@vellumai/assistant 0.3.26 → 0.3.28

package/src/__tests__/channel-approval-routes.test.ts

@@ -67,6 +67,11 @@ mock.module('../memory/ingress-member-store.js', () => ({
   updateLastSeen: () => {},
 }));
 import type { Session } from '../daemon/session.js';
+import {
+  createCanonicalGuardianDelivery,
+  createCanonicalGuardianRequest,
+  getCanonicalGuardianRequest,
+} from '../memory/canonical-guardian-store.js';
 import * as channelDeliveryStore from '../memory/channel-delivery-store.js';
 import {
   createApprovalRequest,
@@ -110,6 +115,9 @@ function ensureConversation(conversationId: string): void {
 
 function resetTables(): void {
   const db = getDb();
+  db.run('DELETE FROM scoped_approval_grants');
+  db.run('DELETE FROM canonical_guardian_deliveries');
+  db.run('DELETE FROM canonical_guardian_requests');
   db.run('DELETE FROM channel_guardian_approval_requests');
   db.run('DELETE FROM channel_guardian_verification_challenges');
   db.run('DELETE FROM channel_guardian_bindings');
@@ -458,7 +466,7 @@ describe('empty content with callbackData bypasses validation', () => {
     const res = await handleChannelInbound(req, noopProcessMessage);
     expect(res.status).toBe(400);
     const body = await res.json() as Record<string, unknown>;
-    expect(body.error).toBe('content or attachmentIds is required');
+    expect((body.error as Record<string, unknown>).message).toBe('content or attachmentIds is required');
   });
 
   test('allows empty content when callbackData is present', async () => {
@@ -2645,4 +2653,169 @@ describe('background channel processing approval prompts', () => {
     expect(processCalls.length).toBeGreaterThan(0);
     expect(processCalls[0].options?.isInteractive).toBe(false);
   });
+
+  test('unverified channel turns never broadcast approval prompts', async () => {
+    // No guardian binding is created, so the sender resolves to unverified_channel.
+    const deliverPromptSpy = spyOn(gatewayClient, 'deliverApprovalPrompt').mockResolvedValue(undefined);
+    const processCalls: Array<{ options?: Record<string, unknown> }> = [];
+
+    const processMessage = mock(async (
+      conversationId: string,
+      _content: string,
+      _attachmentIds?: string[],
+      options?: Record<string, unknown>,
+    ) => {
+      processCalls.push({ options });
+
+      // Simulate a pending confirmation becoming visible while background
+      // processing is running. Unverified actors must still not receive it.
+      registerPendingInteraction('req-bg-unverified-1', conversationId, 'host_bash', {
+        input: { command: 'ls -la' },
+        riskLevel: 'medium',
+      });
+
+      await new Promise((resolve) => setTimeout(resolve, 350));
+      return { messageId: 'msg-bg-unverified-1' };
+    });
+
+    const req = makeInboundRequest({
+      content: 'run ls',
+      sourceChannel: 'telegram',
+      replyCallbackUrl: 'https://gateway.test/deliver/telegram',
+      externalMessageId: 'msg-bg-unverified-1',
+    });
+
+    const res = await handleChannelInbound(req, processMessage as unknown as typeof noopProcessMessage, 'token');
+    const body = await res.json() as Record<string, unknown>;
+    expect(body.accepted).toBe(true);
+
+    await new Promise((resolve) => setTimeout(resolve, 700));
+
+    expect(processCalls.length).toBeGreaterThan(0);
+    expect(processCalls[0].options?.isInteractive).toBe(false);
+    expect(deliverPromptSpy).not.toHaveBeenCalled();
+
+    deliverPromptSpy.mockRestore();
+  });
+});
+
+// ═══════════════════════════════════════════════════════════════════════════
+// NL approval routing via destination-scoped canonical requests
+// ═══════════════════════════════════════════════════════════════════════════
+
+describe('NL approval routing via destination-scoped canonical requests', () => {
+  beforeEach(() => {
+    resetTables();
+    noopProcessMessage.mockClear();
+  });
+
+  test('guardian plain-text "yes" resolves a pending_question with no guardianExternalUserId via delivery-scoped hint', async () => {
+    // Simulate a voice-originated pending_question without guardianExternalUserId
+    const guardianChatId = 'guardian-chat-nl-1';
+    const guardianUserId = 'guardian-user-nl-1';
+
+    // Ensure the conversation exists so the resolver finds it
+    ensureConversation('conv-voice-nl-1');
+
+    // Create guardian binding for Telegram
+    createBinding({
+      assistantId: 'self',
+      channel: 'telegram',
+      guardianExternalUserId: guardianUserId,
+      guardianDeliveryChatId: guardianChatId,
+    });
+
+    // Create canonical tool_approval request WITHOUT guardianExternalUserId
+    // but WITH a conversationId (required by the tool_approval resolver)
+    const canonicalReq = createCanonicalGuardianRequest({
+      kind: 'tool_approval',
+      sourceType: 'voice',
+      sourceChannel: 'twilio',
+      conversationId: 'conv-voice-nl-1',
+      toolName: 'shell',
+      expiresAt: new Date(Date.now() + 60_000).toISOString(),
+      // guardianExternalUserId intentionally omitted
+    });
+
+    // Register pending interaction so resolver can find it
+    registerPendingInteraction(canonicalReq.id, 'conv-voice-nl-1', 'shell');
+
+    // Create canonical delivery row targeting guardian chat
+    createCanonicalGuardianDelivery({
+      requestId: canonicalReq.id,
+      destinationChannel: 'telegram',
+      destinationChatId: guardianChatId,
+    });
+
+    // Send inbound guardian text reply "yes" from that chat
+    const req = makeInboundRequest({
+      sourceChannel: 'telegram',
+      externalChatId: guardianChatId,
+      senderExternalUserId: guardianUserId,
+      content: 'yes',
+      externalMessageId: `msg-nl-approve-${Date.now()}`,
+    });
+    const res = await handleChannelInbound(req, noopProcessMessage as any, TEST_BEARER_TOKEN);
+    const body = await res.json() as Record<string, unknown>;
+
+    expect(body.accepted).toBe(true);
+    expect(body.canonicalRouter).toBe('canonical_decision_applied');
+
+    // Verify the request was resolved
+    const resolved = getCanonicalGuardianRequest(canonicalReq.id);
+    expect(resolved).not.toBeNull();
+    expect(resolved!.status).toBe('approved');
+  });
+
+  test('inbound from different chat ID does not auto-match delivery-scoped canonical request', async () => {
+    const guardianChatId = 'guardian-chat-nl-2';
+    const guardianUserId = 'guardian-user-nl-2';
+    const differentChatId = 'different-chat-999';
+
+    // Create guardian binding for the guardian user on the different chat
+    createBinding({
+      assistantId: 'self',
+      channel: 'telegram',
+      guardianExternalUserId: guardianUserId,
+      guardianDeliveryChatId: differentChatId,
+    });
+
+    // Create canonical pending_question WITHOUT guardianExternalUserId
+    const canonicalReq = createCanonicalGuardianRequest({
+      kind: 'tool_approval',
+      sourceType: 'voice',
+      sourceChannel: 'twilio',
+      toolName: 'shell',
+      expiresAt: new Date(Date.now() + 60_000).toISOString(),
+    });
+
+    // Delivery targets the original guardian chat, NOT the different chat
+    createCanonicalGuardianDelivery({
+      requestId: canonicalReq.id,
+      destinationChannel: 'telegram',
+      destinationChatId: guardianChatId,
+    });
+
+    // Send from differentChatId — delivery-scoped lookup should not match
+    const req = makeInboundRequest({
+      sourceChannel: 'telegram',
+      externalChatId: differentChatId,
+      senderExternalUserId: guardianUserId,
+      content: 'approve',
+      externalMessageId: `msg-nl-mismatch-${Date.now()}`,
+    });
+    const res = await handleChannelInbound(req, noopProcessMessage as any, TEST_BEARER_TOKEN);
+    const body = await res.json() as Record<string, unknown>;
+
+    expect(body.accepted).toBe(true);
+    // Should NOT have been consumed by canonical router since there are no
+    // delivery-scoped pending requests for this chat, and identity-based
+    // fallback finds no match either (no guardianExternalUserId on request)
+    expect(body.canonicalRouter).toBeUndefined();
+
+    // Request should remain pending
+    const unchanged = getCanonicalGuardianRequest(canonicalReq.id);
+    expect(unchanged).not.toBeNull();
+    expect(unchanged!.status).toBe('pending');
+  });
 });

package/src/__tests__/emit-signal-routing-intent.test.ts

@@ -7,6 +7,7 @@ const runDeterministicChecksMock = mock();
 const createEventMock = mock();
 const updateEventDedupeKeyMock = mock();
 const dispatchDecisionMock = mock();
+const activeBindingChannels = new Set<string>(['telegram']);
 
 mock.module('../util/logger.js', () => ({
   getLogger: () =>
@@ -21,7 +22,7 @@ mock.module('../channels/config.js', () => ({
 
 mock.module('../memory/channel-guardian-store.js', () => ({
   getActiveBinding: (_assistantId: string, channel: string) =>
-    channel === 'telegram'
+    activeBindingChannels.has(channel)
       ? {
         guardianDeliveryChatId: 'guardian-chat-123',
         guardianExternalUserId: 'guardian-user-123',
@@ -83,6 +84,8 @@ describe('emitNotificationSignal routing intent re-persistence', () => {
     createEventMock.mockReset();
     updateEventDedupeKeyMock.mockReset();
     dispatchDecisionMock.mockReset();
+    activeBindingChannels.clear();
+    activeBindingChannels.add('telegram');
 
     createEventMock.mockReturnValue({ id: 'evt-1' });
     runDeterministicChecksMock.mockResolvedValue({ passed: true });
@@ -176,4 +179,43 @@ describe('emitNotificationSignal routing intent re-persistence', () => {
 
     expect(updateDecisionMock).not.toHaveBeenCalled();
   });
+
+  test('excludes unverified binding channels from connected channel candidates', async () => {
+    activeBindingChannels.clear();
+
+    const decision = {
+      shouldNotify: true,
+      selectedChannels: ['vellum'],
+      reasoningSummary: 'Local only',
+      renderedCopy: {
+        vellum: { title: 'Reminder', body: 'Check this' },
+      },
+      dedupeKey: 'dedupe-rem-3',
+      confidence: 0.8,
+      fallbackUsed: false,
+      persistedDecisionId: 'dec-3',
+    };
+
+    evaluateSignalMock.mockResolvedValue(decision);
+    enforceRoutingIntentMock.mockImplementation((inputDecision: unknown) => inputDecision);
+
+    await emitNotificationSignal({
+      sourceEventName: 'reminder.fired',
+      sourceChannel: 'scheduler',
+      sourceSessionId: 'rem-3',
+      attentionHints: {
+        requiresAction: false,
+        urgency: 'medium',
+        isAsyncBackground: false,
+        visibleInSourceNow: false,
+      },
+      contextPayload: { reminderId: 'rem-3' },
+      routingIntent: 'single_channel',
+    });
+
+    expect(evaluateSignalMock).toHaveBeenCalled();
+    const callArgs = evaluateSignalMock.mock.calls[0];
+    expect(callArgs).toBeDefined();
+    expect(callArgs?.[1]).toEqual(['vellum']);
+  });
 });