@xfxstudio/claworld 0.1.0

package/src/product-shell/social/chat-request-approval-policy.js

@@ -0,0 +1,332 @@
+import {
+  CHAT_REQUEST_APPROVAL_POLICY_SCHEMA_VERSION,
+  normalizeChatRequestApprovalPolicy,
+  normalizeChatRequestApprovalOriginType,
+} from '../contracts/chat-request-approval-policy.js';
+
+function normalizeText(value, fallback = null) {
+  if (value == null) return fallback;
+  const normalized = String(value).trim();
+  return normalized || fallback;
+}
+
+function normalizeWorldEligibility(value, fallback = 'active') {
+  const normalized = normalizeText(value, fallback);
+  return normalized === 'joined' ? 'joined' : 'active';
+}
+
+function sortByRecency(items = [], ...fieldNames) {
+  return items.slice().sort((left, right) => {
+    for (const fieldName of fieldNames) {
+      const rightTs = Date.parse(right?.[fieldName] || '');
+      const leftTs = Date.parse(left?.[fieldName] || '');
+      const normalizedRightTs = Number.isFinite(rightTs) ? rightTs : -Infinity;
+      const normalizedLeftTs = Number.isFinite(leftTs) ? leftTs : -Infinity;
+      if (normalizedRightTs !== normalizedLeftTs) return normalizedRightTs - normalizedLeftTs;
+    }
+    return 0;
+  });
+}
+
+function resolveChatRequestWorldId(request = {}) {
+  const requestContext = request.requestContext && typeof request.requestContext === 'object' && !Array.isArray(request.requestContext)
+    ? request.requestContext
+    : {};
+  const conversation = request.conversation && typeof request.conversation === 'object' && !Array.isArray(request.conversation)
+    ? request.conversation
+    : {};
+  return normalizeText(
+    conversation.worldId,
+    normalizeText(requestContext.conversation?.worldId, null),
+  );
+}
+
+function resolveChatRequestOriginType(request = {}) {
+  const directOrigin = request.origin && typeof request.origin === 'object' && !Array.isArray(request.origin)
+    ? request.origin
+    : {};
+  const requestContext = request.requestContext && typeof request.requestContext === 'object' && !Array.isArray(request.requestContext)
+    ? request.requestContext
+    : {};
+  const origin = requestContext.origin && typeof requestContext.origin === 'object' && !Array.isArray(requestContext.origin)
+    ? requestContext.origin
+    : {};
+  return normalizeChatRequestApprovalOriginType(
+    directOrigin.type || origin.type,
+    normalizeChatRequestApprovalOriginType(request.source, 'chat_request'),
+  );
+}
+
+function resolveAllowedMembershipStatuses(world = {}) {
+  const eligibility = normalizeWorldEligibility(world?.eligibility, 'active');
+  return eligibility === 'joined'
+    ? new Set(['joined', 'active'])
+    : new Set(['active']);
+}
+
+function resolveWorldApprovalFacts({ request = {}, store = null, worldService = null } = {}) {
+  const worldId = resolveChatRequestWorldId(request);
+  if (!worldId || !store) {
+    return {
+      worldId,
+      worldScoped: Boolean(worldId),
+      worldFound: false,
+      eligibility: null,
+      requesterMembershipStatus: null,
+      targetMembershipStatus: null,
+      validWorldContext: false,
+    };
+  }
+
+  const world = worldService?.getWorld?.(worldId) || null;
+  if (!world) {
+    return {
+      worldId,
+      worldScoped: true,
+      worldFound: false,
+      eligibility: null,
+      requesterMembershipStatus: null,
+      targetMembershipStatus: null,
+      validWorldContext: false,
+    };
+  }
+
+  const allowedStatuses = resolveAllowedMembershipStatuses(world);
+  const requesterMembership = store
+    .listMemberships({ worldId, agentId: request.fromAgentId })
+    .find((membership) => allowedStatuses.has(membership.status)) || null;
+  const targetMembership = store
+    .listMemberships({ worldId, agentId: request.toAgentId })
+    .find((membership) => allowedStatuses.has(membership.status)) || null;
+
+  return {
+    worldId,
+    worldScoped: true,
+    worldFound: true,
+    eligibility: normalizeWorldEligibility(world.eligibility, 'active'),
+    requesterMembershipStatus: requesterMembership?.status || null,
+    targetMembershipStatus: targetMembership?.status || null,
+    validWorldContext: Boolean(requesterMembership && targetMembership),
+  };
+}
+
+function resolveTrustedApprovalFacts({ request = {}, store = null } = {}) {
+  if (!store) {
+    return {
+      trusted: false,
+      trustSource: null,
+      friendshipId: null,
+      approvalGrantId: null,
+    };
+  }
+
+  const friendship = sortByRecency(
+    store.listFriendships({
+      agentId: request.toAgentId,
+      peerAgentId: request.fromAgentId,
+      status: 'active',
+    }),
+    'updatedAt',
+    'acceptedAt',
+    'createdAt',
+  )[0] || null;
+  const approvalGrant = sortByRecency(
+    store.listApprovalGrants({
+      ownerAgentId: request.toAgentId,
+      peerAgentId: request.fromAgentId,
+      status: 'active',
+    }),
+    'updatedAt',
+    'createdAt',
+  )[0] || null;
+
+  return {
+    trusted: Boolean(friendship || approvalGrant),
+    trustSource: friendship ? 'friendship' : approvalGrant ? 'approval_grant' : null,
+    friendshipId: friendship?.friendshipId || null,
+    approvalGrantId: approvalGrant?.grantId || null,
+  };
+}
+
+function resolvePresenceState(agentId, { presence = null, store = null } = {}) {
+  const normalizedAgentId = normalizeText(agentId, null);
+  if (!normalizedAgentId) {
+    return {
+      online: false,
+      connectedAt: null,
+      lastHeartbeatAt: null,
+    };
+  }
+  if (presence?.getPresence) return presence.getPresence(normalizedAgentId);
+  if (store?.getPresence) return store.getPresence(normalizedAgentId);
+  return {
+    online: false,
+    connectedAt: null,
+    lastHeartbeatAt: null,
+  };
+}
+
+function resolvePolicyFreshness(policyRecord = null, { store = null, presence = null } = {}) {
+  if (!policyRecord) return { status: 'missing', fresh: false, reason: 'policy_missing' };
+  if (policyRecord.schemaVersion !== CHAT_REQUEST_APPROVAL_POLICY_SCHEMA_VERSION) {
+    return { status: 'stale', fresh: false, reason: 'policy_schema_mismatch' };
+  }
+  if (!normalizeText(policyRecord.syncedAt, null)) {
+    return { status: 'stale', fresh: false, reason: 'policy_missing_sync_timestamp' };
+  }
+  const targetAgentId = normalizeText(policyRecord.agentId, null);
+  if (!resolvePresenceState(targetAgentId, { presence, store }).online) {
+    return { status: 'stale', fresh: false, reason: 'policy_runtime_offline' };
+  }
+  return { status: 'active', fresh: true, reason: 'policy_active' };
+}
+
+export function createStoredChatRequestApprovalPolicy({
+  agentId,
+  policy = {},
+  syncedAt = null,
+  source = null,
+  credentialId = null,
+} = {}) {
+  const normalizedSource = source && typeof source === 'object' && !Array.isArray(source)
+    ? {
+        channel: normalizeText(source.channel, null),
+        integration: normalizeText(source.integration, null),
+        accountId: normalizeText(source.accountId, null),
+      }
+    : {};
+
+  return {
+    agentId: normalizeText(agentId, null),
+    schemaVersion: CHAT_REQUEST_APPROVAL_POLICY_SCHEMA_VERSION,
+    policy: normalizeChatRequestApprovalPolicy(policy),
+    syncedAt: normalizeText(syncedAt, null),
+    credentialId: normalizeText(credentialId, null),
+    source: normalizedSource,
+  };
+}
+
+export function evaluateChatRequestApprovalPolicy({
+  policyRecord = null,
+  request = {},
+  store = null,
+  presence = null,
+  worldService = null,
+} = {}) {
+  const freshness = resolvePolicyFreshness(policyRecord, { store, presence });
+  const policy = normalizeChatRequestApprovalPolicy(policyRecord?.policy || {});
+  const originType = resolveChatRequestOriginType(request);
+  const world = resolveWorldApprovalFacts({ request, store, worldService });
+  const trust = resolveTrustedApprovalFacts({ request, store });
+
+  if (!freshness.fresh) {
+    return {
+      verdict: 'pending',
+      reason: freshness.reason,
+      freshness,
+      policy,
+      facts: {
+        originType,
+        world,
+        trust,
+      },
+    };
+  }
+
+  if (policy.blocks.originTypes.includes(originType)) {
+    return {
+      verdict: 'reject',
+      reason: 'blocked_origin_type',
+      freshness,
+      policy,
+      facts: {
+        originType,
+        world,
+        trust,
+      },
+    };
+  }
+
+  if (world.worldId && policy.blocks.worldIds.includes(world.worldId)) {
+    return {
+      verdict: 'reject',
+      reason: 'blocked_world',
+      freshness,
+      policy,
+      facts: {
+        originType,
+        world,
+        trust,
+      },
+    };
+  }
+
+  switch (policy.mode) {
+    case 'open':
+      return {
+        verdict: 'auto_accept',
+        reason: 'open_mode',
+        freshness,
+        policy,
+        facts: {
+          originType,
+          world,
+          trust,
+        },
+      };
+    case 'world_only':
+      return {
+        verdict: world.validWorldContext ? 'auto_accept' : 'pending',
+        reason: world.validWorldContext ? 'world_context_allowed' : 'world_context_required',
+        freshness,
+        policy,
+        facts: {
+          originType,
+          world,
+          trust,
+        },
+      };
+    case 'trusted_only':
+      return {
+        verdict: trust.trusted ? 'auto_accept' : 'pending',
+        reason: trust.trusted ? 'trusted_relationship_allowed' : 'trusted_relationship_required',
+        freshness,
+        policy,
+        facts: {
+          originType,
+          world,
+          trust,
+        },
+      };
+    case 'trusted_or_world':
+      return {
+        verdict: trust.trusted || world.validWorldContext ? 'auto_accept' : 'pending',
+        reason:
+          trust.trusted
+            ? 'trusted_relationship_allowed'
+            : world.validWorldContext
+              ? 'world_context_allowed'
+              : 'trusted_relationship_or_world_context_required',
+        freshness,
+        policy,
+        facts: {
+          originType,
+          world,
+          trust,
+        },
+      };
+    case 'manual_review':
+    default:
+      return {
+        verdict: 'pending',
+        reason: 'manual_review_mode',
+        freshness,
+        policy,
+        facts: {
+          originType,
+          world,
+          trust,
+        },
+      };
+  }
+}

package/src/product-shell/social/chat-request-routes.js

@@ -0,0 +1,108 @@
+import { resolveAuthenticatedAgentId } from '../../lib/http-auth.js';
+
+function sendChatRequestError(res, error) {
+  const status = Number.isInteger(error?.status) ? error.status : 500;
+  if (error?.responseBody && typeof error.responseBody === 'object') {
+    return res.status(status).json(error.responseBody);
+  }
+  const code = typeof error?.code === 'string' ? error.code : 'internal_error';
+  return res.status(status).json({ error: code, message: error?.message || code });
+}
+
+function sendMissingAgentIdentity(res) {
+  return res.status(401).json({
+    error: 'not_authenticated',
+    reason: 'agent_identity_required',
+  });
+}
+
+export function registerChatRequestRoutes(app, { chatRequestService, store }) {
+  app.put('/v1/chat-requests/approval-policy', async (req, res) => {
+    const authAgent = resolveAuthenticatedAgentId({
+      store,
+      req,
+      providedAgentId: req.body?.agentId,
+      fieldName: 'agentId',
+    });
+    if (!authAgent.ok) return res.status(authAgent.status).json(authAgent.body);
+    if (!authAgent.agentId) return sendMissingAgentIdentity(res);
+
+    try {
+      const result = await chatRequestService.syncApprovalPolicy({
+        actorAgentId: authAgent.agentId,
+        credentialId: authAgent.auth?.credential?.credentialId || null,
+        accountId: req.body?.accountId,
+        approval: req.body?.approval,
+      });
+      res.json(result);
+    } catch (error) {
+      sendChatRequestError(res, error);
+    }
+  });
+
+  app.post('/v1/chat-requests', async (req, res) => {
+    const authAgent = resolveAuthenticatedAgentId({
+      store,
+      req,
+      providedAgentId: req.body?.fromAgentId,
+      fieldName: 'fromAgentId',
+    });
+    if (!authAgent.ok) return res.status(authAgent.status).json(authAgent.body);
+    if (!authAgent.agentId) return sendMissingAgentIdentity(res);
+
+    try {
+      const result = await chatRequestService.createChatRequest({
+        fromAgentId: authAgent.agentId,
+        targetAgentId: req.body?.targetAgentId,
+        kickoffBrief: req.body?.kickoffBrief,
+        openingMessage: req.body?.openingMessage,
+        worldId: req.body?.worldId,
+        episodePolicy: req.body?.episodePolicy,
+      });
+      res.status(201).json(result);
+    } catch (error) {
+      sendChatRequestError(res, error);
+    }
+  });
+
+  app.get('/v1/chat-requests', (req, res) => {
+    const authAgent = resolveAuthenticatedAgentId({
+      store,
+      req,
+      providedAgentId: req.query.agentId,
+      fieldName: 'agentId',
+    });
+    if (!authAgent.ok) return res.status(authAgent.status).json(authAgent.body);
+    if (!authAgent.agentId) return sendMissingAgentIdentity(res);
+
+    try {
+      const result = chatRequestService.listChatRequests({
+        agentId: authAgent.agentId,
+        direction: req.query.direction,
+      });
+      res.json(result);
+    } catch (error) {
+      sendChatRequestError(res, error);
+    }
+  });
+
+  app.post('/v1/chat-requests/:chatRequestId/accept', async (req, res) => {
+    const authAgent = resolveAuthenticatedAgentId({
+      store,
+      req,
+      providedAgentId: req.body?.actorAgentId,
+      fieldName: 'actorAgentId',
+    });
+    if (!authAgent.ok) return res.status(authAgent.status).json(authAgent.body);
+    if (!authAgent.agentId) return sendMissingAgentIdentity(res);
+
+    try {
+      const result = await chatRequestService.acceptChatRequest(req.params.chatRequestId, {
+        actorAgentId: authAgent.agentId,
+      });
+      res.json(result);
+    } catch (error) {
+      sendChatRequestError(res, error);
+    }
+  });
+}