autoforge-ai 0.1.0

package/server/routers/assistant_chat.py

@@ -0,0 +1,327 @@
+"""
+Assistant Chat Router
+=====================
+
+WebSocket and REST endpoints for the read-only project assistant.
+"""
+
+import json
+import logging
+from typing import Optional
+
+from fastapi import APIRouter, HTTPException, WebSocket, WebSocketDisconnect
+from pydantic import BaseModel
+
+from ..services.assistant_chat_session import (
+    AssistantChatSession,
+    create_session,
+    get_session,
+    list_sessions,
+    remove_session,
+)
+from ..services.assistant_database import (
+    create_conversation,
+    delete_conversation,
+    get_conversation,
+    get_conversations,
+)
+from ..utils.project_helpers import get_project_path as _get_project_path
+from ..utils.validation import is_valid_project_name as validate_project_name
+
+logger = logging.getLogger(__name__)
+
+router = APIRouter(prefix="/api/assistant", tags=["assistant-chat"])
+
+
+# ============================================================================
+# Pydantic Models
+# ============================================================================
+
+class ConversationSummary(BaseModel):
+    """Summary of a conversation."""
+    id: int
+    project_name: str
+    title: Optional[str]
+    created_at: Optional[str]
+    updated_at: Optional[str]
+    message_count: int
+
+
+class ConversationMessageModel(BaseModel):
+    """A message within a conversation."""
+    id: int
+    role: str
+    content: str
+    timestamp: Optional[str]
+
+
+class ConversationDetail(BaseModel):
+    """Full conversation with messages."""
+    id: int
+    project_name: str
+    title: Optional[str]
+    created_at: Optional[str]
+    updated_at: Optional[str]
+    messages: list[ConversationMessageModel]
+
+
+class SessionInfo(BaseModel):
+    """Active session information."""
+    project_name: str
+    conversation_id: Optional[int]
+    is_active: bool
+
+
+# ============================================================================
+# REST Endpoints - Conversation Management
+# ============================================================================
+
+@router.get("/conversations/{project_name}", response_model=list[ConversationSummary])
+async def list_project_conversations(project_name: str):
+    """List all conversations for a project."""
+    if not validate_project_name(project_name):
+        raise HTTPException(status_code=400, detail="Invalid project name")
+
+    project_dir = _get_project_path(project_name)
+    if not project_dir or not project_dir.exists():
+        raise HTTPException(status_code=404, detail="Project not found")
+
+    conversations = get_conversations(project_dir, project_name)
+    return [ConversationSummary(**c) for c in conversations]
+
+
+@router.get("/conversations/{project_name}/{conversation_id}", response_model=ConversationDetail)
+async def get_project_conversation(project_name: str, conversation_id: int):
+    """Get a specific conversation with all messages."""
+    if not validate_project_name(project_name):
+        raise HTTPException(status_code=400, detail="Invalid project name")
+
+    project_dir = _get_project_path(project_name)
+    if not project_dir or not project_dir.exists():
+        raise HTTPException(status_code=404, detail="Project not found")
+
+    conversation = get_conversation(project_dir, conversation_id)
+    if not conversation:
+        raise HTTPException(status_code=404, detail="Conversation not found")
+
+    return ConversationDetail(
+        id=conversation["id"],
+        project_name=conversation["project_name"],
+        title=conversation["title"],
+        created_at=conversation["created_at"],
+        updated_at=conversation["updated_at"],
+        messages=[ConversationMessageModel(**m) for m in conversation["messages"]],
+    )
+
+
+@router.post("/conversations/{project_name}", response_model=ConversationSummary)
+async def create_project_conversation(project_name: str):
+    """Create a new conversation for a project."""
+    if not validate_project_name(project_name):
+        raise HTTPException(status_code=400, detail="Invalid project name")
+
+    project_dir = _get_project_path(project_name)
+    if not project_dir or not project_dir.exists():
+        raise HTTPException(status_code=404, detail="Project not found")
+
+    conversation = create_conversation(project_dir, project_name)
+    return ConversationSummary(
+        id=int(conversation.id),
+        project_name=str(conversation.project_name),
+        title=str(conversation.title) if conversation.title else None,
+        created_at=conversation.created_at.isoformat() if conversation.created_at else None,
+        updated_at=conversation.updated_at.isoformat() if conversation.updated_at else None,
+        message_count=0,
+    )
+
+
+@router.delete("/conversations/{project_name}/{conversation_id}")
+async def delete_project_conversation(project_name: str, conversation_id: int):
+    """Delete a conversation."""
+    if not validate_project_name(project_name):
+        raise HTTPException(status_code=400, detail="Invalid project name")
+
+    project_dir = _get_project_path(project_name)
+    if not project_dir or not project_dir.exists():
+        raise HTTPException(status_code=404, detail="Project not found")
+
+    success = delete_conversation(project_dir, conversation_id)
+    if not success:
+        raise HTTPException(status_code=404, detail="Conversation not found")
+
+    return {"success": True, "message": "Conversation deleted"}
+
+
+# ============================================================================
+# REST Endpoints - Session Management
+# ============================================================================
+
+@router.get("/sessions", response_model=list[str])
+async def list_active_sessions():
+    """List all active assistant sessions."""
+    return list_sessions()
+
+
+@router.get("/sessions/{project_name}", response_model=SessionInfo)
+async def get_session_info(project_name: str):
+    """Get information about an active session."""
+    if not validate_project_name(project_name):
+        raise HTTPException(status_code=400, detail="Invalid project name")
+
+    session = get_session(project_name)
+    if not session:
+        raise HTTPException(status_code=404, detail="No active session for this project")
+
+    return SessionInfo(
+        project_name=project_name,
+        conversation_id=session.get_conversation_id(),
+        is_active=True,
+    )
+
+
+@router.delete("/sessions/{project_name}")
+async def close_session(project_name: str):
+    """Close an active session."""
+    if not validate_project_name(project_name):
+        raise HTTPException(status_code=400, detail="Invalid project name")
+
+    session = get_session(project_name)
+    if not session:
+        raise HTTPException(status_code=404, detail="No active session for this project")
+
+    await remove_session(project_name)
+    return {"success": True, "message": "Session closed"}
+
+
+# ============================================================================
+# WebSocket Endpoint
+# ============================================================================
+
+@router.websocket("/ws/{project_name}")
+async def assistant_chat_websocket(websocket: WebSocket, project_name: str):
+    """
+    WebSocket endpoint for assistant chat.
+
+    Message protocol:
+
+    Client -> Server:
+    - {"type": "start", "conversation_id": int | null} - Start/resume session
+    - {"type": "message", "content": "..."} - Send user message
+    - {"type": "ping"} - Keep-alive ping
+
+    Server -> Client:
+    - {"type": "conversation_created", "conversation_id": int} - New conversation created
+    - {"type": "text", "content": "..."} - Text chunk from Claude
+    - {"type": "tool_call", "tool": "...", "input": {...}} - Tool being called
+    - {"type": "response_done"} - Response complete
+    - {"type": "error", "content": "..."} - Error message
+    - {"type": "pong"} - Keep-alive pong
+    """
+    if not validate_project_name(project_name):
+        await websocket.close(code=4000, reason="Invalid project name")
+        return
+
+    project_dir = _get_project_path(project_name)
+    if not project_dir:
+        await websocket.close(code=4004, reason="Project not found in registry")
+        return
+
+    if not project_dir.exists():
+        await websocket.close(code=4004, reason="Project directory not found")
+        return
+
+    await websocket.accept()
+    logger.info(f"Assistant WebSocket connected for project: {project_name}")
+
+    session: Optional[AssistantChatSession] = None
+
+    try:
+        while True:
+            try:
+                data = await websocket.receive_text()
+                message = json.loads(data)
+                msg_type = message.get("type")
+                logger.debug(f"Assistant received message type: {msg_type}")
+
+                if msg_type == "ping":
+                    await websocket.send_json({"type": "pong"})
+                    continue
+
+                elif msg_type == "start":
+                    # Get optional conversation_id to resume
+                    conversation_id = message.get("conversation_id")
+                    logger.debug(f"Processing start message with conversation_id={conversation_id}")
+
+                    try:
+                        # Create a new session
+                        logger.debug(f"Creating session for {project_name}")
+                        session = await create_session(
+                            project_name,
+                            project_dir,
+                            conversation_id=conversation_id,
+                        )
+                        logger.debug("Session created, starting...")
+
+                        # Stream the initial greeting
+                        async for chunk in session.start():
+                            if logger.isEnabledFor(logging.DEBUG):
+                                logger.debug(f"Sending chunk: {chunk.get('type')}")
+                            await websocket.send_json(chunk)
+                        logger.debug("Session start complete")
+                    except Exception as e:
+                        logger.exception(f"Error starting assistant session for {project_name}")
+                        await websocket.send_json({
+                            "type": "error",
+                            "content": f"Failed to start session: {str(e)}"
+                        })
+
+                elif msg_type == "message":
+                    if not session:
+                        session = get_session(project_name)
+                        if not session:
+                            await websocket.send_json({
+                                "type": "error",
+                                "content": "No active session. Send 'start' first."
+                            })
+                            continue
+
+                    user_content = message.get("content", "").strip()
+                    if not user_content:
+                        await websocket.send_json({
+                            "type": "error",
+                            "content": "Empty message"
+                        })
+                        continue
+
+                    # Stream Claude's response
+                    async for chunk in session.send_message(user_content):
+                        await websocket.send_json(chunk)
+
+                else:
+                    await websocket.send_json({
+                        "type": "error",
+                        "content": f"Unknown message type: {msg_type}"
+                    })
+
+            except json.JSONDecodeError:
+                await websocket.send_json({
+                    "type": "error",
+                    "content": "Invalid JSON"
+                })
+
+    except WebSocketDisconnect:
+        logger.info(f"Assistant chat WebSocket disconnected for {project_name}")
+
+    except Exception as e:
+        logger.exception(f"Assistant chat WebSocket error for {project_name}")
+        try:
+            await websocket.send_json({
+                "type": "error",
+                "content": f"Server error: {str(e)}"
+            })
+        except Exception:
+            pass
+
+    finally:
+        # Don't remove session on disconnect - allow resume
+        pass

package/server/routers/devserver.py

@@ -0,0 +1,309 @@
+"""
+Dev Server Router
+=================
+
+API endpoints for dev server control (start/stop) and configuration.
+Uses project registry for path lookups and project_config for command detection.
+"""
+
+import logging
+import sys
+from pathlib import Path
+
+from fastapi import APIRouter, HTTPException
+
+from ..schemas import (
+    DevServerActionResponse,
+    DevServerConfigResponse,
+    DevServerConfigUpdate,
+    DevServerStartRequest,
+    DevServerStatus,
+)
+from ..services.dev_server_manager import get_devserver_manager
+from ..services.project_config import (
+    clear_dev_command,
+    get_dev_command,
+    get_project_config,
+    set_dev_command,
+)
+from ..utils.project_helpers import get_project_path as _get_project_path
+from ..utils.validation import validate_project_name
+
+# Add root to path for security module import
+_root = Path(__file__).parent.parent.parent
+if str(_root) not in sys.path:
+    sys.path.insert(0, str(_root))
+
+from security import extract_commands, get_effective_commands, is_command_allowed
+
+logger = logging.getLogger(__name__)
+
+
+router = APIRouter(prefix="/api/projects/{project_name}/devserver", tags=["devserver"])
+
+
+def get_project_dir(project_name: str) -> Path:
+    """
+    Get the validated project directory for a project name.
+
+    Args:
+        project_name: Name of the project
+
+    Returns:
+        Path to the project directory
+
+    Raises:
+        HTTPException: If project is not found or directory does not exist
+    """
+    project_name = validate_project_name(project_name)
+    project_dir = _get_project_path(project_name)
+
+    if not project_dir:
+        raise HTTPException(
+            status_code=404,
+            detail=f"Project '{project_name}' not found in registry"
+        )
+
+    if not project_dir.exists():
+        raise HTTPException(
+            status_code=404,
+            detail=f"Project directory not found: {project_dir}"
+        )
+
+    return project_dir
+
+
+def get_project_devserver_manager(project_name: str):
+    """
+    Get the dev server process manager for a project.
+
+    Args:
+        project_name: Name of the project
+
+    Returns:
+        DevServerProcessManager instance for the project
+
+    Raises:
+        HTTPException: If project is not found or directory does not exist
+    """
+    project_dir = get_project_dir(project_name)
+    return get_devserver_manager(project_name, project_dir)
+
+
+def validate_dev_command(command: str, project_dir: Path) -> None:
+    """
+    Validate a dev server command against the security allowlist.
+
+    Extracts all commands from the shell string and checks each against
+    the effective allowlist (global + org + project). Raises HTTPException
+    if any command is blocked or not allowed.
+
+    Args:
+        command: The shell command string to validate
+        project_dir: Project directory for loading project-level allowlists
+
+    Raises:
+        HTTPException 400: If the command fails validation
+    """
+    commands = extract_commands(command)
+    if not commands:
+        raise HTTPException(
+            status_code=400,
+            detail="Could not parse command for security validation"
+        )
+
+    allowed_commands, blocked_commands = get_effective_commands(project_dir)
+
+    for cmd in commands:
+        if cmd in blocked_commands:
+            logger.warning("Blocked dev server command '%s' (in blocklist) for project dir %s", cmd, project_dir)
+            raise HTTPException(
+                status_code=400,
+                detail=f"Command '{cmd}' is blocked and cannot be used as a dev server command"
+            )
+        if not is_command_allowed(cmd, allowed_commands):
+            logger.warning("Rejected dev server command '%s' (not in allowlist) for project dir %s", cmd, project_dir)
+            raise HTTPException(
+                status_code=400,
+                detail=f"Command '{cmd}' is not in the allowed commands list"
+            )
+
+
+# ============================================================================
+# Endpoints
+# ============================================================================
+
+
+@router.get("/status", response_model=DevServerStatus)
+async def get_devserver_status(project_name: str) -> DevServerStatus:
+    """
+    Get the current status of the dev server for a project.
+
+    Returns information about whether the dev server is running,
+    its process ID, detected URL, and the command used to start it.
+    """
+    manager = get_project_devserver_manager(project_name)
+
+    # Run healthcheck to detect crashed processes
+    await manager.healthcheck()
+
+    return DevServerStatus(
+        status=manager.status,
+        pid=manager.pid,
+        url=manager.detected_url,
+        command=manager._command,
+        started_at=manager.started_at.isoformat() if manager.started_at else None,
+    )
+
+
+@router.post("/start", response_model=DevServerActionResponse)
+async def start_devserver(
+    project_name: str,
+    request: DevServerStartRequest = DevServerStartRequest(),
+) -> DevServerActionResponse:
+    """
+    Start the dev server for a project.
+
+    If a custom command is provided in the request, it will be used.
+    Otherwise, the effective command from the project configuration is used.
+
+    Args:
+        project_name: Name of the project
+        request: Optional start request with custom command
+
+    Returns:
+        Response indicating success/failure and current status
+    """
+    manager = get_project_devserver_manager(project_name)
+    project_dir = get_project_dir(project_name)
+
+    # Determine which command to use
+    command: str | None
+    if request.command:
+        command = request.command
+    else:
+        command = get_dev_command(project_dir)
+
+    if not command:
+        raise HTTPException(
+            status_code=400,
+            detail="No dev command available. Configure a custom command or ensure project type can be detected."
+        )
+
+    # Validate command against security allowlist before execution
+    validate_dev_command(command, project_dir)
+
+    # Now command is definitely str and validated
+    success, message = await manager.start(command)
+
+    return DevServerActionResponse(
+        success=success,
+        status=manager.status,
+        message=message,
+    )
+
+
+@router.post("/stop", response_model=DevServerActionResponse)
+async def stop_devserver(project_name: str) -> DevServerActionResponse:
+    """
+    Stop the dev server for a project.
+
+    Gracefully terminates the dev server process and all its child processes.
+
+    Args:
+        project_name: Name of the project
+
+    Returns:
+        Response indicating success/failure and current status
+    """
+    manager = get_project_devserver_manager(project_name)
+
+    success, message = await manager.stop()
+
+    return DevServerActionResponse(
+        success=success,
+        status=manager.status,
+        message=message,
+    )
+
+
+@router.get("/config", response_model=DevServerConfigResponse)
+async def get_devserver_config(project_name: str) -> DevServerConfigResponse:
+    """
+    Get the dev server configuration for a project.
+
+    Returns information about:
+    - detected_type: The auto-detected project type (nodejs-vite, python-django, etc.)
+    - detected_command: The default command for the detected type
+    - custom_command: Any user-configured custom command
+    - effective_command: The command that will actually be used (custom or detected)
+
+    Args:
+        project_name: Name of the project
+
+    Returns:
+        Configuration details for the project's dev server
+    """
+    project_dir = get_project_dir(project_name)
+    config = get_project_config(project_dir)
+
+    return DevServerConfigResponse(
+        detected_type=config["detected_type"],
+        detected_command=config["detected_command"],
+        custom_command=config["custom_command"],
+        effective_command=config["effective_command"],
+    )
+
+
+@router.patch("/config", response_model=DevServerConfigResponse)
+async def update_devserver_config(
+    project_name: str,
+    update: DevServerConfigUpdate,
+) -> DevServerConfigResponse:
+    """
+    Update the dev server configuration for a project.
+
+    Set custom_command to a string to override the auto-detected command.
+    Set custom_command to null/None to clear the custom command and revert
+    to using the auto-detected command.
+
+    Args:
+        project_name: Name of the project
+        update: Configuration update containing the new custom_command
+
+    Returns:
+        Updated configuration details for the project's dev server
+    """
+    project_dir = get_project_dir(project_name)
+
+    # Update the custom command
+    if update.custom_command is None:
+        # Clear the custom command
+        try:
+            clear_dev_command(project_dir)
+        except ValueError as e:
+            raise HTTPException(status_code=400, detail=str(e))
+    else:
+        # Validate command against security allowlist before persisting
+        validate_dev_command(update.custom_command, project_dir)
+
+        # Set the custom command
+        try:
+            set_dev_command(project_dir, update.custom_command)
+        except ValueError as e:
+            raise HTTPException(status_code=400, detail=str(e))
+        except OSError as e:
+            raise HTTPException(
+                status_code=500,
+                detail=f"Failed to save configuration: {e}"
+            )
+
+    # Return updated config
+    config = get_project_config(project_dir)
+
+    return DevServerConfigResponse(
+        detected_type=config["detected_type"],
+        detected_command=config["detected_command"],
+        custom_command=config["custom_command"],
+        effective_command=config["effective_command"],
+    )