agent-relay-server 0.33.0 → 0.33.1

package/src/db/messages.ts

@@ -0,0 +1,434 @@
+import { Database } from "bun:sqlite";
+import { randomUUID } from "node:crypto";
+import { isRecord, stringValue, isMechanicalMessageKind } from "agent-relay-sdk";
+import { ORCHESTRATOR_PROTOCOL_VERSION, VERSION } from "../config.ts";
+import { parseJson } from "../utils";
+import { isLiveIsolatedWorkspace } from "../workspace-phase";
+import {
+  CONTRACT_REQUIREMENTS,
+  contractCompatibility,
+  parseRuntimeCapabilities,
+  parseRuntimeContracts,
+  parseRuntimePackage,
+  type RuntimeContracts,
+} from "../contracts";
+import { STALE_TTL_MS, DAY_MS, CLAIM_LEASE_MS, POOL_CLAIM_LEASE_MS, WORKSPACE_MERGE_LEASE_MS } from "../config";
+import { matchAgents } from "../agent-ref";
+import { getAgent, validateAgentSession } from "./agents.ts";
+import { cleanAttachmentRefs, linkAttachmentRefs, validateAttachmentRefs } from "./artifacts.ts";
+import { ClaimError, ValidationError, getDb } from "./connection.ts";
+import { enforceQueueLimit, isChannelAgentId, matchingDeliveryAgents } from "./delivery.ts";
+import { MSG_SELECT, normalizeReactionEmoji, rowToMessage } from "./mappers.ts";
+import { getTask, insertTaskEvent, releaseExpiredClaims } from "./tasks.ts";
+import type {
+  AgentCard,
+  ActivityEvent,
+  ActivityEventInput,
+  AgentKind,
+  AgentSessionGuard,
+  Artifact,
+  ArtifactBlob,
+  ArtifactKind,
+  ArtifactLink,
+  ArtifactSensitivity,
+  ArtifactVisibility,
+  AttachmentRef,
+  ChannelBinding,
+  ChannelBindingMode,
+  ChannelRouteTarget,
+  ChatHistoryImport,
+  ChatHistoryImportEntry,
+  ChannelSummary,
+  ChannelTargetHealth,
+  CreatePairInput,
+  HealthCheck,
+  HealthReport,
+  ManagedAgent,
+  ManagedSessionExitDiagnostics,
+  Message,
+  MessageDeliveryAttempt,
+  MessageDeliveryStatus,
+  Orchestrator,
+  OrchestratorHealth,
+  OrchestratorRuntimeInput,
+  OrchestratorStatus,
+  OrchestratorUpgradeState,
+  PairActionInput,
+  PairMessageInput,
+  PairSession,
+  PairStatus,
+  RegisterAgentInput,
+  ReplyObligation,
+  RegisterOrchestratorInput,
+  SendMessageInput,
+  PollQuery,
+  SpawnApprovalMode,
+  SpawnProvider,
+  Task,
+  TaskEvent,
+  TaskSeverity,
+  TaskStatus,
+  IntegrationEventInput,
+  IntegrationSummary,
+  IntegrationTaskStats,
+  InboxDraft,
+  InboxState,
+  InboxThreadState,
+  ContextSnapshot,
+  ContextState,
+  ProviderCapabilities,
+  TaskStatusInput,
+  WorkspaceMetadata,
+  WorkspaceRecord,
+  WorkspaceStatus,
+} from "../types";
+
+export function findMessageByIdempotencyKey(from: string, key: string): Message | null {
+  const row = getDb()
+    .query(`${MSG_SELECT} WHERE m.from_agent = ? AND m.idempotency_key = ? LIMIT 1`)
+    .get(from, key) as any;
+  return row ? rowToMessage(row) : null;
+}
+
+export function policyNameFromTarget(target: string): string | null {
+  if (!target.startsWith("policy:")) return null;
+  const name = target.slice("policy:".length).trim();
+  return name || null;
+}
+
+export function spawnPolicyExists(policyName: string): boolean {
+  const row = getDb().query("SELECT 1 FROM config WHERE namespace = 'spawn-policy' AND key = ?").get(policyName);
+  return Boolean(row);
+}
+
+export function runningAgentForPolicy(policyName: string): string | null {
+  const row = getDb().query(`
+    SELECT agent_id
+    FROM managed_agent_state
+    WHERE policy_name = ? AND status = 'running' AND agent_id IS NOT NULL
+  `).get(policyName) as { agent_id?: string } | undefined;
+  if (!row?.agent_id) return null;
+  const agent = getAgent(row.agent_id);
+  if (!agent || agent.status === "offline") return null;
+  return row.agent_id;
+}
+
+
+export function claimableAllowedForTarget(target: string): boolean {
+  return matchingDeliveryAgents(target).length > 1;
+}
+
+export function shouldStoreClaimable(input: SendMessageInput): boolean {
+  if (!input.claimable) return false;
+  if (input.kind === "task" || input.kind === "system") return true;
+  if (input.kind === "channel.event") return true;
+  return claimableAllowedForTarget(input.to);
+}
+
+export function inferMessageKind(input: SendMessageInput): Message["kind"] {
+  if (input.kind) return input.kind;
+  if (input.claimable) return "task";
+  if (isChannelAgentId(input.from) || isChannelAgentId(input.to)) return "channel.event";
+  return "chat";
+}
+
+export const REPLY_DUPLICATE_WINDOW_MS = 2 * 60 * 1000;
+
+export function findRecentDuplicateReply(input: SendMessageInput, threadId: number | null, now: number, hasAttachments: boolean): Message | null {
+  if (!input.replyTo || threadId === null || hasAttachments) return null;
+  const row = getDb().query(`
+    ${MSG_SELECT}
+    WHERE m.from_agent = ?
+      AND m.to_target = ?
+      AND m.thread_id = ?
+      AND m.body = ?
+      AND coalesce(m.subject, '') = coalesce(?, '')
+      AND coalesce(m.channel, '') = coalesce(?, '')
+      AND m.created_at >= ?
+    ORDER BY m.created_at DESC
+    LIMIT 1
+  `).get(
+    input.from,
+    input.to,
+    threadId,
+    input.body,
+    input.subject ?? null,
+    input.channel ?? null,
+    now - REPLY_DUPLICATE_WINDOW_MS,
+  ) as any;
+  return row ? rowToMessage(row) : null;
+}
+
+// Event time may be queued-then-backfilled, so it can legitimately be older than the
+// receive time — but it must be a sane epoch-ms value. Returns null (column stays NULL, so
+// readers fall back to created_at) for absent/invalid values or anything more than a minute
+// in the future (clock-skew guard). Only a real backfilled time is stored.
+export function sanitizeOccurredAt(occurredAt: number | undefined, receivedAt: number): number | null {
+  if (typeof occurredAt !== "number" || !Number.isFinite(occurredAt)) return null;
+  if (occurredAt <= 0 || occurredAt > receivedAt + 60_000) return null;
+  return Math.floor(occurredAt);
+}
+
+export function sendMessageWithResult(input: SendMessageInput): { message: Message; created: boolean } {
+  const now = Date.now();
+  const payload = input.payload ?? {};
+  const attachmentRefs = cleanAttachmentRefs(payload);
+
+  if (!getAgent(input.from)) {
+    throw new ValidationError(`sender agent ${input.from} not registered`);
+  }
+  validateAttachmentRefs(attachmentRefs);
+
+  if (input.idempotencyKey) {
+    const existing = findMessageByIdempotencyKey(input.from, input.idempotencyKey);
+    if (existing) return { message: existing, created: false };
+  }
+
+  // Resolve thread: if replying, inherit from parent; reject unknown replyTo
+  // rather than silently orphaning the message (leaves thread_id NULL).
+  let threadId: number | null = null;
+  if (input.replyTo !== undefined && input.replyTo !== null) {
+    const parent = getMessage(input.replyTo);
+    if (!parent) throw new ValidationError(`replyTo message ${input.replyTo} not found`);
+    threadId = parent.threadId ?? parent.id;
+  }
+  const duplicateReply = findRecentDuplicateReply(input, threadId, now, attachmentRefs.length > 0);
+  if (duplicateReply) return { message: duplicateReply, created: false };
+
+  const insert = getDb().query(`
+    INSERT INTO messages (
+      from_agent, to_target, kind, channel, subject, body, thread_id, reply_to, reply_expected, claimable,
+      idempotency_key, delivery_status, queued_at, max_age_seconds, resolved_to_agent,
+      payload, meta, created_at, occurred_at
+    )
+    VALUES (
+      $from, $to, $kind, $channel, $subject, $body, $threadId, $replyTo, $replyExpected, $claimable,
+      $idempotencyKey, $deliveryStatus, $queuedAt, $maxAgeSeconds, $resolvedToAgent,
+      $payload, $meta, $now, $occurredAt
+    )
+  `);
+  const setSelfThread = getDb().query("UPDATE messages SET thread_id = ? WHERE id = ?");
+  const claimable = shouldStoreClaimable(input);
+  const kind = inferMessageKind(input);
+  const policyName = policyNameFromTarget(input.to);
+  let deliveryStatus: Message["deliveryStatus"] = "pending";
+  let queuedAt: number | null = null;
+  let maxAgeSeconds = input.maxAgeSeconds ?? null;
+  let resolvedToAgent: string | null = null;
+
+  if (policyName) {
+    if (!spawnPolicyExists(policyName)) throw new ValidationError(`spawn policy ${policyName} not found`);
+    resolvedToAgent = runningAgentForPolicy(policyName);
+    if (!resolvedToAgent) {
+      deliveryStatus = "queued";
+      queuedAt = now;
+      maxAgeSeconds = maxAgeSeconds ?? 86_400;
+    }
+  }
+
+  const id = getDb().transaction(() => {
+    const result = insert.run({
+      $from: input.from,
+      $to: input.to,
+      $kind: kind,
+      $channel: input.channel ?? null,
+      $subject: input.subject ?? null,
+      $body: input.body,
+      $threadId: threadId,
+      $replyTo: input.replyTo ?? null,
+      // Server-owned reply obligation (#283): true by default; only an explicit false marks
+      // a notification. Stored 0/1 so the footer renderer + reply tracker key off one column.
+      $replyExpected: input.replyExpected === false ? 0 : 1,
+      $claimable: claimable ? 1 : 0,
+      $idempotencyKey: input.idempotencyKey ?? null,
+      $deliveryStatus: deliveryStatus,
+      $queuedAt: queuedAt,
+      $maxAgeSeconds: maxAgeSeconds,
+      $resolvedToAgent: resolvedToAgent,
+      $payload: JSON.stringify(payload),
+      $meta: JSON.stringify(input.meta ?? {}),
+      $now: now,
+      // Sanitize: only accept a plausible epoch-ms event time, else fall back to receive time.
+      $occurredAt: sanitizeOccurredAt(input.occurredAt, now),
+    });
+    const newId = Number(result.lastInsertRowid);
+    if (threadId === null) setSelfThread.run(newId, newId);
+    linkAttachmentRefs("message", newId, attachmentRefs, input.from);
+    if (policyName && deliveryStatus === "queued") enforceQueueLimit(`policy:${policyName}`);
+    return newId;
+  })();
+
+  return { message: getMessage(id)!, created: true };
+}
+
+export function sendMessage(input: SendMessageInput): Message {
+  return sendMessageWithResult(input).message;
+}
+
+export function getThread(messageId: number): Message[] {
+  const msg = getMessage(messageId);
+  if (!msg) return [];
+  const threadId = msg.threadId ?? msg.id;
+  return (
+    getDb()
+      .query(`${MSG_SELECT} WHERE m.thread_id = ? ORDER BY m.created_at ASC`)
+      .all(threadId) as any[]
+  ).map(rowToMessage);
+}
+
+export function setMessageReaction(input: {
+  messageId: number;
+  actorId: string;
+  emoji: string;
+  action?: "add" | "remove";
+}): { ok: true; message: Message } | { ok: false; error: string } {
+  if (!getMessage(input.messageId)) return { ok: false, error: "message not found" };
+  const actorId = input.actorId.trim();
+  const emoji = normalizeReactionEmoji(input.emoji);
+  if (!actorId) return { ok: false, error: "actorId required" };
+  if (!emoji) return { ok: false, error: "emoji required" };
+
+  const now = Date.now();
+  if (input.action === "remove") {
+    getDb().query("DELETE FROM message_reactions WHERE message_id = ? AND actor_id = ? AND emoji = ?")
+      .run(input.messageId, actorId, emoji);
+  } else {
+    getDb().query(`
+      INSERT INTO message_reactions (message_id, actor_id, emoji, created_at, updated_at)
+      VALUES (?, ?, ?, ?, ?)
+      ON CONFLICT(message_id, actor_id, emoji) DO UPDATE SET updated_at = excluded.updated_at
+    `).run(input.messageId, actorId, emoji, now, now);
+  }
+
+  return { ok: true, message: getMessage(input.messageId)! };
+}
+
+export function findMessageByTelegramSource(input: {
+  accountId?: string;
+  chatId: string;
+  messageId: string;
+}): Message | null {
+  const rows = getDb().query(`
+    ${MSG_SELECT}
+    WHERE json_extract(m.payload, '$.source.telegram.chatId') = ?
+      AND json_extract(m.payload, '$.source.telegram.messageId') = ?
+      AND (? IS NULL OR json_extract(m.payload, '$.channel.accountId') = ?)
+    ORDER BY m.id DESC
+    LIMIT 1
+  `).all(input.chatId, input.messageId, input.accountId ?? null, input.accountId ?? null) as any[];
+  const row = rows[0];
+  return row ? rowToMessage(row) : null;
+}
+
+export function claimMessageRow(messageId: number, agentId: string, now: number): { ok: false; error: string } | { ok: true } {
+  const expiresAt = now + CLAIM_LEASE_MS;
+  // Idempotent: a same-agent re-claim refreshes the lease (preserving the original claimed_at).
+  // Without this, a delivery failure that locally drops the claim strands the message until the
+  // lease expires (#261) — the holder's retry would otherwise 409 against its own claim.
+  const result = getDb().query(
+    "UPDATE messages SET claimed_by = ?, claimed_at = COALESCE(claimed_at, ?), claim_expires_at = ? WHERE id = ? AND (claimed_by IS NULL OR claimed_by = ?)"
+  ).run(agentId, now, expiresAt, messageId, agentId);
+
+  // Atomic: if changes === 0, someone else claimed it between our read and write
+  if (result.changes === 0) return { ok: false, error: "claim race — already claimed" };
+  return { ok: true };
+}
+
+export function claimMessage(messageId: number, agentId: string, guard?: AgentSessionGuard): { ok: boolean; error?: string; task?: Task } {
+  releaseExpiredClaims();
+  const session = validateAgentSession(agentId, guard);
+  if (!session.ok) return { ok: false, error: session.error };
+  const agent = getAgent(agentId);
+  if (!agent) return { ok: false, error: "claiming agent not found" };
+  if (agent.status === "offline") return { ok: false, error: "claiming agent is offline" };
+
+  const msg = getMessage(messageId);
+  if (!msg) return { ok: false, error: "message not found" };
+  if (!msg.claimable) return { ok: false, error: "message is not claimable" };
+  // A same-agent re-claim is allowed (idempotent lease refresh, see claimMessageRow); only a
+  // claim held by a *different* agent blocks (#261).
+  if (msg.claimedBy && msg.claimedBy !== agentId) return { ok: false, error: `already claimed by ${msg.claimedBy}` };
+
+  try {
+    return getDb().transaction(() => {
+      const now = Date.now();
+      const expiresAt = now + CLAIM_LEASE_MS;
+      const messageClaim = claimMessageRow(messageId, agentId, now);
+      if (!messageClaim.ok) return messageClaim;
+
+      const taskId = typeof msg.payload?.taskId === "number" && Number.isSafeInteger(msg.payload.taskId)
+        ? msg.payload.taskId
+        : null;
+      if (!taskId) return { ok: true };
+
+      const task = getTask(taskId);
+      if (!task) return { ok: true };
+
+      // Same-agent re-claim: this agent already holds the linked task. Refresh the lease in place
+      // rather than re-transitioning (which would throw, since the task is no longer open/blocked).
+      if (task.claimedBy === agentId && ["claimed", "in_progress"].includes(task.status)) {
+        getDb().query("UPDATE tasks SET claim_expires_at = ?, updated_at = ? WHERE id = ? AND claimed_by = ?")
+          .run(expiresAt, now, taskId, agentId);
+        return { ok: true, task: getTask(taskId)! };
+      }
+
+      if (!["open", "blocked"].includes(task.status)) {
+        throw new ClaimError(`linked task is ${task.status}`);
+      }
+
+      const taskClaim = getDb().query(`
+        UPDATE tasks SET status = 'claimed', claimed_by = ?, claimed_at = ?, claim_expires_at = ?, updated_at = ?
+        WHERE id = ? AND message_id = ? AND status IN ('open', 'blocked')
+      `).run(agentId, now, expiresAt, now, taskId, messageId);
+      if (taskClaim.changes === 0) throw new ClaimError("linked task claim race — already claimed");
+
+      insertTaskEvent(taskId, {
+        source: "agent-relay",
+        type: "claimed",
+        severity: task.severity,
+        title: `Task claimed by ${agentId}`,
+        body: `Task claimed by ${agentId}`,
+        metadata: { agentId, messageId },
+      }, now);
+
+      return { ok: true, task: getTask(taskId)! };
+    })();
+  } catch (e) {
+    if (e instanceof ClaimError) return { ok: false, error: e.message };
+    throw e;
+  }
+}
+
+export function renewMessageClaim(messageId: number, agentId: string, guard?: AgentSessionGuard): { ok: boolean; error?: string; task?: Task } {
+  releaseExpiredClaims();
+  const session = validateAgentSession(agentId, guard);
+  if (!session.ok) return { ok: false, error: session.error };
+  const agent = getAgent(agentId);
+  if (!agent) return { ok: false, error: "claiming agent not found" };
+  if (agent.status === "offline") return { ok: false, error: "claiming agent is offline" };
+  const msg = getMessage(messageId);
+  if (!msg) return { ok: false, error: "message not found" };
+  if (!msg.claimable) return { ok: false, error: "message is not claimable" };
+  if (msg.claimedBy !== agentId) return { ok: false, error: msg.claimedBy ? `claimed by ${msg.claimedBy}` : "message is not claimed" };
+
+  const now = Date.now();
+  const expiresAt = now + CLAIM_LEASE_MS;
+  let task: Task | undefined;
+  getDb().transaction(() => {
+    getDb().query("UPDATE messages SET claim_expires_at = ? WHERE id = ? AND claimed_by = ?").run(expiresAt, messageId, agentId);
+    const taskId = typeof msg.payload?.taskId === "number" && Number.isSafeInteger(msg.payload.taskId)
+      ? msg.payload.taskId
+      : null;
+    if (taskId) {
+      getDb().query("UPDATE tasks SET claim_expires_at = ?, updated_at = ? WHERE id = ? AND claimed_by = ?").run(expiresAt, now, taskId, agentId);
+      task = getTask(taskId) ?? undefined;
+    }
+  })();
+  return { ok: true, task };
+}
+
+export function getMessage(id: number): Message | null {
+  const row = getDb().query(`${MSG_SELECT} WHERE m.id = ?`).get(id) as any;
+  return row ? rowToMessage(row) : null;
+}
+