_BYTES,
+        tasksDefaultLimit: TASKS_DEFAULT_LIMIT,
+        tasksMaxLimit: TASKS_MAX_LIMIT,
+        feedDefaultLimit: FEED_DEFAULT_LIMIT,
+        feedMaxLimit: FEED_MAX_LIMIT,
+        taskUpdateMaxRows: TASK_UPDATE_MAX_ROWS,
+        taskUpdateMaxAgeDays: TASK_UPDATE_MAX_AGE_DAYS,
+      }, identity);
+      return;
+    }
+
+    if (await serveFrontend(pathname, req.method ?? "GET", res)) return;
+
+    res.writeHead(404, { "Content-Type": "application/json" });
+    res.end(JSON.stringify({ error: "Not found" }));
+  } catch (err) {
+    console.error("Unhandled request error:", err);
+    if (!res.headersSent) {
+      res.writeHead(500, { "Content-Type": "application/json" });
+    }
+    res.end(JSON.stringify({ error: "Internal server error" }));
+  }
+});
+
+server.listen(PORT, HOST, () => {
+  console.log(`Chiasm running on http://${HOST}:${PORT}`);
+  console.log(`Database: ${DB_PATH}`);
+  console.log(`Auth: ${AUTH_DISABLED ? "DISABLED (CHIASM_AUTH=disabled)" : "enabled (admin + per-agent keys)"}`);
+  console.log(`CORS: ${CORS_ALLOW_ORIGIN ?? "disabled (same-origin only)"}`);
+  console.log(`Frontend: ${HAS_FRONTEND_BUILD ? `serving ${FRONTEND_BUILD_DIR}` : "build not found"}`);
+});

package/src/tracing.ts

@@ -0,0 +1,79 @@
+// ============================================================================
+// TRACING -- OpenTelemetry distributed tracing for Chiasm
+// Must be imported BEFORE all other modules in server.ts
+// ============================================================================
+
+import { NodeSDK } from "@opentelemetry/sdk-node";
+import { OTLPTraceExporter } from "@opentelemetry/exporter-trace-otlp-http";
+import { HttpInstrumentation } from "@opentelemetry/instrumentation-http";
+import { resourceFromAttributes } from "@opentelemetry/resources";
+import { ATTR_SERVICE_NAME, ATTR_SERVICE_VERSION, SEMRESATTRS_DEPLOYMENT_ENVIRONMENT } from "@opentelemetry/semantic-conventions";
+import { trace, SpanStatusCode, type Span } from "@opentelemetry/api";
+import type { IncomingMessage } from "node:http";
+
+const OTLP_ENDPOINT = process.env.OTEL_EXPORTER_OTLP_ENDPOINT || process.env.CHIASM_OTLP_ENDPOINT || "";
+const SERVICE_ENV = process.env.OTEL_DEPLOYMENT_ENVIRONMENT || process.env.CHIASM_ENV || "production";
+
+const IGNORED_PATHS = new Set(["/health"]);
+
+let sdk: NodeSDK | null = null;
+
+if (OTLP_ENDPOINT) {
+  sdk = new NodeSDK({
+    resource: resourceFromAttributes({
+      [ATTR_SERVICE_NAME]: "chiasm",
+      [ATTR_SERVICE_VERSION]: "0.2.0",
+      [SEMRESATTRS_DEPLOYMENT_ENVIRONMENT]: SERVICE_ENV,
+    }),
+    traceExporter: new OTLPTraceExporter({
+      url: `${OTLP_ENDPOINT}/v1/traces`,
+    }),
+    instrumentations: [
+      new HttpInstrumentation({
+        ignoreIncomingRequestHook: (req: IncomingMessage) => IGNORED_PATHS.has(req.url?.split("?")[0] || ""),
+      }),
+    ],
+  });
+  sdk.start();
+  console.log(JSON.stringify({ level: "info", ts: new Date().toISOString(), msg: "otel_tracing_enabled", endpoint: OTLP_ENDPOINT, service: "chiasm" }));
+
+  process.on("SIGTERM", () => { sdk?.shutdown(); });
+  process.on("SIGINT", () => { sdk?.shutdown(); });
+}
+
+const tracer = trace.getTracer("chiasm");
+
+export function startSpan(name: string, attributes?: Record<string, string | number | boolean>): Span {
+  return tracer.startSpan(name, { attributes });
+}
+
+export function withSpan<T>(name: string, attributes: Record<string, string | number | boolean>, fn: (span: Span) => T): T {
+  return tracer.startActiveSpan(name, { attributes }, (span) => {
+    try {
+      const result = fn(span);
+      if (result instanceof Promise) {
+        return (result as any).then((v: T) => {
+          span.setStatus({ code: SpanStatusCode.OK });
+          span.end();
+          return v;
+        }).catch((e: Error) => {
+          span.setStatus({ code: SpanStatusCode.ERROR, message: e.message });
+          span.recordException(e);
+          span.end();
+          throw e;
+        });
+      }
+      span.setStatus({ code: SpanStatusCode.OK });
+      span.end();
+      return result;
+    } catch (e: any) {
+      span.setStatus({ code: SpanStatusCode.ERROR, message: e.message });
+      span.recordException(e);
+      span.end();
+      throw e;
+    }
+  });
+}
+
+export { tracer, SpanStatusCode };
+export type { Span };

package/src/types.ts

@@ -0,0 +1,4 @@
+export interface AuthIdentity {
+  role: "admin" | "agent";
+  agent: string | null;
+}

package/test/auth.test.ts

@@ -0,0 +1,281 @@
+import { describe, it, before, after } from "node:test";
+import assert from "node:assert/strict";
+import { createHash, randomBytes } from "node:crypto";
+
+// ---------------------------------------------------------------------------
+// Test configuration
+// ---------------------------------------------------------------------------
+
+const TEST_PORT = 14300;
+const TEST_ADMIN_KEY = "test-admin-key-" + randomBytes(16).toString("hex");
+const TEST_DB_PATH = ":memory:";
+
+// Agent keys we will provision via the admin API
+const AGENTS = ["claude-code", "opencode", "gpt"] as const;
+const agentKeys: Record<string, string> = {};
+
+let serverProcess: ReturnType<typeof import("node:child_process").spawn> | null = null;
+
+// ---------------------------------------------------------------------------
+// Helpers
+// ---------------------------------------------------------------------------
+
+async function api(
+  method: string,
+  path: string,
+  opts: { body?: unknown; key?: string } = {},
+): Promise<{ status: number; data: unknown }> {
+  const headers: Record<string, string> = {};
+  if (opts.key) headers["Authorization"] = `Bearer ${opts.key}`;
+  if (opts.body) headers["Content-Type"] = "application/json";
+
+  const res = await fetch(`http://127.0.0.1:${TEST_PORT}${path}`, {
+    method,
+    headers,
+    body: opts.body ? JSON.stringify(opts.body) : undefined,
+  });
+
+  const text = await res.text();
+  let data: unknown;
+  try {
+    data = JSON.parse(text);
+  } catch {
+    data = text;
+  }
+
+  return { status: res.status, data };
+}
+
+// ---------------------------------------------------------------------------
+// Server lifecycle
+// ---------------------------------------------------------------------------
+
+async function waitForServer(timeoutMs = 10_000): Promise<void> {
+  const start = Date.now();
+  while (Date.now() - start < timeoutMs) {
+    try {
+      const res = await fetch(`http://127.0.0.1:${TEST_PORT}/health`);
+      if (res.ok) return;
+    } catch { /* not ready yet */ }
+    await new Promise((r) => setTimeout(r, 200));
+  }
+  throw new Error("Server did not start in time");
+}
+
+before(async () => {
+  const { spawn } = await import("node:child_process");
+  serverProcess = spawn(
+    process.execPath,
+    ["--experimental-strip-types", "src/server.ts"],
+    {
+      env: {
+        ...process.env,
+        PORT: String(TEST_PORT),
+        HOST: "127.0.0.1",
+        DB_PATH: TEST_DB_PATH,
+        CHIASM_API_KEY: TEST_ADMIN_KEY,
+      },
+      stdio: ["ignore", "pipe", "pipe"],
+    },
+  );
+
+  // Collect stderr for debugging if needed
+  let stderr = "";
+  serverProcess.stderr?.on("data", (chunk: Buffer) => {
+    stderr += chunk.toString();
+  });
+
+  serverProcess.on("exit", (code) => {
+    if (code && code !== 0 && code !== null) {
+      console.error("Server exited with code", code);
+      if (stderr) console.error(stderr);
+    }
+  });
+
+  await waitForServer();
+
+  // Provision agent keys
+  for (const agent of AGENTS) {
+    const { status, data } = await api("POST", "/admin/keys", {
+      key: TEST_ADMIN_KEY,
+      body: { agent },
+    });
+    assert.equal(status, 201, `Failed to create key for ${agent}`);
+    agentKeys[agent] = (data as { key: string }).key;
+  }
+});
+
+after(() => {
+  if (serverProcess) {
+    serverProcess.kill("SIGTERM");
+    serverProcess = null;
+  }
+});
+
+// ===========================================================================
+// AUTH GATING
+// ===========================================================================
+
+describe("auth gating", () => {
+  it("rejects unauthenticated GET /tasks", async () => {
+    const { status, data } = await api("GET", "/tasks");
+    assert.equal(status, 401);
+    assert.deepEqual(data, { error: "Unauthorized" });
+  });
+
+  it("rejects unauthenticated GET /feed", async () => {
+    const { status } = await api("GET", "/feed");
+    assert.equal(status, 401);
+  });
+
+  it("rejects unauthenticated POST /tasks", async () => {
+    const { status } = await api("POST", "/tasks", {
+      body: { agent: "test", project: "test", title: "test" },
+    });
+    assert.equal(status, 401);
+  });
+
+  it("rejects unauthenticated GET /admin/keys", async () => {
+    const { status } = await api("GET", "/admin/keys");
+    assert.equal(status, 401);
+  });
+
+  it("rejects invalid bearer token", async () => {
+    const { status } = await api("GET", "/tasks", { key: "bogus-key" });
+    assert.equal(status, 401);
+  });
+
+  it("allows health check without auth", async () => {
+    const { status, data } = await api("GET", "/health");
+    assert.equal(status, 200);
+    assert.equal((data as { status: string }).status, "ok");
+  });
+
+  it("allows admin key to access /tasks", async () => {
+    const { status, data } = await api("GET", "/tasks", { key: TEST_ADMIN_KEY });
+    assert.equal(status, 200);
+    assert.ok(Array.isArray(data));
+  });
+
+  it("allows agent key to access /tasks", async () => {
+    const { status, data } = await api("GET", "/tasks", {
+      key: agentKeys["opencode"],
+    });
+    assert.equal(status, 200);
+    assert.ok(Array.isArray(data));
+  });
+});
+
+// ===========================================================================
+// AGENT OWNERSHIP
+// ===========================================================================
+
+describe("agent ownership enforcement", () => {
+  let taskId: number;
+
+  it("agent key can create task for itself", async () => {
+    const { status, data } = await api("POST", "/tasks", {
+      key: agentKeys["claude-code"],
+      body: { agent: "claude-code", project: "test-proj", title: "Test task" },
+    });
+    assert.equal(status, 201);
+    taskId = (data as { id: number }).id;
+    assert.ok(taskId > 0);
+  });
+
+  it("agent key cannot create task for another agent", async () => {
+    const { status, data } = await api("POST", "/tasks", {
+      key: agentKeys["opencode"],
+      body: { agent: "claude-code", project: "test-proj", title: "Impersonation" },
+    });
+    assert.equal(status, 403);
+    assert.ok((data as { error: string }).error.includes("cannot create"));
+  });
+
+  it("agent key can update its own task", async () => {
+    const { status, data } = await api("PATCH", `/tasks/${taskId}`, {
+      key: agentKeys["claude-code"],
+      body: { summary: "Updated by owner" },
+    });
+    assert.equal(status, 200);
+    assert.equal((data as { summary: string }).summary, "Updated by owner");
+  });
+
+  it("agent key cannot update another agent's task", async () => {
+    const { status } = await api("PATCH", `/tasks/${taskId}`, {
+      key: agentKeys["gpt"],
+      body: { summary: "Hijacked" },
+    });
+    assert.equal(status, 403);
+  });
+
+  it("agent key cannot delete another agent's task", async () => {
+    const { status } = await api("DELETE", `/tasks/${taskId}`, {
+      key: agentKeys["gpt"],
+    });
+    assert.equal(status, 403);
+  });
+
+  it("admin key can update any task", async () => {
+    const { status, data } = await api("PATCH", `/tasks/${taskId}`, {
+      key: TEST_ADMIN_KEY,
+      body: { summary: "Admin override" },
+    });
+    assert.equal(status, 200);
+    assert.equal((data as { summary: string }).summary, "Admin override");
+  });
+
+  it("admin key can delete any task", async () => {
+    const { status } = await api("DELETE", `/tasks/${taskId}`, {
+      key: TEST_ADMIN_KEY,
+    });
+    assert.equal(status, 200);
+  });
+
+  it("any agent can read all tasks", async () => {
+    // Create a task as claude-code
+    await api("POST", "/tasks", {
+      key: agentKeys["claude-code"],
+      body: { agent: "claude-code", project: "p", title: "Readable by all" },
+    });
+
+    // Read as gpt
+    const { status, data } = await api("GET", "/tasks", {
+      key: agentKeys["gpt"],
+    });
+    assert.equal(status, 200);
+    const tasks = data as Array<{ agent: string }>;
+    assert.ok(tasks.some((t) => t.agent === "claude-code"));
+  });
+});
+
+// ===========================================================================
+// ADMIN ROUTES
+// ===========================================================================
+
+describe("admin route protection", () => {
+  it("agent key cannot access GET /admin/keys", async () => {
+    const { status, data } = await api("GET", "/admin/keys", {
+      key: agentKeys["opencode"],
+    });
+    assert.equal(status, 403);
+    assert.deepEqual(data, { error: "Admin access required" });
+  });
+
+  it("agent key cannot create agent keys", async () => {
+    const { status } = await api("POST", "/admin/keys", {
+      key: agentKeys["opencode"],
+      body: { agent: "evil" },
+    });
+    assert.equal(status, 403);
+  });
+
+  it("admin key can list agent keys", async () => {
+    const { status, data } = await api("GET", "/admin/keys", {
+      key: TEST_ADMIN_KEY,
+    });
+    assert.equal(status, 200);
+    assert.ok(Array.isArray(data));
+    assert.ok((data as Array<unknown>).length >= AGENTS.length);
+  });
+});