@tt-a1i/hive 1.7.0 → 2.0.2

package/dist/src/server/restart-policy.js

@@ -2,6 +2,7 @@ import { FEATURE_FLAGS_ALL_OFF } from './feature-flags.js';
 import { buildRecoverySummary } from './recovery-summary.js';
 import { findPreviousRun, writeSystemMessage, } from './restart-policy-support.js';
 import { createSystemRecoverySummaryMessage } from './runtime-message-builders.js';
+import { buildMemoryDigestSafely, logMemoryDigestInjection, rollbackMemoryDigestInjection, } from './team-memory-injection.js';
 const RECOVERY_WINDOW_MS = 60 * 60 * 1000;
 export const createNoopRestartPolicy = () => ({
     injectPostStartMessage() {
@@ -9,7 +10,7 @@ export const createNoopRestartPolicy = () => ({
     },
     markUserStopped() { },
 });
-export const createRestartPolicy = ({ deleteMessage, getWorkspaceSnapshot, insertMessage, listAgentRuns, listMessagesForRecovery, readTasks, getFlags, }) => {
+export const createRestartPolicy = ({ deleteMessage, getWorkspaceSnapshot, insertMessage, listAgentRuns, listMessagesForRecovery, memoryInjection, readTasks, getFlags, }) => {
     // Runs the user killed via the Stop button. A deliberate stop is otherwise
     // byte-identical to a crash (both end status 'error'), so without this a
     // stop+Restart would inject the "could not recover" handover with stale open
@@ -33,14 +34,28 @@ export const createRestartPolicy = ({ deleteMessage, getWorkspaceSnapshot, inser
                 return false;
             const workers = snapshot.agents.filter((item) => item.role !== 'orchestrator' && item.id !== agentId);
             const tasksContent = readTasks(snapshot.summary.path);
-            if (startConfig.resumedSessionId)
-                return true;
             // Deliberate stop + restart: start fresh, no crash handover.
             if (wasUserStopped)
                 return false;
+            if (startConfig.resumedSessionId)
+                return true;
+            const memoryDigest = buildMemoryDigestSafely({
+                contextType: 'recovery',
+                memoryInjection,
+                workspaceId: workspace.id,
+            });
+            const injectionIds = logMemoryDigestInjection({
+                agentId,
+                contextType: 'recovery',
+                memoryDigest,
+                memoryInjection,
+                workspaceId: workspace.id,
+            });
+            const auditedMemoryDigest = injectionIds ? memoryDigest : null;
             const text = buildRecoverySummary({
                 agent,
                 allTaskMessages: listMessagesForRecovery(workspace.id, 0),
+                memoryDigest: auditedMemoryDigest?.text,
                 messages: listMessagesForRecovery(workspace.id, Date.now() - RECOVERY_WINDOW_MS),
                 tasksContent,
                 workers,
@@ -54,6 +69,7 @@ export const createRestartPolicy = ({ deleteMessage, getWorkspaceSnapshot, inser
                 runId,
                 text,
                 writeToRun,
+                onWriteFailure: () => rollbackMemoryDigestInjection({ injectionIds, memoryInjection }),
             });
             return true;
         },

package/dist/src/server/route-types.d.ts

@@ -62,7 +62,7 @@ export interface ReportTaskBody {
     from_agent_id: string;
     token?: string;
     result: string;
-    status?: string;
+    status?: 'success' | 'failed';
     artifacts?: unknown[];
 }
 export interface CancelTaskBody {

package/dist/src/server/routes-dispatches.js

@@ -25,7 +25,7 @@ export const dispatchRoutes = [
         if (!workspaceId) {
             return;
         }
-        requireUiTokenFromRequest(request, store.validateUiToken);
+        requireUiTokenFromRequest(request, store.validateUiToken, store.authorizeRemoteTunnelRequest);
         const url = new URL(request.url ?? '/', 'http://127.0.0.1');
         if (url.searchParams.has('status')) {
             sendJson(response, 400, { error: 'Use state instead of status for dispatch filtering' });

package/dist/src/server/routes-fs.js

@@ -7,17 +7,17 @@ const readPathParam = (request) => {
 };
 export const fsRoutes = [
     route('GET', '/api/fs/browse', async ({ request, response, store }) => {
-        requireUiTokenFromRequest(request, store.validateUiToken);
+        requireUiTokenFromRequest(request, store.validateUiToken, store.authorizeRemoteTunnelRequest);
         const body = await browseDirectory(readPathParam(request));
         sendJson(response, body.ok ? 200 : 400, body);
     }),
     route('GET', '/api/fs/probe', async ({ request, response, store }) => {
-        requireUiTokenFromRequest(request, store.validateUiToken);
+        requireUiTokenFromRequest(request, store.validateUiToken, store.authorizeRemoteTunnelRequest);
         const body = await probeDirectory(readPathParam(request));
         sendJson(response, 200, body);
     }),
     route('POST', '/api/fs/pick-folder', async ({ pickFolderService, request, response, store }) => {
-        requireUiTokenFromRequest(request, store.validateUiToken);
+        requireUiTokenFromRequest(request, store.validateUiToken, store.authorizeRemoteTunnelRequest);
         const body = await pickFolderService();
         sendJson(response, 200, body);
     }),

package/dist/src/server/routes-marketplace.js

@@ -11,7 +11,7 @@ const readPathParam = (request) => {
 };
 export const marketplaceRoutes = [
     route('GET', '/api/marketplace/manifest', ({ request, response, store }) => {
-        requireUiTokenFromRequest(request, store.validateUiToken);
+        requireUiTokenFromRequest(request, store.validateUiToken, store.authorizeRemoteTunnelRequest);
         const lang = readLanguageParam(request);
         if (!isMarketplaceLanguage(lang)) {
             sendJson(response, 400, { error: 'Invalid or missing lang parameter (expected en|zh)' });
@@ -29,7 +29,7 @@ export const marketplaceRoutes = [
         }
     }),
     route('GET', '/api/marketplace/agent', ({ request, response, store }) => {
-        requireUiTokenFromRequest(request, store.validateUiToken);
+        requireUiTokenFromRequest(request, store.validateUiToken, store.authorizeRemoteTunnelRequest);
         const lang = readLanguageParam(request);
         if (!isMarketplaceLanguage(lang)) {
             sendJson(response, 400, { error: 'Invalid or missing lang parameter (expected en|zh)' });

package/dist/src/server/routes-open-workspace.js

@@ -6,7 +6,7 @@ export const openWorkspaceRoutes = [
         const workspaceId = getRequiredParam(response, params, 'workspaceId', 'Workspace id is required');
         if (!workspaceId)
             return;
-        requireUiTokenFromRequest(request, store.validateUiToken);
+        requireUiTokenFromRequest(request, store.validateUiToken, store.authorizeRemoteTunnelRequest);
         const body = await readJsonBody(request);
         if (!isOpenTargetId(body.target_id)) {
             sendJson(response, 400, { error: 'Unknown open target', target_id: body.target_id });

package/dist/src/server/routes-remote.d.ts

@@ -0,0 +1,2 @@
+import type { RouteDefinition } from './route-types.js';
+export declare const remoteRoutes: RouteDefinition[];

package/dist/src/server/routes-remote.js

@@ -0,0 +1,166 @@
+import { ForbiddenError } from './http-errors.js';
+import { REMOTE_DAEMON_TOKEN_KEY, REMOTE_ENABLED_KEY, REMOTE_GATEWAY_URL_KEY, } from './remote-config-keys.js';
+import { getRequiredParam, readJsonBody, route, sendJson } from './route-helpers.js';
+import { requireUiTokenFromRequest } from './ui-auth-helpers.js';
+// Remote-access device-management + pairing routes (M4). Two gate classes:
+//   - gateUi: the standard local-OR-tunnel gate every equal-authority route uses. A paired phone may
+//     reach these (list devices, revoke, status, audit) exactly like the desktop.
+//   - gateLocalDesktopOnly: the TRUST ROOT (Authority Model). Pairing begin/confirm/reject can ONLY be
+//     driven from the local desktop cookie path; a tunnel-tagged (phone) request is refused with 403.
+//     This is a pairing-ceremony invariant, NOT a feature permission — a phone can never self-approve
+//     a new device. Defense in depth: these three paths are ALSO hard-denied on the bridge
+//     (remote-bridge-routing DENIED pairing matcher), so even a bypassed gate gets Reset there.
+// Standard local-OR-tunnel gate. A request with no secret header falls to the cookie path (a browser);
+// a tunnel-stamped request short-circuits as authorized. Used by the equal-authority endpoints.
+const gateUi = ({ request, store }) => {
+    requireUiTokenFromRequest(request, store.validateUiToken, store.authorizeRemoteTunnelRequest);
+};
+// TRUST-ROOT gate: local desktop ONLY. A tunnel-tagged request (authorizeRemoteTunnelRequest === true)
+// is a phone; refuse it. We audit the forbidden attempt with the concrete reason BEFORE throwing
+// (HARDEN D0.3): the audit spec lists "被拒请求及原因" as a required audited action, and the route is
+// the only layer that can attribute a 403 here to 'pairing_confirm_forbidden' (the bridge's onEnd
+// audits the loopback request status-agnostically). Then we pass NO tunnel authorizer to the token
+// check, so even the short-circuit can't admit a tunnel request that slipped a cookie too.
+const gateLocalDesktopOnly = ({ request, store }) => {
+    if (store.authorizeRemoteTunnelRequest(request)) {
+        store.getRemoteAuditStore().enqueue({
+            action: 'reject',
+            result: 'rejected',
+            rejectReason: 'pairing_confirm_forbidden',
+        });
+        throw new ForbiddenError('device approval is desktop-only');
+    }
+    requireUiTokenFromRequest(request, store.validateUiToken);
+};
+const isLoggedIn = (store) => (store.settings.getAppState(REMOTE_GATEWAY_URL_KEY)?.value ?? null) !== null &&
+    (store.settings.getAppState(REMOTE_DAEMON_TOKEN_KEY)?.value ?? null) !== null;
+const remoteStatus = (store) => {
+    const status = store.getRemoteTunnelStatus();
+    return {
+        enabled: store.settings.getAppState(REMOTE_ENABLED_KEY)?.value === 'true',
+        loggedIn: isLoggedIn(store),
+        gatewayUrl: store.settings.getAppState(REMOTE_GATEWAY_URL_KEY)?.value ?? null,
+        connected: status === 'online',
+        // The FULL tunnel state, not just online/offline — the desktop dot was stuck looking "connected or
+        // not" and couldn't show connecting / reconnecting / revoked / logged-out. (connecting+reconnecting
+        // are the states a flaky link spends real time in; surfacing them is what makes the dot honest.)
+        connection: status,
+    };
+};
+// RemoteDeviceRecord is already camelCase + metadata-only (no key material). Identity-mapped so the
+// response shape stays pinned to the store's invariant-7 projection.
+const toDeviceView = (record) => ({
+    id: record.id,
+    name: record.name,
+    createdAt: record.createdAt,
+    lastActive: record.lastActive,
+    revokedAt: record.revokedAt,
+});
+export const remoteRoutes = [
+    route('GET', '/api/remote/status', (ctx) => {
+        gateUi(ctx);
+        sendJson(ctx.response, 200, remoteStatus(ctx.store));
+    }),
+    route('PUT', '/api/remote/enabled', async (ctx) => {
+        const { request, response, store } = ctx;
+        const body = await readJsonBody(request);
+        const enabled = body.enabled === true;
+        // D0.4 — conditional gate: a remote MAY turn the tunnel OFF (self-disconnect) but NEVER ON. So a
+        // tunnel-tagged enable:true is the only enabled-route action that is desktop-only.
+        if (enabled && store.authorizeRemoteTunnelRequest(request)) {
+            throw new ForbiddenError('remote cannot self-enable');
+        }
+        gateUi(ctx);
+        store.setRemoteEnabled(enabled);
+        sendJson(response, 200, remoteStatus(store));
+    }),
+    // ── trust-root pairing set (desktop-only) ──────────────────────────────────────────────────────
+    route('POST', '/api/remote/pairings', (ctx) => {
+        gateLocalDesktopOnly(ctx);
+        if (!isLoggedIn(ctx.store)) {
+            sendJson(ctx.response, 503, { error: 'remote not logged in' });
+            return;
+        }
+        try {
+            const ticket = ctx.store.getRemotePairing().beginPairing();
+            sendJson(ctx.response, 200, ticket);
+        }
+        catch {
+            // beginPairing throws if gateway/daemon id vanished between the status read and here.
+            sendJson(ctx.response, 503, { error: 'remote not logged in' });
+        }
+    }),
+    route('GET', '/api/remote/pairings/pending', (ctx) => {
+        // HARDEN minor: desktop-only. The confirm dialog backs this; a phone has no use for another
+        // device's in-flight SAS, and exposing it would needlessly widen the secret surface (invariant 7).
+        gateLocalDesktopOnly(ctx);
+        sendJson(ctx.response, 200, ctx.store.getRemotePairing().listPending());
+    }),
+    route('POST', '/api/remote/pairings/:pairingId/confirm', async (ctx) => {
+        const { params, request, response, store } = ctx;
+        const pairingId = getRequiredParam(response, params, 'pairingId', 'Pairing id is required');
+        if (!pairingId)
+            return;
+        gateLocalDesktopOnly(ctx);
+        const body = await readJsonBody(request).catch(() => ({}));
+        // THE trust-root action (D3): confirmRemotePairing drives the engine's local insert (the only
+        // caller of deviceStore.insert) AND the gateway device-row registration + the `confirmed` signal
+        // to the phone, in that order. A gateway-POST failure (or a missing boundJti) rejects here: the
+        // local row exists but the phone is NOT told OK, so it can re-scan. Surface 502 so the desktop
+        // operator sees the pairing didn't complete end-to-end rather than a false success.
+        let record;
+        try {
+            record = await store.confirmRemotePairing(pairingId, body.name === undefined ? undefined : body.name);
+        }
+        catch {
+            sendJson(response, 502, { error: 'gateway registration failed; rescan to retry' });
+            return;
+        }
+        if (!record) {
+            // Unknown / expired / wrong-state pairing. Nothing persisted.
+            sendJson(response, 404, { error: 'pairing not found or no longer confirmable' });
+            return;
+        }
+        // The newly-persisted device is live in the provider now. Reconcile the tunnel so a freshly
+        // enabled remote starts connecting (no-op if already online / disabled).
+        store.setRemoteEnabled(store.settings.getAppState(REMOTE_ENABLED_KEY)?.value === 'true');
+        sendJson(response, 200, { device: toDeviceView(record) });
+    }),
+    route('POST', '/api/remote/pairings/:pairingId/reject', (ctx) => {
+        const { params, response, store } = ctx;
+        const pairingId = getRequiredParam(response, params, 'pairingId', 'Pairing id is required');
+        if (!pairingId)
+            return;
+        gateLocalDesktopOnly(ctx);
+        store.getRemotePairing().rejectPairing(pairingId, 'user_rejected');
+        response.statusCode = 204;
+        response.end();
+    }),
+    // ── equal-authority device management ──────────────────────────────────────────────────────────
+    route('GET', '/api/remote/devices', (ctx) => {
+        gateUi(ctx);
+        const includeRevoked = new URL(ctx.request.url ?? '', 'http://x').searchParams.has('includeRevoked');
+        sendJson(ctx.response, 200, ctx.store.getRemoteDeviceStore().list(includeRevoked).map(toDeviceView));
+    }),
+    route('POST', '/api/remote/devices/:deviceId/revoke', (ctx) => {
+        const { params, response, store } = ctx;
+        const deviceId = getRequiredParam(response, params, 'deviceId', 'Device id is required');
+        if (!deviceId)
+            return;
+        gateUi(ctx);
+        // Revocation closed loop (§6 orchestrator in the runtime store): provider drop + tunnel close +
+        // audit. Equal-authority: a phone may revoke any device, including itself.
+        store.revokeRemoteDevice(deviceId);
+        response.statusCode = 204;
+        response.end();
+    }),
+    route('GET', '/api/remote/audit', (ctx) => {
+        gateUi(ctx);
+        const url = new URL(ctx.request.url ?? '', 'http://x');
+        const rawLimit = Number(url.searchParams.get('limit'));
+        const limit = Number.isFinite(rawLimit) && rawLimit > 0 ? Math.min(rawLimit, 500) : 100;
+        const deviceId = url.searchParams.get('deviceId');
+        const audit = ctx.store.getRemoteAuditStore();
+        sendJson(ctx.response, 200, deviceId ? audit.listForDevice(deviceId, limit) : audit.list(limit));
+    }),
+];

package/dist/src/server/routes-runtime.js

@@ -8,7 +8,7 @@ export const runtimeRoutes = [
         if (!workspaceId) {
             return;
         }
-        requireUiTokenFromRequest(request, store.validateUiToken);
+        requireUiTokenFromRequest(request, store.validateUiToken, store.authorizeRemoteTunnelRequest);
         sendJson(response, 200, store.listTerminalRuns(workspaceId));
     }),
     route('POST', '/api/workspaces/:workspaceId/shell/start', async ({ params, request, response, store }) => {
@@ -16,7 +16,7 @@ export const runtimeRoutes = [
         if (!workspaceId) {
             return;
         }
-        requireUiTokenFromRequest(request, store.validateUiToken);
+        requireUiTokenFromRequest(request, store.validateUiToken, store.authorizeRemoteTunnelRequest);
         const run = await store.startWorkspaceShell(workspaceId);
         const summary = store
             .listTerminalRuns(workspaceId)
@@ -35,7 +35,7 @@ export const runtimeRoutes = [
         if (!workspaceId || !runId) {
             return;
         }
-        requireUiTokenFromRequest(request, store.validateUiToken);
+        requireUiTokenFromRequest(request, store.validateUiToken, store.authorizeRemoteTunnelRequest);
         if (!store.closeWorkspaceShell(workspaceId, runId)) {
             sendJson(response, 404, { error: 'Shell run not found' });
             return;
@@ -49,7 +49,7 @@ export const runtimeRoutes = [
         if (!workspaceId || !agentId) {
             return;
         }
-        requireUiTokenFromRequest(request, store.validateUiToken);
+        requireUiTokenFromRequest(request, store.validateUiToken, store.authorizeRemoteTunnelRequest);
         const body = await readJsonBody(request);
         store.configureAgentLaunch(workspaceId, agentId, {
             command: body.command,
@@ -64,7 +64,7 @@ export const runtimeRoutes = [
         if (!runId) {
             return;
         }
-        requireUiTokenFromRequest(request, store.validateUiToken);
+        requireUiTokenFromRequest(request, store.validateUiToken, store.authorizeRemoteTunnelRequest);
         store.stopAgentRun(runId);
         sendJson(response, 202, { ok: true });
     }),
@@ -73,7 +73,7 @@ export const runtimeRoutes = [
         if (!runId) {
             return;
         }
-        requireUiTokenFromRequest(request, store.validateUiToken);
+        requireUiTokenFromRequest(request, store.validateUiToken, store.authorizeRemoteTunnelRequest);
         sendJson(response, 200, serializeLiveAgentRun(store.getLiveRun(runId)));
     }),
 ];

package/dist/src/server/routes-settings.js

@@ -85,15 +85,15 @@ const readRoleTemplateBody = async (request) => {
 };
 export const settingsRoutes = [
     route('GET', '/api/settings/command-presets', ({ request, response, store }) => {
-        requireUiTokenFromRequest(request, store.validateUiToken);
+        requireUiTokenFromRequest(request, store.validateUiToken, store.authorizeRemoteTunnelRequest);
         sendJson(response, 200, store.settings.listCommandPresets().map(serializeCommandPreset));
     }),
     route('POST', '/api/settings/command-presets', async ({ request, response, store }) => {
-        requireUiTokenFromRequest(request, store.validateUiToken);
+        requireUiTokenFromRequest(request, store.validateUiToken, store.authorizeRemoteTunnelRequest);
         sendJson(response, 201, serializeCommandPreset(store.settings.createCommandPreset(await readCommandPresetBody(request))));
     }),
     route('PATCH', '/api/settings/command-presets/:presetId', async ({ params, request, response, store }) => {
-        requireUiTokenFromRequest(request, store.validateUiToken);
+        requireUiTokenFromRequest(request, store.validateUiToken, store.authorizeRemoteTunnelRequest);
         const presetId = getRequiredParam(response, params, 'presetId', 'Preset id is required');
         if (!presetId)
             return;
@@ -104,7 +104,7 @@ export const settingsRoutes = [
         sendJson(response, 200, serializeCommandPreset(store.settings.updateCommandPreset(presetId, next)));
     }),
     route('DELETE', '/api/settings/command-presets/:presetId', ({ params, request, response, store }) => {
-        requireUiTokenFromRequest(request, store.validateUiToken);
+        requireUiTokenFromRequest(request, store.validateUiToken, store.authorizeRemoteTunnelRequest);
         const presetId = getRequiredParam(response, params, 'presetId', 'Preset id is required');
         if (!presetId)
             return;
@@ -113,15 +113,15 @@ export const settingsRoutes = [
         response.end();
     }),
     route('GET', '/api/settings/role-templates', ({ request, response, store }) => {
-        requireUiTokenFromRequest(request, store.validateUiToken);
+        requireUiTokenFromRequest(request, store.validateUiToken, store.authorizeRemoteTunnelRequest);
         sendJson(response, 200, store.settings.listRoleTemplates().map(serializeRoleTemplate));
     }),
     route('POST', '/api/settings/role-templates', async ({ request, response, store }) => {
-        requireUiTokenFromRequest(request, store.validateUiToken);
+        requireUiTokenFromRequest(request, store.validateUiToken, store.authorizeRemoteTunnelRequest);
         sendJson(response, 201, serializeRoleTemplate(store.settings.createRoleTemplate(await readRoleTemplateBody(request))));
     }),
     route('PATCH', '/api/settings/role-templates/:templateId', async ({ params, request, response, store }) => {
-        requireUiTokenFromRequest(request, store.validateUiToken);
+        requireUiTokenFromRequest(request, store.validateUiToken, store.authorizeRemoteTunnelRequest);
         const templateId = getRequiredParam(response, params, 'templateId', 'Template id is required');
         if (!templateId)
             return;
@@ -134,7 +134,7 @@ export const settingsRoutes = [
         sendJson(response, 200, serializeRoleTemplate(store.settings.updateRoleTemplate(templateId, next)));
     }),
     route('DELETE', '/api/settings/role-templates/:templateId', ({ params, request, response, store }) => {
-        requireUiTokenFromRequest(request, store.validateUiToken);
+        requireUiTokenFromRequest(request, store.validateUiToken, store.authorizeRemoteTunnelRequest);
         const templateId = getRequiredParam(response, params, 'templateId', 'Template id is required');
         if (!templateId)
             return;
@@ -143,14 +143,14 @@ export const settingsRoutes = [
         response.end();
     }),
     route('GET', '/api/settings/app-state/:key', ({ params, request, response, store }) => {
-        requireUiTokenFromRequest(request, store.validateUiToken);
+        requireUiTokenFromRequest(request, store.validateUiToken, store.authorizeRemoteTunnelRequest);
         const key = getRequiredParam(response, params, 'key', 'App state key is required');
         if (!key)
             return;
         sendJson(response, 200, store.settings.getAppState(key) ?? { key, value: null });
     }),
     route('PUT', '/api/settings/app-state/:key', async ({ params, request, response, store }) => {
-        requireUiTokenFromRequest(request, store.validateUiToken);
+        requireUiTokenFromRequest(request, store.validateUiToken, store.authorizeRemoteTunnelRequest);
         const key = getRequiredParam(response, params, 'key', 'App state key is required');
         if (!key)
             return;
@@ -160,12 +160,12 @@ export const settingsRoutes = [
         response.end();
     }),
     route('GET', '/api/settings/workflow-cli-policy', ({ request, response, store }) => {
-        requireUiTokenFromRequest(request, store.validateUiToken);
+        requireUiTokenFromRequest(request, store.validateUiToken, store.authorizeRemoteTunnelRequest);
         const policy = readWorkflowCliPolicy(store.settings.getAppState(WORKFLOW_CLI_POLICY_KEY)?.value ?? null);
         sendJson(response, 200, { ...policy, supported: [...CANONICAL_WORKFLOW_CLIS] });
     }),
     route('PUT', '/api/settings/workflow-cli-policy', async ({ request, response, store }) => {
-        requireUiTokenFromRequest(request, store.validateUiToken);
+        requireUiTokenFromRequest(request, store.validateUiToken, store.authorizeRemoteTunnelRequest);
         const body = await readJsonBody(request);
         // Strict validation: a bad payload is rejected (400) rather than persisted.
         const clean = (() => {
@@ -181,12 +181,12 @@ export const settingsRoutes = [
         sendJson(response, 200, { ...clean, supported: [...CANONICAL_WORKFLOW_CLIS] });
     }),
     route('GET', '/api/settings/workflow-feature', ({ request, response, store }) => {
-        requireUiTokenFromRequest(request, store.validateUiToken);
+        requireUiTokenFromRequest(request, store.validateUiToken, store.authorizeRemoteTunnelRequest);
         const enabled = readWorkflowEnabled(store.settings.getAppState(WORKFLOW_ENABLED_KEY)?.value ?? null);
         sendJson(response, 200, { enabled });
     }),
     route('PUT', '/api/settings/workflow-feature', async ({ request, response, store }) => {
-        requireUiTokenFromRequest(request, store.validateUiToken);
+        requireUiTokenFromRequest(request, store.validateUiToken, store.authorizeRemoteTunnelRequest);
         const body = await readJsonBody(request);
         if (typeof body.enabled !== 'boolean') {
             throw new BadRequestError('workflow-feature requires { enabled: boolean }');
@@ -196,12 +196,12 @@ export const settingsRoutes = [
         sendJson(response, 200, { enabled: body.enabled });
     }),
     route('GET', '/api/settings/team-autostaff', ({ request, response, store }) => {
-        requireUiTokenFromRequest(request, store.validateUiToken);
+        requireUiTokenFromRequest(request, store.validateUiToken, store.authorizeRemoteTunnelRequest);
         const enabled = readAutostaffEnabled(store.settings.getAppState(AUTOSTAFF_ENABLED_KEY)?.value ?? null);
         sendJson(response, 200, { enabled });
     }),
     route('PUT', '/api/settings/team-autostaff', async ({ request, response, store }) => {
-        requireUiTokenFromRequest(request, store.validateUiToken);
+        requireUiTokenFromRequest(request, store.validateUiToken, store.authorizeRemoteTunnelRequest);
         const body = await readJsonBody(request);
         if (typeof body.enabled !== 'boolean') {
             throw new BadRequestError('team-autostaff requires { enabled: boolean }');

package/dist/src/server/routes-tasks.js

@@ -29,7 +29,7 @@ export const taskRoutes = [
         if (!workspaceId) {
             return;
         }
-        requireUiTokenFromRequest(request, store.validateUiToken);
+        requireUiTokenFromRequest(request, store.validateUiToken, store.authorizeRemoteTunnelRequest);
         const workspace = store.getWorkspaceSnapshot(workspaceId);
         sendJson(response, 200, { content: tasksFileService.readTasks(workspace.summary.path) });
     }),
@@ -38,7 +38,7 @@ export const taskRoutes = [
         if (!workspaceId) {
             return;
         }
-        requireUiTokenFromRequest(request, store.validateUiToken);
+        requireUiTokenFromRequest(request, store.validateUiToken, store.authorizeRemoteTunnelRequest);
         const body = await readJsonBody(request);
         const workspace = store.getWorkspaceSnapshot(workspaceId);
         tasksFileService.writeTasks(workspace.summary.path, body.content);

package/dist/src/server/routes-team-memory.d.ts

@@ -0,0 +1,2 @@
+import type { RouteDefinition } from './route-types.js';
+export declare const teamMemoryRoutes: RouteDefinition[];

package/dist/src/server/routes-team-memory.js

@@ -0,0 +1,154 @@
+import { isMemoryKind, MEMORY_BODY_MAX_CHARS, MEMORY_KINDS, MEMORY_QUERY_MAX_CHARS, MEMORY_SEARCH_MAX_LIMIT, MEMORY_TAG_MAX_CHARS, MEMORY_TAG_MAX_COUNT, } from '../shared/team-memory.js';
+import { BadRequestError } from './http-errors.js';
+import { readJsonBody, route, sendJson } from './route-helpers.js';
+import { authenticateCliAgent, requireCommandForRole } from './team-authz.js';
+import { serializeMemoryEntry, serializeMemorySearchResult, } from './team-memory-http-serializers.js';
+import { MemoryEntryStatusError } from './team-memory-store.js';
+const requireNonEmptyString = (value, field) => {
+    if (typeof value !== 'string' || value.trim().length === 0) {
+        throw new BadRequestError(`Missing ${field}`);
+    }
+    return value.trim();
+};
+const requireMemoryBody = (value) => {
+    const body = requireNonEmptyString(value, 'body');
+    if ([...body].length > MEMORY_BODY_MAX_CHARS) {
+        throw new BadRequestError(`body must be ${MEMORY_BODY_MAX_CHARS} characters or fewer`);
+    }
+    return body;
+};
+const requireMemoryQuery = (value) => {
+    const query = requireNonEmptyString(value, 'query');
+    if ([...query].length > MEMORY_QUERY_MAX_CHARS) {
+        throw new BadRequestError(`query must be ${MEMORY_QUERY_MAX_CHARS} characters or fewer`);
+    }
+    return query;
+};
+const parseLimit = (value) => {
+    if (value === undefined)
+        return undefined;
+    if (typeof value !== 'number' || !Number.isInteger(value) || value < 0) {
+        throw new BadRequestError('limit must be a non-negative integer');
+    }
+    return Math.min(value, MEMORY_SEARCH_MAX_LIMIT);
+};
+const parseKind = (value) => {
+    if (value === undefined)
+        return 'fact';
+    if (!isMemoryKind(value)) {
+        throw new BadRequestError(`kind must be one of: ${MEMORY_KINDS.join(', ')}`);
+    }
+    return value;
+};
+const parseTags = (value) => {
+    if (value === undefined)
+        return [];
+    if (!Array.isArray(value)) {
+        throw new BadRequestError('tags must be an array of strings');
+    }
+    if (value.length > MEMORY_TAG_MAX_COUNT) {
+        throw new BadRequestError(`tags must contain ${MEMORY_TAG_MAX_COUNT} items or fewer`);
+    }
+    const tags = [];
+    for (const item of value) {
+        if (typeof item !== 'string' || item.trim().length === 0) {
+            throw new BadRequestError('tags must be non-empty strings');
+        }
+        const tag = item.trim();
+        if ([...tag].length > MEMORY_TAG_MAX_CHARS) {
+            throw new BadRequestError(`tags must be ${MEMORY_TAG_MAX_CHARS} characters or fewer`);
+        }
+        if (!tags.includes(tag))
+            tags.push(tag);
+    }
+    return tags;
+};
+const authenticateMemoryRequest = (body, store) => {
+    const workspaceId = requireNonEmptyString(body.project_id, 'project_id');
+    const fromAgentId = requireNonEmptyString(body.from_agent_id, 'from_agent_id');
+    const token = typeof body.token === 'string' ? body.token : undefined;
+    const agent = authenticateCliAgent({
+        fromAgentId,
+        getAgent: store.getAgent,
+        token,
+        validateToken: store.validateAgentToken,
+        workspaceId,
+    });
+    return { agent, workspaceId };
+};
+export const teamMemoryRoutes = [
+    route('POST', '/api/team/memory/add', async ({ request, response, store }) => {
+        const body = await readJsonBody(request);
+        const { agent, workspaceId } = authenticateMemoryRequest(body, store);
+        requireCommandForRole(agent, 'memory_add');
+        const memory = store.addMemoryEntry({
+            actor: {
+                id: agent.id,
+                name: agent.name,
+                role: agent.role,
+            },
+            body: requireMemoryBody(body.body),
+            kind: parseKind(body.kind),
+            tags: parseTags(body.tags),
+            workspaceId,
+        });
+        sendJson(response, 200, {
+            memory: serializeMemoryEntry(memory),
+            ok: true,
+        });
+    }),
+    route('POST', '/api/team/memory/show', async ({ request, response, store }) => {
+        const body = await readJsonBody(request);
+        const { agent, workspaceId } = authenticateMemoryRequest(body, store);
+        requireCommandForRole(agent, 'memory_show');
+        const memoryId = requireNonEmptyString(body.memory_id, 'memory_id');
+        const memory = store.getMemoryEntry(workspaceId, memoryId);
+        if (!memory) {
+            sendJson(response, 404, { error: `Memory entry not found: ${memoryId}` });
+            return;
+        }
+        sendJson(response, 200, {
+            memory: serializeMemoryEntry(memory),
+            ok: true,
+        });
+    }),
+    route('POST', '/api/team/memory/search', async ({ request, response, store }) => {
+        const body = await readJsonBody(request);
+        const { agent, workspaceId } = authenticateMemoryRequest(body, store);
+        requireCommandForRole(agent, 'memory_search');
+        const limit = parseLimit(body.limit);
+        const results = store.searchMemoryEntries(workspaceId, requireMemoryQuery(body.query), {
+            ...(limit !== undefined ? { limit } : {}),
+        });
+        sendJson(response, 200, {
+            ok: true,
+            results: results.map(serializeMemorySearchResult),
+        });
+    }),
+    route('POST', '/api/team/memory/forget', async ({ request, response, store }) => {
+        const body = await readJsonBody(request);
+        const { agent, workspaceId } = authenticateMemoryRequest(body, store);
+        requireCommandForRole(agent, 'memory_forget');
+        const memoryId = requireNonEmptyString(body.memory_id, 'memory_id');
+        const memory = store.getMemoryEntry(workspaceId, memoryId);
+        if (!memory) {
+            sendJson(response, 404, { error: `Memory entry not found: ${memoryId}` });
+            return;
+        }
+        try {
+            sendJson(response, 200, {
+                memory: serializeMemoryEntry(store.archiveMemoryEntry(workspaceId, memoryId)),
+                ok: true,
+            });
+        }
+        catch (error) {
+            if (error instanceof MemoryEntryStatusError) {
+                sendJson(response, 409, {
+                    error: `Memory entry has status ${error.actualStatus}; expected active`,
+                });
+                return;
+            }
+            throw error;
+        }
+    }),
+];

package/dist/src/server/routes-team-recall.d.ts

@@ -0,0 +1,2 @@
+import type { RouteDefinition } from './route-types.js';
+export declare const teamRecallRoutes: RouteDefinition[];