token-studio 4.8.0

package/test/api-v2.test.mjs

@@ -0,0 +1,278 @@
+import assert from 'node:assert/strict';
+import { spawn } from 'node:child_process';
+import { existsSync, mkdtempSync, rmSync } from 'node:fs';
+import { tmpdir } from 'node:os';
+import { join } from 'node:path';
+import test from 'node:test';
+import { openDb, upsertDaily, upsertSession } from '../src/db.mjs';
+
+test('v2 APIs cover alias rules, batch annotations, outputs, backup, export and import', async () => {
+  const dir = mkdtempSync(join(tmpdir(), 'token-studio-api-v2-'));
+  const dbPath = join(dir, 'usage.sqlite');
+  const backupDir = join(dir, 'backups');
+  const port = 5300 + Math.floor(Math.random() * 1000);
+  seedDb(dbPath);
+
+  const child = spawn(process.execPath, ['src/server.mjs'], {
+    cwd: process.cwd(),
+    env: {
+      ...process.env,
+      PORT: String(port),
+      DB_PATH: dbPath,
+      BACKUP_DIR: backupDir,
+      SCHEDULED_COLLECT_ENABLED: 'false'
+    },
+    stdio: ['ignore', 'pipe', 'pipe'],
+    windowsHide: true
+  });
+  let stdout = '';
+  let stderr = '';
+  child.stdout.setEncoding('utf8');
+  child.stderr.setEncoding('utf8');
+  child.stdout.on('data', chunk => { stdout += chunk; });
+  child.stderr.on('data', chunk => { stderr += chunk; });
+
+  try {
+    await waitForApi(port, () => ({ stdout, stderr, exited: child.exitCode != null, exitCode: child.exitCode }));
+    assert.match(stdout, /listening on 127\.0\.0\.1/);
+
+    const rulePayload = {
+      pattern: 'D:\\HighROIProjects\\TokenStudio',
+      matchType: 'prefix',
+      projectAlias: 'Token Studio',
+      enabled: true
+    };
+    const ruleSaved = await postJson(port, '/api/project-alias-rules', rulePayload);
+    assert.equal(ruleSaved.rule.projectAlias, 'Token Studio');
+
+    const rules = await getJson(port, '/api/project-alias-rules');
+    assert.equal(rules.rules.length, 1);
+    assert.equal(rules.matchTypes.includes('prefix'), true);
+
+    const withRule = await getJson(port, '/api/data');
+    const codex = withRule.sessions.find(session => session.sessionId === 'codex:one');
+    assert.equal(codex.projectAlias, 'Token Studio');
+    assert.equal(codex.manualProjectAlias, null);
+    assert.equal(codex.ruleProjectAlias, 'Token Studio');
+
+    await postJson(port, '/api/session-annotations', {
+      device: 'devbox',
+      source: 'Codex CLI',
+      sessionId: 'codex:one',
+      projectAlias: 'Manual Studio',
+      taskType: '功能开发',
+      outputStatus: '已完成',
+      workPurpose: '方案设计',
+      workStage: '实现',
+      valueLevel: '高'
+    });
+    const manual = await getJson(port, '/api/data');
+    const manualSession = manual.sessions.find(session => session.sessionId === 'codex:one');
+    assert.equal(manualSession.projectAlias, 'Manual Studio');
+    assert.equal(manualSession.workPurpose, '方案设计');
+    assert.equal(manualSession.workStage, '实现');
+    assert.equal(manualSession.valueLevel, '高');
+    assert.equal(manual.meta.workPurposes.includes('测试验证'), true);
+    assert.equal(manual.meta.workStages.includes('探索'), true);
+    assert.equal(manual.meta.valueLevels.includes('关键'), true);
+    assert.equal(manual.meta.outputTypes.includes('PR'), true);
+
+    await postJson(port, '/api/session-outputs', {
+      device: 'devbox',
+      source: 'Codex CLI',
+      sessionId: 'codex:one',
+      outputUrl: 'https://github.com/example/repo/pull/42',
+      outputLabel: 'PR #42',
+      outputType: 'PR'
+    });
+    const withOutput = await getJson(port, '/api/data');
+    const outputSession = withOutput.sessions.find(session => session.sessionId === 'codex:one');
+    assert.equal(outputSession.outputLabel, 'PR #42');
+    assert.equal(outputSession.outputType, 'PR');
+
+    await assertRejectsWithStatus(
+      fetch(`http://127.0.0.1:${port}/api/session-annotations/batch`, {
+        method: 'POST',
+        headers: { 'Content-Type': 'text/plain' },
+        body: '{}'
+      }),
+      415
+    );
+
+    await assertRejectsWithStatus(
+      fetch(`http://127.0.0.1:${port}/api/session-outputs`, {
+        method: 'POST',
+        headers: {
+          'Content-Type': 'application/json',
+          Origin: 'http://evil.example'
+        },
+        body: JSON.stringify({
+          device: 'devbox',
+          source: 'Codex CLI',
+          sessionId: 'codex:one',
+          outputUrl: 'https://example.com'
+        })
+      }),
+      403
+    );
+
+    const batch = await postJson(port, '/api/session-annotations/batch', {
+      sessions: [{ device: 'devbox', source: 'Claude Code', sessionId: 'claude:two' }],
+      values: { taskType: '问题修复', outputStatus: '已废弃', workPurpose: '测试验证', workStage: '验证', valueLevel: '低', note: '批量处理' }
+    });
+    assert.equal(batch.updated, 1);
+
+    const afterBatch = await getJson(port, '/api/data');
+    const claude = afterBatch.sessions.find(session => session.sessionId === 'claude:two');
+    assert.equal(claude.taskType, '问题修复');
+    assert.equal(claude.outputStatus, '已废弃');
+    assert.equal(claude.workPurpose, '测试验证');
+    assert.equal(claude.workStage, '验证');
+    assert.equal(claude.valueLevel, '低');
+
+    const backup = await postJson(port, '/api/backup', {});
+    assert.equal(backup.ok, true);
+    assert.equal(existsSync(backup.backup.path), true);
+
+    const exported = await getJson(port, '/api/export/annotations');
+    assert.equal(exported.version, 3);
+    assert.equal(exported.sessionAnnotations.length, 2);
+    assert.equal(exported.sessionOutputs.length, 1);
+    assert.equal(exported.projectAliasRules.length, 1);
+    assert.equal(exported.sessionAnnotations.find(row => row.sessionId === 'codex:one').valueLevel, '高');
+    assert.equal(exported.sessionOutputs[0].outputType, 'PR');
+
+    const imported = await postJson(port, '/api/import/annotations', exported);
+    assert.deepEqual(imported.imported, {
+      sessionAnnotations: 2,
+      sessionOutputs: 1,
+      projectAliasRules: 1
+    });
+
+    const deletedOutput = await deleteJson(port, '/api/session-outputs', {
+      device: 'devbox',
+      source: 'Codex CLI',
+      sessionId: 'codex:one'
+    });
+    assert.equal(deletedOutput.deleted, 1);
+
+    const deletedRule = await deleteJson(port, '/api/project-alias-rules', { id: ruleSaved.rule.id });
+    assert.equal(deletedRule.deleted, 1);
+  } finally {
+    await stopChild(child);
+    rmSync(dir, { recursive: true, force: true });
+  }
+});
+
+function seedDb(dbPath) {
+  const db = openDb(dbPath);
+  try {
+    for (const row of [
+      {
+        device: 'devbox',
+        source: 'Codex CLI',
+        usageDate: '2026-06-10',
+        model: 'codex-mini',
+        inputTokens: 200,
+        outputTokens: 100,
+        totalTokens: 300,
+        costUSD: 0.03
+      },
+      {
+        device: 'devbox',
+        source: 'Claude Code',
+        usageDate: '2026-06-10',
+        model: 'claude-sonnet',
+        inputTokens: 400,
+        outputTokens: 100,
+        totalTokens: 500,
+        costUSD: 0.05
+      }
+    ]) {
+      upsertDaily(db, row);
+    }
+    for (const row of [
+      {
+        device: 'devbox',
+        source: 'Codex CLI',
+        sessionId: 'codex:one',
+        lastActivity: '2026-06-10T01:00:00.000Z',
+        projectPath: 'D:\\HighROIProjects\\TokenStudio',
+        inputTokens: 200,
+        outputTokens: 100,
+        totalTokens: 300,
+        costUSD: 0.03
+      },
+      {
+        device: 'devbox',
+        source: 'Claude Code',
+        sessionId: 'claude:two',
+        lastActivity: '2026-06-10T02:00:00.000Z',
+        projectPath: 'D:\\HighROIProjects\\Other',
+        inputTokens: 400,
+        outputTokens: 100,
+        totalTokens: 500,
+        costUSD: 0.05
+      }
+    ]) {
+      upsertSession(db, row);
+    }
+  } finally {
+    db.close();
+  }
+}
+
+async function waitForApi(port, diagnostics) {
+  const start = Date.now();
+  let lastError = null;
+  while (Date.now() - start < 5000) {
+    try {
+      await getJson(port, '/api/data');
+      return;
+    } catch (error) {
+      lastError = error;
+      await new Promise(resolve => setTimeout(resolve, 100));
+    }
+  }
+  const details = diagnostics ? diagnostics() : {};
+  throw new Error(`server did not start in time: ${lastError?.message || 'no response'}\nstdout=${details.stdout || ''}\nstderr=${details.stderr || ''}\nexit=${details.exited ? details.exitCode : 'running'}`);
+}
+
+async function getJson(port, path) {
+  const response = await fetch(`http://127.0.0.1:${port}${path}`);
+  if (!response.ok) assert.fail(await response.text());
+  return response.json();
+}
+
+async function postJson(port, path, body) {
+  const response = await fetch(`http://127.0.0.1:${port}${path}`, {
+    method: 'POST',
+    headers: { 'Content-Type': 'application/json' },
+    body: JSON.stringify(body)
+  });
+  if (!response.ok) assert.fail(await response.text());
+  return response.json();
+}
+
+async function deleteJson(port, path, body) {
+  const response = await fetch(`http://127.0.0.1:${port}${path}`, {
+    method: 'DELETE',
+    headers: { 'Content-Type': 'application/json' },
+    body: JSON.stringify(body)
+  });
+  if (!response.ok) assert.fail(await response.text());
+  return response.json();
+}
+
+async function assertRejectsWithStatus(responsePromise, expectedStatus) {
+  const response = await responsePromise;
+  assert.equal(response.status, expectedStatus, await response.text());
+}
+
+function stopChild(child) {
+  if (child.exitCode != null) return Promise.resolve();
+  return new Promise(resolve => {
+    child.once('close', resolve);
+    child.kill();
+  });
+}

package/test/api-v43.test.mjs

@@ -0,0 +1,151 @@
+import assert from 'node:assert/strict';
+import { spawn } from 'node:child_process';
+import { mkdtempSync, rmSync } from 'node:fs';
+import { tmpdir } from 'node:os';
+import { join } from 'node:path';
+import test from 'node:test';
+import { openDb, upsertTokenEvent } from '../src/db.mjs';
+
+test('v4.3 APIs cover budget profiles and advisor actions', async () => {
+  const dir = mkdtempSync(join(tmpdir(), 'token-studio-api-v43-'));
+  const dbPath = join(dir, 'usage.sqlite');
+  const port = 6300 + Math.floor(Math.random() * 1000);
+  seedDb(dbPath);
+
+  const child = spawn(process.execPath, ['src/server.mjs'], {
+    cwd: process.cwd(),
+    env: {
+      ...process.env,
+      PORT: String(port),
+      DB_PATH: dbPath,
+      SCHEDULED_COLLECT_ENABLED: 'false'
+    },
+    stdio: ['ignore', 'pipe', 'pipe'],
+    windowsHide: true
+  });
+
+  try {
+    await waitForApi(port);
+    const budget = await postJson(port, '/api/budget-profiles', {
+      source: 'Codex CLI',
+      label: 'Codex 15m',
+      windowMinutes: 15,
+      tokenBudget: 1000
+    });
+    assert.equal(budget.profile.enabled, true);
+
+    const budgets = await getJson(port, '/api/budget-profiles');
+    assert.equal(budgets.profiles.length, 1);
+
+    const live = await getJson(port, '/api/live');
+    assert.equal(live.budgetWindows.length, 1);
+    assert.ok(live.warnings.some(item => item.type === 'budget-exceeded'));
+
+    const action = await postJson(port, '/api/advisor-actions', {
+      periodStart: '2026-06-17',
+      periodEnd: '2026-06-17',
+      category: '节省模拟',
+      title: '测试验证换轻量模型',
+      action: '下周测试验证默认先用轻量模型',
+      evidence: '1 session',
+      sourceRule: 'savings:test'
+    });
+    assert.equal(action.action.status, 'open');
+
+    const done = await postJson(port, '/api/advisor-actions', {
+      ...action.action,
+      status: 'done'
+    });
+    assert.equal(done.action.id, action.action.id);
+    assert.equal(done.action.status, 'done');
+
+    const data = await getJson(port, '/api/data');
+    assert.equal(data.budgetProfiles.length, 1);
+    assert.equal(data.advisorActions[0].status, 'done');
+
+    await assertRejectsWithStatus(fetch(`http://127.0.0.1:${port}/api/budget-profiles`, {
+      method: 'POST',
+      headers: { 'Content-Type': 'text/plain' },
+      body: '{}'
+    }), 415);
+
+    const deletedAction = await deleteJson(port, `/api/advisor-actions/${action.action.id}`, {});
+    assert.equal(deletedAction.deleted, 1);
+    const deletedBudget = await deleteJson(port, '/api/budget-profiles', { id: budget.profile.id });
+    assert.equal(deletedBudget.deleted, 1);
+  } finally {
+    await stopChild(child);
+    rmSync(dir, { recursive: true, force: true });
+  }
+});
+
+function seedDb(dbPath) {
+  const db = openDb(dbPath);
+  try {
+    upsertTokenEvent(db, {
+      eventId: 'budget-api-warning',
+      device: 'devbox',
+      source: 'Codex CLI',
+      sessionId: 's1',
+      timestamp: new Date().toISOString(),
+      model: 'gpt-5.3-codex',
+      inputTokens: 1200,
+      outputTokens: 200
+    });
+  } finally {
+    db.close();
+  }
+}
+
+async function waitForApi(port) {
+  const start = Date.now();
+  while (Date.now() - start < 5000) {
+    try {
+      const response = await fetch(`http://127.0.0.1:${port}/api/data`);
+      if (response.ok) return;
+    } catch {
+      // Retry while the server starts.
+    }
+    await new Promise(resolve => setTimeout(resolve, 100));
+  }
+  throw new Error('server did not start in time');
+}
+
+async function getJson(port, path) {
+  const response = await fetch(`http://127.0.0.1:${port}${path}`);
+  if (!response.ok) assert.fail(await response.text());
+  return response.json();
+}
+
+async function postJson(port, path, body) {
+  const response = await fetch(`http://127.0.0.1:${port}${path}`, {
+    method: 'POST',
+    headers: { 'Content-Type': 'application/json' },
+    body: JSON.stringify(body)
+  });
+  if (!response.ok) assert.fail(await response.text());
+  return response.json();
+}
+
+async function deleteJson(port, path, body) {
+  const response = await fetch(`http://127.0.0.1:${port}${path}`, {
+    method: 'DELETE',
+    headers: { 'Content-Type': 'application/json' },
+    body: JSON.stringify(body)
+  });
+  if (!response.ok) assert.fail(await response.text());
+  return response.json();
+}
+
+async function assertRejectsWithStatus(responsePromise, expectedStatus) {
+  const response = await responsePromise;
+  assert.equal(response.status, expectedStatus, await response.text());
+}
+
+function stopChild(child) {
+  if (child.exitCode != null) return Promise.resolve();
+  return new Promise(resolve => {
+    child.once('close', resolve);
+    child.kill();
+  });
+}

package/test/api-v44.test.mjs

@@ -0,0 +1,128 @@
+import assert from 'node:assert/strict';
+import { spawn } from 'node:child_process';
+import { existsSync, mkdtempSync, rmSync } from 'node:fs';
+import { tmpdir } from 'node:os';
+import { join } from 'node:path';
+import test from 'node:test';
+import { openDb } from '../src/db.mjs';
+
+test('ccusage import API dry-runs before explicit apply', async () => {
+  const dir = mkdtempSync(join(tmpdir(), 'token-studio-api-v44-'));
+  const dbPath = join(dir, 'usage.sqlite');
+  const port = 7400 + Math.floor(Math.random() * 1000);
+  const db = openDb(dbPath);
+  db.close();
+
+  const child = spawn(process.execPath, ['src/server.mjs'], {
+    cwd: process.cwd(),
+    env: {
+      ...process.env,
+      PORT: String(port),
+      DB_PATH: dbPath,
+      BACKUP_DIR: join(dir, 'backups'),
+      SCHEDULED_COLLECT_ENABLED: 'false'
+    },
+    stdio: ['ignore', 'pipe', 'pipe'],
+    windowsHide: true
+  });
+
+  try {
+    await waitForApi(port);
+    const payload = {
+      daily: [{
+        date: '2026-06-17',
+        source: 'Codex CLI',
+        session: 'ccusage-api-s1',
+        model: 'vendor-private-unpriced-model',
+        inputTokens: 1200,
+        outputTokens: 300,
+        cacheReadTokens: 100,
+        totalTokens: 1600,
+        costUSD: 99
+      }]
+    };
+
+    const dryRun = await postJson(port, '/api/import/ccusage-json', {
+      payload,
+      apply: false
+    });
+    assert.equal(dryRun.mode, 'dry-run');
+    assert.equal(dryRun.daily, 1);
+    assert.equal(dryRun.sessions, 1);
+    assert.equal(dryRun.tokenEvents, 1);
+    assert.ok(dryRun.warnings.some(item => item.type === 'ignored-imported-cost'));
+
+    const before = await getJson(port, '/api/data');
+    assert.equal(before.daily.length, 0);
+    assert.equal(before.sessions.length, 0);
+
+    const unsafe = await fetch(`http://127.0.0.1:${port}/api/import/ccusage-json`, {
+      method: 'POST',
+      headers: { 'Content-Type': 'application/json' },
+      body: JSON.stringify({
+        payload: {
+          daily: [{ date: '2026-06-17', model: 'gpt-5.3-codex', inputTokens: 1 }],
+          prompt: 'do not import'
+        }
+      })
+    });
+    assert.equal(unsafe.status, 400);
+    assert.match(await unsafe.text(), /conversation-like field/);
+
+    const applied = await postJson(port, '/api/import/ccusage-json', {
+      payload,
+      apply: true
+    });
+    assert.equal(applied.mode, 'apply');
+    assert.equal(applied.applied.daily, 1);
+    assert.equal(applied.applied.sessions, 1);
+    assert.equal(applied.applied.tokenEvents, 1);
+    assert.ok(applied.backup?.path);
+    assert.ok(existsSync(applied.backup.path));
+
+    const after = await getJson(port, '/api/data');
+    assert.equal(after.daily.length, 1);
+    assert.equal(after.sessions.length, 1);
+  } finally {
+    await stopChild(child);
+    rmSync(dir, { recursive: true, force: true });
+  }
+});
+
+async function waitForApi(port) {
+  const start = Date.now();
+  while (Date.now() - start < 5000) {
+    try {
+      const response = await fetch(`http://127.0.0.1:${port}/api/data`);
+      if (response.ok) return;
+    } catch {
+      // Retry while the server starts.
+    }
+    await new Promise(resolve => setTimeout(resolve, 100));
+  }
+  throw new Error('server did not start in time');
+}
+
+async function getJson(port, path) {
+  const response = await fetch(`http://127.0.0.1:${port}${path}`);
+  if (!response.ok) assert.fail(await response.text());
+  return response.json();
+}
+
+async function postJson(port, path, body) {
+  const response = await fetch(`http://127.0.0.1:${port}${path}`, {
+    method: 'POST',
+    headers: { 'Content-Type': 'application/json' },
+    body: JSON.stringify(body)
+  });
+  if (!response.ok) assert.fail(await response.text());
+  return response.json();
+}
+
+function stopChild(child) {
+  if (child.exitCode != null) return Promise.resolve();
+  return new Promise(resolve => {
+    child.once('close', resolve);
+    child.kill();
+  });
+}