metame-cli 1.4.18 → 1.4.20

package/scripts/daemon-user-acl.js

@@ -0,0 +1,399 @@
+/**
+ * daemon-user-acl.js — MetaMe 多用户权限管理模块
+ *
+ * 角色体系：
+ *   admin   — 全部权限（王总）
+ *   member  — 可配置白名单操作
+ *   stranger — 仅基础问答，无系统操作
+ *
+ * 配置文件：~/.metame/users.yaml（热更新，独立于 daemon.yaml）
+ * 格式：
+ *   users:
+ *     ou_abc123: { role: admin, name: 王总 }
+ *     ou_def456: { role: member, name: 老马, allowed_actions: [feedback, status, query] }
+ *   default_role: stranger
+ */
+
+'use strict';
+
+const fs = require('fs');
+const path = require('path');
+const os = require('os');
+
+const USERS_FILE = path.join(os.homedir(), '.metame', 'users.yaml');
+
+// ─── YAML 轻量解析（无依赖） ─────────────────────────────────────────────────
+// 只解析本文件需要的简单结构，不引入 js-yaml 依赖
+function parseSimpleYaml(content) {
+  const result = {};
+  const lines = content.split('\n');
+  let currentSection = null;
+  let currentUserId = null;
+
+  for (let i = 0; i < lines.length; i++) {
+    const line = lines[i];
+    const trimmed = line.trimEnd();
+    if (!trimmed || trimmed.startsWith('#')) continue;
+
+    const indent = line.length - line.trimStart().length;
+    const stripped = trimmed.trim();
+
+    if (indent === 0) {
+      const m = stripped.match(/^(\w[\w_]*):\s*(.*)$/);
+      if (m) {
+        currentSection = m[1];
+        if (m[2]) result[currentSection] = m[2];
+        else result[currentSection] = {};
+        currentUserId = null;
+      }
+    } else if (indent === 2 && currentSection === 'users') {
+      const m = stripped.match(/^([\w_-]+):\s*\{?(.*)\}?$/);
+      if (m) {
+        currentUserId = m[1];
+        result.users = result.users || {};
+        result.users[currentUserId] = parseInlineObj(m[2]);
+      }
+    } else if (indent === 4 && currentSection === 'users' && currentUserId) {
+      const m = stripped.match(/^([\w_]+):\s*(.+)$/);
+      if (m) {
+        result.users[currentUserId][m[1]] = parseYamlValue(m[2]);
+      }
+    } else if (indent === 2 && currentSection !== 'users') {
+      const m = stripped.match(/^([\w_]+):\s*(.+)$/);
+      if (m && typeof result[currentSection] === 'object') {
+        result[currentSection][m[1]] = parseYamlValue(m[2]);
+      }
+    }
+  }
+  return result;
+}
+
+function parseInlineObj(str) {
+  const obj = {};
+  str = str.replace(/^\{|\}$/g, '').trim();
+  if (!str) return obj;
+  const parts = str.split(',').map(s => s.trim());
+  for (const part of parts) {
+    const m = part.match(/^([\w_]+):\s*(.+)$/);
+    if (m) obj[m[1]] = parseYamlValue(m[2]);
+  }
+  return obj;
+}
+
+function parseYamlValue(val) {
+  val = val.trim();
+  if (val === 'true') return true;
+  if (val === 'false') return false;
+  if (/^\d+$/.test(val)) return parseInt(val, 10);
+  // Array like [a, b, c]
+  if (val.startsWith('[') && val.endsWith(']')) {
+    return val.slice(1, -1).split(',').map(s => s.trim().replace(/^['"]|['"]$/g, '')).filter(Boolean);
+  }
+  // Quoted string
+  return val.replace(/^['"]|['"]$/g, '');
+}
+
+// ─── 序列化为 YAML ────────────────────────────────────────────────────────────
+// name 字段转义：去除可能破坏行内 YAML 的特殊字符
+function sanitizeYamlScalar(str) {
+  return String(str || '').replace(/[,:{}\[\]\r\n#]/g, '_').slice(0, 40);
+}
+
+function serializeUsers(data) {
+  const lines = [];
+  // 始终写出 default_role，确保 reload 时语义明确
+  lines.push(`default_role: ${data.default_role || 'stranger'}`);
+  lines.push('users:');
+  for (const [uid, info] of Object.entries(data.users || {})) {
+    const actions = info.allowed_actions
+      ? `, allowed_actions: [${info.allowed_actions.join(', ')}]`
+      : '';
+    const safeName = info.name ? `, name: ${sanitizeYamlScalar(info.name)}` : '';
+    lines.push(`  ${uid}: { role: ${info.role}${safeName}${actions} }`);
+  }
+  return lines.join('\n') + '\n';
+}
+
+// 飞书 open_id 格式校验（字母数字下划线，10-64 位）
+function isValidOpenId(uid) {
+  return typeof uid === 'string' && /^[a-zA-Z0-9_-]{10,64}$/.test(uid);
+}
+
+// ─── 加载用户配置 ─────────────────────────────────────────────────────────────
+let _cachedUsers = null;
+let _cachedMtime = 0;
+
+function loadUsers() {
+  try {
+    const stat = fs.statSync(USERS_FILE);
+    if (stat.mtimeMs !== _cachedMtime) {
+      const content = fs.readFileSync(USERS_FILE, 'utf8');
+      _cachedUsers = parseSimpleYaml(content);
+      _cachedMtime = stat.mtimeMs;
+    }
+    return _cachedUsers || { users: {}, default_role: 'stranger' };
+  } catch {
+    return { users: {}, default_role: 'stranger' };
+  }
+}
+
+function saveUsers(data) {
+  const dir = path.dirname(USERS_FILE);
+  fs.mkdirSync(dir, { recursive: true });
+  // [M3] 原子写入：先写临时文件再 rename，防止崩溃时损坏 users.yaml
+  const tmp = USERS_FILE + '.tmp';
+  fs.writeFileSync(tmp, serializeUsers(data), 'utf8');
+  fs.renameSync(tmp, USERS_FILE);
+  _cachedMtime = 0; // 强制下次重新加载
+}
+
+// ─── 权限动作定义 ─────────────────────────────────────────────────────────────
+// 每个 action 代表一类权限门控点
+const ACTION_GROUPS = {
+  // member 可开放的安全操作
+  feedback:  { desc: '提交反馈' },
+  status:    { desc: '查询系统状态 (/status, /tasks)' },
+  query:     { desc: '自然语言问答（只读）' },
+  file_read: { desc: '查看文件' },
+
+  // admin 专属（不可赋予 member）
+  system:    { desc: '系统操作 (/sh, /mac, /fix)' },
+  agent:     { desc: 'Agent 调度与管理' },
+  config:    { desc: '配置修改 (/reload, /model)' },
+  admin_acl: { desc: '用户权限管理 (/user *)' },
+};
+
+const ROLE_DEFAULT_ACTIONS = {
+  admin:   Object.keys(ACTION_GROUPS),       // 全部权限
+  member:  ['query'],                         // 默认只能问答
+  stranger: [],                               // 无系统权限，但允许基础问答由 askClaude readOnly 处理
+};
+
+// 不可赋予 member 的 admin 专属 action
+const ADMIN_ONLY_ACTIONS = new Set(['system', 'agent', 'config', 'admin_acl']);
+
+// ─── 核心 API ─────────────────────────────────────────────────────────────────
+
+/**
+ * 根据 senderId 解析用户上下文
+ * @param {string|null} senderId  飞书 open_id
+ * @param {object} config         daemon 配置（兼容旧 operator_ids）
+ * @returns {object} userCtx { senderId, role, name, allowedActions, can(action) }
+ */
+function resolveUserCtx(senderId, config) {
+  const userData = loadUsers();
+
+  let role, name, allowedActions;
+
+  if (!senderId) {
+    // 无 ID（Telegram 等）— 兼容旧逻辑，视为 admin
+    role = 'admin';
+    name = 'unknown';
+    allowedActions = ROLE_DEFAULT_ACTIONS.admin;
+  } else {
+    const userInfo = (userData.users || {})[senderId];
+
+    if (userInfo) {
+      role = userInfo.role || 'member';
+      name = userInfo.name || senderId.slice(-6);
+      if (role === 'admin') {
+        allowedActions = ROLE_DEFAULT_ACTIONS.admin;
+      } else if (role === 'member') {
+        // member 的 allowed_actions = 默认 member 权限 ∪ 配置的扩展权限（过滤 admin-only）
+        const extra = (userInfo.allowed_actions || []).filter(a => !ADMIN_ONLY_ACTIONS.has(a));
+        allowedActions = [...new Set([...ROLE_DEFAULT_ACTIONS.member, ...extra])];
+      } else {
+        allowedActions = [];
+      }
+    } else {
+      // 兼容旧 operator_ids：若 senderId 在 operator_ids 中，视为 admin
+      const operatorIds = (config && config.feishu && config.feishu.operator_ids) || [];
+      if (operatorIds.includes(senderId)) {
+        role = 'admin';
+        name = senderId.slice(-6);
+        allowedActions = ROLE_DEFAULT_ACTIONS.admin;
+      } else {
+        role = userData.default_role || 'stranger';
+        name = senderId.slice(-6);
+        allowedActions = ROLE_DEFAULT_ACTIONS[role] || [];
+      }
+    }
+  }
+
+  return {
+    senderId,
+    role,
+    name,
+    allowedActions,
+    isAdmin: role === 'admin',
+    isMember: role === 'member',
+    isStranger: role === 'stranger',
+    can(action) { return allowedActions.includes(action); },
+    readOnly: role !== 'admin',
+  };
+}
+
+// 所有人（包括 stranger）均可使用的公开命令，集中维护
+const PUBLIC_COMMANDS = ['/myid', '/chatid', '/user whoami'];
+
+/**
+ * 判断命令文本对应的 action 类型
+ */
+function classifyCommandAction(text) {
+  if (!text) return 'query';
+  const t = text.trim().toLowerCase();
+  if (t.startsWith('/sh ') || t.startsWith('/mac ') || t.startsWith('/fix') || t.startsWith('/reset') || t.startsWith('/doctor')) return 'system';
+  // /run 执行任务，副作用等级与 system 相同，不应归入 status
+  if (t.startsWith('/run ') || t.startsWith('/run\n')) return 'system';
+  if (t.startsWith('/agent ') || t.startsWith('/dispatch')) return 'agent';
+  if (t.startsWith('/model') || t.startsWith('/reload') || t.startsWith('/budget')) return 'config';
+  if (t.startsWith('/user ')) return 'admin_acl';
+  if (t.startsWith('/status') || t.startsWith('/tasks')) return 'status';
+  if (t.startsWith('/')) return 'system'; // 未知 slash 命令默认需要 system 权限
+  return 'query';
+}
+
+// ─── /user 管理命令处理 ───────────────────────────────────────────────────────
+
+/**
+ * 处理 /user 系列命令（仅 admin 可调用）
+ * 返回 { handled: boolean, reply: string }
+ */
+function handleUserCommand(text, userCtx) {
+  if (!text || !text.startsWith('/user')) return { handled: false };
+
+  const args = text.trim().split(/\s+/);
+  // args[0] = '/user', args[1] = subcommand
+
+  const sub = args[1];
+
+  if (!sub || sub === 'help') {
+    return {
+      handled: true,
+      reply: `**用户权限管理**\n\n` +
+        `/user list — 列出所有用户\n` +
+        `/user add <open_id> <role> [name] — 添加用户 (role: admin/member)\n` +
+        `/user role <open_id> <role> — 修改角色\n` +
+        `/user grant <open_id> <action> — 赋予 member 额外权限\n` +
+        `/user revoke <open_id> <action> — 撤销 member 权限\n` +
+        `/user remove <open_id> — 移除用户\n` +
+        `/user actions — 列出可用 action\n` +
+        `/user whoami — 查看当前身份`,
+    };
+  }
+
+  if (sub === 'whoami') {
+    return {
+      handled: true,
+      reply: `**你的身份**\n\nID: \`${userCtx.senderId || 'N/A'}\`\n角色: ${userCtx.role}\n名称: ${userCtx.name}\n权限: ${userCtx.allowedActions.join(', ') || '无'}`,
+    };
+  }
+
+  if (sub === 'actions') {
+    const lines = Object.entries(ACTION_GROUPS).map(([k, v]) => `- \`${k}\` — ${v.desc}`);
+    return { handled: true, reply: `**可用 Actions**\n\n${lines.join('\n')}` };
+  }
+
+  if (sub === 'list') {
+    const data = loadUsers();
+    const users = Object.entries(data.users || {});
+    if (!users.length) return { handled: true, reply: '暂无用户配置（仅依赖 operator_ids）' };
+    const lines = users.map(([uid, info]) => {
+      const actions = info.allowed_actions ? ` | ${info.allowed_actions.join(',')}` : '';
+      return `- \`${uid}\` [${info.role}] ${info.name || ''}${actions}`;
+    });
+    return { handled: true, reply: `**用户列表** (default: ${data.default_role || 'stranger'})\n\n${lines.join('\n')}` };
+  }
+
+  // [S1] 破坏性子命令内部守卫（防止外部绕过调用方校验）
+  const ADMIN_REQUIRED_SUBS = new Set(['add', 'role', 'grant', 'revoke', 'remove']);
+  if (ADMIN_REQUIRED_SUBS.has(sub) && !userCtx.isAdmin) {
+    return { handled: true, reply: '⚠️ 此操作需要 admin 权限，请联系管理员。' };
+  }
+
+  if (sub === 'add') {
+    // /user add <open_id> <role> [name...]
+    const [, , , uid, role, ...nameParts] = args;
+    if (!uid || !role) return { handled: true, reply: '用法: /user add <open_id> <role> [name]' };
+    // [S2] open_id 格式校验
+    if (!isValidOpenId(uid)) return { handled: true, reply: '❌ open_id 格式不合法（应为 10-64 位字母数字下划线）' };
+    if (!['admin', 'member', 'stranger'].includes(role)) {
+      return { handled: true, reply: '角色必须是 admin / member / stranger' };
+    }
+    const data = loadUsers();
+    data.users = data.users || {};
+    data.users[uid] = { role, name: nameParts.join(' ') || uid.slice(-6) };
+    saveUsers(data);
+    return { handled: true, reply: `✅ 已添加用户 \`${uid}\` → ${role}` };
+  }
+
+  if (sub === 'role') {
+    const [, , , uid, role] = args;
+    if (!uid || !role) return { handled: true, reply: '用法: /user role <open_id> <role>' };
+    if (!isValidOpenId(uid)) return { handled: true, reply: '❌ open_id 格式不合法' };
+    if (!['admin', 'member', 'stranger'].includes(role)) {
+      return { handled: true, reply: '角色必须是 admin / member / stranger' };
+    }
+    const data = loadUsers();
+    data.users = data.users || {};
+    if (!data.users[uid]) data.users[uid] = {};
+    data.users[uid].role = role;
+    saveUsers(data);
+    return { handled: true, reply: `✅ 用户 \`${uid}\` 角色已更新为 ${role}` };
+  }
+
+  if (sub === 'grant') {
+    const [, , , uid, action] = args;
+    if (!uid || !action) return { handled: true, reply: '用法: /user grant <open_id> <action>' };
+    if (!isValidOpenId(uid)) return { handled: true, reply: '❌ open_id 格式不合法' };
+    if (ADMIN_ONLY_ACTIONS.has(action)) {
+      return { handled: true, reply: `❌ \`${action}\` 是 admin 专属权限，不可赋予 member` };
+    }
+    if (!ACTION_GROUPS[action]) {
+      return { handled: true, reply: `❌ 未知 action: ${action}，用 /user actions 查看可用列表` };
+    }
+    const data = loadUsers();
+    data.users = data.users || {};
+    if (!data.users[uid]) data.users[uid] = { role: 'member' };
+    const existing = data.users[uid].allowed_actions || [];
+    if (!existing.includes(action)) {
+      data.users[uid].allowed_actions = [...existing, action];
+      saveUsers(data);
+    }
+    return { handled: true, reply: `✅ 已授权 \`${uid}\` → ${action}` };
+  }
+
+  if (sub === 'revoke') {
+    const [, , , uid, action] = args;
+    if (!uid || !action) return { handled: true, reply: '用法: /user revoke <open_id> <action>' };
+    if (!isValidOpenId(uid)) return { handled: true, reply: '❌ open_id 格式不合法' };
+    const data = loadUsers();
+    const userInfo = (data.users || {})[uid];
+    if (!userInfo) return { handled: true, reply: `❌ 未找到用户 \`${uid}\`` };
+    userInfo.allowed_actions = (userInfo.allowed_actions || []).filter(a => a !== action);
+    saveUsers(data);
+    return { handled: true, reply: `✅ 已撤销 \`${uid}\` 的 ${action} 权限` };
+  }
+
+  if (sub === 'remove') {
+    const [, , , uid] = args;
+    if (!uid) return { handled: true, reply: '用法: /user remove <open_id>' };
+    if (!isValidOpenId(uid)) return { handled: true, reply: '❌ open_id 格式不合法' };
+    const data = loadUsers();
+    delete (data.users || {})[uid];
+    saveUsers(data);
+    return { handled: true, reply: `✅ 已移除用户 \`${uid}\`` };
+  }
+
+  return { handled: true, reply: `未知子命令: ${sub}，用 /user help 查看帮助` };
+}
+
+module.exports = {
+  resolveUserCtx,
+  classifyCommandAction,
+  handleUserCommand,
+  loadUsers,
+  saveUsers,
+  ACTION_GROUPS,
+  PUBLIC_COMMANDS,
+};

package/scripts/daemon.js

@@ -248,11 +248,11 @@ function restoreConfig() {
       }
     }
     writeConfigSafe(bakCfg);
-    config = loadConfig();
+    config = loadConfig(); // eslint-disable-line no-undef -- config is declared in main() closure
     return true;
   } catch {
     fs.copyFileSync(bak, CONFIG_FILE);
-    config = loadConfig();
+    config = loadConfig(); // eslint-disable-line no-undef
     return true;
   }
 }
@@ -1218,6 +1218,7 @@ const {
   getSessionFileMtime,
   sessionLabel,
   sessionRichLabel,
+  getSessionRecentContext,
   buildSessionCardElements,
   listProjectDirs,
   getSession,
@@ -1225,6 +1226,7 @@ const {
   getSessionName,
   writeSessionName,
   markSessionStarted,
+  watchSessionFiles,
 } = createSessionStore({
   fs,
   path,
@@ -1236,6 +1238,8 @@ const {
   cpExtractTimestamp,
 });
 
+watchSessionFiles(); // 热加载：手机端新建 session 后桌面无需重启
+
 // Active Claude processes per chat (for /stop)
 const activeProcesses = new Map(); // chatId -> { child, aborted }
 
@@ -1348,6 +1352,11 @@ const pendingBinds = new Map(); // chatId -> agentName
 // chatId -> { step: 'dir'|'name'|'desc', dir: string, name: string }
 const pendingAgentFlows = new Map();
 
+// Pending activation: after creating an agent with skipChatBinding=true,
+// store here so any new unbound group can activate it with /activate
+// { agentKey, agentName, cwd, createdAt }
+const pendingActivations = new Map(); // key: agentKey -> activation record
+
 const { handleAdminCommand } = createAdminCommandHandler({
   fs,
   yaml,
@@ -1367,6 +1376,10 @@ const { handleAdminCommand } = createAdminCommandHandler({
   skillEvolution,
   taskBoard,
   taskEnvelope,
+  getActiveProcesses: () => activeProcesses,
+  getMessageQueue: () => messageQueue,
+  loadState,
+  saveState,
 });
 
 const { handleSessionCommand } = createSessionCommandHandler({
@@ -1485,8 +1498,10 @@ const { handleAgentCommand } = createAgentCommandHandler({
   sessionLabel,
   loadSessionTags,
   sessionRichLabel,
+  getSessionRecentContext,
   pendingBinds,
   pendingAgentFlows,
+  pendingActivations,
   doBindAgent,
   mergeAgentRole,
   agentTools,
@@ -1564,6 +1579,7 @@ const { handleCommand } = createCommandRouter({
   log,
   agentTools,
   pendingAgentFlows,
+  pendingActivations,
   agentFlowTtlMs: getAgentFlowTtlMs,
 });
 
@@ -1584,6 +1600,7 @@ const { startTelegramBridge, startFeishuBridge } = createBridgeStarter({
   saveState,
   getSession,
   handleCommand,
+  pendingActivations,
 });
 
 const { killExistingDaemon, writePid, cleanPid } = createPidManager({
@@ -1735,7 +1752,10 @@ async function main() {
     setConfig: (next) => { config = next; },
     getHeartbeatTimer: () => heartbeatTimer,
     setHeartbeatTimer: (next) => { heartbeatTimer = next; },
-    onRestartRequested: () => process.exit(0),
+    onRestartRequested: () => {
+      // Reuse full shutdown logic (kill child processes, clean PID, stop bridges)
+      shutdown().catch(() => process.exit(0));
+    },
   });
   // Expose reloadConfig to handleCommand via closure
   global._metameReload = runtimeWatchers.reloadConfig;
@@ -1749,9 +1769,26 @@ async function main() {
   await sleep(1500); // Let polling settle
   await adminNotifyFn('✅ Daemon ready.').catch(() => { });
 
+  // Notify active users before restart/shutdown
+  async function notifyActiveUsers(reason) {
+    if (activeProcesses.size === 0) return;
+    const bots = [];
+    if (feishuBridge && feishuBridge.bot) bots.push(feishuBridge.bot);
+    if (telegramBridge && telegramBridge.bot) bots.push(telegramBridge.bot);
+    if (bots.length === 0) return;
+    const notifs = [];
+    for (const [cid] of activeProcesses) {
+      for (const bot of bots) {
+        notifs.push(bot.sendMessage(cid, `⚠️ 系统正在重启（${reason}），任务已中断，请重新发送指令。`).catch(() => {}));
+      }
+    }
+    await Promise.race([Promise.all(notifs), new Promise(r => setTimeout(r, 3000))]);
+  }
+
   // Graceful shutdown
-  const shutdown = () => {
+  const shutdown = async () => {
     log('INFO', 'Daemon shutting down...');
+    await notifyActiveUsers('关闭').catch(() => {});
     runtimeWatchers.stop();
     if (heartbeatTimer) clearInterval(heartbeatTimer);
     if (dispatchSocket) try { dispatchSocket.close(); } catch { }
@@ -1774,8 +1811,8 @@ async function main() {
     process.exit(0);
   };
 
-  process.on('SIGTERM', shutdown);
-  process.on('SIGINT', shutdown);
+  process.on('SIGTERM', () => { shutdown().catch(() => process.exit(0)); });
+  process.on('SIGINT', () => { shutdown().catch(() => process.exit(0)); });
 
   // Keep alive
   log('INFO', 'Daemon running. Send SIGTERM to stop.');

package/scripts/distill.js

@@ -636,15 +636,6 @@ function strategicMerge(profile, updates, lockedKeys, pendingTraits, confidenceM
         break;
       }
 
-      case 'T4':
-        setNested(result, key, value);
-
-        // Auto-set focus_since when focus changes
-        if (key === 'context.focus') {
-          setNested(result, 'context.focus_since', new Date().toISOString().slice(0, 10));
-        }
-        break;
-
       case 'T5':
         setNested(result, key, value);
         break;
@@ -717,9 +708,17 @@ function filterBySchema(obj, parentKey = '') {
     const value = obj[key];
 
     if (typeof value === 'object' && value !== null && !Array.isArray(value)) {
-      const nested = filterBySchema(value, fullKey);
-      if (Object.keys(nested).length > 0) {
-        result[key] = nested;
+      // map type: accept entire object as-is, do not recurse into sub-keys
+      const def = getDefinition(fullKey);
+      if (def && def.type === 'map') {
+        if (hasKey(fullKey) && !isLocked(fullKey)) {
+          result[key] = value;
+        }
+      } else {
+        const nested = filterBySchema(value, fullKey);
+        if (Object.keys(nested).length > 0) {
+          result[key] = nested;
+        }
       }
     } else {
       // Check schema whitelist — allow if key exists and is not locked