codeharbor 0.1.14 → 0.1.16

package/.env.example

@@ -38,6 +38,7 @@ MATRIX_TYPING_TIMEOUT_MS=10000
 SESSION_ACTIVE_WINDOW_MINUTES=20
 
 # Group trigger defaults.
+GROUP_DIRECT_MODE_ENABLED=false
 GROUP_TRIGGER_ALLOW_MENTION=true
 GROUP_TRIGGER_ALLOW_REPLY=true
 GROUP_TRIGGER_ALLOW_ACTIVE_WINDOW=true
@@ -74,6 +75,13 @@ ADMIN_PORT=8787
 # Strongly recommended for any non-localhost access.
 # Required when exposing admin via reverse proxy/tunnel/public domain.
 ADMIN_TOKEN=
+# Optional multi-token RBAC (JSON array).
+# Each item: {"token":"...","role":"admin|viewer","actor":"ops-name"}
+# Example:
+# ADMIN_TOKENS_JSON=[{"token":"admin-secret","role":"admin","actor":"ops-admin"},{"token":"viewer-secret","role":"viewer","actor":"ops-audit"}]
+# Rotate helper:
+# ./scripts/rotate-admin-token.sh --target rbac --role admin --actor ops-admin
+ADMIN_TOKENS_JSON=
 # Optional IP allowlist (comma-separated, for example: 127.0.0.1,192.168.1.10).
 ADMIN_IP_ALLOWLIST=
 # Optional browser origin allowlist for CORS (comma-separated).

package/README.md

@@ -311,7 +311,7 @@ Optional overrides:
 codeharbor admin serve --host 127.0.0.1 --port 8787
 ```
 
-If you bind Admin to a non-loopback host and `ADMIN_TOKEN` is empty, startup is rejected by default.
+If you bind Admin to a non-loopback host and both `ADMIN_TOKEN` and `ADMIN_TOKENS_JSON` are empty, startup is rejected by default.
 Explicit bypass exists but is not recommended:
 
 ```bash
@@ -327,6 +327,7 @@ Open these UI routes in browser:
 
 Main endpoints:
 
+- `GET /api/admin/auth/status`
 - `GET /api/admin/config/global`
 - `PUT /api/admin/config/global`
 - `GET /api/admin/config/rooms`
@@ -336,7 +337,7 @@ Main endpoints:
 - `GET /api/admin/health`
 - `GET /api/admin/audit?limit=50`
 
-When `ADMIN_TOKEN` is set, requests must include:
+When `ADMIN_TOKEN` or `ADMIN_TOKENS_JSON` is set, requests must include:
 
 ```http
 Authorization: Bearer <ADMIN_TOKEN>
@@ -345,9 +346,24 @@ Authorization: Bearer <ADMIN_TOKEN>
 Access control options:
 
 - `ADMIN_TOKEN`: require bearer token for `/api/admin/*`
+- `ADMIN_TOKENS_JSON`: optional multi-token RBAC list (supports `admin` and `viewer` roles)
 - `ADMIN_IP_ALLOWLIST`: optional comma-separated client IP whitelist (for example `127.0.0.1,192.168.1.10`)
 - `ADMIN_ALLOWED_ORIGINS`: optional CORS origin allowlist for browser-based cross-origin admin access
 
+RBAC behavior:
+
+- `viewer` tokens can call read endpoints (`GET /api/admin/*`)
+- `admin` tokens can call read + write endpoints (`PUT/POST/DELETE /api/admin/*`)
+- for `ADMIN_TOKENS_JSON`, audit actor is derived from token identity (`actor` field), not `x-admin-actor`
+- Admin UI shows current permission status (role/source) after saving auth
+
+Rotate tokens quickly (repository script):
+
+```bash
+./scripts/rotate-admin-token.sh --target rbac --role admin --actor ops-admin
+./scripts/rotate-admin-token.sh --target rbac --role viewer --actor ops-audit
+```
+
 Note: `PUT /api/admin/config/global` writes to `.env` and marks changes as restart-required.
 
 ### Admin UI Quick Walkthrough
@@ -386,12 +402,14 @@ If any check fails, it prints actionable fix commands (for example `codeharbor i
 - Direct Message (DM)
   - all text messages are processed by default (no prefix required)
 - Group Room
+  - when `GROUP_DIRECT_MODE_ENABLED=true`, all non-empty messages are processed directly (no prefix/mention/reply required)
   - processed when **any allowed trigger** matches:
     - message mentions bot user id
     - message replies to a bot message
     - sender has an active conversation window
     - optional explicit prefix match (`MATRIX_COMMAND_PREFIX`)
 - Trigger Policy
+  - `GROUP_DIRECT_MODE_ENABLED` controls whether groups bypass trigger matching entirely
   - global defaults via `GROUP_TRIGGER_ALLOW_*`
   - per-room overrides via `ROOM_TRIGGER_POLICY_JSON`
 - Active Conversation Window

package/dist/cli.js

@@ -646,6 +646,7 @@ var AdminServer = class {
   host;
   port;
   adminToken;
+  adminTokens;
   adminIpAllowlist;
   adminAllowedOrigins;
   cwd;
@@ -662,6 +663,7 @@ var AdminServer = class {
     this.host = options.host;
     this.port = options.port;
     this.adminToken = options.adminToken;
+    this.adminTokens = buildAdminTokenMap(options.adminTokens ?? []);
     this.adminIpAllowlist = normalizeAllowlist(options.adminIpAllowlist ?? []);
     this.adminAllowedOrigins = normalizeOriginAllowlist(options.adminAllowedOrigins ?? []);
     this.cwd = options.cwd ?? process.cwd();
@@ -753,10 +755,32 @@ var AdminServer = class {
         this.sendHtml(res, renderAdminConsoleHtml());
         return;
       }
-      if (url.pathname.startsWith("/api/admin/") && !this.isAuthorized(req)) {
+      const requiredRole = requiredAdminRoleForRequest(req.method, url.pathname);
+      const authIdentity = requiredRole ? this.resolveAdminIdentity(req) : null;
+      if (requiredRole && !authIdentity) {
         this.sendJson(res, 401, {
           ok: false,
-          error: "Unauthorized. Provide Authorization: Bearer <ADMIN_TOKEN>."
+          error: "Unauthorized. Provide Authorization: Bearer <ADMIN_TOKEN> (or token from ADMIN_TOKENS_JSON)."
+        });
+        return;
+      }
+      if (requiredRole && authIdentity && !hasRequiredAdminRole(authIdentity.role, requiredRole)) {
+        this.sendJson(res, 403, {
+          ok: false,
+          error: "Forbidden. This endpoint requires admin write permission."
+        });
+        return;
+      }
+      if (req.method === "GET" && url.pathname === "/api/admin/auth/status") {
+        this.sendJson(res, 200, {
+          ok: true,
+          data: {
+            authenticated: Boolean(authIdentity),
+            role: authIdentity?.role ?? null,
+            source: authIdentity?.source ?? "none",
+            actor: resolveIdentityActor(authIdentity),
+            canWrite: authIdentity ? hasRequiredAdminRole(authIdentity.role, "admin") : false
+          }
         });
         return;
       }
@@ -770,7 +794,7 @@ var AdminServer = class {
       }
       if (req.method === "PUT" && url.pathname === "/api/admin/config/global") {
         const body = await readJsonBody(req);
-        const actor = readActor(req);
+        const actor = resolveAuditActor(req, authIdentity);
         const result = this.updateGlobalConfig(body, actor);
         this.sendJson(res, 200, {
           ok: true,
@@ -798,13 +822,13 @@ var AdminServer = class {
         }
         if (req.method === "PUT") {
           const body = await readJsonBody(req);
-          const actor = readActor(req);
+          const actor = resolveAuditActor(req, authIdentity);
           const room = this.updateRoomConfig(roomId, body, actor);
           this.sendJson(res, 200, { ok: true, data: room });
           return;
         }
         if (req.method === "DELETE") {
-          const actor = readActor(req);
+          const actor = resolveAuditActor(req, authIdentity);
           this.configService.deleteRoomSettings(roomId, actor);
           this.sendJson(res, 200, { ok: true, roomId });
           return;
@@ -834,7 +858,7 @@ var AdminServer = class {
       if (req.method === "POST" && url.pathname === "/api/admin/service/restart") {
         const body = asObject(await readJsonBody(req), "service restart payload");
         const restartAdmin = normalizeBoolean(body.withAdmin, false);
-        const actor = readActor(req);
+        const actor = resolveAuditActor(req, authIdentity);
         try {
           const result = await this.restartServices(restartAdmin);
           this.stateStore.appendConfigRevision(
@@ -999,6 +1023,12 @@ var AdminServer = class {
       envUpdates.SESSION_ACTIVE_WINDOW_MINUTES = String(value);
       updatedKeys.push("sessionActiveWindowMinutes");
     }
+    if ("groupDirectModeEnabled" in body) {
+      const value = normalizeBoolean(body.groupDirectModeEnabled, this.config.groupDirectModeEnabled);
+      this.config.groupDirectModeEnabled = value;
+      envUpdates.GROUP_DIRECT_MODE_ENABLED = String(value);
+      updatedKeys.push("groupDirectModeEnabled");
+    }
     if ("cliCompat" in body) {
       const compat = asObject(body.cliCompat, "cliCompat");
       if ("enabled" in compat) {
@@ -1092,14 +1122,34 @@ var AdminServer = class {
       summary: normalizeOptionalString(body.summary)
     });
   }
-  isAuthorized(req) {
-    if (!this.adminToken) {
-      return true;
+  resolveAdminIdentity(req) {
+    if (!this.adminToken && this.adminTokens.size === 0) {
+      return {
+        role: "admin",
+        actor: null,
+        source: "open"
+      };
     }
-    const authorization = req.headers.authorization ?? "";
-    const bearer = authorization.startsWith("Bearer ") ? authorization.slice("Bearer ".length).trim() : "";
-    const fromHeader = normalizeHeaderValue(req.headers["x-admin-token"]);
-    return bearer === this.adminToken || fromHeader === this.adminToken;
+    const token = readAdminToken(req);
+    if (!token) {
+      return null;
+    }
+    if (this.adminToken && token === this.adminToken) {
+      return {
+        role: "admin",
+        actor: null,
+        source: "legacy"
+      };
+    }
+    const mappedIdentity = this.adminTokens.get(token);
+    if (!mappedIdentity) {
+      return null;
+    }
+    return {
+      role: mappedIdentity.role,
+      actor: mappedIdentity.actor,
+      source: "scoped"
+    };
   }
   isClientAllowed(req) {
     if (this.adminIpAllowlist.length === 0) {
@@ -1174,6 +1224,7 @@ function buildGlobalConfigSnapshot(config) {
     matrixCommandPrefix: config.matrixCommandPrefix,
     codexWorkdir: config.codexWorkdir,
     rateLimiter: { ...config.rateLimiter },
+    groupDirectModeEnabled: config.groupDirectModeEnabled,
     defaultGroupTriggerPolicy: { ...config.defaultGroupTriggerPolicy },
     matrixProgressUpdates: config.matrixProgressUpdates,
     matrixProgressMinIntervalMs: config.matrixProgressMinIntervalMs,
@@ -1391,10 +1442,61 @@ function normalizeHeaderValue(value) {
   }
   return value.trim();
 }
-function readActor(req) {
+function readAdminToken(req) {
+  const authorization = normalizeHeaderValue(req.headers.authorization);
+  if (authorization) {
+    const match = /^bearer\s+(.+)$/i.exec(authorization);
+    const token = match?.[1]?.trim() ?? "";
+    if (token) {
+      return token;
+    }
+  }
+  const fromHeader = normalizeHeaderValue(req.headers["x-admin-token"]);
+  return fromHeader || null;
+}
+function resolveIdentityActor(identity) {
+  if (!identity || identity.source !== "scoped") {
+    return null;
+  }
+  if (identity.actor) {
+    return identity.actor;
+  }
+  return identity.role === "admin" ? "admin-token" : "viewer-token";
+}
+function resolveAuditActor(req, identity) {
+  const scopedActor = resolveIdentityActor(identity);
+  if (scopedActor) {
+    return scopedActor;
+  }
   const actor = normalizeHeaderValue(req.headers["x-admin-actor"]);
   return actor || null;
 }
+function requiredAdminRoleForRequest(method, pathname) {
+  if (!pathname.startsWith("/api/admin/")) {
+    return null;
+  }
+  const normalizedMethod = (method ?? "GET").toUpperCase();
+  if (normalizedMethod === "GET" || normalizedMethod === "HEAD") {
+    return "viewer";
+  }
+  return "admin";
+}
+function hasRequiredAdminRole(role, requiredRole) {
+  if (requiredRole === "viewer") {
+    return role === "viewer" || role === "admin";
+  }
+  return role === "admin";
+}
+function buildAdminTokenMap(tokens) {
+  const mapped = /* @__PURE__ */ new Map();
+  for (const token of tokens) {
+    mapped.set(token.token, {
+      role: token.role,
+      actor: token.actor
+    });
+  }
+  return mapped;
+}
 function formatError(error) {
   if (error instanceof Error) {
     return error.message;
@@ -1642,6 +1744,7 @@ var ADMIN_CONSOLE_HTML = `<!doctype html>
           <button id="auth-clear-btn" type="button" class="secondary">Clear Auth</button>
         </div>
         <div id="notice" class="notice">Ready.</div>
+        <p id="auth-role" class="muted">Permission: unknown</p>
       </section>
 
       <section class="panel" data-view="settings-global">
@@ -1697,6 +1800,7 @@ var ADMIN_CONSOLE_HTML = `<!doctype html>
             <input id="global-concurrency-room" type="number" min="0" />
           </label>
 
+          <label class="checkbox"><input id="global-direct-mode" type="checkbox" /><span>Group direct mode (no trigger required)</span></label>
           <label class="checkbox"><input id="global-trigger-mention" type="checkbox" /><span>Trigger: mention</span></label>
           <label class="checkbox"><input id="global-trigger-reply" type="checkbox" /><span>Trigger: reply</span></label>
           <label class="checkbox"><input id="global-trigger-window" type="checkbox" /><span>Trigger: active window</span></label>
@@ -1841,6 +1945,7 @@ var ADMIN_CONSOLE_HTML = `<!doctype html>
         var tokenInput = document.getElementById("auth-token");
         var actorInput = document.getElementById("auth-actor");
         var noticeNode = document.getElementById("notice");
+        var authRoleNode = document.getElementById("auth-role");
         var roomListBody = document.getElementById("room-list-body");
         var healthBody = document.getElementById("health-body");
         var auditBody = document.getElementById("audit-body");
@@ -1852,6 +1957,7 @@ var ADMIN_CONSOLE_HTML = `<!doctype html>
           localStorage.setItem(storageTokenKey, tokenInput.value.trim());
           localStorage.setItem(storageActorKey, actorInput.value.trim());
           showNotice("ok", "Auth settings saved to localStorage.");
+          void refreshAuthStatus();
         });
 
         document.getElementById("auth-clear-btn").addEventListener("click", function () {
@@ -1860,6 +1966,7 @@ var ADMIN_CONSOLE_HTML = `<!doctype html>
           localStorage.removeItem(storageTokenKey);
           localStorage.removeItem(storageActorKey);
           showNotice("warn", "Auth settings cleared.");
+          void refreshAuthStatus();
         });
 
         document.getElementById("global-save-btn").addEventListener("click", saveGlobal);
@@ -1884,6 +1991,7 @@ var ADMIN_CONSOLE_HTML = `<!doctype html>
         } else {
           handleRoute();
         }
+        void refreshAuthStatus();
 
         function getCurrentView() {
           return routeToView[window.location.hash] || "settings-global";
@@ -1974,6 +2082,29 @@ var ADMIN_CONSOLE_HTML = `<!doctype html>
           noticeNode.textContent = message;
         }
 
+        async function refreshAuthStatus() {
+          try {
+            var response = await apiRequest("/api/admin/auth/status", "GET");
+            var data = response.data || {};
+            if (!data.role) {
+              authRoleNode.textContent = "Permission: unauthenticated";
+              return;
+            }
+
+            var role = String(data.role).toUpperCase();
+            var source = data.source ? " (" + String(data.source) + ")" : "";
+            var actor = data.actor ? " as " + String(data.actor) : "";
+            authRoleNode.textContent = "Permission: " + role + source + actor;
+          } catch (error) {
+            var message = error && error.message ? String(error.message) : "";
+            if (/Unauthorized/i.test(message)) {
+              authRoleNode.textContent = "Permission: unauthenticated";
+              return;
+            }
+            authRoleNode.textContent = "Permission: unknown";
+          }
+        }
+
         function renderEmptyRow(body, columns, text) {
           body.innerHTML = "";
           var row = document.createElement("tr");
@@ -2005,6 +2136,7 @@ var ADMIN_CONSOLE_HTML = `<!doctype html>
             document.getElementById("global-concurrency-global").value = String(rateLimiter.maxConcurrentGlobal || 0);
             document.getElementById("global-concurrency-user").value = String(rateLimiter.maxConcurrentPerUser || 0);
             document.getElementById("global-concurrency-room").value = String(rateLimiter.maxConcurrentPerRoom || 0);
+            document.getElementById("global-direct-mode").checked = Boolean(data.groupDirectModeEnabled);
 
             document.getElementById("global-trigger-mention").checked = Boolean(trigger.allowMention);
             document.getElementById("global-trigger-reply").checked = Boolean(trigger.allowReply);
@@ -2037,6 +2169,7 @@ var ADMIN_CONSOLE_HTML = `<!doctype html>
               matrixProgressMinIntervalMs: asNumber("global-progress-interval", 2500),
               matrixTypingTimeoutMs: asNumber("global-typing-timeout", 10000),
               sessionActiveWindowMinutes: asNumber("global-active-window", 20),
+              groupDirectModeEnabled: asBool("global-direct-mode"),
               rateLimiter: {
                 windowMs: asNumber("global-rate-window", 60000),
                 maxRequestsPerUser: asNumber("global-rate-user", 20),
@@ -2460,6 +2593,7 @@ function findBreakIndex(candidate) {
 }
 
 // src/channels/matrix-channel.ts
+var LOCAL_TXN_PREFIX = "codeharbor-";
 var MatrixChannel = class {
   config;
   logger;
@@ -2500,7 +2634,7 @@ var MatrixChannel = class {
     }
     const chunks = this.splitReplies ? splitText(text, this.chunkSize) : [text];
     for (const chunk of chunks) {
-      await this.client.sendTextMessage(conversationId, chunk);
+      await this.sendRichText(conversationId, chunk, "m.text");
     }
   }
   async sendNotice(conversationId, text) {
@@ -2509,7 +2643,7 @@ var MatrixChannel = class {
     }
     const chunks = this.splitReplies ? splitText(text, this.chunkSize) : [text];
     for (const chunk of chunks) {
-      await this.client.sendNotice(conversationId, chunk);
+      await this.sendRichText(conversationId, chunk, "m.notice");
     }
   }
   async upsertProgressNotice(conversationId, text, replaceEventId) {
@@ -2521,7 +2655,10 @@ var MatrixChannel = class {
       throw new Error("Progress notice cannot be empty.");
     }
     if (!replaceEventId) {
-      const response2 = await this.client.sendNotice(conversationId, normalized);
+      const response2 = await this.sendRawEvent(
+        conversationId,
+        buildMatrixRichMessageContent(normalized, "m.notice")
+      );
       return response2.event_id;
     }
     const content = {
@@ -2536,8 +2673,7 @@ var MatrixChannel = class {
         event_id: replaceEventId
       }
     };
-    const sendEditEvent = this.client.sendEvent;
-    const response = await sendEditEvent(conversationId, import_matrix_js_sdk.EventType.RoomMessage, content);
+    const response = await this.sendRawEvent(conversationId, content);
     return response.event_id;
   }
   async setTyping(conversationId, isTyping, timeoutMs) {
@@ -2573,7 +2709,10 @@ var MatrixChannel = class {
       return;
     }
     const senderId = event.getSender();
-    if (!senderId || senderId === this.config.matrixUserId) {
+    if (!senderId) {
+      return;
+    }
+    if (senderId === this.config.matrixUserId && isLikelyLocalEcho(event)) {
       return;
     }
     const content = event.getContent();
@@ -2677,6 +2816,32 @@ var MatrixChannel = class {
       await this.joinInvitedRoom(room.roomId);
     }
   }
+  async sendRichText(conversationId, text, msgtype) {
+    const payload = buildMatrixRichMessageContent(text, msgtype);
+    await this.sendRawEvent(conversationId, payload);
+  }
+  async sendRawEvent(conversationId, content) {
+    const txnId = `${LOCAL_TXN_PREFIX}${Date.now()}-${Math.floor(Math.random() * 1e6)}`;
+    const response = await fetch(
+      `${this.config.matrixHomeserver}/_matrix/client/v3/rooms/${encodeURIComponent(conversationId)}/send/m.room.message/${encodeURIComponent(txnId)}`,
+      {
+        method: "PUT",
+        headers: {
+          Authorization: `Bearer ${this.config.matrixAccessToken}`,
+          "Content-Type": "application/json"
+        },
+        body: JSON.stringify(content)
+      }
+    );
+    if (!response.ok) {
+      throw new Error(`Matrix send failed (${response.status} ${response.statusText})`);
+    }
+    const payload = await response.json();
+    if (!payload.event_id || typeof payload.event_id !== "string") {
+      throw new Error("Matrix send failed (missing event_id)");
+    }
+    return { event_id: payload.event_id };
+  }
   async hydrateAttachments(attachments, eventId) {
     if (!this.fetchMedia || attachments.length === 0) {
       return attachments;
@@ -2747,6 +2912,17 @@ function buildRequestId(eventId) {
   const suffix = Math.random().toString(36).slice(2, 8);
   return `${eventId}:${suffix}`;
 }
+function isLikelyLocalEcho(event) {
+  const unsigned = event.getUnsigned();
+  if (!unsigned || typeof unsigned !== "object") {
+    return false;
+  }
+  const transactionId = unsigned.transaction_id;
+  if (typeof transactionId !== "string" || !transactionId) {
+    return false;
+  }
+  return transactionId.startsWith(LOCAL_TXN_PREFIX);
+}
 function isDirectRoom(room) {
   return room.getJoinedMemberCount() <= 2;
 }
@@ -2838,6 +3014,61 @@ function resolveFileExtension(fileName, mimeType) {
   }
   return ".bin";
 }
+function buildMatrixRichMessageContent(body, msgtype) {
+  return {
+    msgtype,
+    body,
+    format: "org.matrix.custom.html",
+    formatted_body: renderMatrixHtml(body, msgtype)
+  };
+}
+function renderMatrixHtml(body, msgtype) {
+  const normalized = body.replace(/\r\n/g, "\n");
+  const sections = [];
+  const codeFencePattern = /```([^\n`]*)\n?([\s\S]*?)```/g;
+  let cursor = 0;
+  let match;
+  while ((match = codeFencePattern.exec(normalized)) !== null) {
+    const before = normalized.slice(cursor, match.index);
+    const renderedBefore = renderTextSection(before);
+    if (renderedBefore) {
+      sections.push(renderedBefore);
+    }
+    const language = escapeHtml(match[1]?.trim() || "text");
+    const code = escapeHtml(match[2].replace(/\n$/, ""));
+    const label = language && language !== "text" ? `\u4EE3\u7801 (${language})` : "\u4EE3\u7801";
+    sections.push(
+      `<p><font color="#3558d1"><b>${label}</b></font></p><pre><code>${code}</code></pre>`
+    );
+    cursor = match.index + match[0].length;
+  }
+  const tail = normalized.slice(cursor);
+  const renderedTail = renderTextSection(tail);
+  if (renderedTail) {
+    sections.push(renderedTail);
+  }
+  if (sections.length === 0) {
+    sections.push("<p>(\u7A7A\u6D88\u606F)</p>");
+  }
+  const badge = msgtype === "m.notice" ? `<p><font color="#8a5a00"><b>\u{1F4E3} CodeHarbor \u63D0\u793A</b></font></p>` : `<p><font color="#1f7a5a"><b>\u{1F916} AI \u56DE\u590D</b></font></p>`;
+  return `<div>${badge}${sections.join("")}</div>`;
+}
+function renderTextSection(raw) {
+  if (!raw.trim()) {
+    return "";
+  }
+  const normalized = raw.replace(/\r\n/g, "\n").trim();
+  const paragraphs = normalized.split(/\n{2,}/);
+  const rendered = paragraphs.map((paragraph) => {
+    const escaped = escapeHtml(paragraph);
+    const inlineCode = escaped.replace(/`([^`\n]+)`/g, "<code>$1</code>");
+    return `<p>${inlineCode.replace(/\n/g, "<br/>")}</p>`;
+  }).join("");
+  return rendered;
+}
+function escapeHtml(value) {
+  return value.replace(/&/g, "&amp;").replace(/</g, "&lt;").replace(/>/g, "&gt;").replace(/"/g, "&quot;").replace(/'/g, "&#39;");
+}
 
 // src/config-service.ts
 var import_node_fs5 = __toESM(require("fs"));
@@ -4040,6 +4271,7 @@ var Orchestrator = class {
   commandPrefix;
   matrixUserId;
   sessionActiveWindowMs;
+  groupDirectModeEnabled;
   defaultGroupTriggerPolicy;
   roomTriggerPolicies;
   configService;
@@ -4077,6 +4309,7 @@ var Orchestrator = class {
     this.matrixUserId = options?.matrixUserId ?? "";
     const sessionActiveWindowMinutes = options?.sessionActiveWindowMinutes ?? 20;
     this.sessionActiveWindowMs = Math.max(1, sessionActiveWindowMinutes) * 6e4;
+    this.groupDirectModeEnabled = options?.groupDirectModeEnabled ?? false;
     this.defaultGroupTriggerPolicy = options?.defaultGroupTriggerPolicy ?? {
       allowMention: true,
       allowReply: true,
@@ -4411,7 +4644,7 @@ var Orchestrator = class {
     const prefixTriggered = prefixAllowed && this.commandPrefix.length > 0;
     const prefixedText = prefixTriggered ? extractCommandText(incomingTrimmed, this.commandPrefix) : null;
     const activeSession = message.isDirectMessage || groupPolicy?.allowActiveWindow ? this.stateStore.isSessionActive(sessionKey) : false;
-    const conversationalTrigger = message.isDirectMessage || Boolean(groupPolicy?.allowMention) && message.mentionsBot || Boolean(groupPolicy?.allowReply) && message.repliesToBot || activeSession;
+    const conversationalTrigger = message.isDirectMessage || this.groupDirectModeEnabled || Boolean(groupPolicy?.allowMention) && message.mentionsBot || Boolean(groupPolicy?.allowReply) && message.repliesToBot || activeSession;
     if (!conversationalTrigger && prefixedText === null) {
       return { kind: "ignore" };
     }
@@ -4449,7 +4682,7 @@ var Orchestrator = class {
     }
     const status = this.stateStore.getSessionStatus(sessionKey);
     const roomConfig = this.resolveRoomRuntimeConfig(message.conversationId);
-    const scope = message.isDirectMessage ? "\u79C1\u804A\uFF08\u514D\u524D\u7F00\uFF09" : "\u7FA4\u804A\uFF08\u6309\u623F\u95F4\u89E6\u53D1\u7B56\u7565\uFF09";
+    const scope = message.isDirectMessage ? "\u79C1\u804A\uFF08\u514D\u524D\u7F00\uFF09" : this.groupDirectModeEnabled ? "\u7FA4\u804A\uFF08\u9ED8\u8BA4\u76F4\u901A\uFF09" : "\u7FA4\u804A\uFF08\u6309\u623F\u95F4\u89E6\u53D1\u7B56\u7565\uFF09";
     const activeUntil = status.activeUntil ?? "\u672A\u6FC0\u6D3B";
     const metrics = this.metrics.snapshot(this.runningExecutions.size);
     const limiter = this.rateLimiter.snapshot();
@@ -5525,6 +5758,7 @@ var CodeHarborApp = class {
       commandPrefix: config.matrixCommandPrefix,
       matrixUserId: config.matrixUserId,
       sessionActiveWindowMinutes: config.sessionActiveWindowMinutes,
+      groupDirectModeEnabled: config.groupDirectModeEnabled,
       defaultGroupTriggerPolicy: config.defaultGroupTriggerPolicy,
       roomTriggerPolicies: config.roomTriggerPolicies,
       rateLimiterOptions: config.rateLimiter,
@@ -5573,6 +5807,7 @@ var CodeHarborAdminApp = class {
       host: options?.host ?? config.adminBindHost,
       port: options?.port ?? config.adminPort,
       adminToken: config.adminToken,
+      adminTokens: config.adminTokens,
       adminIpAllowlist: config.adminIpAllowlist,
       adminAllowedOrigins: config.adminAllowedOrigins
     });
@@ -5583,7 +5818,7 @@ var CodeHarborAdminApp = class {
     this.logger.info("CodeHarbor admin server started", {
       host: address?.host ?? this.config.adminBindHost,
       port: address?.port ?? this.config.adminPort,
-      tokenProtected: Boolean(this.config.adminToken)
+      tokenProtected: Boolean(this.config.adminToken) || this.config.adminTokens.length > 0
     });
   }
   async stop() {
@@ -5666,6 +5901,7 @@ var configSchema = import_zod.z.object({
   MATRIX_PROGRESS_MIN_INTERVAL_MS: import_zod.z.string().default("2500").transform((v) => Number.parseInt(v, 10)).pipe(import_zod.z.number().int().positive()),
   MATRIX_TYPING_TIMEOUT_MS: import_zod.z.string().default("10000").transform((v) => Number.parseInt(v, 10)).pipe(import_zod.z.number().int().positive()),
   SESSION_ACTIVE_WINDOW_MINUTES: import_zod.z.string().default("20").transform((v) => Number.parseInt(v, 10)).pipe(import_zod.z.number().int().positive()),
+  GROUP_DIRECT_MODE_ENABLED: import_zod.z.string().default("false").transform((v) => v.toLowerCase() === "true"),
   GROUP_TRIGGER_ALLOW_MENTION: import_zod.z.string().default("true").transform((v) => v.toLowerCase() === "true"),
   GROUP_TRIGGER_ALLOW_REPLY: import_zod.z.string().default("true").transform((v) => v.toLowerCase() === "true"),
   GROUP_TRIGGER_ALLOW_ACTIVE_WINDOW: import_zod.z.string().default("true").transform((v) => v.toLowerCase() === "true"),
@@ -5688,6 +5924,7 @@ var configSchema = import_zod.z.object({
   ADMIN_BIND_HOST: import_zod.z.string().default("127.0.0.1"),
   ADMIN_PORT: import_zod.z.string().default("8787").transform((v) => Number.parseInt(v, 10)).pipe(import_zod.z.number().int().min(1).max(65535)),
   ADMIN_TOKEN: import_zod.z.string().default(""),
+  ADMIN_TOKENS_JSON: import_zod.z.string().default(""),
   ADMIN_IP_ALLOWLIST: import_zod.z.string().default(""),
   ADMIN_ALLOWED_ORIGINS: import_zod.z.string().default(""),
   LOG_LEVEL: import_zod.z.enum(["debug", "info", "warn", "error"]).default("info")
@@ -5719,6 +5956,7 @@ var configSchema = import_zod.z.object({
   matrixProgressMinIntervalMs: v.MATRIX_PROGRESS_MIN_INTERVAL_MS,
   matrixTypingTimeoutMs: v.MATRIX_TYPING_TIMEOUT_MS,
   sessionActiveWindowMinutes: v.SESSION_ACTIVE_WINDOW_MINUTES,
+  groupDirectModeEnabled: v.GROUP_DIRECT_MODE_ENABLED,
   defaultGroupTriggerPolicy: {
     allowMention: v.GROUP_TRIGGER_ALLOW_MENTION,
     allowReply: v.GROUP_TRIGGER_ALLOW_REPLY,
@@ -5747,6 +5985,7 @@ var configSchema = import_zod.z.object({
   adminBindHost: v.ADMIN_BIND_HOST.trim() || "127.0.0.1",
   adminPort: v.ADMIN_PORT,
   adminToken: v.ADMIN_TOKEN.trim() || null,
+  adminTokens: parseAdminTokens(v.ADMIN_TOKENS_JSON),
   adminIpAllowlist: parseCsvList(v.ADMIN_IP_ALLOWLIST),
   adminAllowedOrigins: parseCsvList(v.ADMIN_ALLOWED_ORIGINS),
   logLevel: v.LOG_LEVEL
@@ -5837,6 +6076,53 @@ function parseExtraEnv(raw) {
 function parseCsvList(raw) {
   return raw.split(",").map((entry) => entry.trim()).filter((entry) => entry.length > 0);
 }
+function parseAdminTokens(raw) {
+  const trimmed = raw.trim();
+  if (!trimmed) {
+    return [];
+  }
+  let parsed;
+  try {
+    parsed = JSON.parse(trimmed);
+  } catch {
+    throw new Error("ADMIN_TOKENS_JSON must be valid JSON.");
+  }
+  if (!Array.isArray(parsed)) {
+    throw new Error("ADMIN_TOKENS_JSON must be a JSON array.");
+  }
+  const seenTokens = /* @__PURE__ */ new Set();
+  return parsed.map((entry, index) => {
+    if (!entry || typeof entry !== "object" || Array.isArray(entry)) {
+      throw new Error(`ADMIN_TOKENS_JSON[${index}] must be an object.`);
+    }
+    const payload = entry;
+    const tokenValue = payload.token;
+    if (typeof tokenValue !== "string" || !tokenValue.trim()) {
+      throw new Error(`ADMIN_TOKENS_JSON[${index}].token must be a non-empty string.`);
+    }
+    const token = tokenValue.trim();
+    if (seenTokens.has(token)) {
+      throw new Error(`ADMIN_TOKENS_JSON contains duplicated token at index ${index}.`);
+    }
+    seenTokens.add(token);
+    let role = "admin";
+    if (payload.role !== void 0) {
+      if (payload.role !== "admin" && payload.role !== "viewer") {
+        throw new Error(`ADMIN_TOKENS_JSON[${index}].role must be "admin" or "viewer".`);
+      }
+      role = payload.role;
+    }
+    if (payload.actor !== void 0 && payload.actor !== null && typeof payload.actor !== "string") {
+      throw new Error(`ADMIN_TOKENS_JSON[${index}].actor must be a string when provided.`);
+    }
+    const actor = typeof payload.actor === "string" ? payload.actor.trim() || null : null;
+    return {
+      token,
+      role,
+      actor
+    };
+  });
+}
 
 // src/config-snapshot.ts
 var import_node_fs9 = __toESM(require("fs"));
@@ -5869,6 +6155,7 @@ var CONFIG_SNAPSHOT_ENV_KEYS = [
   "MATRIX_PROGRESS_MIN_INTERVAL_MS",
   "MATRIX_TYPING_TIMEOUT_MS",
   "SESSION_ACTIVE_WINDOW_MINUTES",
+  "GROUP_DIRECT_MODE_ENABLED",
   "GROUP_TRIGGER_ALLOW_MENTION",
   "GROUP_TRIGGER_ALLOW_REPLY",
   "GROUP_TRIGGER_ALLOW_ACTIVE_WINDOW",
@@ -5891,6 +6178,7 @@ var CONFIG_SNAPSHOT_ENV_KEYS = [
   "ADMIN_BIND_HOST",
   "ADMIN_PORT",
   "ADMIN_TOKEN",
+  "ADMIN_TOKENS_JSON",
   "ADMIN_IP_ALLOWLIST",
   "ADMIN_ALLOWED_ORIGINS",
   "LOG_LEVEL"
@@ -5933,6 +6221,7 @@ var envSnapshotSchema = import_zod2.z.object({
   MATRIX_PROGRESS_MIN_INTERVAL_MS: integerStringSchema("MATRIX_PROGRESS_MIN_INTERVAL_MS", 1),
   MATRIX_TYPING_TIMEOUT_MS: integerStringSchema("MATRIX_TYPING_TIMEOUT_MS", 1),
   SESSION_ACTIVE_WINDOW_MINUTES: integerStringSchema("SESSION_ACTIVE_WINDOW_MINUTES", 1),
+  GROUP_DIRECT_MODE_ENABLED: booleanStringSchema("GROUP_DIRECT_MODE_ENABLED").default("false"),
   GROUP_TRIGGER_ALLOW_MENTION: booleanStringSchema("GROUP_TRIGGER_ALLOW_MENTION"),
   GROUP_TRIGGER_ALLOW_REPLY: booleanStringSchema("GROUP_TRIGGER_ALLOW_REPLY"),
   GROUP_TRIGGER_ALLOW_ACTIVE_WINDOW: booleanStringSchema("GROUP_TRIGGER_ALLOW_ACTIVE_WINDOW"),
@@ -5955,6 +6244,7 @@ var envSnapshotSchema = import_zod2.z.object({
   ADMIN_BIND_HOST: import_zod2.z.string(),
   ADMIN_PORT: integerStringSchema("ADMIN_PORT", 1, 65535),
   ADMIN_TOKEN: import_zod2.z.string(),
+  ADMIN_TOKENS_JSON: jsonArrayStringSchema("ADMIN_TOKENS_JSON", true).default(""),
   ADMIN_IP_ALLOWLIST: import_zod2.z.string(),
   ADMIN_ALLOWED_ORIGINS: import_zod2.z.string().default(""),
   LOG_LEVEL: import_zod2.z.enum(LOG_LEVELS)
@@ -6121,6 +6411,7 @@ function buildSnapshotEnv(config) {
     MATRIX_PROGRESS_MIN_INTERVAL_MS: String(config.matrixProgressMinIntervalMs),
     MATRIX_TYPING_TIMEOUT_MS: String(config.matrixTypingTimeoutMs),
     SESSION_ACTIVE_WINDOW_MINUTES: String(config.sessionActiveWindowMinutes),
+    GROUP_DIRECT_MODE_ENABLED: String(config.groupDirectModeEnabled),
     GROUP_TRIGGER_ALLOW_MENTION: String(config.defaultGroupTriggerPolicy.allowMention),
     GROUP_TRIGGER_ALLOW_REPLY: String(config.defaultGroupTriggerPolicy.allowReply),
     GROUP_TRIGGER_ALLOW_ACTIVE_WINDOW: String(config.defaultGroupTriggerPolicy.allowActiveWindow),
@@ -6143,6 +6434,7 @@ function buildSnapshotEnv(config) {
     ADMIN_BIND_HOST: config.adminBindHost,
     ADMIN_PORT: String(config.adminPort),
     ADMIN_TOKEN: config.adminToken ?? "",
+    ADMIN_TOKENS_JSON: serializeAdminTokens(config.adminTokens),
     ADMIN_IP_ALLOWLIST: config.adminIpAllowlist.join(","),
     ADMIN_ALLOWED_ORIGINS: config.adminAllowedOrigins.join(","),
     LOG_LEVEL: config.logLevel
@@ -6232,6 +6524,9 @@ function parseIntStrict(raw) {
 function serializeJsonObject(value) {
   return Object.keys(value).length > 0 ? JSON.stringify(value) : "";
 }
+function serializeAdminTokens(tokens) {
+  return tokens.length > 0 ? JSON.stringify(tokens) : "";
+}
 function booleanStringSchema(key) {
   return import_zod2.z.string().refine((value) => BOOLEAN_STRING.test(value), {
     message: `${key} must be a boolean string (true/false).`
@@ -6269,6 +6564,23 @@ function jsonObjectStringSchema(key, allowEmpty) {
     message: `${key} must be an empty string or a JSON object string.`
   });
 }
+function jsonArrayStringSchema(key, allowEmpty) {
+  return import_zod2.z.string().refine((value) => {
+    const trimmed = value.trim();
+    if (!trimmed) {
+      return allowEmpty;
+    }
+    let parsed;
+    try {
+      parsed = JSON.parse(trimmed);
+    } catch {
+      return false;
+    }
+    return Array.isArray(parsed);
+  }, {
+    message: `${key} must be an empty string or a JSON array string.`
+  });
+}
 
 // src/preflight.ts
 var import_node_child_process6 = require("child_process");
@@ -6461,11 +6773,12 @@ admin.command("serve").description("Start admin config API server").option("--ho
   const host = options.host?.trim() || config.adminBindHost;
   const port = options.port ? parsePortOption(options.port, config.adminPort) : config.adminPort;
   const allowInsecureNoToken = options.allowInsecureNoToken ?? false;
-  if (!config.adminToken && !allowInsecureNoToken && isNonLoopbackHost(host)) {
+  const hasAdminAuth = Boolean(config.adminToken) || config.adminTokens.length > 0;
+  if (!hasAdminAuth && !allowInsecureNoToken && isNonLoopbackHost(host)) {
     process.stderr.write(
       [
-        "Refusing to start admin server on non-loopback host without ADMIN_TOKEN.",
-        "Fix: set ADMIN_TOKEN in .env, or explicitly pass --allow-insecure-no-token.",
+        "Refusing to start admin server on non-loopback host without admin auth token.",
+        "Fix: set ADMIN_TOKEN or ADMIN_TOKENS_JSON in .env, or explicitly pass --allow-insecure-no-token.",
         ""
       ].join("\n")
     );

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "codeharbor",
-  "version": "0.1.14",
+  "version": "0.1.16",
   "description": "Instant-messaging bridge for Codex CLI sessions",
   "license": "MIT",
   "main": "dist/cli.js",