managarten

till/managarten

Fork 0

mirror of https://github.com/Memo-2023/mana-monorepo.git synced 2026-05-14 18:01:09 +02:00

Commit graph

Author	SHA1	Message	Date
Till JS	493db0c3b2	feat(personas): M2.a-c — persona schemas + admin endpoints + seed pipeline Continuation of docs/plans/mana-mcp-and-personas.md. Personas are the auto-test users the M3 runner will drive — they're real Mana users (kind='persona', tier='founder'), registered through the same Better Auth pipeline as humans, just stamped differently and metadata-tracked so the persona-runner knows how to role-play them. Schemas (auth namespace — personas are 1:1 with users, no reason for a separate platform.* schema that the plan originally sketched) - userKindEnum ('human' \| 'persona' \| 'system') + users.kind column, wired into better-auth additionalFields so the JWT/user object carry the flag. Default 'human' keeps every existing user untouched. - auth.personas — 1:1 descriptor (archetype, systemPrompt, moduleMix jsonb, tickCadence, lastActiveAt). CASCADE from users.id. - auth.persona_actions — tick-grouped audit of every tool call the runner makes (toolName, inputHash for dedup, result, latency). - auth.persona_feedback — structured 1-5 ratings per module per tick, plus free-text notes. This is where the runner writes the self-reflection step at end of each tick. Admin endpoints (/api/v1/admin/personas, admin-tier-gated) - POST / create-or-update by email. Uses auth.api.signUpEmail if the user's new, then stamps kind+tier+verified and upserts the personas row. Idempotent — safe to re-run after catalog edits. - GET / list with 7-day action count per persona. - GET /:id detail + recent 20 actions + per-module feedback aggregate. - DELETE /:id hard delete. Refuses non-persona users as defense-in-depth: an admin typo here would cascade through the full user-delete chain. Catalog + seed pipeline (scripts/personas/) - catalog.json 10 handwritten personas spanning 7 archetypes (adhd-student, ceo-busy, creative-parent, solo-dev, researcher, freelancer, overwhelmed-newbie). Five pairs of personas that will later share family/team spaces (cross-space setup is deferred to M2.d per the plan). - catalog.ts zod-validated loader. Refines email to require @mana.test TLD — non-existent, no bounce risk. - password.ts deterministic HMAC-SHA256(PERSONA_SEED_SECRET, email). No stored per-persona credentials; the runner re-derives on every login. Refuses the dev-fallback secret in production. - seed.ts POST /admin/personas per catalog entry. Flags: --auth=, --jwt=, --dry-run. - cleanup.ts Hard-delete every live persona. Warns when the live set drifts from the catalog. Root package.json: pnpm seed:personas pnpm seed:personas:cleanup Extends the ESLint root-ignore list with `scripts/**` so Bun-typed utility scripts don't fail the typed-parser check they weren't opted into. Consistent with the rest of scripts/ being .mjs+.sh. To go live (user action): pnpm docker:up cd services/mana-auth && bun run db:push export MANA_ADMIN_JWT=... pnpm seed:personas M2.d deferred: cross-space (family/team/practice) memberships between persona pairs. Better Auth's org-invite flow is multi-step and would roughly double the M2 scope; the persona-runner (M3) can operate in personal spaces first, shared-space tests land as their own milestone. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-04-23 13:55:14 +02:00
Till JS	16c8818338	feat(mcp): M1+M1.5 MCP gateway + tool-registry + shared-crypto Foundation for autonomous Claude-driven testing. Plan: docs/plans/mana-mcp-and-personas.md. New packages - @mana/tool-registry — schema-first ToolSpec<InputSchema, OutputSchema> with zod generics, scope ('user-space' \| 'admin') and policyHint ('read' \| 'write' \| 'destructive'). sync-client helpers speak the mana-sync push/pull protocol directly so RLS and field-level LWW are preserved. MasterKeyClient fetches per-user MKs via the existing mana-auth GET /api/v1/me/encryption-vault/key endpoint (JWT-gated, ZK-aware, already audited) — no new service-key endpoint built. ZeroKnowledgeUserError surfaced as a typed throw. - @mana/shared-crypto — AES-GCM-256 primitives extracted from the web app's $lib/data/crypto/aes.ts so the server-side tool handlers and the browser produce byte-for-byte identical wire format (enc:1:{b64(iv)}.{b64(ct)}). Web app aes.ts now re-exports from shared-crypto — 5 existing importers unchanged, svelte-check stays green. New service - services/mana-mcp (:3069, Bun/Hono) — MCP Streamable HTTP gateway. JWKS auth against mana-auth, per-user session isolation (session-id belongs to the user who opened it — cross-user access returns 403), admin-scoped tools filtered out before registration. MasterKeyClient cached per process with a 5-minute TTL. 11 tools registered - habits.{create,list,update,archive}, spaces.list (plaintext, M1) - todo.{create,list,complete}, notes.{create,search}, journal.add (encrypted — field lists match apps/mana/apps/web/src/lib/data/crypto/registry.ts verbatim) Infra - Port 3069 added to docs/PORT_SCHEMA.md - services/mana-mcp/CLAUDE.md with architecture, auth model, tool-authoring recipe, local smoke-test steps - Root CLAUDE.md services list updated Type-check green across shared-crypto, mana-tool-registry, mana-mcp. svelte-check on apps/mana/apps/web stays at 0 errors / 0 warnings. Boot smoke verified: /health returns registry.loaded=true, unauthed /mcp → 401, invalid-JWT /mcp → 401 with descriptive message. Decisions locked in for later milestones (per plan D1–D10): - Personas will be real mana-auth users (users.kind='persona'), no service-key bypass (D1, D2) - Tool-registry is the SSOT; mana-ai and the legacy apps/api/src/mcp/server.ts get merged into it in M4 (three current parallel tool catalogs collapse to one) - Persona-runner (:3070) will be a separate service using the Claude Agent SDK + MCP client (D5) Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-04-23 13:18:35 +02:00

Author

SHA1

Message

Date

Till JS

493db0c3b2

feat(personas): M2.a-c — persona schemas + admin endpoints + seed pipeline

Continuation of docs/plans/mana-mcp-and-personas.md. Personas are the
auto-test users the M3 runner will drive — they're real Mana users
(kind='persona', tier='founder'), registered through the same Better
Auth pipeline as humans, just stamped differently and metadata-tracked
so the persona-runner knows how to role-play them.

Schemas (auth namespace — personas are 1:1 with users, no reason for a
separate platform.* schema that the plan originally sketched)

- userKindEnum ('human' | 'persona' | 'system') + users.kind column,
  wired into better-auth additionalFields so the JWT/user object carry
  the flag. Default 'human' keeps every existing user untouched.
- auth.personas — 1:1 descriptor (archetype, systemPrompt, moduleMix
  jsonb, tickCadence, lastActiveAt). CASCADE from users.id.
- auth.persona_actions — tick-grouped audit of every tool call the
  runner makes (toolName, inputHash for dedup, result, latency).
- auth.persona_feedback — structured 1-5 ratings per module per tick,
  plus free-text notes. This is where the runner writes the
  self-reflection step at end of each tick.

Admin endpoints (/api/v1/admin/personas, admin-tier-gated)

- POST /            create-or-update by email. Uses auth.api.signUpEmail
                    if the user's new, then stamps kind+tier+verified
                    and upserts the personas row. Idempotent — safe to
                    re-run after catalog edits.
- GET  /            list with 7-day action count per persona.
- GET  /:id         detail + recent 20 actions + per-module feedback
                    aggregate.
- DELETE /:id       hard delete. Refuses non-persona users as
                    defense-in-depth: an admin typo here would cascade
                    through the full user-delete chain.

Catalog + seed pipeline (scripts/personas/)

- catalog.json      10 handwritten personas spanning 7 archetypes
                    (adhd-student, ceo-busy, creative-parent, solo-dev,
                    researcher, freelancer, overwhelmed-newbie).
                    Five pairs of personas that will later share
                    family/team spaces (cross-space setup is deferred
                    to M2.d per the plan).
- catalog.ts        zod-validated loader. Refines email to require
                    @mana.test TLD — non-existent, no bounce risk.
- password.ts       deterministic HMAC-SHA256(PERSONA_SEED_SECRET,
                    email). No stored per-persona credentials; the
                    runner re-derives on every login. Refuses the
                    dev-fallback secret in production.
- seed.ts           POST /admin/personas per catalog entry. Flags:
                    --auth=, --jwt=, --dry-run.
- cleanup.ts        Hard-delete every live persona. Warns when the
                    live set drifts from the catalog.

Root package.json:
  pnpm seed:personas
  pnpm seed:personas:cleanup

Extends the ESLint root-ignore list with `scripts/**` so Bun-typed
utility scripts don't fail the typed-parser check they weren't opted
into. Consistent with the rest of scripts/ being .mjs+.sh.

To go live (user action):
  pnpm docker:up
  cd services/mana-auth && bun run db:push
  export MANA_ADMIN_JWT=...
  pnpm seed:personas

M2.d deferred: cross-space (family/team/practice) memberships between
persona pairs. Better Auth's org-invite flow is multi-step and would
roughly double the M2 scope; the persona-runner (M3) can operate in
personal spaces first, shared-space tests land as their own milestone.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

2026-04-23 13:55:14 +02:00

Till JS

16c8818338

feat(mcp): M1+M1.5 MCP gateway + tool-registry + shared-crypto

Foundation for autonomous Claude-driven testing. Plan:
docs/plans/mana-mcp-and-personas.md.

New packages
- @mana/tool-registry — schema-first ToolSpec<InputSchema, OutputSchema>
  with zod generics, scope ('user-space' | 'admin') and policyHint
  ('read' | 'write' | 'destructive'). sync-client helpers speak the
  mana-sync push/pull protocol directly so RLS and field-level LWW are
  preserved. MasterKeyClient fetches per-user MKs via the existing
  mana-auth GET /api/v1/me/encryption-vault/key endpoint (JWT-gated,
  ZK-aware, already audited) — no new service-key endpoint built.
  ZeroKnowledgeUserError surfaced as a typed throw.
- @mana/shared-crypto — AES-GCM-256 primitives extracted from the web
  app's $lib/data/crypto/aes.ts so the server-side tool handlers and the
  browser produce byte-for-byte identical wire format
  (enc:1:{b64(iv)}.{b64(ct)}). Web app aes.ts now re-exports from
  shared-crypto — 5 existing importers unchanged, svelte-check stays
  green.

New service
- services/mana-mcp (:3069, Bun/Hono) — MCP Streamable HTTP gateway.
  JWKS auth against mana-auth, per-user session isolation (session-id
  belongs to the user who opened it — cross-user access returns 403),
  admin-scoped tools filtered out before registration. MasterKeyClient
  cached per process with a 5-minute TTL.

11 tools registered
- habits.{create,list,update,archive}, spaces.list (plaintext, M1)
- todo.{create,list,complete}, notes.{create,search}, journal.add
  (encrypted — field lists match
  apps/mana/apps/web/src/lib/data/crypto/registry.ts verbatim)

Infra
- Port 3069 added to docs/PORT_SCHEMA.md
- services/mana-mcp/CLAUDE.md with architecture, auth model,
  tool-authoring recipe, local smoke-test steps
- Root CLAUDE.md services list updated

Type-check green across shared-crypto, mana-tool-registry, mana-mcp.
svelte-check on apps/mana/apps/web stays at 0 errors / 0 warnings.
Boot smoke verified: /health returns registry.loaded=true, unauthed
/mcp → 401, invalid-JWT /mcp → 401 with descriptive message.

Decisions locked in for later milestones (per plan D1–D10):
- Personas will be real mana-auth users (users.kind='persona'), no
  service-key bypass (D1, D2)
- Tool-registry is the SSOT; mana-ai and the legacy
  apps/api/src/mcp/server.ts get merged into it in M4 (three current
  parallel tool catalogs collapse to one)
- Persona-runner (:3070) will be a separate service using the Claude
  Agent SDK + MCP client (D5)

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

2026-04-23 13:18:35 +02:00

2 commits