feishu-user-plugin 1.3.11 → 1.3.13

package/src/test-populate-sender-names.js

@@ -0,0 +1,98 @@
+// src/test-populate-sender-names.js — verify _populateSenderNames now reads
+// Promise.allSettled results instead of discarding them.
+//
+// Pre-v1.3.12 bug: base.js used `await Promise.allSettled([...]map(getUserById))`
+// without reading result.status — every failed contact lookup vanished into
+// the void. We track failedIds and log a single stderr line per call so
+// long-running diagnosis can grep for "[populate_sender_names]".
+
+'use strict';
+
+const assert = require('node:assert/strict');
+const { LarkOfficialClient } = require('./clients/official');
+
+function captureStderr(fn) {
+  const original = console.error;
+  const lines = [];
+  console.error = (...args) => lines.push(args.join(' '));
+  return Promise.resolve(fn()).finally(() => { console.error = original; });
+}
+
+async function run() {
+  const c = new LarkOfficialClient('cli_test', 'fake_secret');
+
+  // Stub network probes — _resolveSelfTenantKey hits Feishu via fetchWithTimeout,
+  // we don't want that in a unit test.
+  c._resolveSelfTenantKey = async () => 'tenant_self';
+  c._selfTenantKey = 'tenant_self';
+
+  // --- Case 1: all lookups succeed → no stderr complaint ---
+  c.getUserById = async (id) => {
+    c._userNameCache.set(id, `user_${id.slice(-2)}`);
+  };
+  c.getAppName = async () => null;
+
+  let stderrLines;
+  stderrLines = [];
+  await captureStderr(async () => {
+    const items = [
+      { senderId: 'ou_aa', senderType: 'user' },
+      { senderId: 'ou_bb', senderType: 'user' },
+    ];
+    await c._populateSenderNames(items, null);
+    assert.equal(items[0].senderName, 'user_aa');
+    assert.equal(items[1].senderName, 'user_bb');
+  }).then(() => null).catch(e => stderrLines.push(`THREW ${e.message}`));
+
+  // --- Case 2: one lookup throws → failedIds logged once ---
+  c._userNameCache.clear();
+  c.getUserById = async (id) => {
+    if (id === 'ou_bad') throw new Error('contact api 70009');
+    c._userNameCache.set(id, `user_${id.slice(-2)}`);
+  };
+  const captured = [];
+  const originalErr = console.error;
+  console.error = (...args) => captured.push(args.join(' '));
+  try {
+    const items = [
+      { senderId: 'ou_aa', senderType: 'user' },
+      { senderId: 'ou_bad', senderType: 'user' },
+    ];
+    await c._populateSenderNames(items, null);
+    assert.equal(items[0].senderName, 'user_aa');
+    assert.equal(items[1].senderName, null, 'failed lookup leaves senderName null');
+    assert.equal(items[1].displayLabel, '(ou_bad)', 'displayLabel uses raw id fallback');
+  } finally {
+    console.error = originalErr;
+  }
+  const failedLog = captured.find(l => l.includes('[feishu-user-plugin]') && l.includes('sender name lookup'));
+  assert.ok(failedLog, 'should log a failed-lookup line to stderr');
+  assert.ok(failedLog.includes('ou_bad'), 'failed log should name the failing open_id');
+
+  // --- Case 3: app name lookup fails → logged with kind=app ---
+  c._appNameCache.clear();
+  c.getUserById = async (id) => { c._userNameCache.set(id, `u_${id.slice(-2)}`); };
+  c.getAppName = async (id) => {
+    if (id === 'cli_bad') throw new Error('99991672');
+    return null;
+  };
+  const appCaptured = [];
+  console.error = (...args) => appCaptured.push(args.join(' '));
+  try {
+    const items = [
+      { senderId: 'cli_bad', senderType: 'app' },
+    ];
+    await c._populateSenderNames(items, null);
+    assert.equal(items[0].displayLabel, '[Bot] (cli_bad)');
+  } finally {
+    console.error = originalErr;
+  }
+  const appLog = appCaptured.find(l => l.includes('app name lookup') || (l.includes('sender name lookup') && l.includes('cli_bad')));
+  assert.ok(appLog, 'should log a failed app name lookup');
+  assert.ok(appLog.includes('cli_bad'));
+
+  console.log('populate-sender-names.js: PASS');
+}
+
+if (require.main === module) run().catch(e => { console.error(e); process.exit(1); });
+module.exports = { run };

package/src/test-search-messages.js

@@ -0,0 +1,101 @@
+// src/test-search-messages.js — fixture test for v1.3.12 search_messages.
+//
+// search_messages wraps POST /open-apis/search/v2/message (UAT-only).
+// Live calls require the `search:message` scope; this test mocks
+// _uatREST directly to verify request shape + response handling +
+// error classification without a real Feishu round-trip.
+
+'use strict';
+
+const assert = require('node:assert/strict');
+const { LarkOfficialClient } = require('./clients/official');
+
+async function run() {
+  const c = new LarkOfficialClient('cli_test', 'fake_secret');
+  // Make hasUAT truthy so the early-throw doesn't fire.
+  c._uat = 'fake_uat';
+  c._uatRefresh = 'fake_refresh';
+  c._uatExpires = Math.floor(Date.now() / 1000) + 3600;
+
+  // --- 1. happy path: returns items + pageToken + hasMore ---
+  c._uatREST = async (method, path, opts) => {
+    assert.equal(method, 'POST');
+    assert.equal(path, '/open-apis/search/v2/message');
+    assert.equal(opts.body.query, 'hello');
+    return {
+      code: 0,
+      data: {
+        items: [
+          { message_id: 'om_a', chat_id: 'oc_x' },
+          { message_id: 'om_b', chat_id: 'oc_y' },
+        ],
+        page_token: 'next_xyz',
+        has_more: true,
+      },
+    };
+  };
+  let result = await c.searchMessages({ query: 'hello', pageSize: 10 });
+  assert.equal(result.items.length, 2);
+  assert.equal(result.pageToken, 'next_xyz');
+  assert.equal(result.hasMore, true);
+
+  // --- 2. filter knobs propagate into body ---
+  let captured;
+  c._uatREST = async (method, path, opts) => {
+    captured = opts.body;
+    return { code: 0, data: { items: [], page_token: null, has_more: false } };
+  };
+  await c.searchMessages({
+    query: 'q',
+    chatIds: ['oc_a', 'oc_b'],
+    fromIds: ['ou_x'],
+    atUserIds: ['ou_at'],
+    messageTypes: ['text', 'post'],
+    fromTypes: ['user'],
+  });
+  assert.deepEqual(captured.chat_ids, ['oc_a', 'oc_b']);
+  assert.deepEqual(captured.from_ids, ['ou_x']);
+  assert.deepEqual(captured.at_chatter_ids, ['ou_at']);
+  assert.deepEqual(captured.message_type_list, ['text', 'post']);
+  assert.deepEqual(captured.from_types, ['user']);
+
+  // --- 3. 99991679 → throws with scope guidance ---
+  c._uatREST = async () => ({ code: 99991679, msg: 'Unauthorized. required: search:message' });
+  let threw;
+  try { await c.searchMessages({ query: 'x' }); }
+  catch (e) { threw = e; }
+  assert.ok(threw);
+  assert.ok(threw.message.includes('search:message'));
+  assert.ok(threw.message.includes('npx feishu-user-plugin oauth'));
+
+  // --- 4. other non-zero code → wrapped throw ---
+  c._uatREST = async () => ({ code: 42101, msg: 'rate limited' });
+  threw = undefined;
+  try { await c.searchMessages({ query: 'x' }); }
+  catch (e) { threw = e; }
+  assert.ok(threw);
+  assert.ok(threw.message.includes('42101'));
+
+  // --- 5. missing query → input error before any API call ---
+  c._uatREST = async () => { throw new Error('should not be called'); };
+  threw = undefined;
+  try { await c.searchMessages({}); }
+  catch (e) { threw = e; }
+  assert.ok(threw);
+  assert.ok(threw.message.includes('query'));
+
+  // --- 6. no UAT → throws with oauth pointer ---
+  const c2 = new LarkOfficialClient('cli_test', 'fake_secret');
+  // hasUAT will be false (no _uat).
+  threw = undefined;
+  try { await c2.searchMessages({ query: 'x' }); }
+  catch (e) { threw = e; }
+  assert.ok(threw);
+  assert.ok(threw.message.includes('UAT'));
+  assert.ok(threw.message.includes('npx feishu-user-plugin oauth'));
+
+  console.log('search-messages.js: PASS');
+}
+
+if (require.main === module) run().catch(e => { console.error(e); process.exit(1); });
+module.exports = { run };

package/src/test-send-shape.js

@@ -0,0 +1,115 @@
+// src/test-send-shape.js — verify all 8 send_*_as_user tool handlers
+// return the v1.3.12 unified shape: {ok, viaUser, fallbackWarning?, messageId?}
+//
+// Pre-v1.3.12 the user-identity send tools returned plain text
+// ("Text sent as user to oc_xxx"); send_card_as_user already returned
+// a bot-path messageId text. The new shape is JSON inside an MCP text
+// content block so the LLM can read ok / viaUser / messageId structurally
+// without regex.
+
+'use strict';
+
+const assert = require('node:assert/strict');
+const { handlers: msgHandlers } = require('./tools/messaging-user');
+
+// Parse a tool MCP response { content: [{type:'text', text: '...'}] } where
+// the text is JSON. Returns the parsed object, or null if the text isn't JSON
+// (e.g. disambiguation message from send_to_user with multiple matches).
+function parseJsonResponse(resp) {
+  const t = resp?.content?.[0]?.text;
+  if (typeof t !== 'string') return null;
+  try { return JSON.parse(t); } catch (_) { return null; }
+}
+
+// Stub MCP ctx with controllable per-call behavior.
+function fakeCtx({ sendImpl, botSendImpl } = {}) {
+  const userClient = {
+    sendMessage: async (chat, text /* , opts */) => sendImpl({ chat, text, kind: 'text' }),
+    sendImage:   async (chat, key /* , opts */) => sendImpl({ chat, key, kind: 'image' }),
+    sendFile:    async (chat, key, name /* , opts */) => sendImpl({ chat, key, name, kind: 'file' }),
+    sendPost:    async (chat, title, paragraphs /* , opts */) => sendImpl({ chat, title, paragraphs, kind: 'post' }),
+    search: async () => [], // tests below avoid send_to_user / send_to_group multi-match
+    createChat: async () => 'oc_fake',
+  };
+  return {
+    getUserClient: async () => userClient,
+    getOfficialClient: () => ({
+      sendMessageAsBot: async (chat, msgType, payload) => botSendImpl({ chat, msgType, payload }),
+    }),
+    resolveDocId: async (x) => x,
+  };
+}
+
+async function run() {
+  // --- 1. send_as_user → ok / viaUser=true / status passed through ---
+  {
+    const ctx = fakeCtx({
+      sendImpl: async () => ({ success: true, status: 0 }),
+    });
+    const resp = await msgHandlers.send_as_user({ chat_id: '7234567890123', text: 'hi' }, ctx);
+    const parsed = parseJsonResponse(resp);
+    assert.ok(parsed, 'send_as_user should return JSON-parseable shape');
+    assert.equal(parsed.ok, true, 'ok flag present and true on success');
+    assert.equal(parsed.viaUser, true, 'cookie/user path → viaUser=true');
+    assert.equal(parsed.fallbackWarning, undefined);
+  }
+
+  // --- 2. send_as_user failure → ok=false ---
+  {
+    const ctx = fakeCtx({
+      sendImpl: async () => ({ success: false, status: 70003 }),
+    });
+    const resp = await msgHandlers.send_as_user({ chat_id: '7234567890123', text: 'hi' }, ctx);
+    const parsed = parseJsonResponse(resp);
+    assert.ok(parsed);
+    assert.equal(parsed.ok, false, 'failed send → ok=false');
+    assert.equal(parsed.viaUser, true);
+  }
+
+  // --- 3. send_image_as_user, send_file_as_user, send_post_as_user — same shape ---
+  for (const [name, args] of [
+    ['send_image_as_user', { chat_id: '7234567890123', image_key: 'img_xxx' }],
+    ['send_file_as_user',  { chat_id: '7234567890123', file_key: 'file_xxx', file_name: 'a.pdf' }],
+    ['send_post_as_user',  { chat_id: '7234567890123', title: 'T', paragraphs: [] }],
+  ]) {
+    const ctx = fakeCtx({
+      sendImpl: async () => ({ success: true, status: 0 }),
+    });
+    const resp = await msgHandlers[name](args, ctx);
+    const parsed = parseJsonResponse(resp);
+    assert.ok(parsed, `${name} should return JSON shape`);
+    assert.equal(parsed.ok, true, `${name} ok=true on success`);
+    assert.equal(parsed.viaUser, true, `${name} viaUser=true`);
+  }
+
+  // --- 4. send_card_as_user → viaUser=false + messageId ---
+  {
+    const ctx = fakeCtx({
+      botSendImpl: async () => ({ messageId: 'om_card_123' }),
+    });
+    const resp = await msgHandlers.send_card_as_user({ chat_id: '7234567890123', card: {} }, ctx);
+    const parsed = parseJsonResponse(resp);
+    assert.ok(parsed, 'send_card_as_user JSON');
+    assert.equal(parsed.ok, true);
+    assert.equal(parsed.viaUser, false, 'card path goes via bot → viaUser=false');
+    assert.equal(parsed.messageId, 'om_card_123');
+  }
+
+  // --- 5. unified shape: no extra fields beyond {ok, viaUser, description?, fallbackWarning?, messageId?, status?} ---
+  {
+    const ctx = fakeCtx({
+      sendImpl: async () => ({ success: true, status: 0 }),
+    });
+    const resp = await msgHandlers.send_as_user({ chat_id: '7234567890123', text: 'hi' }, ctx);
+    const parsed = parseJsonResponse(resp);
+    const allowed = new Set(['ok', 'viaUser', 'description', 'fallbackWarning', 'messageId', 'status']);
+    for (const k of Object.keys(parsed)) {
+      assert.ok(allowed.has(k), `send_as_user returned unexpected key '${k}' — unified shape allows only ${[...allowed].join(', ')}`);
+    }
+  }
+
+  console.log('send-shape.js: PASS');
+}
+
+if (require.main === module) run().catch(e => { console.error(e); process.exit(1); });
+module.exports = { run };

package/src/test-via-user.js

@@ -0,0 +1,94 @@
+// src/test-via-user.js — verify the v1.3.12 `via_user` param on
+// read_messages controls bot/UAT routing.
+//
+// Pre-v1.3.12 read_messages auto-failed bot → UAT (skipBot true only when
+// chat resolved via cookie search_contacts). No way for the LLM/user to
+// say "I know this is mine, go UAT first" or "I want only the bot view".
+//
+// New: read_messages accepts `via_user: boolean`.
+//   - via_user=true  → skip bot, go straight to UAT (alias of skipBot)
+//   - via_user=false → bot-only, NEVER fall back to UAT (skipUat new)
+//   - undefined      → existing auto-fallback (default)
+//
+// Test stubs readMessagesWithFallback directly to count which paths fire.
+
+'use strict';
+
+const assert = require('node:assert/strict');
+const { handlers } = require('./tools/im-read');
+
+function fakeCtx({ fallbackImpl, asUserImpl }) {
+  let lastOpts;
+  const official = {
+    hasUAT: true,
+    readMessagesWithFallback: async (chatId, msgOpts, uc, opts) => {
+      lastOpts = opts;
+      return fallbackImpl({ chatId, msgOpts, opts });
+    },
+    readMessagesAsUser: async (chatId, msgOpts, uc) => {
+      lastOpts = { via: 'user' };
+      return asUserImpl ? asUserImpl({ chatId, msgOpts }) : { items: [], via: 'user' };
+    },
+    getChatInfo: async () => ({ name: 'fake group' }),
+  };
+  return {
+    getOfficialClient: () => official,
+    getUserClient: async () => ({
+      search: async () => [],
+    }),
+    _getLastOpts: () => lastOpts,
+  };
+}
+
+async function run() {
+  // --- 1. via_user=true → skipBot ---
+  {
+    const ctx = fakeCtx({
+      fallbackImpl: ({ opts }) => ({ items: [], opts }),
+    });
+    const resp = await handlers.read_messages({ chat_id: 'oc_x', via_user: true }, ctx);
+    const opts = ctx._getLastOpts();
+    assert.ok(opts);
+    assert.equal(opts.skipBot, true, 'via_user=true → skipBot=true');
+  }
+
+  // --- 2. via_user=false → skipUat ---
+  {
+    const ctx = fakeCtx({
+      fallbackImpl: ({ opts }) => ({ items: [], opts }),
+    });
+    const resp = await handlers.read_messages({ chat_id: 'oc_x', via_user: false }, ctx);
+    const opts = ctx._getLastOpts();
+    assert.ok(opts);
+    assert.equal(opts.skipUat, true, 'via_user=false → skipUat=true');
+  }
+
+  // --- 3. via_user undefined → default auto-fallback (no skip flags) ---
+  {
+    const ctx = fakeCtx({
+      fallbackImpl: ({ opts }) => ({ items: [], opts }),
+    });
+    const resp = await handlers.read_messages({ chat_id: 'oc_x' }, ctx);
+    const opts = ctx._getLastOpts();
+    // Either opts is undefined or both skip flags absent — both mean auto-fallback.
+    assert.ok(!opts || !opts.skipBot, 'no via_user → no skipBot (auto)');
+    assert.ok(!opts || !opts.skipUat, 'no via_user → no skipUat (auto)');
+  }
+
+  // --- 4. read_messages schema has via_user param ---
+  {
+    const { schemas } = require('./tools/im-read');
+    const readMessages = schemas.find(s => s.name === 'read_messages');
+    assert.ok(readMessages);
+    assert.ok(readMessages.inputSchema.properties.via_user,
+      'read_messages inputSchema should have via_user property');
+    assert.equal(readMessages.inputSchema.properties.via_user.type, 'boolean');
+    assert.ok(readMessages.inputSchema.properties.via_user.description.length > 30,
+      'via_user description should explain the routing semantics');
+  }
+
+  console.log('via-user.js: PASS');
+}
+
+if (require.main === module) run().catch(e => { console.error(e); process.exit(1); });
+module.exports = { run };

package/src/test-with-uat-retry.js

@@ -0,0 +1,135 @@
+// src/test-with-uat-retry.js — unit test for the v1.3.12 widening of
+// `withUAT` in src/auth/uat.js.
+//
+// Background: pre-v1.3.12 `withUAT` only retried fn() when the response
+// carried code in {99991668, 99991663, 99991677} (it refreshed the UAT and
+// re-ran). Anything else — network blip, truncated JSON body, ECONNRESET —
+// bubbled straight out, even though one retry would have cleared the failure.
+//
+// New behaviour:
+//   1. If fn() throws AND classifyError says action='retry', call fn() one
+//      more time with the *same* uat (it's an upstream flake, not an auth
+//      issue — refreshing wouldn't help).
+//   2. Existing 99991668 / 99991663 / 99991677 path is unchanged: refresh
+//      then re-run.
+//   3. Otherwise (success, or non-retriable code) return data as-is.
+//
+// Real Feishu API is NOT touched — we mock fn() directly.
+
+'use strict';
+
+const assert = require('node:assert/strict');
+const { withUAT } = require('./auth/uat');
+
+function fakeClient() {
+  const farFuture = Math.floor(Date.now() / 1000) + 3600;
+  return {
+    appId: 'cli_test',
+    appSecret: 'secret',
+    _uat: 'fake_token',
+    _uatRefresh: 'fake_refresh',
+    _uatExpires: farFuture,
+    get hasUAT() { return !!this._uat; },
+  };
+}
+
+async function run() {
+  // --- 1. Success on first try → no retry ---
+  {
+    let calls = 0;
+    const data = await withUAT(fakeClient(), async () => {
+      calls++;
+      return { code: 0, data: { ok: true } };
+    });
+    assert.equal(calls, 1);
+    assert.equal(data.code, 0);
+  }
+
+  // --- 2. Throws network error → retries once, succeeds ---
+  {
+    let calls = 0;
+    const data = await withUAT(fakeClient(), async () => {
+      calls++;
+      if (calls === 1) throw new Error('fetch timeout after 10000ms');
+      return { code: 0, data: { ok: true } };
+    });
+    assert.equal(calls, 2, 'should retry transient throw once');
+    assert.equal(data.code, 0);
+  }
+
+  // --- 3. Throws JSON parse error → retries once ---
+  {
+    let calls = 0;
+    const data = await withUAT(fakeClient(), async () => {
+      calls++;
+      if (calls === 1) {
+        const err = new SyntaxError('Unexpected end of JSON input');
+        throw err;
+      }
+      return { code: 0, data: { ok: 'parsed' } };
+    });
+    assert.equal(calls, 2);
+    assert.equal(data.data.ok, 'parsed');
+  }
+
+  // --- 4. Throws non-retriable error → re-throws (no retry) ---
+  {
+    let calls = 0;
+    let caught;
+    try {
+      await withUAT(fakeClient(), async () => {
+        calls++;
+        throw new Error('something completely unexpected');
+      });
+    } catch (e) { caught = e; }
+    assert.equal(calls, 1, 'unknown error should not retry');
+    assert.ok(caught);
+    assert.ok(caught.message.includes('something completely unexpected'));
+  }
+
+  // --- 5. Throws transient on BOTH attempts → re-throws ---
+  {
+    let calls = 0;
+    let caught;
+    try {
+      await withUAT(fakeClient(), async () => {
+        calls++;
+        throw new Error('fetch timeout after 10000ms');
+      });
+    } catch (e) { caught = e; }
+    assert.equal(calls, 2, 'should give up after one retry');
+    assert.ok(caught);
+  }
+
+  // --- 6. ECONNRESET pattern → retry ---
+  {
+    let calls = 0;
+    const data = await withUAT(fakeClient(), async () => {
+      calls++;
+      if (calls === 1) throw new Error('socket hang up ECONNRESET');
+      return { code: 0 };
+    });
+    assert.equal(calls, 2);
+  }
+
+  // --- 7. Existing auth-code path still works: 99991663 triggers refresh ---
+  // We can't easily mock refreshUAT without rewiring; verify the data path
+  // for the simple non-refresh "no auth code" case here (refresh path is
+  // exercised by integration tests / real API).
+  {
+    let calls = 0;
+    const data = await withUAT(fakeClient(), async () => {
+      calls++;
+      return { code: 42101, msg: 'rate limited' };
+    });
+    // 42101 is not an auth code so withUAT returns it without refresh-retry.
+    // (Caller may decide to retry via classifyError separately.)
+    assert.equal(calls, 1);
+    assert.equal(data.code, 42101);
+  }
+
+  console.log('with-uat-retry.js: PASS');
+}
+
+if (require.main === module) run().catch(e => { console.error(e); process.exit(1); });
+module.exports = { run };

package/src/tools/_registry.js

@@ -26,6 +26,29 @@ const json = (o) => {
   return text(warn + JSON.stringify(o, null, 2));
 };
 
-const sendResult = (r, desc) => text(r.success ? desc : `Send failed (status: ${r.status})`);
+// sendResult — unified shape for send_*_as_user tools (v1.3.12).
+// Returns JSON inside an MCP text block:
+//   { ok, viaUser, description?, status?, messageId?, fallbackWarning? }
+//
+// `r` is the raw response from a Lark client:
+//   - LarkUserClient.send*  → { success: bool, status: number }
+//   - LarkOfficialClient.sendMessageAsBot → { messageId: string }
+//
+// Back-compat signature: `sendResult(r, desc)` still works (desc treated as
+// description). New callers can pass `sendResult(r, { desc, viaUser: false,
+// fallbackWarning })`.
+const sendResult = (r, descOrOpts) => {
+  const opts = typeof descOrOpts === 'string' ? { desc: descOrOpts } : (descOrOpts || {});
+  const { desc, viaUser = true, fallbackWarning } = opts;
+  const out = {
+    ok: !!(r && (r.success || r.messageId)),
+    viaUser,
+  };
+  if (desc) out.description = desc;
+  if (r?.messageId) out.messageId = r.messageId;
+  if (r && typeof r.status !== 'undefined') out.status = r.status;
+  if (fallbackWarning) out.fallbackWarning = fallbackWarning;
+  return json(out);
+};
 
 module.exports = { text, json, sendResult };

package/src/tools/calendar.js

@@ -4,7 +4,7 @@
 // get_calendar_event, plus the v1.3.7 write tools:
 //   create_calendar_event / update_calendar_event / delete_calendar_event
 //   respond_calendar_event / get_freebusy
-// All UAT-first. Write tools require `calendar:calendar.event:write` scope.
+// All UAT-first. Write tools require `calendar:calendar.event:{create,update,delete,reply}` scope.
 
 const { json, text } = require('./_registry');
 
@@ -53,7 +53,7 @@ const schemas = [
   },
   {
     name: 'create_calendar_event',
-    description: `[Official API + UAT, v1.3.7] Create a new calendar event. Requires \`calendar:calendar.event:write\` scope (re-run \`npx feishu-user-plugin oauth\` after enabling). The current identity (UAT-first) must have writer or owner permission on the calendar.\n\nTime fields: ${TIME_NOTE}`,
+    description: `[Official API + UAT, v1.3.7] Create a new calendar event. Requires \`calendar:calendar.event:create\` scope (re-run \`npx feishu-user-plugin oauth\` after enabling). The current identity (UAT-first) must have writer or owner permission on the calendar.\n\nTime fields: ${TIME_NOTE}`,
     inputSchema: {
       type: 'object',
       properties: {
@@ -75,7 +75,7 @@ const schemas = [
   },
   {
     name: 'update_calendar_event',
-    description: '[Official API + UAT, v1.3.7] Patch fields on an existing calendar event. Pass only the fields you want to change. Requires `calendar:calendar.event:write` scope.',
+    description: '[Official API + UAT, v1.3.7] Patch fields on an existing calendar event. Pass only the fields you want to change. Requires `calendar:calendar.event:update` scope.',
     inputSchema: {
       type: 'object',
       properties: {
@@ -98,7 +98,7 @@ const schemas = [
   },
   {
     name: 'delete_calendar_event',
-    description: '[Official API + UAT, v1.3.7] Delete a calendar event. Requires `calendar:calendar.event:write` scope.',
+    description: '[Official API + UAT, v1.3.7] Delete a calendar event. Requires `calendar:calendar.event:delete` scope.',
     inputSchema: {
       type: 'object',
       properties: {
@@ -112,7 +112,7 @@ const schemas = [
   },
   {
     name: 'respond_calendar_event',
-    description: '[Official API + UAT, v1.3.7] Respond to an event invitation. The current identity must be in the event\'s attendee list. Requires `calendar:calendar.event:write` scope.',
+    description: '[Official API + UAT, v1.3.7] Respond to an event invitation. The current identity must be in the event\'s attendee list. Requires `calendar:calendar.event:reply` scope.',
     inputSchema: {
       type: 'object',
       properties: {