@vellumai/assistant 0.3.3 → 0.3.5

package/src/__tests__/channel-approvals.test.ts

@@ -41,6 +41,7 @@ import {
   buildApprovalUIMetadata,
   handleChannelDecision,
   buildReminderPrompt,
+  buildGuardianApprovalPrompt,
   channelSupportsRichApprovalUI,
 } from '../runtime/channel-approvals.js';
 import type { ApprovalDecisionResult, ChannelApprovalPrompt } from '../runtime/channel-approval-types.js';
@@ -298,6 +299,53 @@ describe('handleChannelDecision', () => {
     expect(orchestrator.submitDecision).toHaveBeenCalledWith(run.id, 'deny');
   });
 
+  test('uses decision.runId to target the matching pending run', () => {
+    ensureConversation('conv-1');
+    const olderRun = createRun('conv-1');
+    setRunConfirmation(olderRun.id, {
+      ...sampleConfirmation,
+      toolName: 'shell',
+      toolUseId: 'req-older',
+    });
+    const newerRun = createRun('conv-1');
+    setRunConfirmation(newerRun.id, {
+      ...sampleConfirmation,
+      toolName: 'browser',
+      toolUseId: 'req-newer',
+    });
+
+    const orchestrator = makeMockOrchestrator();
+    const decision: ApprovalDecisionResult = {
+      action: 'approve_once',
+      source: 'telegram_button',
+      runId: newerRun.id,
+    };
+
+    const result = handleChannelDecision('conv-1', decision, orchestrator);
+    expect(result.applied).toBe(true);
+    expect(result.runId).toBe(newerRun.id);
+    expect(orchestrator.submitDecision).toHaveBeenCalledWith(newerRun.id, 'allow');
+    expect(orchestrator.submitDecision).not.toHaveBeenCalledWith(olderRun.id, 'allow');
+  });
+
+  test('returns applied: false when decision.runId does not match a pending run', () => {
+    ensureConversation('conv-1');
+    const run = createRun('conv-1');
+    setRunConfirmation(run.id, sampleConfirmation);
+
+    const orchestrator = makeMockOrchestrator();
+    const decision: ApprovalDecisionResult = {
+      action: 'approve_once',
+      source: 'telegram_button',
+      runId: 'run-missing',
+    };
+
+    const result = handleChannelDecision('conv-1', decision, orchestrator);
+    expect(result.applied).toBe(false);
+    expect(result.runId).toBeUndefined();
+    expect(orchestrator.submitDecision).not.toHaveBeenCalled();
+  });
+
   test('approve_always adds a trust rule and submits "allow"', () => {
     ensureConversation('conv-1');
     const run = createRun('conv-1');
@@ -319,14 +367,16 @@ describe('handleChannelDecision', () => {
     expect(result.applied).toBe(true);
     expect(result.runId).toBe(run.id);
 
-    // Trust rule added with first allowlist and scope option
+    // Trust rule added with first allowlist and scope option.
+    // executionTarget is undefined for core tools like 'shell' — only
+    // skill-origin tools persist it (see channel-approvals.ts).
     expect(addRuleSpy).toHaveBeenCalledWith(
       'shell',
       'rm -rf *',
       '/tmp/project',
       'allow',
       100,
-      { executionTarget: 'sandbox' },
+      { executionTarget: undefined },
     );
 
     // The run is still approved with a simple "allow"
@@ -498,7 +548,53 @@ describe('buildReminderPrompt', () => {
 });
 
 // ═══════════════════════════════════════════════════════════════════════════
-// 5. channelSupportsRichApprovalUI
+// 5. buildGuardianApprovalPrompt
+// ═══════════════════════════════════════════════════════════════════════════
+
+describe('buildGuardianApprovalPrompt', () => {
+  test('prompt includes requester identifier and tool name', () => {
+    const runInfo: PendingRunInfo = {
+      runId: 'run-g1',
+      requestId: 'req-g1',
+      toolName: 'deploy',
+      input: {},
+      riskLevel: 'high',
+    };
+    const prompt = buildGuardianApprovalPrompt(runInfo, 'alice');
+    expect(prompt.promptText).toContain('alice');
+    expect(prompt.promptText).toContain('deploy');
+  });
+
+  test('excludes approve_always action', () => {
+    const runInfo: PendingRunInfo = {
+      runId: 'run-g2',
+      requestId: 'req-g2',
+      toolName: 'shell',
+      input: {},
+      riskLevel: 'medium',
+    };
+    const prompt = buildGuardianApprovalPrompt(runInfo, 'bob');
+    expect(prompt.actions.map((a) => a.id)).not.toContain('approve_always');
+    expect(prompt.actions.map((a) => a.id)).toContain('approve_once');
+    expect(prompt.actions.map((a) => a.id)).toContain('reject');
+  });
+
+  test('plainTextFallback contains parser-compatible keywords', () => {
+    const runInfo: PendingRunInfo = {
+      runId: 'run-g3',
+      requestId: 'req-g3',
+      toolName: 'write_file',
+      input: {},
+      riskLevel: 'high',
+    };
+    const prompt = buildGuardianApprovalPrompt(runInfo, 'charlie');
+    expect(prompt.plainTextFallback).toContain('yes');
+    expect(prompt.plainTextFallback).toContain('no');
+  });
+});
+
+// ═══════════════════════════════════════════════════════════════════════════
+// 6. channelSupportsRichApprovalUI
 // ═══════════════════════════════════════════════════════════════════════════
 
 describe('channelSupportsRichApprovalUI', () => {

package/src/__tests__/channel-delivery-store.test.ts

@@ -24,7 +24,7 @@ mock.module('../util/logger.js', () => ({
 }));
 
 import { initializeDb, getDb, resetDb } from '../memory/db.js';
-import { channelInboundEvents, conversations, messages } from '../memory/schema.js';
+import { channelInboundEvents, conversations, externalConversationBindings, messages } from '../memory/schema.js';
 import {
   recordInbound,
   linkMessage,
@@ -470,7 +470,7 @@ describe('channel-delivery-store', () => {
 
   // ── handleDeleteConversation assistantId parameter ───────────────
 
-  test('handleDeleteConversation uses route assistantId param to delete scoped key', async () => {
+  test('handleDeleteConversation with non-self assistant deletes only scoped key', async () => {
     // Set up a scoped conversation key like the one created by recordInbound
     // with a specific assistantId.
     const convId = 'conv-delete-test';
@@ -488,6 +488,13 @@ describe('channel-delivery-store', () => {
     }).run();
     setConversationKey(scopedKey, convId);
     setConversationKey(legacyKey, convId);
+    db.insert(externalConversationBindings).values({
+      conversationId: convId,
+      sourceChannel: 'telegram',
+      externalChatId: 'chat-del',
+      createdAt: now,
+      updatedAt: now,
+    }).run();
 
     // Verify both keys exist
     expect(getConversationByKey(scopedKey)).not.toBeNull();
@@ -510,9 +517,15 @@ describe('channel-delivery-store', () => {
     const json = await res.json() as { ok: boolean };
     expect(json.ok).toBe(true);
 
-    // Both the legacy key and the scoped key should be deleted
+    // Non-self delete should only remove the scoped key and preserve legacy.
     expect(getConversationByKey(scopedKey)).toBeNull();
-    expect(getConversationByKey(legacyKey)).toBeNull();
+    expect(getConversationByKey(legacyKey)).not.toBeNull();
+    // Non-self delete should not mutate assistant-agnostic external bindings.
+    const remainingBinding = db.select()
+      .from(externalConversationBindings)
+      .where(eq(externalConversationBindings.conversationId, convId))
+      .get();
+    expect(remainingBinding).not.toBeNull();
   });
 
   test('handleDeleteConversation defaults to "self" when no assistantId provided', async () => {
@@ -530,6 +543,13 @@ describe('channel-delivery-store', () => {
     }).run();
     setConversationKey(scopedKey, convId);
     setConversationKey(legacyKey, convId);
+    db.insert(externalConversationBindings).values({
+      conversationId: convId,
+      sourceChannel: 'telegram',
+      externalChatId: 'chat-def',
+      createdAt: now,
+      updatedAt: now,
+    }).run();
 
     const req = new Request('http://localhost/channels/conversation', {
       method: 'DELETE',
@@ -546,5 +566,11 @@ describe('channel-delivery-store', () => {
 
     expect(getConversationByKey(scopedKey)).toBeNull();
     expect(getConversationByKey(legacyKey)).toBeNull();
+    // Self delete should keep external bindings in sync for the canonical route.
+    const remainingBinding = db.select()
+      .from(externalConversationBindings)
+      .where(eq(externalConversationBindings.conversationId, convId))
+      .get();
+    expect(remainingBinding).toBeUndefined();
   });
 });

package/src/__tests__/channel-guardian.test.ts

@@ -52,6 +52,10 @@ import {
   isGuardian,
   revokeBinding as serviceRevokeBinding,
 } from '../runtime/channel-guardian-service.js';
+import { handleGuardianVerification } from '../daemon/handlers/config.js';
+import type { GuardianVerificationRequest, GuardianVerificationResponse } from '../daemon/ipc-contract.js';
+import type { HandlerContext } from '../daemon/handlers/shared.js';
+import type * as net from 'node:net';
 
 initializeDb();
 
@@ -307,28 +311,32 @@ describe('guardian service challenge validation', () => {
     resetTables();
   });
 
-  test('createVerificationChallenge returns a secret and instruction', () => {
+  test('createVerificationChallenge returns a secret, verifyCommand, ttlSeconds, and instruction', () => {
     const result = createVerificationChallenge('asst-1', 'telegram');
 
     expect(result.challengeId).toBeDefined();
     expect(result.secret).toBeDefined();
     expect(result.secret.length).toBe(64); // 32 bytes hex-encoded
+    expect(result.verifyCommand).toBe(`/guardian_verify ${result.secret}`);
+    expect(result.ttlSeconds).toBe(600);
+    expect(result.instruction).toBeDefined();
+    expect(result.instruction.length).toBeGreaterThan(0);
     expect(result.instruction).toContain('/guardian_verify');
-    expect(result.instruction).toContain(result.secret);
   });
 
-  test('createVerificationChallenge instruction mentions Telegram for telegram channel', () => {
+  test('createVerificationChallenge produces a non-empty instruction for telegram channel', () => {
     const result = createVerificationChallenge('asst-1', 'telegram');
-    expect(result.instruction).toContain('via Telegram');
-    expect(result.instruction).not.toContain('via SMS');
+    expect(result.instruction).toBeDefined();
+    expect(result.instruction.length).toBeGreaterThan(0);
+    expect(result.instruction).toContain(result.verifyCommand);
   });
 
-  test('createVerificationChallenge instruction mentions SMS for sms channel', () => {
+  test('createVerificationChallenge produces a non-empty instruction for sms channel', () => {
     const result = createVerificationChallenge('asst-1', 'sms');
-    expect(result.instruction).toContain('via SMS');
-    expect(result.instruction).not.toContain('via Telegram');
+    expect(result.instruction).toBeDefined();
+    expect(result.instruction.length).toBeGreaterThan(0);
     expect(result.instruction).toContain('/guardian_verify');
-    expect(result.instruction).toContain(result.secret);
+    expect(result.instruction).toContain(result.verifyCommand);
   });
 
   test('validateAndConsumeChallenge succeeds with correct secret', () => {
@@ -373,8 +381,10 @@ describe('guardian service challenge validation', () => {
 
     expect(result.success).toBe(false);
     if (!result.success) {
-      // Generic message to prevent oracle leakage
-      expect(result.reason).toContain('try again later');
+      // Composed failure message — check it is non-empty and contains "failed"
+      expect(result.reason).toBeDefined();
+      expect(result.reason.length).toBeGreaterThan(0);
+      expect(result.reason.toLowerCase()).toContain('failed');
     }
   });
 
@@ -400,8 +410,10 @@ describe('guardian service challenge validation', () => {
 
     expect(result.success).toBe(false);
     if (!result.success) {
-      // Generic message to prevent oracle leakage
-      expect(result.reason).toContain('try again later');
+      // Composed failure message — check it is non-empty and contains "failed"
+      expect(result.reason).toBeDefined();
+      expect(result.reason.length).toBeGreaterThan(0);
+      expect(result.reason.toLowerCase()).toContain('failed');
     }
   });
 
@@ -939,7 +951,9 @@ describe('guardian service rate limiting', () => {
       'asst-1', 'telegram', 'another-wrong', 'user-42', 'chat-42',
     );
     expect(result.success).toBe(false);
-    expect((result as { reason: string }).reason).toContain('try again later');
+    expect((result as { reason: string }).reason).toBeDefined();
+    expect((result as { reason: string }).reason.length).toBeGreaterThan(0);
+    expect((result as { reason: string }).reason.toLowerCase()).toContain('failed');
 
     // Verify the rate limit record
     const rl = getRateLimit('asst-1', 'telegram', 'user-42', 'chat-42');
@@ -971,21 +985,38 @@ describe('guardian service rate limiting', () => {
   test('rate-limit uses generic failure message (no oracle leakage)', () => {
     createVerificationChallenge('asst-1', 'telegram');
 
-    // Trigger rate limit
-    for (let i = 0; i < 5; i++) {
+    // Capture a normal invalid-code failure response
+    const normalFailure = validateAndConsumeChallenge(
+      'asst-1', 'telegram', 'wrong-first', 'user-42', 'chat-42',
+    );
+    expect(normalFailure.success).toBe(false);
+    const normalReason = (normalFailure as { reason: string }).reason;
+
+    // Trigger rate limit (4 more attempts to reach 5 total)
+    for (let i = 0; i < 4; i++) {
       validateAndConsumeChallenge(
         'asst-1', 'telegram', `wrong-${i}`, 'user-42', 'chat-42',
       );
     }
 
-    const result = validateAndConsumeChallenge(
+    // Verify lockout is actually active before testing the rate-limited response
+    const rl = getRateLimit('asst-1', 'telegram', 'user-42', 'chat-42');
+    expect(rl).not.toBeNull();
+    expect(rl!.lockedUntil).toBeGreaterThan(Date.now());
+
+    // The rate-limited response should be indistinguishable from normal failure
+    const rateLimitedResult = validateAndConsumeChallenge(
       'asst-1', 'telegram', 'anything', 'user-42', 'chat-42',
     );
-    expect(result.success).toBe(false);
-    // Must NOT reveal "invalid", "expired", or "rate limit" specifically
-    expect((result as { reason: string }).reason).not.toContain('Invalid');
-    expect((result as { reason: string }).reason).not.toContain('expired');
-    expect((result as { reason: string }).reason).not.toContain('rate limit');
+    expect(rateLimitedResult.success).toBe(false);
+    const rateLimitedReason = (rateLimitedResult as { reason: string }).reason;
+
+    // Anti-oracle: both responses must be identical
+    expect(rateLimitedReason).toBe(normalReason);
+
+    // Neither should reveal rate-limiting info
+    expect(rateLimitedReason).not.toContain('rate limit');
+    expect(normalReason).not.toContain('rate limit');
   });
 
   test('rate limit does not affect different actors', () => {
@@ -1186,3 +1217,211 @@ describe('assistant-scoped approval request lookups', () => {
     expect(foundB!.toolName).toBe('browser');
   });
 });
+
+// ═══════════════════════════════════════════════════════════════════════════
+// 10. IPC handler — channel-aware guardian status response
+// ═══════════════════════════════════════════════════════════════════════════
+
+/**
+ * Creates a minimal mock HandlerContext that captures the response sent via ctx.send().
+ */
+function createMockCtx(): { ctx: HandlerContext; lastResponse: () => GuardianVerificationResponse | null } {
+  let captured: GuardianVerificationResponse | null = null;
+  const ctx = {
+    sessions: new Map(),
+    socketToSession: new Map(),
+    cuSessions: new Map(),
+    socketToCuSession: new Map(),
+    cuObservationParseSequence: new Map(),
+    socketSandboxOverride: new Map(),
+    sharedRequestTimestamps: [],
+    debounceTimers: { schedule: () => {}, cancel: () => {} } as unknown as HandlerContext['debounceTimers'],
+    suppressConfigReload: false,
+    setSuppressConfigReload: () => {},
+    updateConfigFingerprint: () => {},
+    send: (_socket: net.Socket, msg: unknown) => { captured = msg as GuardianVerificationResponse; },
+    broadcast: () => {},
+    clearAllSessions: () => 0,
+    getOrCreateSession: () => Promise.resolve({} as never),
+    touchSession: () => {},
+  } as unknown as HandlerContext;
+  return { ctx, lastResponse: () => captured };
+}
+
+const mockSocket = {} as net.Socket;
+
+describe('IPC handler channel-aware guardian status', () => {
+  beforeEach(() => {
+    resetTables();
+  });
+
+  test('status action for telegram returns channel and assistantId fields', () => {
+    const { ctx, lastResponse } = createMockCtx();
+    const msg: GuardianVerificationRequest = {
+      type: 'guardian_verification',
+      action: 'status',
+      channel: 'telegram',
+      assistantId: 'self',
+    };
+
+    handleGuardianVerification(msg, mockSocket, ctx);
+
+    const resp = lastResponse();
+    expect(resp).not.toBeNull();
+    expect(resp!.success).toBe(true);
+    expect(resp!.channel).toBe('telegram');
+    expect(resp!.assistantId).toBe('self');
+    expect(resp!.bound).toBe(false);
+    expect(resp!.guardianDeliveryChatId).toBeUndefined();
+  });
+
+  test('status action for sms returns channel: sms and assistantId: self', () => {
+    const { ctx, lastResponse } = createMockCtx();
+    const msg: GuardianVerificationRequest = {
+      type: 'guardian_verification',
+      action: 'status',
+      channel: 'sms',
+      assistantId: 'self',
+    };
+
+    handleGuardianVerification(msg, mockSocket, ctx);
+
+    const resp = lastResponse();
+    expect(resp).not.toBeNull();
+    expect(resp!.success).toBe(true);
+    expect(resp!.channel).toBe('sms');
+    expect(resp!.assistantId).toBe('self');
+    expect(resp!.bound).toBe(false);
+  });
+
+  test('status action returns guardianDeliveryChatId when bound', () => {
+    createBinding({
+      assistantId: 'self',
+      channel: 'telegram',
+      guardianExternalUserId: 'user-42',
+      guardianDeliveryChatId: 'chat-42',
+    });
+
+    const { ctx, lastResponse } = createMockCtx();
+    const msg: GuardianVerificationRequest = {
+      type: 'guardian_verification',
+      action: 'status',
+      channel: 'telegram',
+      assistantId: 'self',
+    };
+
+    handleGuardianVerification(msg, mockSocket, ctx);
+
+    const resp = lastResponse();
+    expect(resp).not.toBeNull();
+    expect(resp!.success).toBe(true);
+    expect(resp!.bound).toBe(true);
+    expect(resp!.guardianExternalUserId).toBe('user-42');
+    expect(resp!.guardianDeliveryChatId).toBe('chat-42');
+    expect(resp!.channel).toBe('telegram');
+    expect(resp!.assistantId).toBe('self');
+  });
+
+  test('status action returns guardian username/displayName from binding metadata', () => {
+    createBinding({
+      assistantId: 'self',
+      channel: 'telegram',
+      guardianExternalUserId: 'user-43',
+      guardianDeliveryChatId: 'chat-43',
+      metadataJson: JSON.stringify({ username: 'guardian_handle', displayName: 'Guardian Name' }),
+    });
+
+    const { ctx, lastResponse } = createMockCtx();
+    const msg: GuardianVerificationRequest = {
+      type: 'guardian_verification',
+      action: 'status',
+      channel: 'telegram',
+      assistantId: 'self',
+    };
+
+    handleGuardianVerification(msg, mockSocket, ctx);
+
+    const resp = lastResponse();
+    expect(resp).not.toBeNull();
+    expect(resp!.guardianUsername).toBe('guardian_handle');
+    expect(resp!.guardianDisplayName).toBe('Guardian Name');
+  });
+
+  test('status action defaults channel to telegram when omitted (backward compat)', () => {
+    const { ctx, lastResponse } = createMockCtx();
+    const msg: GuardianVerificationRequest = {
+      type: 'guardian_verification',
+      action: 'status',
+      // channel omitted — should default to 'telegram'
+    };
+
+    handleGuardianVerification(msg, mockSocket, ctx);
+
+    const resp = lastResponse();
+    expect(resp).not.toBeNull();
+    expect(resp!.channel).toBe('telegram');
+    expect(resp!.assistantId).toBe('self');
+  });
+
+  test('status action defaults assistantId to self when omitted (backward compat)', () => {
+    const { ctx, lastResponse } = createMockCtx();
+    const msg: GuardianVerificationRequest = {
+      type: 'guardian_verification',
+      action: 'status',
+      channel: 'sms',
+      // assistantId omitted — should default to 'self'
+    };
+
+    handleGuardianVerification(msg, mockSocket, ctx);
+
+    const resp = lastResponse();
+    expect(resp).not.toBeNull();
+    expect(resp!.assistantId).toBe('self');
+    expect(resp!.channel).toBe('sms');
+  });
+
+  test('status action with custom assistantId returns correct value', () => {
+    createBinding({
+      assistantId: 'asst-custom',
+      channel: 'telegram',
+      guardianExternalUserId: 'user-77',
+      guardianDeliveryChatId: 'chat-77',
+    });
+
+    const { ctx, lastResponse } = createMockCtx();
+    const msg: GuardianVerificationRequest = {
+      type: 'guardian_verification',
+      action: 'status',
+      channel: 'telegram',
+      assistantId: 'asst-custom',
+    };
+
+    handleGuardianVerification(msg, mockSocket, ctx);
+
+    const resp = lastResponse();
+    expect(resp).not.toBeNull();
+    expect(resp!.success).toBe(true);
+    expect(resp!.bound).toBe(true);
+    expect(resp!.assistantId).toBe('asst-custom');
+    expect(resp!.channel).toBe('telegram');
+    expect(resp!.guardianExternalUserId).toBe('user-77');
+    expect(resp!.guardianDeliveryChatId).toBe('chat-77');
+  });
+
+  test('status action for unbound sms does not return guardianDeliveryChatId', () => {
+    const { ctx, lastResponse } = createMockCtx();
+    const msg: GuardianVerificationRequest = {
+      type: 'guardian_verification',
+      action: 'status',
+      channel: 'sms',
+    };
+
+    handleGuardianVerification(msg, mockSocket, ctx);
+
+    const resp = lastResponse();
+    expect(resp).not.toBeNull();
+    expect(resp!.bound).toBe(false);
+    expect(resp!.guardianDeliveryChatId).toBeUndefined();
+    expect(resp!.guardianExternalUserId).toBeUndefined();
+  });
+});