web-agent-bridge 3.4.0 → 3.9.0

package/server/services/metering.js

@@ -1,182 +1,182 @@
-'use strict';
-
-/**
- * Usage Metering Service
- *
- * Tracks executions, agents, compute time, API calls, and storage per agent/site.
- * Enforces plan limits and records overages for billing.
- */
-
-const db = require('../models/db').db || require('../models/db');
-const { getLimit, isUnlimited, USAGE_PRICING } = require('../config/plans');
-const { bus } = require('../runtime/event-bus');
-
-// ─── Storage ────────────────────────────────────────────────────────
-
-// In-memory counters with periodic flush to DB
-const _counters = new Map(); // key → { count, lastReset }
-
-function _key(entityId, metric) {
-  return `${entityId}:${metric}`;
-}
-
-function _today() {
-  return new Date().toISOString().slice(0, 10); // YYYY-MM-DD
-}
-
-function _getCounter(entityId, metric) {
-  const key = _key(entityId, metric);
-  const entry = _counters.get(key);
-  const today = _today();
-
-  // Reset daily counters
-  if (!entry || entry.lastReset !== today) {
-    _counters.set(key, { count: 0, lastReset: today, overage: 0 });
-    return _counters.get(key);
-  }
-  return entry;
-}
-
-// ─── Public API ─────────────────────────────────────────────────────
-
-/**
- * Record a usage event and check limits
- * @returns {{ allowed: boolean, current: number, limit: number, overage: boolean }}
- */
-function record(entityId, metric, tier, amount = 1) {
-  const counter = _getCounter(entityId, metric);
-  const limit = getLimit(tier, metric);
-
-  counter.count += amount;
-
-  // Unlimited
-  if (isUnlimited(tier, metric)) {
-    bus.emit('metering.recorded', { entityId, metric, amount, current: counter.count });
-    return { allowed: true, current: counter.count, limit: -1, overage: false };
-  }
-
-  const isOver = counter.count > limit;
-  if (isOver) {
-    counter.overage += amount;
-    bus.emit('metering.overage', { entityId, metric, current: counter.count, limit, overage: counter.overage });
-  } else {
-    bus.emit('metering.recorded', { entityId, metric, amount, current: counter.count });
-  }
-
-  return {
-    allowed: !isOver,
-    current: counter.count,
-    limit,
-    overage: isOver,
-    overageAmount: isOver ? counter.overage : 0,
-    overageCost: isOver ? counter.overage * (USAGE_PRICING[metric]?.price || 0) : 0,
-  };
-}
-
-/**
- * Check if a usage would exceed the limit (without recording)
- */
-function check(entityId, metric, tier, amount = 1) {
-  const counter = _getCounter(entityId, metric);
-  const limit = getLimit(tier, metric);
-
-  if (isUnlimited(tier, metric)) {
-    return { allowed: true, current: counter.count, limit: -1, remaining: Infinity };
-  }
-
-  const remaining = Math.max(0, limit - counter.count);
-  return {
-    allowed: counter.count + amount <= limit,
-    current: counter.count,
-    limit,
-    remaining,
-  };
-}
-
-/**
- * Get current usage for an entity
- */
-function getUsage(entityId, tier) {
-  const metrics = [
-    'agents', 'tasksPerDay', 'executionsPerDay', 'sessions',
-    'computeMinutesPerDay', 'apiCallsPerMinute',
-  ];
-
-  const usage = {};
-  for (const metric of metrics) {
-    const counter = _getCounter(entityId, metric);
-    const limit = getLimit(tier, metric);
-    usage[metric] = {
-      current: counter.count,
-      limit: isUnlimited(tier, metric) ? -1 : limit,
-      percentage: isUnlimited(tier, metric) ? 0 : (limit > 0 ? Math.round((counter.count / limit) * 100) : 0),
-      overage: counter.overage || 0,
-    };
-  }
-
-  return usage;
-}
-
-/**
- * Get usage summary for billing
- */
-function getBillingSummary(entityId) {
-  const overages = {};
-  let totalCost = 0;
-
-  for (const [key, counter] of _counters) {
-    if (!key.startsWith(entityId + ':')) continue;
-    if (counter.overage > 0) {
-      const metric = key.split(':')[1];
-      const pricing = USAGE_PRICING[metric];
-      const cost = pricing ? counter.overage * pricing.price : 0;
-      overages[metric] = {
-        overage: counter.overage,
-        unitPrice: pricing?.price || 0,
-        cost,
-      };
-      totalCost += cost;
-    }
-  }
-
-  return { entityId, overages, totalCost, period: _today() };
-}
-
-/**
- * Reset counters (for testing or admin)
- */
-function reset(entityId, metric = null) {
-  if (metric) {
-    _counters.delete(_key(entityId, metric));
-  } else {
-    for (const key of _counters.keys()) {
-      if (key.startsWith(entityId + ':')) _counters.delete(key);
-    }
-  }
-}
-
-/**
- * Get global stats
- */
-function getStats() {
-  let totalEntities = new Set();
-  let totalEvents = 0;
-  for (const [key, counter] of _counters) {
-    totalEntities.add(key.split(':')[0]);
-    totalEvents += counter.count;
-  }
-  return {
-    trackedEntities: totalEntities.size,
-    totalEvents,
-    counterEntries: _counters.size,
-  };
-}
-
-module.exports = {
-  record,
-  check,
-  getUsage,
-  getBillingSummary,
-  reset,
-  getStats,
-};
+'use strict';
+
+/**
+ * Usage Metering Service
+ *
+ * Tracks executions, agents, compute time, API calls, and storage per agent/site.
+ * Enforces plan limits and records overages for billing.
+ */
+
+const db = require('../models/db').db || require('../models/db');
+const { getLimit, isUnlimited, USAGE_PRICING } = require('../config/plans');
+const { bus } = require('../runtime/event-bus');
+
+// ─── Storage ────────────────────────────────────────────────────────
+
+// In-memory counters with periodic flush to DB
+const _counters = new Map(); // key → { count, lastReset }
+
+function _key(entityId, metric) {
+  return `${entityId}:${metric}`;
+}
+
+function _today() {
+  return new Date().toISOString().slice(0, 10); // YYYY-MM-DD
+}
+
+function _getCounter(entityId, metric) {
+  const key = _key(entityId, metric);
+  const entry = _counters.get(key);
+  const today = _today();
+
+  // Reset daily counters
+  if (!entry || entry.lastReset !== today) {
+    _counters.set(key, { count: 0, lastReset: today, overage: 0 });
+    return _counters.get(key);
+  }
+  return entry;
+}
+
+// ─── Public API ─────────────────────────────────────────────────────
+
+/**
+ * Record a usage event and check limits
+ * @returns {{ allowed: boolean, current: number, limit: number, overage: boolean }}
+ */
+function record(entityId, metric, tier, amount = 1) {
+  const counter = _getCounter(entityId, metric);
+  const limit = getLimit(tier, metric);
+
+  counter.count += amount;
+
+  // Unlimited
+  if (isUnlimited(tier, metric)) {
+    bus.emit('metering.recorded', { entityId, metric, amount, current: counter.count });
+    return { allowed: true, current: counter.count, limit: -1, overage: false };
+  }
+
+  const isOver = counter.count > limit;
+  if (isOver) {
+    counter.overage += amount;
+    bus.emit('metering.overage', { entityId, metric, current: counter.count, limit, overage: counter.overage });
+  } else {
+    bus.emit('metering.recorded', { entityId, metric, amount, current: counter.count });
+  }
+
+  return {
+    allowed: !isOver,
+    current: counter.count,
+    limit,
+    overage: isOver,
+    overageAmount: isOver ? counter.overage : 0,
+    overageCost: isOver ? counter.overage * (USAGE_PRICING[metric]?.price || 0) : 0,
+  };
+}
+
+/**
+ * Check if a usage would exceed the limit (without recording)
+ */
+function check(entityId, metric, tier, amount = 1) {
+  const counter = _getCounter(entityId, metric);
+  const limit = getLimit(tier, metric);
+
+  if (isUnlimited(tier, metric)) {
+    return { allowed: true, current: counter.count, limit: -1, remaining: Infinity };
+  }
+
+  const remaining = Math.max(0, limit - counter.count);
+  return {
+    allowed: counter.count + amount <= limit,
+    current: counter.count,
+    limit,
+    remaining,
+  };
+}
+
+/**
+ * Get current usage for an entity
+ */
+function getUsage(entityId, tier) {
+  const metrics = [
+    'agents', 'tasksPerDay', 'executionsPerDay', 'sessions',
+    'computeMinutesPerDay', 'apiCallsPerMinute',
+  ];
+
+  const usage = {};
+  for (const metric of metrics) {
+    const counter = _getCounter(entityId, metric);
+    const limit = getLimit(tier, metric);
+    usage[metric] = {
+      current: counter.count,
+      limit: isUnlimited(tier, metric) ? -1 : limit,
+      percentage: isUnlimited(tier, metric) ? 0 : (limit > 0 ? Math.round((counter.count / limit) * 100) : 0),
+      overage: counter.overage || 0,
+    };
+  }
+
+  return usage;
+}
+
+/**
+ * Get usage summary for billing
+ */
+function getBillingSummary(entityId) {
+  const overages = {};
+  let totalCost = 0;
+
+  for (const [key, counter] of _counters) {
+    if (!key.startsWith(entityId + ':')) continue;
+    if (counter.overage > 0) {
+      const metric = key.split(':')[1];
+      const pricing = USAGE_PRICING[metric];
+      const cost = pricing ? counter.overage * pricing.price : 0;
+      overages[metric] = {
+        overage: counter.overage,
+        unitPrice: pricing?.price || 0,
+        cost,
+      };
+      totalCost += cost;
+    }
+  }
+
+  return { entityId, overages, totalCost, period: _today() };
+}
+
+/**
+ * Reset counters (for testing or admin)
+ */
+function reset(entityId, metric = null) {
+  if (metric) {
+    _counters.delete(_key(entityId, metric));
+  } else {
+    for (const key of _counters.keys()) {
+      if (key.startsWith(entityId + ':')) _counters.delete(key);
+    }
+  }
+}
+
+/**
+ * Get global stats
+ */
+function getStats() {
+  let totalEntities = new Set();
+  let totalEvents = 0;
+  for (const [key, counter] of _counters) {
+    totalEntities.add(key.split(':')[0]);
+    totalEvents += counter.count;
+  }
+  return {
+    trackedEntities: totalEntities.size,
+    totalEvents,
+    counterEntries: _counters.size,
+  };
+}
+
+module.exports = {
+  record,
+  check,
+  getUsage,
+  getBillingSummary,
+  reset,
+  getStats,
+};

package/server/services/modules/affiliate-intelligence.js

@@ -1,93 +1,93 @@
-/**
- * WAB Affiliate Intelligence (10-affiliate-intelligence) — PUBLIC API, PRIVATE DB
- * Detects affiliate link manipulation and cookie stuffing.
- * API is open, detection database is closed.
- *
- * Powered by WAB — Web Agent Bridge
- * https://www.webagentbridge.com
- */
-
-'use strict';
-
-const crypto = require('crypto');
-const url = require('url');
-
-const scanStore = new Map();
-
-let affiliateDb;
-try { affiliateDb = require('./affiliate-db'); } catch { affiliateDb = null; }
-
-const KNOWN_AFFILIATE_PARAMS = ['ref', 'aff', 'affiliate', 'partner', 'utm_source', 'tag', 'associate', 'clickid', 'subid', 'irclickid', 'gclid', 'fbclid'];
-const COOKIE_STUFFING_INDICATORS = ['iframe[style*="display:none"]', 'iframe[width="0"]', 'img[src*="click"]', 'img[width="1"][height="1"]'];
-
-function createRouter(express) {
-  const router = express.Router();
-
-  router.post('/scan-url', (req, res) => {
-    const { target_url } = req.body;
-    if (!target_url) return res.status(400).json({ error: 'target_url required' });
-
-    try {
-      const parsed = new URL(target_url);
-      const affiliateParams = [];
-      for (const [key, value] of parsed.searchParams) {
-        if (KNOWN_AFFILIATE_PARAMS.includes(key.toLowerCase())) {
-          affiliateParams.push({ param: key, value, type: 'affiliate_tracking' });
-        }
-      }
-
-      const hasRedirect = /\/(click|go|redirect|track|aff|out)\//i.test(parsed.pathname);
-      let manipulation = null;
-      if (affiliateDb) {
-        manipulation = affiliateDb.checkManipulation(target_url, affiliateParams);
-      }
-
-      const scanId = 'ASCAN-' + crypto.randomBytes(6).toString('hex').toUpperCase();
-      const result = {
-        scan_id: scanId, url: target_url, hostname: parsed.hostname,
-        affiliate_params: affiliateParams, has_affiliate: affiliateParams.length > 0,
-        has_redirect_chain: hasRedirect, manipulation_detected: manipulation,
-        risk_level: affiliateParams.length > 2 ? 'HIGH' : affiliateParams.length > 0 ? 'MEDIUM' : 'LOW',
-        scanned_at: new Date().toISOString(),
-      };
-      scanStore.set(scanId, result);
-      res.json(result);
-    } catch (e) {
-      res.status(400).json({ error: 'Invalid URL: ' + e.message });
-    }
-  });
-
-  router.post('/scan-html', (req, res) => {
-    const { html, page_url } = req.body;
-    if (!html) return res.status(400).json({ error: 'html content required' });
-
-    const findings = [];
-    for (const indicator of COOKIE_STUFFING_INDICATORS) {
-      const tag = indicator.split('[')[0];
-      const attrMatch = indicator.match(/\[([^\]]+)\]/g) || [];
-      if (new RegExp(`<${tag}[^>]*${attrMatch.map(a => a.slice(1, -1).replace('*', '.*')).join('[^>]*')}`, 'gi').test(html)) {
-        findings.push({ type: 'COOKIE_STUFFING', indicator, severity: 'HIGH' });
-      }
-    }
-
-    const hiddenIframes = (html.match(/<iframe[^>]*(?:display\s*:\s*none|width\s*=\s*["']?0|height\s*=\s*["']?0)[^>]*>/gi) || []).length;
-    const trackingPixels = (html.match(/<img[^>]*(?:width\s*=\s*["']?1["']?\s+height\s*=\s*["']?1|height\s*=\s*["']?1["']?\s+width\s*=\s*["']?1)[^>]*>/gi) || []).length;
-
-    res.json({
-      page_url: page_url || 'unknown', cookie_stuffing_indicators: findings,
-      hidden_iframes: hiddenIframes, tracking_pixels: trackingPixels,
-      risk_level: findings.length > 0 || hiddenIframes > 2 ? 'HIGH' : trackingPixels > 5 ? 'MEDIUM' : 'LOW',
-      scanned_at: new Date().toISOString(),
-    });
-  });
-
-  router.get('/stats', (req, res) => {
-    let high = 0, manipulations = 0;
-    for (const s of scanStore.values()) { if (s.risk_level === 'HIGH') high++; if (s.manipulation_detected) manipulations++; }
-    res.json({ total_scans: scanStore.size, high_risk: high, manipulations_detected: manipulations });
-  });
-
-  return router;
-}
-
-module.exports = { createRouter };
+/**
+ * WAB Affiliate Intelligence (10-affiliate-intelligence) — PUBLIC API, PRIVATE DB
+ * Detects affiliate link manipulation and cookie stuffing.
+ * API is open, detection database is closed.
+ *
+ * Powered by WAB — Web Agent Bridge
+ * https://www.webagentbridge.com
+ */
+
+'use strict';
+
+const crypto = require('crypto');
+const url = require('url');
+
+const scanStore = new Map();
+
+let affiliateDb;
+try { affiliateDb = require('./affiliate-db'); } catch { affiliateDb = null; }
+
+const KNOWN_AFFILIATE_PARAMS = ['ref', 'aff', 'affiliate', 'partner', 'utm_source', 'tag', 'associate', 'clickid', 'subid', 'irclickid', 'gclid', 'fbclid'];
+const COOKIE_STUFFING_INDICATORS = ['iframe[style*="display:none"]', 'iframe[width="0"]', 'img[src*="click"]', 'img[width="1"][height="1"]'];
+
+function createRouter(express) {
+  const router = express.Router();
+
+  router.post('/scan-url', (req, res) => {
+    const { target_url } = req.body;
+    if (!target_url) return res.status(400).json({ error: 'target_url required' });
+
+    try {
+      const parsed = new URL(target_url);
+      const affiliateParams = [];
+      for (const [key, value] of parsed.searchParams) {
+        if (KNOWN_AFFILIATE_PARAMS.includes(key.toLowerCase())) {
+          affiliateParams.push({ param: key, value, type: 'affiliate_tracking' });
+        }
+      }
+
+      const hasRedirect = /\/(click|go|redirect|track|aff|out)\//i.test(parsed.pathname);
+      let manipulation = null;
+      if (affiliateDb) {
+        manipulation = affiliateDb.checkManipulation(target_url, affiliateParams);
+      }
+
+      const scanId = 'ASCAN-' + crypto.randomBytes(6).toString('hex').toUpperCase();
+      const result = {
+        scan_id: scanId, url: target_url, hostname: parsed.hostname,
+        affiliate_params: affiliateParams, has_affiliate: affiliateParams.length > 0,
+        has_redirect_chain: hasRedirect, manipulation_detected: manipulation,
+        risk_level: affiliateParams.length > 2 ? 'HIGH' : affiliateParams.length > 0 ? 'MEDIUM' : 'LOW',
+        scanned_at: new Date().toISOString(),
+      };
+      scanStore.set(scanId, result);
+      res.json(result);
+    } catch (e) {
+      res.status(400).json({ error: 'Invalid URL: ' + e.message });
+    }
+  });
+
+  router.post('/scan-html', (req, res) => {
+    const { html, page_url } = req.body;
+    if (!html) return res.status(400).json({ error: 'html content required' });
+
+    const findings = [];
+    for (const indicator of COOKIE_STUFFING_INDICATORS) {
+      const tag = indicator.split('[')[0];
+      const attrMatch = indicator.match(/\[([^\]]+)\]/g) || [];
+      if (new RegExp(`<${tag}[^>]*${attrMatch.map(a => a.slice(1, -1).replace('*', '.*')).join('[^>]*')}`, 'gi').test(html)) {
+        findings.push({ type: 'COOKIE_STUFFING', indicator, severity: 'HIGH' });
+      }
+    }
+
+    const hiddenIframes = (html.match(/<iframe[^>]*(?:display\s*:\s*none|width\s*=\s*["']?0|height\s*=\s*["']?0)[^>]*>/gi) || []).length;
+    const trackingPixels = (html.match(/<img[^>]*(?:width\s*=\s*["']?1["']?\s+height\s*=\s*["']?1|height\s*=\s*["']?1["']?\s+width\s*=\s*["']?1)[^>]*>/gi) || []).length;
+
+    res.json({
+      page_url: page_url || 'unknown', cookie_stuffing_indicators: findings,
+      hidden_iframes: hiddenIframes, tracking_pixels: trackingPixels,
+      risk_level: findings.length > 0 || hiddenIframes > 2 ? 'HIGH' : trackingPixels > 5 ? 'MEDIUM' : 'LOW',
+      scanned_at: new Date().toISOString(),
+    });
+  });
+
+  router.get('/stats', (req, res) => {
+    let high = 0, manipulations = 0;
+    for (const s of scanStore.values()) { if (s.risk_level === 'HIGH') high++; if (s.manipulation_detected) manipulations++; }
+    res.json({ total_scans: scanStore.size, high_risk: high, manipulations_detected: manipulations });
+  });
+
+  return router;
+}
+
+module.exports = { createRouter };