availsync 0.1.0

package/tests/integration/flows.test.ts

@@ -0,0 +1,154 @@
+import { afterAll, beforeAll, beforeEach, describe, expect, test } from '@jest/globals';
+import { addDays } from 'date-fns';
+import { api, closeDatabase, createOrgAndAgent, createAgent, createWindow, migrateTestDatabase, resetDatabase } from './helpers';
+import pool from '../../src/db/client';
+
+describe('Flow C: Multi-agent conflict resolution', () => {
+  let orgId: string;
+  let salesBotId: string;
+  let salesBotKey: string;
+  let opsBotId: string;
+  let opsBotKey: string;
+
+  const tomorrow = addDays(new Date(), 1);
+  const startAt = new Date(tomorrow);
+  startAt.setUTCHours(9, 0, 0, 0);
+  const endAt = new Date(tomorrow);
+  endAt.setUTCHours(17, 0, 0, 0);
+  const holdStart = new Date(tomorrow);
+  holdStart.setUTCHours(10, 0, 0, 0);
+  const holdEnd = new Date(tomorrow);
+  holdEnd.setUTCHours(10, 30, 0, 0);
+
+  beforeAll(async () => {
+    await migrateTestDatabase();
+  });
+
+  beforeEach(async () => {
+    await resetDatabase();
+
+    // Create org with sales_bot (external_meeting) and ops_bot (internal)
+    const setup = await createOrgAndAgent('sales_bot', 'external_meeting', 10);
+    orgId = setup.orgId;
+    salesBotId = setup.agentId;
+    salesBotKey = setup.apiKey;
+
+    const opsSetup = await createAgent(orgId, 'ops_bot', 'internal', 5);
+    opsBotId = opsSetup.agentId;
+    opsBotKey = opsSetup.apiKey;
+
+    // Both agents have availability covering the same time
+    await createWindow(salesBotId, salesBotKey, startAt.toISOString(), endAt.toISOString());
+    await createWindow(opsBotId, opsBotKey, startAt.toISOString(), endAt.toISOString());
+  });
+
+  afterAll(async () => {
+    await resetDatabase();
+    await closeDatabase();
+  });
+
+  test('external_meeting agent wins over internal agent for same slot', async () => {
+    // Step 1: sales_bot books 10:00–10:30
+    const salesHold = await api
+      .post('/v1/holds')
+      .set('Authorization', `Bearer ${salesBotKey}`)
+      .send({
+        agent_id: salesBotId,
+        start_at: holdStart.toISOString(),
+        end_at: holdEnd.toISOString(),
+        reason: 'Client meeting',
+      })
+      .expect(201);
+
+    expect(salesHold.body.hold.status).toBe('confirmed');
+
+    // Step 2: ops_bot attempts to book same 10:00–10:30
+    const opsHold = await api
+      .post('/v1/holds')
+      .set('Authorization', `Bearer ${opsBotKey}`)
+      .send({
+        agent_id: opsBotId,
+        start_at: holdStart.toISOString(),
+        end_at: holdEnd.toISOString(),
+        reason: 'Team standup',
+      })
+      .expect(409);
+
+    expect(opsHold.body.error).toBe('slot_taken');
+    expect(opsHold.body.winning_hold_id).toBe(salesHold.body.hold.id);
+    expect(opsHold.body.suggested_alternatives).toBeDefined();
+    expect(opsHold.body.suggested_alternatives.length).toBeGreaterThan(0);
+
+    // Step 3: Verify no double-booking exists
+    const confirmedHolds = await pool.query(
+      `SELECT * FROM holds WHERE org_id = $1 AND status = 'confirmed'
+       AND start_at < $3 AND end_at > $2`,
+      [orgId, holdStart, holdEnd],
+    );
+    expect(confirmedHolds.rows.length).toBe(1);
+    expect(confirmedHolds.rows[0].agent_id).toBe(salesBotId);
+
+    // Step 4: Verify audit log
+    const events = await pool.query(
+      `SELECT event_type, agent_id FROM hold_events WHERE org_id = $1 ORDER BY created_at ASC`,
+      [orgId],
+    );
+    const eventTypes = events.rows.map((r: { event_type: string }) => r.event_type);
+    expect(eventTypes).toContain('created');
+  });
+
+  test('higher-priority agent supersedes lower-priority agent for same slot', async () => {
+    // Step 1: ops_bot (internal, lower priority) books first
+    const opsHold = await api
+      .post('/v1/holds')
+      .set('Authorization', `Bearer ${opsBotKey}`)
+      .send({
+        agent_id: opsBotId,
+        start_at: holdStart.toISOString(),
+        end_at: holdEnd.toISOString(),
+        reason: 'Team standup',
+      })
+      .expect(201);
+
+    expect(opsHold.body.hold.status).toBe('confirmed');
+
+    // Step 2: sales_bot (external_meeting, higher priority) books same slot and wins
+    const salesHold = await api
+      .post('/v1/holds')
+      .set('Authorization', `Bearer ${salesBotKey}`)
+      .send({
+        agent_id: salesBotId,
+        start_at: holdStart.toISOString(),
+        end_at: holdEnd.toISOString(),
+        reason: 'Client meeting',
+      })
+      .expect(201);
+
+    expect(salesHold.body.hold.status).toBe('confirmed');
+    expect(salesHold.body.conflict_resolved).toBe(true);
+    expect(salesHold.body.superseded_hold_id).toBe(opsHold.body.hold.id);
+
+    // Step 3: Verify ops_bot hold is superseded
+    const superseded = await pool.query('SELECT status FROM holds WHERE id = $1', [
+      opsHold.body.hold.id,
+    ]);
+    expect(superseded.rows[0].status).toBe('superseded');
+
+    // Step 4: Only one confirmed hold for the slot
+    const confirmedHolds = await pool.query(
+      `SELECT * FROM holds WHERE org_id = $1 AND status = 'confirmed'
+       AND start_at < $3 AND end_at > $2`,
+      [orgId, holdStart, holdEnd],
+    );
+    expect(confirmedHolds.rows.length).toBe(1);
+    expect(confirmedHolds.rows[0].agent_id).toBe(salesBotId);
+
+    // Step 5: Audit log shows superseded event
+    const events = await pool.query(
+      `SELECT event_type FROM hold_events WHERE org_id = $1 ORDER BY created_at ASC`,
+      [orgId],
+    );
+    const eventTypes = events.rows.map((r: { event_type: string }) => r.event_type);
+    expect(eventTypes).toContain('superseded');
+  });
+});

package/tests/integration/helpers.ts

@@ -0,0 +1,134 @@
+import request from 'supertest';
+import app from '../../src/index';
+import pool from '../../src/db/client';
+import { runMigrations } from '../../src/db/migrations';
+
+export const api = request(app);
+const workspaceCookiesByOrg = new Map<string, string>();
+let databaseReady = false;
+
+function formatTestDbError(err: unknown) {
+  const nestedErrors = (err as { errors?: unknown[] } | null)?.errors;
+  if (Array.isArray(nestedErrors)) {
+    const messages = nestedErrors
+      .map((nested) => (nested instanceof Error ? nested.message : String(nested)))
+      .filter(Boolean);
+    return messages.length > 0 ? messages.join('; ') : 'AggregateError';
+  }
+
+  if (err instanceof Error) {
+    return err.message || err.name;
+  }
+
+  return String(err);
+}
+
+export async function migrateTestDatabase(): Promise<void> {
+  databaseReady = false;
+  try {
+    await pool.query('SELECT 1');
+    await runMigrations(pool);
+    databaseReady = true;
+  } catch (err) {
+    const message = formatTestDbError(err);
+    throw new Error(
+      `Unable to connect to the integration test database. Set TEST_DATABASE_URL to a reachable PostgreSQL database. Original error: ${message}`,
+    );
+  }
+}
+
+export async function resetDatabase(): Promise<void> {
+  if (!databaseReady) {
+    return;
+  }
+
+  workspaceCookiesByOrg.clear();
+  try {
+    await pool.query('DELETE FROM workspace_sessions');
+    await pool.query('DELETE FROM workspace_users');
+    await pool.query('DELETE FROM agent_activity_events');
+    await pool.query('DELETE FROM work_claim_events');
+    await pool.query('DELETE FROM work_claims');
+    await pool.query('DELETE FROM work_resources');
+    await pool.query('DELETE FROM hold_events');
+    await pool.query('DELETE FROM holds');
+    await pool.query('DELETE FROM availability_windows');
+    await pool.query('DELETE FROM agent_preferences');
+    await pool.query('DELETE FROM agents');
+    await pool.query('DELETE FROM orgs');
+  } catch (err) {
+    const message = formatTestDbError(err);
+    throw new Error(
+      `Unable to reset the integration test database. Check TEST_DATABASE_URL and database permissions. Original error: ${message}`,
+    );
+  }
+}
+
+export async function closeDatabase(): Promise<void> {
+  await pool.end();
+}
+
+export async function createOrgAndAgent(
+  name = 'Test Bot',
+  agent_type: 'external_meeting' | 'internal' | 'focus' | 'generic' = 'external_meeting',
+  priority = 0,
+): Promise<{ orgId: string; agentId: string; apiKey: string }> {
+  const response = await api
+    .post('/v1/auth/signup')
+    .send({
+      workspace_name: `Org ${Date.now()} ${Math.random()}`,
+      email: `test-${Date.now()}-${Math.random()}@example.com`,
+      password: 'password123',
+      agent: { name, agent_type, priority },
+    })
+    .expect(201);
+  const orgId = response.body.org.id;
+  workspaceCookiesByOrg.set(orgId, response.headers['set-cookie']);
+
+  return {
+    orgId,
+    agentId: response.body.agent.id,
+    apiKey: response.body.api_key,
+  };
+}
+
+export function getWorkspaceCookie(orgId: string): string {
+  return workspaceCookiesByOrg.get(orgId) || '';
+}
+
+export async function createAgent(
+  orgId: string,
+  name: string,
+  agent_type: 'external_meeting' | 'internal' | 'focus' | 'generic',
+  priority = 0,
+): Promise<{ agentId: string; apiKey: string }> {
+  const cookies = workspaceCookiesByOrg.get(orgId);
+  const response = await api
+    .post(`/v1/orgs/${orgId}/agents`)
+    .set('Cookie', cookies || '')
+    .send({ name, agent_type, priority })
+    .expect(201);
+
+  return {
+    agentId: response.body.agent.id,
+    apiKey: response.body.api_key,
+  };
+}
+
+export async function createWindow(
+  agentId: string,
+  apiKey: string,
+  startAt: string,
+  endAt: string,
+): Promise<void> {
+  await api
+    .post('/v1/availability-windows')
+    .set('Authorization', `Bearer ${apiKey}`)
+    .send({
+      agent_id: agentId,
+      start_at: startAt,
+      end_at: endAt,
+      window_type: 'available',
+    })
+    .expect(201);
+}

package/tests/integration/holds.route.test.ts

@@ -0,0 +1,185 @@
+import { afterAll, beforeAll, describe, expect, test } from '@jest/globals';
+import {
+  api,
+  closeDatabase,
+  createAgent,
+  createOrgAndAgent,
+  createWindow,
+  getWorkspaceCookie,
+  migrateTestDatabase,
+  resetDatabase,
+} from './helpers';
+import pool from '../../src/db/client';
+
+describe('holds routes', () => {
+  let orgId: string;
+  let externalAgentId: string;
+  let externalApiKey: string;
+  let internalAgentId: string;
+  let internalApiKey: string;
+
+  beforeAll(async () => {
+    await migrateTestDatabase();
+    await resetDatabase();
+    const external = await createOrgAndAgent('External', 'external_meeting');
+    orgId = external.orgId;
+    externalAgentId = external.agentId;
+    externalApiKey = external.apiKey;
+    const internal = await createAgent(orgId, 'Internal', 'internal');
+    internalAgentId = internal.agentId;
+    internalApiKey = internal.apiKey;
+    await createWindow(externalAgentId, externalApiKey, '2030-01-02T09:00:00Z', '2030-01-02T17:00:00Z');
+    await createWindow(internalAgentId, internalApiKey, '2030-01-02T09:00:00Z', '2030-01-02T17:00:00Z');
+  });
+
+  afterAll(async () => {
+    await resetDatabase();
+    await closeDatabase();
+  });
+
+  test('POST /v1/holds books successfully and returns 201', async () => {
+    const response = await api
+      .post('/v1/holds')
+      .set('Authorization', `Bearer ${externalApiKey}`)
+      .send({
+        agent_id: externalAgentId,
+        start_at: '2030-01-02T09:00:00Z',
+        end_at: '2030-01-02T09:30:00Z',
+        reason: 'Intro call',
+      })
+      .expect(201);
+
+    expect(response.body.hold.status).toBe('confirmed');
+    const event = await pool.query(
+      'SELECT actor_type, actor_id, actor_label FROM hold_events WHERE hold_id = $1 AND event_type = $2',
+      [response.body.hold.id, 'created'],
+    );
+    expect(event.rows[0]).toMatchObject({
+      actor_type: 'agent',
+      actor_id: externalAgentId,
+      actor_label: 'External',
+    });
+  });
+
+  test('workspace-created hold events include workspace actor metadata', async () => {
+    const response = await api
+      .post('/v1/holds')
+      .set('Cookie', getWorkspaceCookie(orgId))
+      .send({
+        agent_id: externalAgentId,
+        start_at: '2030-01-02T09:30:00Z',
+        end_at: '2030-01-02T10:00:00Z',
+        reason: 'Dashboard hold',
+      })
+      .expect(201);
+
+    const event = await pool.query(
+      'SELECT actor_type, actor_id, actor_label FROM hold_events WHERE hold_id = $1 AND event_type = $2',
+      [response.body.hold.id, 'created'],
+    );
+    expect(event.rows[0]).toMatchObject({
+      actor_type: 'workspace',
+      actor_label: expect.stringContaining('@'),
+    });
+    expect(event.rows[0].actor_id).toEqual(expect.any(String));
+  });
+
+  test('agent key cannot create holds for another agent', async () => {
+    await api
+      .post('/v1/holds')
+      .set('Authorization', `Bearer ${externalApiKey}`)
+      .send({
+        agent_id: internalAgentId,
+        start_at: '2030-01-02T09:30:00Z',
+        end_at: '2030-01-02T10:00:00Z',
+      })
+      .expect(403);
+  });
+
+  test('lower-priority overlapping hold is superseded by higher-priority agent', async () => {
+    await api
+      .post('/v1/holds')
+      .set('Authorization', `Bearer ${internalApiKey}`)
+      .send({
+        agent_id: internalAgentId,
+        start_at: '2030-01-02T10:00:00Z',
+        end_at: '2030-01-02T10:30:00Z',
+      })
+      .expect(201);
+
+    const response = await api
+      .post('/v1/holds')
+      .set('Authorization', `Bearer ${externalApiKey}`)
+      .send({
+        agent_id: externalAgentId,
+        start_at: '2030-01-02T10:00:00Z',
+        end_at: '2030-01-02T10:30:00Z',
+      })
+      .expect(201);
+
+    expect(response.body.conflict_resolved).toBe(true);
+    expect(response.body.superseded_hold_id).toBeTruthy();
+  });
+
+  test('higher-priority overlapping hold returns 409 with alternatives', async () => {
+    await api
+      .post('/v1/holds')
+      .set('Authorization', `Bearer ${externalApiKey}`)
+      .send({
+        agent_id: externalAgentId,
+        start_at: '2030-01-02T11:00:00Z',
+        end_at: '2030-01-02T11:30:00Z',
+      })
+      .expect(201);
+
+    const response = await api
+      .post('/v1/holds')
+      .set('Authorization', `Bearer ${internalApiKey}`)
+      .send({
+        agent_id: internalAgentId,
+        start_at: '2030-01-02T11:00:00Z',
+        end_at: '2030-01-02T11:30:00Z',
+      })
+      .expect(409);
+
+    expect(response.body.error).toBe('slot_taken');
+    expect(response.body.suggested_alternatives).toHaveLength(3);
+  });
+
+  test('DELETE /v1/holds/:id releases a hold', async () => {
+    const created = await api
+      .post('/v1/holds')
+      .set('Authorization', `Bearer ${externalApiKey}`)
+      .send({
+        agent_id: externalAgentId,
+        start_at: '2030-01-02T12:00:00Z',
+        end_at: '2030-01-02T12:30:00Z',
+      })
+      .expect(201);
+
+    const response = await api
+      .delete(`/v1/holds/${created.body.hold.id}`)
+      .set('Authorization', `Bearer ${externalApiKey}`)
+      .expect(200);
+
+    expect(response.body.hold.status).toBe('released');
+  });
+
+  test('concurrent booking allows exactly one successful hold for the same slot', async () => {
+    const attempts = Array.from({ length: 10 }, () =>
+      api
+        .post('/v1/holds')
+        .set('Authorization', `Bearer ${internalApiKey}`)
+        .send({
+          agent_id: internalAgentId,
+          start_at: '2030-01-02T13:00:00Z',
+          end_at: '2030-01-02T13:30:00Z',
+        }),
+    );
+
+    const responses = await Promise.all(attempts);
+    const successes = responses.filter((response) => response.status === 201);
+
+    expect(successes).toHaveLength(1);
+  });
+});

package/tests/integration/metrics.route.test.ts

@@ -0,0 +1,100 @@
+import { afterAll, beforeAll, describe, expect, test } from '@jest/globals';
+import {
+  api,
+  closeDatabase,
+  createAgent,
+  createOrgAndAgent,
+  createWindow,
+  getWorkspaceCookie,
+  migrateTestDatabase,
+  resetDatabase,
+} from './helpers';
+
+describe('metrics routes', () => {
+  let orgId: string;
+  let externalAgentId: string;
+  let externalApiKey: string;
+  let internalAgentId: string;
+  let internalApiKey: string;
+
+  beforeAll(async () => {
+    await migrateTestDatabase();
+    await resetDatabase();
+    const external = await createOrgAndAgent('Metrics External', 'external_meeting');
+    orgId = external.orgId;
+    externalAgentId = external.agentId;
+    externalApiKey = external.apiKey;
+    const internal = await createAgent(orgId, 'Metrics Internal', 'internal');
+    internalAgentId = internal.agentId;
+    internalApiKey = internal.apiKey;
+    await createWindow(externalAgentId, externalApiKey, '2030-03-01T09:00:00Z', '2030-03-01T17:00:00Z');
+    await createWindow(internalAgentId, internalApiKey, '2030-03-01T09:00:00Z', '2030-03-01T17:00:00Z');
+  });
+
+  afterAll(async () => {
+    await resetDatabase();
+    await closeDatabase();
+  });
+
+  test('returns product metrics for the workspace', async () => {
+    const released = await api
+      .post('/v1/holds')
+      .set('Authorization', `Bearer ${externalApiKey}`)
+      .send({
+        agent_id: externalAgentId,
+        start_at: '2030-03-01T09:00:00Z',
+        end_at: '2030-03-01T09:30:00Z',
+      })
+      .expect(201);
+
+    await api
+      .delete(`/v1/holds/${released.body.hold.id}`)
+      .set('Authorization', `Bearer ${externalApiKey}`)
+      .expect(200);
+
+    await api
+      .post('/v1/holds')
+      .set('Authorization', `Bearer ${internalApiKey}`)
+      .send({
+        agent_id: internalAgentId,
+        start_at: '2030-03-01T10:00:00Z',
+        end_at: '2030-03-01T10:30:00Z',
+      })
+      .expect(201);
+
+    await api
+      .post('/v1/holds')
+      .set('Authorization', `Bearer ${externalApiKey}`)
+      .send({
+        agent_id: externalAgentId,
+        start_at: '2030-03-01T10:00:00Z',
+        end_at: '2030-03-01T10:30:00Z',
+      })
+      .expect(201);
+
+    await api
+      .post('/v1/holds')
+      .set('Authorization', `Bearer ${internalApiKey}`)
+      .send({
+        agent_id: internalAgentId,
+        start_at: '2030-03-01T10:00:00Z',
+        end_at: '2030-03-01T10:30:00Z',
+      })
+      .expect(409);
+
+    const response = await api
+      .get('/v1/metrics/overview')
+      .set('Cookie', getWorkspaceCookie(orgId))
+      .expect(200);
+
+    expect(response.body).toMatchObject({
+      active_agents: 2,
+      mcp_online: 0,
+      confirmed_holds: 1,
+      conflicts_resolved: 1,
+      conflicts_blocked: 1,
+      released_holds: 1,
+    });
+    expect(response.body.latest_event_at).toEqual(expect.any(String));
+  });
+});