@@ -115,10 +122,11 @@
{{ project.epic_count }} epic{{ project.epic_count|pluralize }}
-
|
diff --git a/core/templates/pages/tasks-project.html b/core/templates/pages/tasks-project.html
index 5d8ca47..9432dfd 100644
--- a/core/templates/pages/tasks-project.html
+++ b/core/templates/pages/tasks-project.html
@@ -5,9 +5,10 @@
Project: {{ project.name }}
diff --git a/core/templates/partials/compose-panel.html b/core/templates/partials/compose-panel.html
index 25de60c..58b0bfb 100644
--- a/core/templates/partials/compose-panel.html
+++ b/core/templates/partials/compose-panel.html
@@ -130,7 +130,7 @@
Quick Insights
-
+
Tasks
diff --git a/core/tests/test_adapter_boundary_rules.py b/core/tests/test_adapter_boundary_rules.py
new file mode 100644
index 0000000..06ce39c
--- /dev/null
+++ b/core/tests/test_adapter_boundary_rules.py
@@ -0,0 +1,39 @@
+from __future__ import annotations
+
+from pathlib import Path
+
+from django.test import SimpleTestCase
+
+
+class AdapterBoundaryRulesTests(SimpleTestCase):
+ def test_client_adapters_do_not_import_business_engines(self):
+ clients_dir = Path(__file__).resolve().parents[1] / "clients"
+ banned_prefixes = (
+ "from core.commands",
+ "import core.commands",
+ "from core.tasks",
+ "import core.tasks",
+ "from core.assist",
+ "import core.assist",
+ "from core.translation",
+ "import core.translation",
+ )
+
+ violations = []
+ for file_path in sorted(clients_dir.glob("*.py")):
+ if file_path.name == "__init__.py":
+ continue
+ content = file_path.read_text(encoding="utf-8")
+ for line_no, line in enumerate(content.splitlines(), start=1):
+ stripped = line.strip()
+ if any(stripped.startswith(prefix) for prefix in banned_prefixes):
+ violations.append(f"{file_path.name}:{line_no}: {stripped}")
+
+ self.assertEqual(
+ [],
+ violations,
+ msg=(
+ "Adapter modules must stay translator-only and must not import "
+ "business policy/task/assist/translation engines directly."
+ ),
+ )
diff --git a/core/tests/test_codex_cli_provider.py b/core/tests/test_codex_cli_provider.py
index dfc55ae..c442d55 100644
--- a/core/tests/test_codex_cli_provider.py
+++ b/core/tests/test_codex_cli_provider.py
@@ -71,3 +71,86 @@ class CodexCLITaskProviderTests(SimpleTestCase):
self.assertTrue(result.ok)
self.assertTrue(bool((result.payload or {}).get("requires_approval")))
self.assertEqual("requires_approval", (result.payload or {}).get("parsed_status"))
+
+ @patch("core.tasks.providers.codex_cli.subprocess.run")
+ def test_retries_with_positional_op_when_flag_unsupported(self, run_mock):
+ run_mock.side_effect = [
+ CompletedProcess(
+ args=[],
+ returncode=2,
+ stdout="",
+ stderr="error: unexpected argument '--op' found",
+ ),
+ CompletedProcess(
+ args=[],
+ returncode=0,
+ stdout='{"status":"ok","external_key":"cx-42"}',
+ stderr="",
+ ),
+ ]
+ result = self.provider.create_task({"command": "codex"}, {"task_id": "t1"})
+ self.assertTrue(result.ok)
+ self.assertEqual("cx-42", result.external_key)
+ self.assertEqual(2, run_mock.call_count)
+ first = run_mock.call_args_list[0].args[0]
+ second = run_mock.call_args_list[1].args[0]
+ self.assertIn("--op", first)
+ self.assertNotIn("--op", second)
+ self.assertEqual(["codex", "task-sync", "create"], second[:3])
+
+ @patch("core.tasks.providers.codex_cli.subprocess.run")
+ def test_falls_back_to_builtin_approval_stub_when_no_task_sync_contract(self, run_mock):
+ run_mock.side_effect = [
+ CompletedProcess(
+ args=[],
+ returncode=2,
+ stdout="",
+ stderr="error: unexpected argument '--op' found",
+ ),
+ CompletedProcess(
+ args=[],
+ returncode=2,
+ stdout="",
+ stderr="error: unrecognized subcommand 'create'\nUsage: codex [OPTIONS] [PROMPT]",
+ ),
+ ]
+ result = self.provider.create_task(
+ {"command": "codex"},
+ {
+ "task_id": "t1",
+ "trigger_message_id": "m1",
+ "mode": "default",
+ },
+ )
+ self.assertTrue(result.ok)
+ self.assertTrue(bool((result.payload or {}).get("requires_approval")))
+ self.assertEqual("requires_approval", str((result.payload or {}).get("status") or ""))
+ self.assertEqual("builtin_task_sync_stub", str((result.payload or {}).get("fallback_mode") or ""))
+
+ @patch("core.tasks.providers.codex_cli.subprocess.run")
+ def test_builtin_stub_approval_response_returns_ok(self, run_mock):
+ run_mock.side_effect = [
+ CompletedProcess(
+ args=[],
+ returncode=2,
+ stdout="",
+ stderr="error: unexpected argument '--op' found",
+ ),
+ CompletedProcess(
+ args=[],
+ returncode=2,
+ stdout="",
+ stderr="error: unexpected argument 'append_update' found\nUsage: codex [OPTIONS] [PROMPT]",
+ ),
+ ]
+ result = self.provider.append_update(
+ {"command": "codex"},
+ {
+ "task_id": "t1",
+ "mode": "approval_response",
+ "approval_key": "abc123",
+ },
+ )
+ self.assertTrue(result.ok)
+ self.assertFalse(bool((result.payload or {}).get("requires_approval")))
+ self.assertEqual("ok", str((result.payload or {}).get("status") or ""))
diff --git a/core/tests/test_codex_commands_phase1.py b/core/tests/test_codex_commands_phase1.py
index fde73f0..ea13fe9 100644
--- a/core/tests/test_codex_commands_phase1.py
+++ b/core/tests/test_codex_commands_phase1.py
@@ -123,10 +123,17 @@ class CodexCommandExecutionTests(TestCase):
self.assertTrue(results[0].ok)
run = CodexRun.objects.order_by("-created_at").first()
self.assertIsNotNone(run)
- self.assertEqual("queued", run.status)
+ self.assertEqual("waiting_approval", run.status)
event = ExternalSyncEvent.objects.order_by("-created_at").first()
- self.assertEqual("pending", event.status)
+ self.assertEqual("waiting_approval", event.status)
self.assertEqual("default", str((event.payload or {}).get("provider_payload", {}).get("mode") or ""))
+ self.assertTrue(
+ CodexPermissionRequest.objects.filter(
+ user=self.user,
+ codex_run=run,
+ status="pending",
+ ).exists()
+ )
def test_plan_requires_reply_anchor(self):
trigger = self._msg("#codex plan# #1")
@@ -145,6 +152,14 @@ class CodexCommandExecutionTests(TestCase):
self.assertEqual("reply_required_for_codex_plan", results[0].error)
def test_approve_command_queues_resume_event(self):
+ waiting_event = ExternalSyncEvent.objects.create(
+ user=self.user,
+ task=self.task,
+ provider="codex_cli",
+ status="waiting_approval",
+ payload={},
+ error="",
+ )
run = CodexRun.objects.create(
user=self.user,
task=self.task,
@@ -158,6 +173,7 @@ class CodexCommandExecutionTests(TestCase):
req = CodexPermissionRequest.objects.create(
user=self.user,
codex_run=run,
+ external_sync_event=waiting_event,
approval_key="ak-123",
summary="Need approval",
requested_permissions={"items": ["write"]},
@@ -186,8 +202,69 @@ class CodexCommandExecutionTests(TestCase):
self.assertTrue(results[0].ok)
req.refresh_from_db()
run.refresh_from_db()
+ waiting_event.refresh_from_db()
self.assertEqual("approved", req.status)
self.assertEqual("approved_waiting_resume", run.status)
+ self.assertEqual("ok", waiting_event.status)
self.assertTrue(
ExternalSyncEvent.objects.filter(idempotency_key="codex_approval:ak-123:approved", status="pending").exists()
)
+
+ def test_approve_pre_submit_request_queues_original_action(self):
+ waiting_event = ExternalSyncEvent.objects.create(
+ user=self.user,
+ task=self.task,
+ provider="codex_cli",
+ status="waiting_approval",
+ payload={},
+ error="",
+ )
+ run = CodexRun.objects.create(
+ user=self.user,
+ task=self.task,
+ project=self.project,
+ source_service="web",
+ source_channel="web-chan-1",
+ status="waiting_approval",
+ request_payload={"action": "append_update", "provider_payload": {"task_id": str(self.task.id)}},
+ result_payload={},
+ )
+ CodexPermissionRequest.objects.create(
+ user=self.user,
+ codex_run=run,
+ external_sync_event=waiting_event,
+ approval_key="pre-ak-1",
+ summary="pre submit",
+ requested_permissions={"type": "pre_submit"},
+ resume_payload={
+ "gate_type": "pre_submit",
+ "action": "append_update",
+ "provider_payload": {"task_id": str(self.task.id), "mode": "default"},
+ "idempotency_key": "codex_cmd:resume:1",
+ },
+ status="pending",
+ )
+ CommandChannelBinding.objects.get_or_create(
+ profile=self.profile,
+ direction="ingress",
+ service="web",
+ channel_identifier="approver-chan",
+ defaults={"enabled": True},
+ )
+ trigger = self._msg(".codex approve pre-ak-1", source_chat_id="approver-chan")
+ results = async_to_sync(process_inbound_message)(
+ CommandContext(
+ service="web",
+ channel_identifier="approver-chan",
+ message_id=str(trigger.id),
+ user_id=self.user.id,
+ message_text=str(trigger.text),
+ payload={},
+ )
+ )
+ self.assertEqual(1, len(results))
+ self.assertTrue(results[0].ok)
+ resume = ExternalSyncEvent.objects.filter(idempotency_key="codex_cmd:resume:1").first()
+ self.assertIsNotNone(resume)
+ self.assertEqual("pending", resume.status)
+ self.assertEqual("append_update", str((resume.payload or {}).get("action") or ""))
diff --git a/core/tests/test_codex_worker_phase1.py b/core/tests/test_codex_worker_phase1.py
index 639f5ac..b4895ff 100644
--- a/core/tests/test_codex_worker_phase1.py
+++ b/core/tests/test_codex_worker_phase1.py
@@ -121,3 +121,62 @@ class CodexWorkerPhase1Tests(TestCase):
request = CodexPermissionRequest.objects.get(approval_key="ak-worker-1")
self.assertEqual("pending", request.status)
self.assertEqual(str(run.id), str(request.codex_run_id))
+
+ @patch("core.management.commands.codex_worker.get_provider")
+ def test_approval_response_marks_original_waiting_event_ok(self, get_provider_mock):
+ waiting_event = ExternalSyncEvent.objects.create(
+ user=self.user,
+ provider="codex_cli",
+ status="waiting_approval",
+ payload={"action": "append_update", "provider_payload": {"mode": "default"}},
+ error="",
+ )
+ run = CodexRun.objects.create(
+ user=self.user,
+ project=self.project,
+ source_service="web",
+ source_channel="web-chan-1",
+ status="approved_waiting_resume",
+ request_payload={},
+ result_payload={},
+ )
+ CodexPermissionRequest.objects.create(
+ user=self.user,
+ codex_run=run,
+ external_sync_event=waiting_event,
+ approval_key="ak-worker-ok",
+ summary="needs permissions",
+ requested_permissions={"items": ["write"]},
+ resume_payload={"resume": True},
+ status="approved",
+ )
+ resume_event = ExternalSyncEvent.objects.create(
+ user=self.user,
+ provider="codex_cli",
+ status="pending",
+ payload={
+ "action": "append_update",
+ "provider_payload": {
+ "mode": "approval_response",
+ "approval_key": "ak-worker-ok",
+ "codex_run_id": str(run.id),
+ },
+ },
+ error="",
+ )
+
+ class _Provider:
+ run_in_worker = True
+
+ def append_update(self, config, payload):
+ return ProviderResult(ok=True, payload={"status": "ok", "summary": "resumed"})
+
+ create_task = mark_complete = link_task = append_update
+
+ get_provider_mock.return_value = _Provider()
+ CodexWorkerCommand()._run_event(resume_event)
+
+ waiting_event.refresh_from_db()
+ resume_event.refresh_from_db()
+ self.assertEqual("ok", resume_event.status)
+ self.assertEqual("ok", waiting_event.status)
diff --git a/core/tests/test_command_routing_variant_ui.py b/core/tests/test_command_routing_variant_ui.py
index 9830e97..00c7194 100644
--- a/core/tests/test_command_routing_variant_ui.py
+++ b/core/tests/test_command_routing_variant_ui.py
@@ -53,3 +53,26 @@ class CommandRoutingVariantUITests(TestCase):
row = self.profile.variant_policies.get(variant_key="bp_set")
self.assertEqual("ai", row.generation_mode)
self.assertTrue(row.send_status_to_egress)
+
+ def test_variant_policy_update_preserves_source_status_toggle(self):
+ response = self.client.post(
+ reverse("command_routing"),
+ {
+ "action": "variant_policy_update",
+ "profile_id": str(self.profile.id),
+ "variant_key": "bp_set",
+ "enabled": "1",
+ "generation_mode": "verbatim",
+ # Intentionally omit send_status_to_source to set it False.
+ },
+ follow=True,
+ )
+ self.assertEqual(200, response.status_code)
+ row = self.profile.variant_policies.get(variant_key="bp_set")
+ self.assertFalse(row.send_status_to_source)
+
+ # Rendering the page should not overwrite user policy decisions.
+ response = self.client.get(reverse("command_routing"))
+ self.assertEqual(200, response.status_code)
+ row.refresh_from_db()
+ self.assertFalse(row.send_status_to_source)
diff --git a/core/tests/test_compose_react.py b/core/tests/test_compose_react.py
index 0c7b34f..4b8fe7f 100644
--- a/core/tests/test_compose_react.py
+++ b/core/tests/test_compose_react.py
@@ -187,6 +187,36 @@ class ComposeReactTests(TestCase):
response.json(),
)
+ @patch("core.views.compose.transport.send_reaction", new_callable=AsyncMock)
+ def test_whatsapp_web_local_message_without_bridge_is_unresolvable(
+ self, mocked_send_reaction
+ ):
+ person, _, message = self._build_message(
+ service="whatsapp",
+ identifier="12345@s.whatsapp.net",
+ source_message_id="1771234567000",
+ )
+ message.source_service = "web"
+ message.save(update_fields=["source_service"])
+
+ response = self.client.post(
+ reverse("compose_react"),
+ {
+ "service": "whatsapp",
+ "identifier": "12345@s.whatsapp.net",
+ "person": str(person.id),
+ "message_id": str(message.id),
+ "emoji": "😮",
+ },
+ )
+
+ self.assertEqual(200, response.status_code)
+ self.assertEqual(
+ {"ok": False, "error": "whatsapp_target_unresolvable"},
+ response.json(),
+ )
+ mocked_send_reaction.assert_not_awaited()
+
def test_compose_page_renders_reaction_actions_for_signal(self):
person, _, _ = self._build_message(
service="signal",
diff --git a/core/tests/test_event_ledger.py b/core/tests/test_event_ledger.py
new file mode 100644
index 0000000..7dc3a6b
--- /dev/null
+++ b/core/tests/test_event_ledger.py
@@ -0,0 +1,62 @@
+from django.test import TestCase, override_settings
+
+from core.events.ledger import append_event_sync
+from core.models import ChatSession, ConversationEvent, Person, PersonIdentifier, User
+
+
+@override_settings(EVENT_LEDGER_DUAL_WRITE=True)
+class EventLedgerTests(TestCase):
+ def setUp(self):
+ self.user = User.objects.create_user(
+ username="ledger-user",
+ email="ledger@example.com",
+ password="x",
+ )
+ self.person = Person.objects.create(user=self.user, name="Ledger Person")
+ self.identifier = PersonIdentifier.objects.create(
+ user=self.user,
+ person=self.person,
+ service="signal",
+ identifier="+15555550123",
+ )
+ self.session = ChatSession.objects.create(
+ user=self.user,
+ identifier=self.identifier,
+ )
+
+ def test_append_event_creates_row(self):
+ row = append_event_sync(
+ user=self.user,
+ session=self.session,
+ ts=1234,
+ event_type="message_created",
+ direction="in",
+ origin_transport="signal",
+ origin_message_id="abc",
+ payload={"text": "hello"},
+ )
+ self.assertIsNotNone(row)
+ self.assertEqual(1, ConversationEvent.objects.count())
+
+ def test_append_event_is_idempotent_for_same_origin_and_type(self):
+ append_event_sync(
+ user=self.user,
+ session=self.session,
+ ts=1234,
+ event_type="message_created",
+ direction="in",
+ origin_transport="signal",
+ origin_message_id="dup-1",
+ payload={"text": "hello"},
+ )
+ append_event_sync(
+ user=self.user,
+ session=self.session,
+ ts=1235,
+ event_type="message_created",
+ direction="in",
+ origin_transport="signal",
+ origin_message_id="dup-1",
+ payload={"text": "hello again"},
+ )
+ self.assertEqual(1, ConversationEvent.objects.count())
diff --git a/core/tests/test_event_ledger_smoke_command.py b/core/tests/test_event_ledger_smoke_command.py
new file mode 100644
index 0000000..65eabe6
--- /dev/null
+++ b/core/tests/test_event_ledger_smoke_command.py
@@ -0,0 +1,47 @@
+from io import StringIO
+
+from django.core.management import call_command
+from django.test import TestCase, override_settings
+
+from core.events.ledger import append_event_sync
+from core.models import ChatSession, Person, PersonIdentifier, User
+
+
+@override_settings(EVENT_LEDGER_DUAL_WRITE=True)
+class EventLedgerSmokeCommandTests(TestCase):
+ def setUp(self):
+ self.user = User.objects.create_user(
+ username="ledger-smoke-user",
+ email="ledger-smoke@example.com",
+ password="pw",
+ )
+ person = Person.objects.create(user=self.user, name="Smoke Person")
+ identifier = PersonIdentifier.objects.create(
+ user=self.user,
+ person=person,
+ service="signal",
+ identifier="+15550001111",
+ )
+ self.session = ChatSession.objects.create(user=self.user, identifier=identifier)
+
+ def test_smoke_command_reports_recent_rows(self):
+ append_event_sync(
+ user=self.user,
+ session=self.session,
+ ts=1770000000000,
+ event_type="message_created",
+ direction="in",
+ origin_transport="signal",
+ origin_message_id="abc",
+ payload={"message_id": "m1"},
+ )
+ out = StringIO()
+ call_command(
+ "event_ledger_smoke",
+ user_id=str(self.user.id),
+ minutes=999999,
+ stdout=out,
+ )
+ rendered = out.getvalue()
+ self.assertIn("event-ledger-smoke", rendered)
+ self.assertIn("event_type_counts=", rendered)
diff --git a/core/tests/test_event_projection_shadow.py b/core/tests/test_event_projection_shadow.py
new file mode 100644
index 0000000..3f3b874
--- /dev/null
+++ b/core/tests/test_event_projection_shadow.py
@@ -0,0 +1,132 @@
+from io import StringIO
+import time
+
+from django.core.management import call_command
+from django.test import TestCase, override_settings
+
+from core.events.ledger import append_event_sync
+from core.events.projection import shadow_compare_session
+from core.models import ChatSession, Message, Person, PersonIdentifier, User
+
+
+@override_settings(EVENT_LEDGER_DUAL_WRITE=True)
+class EventProjectionShadowTests(TestCase):
+ def setUp(self):
+ self.user = User.objects.create_user(
+ username="projection-user",
+ email="projection@example.com",
+ password="x",
+ )
+ self.person = Person.objects.create(user=self.user, name="Projection Person")
+ self.identifier = PersonIdentifier.objects.create(
+ user=self.user,
+ person=self.person,
+ service="signal",
+ identifier="+15555550333",
+ )
+ self.session = ChatSession.objects.create(user=self.user, identifier=self.identifier)
+
+ def test_shadow_compare_has_zero_mismatch_when_projection_matches(self):
+ message = Message.objects.create(
+ user=self.user,
+ session=self.session,
+ ts=1700000000000,
+ sender_uuid="+15555550333",
+ text="hello",
+ delivered_ts=1700000000000,
+ read_ts=1700000000500,
+ receipt_payload={
+ "reactions": [
+ {
+ "source_service": "signal",
+ "actor": "user:1:signal",
+ "emoji": "👍",
+ "removed": False,
+ }
+ ]
+ },
+ )
+ append_event_sync(
+ user=self.user,
+ session=self.session,
+ ts=1700000000000,
+ event_type="message_created",
+ direction="in",
+ origin_transport="signal",
+ origin_message_id=str(message.id),
+ payload={"message_id": str(message.id), "text": "hello"},
+ )
+ append_event_sync(
+ user=self.user,
+ session=self.session,
+ ts=1700000000500,
+ event_type="read_receipt",
+ direction="system",
+ origin_transport="signal",
+ origin_message_id=str(message.id),
+ payload={"message_id": str(message.id), "read_ts": 1700000000500},
+ )
+ append_event_sync(
+ user=self.user,
+ session=self.session,
+ ts=1700000000600,
+ event_type="reaction_added",
+ direction="system",
+ actor_identifier="user:1:signal",
+ origin_transport="signal",
+ origin_message_id=str(message.id),
+ payload={
+ "message_id": str(message.id),
+ "emoji": "👍",
+ "source_service": "signal",
+ "actor": "user:1:signal",
+ },
+ )
+
+ compared = shadow_compare_session(self.session, detail_limit=10)
+ self.assertEqual(0, compared["mismatch_total"])
+
+ def test_shadow_compare_detects_missing_projection_row(self):
+ Message.objects.create(
+ user=self.user,
+ session=self.session,
+ ts=1700000000000,
+ sender_uuid="+15555550333",
+ text="no-event",
+ )
+ compared = shadow_compare_session(self.session, detail_limit=10)
+ self.assertGreater(compared["counters"]["missing_in_projection"], 0)
+
+ def test_management_command_emits_summary(self):
+ out = StringIO()
+ call_command(
+ "event_projection_shadow",
+ user_id=str(self.user.id),
+ limit_sessions=5,
+ stdout=out,
+ )
+ rendered = out.getvalue()
+ self.assertIn("shadow compare:", rendered)
+ self.assertIn("cause_counts=", rendered)
+
+ def test_management_command_supports_service_and_recent_filters(self):
+ Message.objects.create(
+ user=self.user,
+ session=self.session,
+ ts=int(time.time() * 1000),
+ sender_uuid="+15550000000",
+ text="recent",
+ source_service="signal",
+ source_message_id="recent-1",
+ )
+ out = StringIO()
+ call_command(
+ "event_projection_shadow",
+ user_id=str(self.user.id),
+ service="signal",
+ recent_minutes=120,
+ limit_sessions=5,
+ stdout=out,
+ )
+ rendered = out.getvalue()
+ self.assertIn("shadow compare:", rendered)
diff --git a/core/tests/test_phase1_command_reply.py b/core/tests/test_phase1_command_reply.py
index b9920de..dfc23c8 100644
--- a/core/tests/test_phase1_command_reply.py
+++ b/core/tests/test_phase1_command_reply.py
@@ -8,6 +8,7 @@ from core.commands.engine import _matches_trigger, process_inbound_message
from core.messaging.reply_sync import extract_reply_ref, resolve_reply_target
from core.views.compose import _command_options_for_channel
from core.models import (
+ ChatTaskSource,
ChatSession,
CommandAction,
CommandChannelBinding,
@@ -362,6 +363,14 @@ class Phase1CommandEngineTests(TestCase):
).exists()
self.assertTrue(ingress_exists)
self.assertTrue(egress_exists)
+ self.assertTrue(
+ ChatTaskSource.objects.filter(
+ user=self.user,
+ service="signal",
+ channel_identifier="+15550000002",
+ enabled=True,
+ ).exists()
+ )
def test_first_user_bp_command_auto_setup_is_idempotent(self):
CommandProfile.objects.filter(user=self.user, slug="bp").delete()
diff --git a/core/tests/test_reaction_normalization.py b/core/tests/test_reaction_normalization.py
new file mode 100644
index 0000000..b5a3a31
--- /dev/null
+++ b/core/tests/test_reaction_normalization.py
@@ -0,0 +1,126 @@
+from __future__ import annotations
+
+from asgiref.sync import async_to_sync
+from django.test import TestCase
+
+from core.messaging import history
+from core.models import ChatSession, Message, Person, PersonIdentifier, User
+from core.views.compose import _serialize_message
+
+
+class ReactionNormalizationTests(TestCase):
+ def setUp(self):
+ self.user = User.objects.create_user(
+ username="react-normalize",
+ email="react-normalize@example.com",
+ password="pw",
+ )
+ self.person = Person.objects.create(user=self.user, name="Reaction Person")
+ self.identifier = PersonIdentifier.objects.create(
+ user=self.user,
+ person=self.person,
+ service="signal",
+ identifier="+15551239999",
+ )
+ self.session = ChatSession.objects.create(
+ user=self.user,
+ identifier=self.identifier,
+ )
+
+ def test_apply_reaction_prefers_exact_source_timestamp_match(self):
+ near_message = Message.objects.create(
+ user=self.user,
+ session=self.session,
+ ts=1700000000100,
+ sender_uuid="author-near",
+ text="near",
+ source_service="signal",
+ source_message_id="1700000000100",
+ )
+ exact_message = Message.objects.create(
+ user=self.user,
+ session=self.session,
+ ts=1700000000000,
+ sender_uuid="author-exact",
+ text="exact",
+ source_service="signal",
+ source_message_id="1700000000000",
+ )
+
+ updated = async_to_sync(history.apply_reaction)(
+ self.user,
+ self.identifier,
+ target_ts=1700000000000,
+ emoji="❤️",
+ source_service="signal",
+ actor="reactor-1",
+ target_author="author-exact",
+ remove=False,
+ payload={"origin": "test"},
+ )
+
+ self.assertEqual(str(exact_message.id), str(updated.id))
+ exact_message.refresh_from_db()
+ near_message.refresh_from_db()
+ self.assertEqual(1, len((exact_message.receipt_payload or {}).get("reactions") or []))
+ self.assertEqual(
+ "exact_source_message_id_ts",
+ str((exact_message.receipt_payload or {}).get("reaction_last_match_strategy") or ""),
+ )
+ self.assertEqual(0, len((near_message.receipt_payload or {}).get("reactions") or []))
+
+ def test_remove_without_emoji_is_audited_not_active(self):
+ message = Message.objects.create(
+ user=self.user,
+ session=self.session,
+ ts=1700000001000,
+ sender_uuid="author-1",
+ text="msg",
+ source_service="signal",
+ source_message_id="1700000001000",
+ )
+
+ async_to_sync(history.apply_reaction)(
+ self.user,
+ self.identifier,
+ target_ts=1700000001000,
+ emoji="",
+ source_service="whatsapp",
+ actor="actor-1",
+ remove=True,
+ payload={"origin": "test"},
+ )
+
+ message.refresh_from_db()
+ payload = dict(message.receipt_payload or {})
+ self.assertEqual([], list(payload.get("reactions") or []))
+ self.assertEqual(1, len(list(payload.get("reaction_events") or [])))
+
+ def test_emoji_only_reply_text_is_not_reaction(self):
+ anchor = Message.objects.create(
+ user=self.user,
+ session=self.session,
+ ts=1700000002000,
+ sender_uuid="author-1",
+ text="anchor",
+ source_service="signal",
+ source_message_id="1700000002000",
+ )
+ heart_reply = Message.objects.create(
+ user=self.user,
+ session=self.session,
+ ts=1700000003000,
+ sender_uuid="author-2",
+ text="❤️",
+ source_service="signal",
+ source_message_id="1700000003000",
+ reply_to=anchor,
+ reply_source_service="signal",
+ reply_source_message_id="1700000002000",
+ receipt_payload={},
+ )
+
+ serialized = _serialize_message(heart_reply)
+ self.assertEqual("❤️", serialized["text"])
+ self.assertEqual([], list(serialized.get("reactions") or []))
+ self.assertEqual(str(anchor.id), serialized["reply_to_id"])
diff --git a/core/tests/test_tasks_settings_and_toggle.py b/core/tests/test_tasks_settings_and_toggle.py
index 3282eea..71a1d9a 100644
--- a/core/tests/test_tasks_settings_and_toggle.py
+++ b/core/tests/test_tasks_settings_and_toggle.py
@@ -211,6 +211,119 @@ class TaskSettingsViewActionsTests(TestCase):
)
+@override_settings(TASK_DERIVATION_USE_AI=False)
+class TaskAutoBootstrapTests(TestCase):
+ def setUp(self):
+ self.user = User.objects.create_user("task-auto-user", "task-auto@example.com", "x")
+ self.person = Person.objects.create(user=self.user, name="Bootstrap Chat")
+ self.identifier = PersonIdentifier.objects.create(
+ user=self.user,
+ person=self.person,
+ service="whatsapp",
+ identifier="120363402761690215@g.us",
+ )
+ self.session = ChatSession.objects.create(user=self.user, identifier=self.identifier)
+
+ def test_task_message_auto_creates_project_and_source(self):
+ msg = Message.objects.create(
+ user=self.user,
+ session=self.session,
+ sender_uuid="peer",
+ text="task: ship alpha",
+ ts=1000,
+ source_service="whatsapp",
+ source_chat_id="120363402761690215@g.us",
+ )
+ with patch("core.tasks.engine.send_message_raw", new=AsyncMock()):
+ async_to_sync(process_inbound_task_intelligence)(msg)
+ source = ChatTaskSource.objects.filter(
+ user=self.user,
+ service="whatsapp",
+ channel_identifier="120363402761690215@g.us",
+ enabled=True,
+ ).first()
+ self.assertIsNotNone(source)
+ self.assertTrue(TaskProject.objects.filter(user=self.user, id=source.project_id).exists())
+ self.assertEqual(1, DerivedTask.objects.filter(user=self.user).count())
+
+
+class TaskProjectDeleteGuardTests(TestCase):
+ def setUp(self):
+ self.user = User.objects.create_user("task-delete-user", "task-delete@example.com", "x")
+ self.client.force_login(self.user)
+ self.project = TaskProject.objects.create(user=self.user, name="Delete Me")
+ self.source = ChatTaskSource.objects.create(
+ user=self.user,
+ service="signal",
+ channel_identifier="+15550000001",
+ project=self.project,
+ enabled=True,
+ )
+
+ def test_project_delete_requires_exact_confirmation(self):
+ response = self.client.post(
+ reverse("tasks_hub"),
+ {
+ "action": "project_delete",
+ "project_id": str(self.project.id),
+ "confirm_name": "wrong",
+ },
+ follow=True,
+ )
+ self.assertEqual(200, response.status_code)
+ self.assertTrue(TaskProject.objects.filter(id=self.project.id, user=self.user).exists())
+
+ def test_project_delete_reseeds_default_mapping(self):
+ response = self.client.post(
+ reverse("tasks_hub"),
+ {
+ "action": "project_delete",
+ "project_id": str(self.project.id),
+ "confirm_name": "Delete Me",
+ },
+ follow=True,
+ )
+ self.assertEqual(200, response.status_code)
+ self.assertFalse(TaskProject.objects.filter(id=self.project.id, user=self.user).exists())
+ self.assertTrue(
+ ChatTaskSource.objects.filter(
+ user=self.user,
+ service="signal",
+ channel_identifier="+15550000001",
+ enabled=True,
+ ).exists()
+ )
+
+
+class TaskHubEmptyProjectVisibilityTests(TestCase):
+ def setUp(self):
+ self.user = User.objects.create_user("task-hub-user", "task-hub@example.com", "x")
+ self.client.force_login(self.user)
+ self.empty = TaskProject.objects.create(user=self.user, name="Empty")
+ self.used = TaskProject.objects.create(user=self.user, name="Used")
+ DerivedTask.objects.create(
+ user=self.user,
+ project=self.used,
+ title="Visible Task",
+ source_service="web",
+ source_channel="web-1",
+ reference_code="1",
+ status_snapshot="open",
+ )
+
+ def test_tasks_hub_hides_empty_projects_by_default(self):
+ response = self.client.get(reverse("tasks_hub"))
+ self.assertEqual(200, response.status_code)
+ projects = list(response.context["projects"])
+ self.assertEqual(["Used"], [str(row.name) for row in projects])
+
+ def test_tasks_hub_can_show_empty_projects(self):
+ response = self.client.get(reverse("tasks_hub"), {"show_empty": "1"})
+ self.assertEqual(200, response.status_code)
+ names = sorted(str(row.name) for row in response.context["projects"])
+ self.assertEqual(["Empty", "Used"], names)
+
+
class TaskSettingsExternalChatLinkScopeTests(TestCase):
def setUp(self):
self.user = User.objects.create_user("task-link-user", "task-link@example.com", "x")
@@ -331,10 +444,29 @@ class CodexSettingsAndSubmitTests(TestCase):
follow=True,
)
self.assertEqual(200, response.status_code)
- self.assertTrue(CodexRun.objects.filter(user=self.user, task=self.task).exists())
- self.assertTrue(ExternalSyncEvent.objects.filter(user=self.user, task=self.task, provider="codex_cli").exists())
+ run = CodexRun.objects.filter(user=self.user, task=self.task).order_by("-created_at").first()
+ self.assertIsNotNone(run)
+ self.assertEqual("waiting_approval", str(getattr(run, "status", "")))
+ event = ExternalSyncEvent.objects.filter(user=self.user, task=self.task, provider="codex_cli").order_by("-created_at").first()
+ self.assertIsNotNone(event)
+ self.assertEqual("waiting_approval", str(getattr(event, "status", "")))
+ self.assertTrue(
+ CodexPermissionRequest.objects.filter(
+ user=self.user,
+ codex_run=run,
+ status="pending",
+ ).exists()
+ )
def test_codex_settings_page_and_approval_action(self):
+ waiting_event = ExternalSyncEvent.objects.create(
+ user=self.user,
+ task=self.task,
+ provider="codex_cli",
+ status="waiting_approval",
+ payload={},
+ error="",
+ )
run = CodexRun.objects.create(
user=self.user,
task=self.task,
@@ -348,6 +480,7 @@ class CodexSettingsAndSubmitTests(TestCase):
req = CodexPermissionRequest.objects.create(
user=self.user,
codex_run=run,
+ external_sync_event=waiting_event,
approval_key="approve-me",
summary="need approval",
requested_permissions={"items": ["write"]},
@@ -365,5 +498,7 @@ class CodexSettingsAndSubmitTests(TestCase):
self.assertEqual(200, response.status_code)
req.refresh_from_db()
run.refresh_from_db()
+ waiting_event.refresh_from_db()
self.assertEqual("approved", req.status)
self.assertEqual("approved_waiting_resume", run.status)
+ self.assertEqual("ok", waiting_event.status)
diff --git a/core/tests/test_tracing_helpers.py b/core/tests/test_tracing_helpers.py
new file mode 100644
index 0000000..2f910f5
--- /dev/null
+++ b/core/tests/test_tracing_helpers.py
@@ -0,0 +1,21 @@
+from django.test import SimpleTestCase
+
+from core.observability.tracing import ensure_trace_id
+
+
+class TracingHelpersTests(SimpleTestCase):
+ def test_ensure_trace_id_prefers_explicit_value(self):
+ self.assertEqual(
+ "abc123",
+ ensure_trace_id("abc123", {"trace_id": "payload"}),
+ )
+
+ def test_ensure_trace_id_uses_payload_value(self):
+ self.assertEqual(
+ "payload-value",
+ ensure_trace_id("", {"trace_id": "payload-value"}),
+ )
+
+ def test_ensure_trace_id_generates_when_missing(self):
+ trace_id = ensure_trace_id("", {})
+ self.assertEqual(32, len(trace_id))
diff --git a/core/tests/test_transport_capabilities.py b/core/tests/test_transport_capabilities.py
new file mode 100644
index 0000000..5c4a2bd
--- /dev/null
+++ b/core/tests/test_transport_capabilities.py
@@ -0,0 +1,17 @@
+from django.test import SimpleTestCase
+
+from core.transports.capabilities import capability_snapshot, supports, unsupported_reason
+
+
+class TransportCapabilitiesTests(SimpleTestCase):
+ def test_signal_reactions_supported(self):
+ self.assertTrue(supports("signal", "reactions"))
+
+ def test_instagram_reactions_not_supported(self):
+ self.assertFalse(supports("instagram", "reactions"))
+ self.assertIn("instagram does not support reactions", unsupported_reason("instagram", "reactions"))
+
+ def test_snapshot_has_schema_version(self):
+ snapshot = capability_snapshot()
+ self.assertIn("schema_version", snapshot)
+ self.assertIn("services", snapshot)
diff --git a/core/transports/__init__.py b/core/transports/__init__.py
new file mode 100644
index 0000000..9a194a0
--- /dev/null
+++ b/core/transports/__init__.py
@@ -0,0 +1,7 @@
+from core.transports.capabilities import (
+ capability_snapshot,
+ supports,
+ unsupported_reason,
+)
+
+__all__ = ["supports", "unsupported_reason", "capability_snapshot"]
diff --git a/core/transports/capabilities.py b/core/transports/capabilities.py
new file mode 100644
index 0000000..130ed1b
--- /dev/null
+++ b/core/transports/capabilities.py
@@ -0,0 +1,100 @@
+from __future__ import annotations
+
+CAPABILITY_SCHEMA_VERSION = 1
+
+_TRANSPORT_CAPABILITIES: dict[str, dict[str, bool]] = {
+ "signal": {
+ "send": True,
+ "reactions": True,
+ "edits": False,
+ "deletes": False,
+ "threaded_replies": True,
+ "typing": True,
+ "read_receipts": True,
+ "media_images": True,
+ "media_video": True,
+ "media_audio": True,
+ "media_documents": True,
+ },
+ "whatsapp": {
+ "send": True,
+ "reactions": True,
+ "edits": False,
+ "deletes": False,
+ "threaded_replies": True,
+ "typing": True,
+ "read_receipts": True,
+ "media_images": True,
+ "media_video": True,
+ "media_audio": True,
+ "media_documents": True,
+ },
+ "instagram": {
+ "send": True,
+ "reactions": False,
+ "edits": False,
+ "deletes": False,
+ "threaded_replies": False,
+ "typing": True,
+ "read_receipts": False,
+ "media_images": True,
+ "media_video": True,
+ "media_audio": False,
+ "media_documents": False,
+ },
+ "xmpp": {
+ "send": False,
+ "reactions": False,
+ "edits": False,
+ "deletes": False,
+ "threaded_replies": False,
+ "typing": False,
+ "read_receipts": False,
+ "media_images": False,
+ "media_video": False,
+ "media_audio": False,
+ "media_documents": False,
+ },
+}
+
+
+def _service_key(service: str) -> str:
+ return str(service or "").strip().lower()
+
+
+def _capabilities_for(service: str) -> dict[str, bool]:
+ defaults = _TRANSPORT_CAPABILITIES.get(_service_key(service))
+ if defaults is None:
+ return {}
+ return dict(defaults)
+
+
+def supports(service: str, feature: str) -> bool:
+ feature_key = str(feature or "").strip().lower()
+ if not feature_key:
+ return False
+ return bool(_capabilities_for(service).get(feature_key, False))
+
+
+def unsupported_reason(service: str, feature: str) -> str:
+ if supports(service, feature):
+ return ""
+ service_key = _service_key(service) or "unknown"
+ feature_key = str(feature or "").strip().lower() or "requested_action"
+ return f"{service_key} does not support {feature_key}."
+
+
+def capability_snapshot(service: str = "") -> dict:
+ if service:
+ key = _service_key(service)
+ return {
+ "schema_version": CAPABILITY_SCHEMA_VERSION,
+ "service": key,
+ "capabilities": _capabilities_for(key),
+ }
+ return {
+ "schema_version": CAPABILITY_SCHEMA_VERSION,
+ "services": {
+ key: dict(value) for key, value in sorted(_TRANSPORT_CAPABILITIES.items())
+ },
+ }
diff --git a/core/views/compose.py b/core/views/compose.py
index a78367b..f292fca 100644
--- a/core/views/compose.py
+++ b/core/views/compose.py
@@ -30,6 +30,7 @@ from core.assist.engine import process_inbound_assist
from core.commands.base import CommandContext
from core.commands.engine import process_inbound_message
from core.commands.policies import ensure_variant_policies_for_profile
+from core.events.ledger import append_event_sync
from core.messaging import ai as ai_runner
from core.messaging import history
from core.messaging import media_bridge
@@ -53,6 +54,7 @@ from core.models import (
from core.presence import get_settings as get_availability_settings
from core.presence import spans_for_range
from core.realtime.typing_state import get_person_typing_state
+from core.transports.capabilities import supports, unsupported_reason
from core.translation.engine import process_inbound_translation
from core.views.workspace import (
INSIGHT_METRICS,
@@ -516,7 +518,8 @@ def _serialize_message(msg: Message) -> dict:
emoji = str(item.get("emoji") or "").strip()
if not emoji:
continue
- actor = str(item.get("actor") or "").strip()
+ # Keep actor/source normalization stable to avoid duplicate/hiding issues.
+ actor = str(item.get("actor") or "").strip().lower()
source = str(item.get("source_service") or "").strip().lower()
key = (emoji, actor, source)
if key in seen_reactions:
@@ -1811,6 +1814,7 @@ def _reaction_actor_key(user_id, service: str) -> str:
def _resolve_reaction_target(message: Message, service: str, channel_identifier: str) -> dict:
service_key = _default_service(service)
+ message_source_service = str(getattr(message, "source_service", "") or "").strip().lower()
source_message_id = str(getattr(message, "source_message_id", "") or "").strip()
sender_uuid = str(getattr(message, "sender_uuid", "") or "").strip()
source_chat_id = str(getattr(message, "source_chat_id", "") or "").strip()
@@ -1819,23 +1823,23 @@ def _resolve_reaction_target(message: Message, service: str, channel_identifier:
if service_key == "signal":
target_ts = 0
- if source_message_id.isdigit():
+ if message_source_service == "signal" and source_message_id.isdigit():
target_ts = int(source_message_id)
+ bridge_ref = _latest_signal_bridge_ref(message)
if not target_ts:
- bridge_ref = _latest_signal_bridge_ref(message)
upstream_id = str(bridge_ref.get("upstream_message_id") or "").strip()
if upstream_id.isdigit():
target_ts = int(upstream_id)
if not target_ts:
target_ts = int(bridge_ref.get("upstream_ts") or 0)
- if not target_ts:
+ # Local web messages are only reactable once bridge refs exist.
+ if not target_ts and message_source_service == "signal":
target_ts = delivered_ts or local_ts
if target_ts <= 0:
return {"error": "signal_target_unresolvable"}
target_author = sender_uuid
if not target_author:
- bridge_ref = _latest_signal_bridge_ref(message)
target_author = str(bridge_ref.get("upstream_author") or "").strip()
if (
str(getattr(message, "custom_author", "") or "").strip().upper()
@@ -1856,10 +1860,10 @@ def _resolve_reaction_target(message: Message, service: str, channel_identifier:
}
if service_key == "whatsapp":
- target_message_id = source_message_id
+ target_message_id = source_message_id if message_source_service == "whatsapp" else ""
target_ts = delivered_ts or local_ts
+ bridge_ref = _latest_whatsapp_bridge_ref(message)
if not target_message_id:
- bridge_ref = _latest_whatsapp_bridge_ref(message)
target_message_id = str(bridge_ref.get("upstream_message_id") or "").strip()
if not target_ts:
target_ts = int(bridge_ref.get("upstream_ts") or 0)
@@ -4357,7 +4361,7 @@ class ComposeEngageSend(LoginRequiredMixin, View):
identifier=base["person_identifier"],
)
ts_value = int(ts) if str(ts).isdigit() else int(time.time() * 1000)
- Message.objects.create(
+ created = Message.objects.create(
user=request.user,
session=session,
sender_uuid="",
@@ -4366,6 +4370,23 @@ class ComposeEngageSend(LoginRequiredMixin, View):
delivered_ts=ts_value if str(ts).isdigit() else None,
custom_author="USER",
)
+ try:
+ append_event_sync(
+ user=request.user,
+ session=session,
+ ts=ts_value,
+ event_type="message_created",
+ direction="out",
+ actor_identifier="USER",
+ origin_transport="web",
+ origin_message_id=str(created.id),
+ origin_chat_id=str(base["identifier"] or ""),
+ payload={"message_id": str(created.id), "text": outbound},
+ raw_payload={},
+ trace_id="",
+ )
+ except Exception:
+ pass
return JsonResponse({"ok": True, "message": "Shared engage sent."})
@@ -4519,6 +4540,23 @@ class ComposeSend(LoginRequiredMixin, View):
),
message_meta={},
)
+ try:
+ append_event_sync(
+ user=request.user,
+ session=session,
+ ts=int(ts),
+ event_type="message_created",
+ direction="out",
+ actor_identifier="USER",
+ origin_transport="web",
+ origin_message_id=str(created_message.id),
+ origin_chat_id=str(base["identifier"] or ""),
+ payload={"message_id": str(created_message.id), "text": text},
+ raw_payload={},
+ trace_id="",
+ )
+ except Exception:
+ pass
command_id = transport.enqueue_runtime_command(
base["service"],
"send_message_raw",
@@ -4591,6 +4629,23 @@ class ComposeSend(LoginRequiredMixin, View):
reply_source_message_id=str(reply_to.id) if reply_to is not None else None,
message_meta={},
)
+ try:
+ append_event_sync(
+ user=request.user,
+ session=session,
+ ts=msg_ts,
+ event_type="message_created",
+ direction="out",
+ actor_identifier="USER",
+ origin_transport="web",
+ origin_message_id=str(created_message.id),
+ origin_chat_id=str(base["identifier"] or ""),
+ payload={"message_id": str(created_message.id), "text": text},
+ raw_payload={},
+ trace_id="",
+ )
+ except Exception:
+ pass
if created_message is not None:
async_to_sync(process_inbound_message)(
CommandContext(
@@ -4643,6 +4698,14 @@ class ComposeReact(LoginRequiredMixin, View):
service_key = _default_service(service)
if service_key not in {"signal", "whatsapp"}:
return JsonResponse({"ok": False, "error": "service_not_supported"})
+ if bool(getattr(settings, "CAPABILITY_ENFORCEMENT_ENABLED", True)) and not supports(service_key, "reactions"):
+ return JsonResponse(
+ {
+ "ok": False,
+ "error": "unsupported_action",
+ "reason": unsupported_reason(service_key, "reactions"),
+ }
+ )
if not identifier and person is None:
return JsonResponse({"ok": False, "error": "missing_scope"})
diff --git a/core/views/system.py b/core/views/system.py
index db0a09d..5c023f5 100644
--- a/core/views/system.py
+++ b/core/views/system.py
@@ -1,12 +1,15 @@
+from django.http import JsonResponse
from django.shortcuts import render
from django.views import View
from core.models import (
+ AdapterHealthEvent,
AIRequest,
AIResult,
AIResultSignal,
Chat,
ChatSession,
+ ConversationEvent,
Group,
MemoryItem,
Message,
@@ -25,6 +28,8 @@ from core.models import (
WorkspaceConversation,
WorkspaceMetricSnapshot,
)
+from core.events.projection import shadow_compare_session
+from core.transports.capabilities import capability_snapshot
from core.views.manage.permissions import SuperUserRequiredMixin
@@ -37,6 +42,8 @@ class SystemSettings(SuperUserRequiredMixin, View):
"messages": Message.objects.filter(user=user).count(),
"queued_messages": QueuedMessage.objects.filter(user=user).count(),
"message_events": MessageEvent.objects.filter(user=user).count(),
+ "conversation_events": ConversationEvent.objects.filter(user=user).count(),
+ "adapter_health_events": AdapterHealthEvent.objects.filter(user=user).count(),
"workspace_conversations": WorkspaceConversation.objects.filter(
user=user
).count(),
@@ -85,6 +92,8 @@ class SystemSettings(SuperUserRequiredMixin, View):
conversation__user=user
).delete()[0]
deleted += MessageEvent.objects.filter(user=user).delete()[0]
+ deleted += ConversationEvent.objects.filter(user=user).delete()[0]
+ deleted += AdapterHealthEvent.objects.filter(user=user).delete()[0]
deleted += Message.objects.filter(user=user).delete()[0]
deleted += QueuedMessage.objects.filter(user=user).delete()[0]
deleted += WorkspaceConversation.objects.filter(user=user).delete()[0]
@@ -156,3 +165,97 @@ class SystemSettings(SuperUserRequiredMixin, View):
"notice_message": notice_message,
},
)
+
+
+class ServiceCapabilitySnapshotAPI(SuperUserRequiredMixin, View):
+ def get(self, request):
+ service = str(request.GET.get("service") or "").strip().lower()
+ return JsonResponse(
+ {
+ "ok": True,
+ "data": capability_snapshot(service),
+ }
+ )
+
+
+class AdapterHealthSummaryAPI(SuperUserRequiredMixin, View):
+ def get(self, request):
+ latest_by_service = {}
+ rows = AdapterHealthEvent.objects.order_by("service", "-ts")[:200]
+ for row in rows:
+ key = str(row.service or "").strip().lower()
+ if key in latest_by_service:
+ continue
+ latest_by_service[key] = {
+ "status": str(row.status or ""),
+ "reason": str(row.reason or ""),
+ "ts": int(row.ts or 0),
+ "created_at": row.created_at.isoformat(),
+ }
+ return JsonResponse({"ok": True, "services": latest_by_service})
+
+
+class TraceDiagnosticsAPI(SuperUserRequiredMixin, View):
+ def get(self, request):
+ trace_id = str(request.GET.get("trace_id") or "").strip()
+ if not trace_id:
+ return JsonResponse(
+ {"ok": False, "error": "trace_id_required"},
+ status=400,
+ )
+ rows = list(
+ ConversationEvent.objects.filter(
+ user=request.user,
+ trace_id=trace_id,
+ )
+ .select_related("session")
+ .order_by("ts", "created_at")[:500]
+ )
+ return JsonResponse(
+ {
+ "ok": True,
+ "trace_id": trace_id,
+ "count": len(rows),
+ "events": [
+ {
+ "id": str(row.id),
+ "ts": int(row.ts or 0),
+ "event_type": str(row.event_type or ""),
+ "direction": str(row.direction or ""),
+ "session_id": str(row.session_id or ""),
+ "origin_transport": str(row.origin_transport or ""),
+ "origin_message_id": str(row.origin_message_id or ""),
+ "payload": dict(row.payload or {}),
+ }
+ for row in rows
+ ],
+ }
+ )
+
+
+class EventProjectionShadowAPI(SuperUserRequiredMixin, View):
+ def get(self, request):
+ session_id = str(request.GET.get("session_id") or "").strip()
+ if not session_id:
+ return JsonResponse(
+ {"ok": False, "error": "session_id_required"},
+ status=400,
+ )
+ detail_limit = int(request.GET.get("detail_limit") or 25)
+ session = ChatSession.objects.filter(
+ id=session_id,
+ user=request.user,
+ ).first()
+ if session is None:
+ return JsonResponse(
+ {"ok": False, "error": "session_not_found"},
+ status=404,
+ )
+ compared = shadow_compare_session(session, detail_limit=max(0, detail_limit))
+ return JsonResponse(
+ {
+ "ok": True,
+ "result": compared,
+ "cause_summary": dict(compared.get("cause_counts") or {}),
+ }
+ )
diff --git a/core/views/tasks.py b/core/views/tasks.py
index 4268e10..3f5e288 100644
--- a/core/views/tasks.py
+++ b/core/views/tasks.py
@@ -35,20 +35,14 @@ from core.models import (
ExternalChatLink,
)
from core.tasks.codex_support import resolve_external_chat_id
+from core.tasks.chat_defaults import (
+ SAFE_TASK_FLAGS_DEFAULTS,
+ ensure_default_source_for_chat,
+ normalize_channel_identifier,
+)
+from core.tasks.codex_approval import queue_codex_event_with_pre_approval
from core.tasks.providers import get_provider
-SAFE_TASK_FLAGS_DEFAULTS = {
- "derive_enabled": True,
- "match_mode": "strict",
- "require_prefix": True,
- "allowed_prefixes": ["task:", "todo:"],
- "completion_enabled": True,
- "ai_title_enabled": True,
- "announce_task_id": False,
- "min_chars": 3,
-}
-
-
def _to_bool(raw, default=False) -> bool:
if raw is None:
return bool(default)
@@ -385,7 +379,7 @@ def _enqueue_codex_task_submission(
source_service=str(source_service or ""),
source_channel=str(source_channel or ""),
external_chat_id=external_chat_id,
- status="queued",
+ status="waiting_approval",
request_payload={"action": "append_update", "provider_payload": dict(provider_payload)},
result_payload={},
error="",
@@ -396,51 +390,21 @@ def _enqueue_codex_task_submission(
idempotency_key = (
f"codex_submit:{task.id}:{mode}:{hashlib.sha1(str(command_text or '').encode('utf-8')).hexdigest()[:10]}:{run.id}"
)
- ExternalSyncEvent.objects.update_or_create(
+ queue_codex_event_with_pre_approval(
+ user=user,
+ run=run,
+ task=task,
+ task_event=None,
+ action="append_update",
+ provider_payload=dict(provider_payload),
idempotency_key=idempotency_key,
- defaults={
- "user": user,
- "task": task,
- "task_event": None,
- "provider": "codex_cli",
- "status": "pending",
- "payload": {
- "action": "append_update",
- "provider_payload": dict(provider_payload),
- },
- "error": "",
- },
)
return run
-def _normalize_channel_identifier(service: str, identifier: str) -> str:
- service_key = str(service or "").strip().lower()
- value = str(identifier or "").strip()
- if not value:
- return ""
- if service_key == "whatsapp":
- bare = value.split("@", 1)[0].strip()
- if bare:
- if value.endswith("@g.us"):
- return f"{bare}@g.us"
- if value.endswith("@s.whatsapp.net"):
- return f"{bare}@s.whatsapp.net"
- return f"{bare}@g.us"
- if service_key == "signal":
- return value
- if service_key == "xmpp":
- return value
- if service_key == "instagram":
- return value
- if service_key == "web":
- return value
- return value
-
-
def _upsert_group_source(*, user, service: str, channel_identifier: str, project, epic=None):
normalized_service = str(service or "").strip().lower()
- normalized_identifier = _normalize_channel_identifier(service, channel_identifier)
+ normalized_identifier = normalize_channel_identifier(service, channel_identifier)
if not normalized_service or not normalized_identifier:
return None
source, created = ChatTaskSource.objects.get_or_create(
@@ -503,6 +467,28 @@ def _notify_epic_created_in_project_chats(*, project: TaskProject, epic: TaskEpi
continue
+def _reseed_chat_sources_for_deleted_project(user, service_channel_rows: list[tuple[str, str]]) -> int:
+ restored = 0
+ seen: set[tuple[str, str]] = set()
+ for service, channel_identifier in service_channel_rows:
+ service_key = str(service or "").strip().lower()
+ channel = str(channel_identifier or "").strip()
+ if not service_key or not channel:
+ continue
+ pair = (service_key, channel)
+ if pair in seen:
+ continue
+ seen.add(pair)
+ source = ensure_default_source_for_chat(
+ user=user,
+ service=service_key,
+ channel_identifier=channel,
+ )
+ if source is not None:
+ restored += 1
+ return restored
+
+
def _person_identifier_scope_variants(service: str, identifier: str) -> list[str]:
service_key = str(service or "").strip().lower()
raw_identifier = str(identifier or "").strip()
@@ -668,14 +654,17 @@ class TasksHub(LoginRequiredMixin, View):
def _context(self, request):
scope = self._scope(request)
- projects = (
+ show_empty = bool(str(request.GET.get("show_empty") or "").strip() in {"1", "true", "yes", "on"})
+ all_projects = (
TaskProject.objects.filter(user=request.user)
.annotate(
task_count=Count("derived_tasks"),
epic_count=Count("epics", distinct=True),
+ source_count=Count("chat_sources", distinct=True),
)
.order_by("name")
)
+ projects = all_projects if show_empty else all_projects.filter(task_count__gt=0)
tasks = (
DerivedTask.objects.filter(user=request.user)
.select_related("project", "epic", "origin_message")
@@ -684,10 +673,7 @@ class TasksHub(LoginRequiredMixin, View):
tasks = _apply_task_creator_labels(request.user, tasks)
selected_project = None
if scope["selected_project_id"]:
- selected_project = TaskProject.objects.filter(
- user=request.user,
- id=scope["selected_project_id"],
- ).first()
+ selected_project = all_projects.filter(id=scope["selected_project_id"]).first()
person_identifiers = []
person_identifier_rows = []
if scope["person"] is not None:
@@ -719,10 +705,12 @@ class TasksHub(LoginRequiredMixin, View):
)
return {
"projects": projects,
+ "project_choices": all_projects,
"tasks": tasks,
"scope": scope,
"person_identifier_rows": person_identifier_rows,
"selected_project": selected_project,
+ "show_empty_projects": show_empty,
}
def get(self, request):
@@ -802,9 +790,25 @@ class TasksHub(LoginRequiredMixin, View):
id=request.POST.get("project_id"),
user=request.user,
)
+ confirm_name = str(request.POST.get("confirm_name") or "").strip()
+ expected = str(project.name or "").strip()
+ if confirm_name != expected:
+ messages.error(
+ request,
+ f"Delete cancelled. Type the project name exactly to confirm deletion: {expected}",
+ )
+ return redirect("tasks_hub")
+ mapped_channels = list(project.chat_sources.values_list("service", "channel_identifier"))
deleted_name = str(project.name or "").strip() or "Project"
project.delete()
- messages.success(request, f"Deleted project '{deleted_name}'.")
+ restored = _reseed_chat_sources_for_deleted_project(request.user, mapped_channels)
+ if restored > 0:
+ messages.success(
+ request,
+ f"Deleted project '{deleted_name}'. Restored {restored} chat mapping(s) with default projects.",
+ )
+ else:
+ messages.success(request, f"Deleted project '{deleted_name}'.")
return redirect("tasks_hub")
return redirect("tasks_hub")
@@ -891,9 +895,25 @@ class TaskProjectDetail(LoginRequiredMixin, View):
return redirect("tasks_project", project_id=str(project.id))
if action == "project_delete":
+ confirm_name = str(request.POST.get("confirm_name") or "").strip()
+ expected = str(project.name or "").strip()
+ if confirm_name != expected:
+ messages.error(
+ request,
+ f"Delete cancelled. Type the project name exactly to confirm deletion: {expected}",
+ )
+ return redirect("tasks_project", project_id=str(project.id))
+ mapped_channels = list(project.chat_sources.values_list("service", "channel_identifier"))
deleted_name = str(project.name or "").strip() or "Project"
project.delete()
- messages.success(request, f"Deleted project '{deleted_name}'.")
+ restored = _reseed_chat_sources_for_deleted_project(request.user, mapped_channels)
+ if restored > 0:
+ messages.success(
+ request,
+ f"Deleted project '{deleted_name}'. Restored {restored} chat mapping(s) with default projects.",
+ )
+ else:
+ messages.success(request, f"Deleted project '{deleted_name}'.")
return redirect("tasks_hub")
return redirect("tasks_project", project_id=str(project.id))
@@ -928,6 +948,17 @@ class TaskGroupDetail(LoginRequiredMixin, View):
channel_identifier__in=variants,
).select_related("project", "epic")
mappings = list(mappings)
+ if not mappings:
+ seeded = ensure_default_source_for_chat(
+ user=request.user,
+ service=channel["service_key"],
+ channel_identifier=channel["display_identifier"],
+ )
+ if seeded is not None:
+ mappings = list(
+ ChatTaskSource.objects.filter(id=seeded.id)
+ .select_related("project", "epic")
+ )
for row in mappings:
row_channel = _resolve_channel_display(
request.user,
@@ -962,6 +993,7 @@ class TaskGroupDetail(LoginRequiredMixin, View):
"channel_display_name": channel["display_name"],
"projects": TaskProject.objects.filter(user=request.user).order_by("name"),
"mappings": mappings,
+ "primary_project": mappings[0].project if mappings else None,
"tasks": tasks,
},
)
@@ -1015,6 +1047,35 @@ class TaskGroupDetail(LoginRequiredMixin, View):
epic=epic,
)
messages.success(request, f"Mapped '{project.name}' to this group.")
+ elif action == "group_project_rename":
+ current = (
+ ChatTaskSource.objects.filter(
+ user=request.user,
+ service=channel["service_key"],
+ channel_identifier=channel["display_identifier"],
+ enabled=True,
+ )
+ .select_related("project")
+ .order_by("-updated_at")
+ .first()
+ )
+ if current is None:
+ current = ensure_default_source_for_chat(
+ user=request.user,
+ service=channel["service_key"],
+ channel_identifier=channel["display_identifier"],
+ )
+ new_name = str(request.POST.get("project_name") or "").strip()
+ if current is None or current.project is None:
+ messages.error(request, "No mapped project found for this chat.")
+ elif not new_name:
+ messages.error(request, "Project name is required.")
+ elif TaskProject.objects.filter(user=request.user, name=new_name).exclude(id=current.project_id).exists():
+ messages.error(request, f"Project '{new_name}' already exists.")
+ else:
+ current.project.name = new_name
+ current.project.save(update_fields=["name", "updated_at"])
+ messages.success(request, f"Renamed project to '{new_name}'.")
return redirect(
"tasks_group",
service=channel["service_key"],
@@ -1427,7 +1488,10 @@ class TaskCodexSubmit(LoginRequiredMixin, View):
mode="default",
source_message=getattr(task, "origin_message", None),
)
- messages.success(request, f"Sent task #{task.reference_code} to Codex (run {run.id}).")
+ messages.success(
+ request,
+ f"Queued approval for task #{task.reference_code} before Codex run {run.id}.",
+ )
return redirect(next_url)
@@ -1524,28 +1588,49 @@ class CodexApprovalAction(LoginRequiredMixin, View):
"resolution_note",
]
)
+ if row.external_sync_event_id:
+ ExternalSyncEvent.objects.filter(id=row.external_sync_event_id).update(
+ status="ok",
+ error="",
+ )
run = row.codex_run
run.status = "approved_waiting_resume"
run.error = ""
run.save(update_fields=["status", "error", "updated_at"])
- provider_payload = dict(run.request_payload.get("provider_payload") or {})
- provider_payload.update(
- {
- "mode": "approval_response",
- "approval_key": row.approval_key,
- "resume_payload": dict(row.resume_payload or {}),
- "codex_run_id": str(run.id),
- }
- )
+ resume_payload = dict(row.resume_payload or {})
+ resume_action = str(resume_payload.get("action") or "").strip().lower()
+ resume_provider_payload = dict(resume_payload.get("provider_payload") or {})
+ if resume_action and resume_provider_payload:
+ provider_payload = dict(resume_provider_payload)
+ provider_payload["codex_run_id"] = str(run.id)
+ event_action = resume_action
+ resume_idempotency_key = str(resume_payload.get("idempotency_key") or "").strip()
+ resume_event_key = (
+ resume_idempotency_key
+ if resume_idempotency_key
+ else f"codex_approval:{row.approval_key}:approved"
+ )
+ else:
+ provider_payload = dict(run.request_payload.get("provider_payload") or {})
+ provider_payload.update(
+ {
+ "mode": "approval_response",
+ "approval_key": row.approval_key,
+ "resume_payload": dict(row.resume_payload or {}),
+ "codex_run_id": str(run.id),
+ }
+ )
+ event_action = "append_update"
+ resume_event_key = f"codex_approval:{row.approval_key}:approved"
ExternalSyncEvent.objects.update_or_create(
- idempotency_key=f"codex_approval:{row.approval_key}:approved",
+ idempotency_key=resume_event_key,
defaults={
"user": request.user,
"task": run.task,
"task_event": run.derived_task_event,
"provider": "codex_cli",
"status": "pending",
- "payload": {"action": "append_update", "provider_payload": provider_payload},
+ "payload": {"action": event_action, "provider_payload": provider_payload},
"error": "",
},
)
diff --git a/scripts/quadlet/manage.sh b/scripts/quadlet/manage.sh
index 5bd9128..d7044df 100755
--- a/scripts/quadlet/manage.sh
+++ b/scripts/quadlet/manage.sh
@@ -27,10 +27,16 @@ ASGI_CONTAINER="$(name_with_stack "asgi_gia")"
UR_CONTAINER="$(name_with_stack "ur_gia")"
SCHED_CONTAINER="$(name_with_stack "scheduling_gia")"
CODEX_WORKER_CONTAINER="$(name_with_stack "codex_worker_gia")"
+PROSODY_CONTAINER="$(name_with_stack "prosody_gia")"
REDIS_DATA_DIR="${QUADLET_REDIS_DATA_DIR:-$ROOT_DIR/.podman/gia_redis_data}"
WHATSAPP_DATA_DIR="${QUADLET_WHATSAPP_DATA_DIR:-$ROOT_DIR/.podman/gia_whatsapp_data}"
SQLITE_DATA_DIR="${QUADLET_SQLITE_DATA_DIR:-$ROOT_DIR/.podman/gia_sqlite_data}"
+PROSODY_CONFIG_FILE="${QUADLET_PROSODY_CONFIG_FILE:-$ROOT_DIR/utilities/prosody/prosody.cfg.lua}"
+PROSODY_CERTS_DIR="${QUADLET_PROSODY_CERTS_DIR:-$ROOT_DIR/.podman/gia_prosody_certs}"
+PROSODY_DATA_DIR="${QUADLET_PROSODY_DATA_DIR:-$ROOT_DIR/.podman/gia_prosody_data}"
+PROSODY_LOGS_DIR="${QUADLET_PROSODY_LOGS_DIR:-$ROOT_DIR/.podman/gia_prosody_logs}"
+PROSODY_ENABLED="${PROSODY_ENABLED:-false}"
if [[ -n "${STACK_ID}" ]]; then
VRUN_DIR="/code/vrun/${STACK_ID}"
else
@@ -41,6 +47,7 @@ load_env() {
set -a
. "$STACK_ENV"
set +a
+ PROSODY_ENABLED="${PROSODY_ENABLED:-false}"
}
is_remote() {
@@ -64,7 +71,7 @@ require_podman() {
}
ensure_dirs() {
- mkdir -p "$REDIS_DATA_DIR" "$WHATSAPP_DATA_DIR" "$SQLITE_DATA_DIR" "$VRUN_DIR" "$ROOT_DIR/signal-cli-config"
+ mkdir -p "$REDIS_DATA_DIR" "$WHATSAPP_DATA_DIR" "$SQLITE_DATA_DIR" "$VRUN_DIR" "$ROOT_DIR/signal-cli-config" "$PROSODY_CERTS_DIR" "$PROSODY_DATA_DIR" "$PROSODY_LOGS_DIR"
chmod 0777 "$SQLITE_DATA_DIR" 2>/dev/null || true
# Container runs as uid 1000 (xf); rootless Podman remaps uids so plain
# chown won't work — podman unshare translates to the correct host uid.
@@ -153,6 +160,7 @@ down_stack() {
rm_if_exists "$UR_CONTAINER"
rm_if_exists "$SCHED_CONTAINER"
rm_if_exists "$CODEX_WORKER_CONTAINER"
+ rm_if_exists "$PROSODY_CONTAINER"
}
start_stack() {
@@ -179,8 +187,21 @@ start_stack() {
port_offset="${port_offset:-0}"
local app_port="${APP_PORT:-$((5006 + port_offset))}"
local signal_port="${SIGNAL_PUBLIC_PORT:-$((8080 + port_offset))}"
+ local prosody_c2s_port="${PROSODY_PUBLIC_C2S_PORT:-5222}"
+ local prosody_s2s_port="${PROSODY_PUBLIC_S2S_PORT:-5269}"
+ local prosody_component_port="${PROSODY_PUBLIC_COMPONENT_PORT:-8888}"
+ local prosody_http_port="${PROSODY_PUBLIC_HTTP_PORT:-5280}"
- podman pod create --name "$POD_NAME" -p "${app_port}:8000" -p "${signal_port}:8080" >/dev/null
+ local pod_args=(--name "$POD_NAME" -p "${app_port}:8000" -p "${signal_port}:8080")
+ if [[ "$PROSODY_ENABLED" == "true" ]]; then
+ pod_args+=(
+ -p "${prosody_c2s_port}:5222"
+ -p "${prosody_s2s_port}:5269"
+ -p "${prosody_component_port}:8888"
+ -p "${prosody_http_port}:5280"
+ )
+ fi
+ podman pod create "${pod_args[@]}" >/dev/null
podman run -d \
--replace \
@@ -200,6 +221,19 @@ start_stack() {
-v "$ROOT_DIR/signal-cli-config:/home/.local/share/signal-cli" \
docker.io/bbernhard/signal-cli-rest-api:latest >/dev/null
+ if [[ "$PROSODY_ENABLED" == "true" ]]; then
+ podman run -d \
+ --replace \
+ --name "$PROSODY_CONTAINER" \
+ --pod "$POD_NAME" \
+ -v "$PROSODY_CONFIG_FILE:/etc/prosody/prosody.cfg.lua:ro" \
+ -v "$PROSODY_CERTS_DIR:/etc/prosody/certs" \
+ -v "$PROSODY_DATA_DIR:/var/lib/prosody" \
+ -v "$PROSODY_LOGS_DIR:/var/log/prosody" \
+ -v "$REPO_DIR:/code" \
+ docker.io/prosody/prosody:0.12 >/dev/null
+ fi
+
wait_for_redis_socket
run_oneshot_container "$MIGRATION_CONTAINER" ". /venv/bin/activate && python manage.py migrate --noinput"
@@ -238,15 +272,21 @@ case "${1:-}" in
;;
status)
require_podman
+ load_env
podman pod ps --format "table {{.Name}}\t{{.Status}}" | grep -E "^$POD_NAME\b" || true
- podman ps --format "table {{.Names}}\t{{.Status}}" | grep -E "^($APP_CONTAINER|$ASGI_CONTAINER|$UR_CONTAINER|$SCHED_CONTAINER|$CODEX_WORKER_CONTAINER|$REDIS_CONTAINER|$SIGNAL_CONTAINER)\b" || true
+ podman ps --format "table {{.Names}}\t{{.Status}}" | grep -E "^($APP_CONTAINER|$ASGI_CONTAINER|$UR_CONTAINER|$SCHED_CONTAINER|$CODEX_WORKER_CONTAINER|$REDIS_CONTAINER|$SIGNAL_CONTAINER|$PROSODY_CONTAINER)\b" || true
;;
logs)
require_podman
+ load_env
if is_remote; then
podman logs -f "$APP_CONTAINER"
else
- podman logs -f "$APP_CONTAINER" "$ASGI_CONTAINER" "$UR_CONTAINER" "$SCHED_CONTAINER" "$CODEX_WORKER_CONTAINER" "$REDIS_CONTAINER" "$SIGNAL_CONTAINER"
+ local log_targets=("$APP_CONTAINER" "$ASGI_CONTAINER" "$UR_CONTAINER" "$SCHED_CONTAINER" "$CODEX_WORKER_CONTAINER" "$REDIS_CONTAINER" "$SIGNAL_CONTAINER")
+ if [[ "$PROSODY_ENABLED" == "true" ]]; then
+ log_targets+=("$PROSODY_CONTAINER")
+ fi
+ podman logs -f "${log_targets[@]}"
fi
;;
watch)
diff --git a/stack.env.example b/stack.env.example
index 2eaabd5..596d92b 100644
--- a/stack.env.example
+++ b/stack.env.example
@@ -22,3 +22,19 @@ REGISTRATION_OPEN=0
OPERATION=uwsgi
BILLING_ENABLED=0
COMPOSE_WS_ENABLED=true
+EVENT_LEDGER_DUAL_WRITE=true
+CAPABILITY_ENFORCEMENT_ENABLED=true
+TRACE_PROPAGATION_ENABLED=true
+EVENT_PRIMARY_WRITE_PATH=false
+
+# XMPP component bridge (UR -> Prosody)
+XMPP_ADDRESS=127.0.0.1
+XMPP_JID=jews.example.com
+XMPP_PORT=8888
+XMPP_SECRET=
+
+# Optional Prosody container storage/config paths used by utilities/prosody/manage_prosody_container.sh
+QUADLET_PROSODY_CONFIG_FILE=./utilities/prosody/prosody.cfg.lua
+QUADLET_PROSODY_CERTS_DIR=./.podman/gia_prosody_certs
+QUADLET_PROSODY_DATA_DIR=./.podman/gia_prosody_data
+QUADLET_PROSODY_LOGS_DIR=./.podman/gia_prosody_logs
diff --git a/utilities/prosody/auth_django.py b/utilities/prosody/auth_django.py
new file mode 100755
index 0000000..ae29764
--- /dev/null
+++ b/utilities/prosody/auth_django.py
@@ -0,0 +1,87 @@
+import argparse
+import os
+import sys
+
+import django
+
+LOG_PATH = os.environ.get("AUTH_DEBUG_LOG", "/tmp/auth_debug.log")
+
+
+def log(data):
+ try:
+ with open(LOG_PATH, "a") as f:
+ f.write(f"{data}\n")
+ except Exception:
+ pass
+
+
+# Set up Django environment
+os.environ.setdefault("DJANGO_SETTINGS_MODULE", "app.settings") # Adjust if needed
+django.setup()
+
+from django.contrib.auth import authenticate # noqa: E402
+from django.contrib.auth.models import User # noqa: E402
+
+
+def check_credentials(username, password):
+ """Authenticate user via Django"""
+ user = authenticate(username=username, password=password)
+ return user is not None and user.is_active
+
+
+def _handle_line(line: str) -> str:
+ parts = line.split(":")
+ if len(parts) < 3:
+ return "0"
+
+ command, username, domain = parts[:3]
+ _ = domain
+ password = ":".join(parts[3:]) if len(parts) > 3 else None
+
+ if command == "auth":
+ return "1" if (password and check_credentials(username, password)) else "0"
+ if command == "isuser":
+ return "1" if User.objects.filter(username=username).exists() else "0"
+ if command == "setpass":
+ return "0"
+ return "0"
+
+
+def _readline() -> tuple[str | None, bool]:
+ raw = sys.stdin.readline()
+ if raw == "":
+ return None, True
+ return raw.rstrip("\r\n"), False
+
+
+def main(*, once: bool = False):
+ """Process authentication requests from Prosody."""
+ while True:
+ try:
+ line, eof = _readline()
+ if eof:
+ break
+ if line is None:
+ break
+ if line == "":
+ if once:
+ print("0", flush=True)
+ return
+ continue
+
+ result = _handle_line(line)
+ print(result, flush=True)
+ if once:
+ return
+ except Exception as e:
+ log(f"Error: {str(e)}")
+ print("0", flush=True)
+ if once:
+ return
+
+
+if __name__ == "__main__":
+ parser = argparse.ArgumentParser(add_help=False)
+ parser.add_argument("--once", action="store_true")
+ args, _unknown = parser.parse_known_args()
+ main(once=bool(args.once))
diff --git a/utilities/prosody/auth_django.sh b/utilities/prosody/auth_django.sh
new file mode 100755
index 0000000..d31d659
--- /dev/null
+++ b/utilities/prosody/auth_django.sh
@@ -0,0 +1,26 @@
+#!/bin/sh
+set -eu
+
+AUTH_PY_IN_CONTAINER="/code/utilities/prosody/auth_django.py"
+STACK_ID="${GIA_STACK_ID:-${STACK_ID:-}}"
+STACK_ID="$(echo "$STACK_ID" | tr -cs 'a-zA-Z0-9._-' '-' | sed 's/^-*//; s/-*$//')"
+if [ -n "$STACK_ID" ]; then
+ GIA_CONTAINER="gia_${STACK_ID}"
+else
+ GIA_CONTAINER="gia"
+fi
+
+# Prosody external auth uses line-oriented stdin/stdout.
+# We execute one short-lived auth check per line to avoid stale stdin issues
+# in long-lived `podman exec -i` sessions after disconnects/restarts.
+while IFS= read -r line; do
+ if [ -z "$line" ]; then
+ printf '0\n'
+ continue
+ fi
+ printf '%s\n' "$line" | podman exec -i "$GIA_CONTAINER" sh -lc '
+ cd /code &&
+ . /venv/bin/activate &&
+ exec python -u '"$AUTH_PY_IN_CONTAINER"' --once
+ '
+done
diff --git a/utilities/prosody/manage_prosody_container.sh b/utilities/prosody/manage_prosody_container.sh
new file mode 100755
index 0000000..8157259
--- /dev/null
+++ b/utilities/prosody/manage_prosody_container.sh
@@ -0,0 +1,83 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+ROOT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")/../.." && pwd)"
+STACK_ENV="${STACK_ENV:-$ROOT_DIR/stack.env}"
+
+if [[ -f "$STACK_ENV" ]]; then
+ set -a
+ . "$STACK_ENV"
+ set +a
+fi
+
+STACK_ID="${GIA_STACK_ID:-${STACK_ID:-}}"
+STACK_ID="$(echo "$STACK_ID" | tr -cs 'a-zA-Z0-9._-' '-' | sed 's/^-*//; s/-*$//')"
+
+name_with_stack() {
+ local base="$1"
+ if [[ -n "$STACK_ID" ]]; then
+ echo "${base}_${STACK_ID}"
+ else
+ echo "$base"
+ fi
+}
+
+POD_NAME="$(name_with_stack "gia")"
+PROSODY_CONTAINER="$(name_with_stack "prosody_gia")"
+
+PROSODY_CONFIG_FILE="${QUADLET_PROSODY_CONFIG_FILE:-$ROOT_DIR/utilities/prosody/prosody.cfg.lua}"
+PROSODY_CERTS_DIR="${QUADLET_PROSODY_CERTS_DIR:-$ROOT_DIR/.podman/gia_prosody_certs}"
+PROSODY_DATA_DIR="${QUADLET_PROSODY_DATA_DIR:-$ROOT_DIR/.podman/gia_prosody_data}"
+PROSODY_LOGS_DIR="${QUADLET_PROSODY_LOGS_DIR:-$ROOT_DIR/.podman/gia_prosody_logs}"
+
+mkdir -p "$PROSODY_CERTS_DIR" "$PROSODY_DATA_DIR" "$PROSODY_LOGS_DIR"
+
+up() {
+ podman run -d \
+ --replace \
+ --name "$PROSODY_CONTAINER" \
+ --pod "$POD_NAME" \
+ -v "$PROSODY_CONFIG_FILE:/etc/prosody/prosody.cfg.lua:ro" \
+ -v "$PROSODY_CERTS_DIR:/etc/prosody/certs" \
+ -v "$PROSODY_DATA_DIR:/var/lib/prosody" \
+ -v "$PROSODY_LOGS_DIR:/var/log/prosody" \
+ -v "$ROOT_DIR:/code" \
+ docker.io/prosody/prosody:0.12 >/dev/null
+ echo "Started $PROSODY_CONTAINER in pod $POD_NAME"
+}
+
+down() {
+ podman rm -f "$PROSODY_CONTAINER" >/dev/null 2>&1 || true
+ echo "Stopped $PROSODY_CONTAINER"
+}
+
+status() {
+ podman ps --format "table {{.Names}}\t{{.Status}}" | grep -E "^$PROSODY_CONTAINER\b" || true
+}
+
+logs() {
+ podman logs -f "$PROSODY_CONTAINER"
+}
+
+case "${1:-}" in
+ up)
+ up
+ ;;
+ down)
+ down
+ ;;
+ restart)
+ down
+ up
+ ;;
+ status)
+ status
+ ;;
+ logs)
+ logs
+ ;;
+ *)
+ echo "Usage: $0 {up|down|restart|status|logs}" >&2
+ exit 2
+ ;;
+esac
diff --git a/utilities/prosody/prosody.cfg.lua b/utilities/prosody/prosody.cfg.lua
new file mode 100644
index 0000000..4a38160
--- /dev/null
+++ b/utilities/prosody/prosody.cfg.lua
@@ -0,0 +1,74 @@
+sasl_mechanisms = { "PLAIN", "SCRAM-SHA-1", "SCRAM-SHA-256" }
+
+daemonize = false
+pidfile = "/run/prosody/prosody.pid"
+
+admins = { "mm@zm.is" }
+
+modules_enabled = {
+ "disco";
+ "roster";
+ "saslauth";
+ "tls";
+ "blocklist";
+ "bookmarks";
+ "carbons";
+ "dialback";
+ "limits";
+ "pep";
+ "private";
+ "smacks";
+ "vcard4";
+ "vcard_legacy";
+ "cloud_notify";
+ "csi_simple";
+ "invites";
+ "invites_adhoc";
+ "invites_register";
+ "ping";
+ "time";
+ "uptime";
+ "version";
+ "mam";
+ "turn_external";
+ "admin_adhoc";
+ "admin_shell";
+ "announce";
+ "auth_external_insecure";
+ "http";
+}
+
+s2s_secure_auth = true
+
+limits = {
+ c2s = { rate = "10mb/s"; };
+ s2sin = { rate = "100mb/s"; };
+}
+
+authentication = "external_insecure"
+archive_expires_after = "1w"
+
+log = {
+ error = "/var/log/prosody/prosody.err";
+ info = "/var/log/prosody/prosody.log";
+ debug = "/var/log/prosody/prosody-debug.log";
+}
+
+certificates = "certs"
+
+component_ports = { 8888 }
+component_interfaces = { "0.0.0.0" }
+
+VirtualHost "zm.is"
+ authentication = "external_insecure"
+ external_auth_command = "/code/utilities/prosody/auth_django.sh"
+ certificate = "/etc/prosody/certs/cert.pem"
+
+Component "jews.zm.is"
+ component_secret = "REepvw+QeX3ZzfmRSbBMKQhyiPd5bFowesnYuiiYbiYy2ZQVXvayxmsB"
+
+Component "share.zm.is" "http_file_share"
+
+http_ports = { 5280 }
+http_interfaces = { "0.0.0.0", "::" }
+http_external_url = "https://share.zm.is/"
diff --git a/utilities/prosody/renew_prosody_cert.sh b/utilities/prosody/renew_prosody_cert.sh
new file mode 100755
index 0000000..bd6a971
--- /dev/null
+++ b/utilities/prosody/renew_prosody_cert.sh
@@ -0,0 +1,43 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+# Run as root from host. This script pipes certificate material through the
+# `code` user into the Prosody container via podman exec.
+
+DOMAIN="${DOMAIN:-zm.is}"
+STACK_ID="${GIA_STACK_ID:-${STACK_ID:-}}"
+STACK_ID="$(echo "$STACK_ID" | tr -cs 'a-zA-Z0-9._-' '-' | sed 's/^-*//; s/-*$//')"
+
+if [[ -n "$STACK_ID" ]]; then
+ PROSODY_CONTAINER_DEFAULT="prosody_gia_${STACK_ID}"
+else
+ PROSODY_CONTAINER_DEFAULT="prosody_gia"
+fi
+PROSODY_CONTAINER="${PROSODY_CONTAINER:-$PROSODY_CONTAINER_DEFAULT}"
+
+FULLCHAIN_PATH="${FULLCHAIN_PATH:-/root/.acme.sh/${DOMAIN}/fullchain.cer}"
+KEY_PATH="${KEY_PATH:-/root/.acme.sh/${DOMAIN}/${DOMAIN}.key}"
+CERT_PATH_IN_CONTAINER="${CERT_PATH_IN_CONTAINER:-/etc/prosody/certs/cert.pem}"
+
+if [[ "$(id -u)" -ne 0 ]]; then
+ echo "This script must run as root." >&2
+ exit 1
+fi
+
+if [[ ! -r "$FULLCHAIN_PATH" ]]; then
+ echo "Missing or unreadable fullchain: $FULLCHAIN_PATH" >&2
+ exit 1
+fi
+
+if [[ ! -r "$KEY_PATH" ]]; then
+ echo "Missing or unreadable key: $KEY_PATH" >&2
+ exit 1
+fi
+
+cat "$FULLCHAIN_PATH" "$KEY_PATH" \
+ | sed '/^$/d' \
+ | su -s /bin/sh code -c "podman exec -i $PROSODY_CONTAINER sh -lc 'cat > $CERT_PATH_IN_CONTAINER'"
+
+su -s /bin/sh code -c "podman exec $PROSODY_CONTAINER sh -lc 'chown prosody:prosody $CERT_PATH_IN_CONTAINER && chmod 0600 $CERT_PATH_IN_CONTAINER && prosodyctl reload'"
+
+echo "Prosody certificate updated and reloaded in container: $PROSODY_CONTAINER"