cc-im 1.0.0

package/dist/feishu/message-sender.js

@@ -0,0 +1,201 @@
+import { getClient } from './client.js';
+import { buildCardV2, buildPermissionCard, buildPermissionResultCard, splitLongContent, truncateForStreaming, } from './card-builder.js';
+import { createCard, enableStreaming, sendCardMessage, replyCardMessage, streamContent as cardkitStreamContent, updateCardFull, markCompleted, disableStreaming, destroySession, } from './cardkit-manager.js';
+import { createLogger } from '../logger.js';
+const log = createLogger('MessageSender');
+/**
+ * 获取话题描述（即话题根消息的内容）
+ */
+export async function fetchThreadDescription(rootMessageId) {
+    const client = getClient();
+    try {
+        const res = await client.im.v1.message.get({
+            path: { message_id: rootMessageId },
+        });
+        if (res.code !== 0) {
+            log.warn(`Failed to fetch root message ${rootMessageId}: code=${res.code}, msg=${res.msg}`);
+            return undefined;
+        }
+        const message = res.data?.items?.[0] ?? res.data;
+        if (!message)
+            return undefined;
+        const msg = message;
+        const msgType = msg.msg_type;
+        const body = msg.body;
+        const content = (body?.content ?? msg.content);
+        if (!content)
+            return undefined;
+        if (msgType === 'text') {
+            const parsed = JSON.parse(content);
+            return parsed.text || undefined;
+        }
+        if (msgType === 'post') {
+            const parsed = JSON.parse(content);
+            // 接收到的 post 结构（无 locale 包装）: { "title": "...", "content": [[{tag, text}, ...]] }
+            const title = parsed.title;
+            const paragraphs = parsed.content;
+            const bodyText = paragraphs
+                ?.map((line) => line.filter(el => el.text).map(el => el.text).join(''))
+                .join('\n')
+                .trim();
+            return title || bodyText || undefined;
+        }
+        return `[${msgType}]`;
+    }
+    catch (err) {
+        log.error(`Error fetching root message ${rootMessageId}:`, err);
+        return undefined;
+    }
+}
+export async function sendThinkingCard(chatId, threadCtx) {
+    // 1. 创建 CardKit 卡片（初始无停止按钮）
+    const initialCard = buildCardV2({ content: '正在启动...', status: 'processing', note: '请稍候' });
+    const cardId = await createCard(initialCard);
+    let messageId;
+    if (threadCtx) {
+        // 话题模式：用 reply API 发送到话题
+        const [, result] = await Promise.all([
+            enableStreaming(cardId),
+            replyCardMessage(threadCtx.rootMessageId, cardId),
+        ]);
+        messageId = result.messageId;
+    }
+    else {
+        // 非话题模式：保持现有逻辑
+        const [, mid] = await Promise.all([
+            enableStreaming(cardId),
+            sendCardMessage(chatId, cardId),
+        ]);
+        messageId = mid;
+    }
+    // 3. 全量更新补充停止按钮（现在有 cardId 了）
+    const cardWithButton = buildCardV2({ content: '等待 Claude 响应...', status: 'processing', note: '请稍候' }, cardId);
+    await updateCardFull(cardId, cardWithButton);
+    log.debug(`Processing card created: cardId=${cardId}, messageId=${messageId}`);
+    return { messageId, cardId };
+}
+export async function streamContentUpdate(cardId, content, note) {
+    const truncated = truncateForStreaming(content) || '...';
+    const updates = [cardkitStreamContent(cardId, 'main_content', truncated)];
+    if (note)
+        updates.push(cardkitStreamContent(cardId, 'note_area', note));
+    await Promise.all(updates);
+}
+export async function sendFinalCards(chatId, messageId, cardId, fullContent, note, threadCtx, thinking) {
+    const parts = splitLongContent(fullContent);
+    // 标记卡片为已完成，阻止 streamContent 重试重新启用 streaming
+    markCompleted(cardId);
+    // 显式关闭流式模式（card.update 不会自动关闭 card.settings 开启的 streaming_mode）
+    await disableStreaming(cardId);
+    // 更新原卡片为完成状态
+    const finalCard = buildCardV2({ content: parts[0], status: 'done', note, thinking });
+    await updateCardFull(cardId, finalCard);
+    // 溢出部分用新消息发送
+    const client = getClient();
+    for (let i = 1; i < parts.length; i++) {
+        const overflowCard = buildCardV2({
+            content: parts[i],
+            status: 'done',
+            note: `(续 ${i + 1}/${parts.length}) ${note}`,
+        });
+        if (threadCtx) {
+            await client.im.v1.message.reply({
+                path: { message_id: threadCtx.rootMessageId },
+                data: {
+                    content: overflowCard,
+                    msg_type: 'interactive',
+                    reply_in_thread: true,
+                },
+            });
+        }
+        else {
+            await client.im.v1.message.create({
+                params: { receive_id_type: 'chat_id' },
+                data: {
+                    receive_id: chatId,
+                    content: overflowCard,
+                    msg_type: 'interactive',
+                },
+            });
+        }
+    }
+    destroySession(cardId);
+}
+export async function sendErrorCard(cardId, error) {
+    markCompleted(cardId);
+    await disableStreaming(cardId);
+    try {
+        const errorCard = buildCardV2({ content: `错误：${error}`, status: 'error', note: '执行失败' });
+        await updateCardFull(cardId, errorCard);
+    }
+    catch (err) {
+        log.error('Failed to send error card:', err);
+    }
+    destroySession(cardId);
+}
+export async function sendTextReply(chatId, text, threadCtx) {
+    const client = getClient();
+    try {
+        if (threadCtx) {
+            await client.im.v1.message.reply({
+                path: { message_id: threadCtx.rootMessageId },
+                data: {
+                    content: JSON.stringify({ text }),
+                    msg_type: 'text',
+                    reply_in_thread: true,
+                },
+            });
+        }
+        else {
+            await client.im.v1.message.create({
+                params: { receive_id_type: 'chat_id' },
+                data: {
+                    receive_id: chatId,
+                    content: JSON.stringify({ text }),
+                    msg_type: 'text',
+                },
+            });
+        }
+    }
+    catch (err) {
+        log.error('Failed to send text reply:', err);
+    }
+}
+export async function sendPermissionCard(chatId, requestId, toolName, toolInput, threadCtx) {
+    const client = getClient();
+    const content = buildPermissionCard(requestId, toolName, toolInput);
+    if (threadCtx) {
+        const res = await client.im.v1.message.reply({
+            path: { message_id: threadCtx.rootMessageId },
+            data: {
+                content,
+                msg_type: 'interactive',
+                reply_in_thread: true,
+            },
+        });
+        return res.data?.message_id ?? '';
+    }
+    const res = await client.im.v1.message.create({
+        params: { receive_id_type: 'chat_id' },
+        data: {
+            receive_id: chatId,
+            content,
+            msg_type: 'interactive',
+        },
+    });
+    return res.data?.message_id ?? '';
+}
+export async function updatePermissionCard(messageId, toolName, decision) {
+    const client = getClient();
+    try {
+        await client.im.v1.message.patch({
+            path: { message_id: messageId },
+            data: {
+                content: buildPermissionResultCard(toolName, decision),
+            },
+        });
+    }
+    catch (err) {
+        log.error('Failed to update permission card:', err);
+    }
+}

package/dist/hook/hook-script.js

@@ -0,0 +1,124 @@
+#!/usr/bin/env node
+/**
+ * Claude Code PreToolUse hook script.
+ *
+ * This script is invoked by Claude Code before each tool execution.
+ * It sends a permission request to the cc-im permission server,
+ * which notifies the user via the messaging platform and waits for their decision.
+ *
+ * Environment variables:
+ *   CC_BOT_CHAT_ID   - Chat ID to send the permission card to
+ *   CC_BOT_HOOK_PORT - Port of the local permission server (default: 18900)
+ *
+ * stdin: JSON { session_id, tool_name, tool_input }
+ * stdout: JSON { permissionDecision: "allow" | "deny" }
+ *
+ * Exit codes:
+ *   0 - Success (decision written to stdout)
+ *   1 - General error (input parsing failed, etc.)
+ *   2 - Permission server unreachable (deny decision written to stdout)
+ */
+import { request } from 'node:http';
+import { READ_ONLY_TOOLS, HOOK_EXIT_CODES } from '../constants.js';
+function readStdin() {
+    return new Promise((resolve) => {
+        let data = '';
+        process.stdin.setEncoding('utf-8');
+        process.stdin.on('data', (chunk) => { data += chunk; });
+        process.stdin.on('end', () => resolve(data));
+        // If stdin is empty/closed immediately
+        setTimeout(() => resolve(data), 100);
+    });
+}
+function httpPost(port, path, body) {
+    return new Promise((resolve, reject) => {
+        const payload = JSON.stringify(body);
+        const req = request({
+            hostname: '127.0.0.1',
+            port,
+            path,
+            method: 'POST',
+            headers: {
+                'Content-Type': 'application/json',
+                'Content-Length': Buffer.byteLength(payload),
+            },
+            timeout: 6 * 60 * 1000, // 6 minutes (server has 5 min timeout)
+        }, (res) => {
+            let data = '';
+            res.on('data', (chunk) => { data += chunk; });
+            res.on('end', () => {
+                try {
+                    resolve({ status: res.statusCode ?? 500, data: JSON.parse(data) });
+                }
+                catch {
+                    resolve({ status: res.statusCode ?? 500, data });
+                }
+            });
+        });
+        req.on('error', reject);
+        req.on('timeout', () => {
+            req.destroy();
+            reject(new Error('Request timeout'));
+        });
+        req.write(payload);
+        req.end();
+    });
+}
+async function main() {
+    const chatId = process.env.CC_BOT_CHAT_ID;
+    const port = parseInt(process.env.CC_BOT_HOOK_PORT ?? '18900', 10);
+    // No chat ID configured - allow by default and exit
+    if (!chatId) {
+        // Output allow decision to maintain consistency with hook protocol
+        process.stdout.write(JSON.stringify({ permissionDecision: 'allow' }));
+        process.exit(HOOK_EXIT_CODES.SUCCESS);
+    }
+    let input;
+    try {
+        const raw = await readStdin();
+        input = raw.trim() ? JSON.parse(raw) : {};
+    }
+    catch (err) {
+        // Cannot parse input - allow by default to avoid blocking legitimate operations
+        process.stderr.write(`Warning: Failed to parse hook input, allowing by default: ${err}\n`);
+        process.stdout.write(JSON.stringify({ permissionDecision: 'allow' }));
+        process.exit(HOOK_EXIT_CODES.SUCCESS);
+    }
+    const toolName = input.tool_name ?? 'unknown';
+    const toolInput = input.tool_input ?? {};
+    // Skip permission check for read-only tools - allow immediately
+    if (READ_ONLY_TOOLS.includes(toolName)) {
+        process.stdout.write(JSON.stringify({ permissionDecision: 'allow' }));
+        process.exit(HOOK_EXIT_CODES.SUCCESS);
+    }
+    const threadRootMsgId = process.env.CC_BOT_THREAD_ROOT_MSG_ID;
+    const threadId = process.env.CC_BOT_THREAD_ID;
+    const platform = process.env.CC_BOT_PLATFORM;
+    try {
+        const result = await httpPost(port, '/permission-request', {
+            chatId,
+            toolName,
+            toolInput,
+            threadRootMsgId,
+            threadId,
+            platform,
+        });
+        const data = result.data;
+        const decision = data?.decision ?? 'deny';
+        // Output the decision as JSON to stdout
+        const output = JSON.stringify({ permissionDecision: decision === 'allow' ? 'allow' : 'deny' });
+        process.stdout.write(output);
+        process.exit(HOOK_EXIT_CODES.SUCCESS);
+    }
+    catch (err) {
+        // Permission server is not reachable - deny by default for security
+        // Output deny decision to stdout so Claude Code can proceed (rather than hanging)
+        const errorMessage = err instanceof Error ? err.message : String(err);
+        process.stderr.write(`Error: Permission server unreachable (port ${port}): ${errorMessage}\n`);
+        process.stderr.write('Denying operation by default for security. Please check if cc-im is running.\n');
+        // Write deny decision to stdout
+        process.stdout.write(JSON.stringify({ permissionDecision: 'deny' }));
+        process.exit(HOOK_EXIT_CODES.PERMISSION_SERVER_ERROR);
+    }
+}
+main();

package/dist/hook/permission-server.js

@@ -0,0 +1,206 @@
+import { createServer } from 'node:http';
+import { createLogger } from '../logger.js';
+import { PERMISSION_REQUEST_TIMEOUT_MS, MAX_BODY_SIZE } from '../constants.js';
+const log = createLogger('PermissionServer');
+const senders = new Map();
+export function registerPermissionSender(platform, s) {
+    senders.set(platform, s);
+}
+const pendingRequests = new Map();
+// 反向索引：chatId → Set<requestId>，O(1) 查询
+const chatIdIndex = new Map();
+function addToIndex(chatId, id) {
+    let set = chatIdIndex.get(chatId);
+    if (!set) {
+        set = new Set();
+        chatIdIndex.set(chatId, set);
+    }
+    set.add(id);
+}
+function removeFromIndex(chatId, id) {
+    const set = chatIdIndex.get(chatId);
+    if (set) {
+        set.delete(id);
+        if (set.size === 0)
+            chatIdIndex.delete(chatId);
+    }
+}
+// Resolve the latest pending request for a given chatId
+export function resolveLatestPermission(chatId, decision) {
+    const ids = chatIdIndex.get(chatId);
+    if (!ids || ids.size === 0)
+        return null;
+    let oldest = null;
+    for (const id of ids) {
+        const req = pendingRequests.get(id);
+        if (req && (!oldest || req.createdAt < oldest.createdAt)) {
+            oldest = req;
+        }
+    }
+    if (!oldest)
+        return null;
+    oldest.resolve(decision);
+    const platformSender = senders.get(oldest.platform);
+    platformSender?.updatePermissionCard(oldest.chatId, oldest.messageId, oldest.toolName, decision).catch(() => { });
+    pendingRequests.delete(oldest.id);
+    removeFromIndex(chatId, oldest.id);
+    return oldest.id;
+}
+export function getPendingCount(chatId) {
+    return chatIdIndex.get(chatId)?.size ?? 0;
+}
+export function listPending(chatId) {
+    const ids = chatIdIndex.get(chatId);
+    if (!ids)
+        return [];
+    const result = [];
+    for (const id of ids) {
+        const req = pendingRequests.get(id);
+        if (req)
+            result.push(req);
+    }
+    return result.sort((a, b) => a.createdAt - b.createdAt);
+}
+function readBody(req) {
+    return new Promise((resolve, reject) => {
+        let body = '';
+        let size = 0;
+        req.on('data', (chunk) => {
+            size += chunk.length;
+            if (size > MAX_BODY_SIZE) {
+                req.destroy();
+                reject(new Error(`Request body too large (>${MAX_BODY_SIZE} bytes)`));
+                return;
+            }
+            body += chunk.toString();
+        });
+        req.on('end', () => resolve(body));
+        req.on('error', reject);
+    });
+}
+function sendJson(res, status, data) {
+    res.writeHead(status, { 'Content-Type': 'application/json' });
+    res.end(JSON.stringify(data));
+}
+async function handleRequest(req, res) {
+    const url = new URL(req.url ?? '/', `http://localhost`);
+    if (req.method === 'POST' && url.pathname === '/permission-request') {
+        try {
+            const body = JSON.parse(await readBody(req));
+            // 运行时类型验证
+            if (typeof body !== 'object' || body === null) {
+                sendJson(res, 400, { error: 'Request body must be a JSON object' });
+                return;
+            }
+            const { chatId, toolName, toolInput, threadRootMsgId, threadId, platform } = body;
+            if (typeof chatId !== 'string' || !chatId) {
+                sendJson(res, 400, { error: 'chatId must be a non-empty string' });
+                return;
+            }
+            if (typeof toolName !== 'string' || !toolName) {
+                sendJson(res, 400, { error: 'toolName must be a non-empty string' });
+                return;
+            }
+            if (toolInput !== undefined && (typeof toolInput !== 'object' || toolInput === null)) {
+                sendJson(res, 400, { error: 'toolInput must be an object if provided' });
+                return;
+            }
+            if (platform !== undefined && typeof platform !== 'string') {
+                sendJson(res, 400, { error: 'platform must be a string if provided' });
+                return;
+            }
+            if (threadRootMsgId !== undefined && typeof threadRootMsgId !== 'string') {
+                sendJson(res, 400, { error: 'threadRootMsgId must be a string if provided' });
+                return;
+            }
+            if (threadId !== undefined && typeof threadId !== 'string') {
+                sendJson(res, 400, { error: 'threadId must be a string if provided' });
+                return;
+            }
+            // 构造话题上下文（两个字段都存在才构造，避免空字符串导致 reply API 调用失败）
+            const threadCtx = (threadRootMsgId && threadId)
+                ? { rootMessageId: threadRootMsgId, threadId }
+                : undefined;
+            const resolvedPlatform = platform ?? 'feishu';
+            const platformSender = senders.get(resolvedPlatform);
+            const id = `perm_${Date.now()}_${Math.random().toString(36).slice(2, 8)}`;
+            let savedMessageId = '';
+            const decision = await new Promise((resolve) => {
+                if (!platformSender) {
+                    log.error(`Permission sender not configured for platform: ${resolvedPlatform}`);
+                    resolve('deny');
+                    return;
+                }
+                let resolved = false;
+                const safeResolve = (decision) => {
+                    if (resolved)
+                        return;
+                    resolved = true;
+                    resolve(decision);
+                };
+                // 超时定时器在发卡片之前启动，确保总等待时间不超过上限
+                const timeout = setTimeout(() => {
+                    if (pendingRequests.has(id)) {
+                        pendingRequests.delete(id);
+                        removeFromIndex(chatId, id);
+                        log.warn(`Permission request ${id} timed out`);
+                        if (savedMessageId) {
+                            platformSender.updatePermissionCard(chatId, savedMessageId, toolName, 'deny').catch(() => { });
+                        }
+                    }
+                    safeResolve('deny');
+                }, PERMISSION_REQUEST_TIMEOUT_MS);
+                platformSender.sendPermissionCard(chatId, id, toolName, toolInput ?? {}, threadCtx).then((messageId) => {
+                    savedMessageId = messageId;
+                    const pending = {
+                        id,
+                        chatId,
+                        platform: resolvedPlatform,
+                        toolName,
+                        toolInput: toolInput ?? {},
+                        messageId,
+                        createdAt: Date.now(),
+                        resolve: (decision) => {
+                            clearTimeout(timeout);
+                            safeResolve(decision);
+                        },
+                    };
+                    pendingRequests.set(id, pending);
+                    addToIndex(chatId, id);
+                    log.info(`Permission request created: ${id} tool=${toolName} platform=${resolvedPlatform}`);
+                }).catch((err) => {
+                    log.error('Failed to send permission card:', err);
+                    clearTimeout(timeout);
+                    safeResolve('deny');
+                });
+            });
+            sendJson(res, 200, { id, decision });
+        }
+        catch (err) {
+            log.error('Error handling permission request:', err);
+            sendJson(res, 500, { error: 'Internal error' });
+        }
+        return;
+    }
+    if (req.method === 'GET' && url.pathname === '/health') {
+        sendJson(res, 200, { status: 'ok', pending: pendingRequests.size });
+        return;
+    }
+    sendJson(res, 404, { error: 'Not found' });
+}
+export function startPermissionServer(port) {
+    return new Promise((resolve) => {
+        const server = createServer((req, res) => {
+            handleRequest(req, res).catch((err) => {
+                log.error('Unhandled error in permission server:', err);
+                if (!res.headersSent) {
+                    sendJson(res, 500, { error: 'Internal error' });
+                }
+            });
+        });
+        server.listen(port, '127.0.0.1', () => {
+            log.info(`Permission server listening on 127.0.0.1:${port}`);
+            resolve();
+        });
+    });
+}