create-workframe 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.dockerignore +22 -0
- package/.gitignore +73 -0
- package/LICENSE +201 -0
- package/NOTICE +12 -0
- package/README.md +111 -0
- package/SECURITY.md +40 -0
- package/bin/create-workframe.js +2814 -0
- package/bin/workframe.js +329 -0
- package/docs/workspace-instructions/WORKFRAME_DISCORD.md +20 -0
- package/docs/workspace-instructions/WORKFRAME_DOCUMENTS_AND_ARTIFACTS.md +20 -0
- package/docs/workspace-instructions/WORKFRAME_KANBAN.md +20 -0
- package/docs/workspace-instructions/WORKFRAME_ONBOARDING.md +21 -0
- package/docs/workspace-instructions/WORKFRAME_ROUTING.md +29 -0
- package/docs/workspace-instructions/WORKFRAME_TELEGRAM.md +19 -0
- package/package.json +67 -0
- package/profiles/README.md +15 -0
- package/profiles/architect/AGENTS.md +29 -0
- package/profiles/architect/SOUL.md +44 -0
- package/profiles/architect/skills/devops/kanban-worker/SKILL.md +27 -0
- package/profiles/designer/AGENTS.md +26 -0
- package/profiles/designer/SOUL.md +31 -0
- package/profiles/designer/skills/devops/kanban-worker/SKILL.md +27 -0
- package/profiles/dev/AGENTS.md +28 -0
- package/profiles/dev/SOUL.md +31 -0
- package/profiles/dev/skills/devops/kanban-worker/SKILL.md +27 -0
- package/profiles/docs/AGENTS.md +27 -0
- package/profiles/docs/SOUL.md +30 -0
- package/profiles/docs/skills/devops/kanban-worker/SKILL.md +27 -0
- package/profiles/research/AGENTS.md +26 -0
- package/profiles/research/SOUL.md +31 -0
- package/profiles/research/skills/devops/kanban-worker/SKILL.md +27 -0
- package/profiles/visionary/AGENTS.md +25 -0
- package/profiles/visionary/SOUL.md +31 -0
- package/profiles/visionary/skills/devops/kanban-worker/SKILL.md +27 -0
- package/profiles/workframe-agent/AGENTS.md +37 -0
- package/profiles/workframe-agent/SETUP.md +185 -0
- package/profiles/workframe-agent/SOUL.md +61 -0
- package/profiles/workframe-agent/skills/devops/botfather/SKILL.md +85 -0
- package/profiles/workframe-agent/skills/devops/kanban-handoff-pattern/SKILL.md +58 -0
- package/profiles/workframe-agent/skills/devops/workframe-cohort/SKILL.md +54 -0
- package/prompts/WORKFRAME_PROMPT_TEMPLATES.md +16 -0
- package/rules/.hermes.md +11 -0
- package/rules/AGENTS.md +22 -0
- package/rules/workspace-README.md +5 -0
- package/scripts/apply-update-hermes.sh +17 -0
- package/scripts/apply-update-workframe.sh +77 -0
- package/scripts/bootstrap-workspace-link.sh +8 -0
- package/scripts/bundle-workframe-ui.mjs +77 -0
- package/scripts/compose-docker-host.sh +37 -0
- package/scripts/create_workframe_scaffold.py +648 -0
- package/scripts/ensure-compose-host-paths.mjs +51 -0
- package/scripts/fix-zk-encryption-key.sh +35 -0
- package/scripts/lib/install-identity.mjs +212 -0
- package/scripts/lib/workframe-registry.mjs +290 -0
- package/scripts/new-project.mjs +68 -0
- package/scripts/restart-gateway-hermes.sh +12 -0
- package/scripts/security_audit.py +156 -0
- package/scripts/select_agent_pack.py +31 -0
- package/scripts/set-compose-public-url.mjs +92 -0
- package/scripts/setup-stack-secrets.sh +50 -0
- package/scripts/sync-canonical-to-package.mjs +146 -0
- package/scripts/test-scaffold.mjs +390 -0
- package/scripts/verify-public-deploy.sh +105 -0
- package/shared/WORKFRAME_AGENT_LIBRARY.md +31 -0
- package/shared/WORKFRAME_AGENT_OPERATIONS.md +29 -0
- package/shared/WORKFRAME_AGENT_PACKS.json +64 -0
- package/shared/WORKFRAME_AGENT_PACKS.yaml +20 -0
- package/shared/WORKFRAME_CHAT_PERMISSION_MODEL.md +20 -0
- package/shared/WORKFRAME_HANDOFF_SCHEMA.md +25 -0
- package/shared/WORKFRAME_SKILL_CURATION.md +27 -0
- package/shared/agent-avatars/ada.png +0 -0
- package/shared/agent-avatars/aibert.png +0 -0
- package/shared/agent-avatars/amelia.png +0 -0
- package/shared/agent-avatars/andy.png +0 -0
- package/shared/agent-avatars/arc.png +0 -0
- package/shared/agent-avatars/bob.png +0 -0
- package/shared/agent-avatars/buzz.png +0 -0
- package/shared/agent-avatars/carl.png +0 -0
- package/shared/agent-avatars/catalog.json +171 -0
- package/shared/agent-avatars/corbu.png +0 -0
- package/shared/agent-avatars/diana.png +0 -0
- package/shared/agent-avatars/ella.png +0 -0
- package/shared/agent-avatars/elvis.png +0 -0
- package/shared/agent-avatars/f1.png +0 -0
- package/shared/agent-avatars/f2.png +0 -0
- package/shared/agent-avatars/f3.png +0 -0
- package/shared/agent-avatars/f4.png +0 -0
- package/shared/agent-avatars/f5.png +0 -0
- package/shared/agent-avatars/f6.png +0 -0
- package/shared/agent-avatars/frida.png +0 -0
- package/shared/agent-avatars/george.png +0 -0
- package/shared/agent-avatars/grace.png +0 -0
- package/shared/agent-avatars/hedy.png +0 -0
- package/shared/agent-avatars/hermes.png +0 -0
- package/shared/agent-avatars/isaac.png +0 -0
- package/shared/agent-avatars/jes.png +0 -0
- package/shared/agent-avatars/john.png +0 -0
- package/shared/agent-avatars/joni.png +0 -0
- package/shared/agent-avatars/leo.png +0 -0
- package/shared/agent-avatars/louis.png +0 -0
- package/shared/agent-avatars/ludwig.png +0 -0
- package/shared/agent-avatars/m1.png +0 -0
- package/shared/agent-avatars/m2.png +0 -0
- package/shared/agent-avatars/m3.png +0 -0
- package/shared/agent-avatars/m4.png +0 -0
- package/shared/agent-avatars/m5.png +0 -0
- package/shared/agent-avatars/m6.png +0 -0
- package/shared/agent-avatars/marie.png +0 -0
- package/shared/agent-avatars/marilyn.png +0 -0
- package/shared/agent-avatars/neil.png +0 -0
- package/shared/agent-avatars/nikola.png +0 -0
- package/shared/agent-avatars/nina.png +0 -0
- package/shared/agent-avatars/paul.png +0 -0
- package/shared/agent-avatars/ringo.png +0 -0
- package/shared/agent-avatars/rosie.png +0 -0
- package/shared/agent-avatars/ste.png +0 -0
- package/shared/agent-avatars/steve.png +0 -0
- package/shared/agent-avatars/sun.png +0 -0
- package/shared/agent-avatars/tom.png +0 -0
- package/shared/agent-avatars/warren.png +0 -0
- package/shared/agent-avatars/woz.png +0 -0
- package/shared/agent-avatars/zaha.png +0 -0
- package/workframe-api/Dockerfile +14 -0
- package/workframe-api/README.md +28 -0
- package/workframe-api/action_proxy.py +131 -0
- package/workframe-api/auth_rate_limit.py +49 -0
- package/workframe-api/catalog/avatar-catalog.json +171 -0
- package/workframe-api/catalog/logo-catalog.json +86 -0
- package/workframe-api/catalog/user-avatar-catalog.json +171 -0
- package/workframe-api/credential_vault.py +445 -0
- package/workframe-api/data/.gitkeep +0 -0
- package/workframe-api/data/avatar-catalog.json +41 -0
- package/workframe-api/data/logo-catalog.json +14 -0
- package/workframe-api/data/user-avatar-catalog.json +18 -0
- package/workframe-api/email_sender.py +220 -0
- package/workframe-api/google_auth.py +90 -0
- package/workframe-api/install_api.py +359 -0
- package/workframe-api/internal_proxy_auth.py +150 -0
- package/workframe-api/llm_proxy.py +277 -0
- package/workframe-api/oidc_jwt.py +108 -0
- package/workframe-api/package.json +13 -0
- package/workframe-api/platform_auth.py +194 -0
- package/workframe-api/profile_secret_policy.py +86 -0
- package/workframe-api/public/assets/index-DPXu_lGn.css +1 -0
- package/workframe-api/public/assets/index-DYnLrCZZ.js +9 -0
- package/workframe-api/public/assets/index-DglUqFB_.js +9 -0
- package/workframe-api/public/index.html +12 -0
- package/workframe-api/requirements.txt +2 -0
- package/workframe-api/server.py +19646 -0
- package/workframe-api/site_meta.py +271 -0
- package/workframe-api/stack_config.py +427 -0
- package/workframe-api/tests/__init__.py +0 -0
- package/workframe-api/tests/db_setup.py +13 -0
- package/workframe-api/tests/test_admin_updates_gated.py +30 -0
- package/workframe-api/tests/test_agent_dm_bootstrap.py +196 -0
- package/workframe-api/tests/test_agent_profile_sync.py +76 -0
- package/workframe-api/tests/test_auth_email.py +222 -0
- package/workframe-api/tests/test_auth_hole_fix_selfcheck.py +99 -0
- package/workframe-api/tests/test_auth_rate_limit.py +19 -0
- package/workframe-api/tests/test_avatar_resolve.py +77 -0
- package/workframe-api/tests/test_child_soul_template.py +71 -0
- package/workframe-api/tests/test_credential_canary.py +135 -0
- package/workframe-api/tests/test_credential_isolation.py +448 -0
- package/workframe-api/tests/test_credential_resolution.py +206 -0
- package/workframe-api/tests/test_device_oauth.py +108 -0
- package/workframe-api/tests/test_doctor_repair.py +103 -0
- package/workframe-api/tests/test_ensure_profile_api.py +77 -0
- package/workframe-api/tests/test_gateway_compose_security.py +136 -0
- package/workframe-api/tests/test_install_secure_host.py +39 -0
- package/workframe-api/tests/test_internal_proxy_auth.py +125 -0
- package/workframe-api/tests/test_invite_runtime_bootstrap.py +72 -0
- package/workframe-api/tests/test_kanban_delegation.py +185 -0
- package/workframe-api/tests/test_llm_proxy.py +155 -0
- package/workframe-api/tests/test_login_access_policy.py +183 -0
- package/workframe-api/tests/test_mvp_model_bootstrap.py +75 -0
- package/workframe-api/tests/test_onboarding_bootstrap.py +248 -0
- package/workframe-api/tests/test_platform_auth.py +47 -0
- package/workframe-api/tests/test_profile_config_path.py +56 -0
- package/workframe-api/tests/test_profile_config_yaml_repair.py +63 -0
- package/workframe-api/tests/test_profile_create.py +72 -0
- package/workframe-api/tests/test_profile_identity_overlay.py +61 -0
- package/workframe-api/tests/test_profile_install_health.py +45 -0
- package/workframe-api/tests/test_profile_secret_policy.py +57 -0
- package/workframe-api/tests/test_profile_workspace_cwd.py +34 -0
- package/workframe-api/tests/test_provider_bootstrap.py +75 -0
- package/workframe-api/tests/test_provider_connect.py +54 -0
- package/workframe-api/tests/test_room_crud.py +192 -0
- package/workframe-api/tests/test_room_tenancy.py +701 -0
- package/workframe-api/tests/test_runtime_identity_backfill.py +34 -0
- package/workframe-api/tests/test_site_meta.py +81 -0
- package/workframe-api/tests/test_soul_stub.py +42 -0
- package/workframe-api/tests/test_space_member_sync.py +99 -0
- package/workframe-api/tests/test_stripe_stack_config.py +37 -0
- package/workframe-api/tests/test_supervisor_lifecycle.py +52 -0
- package/workframe-api/tests/test_turn_credential_vault.py +125 -0
- package/workframe-api/tests/test_updates.py +176 -0
- package/workframe-api/tests/test_user_cohort.py +113 -0
- package/workframe-api/tests/test_vault_envelope.py +110 -0
- package/workframe-api/tests/test_workspace_members.py +183 -0
- package/workframe-api/tests/test_workspace_messaging_sync.py +125 -0
- package/workframe-api/tests/test_workspace_provider_list.py +57 -0
- package/workframe-api/time-bind-chat.py +99 -0
- package/workframe-api/turn_credentials.py +226 -0
- package/workframe-api/updates.py +417 -0
- package/workframe-api/vault_kek.py +159 -0
- package/workframe-api/zk_auth.py +633 -0
- package/workframe-supervisor/Dockerfile +11 -0
- package/workframe-supervisor/profile_secret_policy.py +76 -0
- package/workframe-supervisor/server.py +787 -0
- package/workframe-supervisor/tests/test_exec_guard.py +42 -0
- package/workframe-supervisor/tests/test_server_import.py +21 -0
- package/workframe-ui/docker/nginx.conf +85 -0
- package/workframe-ui/public/assets/1-DLJbBkOb.png +0 -0
- package/workframe-ui/public/assets/10-uwRwj5ce.png +0 -0
- package/workframe-ui/public/assets/11-5OuV9F_e.png +0 -0
- package/workframe-ui/public/assets/12-u_axjxW-.png +0 -0
- package/workframe-ui/public/assets/13-ldSvcMsH.png +0 -0
- package/workframe-ui/public/assets/14-xdcALEYD.png +0 -0
- package/workframe-ui/public/assets/15-aZ4snEFB.png +0 -0
- package/workframe-ui/public/assets/16-L_5-DttY.png +0 -0
- package/workframe-ui/public/assets/2-zOPZTppD.png +0 -0
- package/workframe-ui/public/assets/3-Dc3WoVu5.png +0 -0
- package/workframe-ui/public/assets/4-C50hk7_m.png +0 -0
- package/workframe-ui/public/assets/5-Eweetkq4.png +0 -0
- package/workframe-ui/public/assets/6-5sOXgfkw.png +0 -0
- package/workframe-ui/public/assets/7-BqRBCbiC.png +0 -0
- package/workframe-ui/public/assets/8-DEDKS94h.png +0 -0
- package/workframe-ui/public/assets/9-DNj34GW-.png +0 -0
- package/workframe-ui/public/assets/ada-DsvuOc9n.png +0 -0
- package/workframe-ui/public/assets/aibert-BCz8Lo8H.png +0 -0
- package/workframe-ui/public/assets/amelia-DUf3EBGu.png +0 -0
- package/workframe-ui/public/assets/andy-Cpymuhhx.png +0 -0
- package/workframe-ui/public/assets/arc-CBDYvkAF.js +1 -0
- package/workframe-ui/public/assets/architecture-7EHR7CIX-CtbQKTuT.js +1 -0
- package/workframe-ui/public/assets/architectureDiagram-3BPJPVTR-XnBRKeW0.js +36 -0
- package/workframe-ui/public/assets/array-BifhSqXX.js +1 -0
- package/workframe-ui/public/assets/avatars/ada.png +0 -0
- package/workframe-ui/public/assets/avatars/aibert.png +0 -0
- package/workframe-ui/public/assets/avatars/amelia.png +0 -0
- package/workframe-ui/public/assets/avatars/andy.png +0 -0
- package/workframe-ui/public/assets/avatars/bob.png +0 -0
- package/workframe-ui/public/assets/avatars/buzz.png +0 -0
- package/workframe-ui/public/assets/avatars/carl.png +0 -0
- package/workframe-ui/public/assets/avatars/catalog.json +171 -0
- package/workframe-ui/public/assets/avatars/corbu.png +0 -0
- package/workframe-ui/public/assets/avatars/diana.png +0 -0
- package/workframe-ui/public/assets/avatars/elvis.png +0 -0
- package/workframe-ui/public/assets/avatars/frida.png +0 -0
- package/workframe-ui/public/assets/avatars/george.png +0 -0
- package/workframe-ui/public/assets/avatars/grace.png +0 -0
- package/workframe-ui/public/assets/avatars/hedy.png +0 -0
- package/workframe-ui/public/assets/avatars/hermes.png +0 -0
- package/workframe-ui/public/assets/avatars/isaac.png +0 -0
- package/workframe-ui/public/assets/avatars/john.png +0 -0
- package/workframe-ui/public/assets/avatars/joni.png +0 -0
- package/workframe-ui/public/assets/avatars/leo.png +0 -0
- package/workframe-ui/public/assets/avatars/louis.png +0 -0
- package/workframe-ui/public/assets/avatars/ludwig.png +0 -0
- package/workframe-ui/public/assets/avatars/marie.png +0 -0
- package/workframe-ui/public/assets/avatars/marilyn.png +0 -0
- package/workframe-ui/public/assets/avatars/nikola.png +0 -0
- package/workframe-ui/public/assets/avatars/nina.png +0 -0
- package/workframe-ui/public/assets/avatars/paul.png +0 -0
- package/workframe-ui/public/assets/avatars/ringo.png +0 -0
- package/workframe-ui/public/assets/avatars/rosie.png +0 -0
- package/workframe-ui/public/assets/avatars/steve.png +0 -0
- package/workframe-ui/public/assets/avatars/sun.png +0 -0
- package/workframe-ui/public/assets/avatars/warren.png +0 -0
- package/workframe-ui/public/assets/avatars/woz.png +0 -0
- package/workframe-ui/public/assets/avatars/zaha.png +0 -0
- package/workframe-ui/public/assets/blockDiagram-GPEHLZMM-VYHUfVhd.js +132 -0
- package/workframe-ui/public/assets/bob-DRz-48Id.png +0 -0
- package/workframe-ui/public/assets/branding/banner.png +0 -0
- package/workframe-ui/public/assets/branding/og-default.png +0 -0
- package/workframe-ui/public/assets/branding/workframe'white.png +0 -0
- package/workframe-ui/public/assets/branding/workframe-1.png +0 -0
- package/workframe-ui/public/assets/branding/workframe-2.png +0 -0
- package/workframe-ui/public/assets/branding/workframe-3.png +0 -0
- package/workframe-ui/public/assets/branding/workframe-4.png +0 -0
- package/workframe-ui/public/assets/branding/workframe-5.png +0 -0
- package/workframe-ui/public/assets/branding/workframe-banner.png +0 -0
- package/workframe-ui/public/assets/branding/workframe-logo-horizontal-mini.png +0 -0
- package/workframe-ui/public/assets/branding/workframe-logo-horizontal-nano.png +0 -0
- package/workframe-ui/public/assets/branding/workframe-logo-horizontal.png +0 -0
- package/workframe-ui/public/assets/branding/workframe-logo-vertical-alt.png +0 -0
- package/workframe-ui/public/assets/branding/workframe-logo-vertical.png +0 -0
- package/workframe-ui/public/assets/branding/workframe.png +0 -0
- package/workframe-ui/public/assets/buzz-mC4PtMvC.png +0 -0
- package/workframe-ui/public/assets/c4Diagram-AAUBKEIU-BTjUcJpm.js +10 -0
- package/workframe-ui/public/assets/carl-CtE74db_.png +0 -0
- package/workframe-ui/public/assets/channel-Dy4Z4-jn.js +1 -0
- package/workframe-ui/public/assets/chunk-2J33WTMH-w7uu7R-b.js +1 -0
- package/workframe-ui/public/assets/chunk-3OPIFGDE-Cb9LtnDX.js +62 -0
- package/workframe-ui/public/assets/chunk-4BX2VUAB-DiQ-qCwH.js +1 -0
- package/workframe-ui/public/assets/chunk-55IACEB6-C-mLFr7z.js +1 -0
- package/workframe-ui/public/assets/chunk-5ZQYHXKU-DOesfiCI.js +2 -0
- package/workframe-ui/public/assets/chunk-727SXJPM-BJ3oBZuz.js +206 -0
- package/workframe-ui/public/assets/chunk-AQP2D5EJ-CCA6xpGs.js +231 -0
- package/workframe-ui/public/assets/chunk-BSJP7CBP-a0cMNFb2.js +1 -0
- package/workframe-ui/public/assets/chunk-CSCIHK7Q-kuqN8EIY.js +122 -0
- package/workframe-ui/public/assets/chunk-FMBD7UC4-DyPgYHCg.js +15 -0
- package/workframe-ui/public/assets/chunk-KSCS5N6A-CdUuvR0V.js +10 -0
- package/workframe-ui/public/assets/chunk-L5ZTLDWV-Dq9NoWmK.js +1 -0
- package/workframe-ui/public/assets/chunk-LZXEDZCA-p74rddlO.js +2 -0
- package/workframe-ui/public/assets/chunk-ND2GUHAM-DBD2u1Gz.js +1 -0
- package/workframe-ui/public/assets/chunk-NNHCCRGN-DlpIbxXb.js +159 -0
- package/workframe-ui/public/assets/chunk-NZK2D7GU-BeIeYFnd.js +1 -0
- package/workframe-ui/public/assets/chunk-O5CBEL6O-ClHc56ib.js +70 -0
- package/workframe-ui/public/assets/chunk-QZHKN3VN-CtBEchFK.js +1 -0
- package/workframe-ui/public/assets/chunk-WU5MYG2G-B9pBtriN.js +1 -0
- package/workframe-ui/public/assets/chunk-XPW4576I-EFr8R_1p.js +32 -0
- package/workframe-ui/public/assets/classDiagram-4FO5ZUOK-BMAEA8jI.js +1 -0
- package/workframe-ui/public/assets/classDiagram-v2-Q7XG4LA2-BMAEA8jI.js +1 -0
- package/workframe-ui/public/assets/corbu-KiaMXzXQ.png +0 -0
- package/workframe-ui/public/assets/cose-bilkent-S5V4N54A-C7aPBODd.js +1 -0
- package/workframe-ui/public/assets/cytoscape.esm-h6BdjjI9.js +321 -0
- package/workframe-ui/public/assets/dagre-BM42HDAG-BdU1Rv-H.js +4 -0
- package/workframe-ui/public/assets/dagre-Bx709z4p.js +1 -0
- package/workframe-ui/public/assets/defaultLocale-C8Fc0cco.js +1 -0
- package/workframe-ui/public/assets/diagram-2AECGRRQ-DWowSo85.js +43 -0
- package/workframe-ui/public/assets/diagram-5GNKFQAL-MnxBbceO.js +10 -0
- package/workframe-ui/public/assets/diagram-KO2AKTUF-DQaLRXFf.js +3 -0
- package/workframe-ui/public/assets/diagram-LMA3HP47-CQaBud9k.js +24 -0
- package/workframe-ui/public/assets/diagram-OG6HWLK6-D8bAXbY9.js +24 -0
- package/workframe-ui/public/assets/diana-DW0MsL38.png +0 -0
- package/workframe-ui/public/assets/dist-DGpTLHr_.js +1 -0
- package/workframe-ui/public/assets/elvis-LCFaZIcT.png +0 -0
- package/workframe-ui/public/assets/erDiagram-TEJ5UH35-1E-xSvBK.js +85 -0
- package/workframe-ui/public/assets/eventmodeling-FCH6USID-D75cstNT.js +1 -0
- package/workframe-ui/public/assets/flowDiagram-I6XJVG4X-CgOVD5hu.js +162 -0
- package/workframe-ui/public/assets/frida-CXFA0w3F.png +0 -0
- package/workframe-ui/public/assets/ganttDiagram-6RSMTGT7-JFYAIauo.js +292 -0
- package/workframe-ui/public/assets/george-DBSH2Sm2.png +0 -0
- package/workframe-ui/public/assets/gitGraph-WXDBUCRP-B9REenIl.js +1 -0
- package/workframe-ui/public/assets/gitGraphDiagram-PVQCEYII-BQ7NcMSn.js +106 -0
- package/workframe-ui/public/assets/grace-BhV0UPc0.png +0 -0
- package/workframe-ui/public/assets/graphlib-B8gBHxth.js +1 -0
- package/workframe-ui/public/assets/hedy-BR2IHift.png +0 -0
- package/workframe-ui/public/assets/hermes-CqCzcE0y.png +0 -0
- package/workframe-ui/public/assets/index-Dnw6vjqb.js +133 -0
- package/workframe-ui/public/assets/index-DpAGxump.css +1 -0
- package/workframe-ui/public/assets/info-J43DQDTF-CL6-eTjH.js +1 -0
- package/workframe-ui/public/assets/infoDiagram-5YYISTIA-LJTODW4W.js +2 -0
- package/workframe-ui/public/assets/init-D6jRqBbL.js +1 -0
- package/workframe-ui/public/assets/isaac-D1nhJAuv.png +0 -0
- package/workframe-ui/public/assets/ishikawaDiagram-YF4QCWOH-bchrQVuo.js +70 -0
- package/workframe-ui/public/assets/john-zSPWwNi4.png +0 -0
- package/workframe-ui/public/assets/joni-BFLoyfJP.png +0 -0
- package/workframe-ui/public/assets/journeyDiagram-JHISSGLW-DkrvYuxP.js +139 -0
- package/workframe-ui/public/assets/kanban-definition-UN3LZRKU-DFRbj0IG.js +89 -0
- package/workframe-ui/public/assets/katex-Vhh-h91d.js +257 -0
- package/workframe-ui/public/assets/leo-C_3IOL11.png +0 -0
- package/workframe-ui/public/assets/line-Vd48P7-O.js +1 -0
- package/workframe-ui/public/assets/linear-Ckizh2G7.js +1 -0
- package/workframe-ui/public/assets/louis-DEEECFSX.png +0 -0
- package/workframe-ui/public/assets/ludwig-_hoKhhyK.png +0 -0
- package/workframe-ui/public/assets/marie-DET6MsfO.png +0 -0
- package/workframe-ui/public/assets/marilyn-DTqwt8Yh.png +0 -0
- package/workframe-ui/public/assets/mermaid-parser.core-Bkimsnqj.js +4 -0
- package/workframe-ui/public/assets/mermaid.core-x0TvVuPo.js +9 -0
- package/workframe-ui/public/assets/mindmap-definition-RKZ34NQL-6ykAFPEz.js +96 -0
- package/workframe-ui/public/assets/nikola-B4PtHrJv.png +0 -0
- package/workframe-ui/public/assets/nina-BYbrOn0d.png +0 -0
- package/workframe-ui/public/assets/ordinal-hYBb2elL.js +1 -0
- package/workframe-ui/public/assets/packet-YPE3B663-Dw3xgMDt.js +1 -0
- package/workframe-ui/public/assets/path-BWPyau1x.js +1 -0
- package/workframe-ui/public/assets/paul-CGURYQIn.png +0 -0
- package/workframe-ui/public/assets/pie-LRSECV5Y-DATysawG.js +1 -0
- package/workframe-ui/public/assets/pieDiagram-4H26LBE5-SJKD1S0S.js +30 -0
- package/workframe-ui/public/assets/project-logos/1.png +0 -0
- package/workframe-ui/public/assets/project-logos/10.png +0 -0
- package/workframe-ui/public/assets/project-logos/11.png +0 -0
- package/workframe-ui/public/assets/project-logos/12.png +0 -0
- package/workframe-ui/public/assets/project-logos/13.png +0 -0
- package/workframe-ui/public/assets/project-logos/14.png +0 -0
- package/workframe-ui/public/assets/project-logos/15.png +0 -0
- package/workframe-ui/public/assets/project-logos/16.png +0 -0
- package/workframe-ui/public/assets/project-logos/2.png +0 -0
- package/workframe-ui/public/assets/project-logos/3.png +0 -0
- package/workframe-ui/public/assets/project-logos/4.png +0 -0
- package/workframe-ui/public/assets/project-logos/5.png +0 -0
- package/workframe-ui/public/assets/project-logos/6.png +0 -0
- package/workframe-ui/public/assets/project-logos/7.png +0 -0
- package/workframe-ui/public/assets/project-logos/8.png +0 -0
- package/workframe-ui/public/assets/project-logos/9.png +0 -0
- package/workframe-ui/public/assets/project-logos/catalog.json +86 -0
- package/workframe-ui/public/assets/quadrantDiagram-W4KKPZXB-BrYDZX8q.js +7 -0
- package/workframe-ui/public/assets/radar-GUYGQ44K-BmWYPCds.js +1 -0
- package/workframe-ui/public/assets/requirementDiagram-4Y6WPE33-DwL9Mc8e.js +84 -0
- package/workframe-ui/public/assets/ringo-WhfUNOyY.png +0 -0
- package/workframe-ui/public/assets/rosie-CAtcIf87.png +0 -0
- package/workframe-ui/public/assets/rough.esm-CSKSodPl.js +1 -0
- package/workframe-ui/public/assets/sankeyDiagram-5OEKKPKP-DYIFsL8h.js +40 -0
- package/workframe-ui/public/assets/sequenceDiagram-3UESZ5HK-0-FPkFk8.js +162 -0
- package/workframe-ui/public/assets/src-B_od6b6h.js +1 -0
- package/workframe-ui/public/assets/stateDiagram-AJRCARHV-BQCiBk6u.js +1 -0
- package/workframe-ui/public/assets/stateDiagram-v2-BHNVJYJU-B89jAMFF.js +1 -0
- package/workframe-ui/public/assets/steve-CgXXJ9EZ.png +0 -0
- package/workframe-ui/public/assets/sun-BLNAhoZd.png +0 -0
- package/workframe-ui/public/assets/timeline-definition-PNZ67QCA-DS3tFcXj.js +120 -0
- package/workframe-ui/public/assets/treeView-BLDUP644-DSyUCKLY.js +1 -0
- package/workframe-ui/public/assets/treemap-LRROVOQU-CEZaNh5Y.js +1 -0
- package/workframe-ui/public/assets/vennDiagram-CIIHVFJN-CD-Vc9NF.js +34 -0
- package/workframe-ui/public/assets/wardley-L42UT6IY-Drq5w1Mc.js +1 -0
- package/workframe-ui/public/assets/wardleyDiagram-YWT4CUSO-DouXDJoF.js +78 -0
- package/workframe-ui/public/assets/warren-DIH7UKMY.png +0 -0
- package/workframe-ui/public/assets/woz-D2yleG-V.png +0 -0
- package/workframe-ui/public/assets/xychartDiagram-2RQKCTM6-DDf_Lol5.js +7 -0
- package/workframe-ui/public/assets/zaha-wersOEq9.png +0 -0
- package/workframe-ui/public/favicon.ico +0 -0
- package/workframe-ui/public/favicon.svg +7 -0
- package/workframe-ui/public/icons.svg +24 -0
- package/workframe-ui/public/index.html +50 -0
- package/workframe-ui/public/manifest.webmanifest +18 -0
- package/workframe-ui/public/workframe-config.json +4 -0
|
@@ -0,0 +1,72 @@
|
|
|
1
|
+
import unittest
|
|
2
|
+
from unittest.mock import patch
|
|
3
|
+
|
|
4
|
+
import server
|
|
5
|
+
|
|
6
|
+
|
|
7
|
+
class ProfileCreateTest(unittest.TestCase):
|
|
8
|
+
@patch.object(server, "_gateway_exec", return_value=(0, "created"))
|
|
9
|
+
@patch.object(server, "_patch_profile_gateway_run_script", return_value=(True, "ok"))
|
|
10
|
+
@patch.object(server, "_configure_profile_api", return_value=(True, "ok", 19001))
|
|
11
|
+
@patch.object(server, "_profile_dir")
|
|
12
|
+
def test_new_profile_uses_slug_not_route_validation(
|
|
13
|
+
self,
|
|
14
|
+
profile_dir,
|
|
15
|
+
configure_api,
|
|
16
|
+
patch_run,
|
|
17
|
+
gateway_exec,
|
|
18
|
+
) -> None:
|
|
19
|
+
profile_dir.return_value.exists.return_value = False
|
|
20
|
+
with patch.object(server, "resolve_validated_profile", return_value="workframe-agent") as resolve, patch.object(
|
|
21
|
+
server, "_ensure_workspace_agent_profile_row", return_value="agent-id"
|
|
22
|
+
), patch.object(server, "_upsert_agent_registry_row"), patch.object(
|
|
23
|
+
server, "_assign_agent_avatar", return_value={"avatar_id": "a1"}
|
|
24
|
+
), patch.object(server, "_strip_forbidden_child_skills", return_value=[]), patch.object(
|
|
25
|
+
server, "_install_child_base_artifacts", return_value=False
|
|
26
|
+
), patch.object(
|
|
27
|
+
server, "profile_gateway_lifecycle", return_value={"state": "running"}
|
|
28
|
+
):
|
|
29
|
+
result = server.profile_create("architect", description="Systems design")
|
|
30
|
+
resolve.assert_called()
|
|
31
|
+
self.assertEqual(result["profile"], "architect")
|
|
32
|
+
gateway_exec.assert_called_once()
|
|
33
|
+
prof, cmd = gateway_exec.call_args[0]
|
|
34
|
+
self.assertEqual(prof, server._primary_profile())
|
|
35
|
+
self.assertEqual(cmd[:3], ["profile", "create", "--clone-from"])
|
|
36
|
+
self.assertEqual(cmd[-1], "architect")
|
|
37
|
+
|
|
38
|
+
@patch.object(server, "_gateway_exec", return_value=(0, "created"))
|
|
39
|
+
@patch.object(server, "_patch_profile_gateway_run_script", return_value=(True, "ok"))
|
|
40
|
+
@patch.object(server, "_configure_profile_api", return_value=(True, "ok", 19001))
|
|
41
|
+
@patch.object(server, "_profile_dir")
|
|
42
|
+
@patch.object(server, "bootstrap_agent_dm_lane", return_value={"ok": True, "runtime": "u-user-architect"})
|
|
43
|
+
def test_new_profile_registers_route_before_bootstrap(
|
|
44
|
+
self,
|
|
45
|
+
bootstrap,
|
|
46
|
+
profile_dir,
|
|
47
|
+
configure_api,
|
|
48
|
+
patch_run,
|
|
49
|
+
gateway_exec,
|
|
50
|
+
) -> None:
|
|
51
|
+
profile_dir.return_value.exists.return_value = False
|
|
52
|
+
with patch.object(server, "resolve_validated_profile", return_value="workframe-agent"), patch.object(
|
|
53
|
+
server, "_register_profile_route", return_value=True
|
|
54
|
+
) as register, patch.object(
|
|
55
|
+
server, "_ensure_workspace_agent_profile_row", return_value="agent-id"
|
|
56
|
+
), patch.object(server, "_upsert_agent_registry_row"), patch.object(
|
|
57
|
+
server, "_assign_agent_avatar", return_value={"avatar_id": "a1"}
|
|
58
|
+
), patch.object(server, "_strip_forbidden_child_skills", return_value=[]), patch.object(
|
|
59
|
+
server, "_install_child_base_artifacts", return_value=False
|
|
60
|
+
), patch.object(server, "profile_gateway_lifecycle", return_value={"state": "running"}):
|
|
61
|
+
server.profile_create(
|
|
62
|
+
"elvis",
|
|
63
|
+
description="Custom agent",
|
|
64
|
+
user_id="user-1",
|
|
65
|
+
workspace_id="ws-1",
|
|
66
|
+
)
|
|
67
|
+
register.assert_called_once()
|
|
68
|
+
bootstrap.assert_called_once()
|
|
69
|
+
|
|
70
|
+
|
|
71
|
+
if __name__ == "__main__":
|
|
72
|
+
unittest.main()
|
|
@@ -0,0 +1,61 @@
|
|
|
1
|
+
"""User identity overlays concatenate onto base SOUL — never replace it."""
|
|
2
|
+
import tempfile
|
|
3
|
+
import unittest
|
|
4
|
+
from pathlib import Path
|
|
5
|
+
from unittest import mock
|
|
6
|
+
|
|
7
|
+
import server
|
|
8
|
+
|
|
9
|
+
|
|
10
|
+
class ProfileIdentityOverlayTests(unittest.TestCase):
|
|
11
|
+
def test_user_soul_concatenates_on_base(self) -> None:
|
|
12
|
+
with tempfile.TemporaryDirectory() as tmp:
|
|
13
|
+
root = Path(tmp)
|
|
14
|
+
prof_dir = root / "profiles" / "elvis"
|
|
15
|
+
prof_dir.mkdir(parents=True)
|
|
16
|
+
(prof_dir / "SOUL.md").write_text(
|
|
17
|
+
"# Elvis\n\nBase Workframe child agent.\n" + ("operate hermes. " * 20),
|
|
18
|
+
encoding="utf-8",
|
|
19
|
+
)
|
|
20
|
+
agents = root / "workframe" / "agents.json"
|
|
21
|
+
agents.parent.mkdir(parents=True)
|
|
22
|
+
agents.write_text(
|
|
23
|
+
'{"version":1,"agents":{"elvis":{"profile":"elvis","user_soul":"Always cite sources.","display_name":"Elvis","role":"Rock legend"}}}',
|
|
24
|
+
encoding="utf-8",
|
|
25
|
+
)
|
|
26
|
+
with mock.patch.object(server, "_profile_dir", side_effect=lambda p: root / "profiles" / p), mock.patch.object(
|
|
27
|
+
server, "AGENTS_JSON", agents
|
|
28
|
+
), mock.patch.object(server, "_is_runtime_profile_slug", return_value=False):
|
|
29
|
+
text = server._profile_soul_text("elvis")
|
|
30
|
+
self.assertIn("Base Workframe child agent", text)
|
|
31
|
+
self.assertIn("## User identity", text)
|
|
32
|
+
self.assertIn("**Name:** Elvis", text)
|
|
33
|
+
self.assertIn("## Additional instructions", text)
|
|
34
|
+
self.assertIn("Always cite sources.", text)
|
|
35
|
+
|
|
36
|
+
def test_profile_soul_set_stores_child_overlay(self) -> None:
|
|
37
|
+
with tempfile.TemporaryDirectory() as tmp:
|
|
38
|
+
root = Path(tmp)
|
|
39
|
+
prof_dir = root / "profiles" / "dev"
|
|
40
|
+
prof_dir.mkdir(parents=True)
|
|
41
|
+
(prof_dir / "SOUL.md").write_text("# Dev\n\n" + ("x" * 80), encoding="utf-8")
|
|
42
|
+
agents = root / "workframe" / "agents.json"
|
|
43
|
+
agents.parent.mkdir(parents=True)
|
|
44
|
+
agents.write_text('{"version":1,"agents":{}}', encoding="utf-8")
|
|
45
|
+
with mock.patch.object(server, "_profile_dir", side_effect=lambda p: root / "profiles" / p), mock.patch.object(
|
|
46
|
+
server, "AGENTS_JSON", agents
|
|
47
|
+
), mock.patch.object(server, "ROUTES_JSON", root / "workframe" / "routes.json"), mock.patch.object(
|
|
48
|
+
server, "load_routes",
|
|
49
|
+
return_value={"routes": [{"profile": "dev"}]},
|
|
50
|
+
), mock.patch.object(server, "profile_exists", return_value=True), mock.patch.object(
|
|
51
|
+
server, "_is_native_profile", return_value=False
|
|
52
|
+
), mock.patch.object(server, "_is_runtime_profile_slug", return_value=False):
|
|
53
|
+
out = server.profile_soul_set("dev", "Ship small diffs.")
|
|
54
|
+
self.assertEqual(out.get("target"), "user_soul_overlay")
|
|
55
|
+
data = agents.read_text(encoding="utf-8")
|
|
56
|
+
self.assertIn("Ship small diffs.", data)
|
|
57
|
+
self.assertIn("# Dev", (prof_dir / "SOUL.md").read_text(encoding="utf-8"))
|
|
58
|
+
|
|
59
|
+
|
|
60
|
+
if __name__ == "__main__":
|
|
61
|
+
unittest.main()
|
|
@@ -0,0 +1,45 @@
|
|
|
1
|
+
"""Install-time profile gateway health policy — cold u-* start must not flake finish-setup."""
|
|
2
|
+
import importlib.util
|
|
3
|
+
import inspect
|
|
4
|
+
import unittest
|
|
5
|
+
from pathlib import Path
|
|
6
|
+
|
|
7
|
+
ROOT = Path(__file__).resolve().parents[2]
|
|
8
|
+
API = ROOT / "workframe-api" / "server.py"
|
|
9
|
+
|
|
10
|
+
|
|
11
|
+
def _load_api():
|
|
12
|
+
spec = importlib.util.spec_from_file_location("workframe_api", API)
|
|
13
|
+
mod = importlib.util.module_from_spec(spec)
|
|
14
|
+
assert spec and spec.loader
|
|
15
|
+
spec.loader.exec_module(mod)
|
|
16
|
+
return mod
|
|
17
|
+
|
|
18
|
+
|
|
19
|
+
class ProfileInstallHealthPolicyTest(unittest.TestCase):
|
|
20
|
+
def test_wait_default_covers_cold_runtime_start(self) -> None:
|
|
21
|
+
api = _load_api()
|
|
22
|
+
sig = inspect.signature(api._wait_profile_api_healthy)
|
|
23
|
+
self.assertEqual(sig.parameters["attempts"].default, 60)
|
|
24
|
+
self.assertGreaterEqual(sig.parameters["delay"].default * 60, 30.0)
|
|
25
|
+
|
|
26
|
+
def test_profile_health_uses_gateway_dns_not_container_exec(self) -> None:
|
|
27
|
+
api = _load_api()
|
|
28
|
+
src = inspect.getsource(api._profile_api_healthy)
|
|
29
|
+
self.assertIn("http://gateway:", src)
|
|
30
|
+
self.assertNotIn("_gateway_container_exec", src)
|
|
31
|
+
|
|
32
|
+
def test_wait_does_not_short_circuit_primary_without_probe(self) -> None:
|
|
33
|
+
api = _load_api()
|
|
34
|
+
src = inspect.getsource(api._wait_profile_api_healthy)
|
|
35
|
+
self.assertNotIn("_primary_profile() or _profile_api_healthy", src)
|
|
36
|
+
|
|
37
|
+
def test_bootstrap_lane_retries_gateway_start(self) -> None:
|
|
38
|
+
api = _load_api()
|
|
39
|
+
src = inspect.getsource(api.bootstrap_agent_dm_lane)
|
|
40
|
+
self.assertIn("for attempt in range(3)", src)
|
|
41
|
+
self.assertIn("ensure_profile_api(runtime", src)
|
|
42
|
+
|
|
43
|
+
|
|
44
|
+
if __name__ == "__main__":
|
|
45
|
+
unittest.main()
|
|
@@ -0,0 +1,57 @@
|
|
|
1
|
+
import unittest
|
|
2
|
+
|
|
3
|
+
from profile_secret_policy import (
|
|
4
|
+
exec_blocked_for_profile,
|
|
5
|
+
is_secret_read_attempt,
|
|
6
|
+
touches_foreign_profile_secrets,
|
|
7
|
+
)
|
|
8
|
+
|
|
9
|
+
|
|
10
|
+
class ProfileSecretPolicyTests(unittest.TestCase):
|
|
11
|
+
def test_blocks_direct_secret_paths(self) -> None:
|
|
12
|
+
self.assertTrue(is_secret_read_attempt(["cat", "profiles/u-alice-dev/.env"]))
|
|
13
|
+
self.assertTrue(is_secret_read_attempt(["cat", "profiles/u-alice-dev/auth.json"]))
|
|
14
|
+
|
|
15
|
+
def test_blocks_wildcard_and_bypass_patterns(self) -> None:
|
|
16
|
+
self.assertTrue(is_secret_read_attempt("cat profiles/u-alice-dev/*"))
|
|
17
|
+
self.assertTrue(is_secret_read_attempt("cd profiles/u-x && cat .env"))
|
|
18
|
+
self.assertTrue(is_secret_read_attempt("cat profiles/u-x/.e''nv"))
|
|
19
|
+
self.assertTrue(is_secret_read_attempt("find profiles/u-x -exec cat {} +"))
|
|
20
|
+
self.assertTrue(is_secret_read_attempt("base64 profiles/u-x/.env"))
|
|
21
|
+
self.assertTrue(is_secret_read_attempt("tar -cf - profiles/u-x"))
|
|
22
|
+
|
|
23
|
+
def test_blocks_head_python_and_absolute_paths(self) -> None:
|
|
24
|
+
self.assertTrue(is_secret_read_attempt("cd /opt/data/profiles/u-bob && head .env"))
|
|
25
|
+
self.assertTrue(is_secret_read_attempt("cd profiles/u-x && python3 -c \"print(open('.env').read())\""))
|
|
26
|
+
self.assertTrue(is_secret_read_attempt("grep wf_rt_ /opt/data/profiles/u-bob/.env"))
|
|
27
|
+
|
|
28
|
+
def test_foreign_profile_touch_blocked_for_actor(self) -> None:
|
|
29
|
+
self.assertTrue(
|
|
30
|
+
touches_foreign_profile_secrets("cd profiles/u-bob && head .env", "u-alice-dev"),
|
|
31
|
+
)
|
|
32
|
+
self.assertFalse(
|
|
33
|
+
touches_foreign_profile_secrets("hermes -p u-alice-dev gateway status", "u-alice-dev"),
|
|
34
|
+
)
|
|
35
|
+
|
|
36
|
+
def test_exec_blocked_for_profile_combines_checks(self) -> None:
|
|
37
|
+
self.assertTrue(exec_blocked_for_profile("cd profiles/u-bob && head .env", "u-alice-dev"))
|
|
38
|
+
self.assertFalse(exec_blocked_for_profile(["hermes", "-p", "workframe-agent", "gateway", "status"], "workframe-agent"))
|
|
39
|
+
|
|
40
|
+
def test_allows_legitimate_gateway_commands(self) -> None:
|
|
41
|
+
self.assertFalse(is_secret_read_attempt(["hermes", "-p", "dev", "gateway", "run"]))
|
|
42
|
+
self.assertFalse(is_secret_read_attempt(["hermes", "-p", "workframe-agent", "gateway", "status"]))
|
|
43
|
+
|
|
44
|
+
def test_blocks_shell_variable_indirection(self) -> None:
|
|
45
|
+
self.assertTrue(is_secret_read_attempt("P=/opt/data/profiles/u-bob; cat $P/.env"))
|
|
46
|
+
self.assertTrue(is_secret_read_attempt("P=/opt/data/profiles/u-bob; dd if=$P/.env"))
|
|
47
|
+
self.assertTrue(exec_blocked_for_profile("P=/opt/data/profiles/u-bob; cat $P/.env", "u-alice-dev"))
|
|
48
|
+
|
|
49
|
+
def test_known_concat_ceiling_documented(self) -> None:
|
|
50
|
+
# ponytail: documented ceiling — regex cannot see through python string concat.
|
|
51
|
+
self.assertFalse(
|
|
52
|
+
is_secret_read_attempt("python3 -c \"p='/opt/data/pro'+'files/u-bob/.env';print(open(p).read())\"")
|
|
53
|
+
)
|
|
54
|
+
|
|
55
|
+
|
|
56
|
+
if __name__ == "__main__":
|
|
57
|
+
unittest.main()
|
|
@@ -0,0 +1,34 @@
|
|
|
1
|
+
"""Profile terminal.cwd and workspace identity file helpers."""
|
|
2
|
+
from __future__ import annotations
|
|
3
|
+
|
|
4
|
+
import tempfile
|
|
5
|
+
import unittest
|
|
6
|
+
from pathlib import Path
|
|
7
|
+
from unittest import mock
|
|
8
|
+
|
|
9
|
+
import server
|
|
10
|
+
|
|
11
|
+
|
|
12
|
+
class ProfileWorkspaceCwdTests(unittest.TestCase):
|
|
13
|
+
def test_ensure_profile_terminal_cwd_patches_config(self) -> None:
|
|
14
|
+
with tempfile.TemporaryDirectory() as tmp:
|
|
15
|
+
prof_dir = Path(tmp) / "profiles" / "u-user-dev"
|
|
16
|
+
prof_dir.mkdir(parents=True)
|
|
17
|
+
cfg = prof_dir / "config.yaml"
|
|
18
|
+
cfg.write_text("terminal:\n backend: local\n cwd: .\n", encoding="utf-8")
|
|
19
|
+
with mock.patch.object(server, "_profile_gateway_config_path", return_value=cfg):
|
|
20
|
+
server._ensure_profile_terminal_cwd("u-user-dev")
|
|
21
|
+
self.assertIn("cwd: /workspace", cfg.read_text(encoding="utf-8"))
|
|
22
|
+
|
|
23
|
+
def test_copy_text_without_bom_strips_bom(self) -> None:
|
|
24
|
+
with tempfile.TemporaryDirectory() as tmp:
|
|
25
|
+
root = Path(tmp)
|
|
26
|
+
src = root / "AGENTS.md"
|
|
27
|
+
dst = root / "out.md"
|
|
28
|
+
src.write_bytes(b"\xef\xbb\xbf# hello\n")
|
|
29
|
+
server._copy_text_without_bom(src, dst)
|
|
30
|
+
self.assertEqual(dst.read_bytes(), b"# hello\n")
|
|
31
|
+
|
|
32
|
+
|
|
33
|
+
if __name__ == "__main__":
|
|
34
|
+
unittest.main()
|
|
@@ -0,0 +1,75 @@
|
|
|
1
|
+
import importlib.util
|
|
2
|
+
import json
|
|
3
|
+
import tempfile
|
|
4
|
+
import unittest
|
|
5
|
+
from pathlib import Path
|
|
6
|
+
from unittest.mock import patch
|
|
7
|
+
|
|
8
|
+
API = Path(__file__).resolve().parents[1] / "server.py"
|
|
9
|
+
spec = importlib.util.spec_from_file_location("server", API)
|
|
10
|
+
server = importlib.util.module_from_spec(spec)
|
|
11
|
+
assert spec and spec.loader
|
|
12
|
+
spec.loader.exec_module(server)
|
|
13
|
+
|
|
14
|
+
|
|
15
|
+
class ProviderBootstrapTest(unittest.TestCase):
|
|
16
|
+
def test_seeds_specialist_auth_from_user_env_only(self) -> None:
|
|
17
|
+
with tempfile.TemporaryDirectory() as tmp:
|
|
18
|
+
root = Path(tmp)
|
|
19
|
+
user_home = root / "profiles" / "user-new"
|
|
20
|
+
architect = root / "profiles" / "architect"
|
|
21
|
+
user_home.mkdir(parents=True)
|
|
22
|
+
architect.mkdir(parents=True)
|
|
23
|
+
(architect / "config.yaml").write_text(
|
|
24
|
+
"model:\n default: openrouter/owl-alpha\n provider: openrouter\n",
|
|
25
|
+
encoding="utf-8",
|
|
26
|
+
)
|
|
27
|
+
(architect / "auth.json").write_text(
|
|
28
|
+
json.dumps({"version": 1, "credential_pool": {"openrouter": []}}),
|
|
29
|
+
encoding="utf-8",
|
|
30
|
+
)
|
|
31
|
+
(user_home / ".env").write_text("OPENROUTER_API_KEY=sk-test-user\n", encoding="utf-8")
|
|
32
|
+
with patch.object(server, "HERMES_DATA", root), patch.object(
|
|
33
|
+
server, "NATIVE_PROFILE", "workframe-agent"
|
|
34
|
+
), patch.object(server, "_primary_profile", return_value="workframe-agent"), patch.object(
|
|
35
|
+
server, "resolve_hermes_profile", side_effect=lambda p: p
|
|
36
|
+
), patch.object(server, "resolve_validated_profile", side_effect=lambda p: p):
|
|
37
|
+
server._bootstrap_profile_providers("architect", "user-new", "ws-1")
|
|
38
|
+
auth = json.loads((architect / "auth.json").read_text(encoding="utf-8"))
|
|
39
|
+
entries = auth["credential_pool"]["openrouter"]
|
|
40
|
+
self.assertEqual(len(entries), 1)
|
|
41
|
+
self.assertEqual(entries[0]["source"], "env:OPENROUTER_API_KEY")
|
|
42
|
+
env = (architect / ".env").read_text(encoding="utf-8")
|
|
43
|
+
self.assertIn("OPENROUTER_API_KEY=sk-test-user", env)
|
|
44
|
+
|
|
45
|
+
def test_does_not_seed_without_user_credentials(self) -> None:
|
|
46
|
+
with tempfile.TemporaryDirectory() as tmp:
|
|
47
|
+
root = Path(tmp)
|
|
48
|
+
primary = root / "profiles" / "workframe-agent"
|
|
49
|
+
architect = root / "profiles" / "architect"
|
|
50
|
+
primary.mkdir(parents=True)
|
|
51
|
+
architect.mkdir(parents=True)
|
|
52
|
+
(primary / ".env").write_text("OPENROUTER_API_KEY=sk-stack\n", encoding="utf-8")
|
|
53
|
+
(architect / "config.yaml").write_text(
|
|
54
|
+
"model:\n default: openrouter/owl-alpha\n provider: openrouter\n",
|
|
55
|
+
encoding="utf-8",
|
|
56
|
+
)
|
|
57
|
+
(architect / "auth.json").write_text(
|
|
58
|
+
json.dumps({"version": 1, "credential_pool": {"openrouter": []}}),
|
|
59
|
+
encoding="utf-8",
|
|
60
|
+
)
|
|
61
|
+
(architect / ".env").write_text("OPENROUTER_API_KEY=sk-stack\n", encoding="utf-8")
|
|
62
|
+
with patch.object(server, "HERMES_DATA", root), patch.object(
|
|
63
|
+
server, "NATIVE_PROFILE", "workframe-agent"
|
|
64
|
+
), patch.object(server, "_primary_profile", return_value="workframe-agent"), patch.object(
|
|
65
|
+
server, "resolve_hermes_profile", side_effect=lambda p: p
|
|
66
|
+
), patch.object(server, "resolve_validated_profile", side_effect=lambda p: p):
|
|
67
|
+
changed = server._bootstrap_profile_providers("architect", "user-no-keys", "ws-1")
|
|
68
|
+
self.assertTrue(changed)
|
|
69
|
+
auth = json.loads((architect / "auth.json").read_text(encoding="utf-8"))
|
|
70
|
+
self.assertEqual(auth["credential_pool"]["openrouter"], [])
|
|
71
|
+
self.assertNotIn("OPENROUTER_API_KEY", (architect / ".env").read_text(encoding="utf-8"))
|
|
72
|
+
|
|
73
|
+
|
|
74
|
+
if __name__ == "__main__":
|
|
75
|
+
unittest.main()
|
|
@@ -0,0 +1,54 @@
|
|
|
1
|
+
from __future__ import annotations
|
|
2
|
+
|
|
3
|
+
import importlib.util
|
|
4
|
+
import tempfile
|
|
5
|
+
from pathlib import Path
|
|
6
|
+
|
|
7
|
+
import pytest
|
|
8
|
+
|
|
9
|
+
SERVER_PATH = Path(__file__).resolve().parents[1] / "server.py"
|
|
10
|
+
spec = importlib.util.spec_from_file_location("workframe_server", SERVER_PATH)
|
|
11
|
+
server = importlib.util.module_from_spec(spec)
|
|
12
|
+
assert spec.loader is not None
|
|
13
|
+
spec.loader.exec_module(server)
|
|
14
|
+
|
|
15
|
+
|
|
16
|
+
@pytest.fixture()
|
|
17
|
+
def user_env(tmp_path: Path, monkeypatch: pytest.MonkeyPatch) -> str:
|
|
18
|
+
monkeypatch.setattr(server, "HERMES_DATA", tmp_path)
|
|
19
|
+
user_id = "user-test-1"
|
|
20
|
+
return user_id
|
|
21
|
+
|
|
22
|
+
|
|
23
|
+
def test_read_env_keys_ignores_empty_values(user_env: str) -> None:
|
|
24
|
+
env_path = server._user_hermes_env_path(user_env)
|
|
25
|
+
env_path.parent.mkdir(parents=True, exist_ok=True)
|
|
26
|
+
env_path.write_text("OPENROUTER_API_KEY=sk-test\nEMPTY_KEY=\n# comment\n", encoding="utf-8")
|
|
27
|
+
|
|
28
|
+
keys = server._read_env_keys(env_path)
|
|
29
|
+
|
|
30
|
+
assert keys == {"OPENROUTER_API_KEY"}
|
|
31
|
+
|
|
32
|
+
|
|
33
|
+
def test_list_user_providers_marks_connected_from_env(user_env: str) -> None:
|
|
34
|
+
env_path = server._user_hermes_env_path(user_env)
|
|
35
|
+
env_path.parent.mkdir(parents=True, exist_ok=True)
|
|
36
|
+
env_path.write_text("OPENROUTER_API_KEY=sk-test\n", encoding="utf-8")
|
|
37
|
+
|
|
38
|
+
payload = server.list_user_providers(user_env)
|
|
39
|
+
openrouter = next(row for row in payload["providers"] if row["id"] == "openrouter")
|
|
40
|
+
|
|
41
|
+
assert openrouter["connected"] is True
|
|
42
|
+
assert openrouter["env_var"] == "OPENROUTER_API_KEY"
|
|
43
|
+
|
|
44
|
+
|
|
45
|
+
def test_disconnect_user_provider_removes_env_secret(user_env: str) -> None:
|
|
46
|
+
env_path = server._user_hermes_env_path(user_env)
|
|
47
|
+
env_path.parent.mkdir(parents=True, exist_ok=True)
|
|
48
|
+
env_path.write_text("DISCORD_BOT_TOKEN=abc\nOTHER=1\n", encoding="utf-8")
|
|
49
|
+
|
|
50
|
+
result = server.disconnect_user_provider(user_env, "discord")
|
|
51
|
+
|
|
52
|
+
assert result["ok"] is True
|
|
53
|
+
assert "DISCORD_BOT_TOKEN" not in server._read_env_keys(env_path)
|
|
54
|
+
assert "OTHER" in server._read_env_keys(env_path)
|
|
@@ -0,0 +1,192 @@
|
|
|
1
|
+
import tempfile
|
|
2
|
+
import unittest
|
|
3
|
+
from pathlib import Path
|
|
4
|
+
|
|
5
|
+
import server
|
|
6
|
+
from db_setup import ensure_workframe_schemas
|
|
7
|
+
|
|
8
|
+
|
|
9
|
+
class RoomCrudTests(unittest.TestCase):
|
|
10
|
+
def setUp(self) -> None:
|
|
11
|
+
self._tmp = tempfile.TemporaryDirectory()
|
|
12
|
+
self.addCleanup(self._tmp.cleanup)
|
|
13
|
+
self._old_data_dir = server.DATA_DIR
|
|
14
|
+
self._old_auth_db_path = server.AUTH_DB_PATH
|
|
15
|
+
server.DATA_DIR = Path(self._tmp.name)
|
|
16
|
+
server.AUTH_DB_PATH = Path(self._tmp.name) / "auth.db"
|
|
17
|
+
ensure_workframe_schemas()
|
|
18
|
+
self.workspace_id = "workspace-a"
|
|
19
|
+
self.user_id = "user-a"
|
|
20
|
+
self.agent_profile_id = "agent-a"
|
|
21
|
+
|
|
22
|
+
conn = server._workframe_db()
|
|
23
|
+
try:
|
|
24
|
+
now = "1"
|
|
25
|
+
conn.execute(
|
|
26
|
+
"""
|
|
27
|
+
INSERT INTO users (id, display_name, role, status, created_at, updated_at)
|
|
28
|
+
VALUES (?, ?, ?, ?, ?, ?)
|
|
29
|
+
""",
|
|
30
|
+
(self.user_id, "User A", "member", "active", now, now),
|
|
31
|
+
)
|
|
32
|
+
conn.execute(
|
|
33
|
+
"""
|
|
34
|
+
INSERT INTO workspaces (id, slug, display_name, owner_id, status, created_at, updated_at)
|
|
35
|
+
VALUES (?, ?, ?, ?, ?, ?, ?)
|
|
36
|
+
""",
|
|
37
|
+
(self.workspace_id, "workspace-a", "Workspace A", self.user_id, "active", now, now),
|
|
38
|
+
)
|
|
39
|
+
conn.execute(
|
|
40
|
+
"""
|
|
41
|
+
INSERT INTO agent_profiles (
|
|
42
|
+
id, workspace_id, slug, display_name, status, created_at, updated_at
|
|
43
|
+
) VALUES (?, ?, ?, ?, ?, ?, ?)
|
|
44
|
+
""",
|
|
45
|
+
(self.agent_profile_id, self.workspace_id, "agent-a", "Agent A", "available", now, now),
|
|
46
|
+
)
|
|
47
|
+
conn.commit()
|
|
48
|
+
finally:
|
|
49
|
+
conn.close()
|
|
50
|
+
|
|
51
|
+
def tearDown(self) -> None:
|
|
52
|
+
server.DATA_DIR = self._old_data_dir
|
|
53
|
+
server.AUTH_DB_PATH = self._old_auth_db_path
|
|
54
|
+
|
|
55
|
+
def test_create_lists_and_gets_room(self) -> None:
|
|
56
|
+
status, payload = server._create_room(
|
|
57
|
+
self.workspace_id,
|
|
58
|
+
{
|
|
59
|
+
"name": "General Chat",
|
|
60
|
+
"slug": "general",
|
|
61
|
+
"topic": "Default channel",
|
|
62
|
+
"room_type": "channel",
|
|
63
|
+
"platform_ids": {"discord": "channel-1"},
|
|
64
|
+
},
|
|
65
|
+
self.user_id,
|
|
66
|
+
)
|
|
67
|
+
|
|
68
|
+
self.assertEqual(status, 201)
|
|
69
|
+
room = payload["room"]
|
|
70
|
+
self.assertEqual(room["workspace_id"], self.workspace_id)
|
|
71
|
+
self.assertEqual(room["name"], "General Chat")
|
|
72
|
+
self.assertEqual(room["slug"], "general")
|
|
73
|
+
self.assertEqual(room["topic"], "Default channel")
|
|
74
|
+
self.assertEqual(room["room_type"], "channel")
|
|
75
|
+
self.assertEqual(room["platform_ids"], {"discord": "channel-1"})
|
|
76
|
+
self.assertEqual(room["created_by"], self.user_id)
|
|
77
|
+
|
|
78
|
+
conn = server._workframe_db()
|
|
79
|
+
try:
|
|
80
|
+
self.assertTrue(server._user_can_access_room(conn, room["id"], self.user_id))
|
|
81
|
+
finally:
|
|
82
|
+
conn.close()
|
|
83
|
+
|
|
84
|
+
status, payload = server._list_rooms(self.workspace_id)
|
|
85
|
+
self.assertEqual(status, 200)
|
|
86
|
+
self.assertEqual(payload["workspace_id"], self.workspace_id)
|
|
87
|
+
self.assertEqual([room["id"] for room in payload["rooms"]], [room["id"]])
|
|
88
|
+
|
|
89
|
+
status, payload = server._get_room(room["id"])
|
|
90
|
+
self.assertEqual(status, 200)
|
|
91
|
+
self.assertEqual(payload["room"]["id"], room["id"])
|
|
92
|
+
self.assertEqual(payload["room"]["slug"], "general")
|
|
93
|
+
|
|
94
|
+
def test_create_rejects_invalid_inputs(self) -> None:
|
|
95
|
+
cases = [
|
|
96
|
+
(400, {}, "name required"),
|
|
97
|
+
(400, {"name": "Bad Type", "room_type": "bad"}, "invalid_room_type"),
|
|
98
|
+
(400, {"name": "Bad Agent", "agent_profile_id": "missing-agent"}, "agent_profile_not_found"),
|
|
99
|
+
(404, {"name": "Missing Workspace"}, "workspace_not_found"),
|
|
100
|
+
]
|
|
101
|
+
for expected_status, body, expected_error in cases:
|
|
102
|
+
wid = self.workspace_id if expected_error != "workspace_not_found" else "missing-workspace"
|
|
103
|
+
status, payload = server._create_room(wid, body, self.user_id)
|
|
104
|
+
self.assertEqual(status, expected_status)
|
|
105
|
+
self.assertEqual(payload["error"], expected_error)
|
|
106
|
+
|
|
107
|
+
def test_slug_normalization_and_collision_handling(self) -> None:
|
|
108
|
+
status, payload = server._create_room(
|
|
109
|
+
self.workspace_id,
|
|
110
|
+
{"name": "General Chat!", "slug": "General Chat!"},
|
|
111
|
+
self.user_id,
|
|
112
|
+
)
|
|
113
|
+
self.assertEqual(status, 201)
|
|
114
|
+
self.assertEqual(payload["room"]["slug"], "general-chat")
|
|
115
|
+
|
|
116
|
+
status, payload = server._create_room(
|
|
117
|
+
self.workspace_id,
|
|
118
|
+
{"name": "General Chat Copy", "slug": "General Chat!"},
|
|
119
|
+
self.user_id,
|
|
120
|
+
)
|
|
121
|
+
self.assertEqual(status, 201)
|
|
122
|
+
self.assertEqual(payload["room"]["slug"], "general-chat-1")
|
|
123
|
+
|
|
124
|
+
def test_patch_room_updates_name_and_topic(self) -> None:
|
|
125
|
+
status, payload = server._create_room(
|
|
126
|
+
self.workspace_id,
|
|
127
|
+
{"name": "General Chat", "slug": "general", "topic": "Old topic", "room_type": "channel"},
|
|
128
|
+
self.user_id,
|
|
129
|
+
)
|
|
130
|
+
self.assertEqual(status, 201)
|
|
131
|
+
room_id = payload["room"]["id"]
|
|
132
|
+
|
|
133
|
+
conn = server._workframe_db()
|
|
134
|
+
try:
|
|
135
|
+
conn.execute(
|
|
136
|
+
"""
|
|
137
|
+
INSERT INTO workspace_memberships (id, workspace_id, user_id, role, status, created_at, updated_at)
|
|
138
|
+
VALUES (?, ?, ?, ?, ?, ?, ?)
|
|
139
|
+
""",
|
|
140
|
+
("wm-a", self.workspace_id, self.user_id, "owner", "active", "1", "1"),
|
|
141
|
+
)
|
|
142
|
+
conn.execute(
|
|
143
|
+
"""
|
|
144
|
+
INSERT INTO room_memberships (id, room_id, user_id, role, status, joined_at, updated_at)
|
|
145
|
+
VALUES (?, ?, ?, ?, ?, ?, ?)
|
|
146
|
+
""",
|
|
147
|
+
("rm-a", room_id, self.user_id, "admin", "active", "1", "1"),
|
|
148
|
+
)
|
|
149
|
+
conn.commit()
|
|
150
|
+
finally:
|
|
151
|
+
conn.close()
|
|
152
|
+
|
|
153
|
+
status, payload = server._patch_room(
|
|
154
|
+
room_id,
|
|
155
|
+
{"name": "Renamed Space", "topic": "New topic"},
|
|
156
|
+
self.user_id,
|
|
157
|
+
)
|
|
158
|
+
self.assertEqual(status, 200)
|
|
159
|
+
self.assertEqual(payload["room"]["name"], "Renamed Space")
|
|
160
|
+
self.assertEqual(payload["room"]["topic"], "New topic")
|
|
161
|
+
|
|
162
|
+
def test_create_room_accepts_hermes_slug_and_returns_hermes_profile(self) -> None:
|
|
163
|
+
status, payload = server._create_room(
|
|
164
|
+
self.workspace_id,
|
|
165
|
+
{
|
|
166
|
+
"name": "Agent DM",
|
|
167
|
+
"slug": "dm-user-agent",
|
|
168
|
+
"room_type": "direct",
|
|
169
|
+
"agent_profile_id": "agent-a",
|
|
170
|
+
"member_user_ids": [self.user_id],
|
|
171
|
+
},
|
|
172
|
+
self.user_id,
|
|
173
|
+
)
|
|
174
|
+
self.assertEqual(status, 201)
|
|
175
|
+
self.assertEqual(payload["room"]["agent_profile_id"], self.agent_profile_id)
|
|
176
|
+
self.assertEqual(payload["room"]["hermes_profile"], "agent-a")
|
|
177
|
+
|
|
178
|
+
def test_hermes_slug_from_agent_ref_maps_workspace_uuid(self) -> None:
|
|
179
|
+
conn = server._workframe_db()
|
|
180
|
+
try:
|
|
181
|
+
row = conn.execute(
|
|
182
|
+
"SELECT id FROM agent_profiles WHERE workspace_id = ? AND slug = ?",
|
|
183
|
+
(self.workspace_id, "agent-a"),
|
|
184
|
+
).fetchone()
|
|
185
|
+
finally:
|
|
186
|
+
conn.close()
|
|
187
|
+
self.assertIsNotNone(row)
|
|
188
|
+
self.assertEqual(server._hermes_slug_from_agent_ref(str(row["id"])), "agent-a")
|
|
189
|
+
|
|
190
|
+
|
|
191
|
+
if __name__ == "__main__":
|
|
192
|
+
unittest.main()
|