switchroom 0.10.0 → 0.11.1

package/telegram-plugin/gateway/diff-preview-card.test.ts

@@ -0,0 +1,192 @@
+/**
+ * Tests for the Telegram diff-preview card renderer — RFC E §4.2.
+ */
+
+import { describe, expect, it } from "vitest";
+import { InlineKeyboard } from "grammy";
+
+import { buildDiffPreview } from "../../src/drive/diff-preview.js";
+import type { DiffPreviewInput } from "../../src/drive/diff-preview.js";
+import { buildDiffPreviewCard } from "./diff-preview-card.js";
+
+/** Pull row-major button shape out of grammy's InlineKeyboard. */
+function rows(kb: InlineKeyboard): Array<Array<{ text: string; callback_data?: string; url?: string }>> {
+  return kb.inline_keyboard.map((row) =>
+    row.map((b) => ({
+      text: b.text,
+      ...("callback_data" in b ? { callback_data: b.callback_data } : {}),
+      ...("url" in b ? { url: b.url } : {}),
+    })),
+  );
+}
+
+function baseInput(overrides: Partial<DiffPreviewInput> = {}): DiffPreviewInput {
+  return {
+    agentName: "klanker",
+    docTitle: "Q3 Strategy Notes",
+    fileId: "DOC1",
+    mimeType: "application/vnd.google-apps.document",
+    resolvedAnchor: {
+      op: { kind: "insert_after", paragraphIndex: 4 },
+      displayName: "after heading 'Goals' (level 2)",
+    },
+    metrics: { linesAdded: 47, linesRemoved: 0 },
+    mode: "suggest",
+    ...overrides,
+  };
+}
+
+describe("buildDiffPreviewCard — suggest mode (default)", () => {
+  it("emits the wrapper-attested body + all four buttons in the RFC layout", () => {
+    const preview = buildDiffPreview(baseInput({ agentSummary: "Added Hiring section" }));
+    const card = buildDiffPreviewCard({
+      preview,
+      suggestRequestId: "aabbccdd",
+      writeRequestId: "11223344",
+    });
+
+    // Body: title bold + all preview lines.
+    expect(card.text).toContain("<b>");
+    expect(card.text).toContain("klanker");
+    expect(card.text).toContain("Q3 Strategy Notes");
+    expect(card.text).toContain("📍 after heading 'Goals' (level 2)");
+    expect(card.text).toContain("+47");
+    expect(card.text).toContain("💬");
+    expect(card.text).toContain("Added Hiring section");
+
+    const r = rows(card.reply_markup);
+    // Row 1: [Open in Drive] [Apply as suggestion]
+    expect(r[0]?.[0]?.text).toBe("📖 Open in Drive");
+    expect(r[0]?.[0]?.url).toBe("https://docs.google.com/document/d/DOC1/edit");
+    expect(r[0]?.[1]?.text).toBe("✅ Apply as suggestion");
+    expect(r[0]?.[1]?.callback_data).toBe("apv:aabbccdd:once");
+    // Row 2: [Apply directly] [Cancel]
+    expect(r[1]?.[0]?.text).toBe("⚠ Apply directly");
+    expect(r[1]?.[0]?.callback_data).toBe("apv:11223344:once");
+    expect(r[1]?.[1]?.text).toBe("🚫 Cancel");
+    expect(r[1]?.[1]?.callback_data).toBe("apv:aabbccdd:deny");
+  });
+
+  it("hides 'Apply directly' when writeRequestId is undefined", () => {
+    const preview = buildDiffPreview(baseInput());
+    const card = buildDiffPreviewCard({
+      preview,
+      suggestRequestId: "aabbccdd",
+    });
+    const flat = rows(card.reply_markup).flat();
+    expect(flat.find((b) => b.text === "⚠ Apply directly")).toBeUndefined();
+    // The other three buttons still present.
+    expect(flat.find((b) => b.text === "📖 Open in Drive")).toBeDefined();
+    expect(flat.find((b) => b.text === "✅ Apply as suggestion")).toBeDefined();
+    expect(flat.find((b) => b.text === "🚫 Cancel")).toBeDefined();
+  });
+});
+
+describe("buildDiffPreviewCard — write mode (opt-in via expand)", () => {
+  it("only emits Apply-directly + Open-in-Drive + Cancel (no suggest button)", () => {
+    const preview = buildDiffPreview(baseInput({ mode: "write" }));
+    const card = buildDiffPreviewCard({
+      preview,
+      // In write-mode the suggest id is still needed for the Cancel
+      // callback's deny channel — semantically Cancel is "don't grant
+      // either scope" but reusing the suggest id keeps the existing
+      // approval-callback handler stateless.
+      suggestRequestId: "aabbccdd",
+      writeRequestId: "11223344",
+    });
+
+    const r = rows(card.reply_markup);
+    const flat = r.flat();
+    expect(flat.find((b) => b.text === "✅ Apply as suggestion")).toBeUndefined();
+    const directly = flat.find((b) => b.text === "⚠ Apply directly");
+    expect(directly).toBeDefined();
+    expect(directly?.callback_data).toBe("apv:11223344:once");
+    // Title icon swaps to ⚠.
+    expect(card.text).toContain("⚠");
+  });
+});
+
+describe("buildDiffPreviewCard — input validation", () => {
+  it("throws on a malformed suggestRequestId", () => {
+    const preview = buildDiffPreview(baseInput());
+    expect(() =>
+      buildDiffPreviewCard({ preview, suggestRequestId: "not-hex" }),
+    ).toThrow(/8 hex chars/);
+  });
+
+  it("throws on a malformed writeRequestId", () => {
+    const preview = buildDiffPreview(baseInput());
+    expect(() =>
+      buildDiffPreviewCard({
+        preview,
+        suggestRequestId: "aabbccdd",
+        writeRequestId: "ABCDEF01", // wrong case
+      }),
+    ).toThrow(/8 hex chars/);
+  });
+});
+
+describe("buildDiffPreviewCard — fragility guards", () => {
+  it("drops the Open-in-Drive button when fileId is the 'pending-create' sentinel", () => {
+    // create_doc prep emits "pending-create" as a placeholder fileId
+    // (the doc doesn't exist yet). The renderer must NOT emit a Drive
+    // URL pointing at a nonexistent doc.
+    const preview = buildDiffPreview(
+      baseInput({ fileId: "pending-create" }),
+    );
+    const card = buildDiffPreviewCard({
+      preview,
+      suggestRequestId: "aabbccdd",
+    });
+    const flat = rows(card.reply_markup).flat();
+    expect(flat.find((b) => b.text === "📖 Open in Drive")).toBeUndefined();
+    // Apply buttons still present — the doc creation flow is still actionable.
+    expect(flat.find((b) => b.text === "✅ Apply as suggestion")).toBeDefined();
+  });
+
+  it("HTML-escapes title + lines (no markup injection from doc names)", () => {
+    const preview = buildDiffPreview(
+      baseInput({ docTitle: "<script>alert(1)</script>" }),
+    );
+    const card = buildDiffPreviewCard({
+      preview,
+      suggestRequestId: "aabbccdd",
+    });
+    expect(card.text).not.toContain("<script>");
+    expect(card.text).toContain("&lt;script&gt;");
+  });
+
+  it("HTML-escapes the agent-supplied summary", () => {
+    const preview = buildDiffPreview(
+      baseInput({ agentSummary: "Hi <b>bold</b> & <i>tags</i>" }),
+    );
+    const card = buildDiffPreviewCard({
+      preview,
+      suggestRequestId: "aabbccdd",
+    });
+    expect(card.text).not.toMatch(/💬.*<b>/);
+    expect(card.text).toContain("&lt;b&gt;");
+  });
+});
+
+describe("buildDiffPreviewCard — audit fidelity", () => {
+  it("preview audit row matches what the user sees on the card", () => {
+    const input = baseInput({ agentSummary: "Added the Hiring section" });
+    const preview = buildDiffPreview(input);
+    const card = buildDiffPreviewCard({
+      preview,
+      suggestRequestId: "aabbccdd",
+      writeRequestId: "11223344",
+    });
+    // The audit row captures both wrapper truth + agent framing,
+    // exactly as surfaced on the card.
+    expect(preview.audit.wrapperAttested.anchorDisplayName).toBe(
+      "after heading 'Goals' (level 2)",
+    );
+    expect(preview.audit.wrapperAttested.linesAdded).toBe(47);
+    expect(preview.audit.agentSupplied.summary).toBe("Added the Hiring section");
+    // Card body contains both.
+    expect(card.text).toContain("after heading 'Goals' (level 2)");
+    expect(card.text).toContain("Added the Hiring section");
+  });
+});

package/telegram-plugin/gateway/diff-preview-card.ts

@@ -0,0 +1,170 @@
+/**
+ * Telegram renderer for the diff-preview approval card — RFC E §4.2.
+ *
+ * Takes a `DiffPreview` (output of `src/drive/diff-preview.ts`) plus the
+ * two pre-registered approval-kernel request ids — one for the suggest
+ * scope, one for the write scope — and emits a `BuiltApprovalCard`
+ * (HTML body + grammy InlineKeyboard).
+ *
+ * Why two request ids? The card surfaces both "Apply as suggestion"
+ * and "Apply directly" buttons; each one grants a different kernel
+ * scope (`doc:gdrive:suggest:<id>` vs `doc:gdrive:write:<id>`). The
+ * upstream caller (the MCP-tool wrapper, or whoever's posting the
+ * card) registers BOTH up front with `approval_request`, then passes
+ * both ids into this renderer. The user taps one; the other expires
+ * naturally on the kernel side.
+ *
+ * Each action button reuses the existing `apv:<request_id>:once`
+ * callback shape so the generic kernel handler at
+ * `approval-callback.ts` records the grant without surface-specific
+ * routing. The "✅ once" semantics line up with the diff-preview's
+ * single-shot "do this edit now" intent.
+ */
+
+import { InlineKeyboard } from "grammy";
+import type { DiffPreview } from "../../src/drive/diff-preview.js";
+
+export interface BuiltDiffPreviewCard {
+  text: string;
+  reply_markup: InlineKeyboard;
+}
+
+export interface DiffPreviewCardInput {
+  preview: DiffPreview;
+  /**
+   * Kernel request id pre-registered for `doc:gdrive:suggest:<doc_id>`.
+   * Required — the suggest path is the RFC's default. When undefined
+   * the renderer throws (an "approval card with no Apply button"
+   * isn't a coherent UX).
+   */
+  suggestRequestId: string;
+  /**
+   * Kernel request id pre-registered for `doc:gdrive:write:<doc_id>`.
+   * Optional — when omitted, the "⚠ Apply directly" button is hidden
+   * (used for `gdrive_suggest_edit` callers that don't want to offer
+   * the direct-write escalation at all). When `preview.buttons` has
+   * an `apply_directly` entry but this is omitted, the button is
+   * dropped silently.
+   */
+  writeRequestId?: string;
+}
+
+/**
+ * 8-hex request id shape — same regex the kernel uses (RFC B §6.1).
+ * Defense in depth — a malformed request id would render an invalid
+ * callback_data that the dispatcher rejects, but we'd rather fail
+ * loudly at build time.
+ */
+const REQUEST_ID_RE = /^[0-9a-f]{8}$/;
+
+/**
+ * Fragility-guard from B2 review: the `create_doc` prep helper
+ * synthesises a "pending-create" placeholder fileId because the
+ * doc doesn't exist yet. `validateDriveId` happily accepts the
+ * literal "pending-create" string (it's alnum + `-`), so a naive
+ * Open-in-Drive button would emit a broken link. The renderer
+ * detects the sentinel and drops the open-in-drive row instead of
+ * rendering a dead link.
+ */
+const PENDING_FILE_ID_SENTINEL = "pending-create";
+
+export function buildDiffPreviewCard(
+  input: DiffPreviewCardInput,
+): BuiltDiffPreviewCard {
+  if (!REQUEST_ID_RE.test(input.suggestRequestId)) {
+    throw new Error(
+      `buildDiffPreviewCard: suggestRequestId must be 8 hex chars (got '${input.suggestRequestId}')`,
+    );
+  }
+  if (input.writeRequestId !== undefined && !REQUEST_ID_RE.test(input.writeRequestId)) {
+    throw new Error(
+      `buildDiffPreviewCard: writeRequestId must be 8 hex chars (got '${input.writeRequestId}')`,
+    );
+  }
+
+  const preview = input.preview;
+
+  // Body: title + every diff-preview line in order, HTML-escaped.
+  // The 📍 + line-count rows are surfaced verbatim — they're
+  // wrapper-attested and the agent has no input into their content.
+  const bodyLines: string[] = [];
+  bodyLines.push(`<b>${escapeHtml(preview.title)}</b>`);
+  for (const line of preview.lines) {
+    bodyLines.push(escapeHtml(line.text));
+  }
+  const text = bodyLines.join("\n");
+
+  const kb = new InlineKeyboard();
+
+  // Layout per RFC E §4.2 mockup:
+  //   row 1: [ 📖 Open in Drive ]  [ ✅ Apply as suggestion ]
+  //   row 2: [ ⚠ Apply directly ]   [ 🚫 Cancel ]
+  //
+  // Buttons whose `action` doesn't match a known shape are dropped
+  // silently — the diff-preview builder is the source of truth for
+  // which buttons exist; the renderer just maps them to callbacks.
+  const ROW_BREAK_AFTER: Array<DiffPreview["buttons"][number]["action"]> = [
+    "apply_suggestion",
+  ];
+  // `DiffPreview` doesn't carry the original mode, so infer from the
+  // button set: in suggest mode the builder always emits both
+  // `apply_suggestion` and `apply_directly`; in write mode it emits
+  // only `apply_directly`. The renderer drops `apply_directly` when
+  // a writeRequestId wasn't provided AND a suggestion path exists
+  // — caller chose to offer only Suggesting.
+  const offeringSuggestion = preview.buttons.some(
+    (b) => b.action === "apply_suggestion",
+  );
+  const droppedDirectly =
+    offeringSuggestion && input.writeRequestId === undefined;
+
+  const isPendingFileId =
+    preview.audit.wrapperAttested.fileId === PENDING_FILE_ID_SENTINEL;
+
+  let rowStarted = false;
+  const breakRow = () => {
+    if (rowStarted) {
+      kb.row();
+      rowStarted = false;
+    }
+  };
+
+  for (const btn of preview.buttons) {
+    switch (btn.action) {
+      case "open_in_drive": {
+        if (isPendingFileId) break; // drop sentinel-URL buttons
+        if (typeof btn.url !== "string" || btn.url.length === 0) break;
+        kb.url(btn.text, btn.url);
+        rowStarted = true;
+        break;
+      }
+      case "apply_suggestion": {
+        kb.text(btn.text, `apv:${input.suggestRequestId}:once`);
+        rowStarted = true;
+        break;
+      }
+      case "apply_directly": {
+        if (droppedDirectly) break;
+        const id = input.writeRequestId ?? input.suggestRequestId;
+        kb.text(btn.text, `apv:${id}:once`);
+        rowStarted = true;
+        break;
+      }
+      case "cancel": {
+        kb.text(btn.text, `apv:${input.suggestRequestId}:deny`);
+        rowStarted = true;
+        break;
+      }
+    }
+    if (ROW_BREAK_AFTER.includes(btn.action)) breakRow();
+  }
+
+  return { text, reply_markup: kb };
+}
+
+function escapeHtml(s: string): string {
+  return s
+    .replace(/&/g, "&amp;")
+    .replace(/</g, "&lt;")
+    .replace(/>/g, "&gt;");
+}

package/telegram-plugin/gateway/drive-write-approval.test.ts

@@ -0,0 +1,312 @@
+/**
+ * Tests for the Drive-write IPC handler — RFC E §4.2 Cut 2.
+ */
+
+import { describe, expect, it } from "vitest";
+
+import type {
+  DriveApprovalPostedEvent,
+  RequestDriveApprovalMessage,
+} from "./ipc-protocol.js";
+import {
+  type DriveApprovalHandlerDeps,
+  handleRequestDriveApproval,
+} from "./drive-write-approval.js";
+
+// ────────────────────────────────────────────────────────────────────────
+// Fixtures
+// ────────────────────────────────────────────────────────────────────────
+
+/** Valid DiffPreviewInput shape — matches src/drive/diff-preview.ts. */
+function validPreview(): Record<string, unknown> {
+  return {
+    agentName: "klanker",
+    docTitle: "Q3 Strategy Notes",
+    fileId: "DOC1",
+    mimeType: "application/vnd.google-apps.document",
+    resolvedAnchor: {
+      op: { kind: "insert_after", paragraphIndex: 4 },
+      displayName: "inside section 'Goals' (level 2)",
+    },
+    metrics: { linesAdded: 5, linesRemoved: 0 },
+    mode: "write",
+  };
+}
+
+interface Spy {
+  sent: DriveApprovalPostedEvent[];
+  registered: Array<{
+    scope: string;
+    action: string;
+    ttl_ms: number;
+    approver_set: string[];
+  }>;
+  posted: Array<{
+    chatId: number | string;
+    threadId?: number;
+    text: string;
+  }>;
+  logs: string[];
+}
+
+function makeSpy(): Spy {
+  return { sent: [], registered: [], posted: [], logs: [] };
+}
+
+function deps(overrides: Partial<DriveApprovalHandlerDeps> & { spy: Spy }): DriveApprovalHandlerDeps {
+  const spy = overrides.spy;
+  return {
+    agentName: "klanker",
+    loadAllowFrom: () => ["12345"],
+    loadTargetChat: () => ({ chatId: 999 }),
+    registerApproval: async (args) => {
+      spy.registered.push({
+        scope: args.scope,
+        action: args.action,
+        ttl_ms: args.ttl_ms,
+        approver_set: args.approver_set,
+      });
+      return { request_id: "aabbccdd", expires_at_ms: Date.now() + args.ttl_ms };
+    },
+    postCard: async (args) => {
+      spy.posted.push({
+        chatId: args.chatId,
+        ...(args.threadId !== undefined ? { threadId: args.threadId } : {}),
+        text: args.text,
+      });
+      return { messageId: 42 };
+    },
+    buildCard: () => ({ text: "diff-preview card body", reply_markup: { stub: true } }),
+    log: (m) => spy.logs.push(m),
+    ...overrides,
+  };
+}
+
+function clientFor(spy: Spy): { send: (msg: unknown) => void } {
+  return {
+    send: (msg) => {
+      const m = msg as DriveApprovalPostedEvent;
+      if (m.type === "drive_approval_posted") spy.sent.push(m);
+    },
+  };
+}
+
+function msgFor(overrides: Partial<RequestDriveApprovalMessage> = {}): RequestDriveApprovalMessage {
+  return {
+    type: "request_drive_approval",
+    correlationId: "corr-1",
+    agentName: "klanker",
+    preview: validPreview(),
+    ...overrides,
+  };
+}
+
+// ────────────────────────────────────────────────────────────────────────
+// Happy path
+// ────────────────────────────────────────────────────────────────────────
+
+describe("handleRequestDriveApproval — happy path", () => {
+  it("registers the kernel request + posts the card + replies success", async () => {
+    const spy = makeSpy();
+    await handleRequestDriveApproval(clientFor(spy), msgFor(), deps({ spy }));
+    expect(spy.registered).toHaveLength(1);
+    expect(spy.registered[0]).toEqual({
+      scope: "doc:gdrive:write:DOC1",
+      action: "write",
+      ttl_ms: 5 * 60 * 1000,
+      approver_set: ["12345"],
+    });
+    expect(spy.posted).toHaveLength(1);
+    expect(spy.posted[0]?.chatId).toBe(999);
+    expect(spy.sent).toHaveLength(1);
+    expect(spy.sent[0]).toMatchObject({
+      type: "drive_approval_posted",
+      correlationId: "corr-1",
+      ok: true,
+      requestId: "aabbccdd",
+    });
+    expect(spy.sent[0]?.expiresAtMs).toBeGreaterThan(Date.now());
+  });
+
+  it("threads threadId through to postCard when targetChat has one", async () => {
+    const spy = makeSpy();
+    await handleRequestDriveApproval(
+      clientFor(spy),
+      msgFor(),
+      deps({ spy, loadTargetChat: () => ({ chatId: 999, threadId: 7 }) }),
+    );
+    expect(spy.posted[0]?.threadId).toBe(7);
+  });
+
+  it("respects a caller-supplied ttlMs (within clamp)", async () => {
+    const spy = makeSpy();
+    await handleRequestDriveApproval(
+      clientFor(spy),
+      msgFor({ ttlMs: 90_000 }),
+      deps({ spy }),
+    );
+    expect(spy.registered[0]?.ttl_ms).toBe(90_000);
+  });
+});
+
+// ────────────────────────────────────────────────────────────────────────
+// Refusals
+// ────────────────────────────────────────────────────────────────────────
+
+describe("handleRequestDriveApproval — refusals", () => {
+  it("refuses cross-agent requests", async () => {
+    const spy = makeSpy();
+    await handleRequestDriveApproval(
+      clientFor(spy),
+      msgFor({ agentName: "clerk" }),
+      deps({ spy }),
+    );
+    expect(spy.registered).toEqual([]);
+    expect(spy.sent[0]?.ok).toBe(false);
+    expect(spy.sent[0]?.reason).toMatch(/serves 'klanker'/);
+  });
+
+  it("refuses malformed preview payloads", async () => {
+    const spy = makeSpy();
+    await handleRequestDriveApproval(
+      clientFor(spy),
+      msgFor({ preview: { junk: true } }),
+      deps({ spy }),
+    );
+    expect(spy.registered).toEqual([]);
+    expect(spy.sent[0]?.ok).toBe(false);
+    expect(spy.sent[0]?.reason).toMatch(/invalid preview/);
+  });
+
+  it("refuses when no operator allowFrom is configured", async () => {
+    const spy = makeSpy();
+    await handleRequestDriveApproval(
+      clientFor(spy),
+      msgFor(),
+      deps({ spy, loadAllowFrom: () => [] }),
+    );
+    expect(spy.sent[0]?.ok).toBe(false);
+    expect(spy.sent[0]?.reason).toMatch(/allowFrom/);
+  });
+
+  it("refuses when no target chat is available", async () => {
+    const spy = makeSpy();
+    await handleRequestDriveApproval(
+      clientFor(spy),
+      msgFor(),
+      deps({ spy, loadTargetChat: () => null }),
+    );
+    expect(spy.sent[0]?.ok).toBe(false);
+    expect(spy.sent[0]?.reason).toMatch(/target chat/);
+  });
+});
+
+// ────────────────────────────────────────────────────────────────────────
+// Failure modes
+// ────────────────────────────────────────────────────────────────────────
+
+describe("handleRequestDriveApproval — downstream failures", () => {
+  it("kernel approval_request failure → ok:false with diagnostic reason", async () => {
+    const spy = makeSpy();
+    await handleRequestDriveApproval(
+      clientFor(spy),
+      msgFor(),
+      deps({ spy, registerApproval: async () => null }),
+    );
+    expect(spy.posted).toEqual([]); // card not posted
+    expect(spy.sent[0]?.ok).toBe(false);
+    expect(spy.sent[0]?.reason).toMatch(/kernel approval_request/);
+  });
+
+  it("card build throw → ok:false (caught + reported)", async () => {
+    const spy = makeSpy();
+    await handleRequestDriveApproval(
+      clientFor(spy),
+      msgFor(),
+      deps({
+        spy,
+        buildCard: () => {
+          throw new Error("invalid request id");
+        },
+      }),
+    );
+    expect(spy.posted).toEqual([]);
+    expect(spy.sent[0]?.ok).toBe(false);
+    expect(spy.sent[0]?.reason).toMatch(/card build failed/);
+  });
+
+  it("Telegram sendMessage failure → ok:false", async () => {
+    const spy = makeSpy();
+    await handleRequestDriveApproval(
+      clientFor(spy),
+      msgFor(),
+      deps({ spy, postCard: async () => null }),
+    );
+    expect(spy.sent[0]?.ok).toBe(false);
+    expect(spy.sent[0]?.reason).toMatch(/sendMessage failed/);
+  });
+});
+
+// ────────────────────────────────────────────────────────────────────────
+// TTL clamping
+// ────────────────────────────────────────────────────────────────────────
+
+describe("handleRequestDriveApproval — TTL clamping", () => {
+  it("clamps below-min TTL up to the minimum", async () => {
+    const spy = makeSpy();
+    await handleRequestDriveApproval(
+      clientFor(spy),
+      msgFor({ ttlMs: 1000 }),
+      deps({ spy }),
+    );
+    expect(spy.registered[0]?.ttl_ms).toBe(30_000); // min default
+  });
+
+  it("clamps above-max TTL down to the maximum", async () => {
+    const spy = makeSpy();
+    await handleRequestDriveApproval(
+      clientFor(spy),
+      msgFor({ ttlMs: 999_999_999 }),
+      deps({ spy }),
+    );
+    expect(spy.registered[0]?.ttl_ms).toBe(30 * 60 * 1000); // max default
+  });
+
+  it("uses the configured default when ttlMs is undefined", async () => {
+    const spy = makeSpy();
+    await handleRequestDriveApproval(clientFor(spy), msgFor(), deps({ spy }));
+    expect(spy.registered[0]?.ttl_ms).toBe(5 * 60 * 1000);
+  });
+});
+
+// ────────────────────────────────────────────────────────────────────────
+// Always responds (no path drops the response)
+// ────────────────────────────────────────────────────────────────────────
+
+describe("handleRequestDriveApproval — invariant: always sends a reply", () => {
+  it("every refusal path emits exactly one drive_approval_posted event", async () => {
+    const cases: Array<Partial<DriveApprovalHandlerDeps> | "cross-agent" | "bad-preview"> = [
+      "cross-agent",
+      "bad-preview",
+      { loadAllowFrom: () => [] },
+      { loadTargetChat: () => null },
+      { registerApproval: async () => null },
+      { postCard: async () => null },
+    ];
+    for (const c of cases) {
+      const spy = makeSpy();
+      const msg =
+        c === "cross-agent"
+          ? msgFor({ agentName: "clerk" })
+          : c === "bad-preview"
+            ? msgFor({ preview: { bad: true } })
+            : msgFor();
+      const dep =
+        c === "cross-agent" || c === "bad-preview"
+          ? deps({ spy })
+          : deps({ spy, ...c });
+      await handleRequestDriveApproval(clientFor(spy), msg, dep);
+      expect(spy.sent).toHaveLength(1);
+    }
+  });
+});