Skip to main content

oxios_kernel/
event_bus.rs

1//! Event bus: inter-agent communication via `oxi_sdk::EventBus<KernelEvent>`.
2//!
3//! The event bus is the "pipe" of Oxios. All agents communicate
4//! through kernel events published on the bus.
5//!
6//! After RFC-014 Phase C, this module no longer owns the broadcast channel —
7//! it reuses `oxi_sdk::EventBus<E>`, which is a generic wrapper over
8//! `tokio::sync::broadcast`. The only Oxios-specific bits are:
9//!
10//! - `KernelEvent` enum (oxios-internal event vocabulary)
11//! - `kernel_event_to_audit_action` mapping for the audit trail
12//! - `attach_audit_trail` helper (subscribes the bus to the trail)
13
14use oxi_sdk::EventBus as SdkEventBus;
15use oxi_sdk::observability::{AuditAction, AuditTrail};
16use serde::{Deserialize, Serialize};
17use std::sync::Arc;
18use uuid::Uuid;
19
20use crate::types::AgentId;
21
22/// Kernel event bus — generic SDK bus specialised for `KernelEvent`.
23///
24/// The broadcast channel is owned by `oxi_sdk::EventBus`; this type alias
25/// just makes the call sites read more naturally (`crate::event_bus::EventBus`
26/// instead of `oxi_sdk::EventBus<KernelEvent>`).
27pub type EventBus = SdkEventBus<KernelEvent>;
28
29/// Events that flow through the kernel event bus.
30#[derive(Debug, Clone, Serialize, Deserialize)]
31pub enum KernelEvent {
32    /// A new agent has been created.
33    AgentCreated {
34        /// The new agent's ID.
35        id: AgentId,
36        /// The agent's name/goal.
37        name: String,
38    },
39    /// An agent has started executing.
40    AgentStarted {
41        /// The agent's ID.
42        id: AgentId,
43    },
44    /// An agent has been stopped.
45    ///
46    /// Carries `success` so consumers can distinguish a normal completion
47    /// (`success: true`) from an evaluation/assessment failure
48    /// (`success: false`). Infrastructure errors (panic, timeout) emit
49    /// `AgentFailed` instead.
50    AgentStopped {
51        /// The agent's ID.
52        id: AgentId,
53        /// Whether the agent's result passed evaluation. Mirrors
54        /// `ExecutionResult.success` from the Ok path; `false` on the
55        /// kill/terminate path (user-initiated stop).
56        #[serde(default)]
57        success: bool,
58    },
59    /// An agent has encountered a failure.
60    AgentFailed {
61        /// The agent's ID.
62        id: AgentId,
63        /// Description of the error.
64        error: String,
65    },
66    /// A message has been received from an agent.
67    MessageReceived {
68        /// The sending agent's ID.
69        from: AgentId,
70        /// Message content.
71        content: String,
72    },
73    /// An agent has produced output.
74    AgentOutput {
75        /// The session this output belongs to.
76        session_id: String,
77        /// The agent's ID.
78        agent_id: AgentId,
79        /// The output content.
80        output: String,
81    },
82    /// A HitL approval request has been submitted.
83    ApprovalRequested {
84        /// The approval request ID.
85        id: uuid::Uuid,
86        /// The tool requesting approval.
87        tool_name: String,
88        /// The action requiring approval.
89        action: String,
90        /// The resource involved.
91        resource: String,
92        /// Reason for the request.
93        reason: String,
94        /// The session ID that triggered this request.
95        session_id: Option<String>,
96    },
97    /// A HitL approval has been resolved (approved or rejected).
98    ApprovalResolved {
99        /// The approval request ID.
100        id: uuid::Uuid,
101        /// Whether it was approved (true) or rejected (false).
102        approved: bool,
103    },
104    /// A memory entry was stored.
105    MemoryStored {
106        /// Memory entry ID.
107        id: String,
108        /// Memory type label.
109        memory_type: String,
110        /// Source of the memory.
111        source: String,
112    },
113    /// Memories were recalled for a new session.
114    MemoryRecalled {
115        /// The recall query.
116        query: String,
117        /// Number of memories returned.
118        count: usize,
119    },
120    /// Multi-agent group created.
121    AgentGroupCreated {
122        /// The group's ID.
123        group_id: uuid::Uuid,
124        /// Number of agents in the group.
125        agent_count: usize,
126    },
127    /// An agent in a group completed.
128    AgentGroupMemberCompleted {
129        /// The group's ID.
130        group_id: uuid::Uuid,
131        /// The agent's ID.
132        agent_id: uuid::Uuid,
133        /// Whether the agent succeeded.
134        success: bool,
135    },
136    /// A new Project has been created (RFC-011).
137    ProjectCreated {
138        /// The project's ID.
139        project_id: uuid::Uuid,
140        /// The project's name.
141        name: String,
142        /// How it was created.
143        source: String,
144    },
145    /// A Project has been activated (RFC-011).
146    ProjectActivated {
147        /// The project's ID.
148        project_id: uuid::Uuid,
149        /// The project's name.
150        name: String,
151    },
152
153    // ── RFC-015 Chat Transparency ─────────────────────────────
154    // Real-time events emitted by AgentRuntime during tool execution
155    // and streaming. Web channel converts these to WS chunks.
156    /// A tool execution has started (real-time, RFC-015).
157    ToolExecutionStarted {
158        /// Session this tool call belongs to.
159        session_id: String,
160        /// Name of the tool (e.g. "read_file", "bash", "memory_recall").
161        tool_name: String,
162        /// Provider-specific tool call ID used to correlate start/end.
163        tool_call_id: String,
164        /// Tool input arguments (JSON).
165        tool_args: serde_json::Value,
166        /// Semantic context inferred by oxi-agent 0.32+ from tool name/args
167        /// (e.g. WebSearch, PageVisit). `None` for tools without context mapping.
168        #[serde(default, skip_serializing_if = "Option::is_none")]
169        context: Option<serde_json::Value>,
170    },
171    /// A tool execution has finished (real-time, RFC-015).
172    ToolExecutionFinished {
173        /// Session this tool call belongs to.
174        session_id: String,
175        /// Provider-specific tool call ID.
176        tool_call_id: String,
177        /// Name of the tool.
178        tool_name: String,
179        /// Wall-clock duration in milliseconds.
180        duration_ms: u64,
181        /// Whether the tool returned an error.
182        is_error: bool,
183        /// Truncated output (max ~500 chars) for streaming.
184        output_summary: String,
185    },
186    /// A tool execution emitted a progress update (real-time, RFC-015).
187    ToolExecutionProgress {
188        /// Session this tool call belongs to.
189        session_id: String,
190        /// Provider-specific tool call ID.
191        tool_call_id: String,
192        /// Name of the tool.
193        tool_name: String,
194        /// Human-readable progress text (already-formatted by the tool).
195        progress: String,
196        /// Tab that emitted this progress event, if the upstream tool tracks
197        /// tabs. `None` for tools that don't have a tab concept (e.g. legacy
198        /// oxi-agent versions that don't propagate `tab_id`).
199        #[serde(default, skip_serializing_if = "Option::is_none")]
200        tab_id: Option<Uuid>,
201        /// Semantic context from the tool call (e.g. PageVisit, WebSearch).
202        /// Stored as `serde_json::Value` to decouple kernel events from
203        /// oxi-sdk's internal `ToolCallContext` enum. UI consumers that
204        /// understand a context variant render it richly; older consumers
205        /// simply ignore the field.
206        #[serde(default, skip_serializing_if = "Option::is_none")]
207        context: Option<serde_json::Value>,
208    },
209    /// Memory was recalled during agent execution (RFC-015).
210    MemoryRecallUsed {
211        /// Session this recall belongs to.
212        session_id: String,
213        /// The recall query.
214        query: String,
215        /// Number of memories returned.
216        count: usize,
217        /// Memory tier source ("hot" | "warm" | "cold").
218        source: String,
219    },
220    /// Token usage update (RFC-015).
221    TokenUsageUpdate {
222        /// Session this usage belongs to.
223        session_id: String,
224        /// Cumulative input tokens.
225        input_tokens: u64,
226        /// Cumulative output tokens.
227        output_tokens: u64,
228    },
229    /// Reasoning/compaction fragment (RFC-015).
230    ReasoningFragment {
231        /// Session this fragment belongs to.
232        session_id: String,
233        /// The fragment text (chain-of-thought, compaction summary, etc).
234        content: String,
235        /// Source label: "chain_of_thought" | "compaction" | "reflection".
236        source: String,
237    },
238
239    // ── Calendar ──────────────────────────────────────────────
240    /// A calendar event was created.
241    CalendarEventCreated {
242        /// Event UID.
243        uid: String,
244        /// Event title.
245        title: String,
246        /// Start time.
247        start: String,
248        /// End time.
249        end: String,
250    },
251    /// A calendar event was updated.
252    CalendarEventUpdated {
253        /// Event UID.
254        uid: String,
255        /// Event title.
256        title: String,
257    },
258    /// A calendar event was deleted.
259    CalendarEventDeleted {
260        /// Event UID.
261        uid: String,
262        /// Event title.
263        title: String,
264    },
265    /// An email has been sent.
266    EmailSent {
267        /// Email subject.
268        subject: String,
269        /// SMTP message ID.
270        message_id: String,
271        /// Template name (if template was used/saved).
272        #[serde(default, skip_serializing_if = "Option::is_none")]
273        template_name: Option<String>,
274    },
275
276    // ── Knowledge ──────────────────────────────────────────────
277    /// A knowledge note was persisted (hook, user, or tool).
278    KnowledgePersisted {
279        session_id: String,
280        message_index: usize,
281        path: String,
282        source: String, // "hook", "user", "tool"
283    },
284    /// A knowledge note was removed by user action.
285    KnowledgeRemoved {
286        session_id: String,
287        message_index: usize,
288    },
289    /// A question was posed to the user by the agent (RFC-027, `ask_user`).
290    /// The frontend renders an input/option picker and resolves the
291    /// pending oneshot via a separate response endpoint.
292    AskUserRequest {
293        /// Unique request ID — used by the response handler to resolve
294        /// the oneshot the tool is awaiting.
295        id: String,
296        /// The question text the user sees.
297        question: String,
298        /// Optional structured options. Empty when the question is open-ended.
299        options: Vec<String>,
300    },
301    // ── Persona (agent-authored writes are security-reviewed) ───────────
302    /// A persona was created (by an agent tool, the HTTP API, or the UI).
303    PersonaCreated {
304        /// Persona ID.
305        id: String,
306        /// Persona display name.
307        name: String,
308        /// Whether it was registered enabled.
309        enabled: bool,
310        /// Origin of the change: "agent" | "api" | "ui".
311        source: String,
312    },
313    /// A persona was updated.
314    PersonaUpdated {
315        /// Persona ID.
316        id: String,
317        /// Persona display name.
318        name: String,
319        /// Origin of the change: "agent" | "api" | "ui".
320        source: String,
321    },
322}
323
324/// Convert a KernelEvent to an AuditAction for the audit trail.
325pub fn kernel_event_to_audit_action(event: &KernelEvent) -> AuditAction {
326    match event {
327        KernelEvent::AgentCreated { name, .. } => AuditAction::AgentSpawn {
328            task_type: name.clone(),
329        },
330        KernelEvent::AgentStarted { .. } => AuditAction::AgentSpawn {
331            task_type: "started".to_string(),
332        },
333        KernelEvent::AgentStopped { success, .. } => AuditAction::AgentExit {
334            reason: if *success {
335                "completed".to_string()
336            } else {
337                "stopped".to_string()
338            },
339        },
340        KernelEvent::AgentFailed { error, .. } => AuditAction::AgentExit {
341            reason: error.clone(),
342        },
343        KernelEvent::MessageReceived { content, .. } => AuditAction::Other {
344            detail: format!("message: {content}"),
345        },
346        KernelEvent::AgentOutput { output, .. } => AuditAction::Other {
347            detail: format!("agent_output:{output}"),
348        },
349        KernelEvent::ApprovalRequested {
350            id,
351            action,
352            resource,
353            ..
354        } => AuditAction::Other {
355            detail: format!("approval_requested:{id}:{action}:{resource}"),
356        },
357        KernelEvent::ApprovalResolved { id, approved } => AuditAction::Other {
358            detail: format!("approval_resolved:{id}:{approved}"),
359        },
360        KernelEvent::MemoryStored {
361            id, memory_type, ..
362        } => AuditAction::MemoryWrite {
363            entry_id: format!("{id}:{memory_type}"),
364        },
365        KernelEvent::MemoryRecalled { query, count } => AuditAction::MemoryRead {
366            entry_id: format!("query:{query}:{count}results"),
367        },
368        KernelEvent::AgentGroupCreated {
369            group_id,
370            agent_count,
371        } => AuditAction::Other {
372            detail: format!("group_created:{group_id}:{agent_count}agents"),
373        },
374        KernelEvent::AgentGroupMemberCompleted {
375            group_id,
376            agent_id,
377            success,
378        } => AuditAction::Other {
379            detail: format!("group_member_completed:{group_id}:{agent_id}:{success}"),
380        },
381        KernelEvent::ProjectCreated {
382            project_id: _,
383            name,
384            source,
385        } => AuditAction::Other {
386            detail: format!("project_created:{name}:{source}"),
387        },
388        KernelEvent::ProjectActivated {
389            project_id: _,
390            name,
391        } => AuditAction::Other {
392            detail: format!("project_activated:{name}"),
393        },
394        // ── RFC-015 ──
395        KernelEvent::ToolExecutionStarted { tool_name, .. } => AuditAction::Other {
396            detail: format!("tool_started:{tool_name}"),
397        },
398        KernelEvent::ToolExecutionFinished {
399            tool_name,
400            is_error,
401            ..
402        } => AuditAction::Other {
403            detail: format!(
404                "tool_finished:{tool_name}:{}",
405                if *is_error { "error" } else { "ok" }
406            ),
407        },
408        KernelEvent::ToolExecutionProgress {
409            tool_name,
410            tab_id,
411            context,
412            ..
413        } => AuditAction::Other {
414            detail: {
415                let mut d = format!("tool_progress:{tool_name}");
416                if let Some(id) = tab_id {
417                    d.push_str(&format!(":tab={id}"));
418                }
419                if let Some(ctx) = context
420                    .as_ref()
421                    .and_then(|c| c.get("kind"))
422                    .and_then(|k| k.as_str())
423                {
424                    d.push_str(&format!(":{ctx}"));
425                }
426                d
427            },
428        },
429        KernelEvent::MemoryRecallUsed { query, count, .. } => AuditAction::MemoryRead {
430            entry_id: format!("recall:{query}:{count}results"),
431        },
432        KernelEvent::TokenUsageUpdate {
433            input_tokens,
434            output_tokens,
435            ..
436        } => AuditAction::Other {
437            detail: format!("tokens:in={input_tokens}:out={output_tokens}"),
438        },
439        KernelEvent::ReasoningFragment { source, .. } => AuditAction::Other {
440            detail: format!("reasoning:{source}"),
441        },
442        KernelEvent::CalendarEventCreated { uid, title, .. } => AuditAction::Other {
443            detail: format!("calendar:created:{uid}:{title}"),
444        },
445        KernelEvent::CalendarEventUpdated { uid, title } => AuditAction::Other {
446            detail: format!("calendar:updated:{uid}:{title}"),
447        },
448        KernelEvent::CalendarEventDeleted { uid, title } => AuditAction::Other {
449            detail: format!("calendar:deleted:{uid}:{title}"),
450        },
451        KernelEvent::EmailSent {
452            subject,
453            message_id,
454            template_name,
455        } => AuditAction::Other {
456            detail: format!("email:sent:{subject} (msg={message_id}, tpl={template_name:?})"),
457        },
458        KernelEvent::KnowledgePersisted {
459            session_id,
460            message_index,
461            path,
462            source,
463        } => AuditAction::Other {
464            detail: format!("knowledge:persisted:{session_id}:{message_index}:{path}:{source}"),
465        },
466        KernelEvent::KnowledgeRemoved {
467            session_id,
468            message_index,
469        } => AuditAction::Other {
470            detail: format!("knowledge:removed:{session_id}:{message_index}"),
471        },
472        KernelEvent::AskUserRequest { id, question, .. } => AuditAction::Other {
473            detail: format!("ask_user:{id}:{question}"),
474        },
475        KernelEvent::PersonaCreated {
476            id, name, source, ..
477        } => AuditAction::Other {
478            detail: format!("persona:created:{id}:{name}:{source}"),
479        },
480        KernelEvent::PersonaUpdated { id, name, source } => AuditAction::Other {
481            detail: format!("persona:updated:{id}:{name}:{source}"),
482        },
483    }
484}
485
486/// Extract agent ID from a KernelEvent variant.
487fn extract_agent_id(event: &KernelEvent) -> String {
488    match event {
489        KernelEvent::AgentCreated { id, .. } => id.to_string(),
490        KernelEvent::AgentStarted { id, .. } => id.to_string(),
491        KernelEvent::AgentStopped { id, .. } => id.to_string(),
492        KernelEvent::AgentFailed { id, .. } => id.to_string(),
493        KernelEvent::MessageReceived { from, .. } => from.to_string(),
494        KernelEvent::AgentOutput { agent_id, .. } => agent_id.to_string(),
495        KernelEvent::AgentGroupMemberCompleted { agent_id, .. } => agent_id.to_string(),
496        KernelEvent::ProjectActivated { project_id, .. } => format!("project:{project_id}"),
497        // RFC-015: session-scoped events use session_id as the subject
498        KernelEvent::ToolExecutionStarted { session_id, .. } => format!("session:{session_id}"),
499        KernelEvent::ToolExecutionFinished { session_id, .. } => format!("session:{session_id}"),
500        KernelEvent::ToolExecutionProgress { session_id, .. } => format!("session:{session_id}"),
501        KernelEvent::MemoryRecallUsed { session_id, .. } => format!("session:{session_id}"),
502        KernelEvent::TokenUsageUpdate { session_id, .. } => format!("session:{session_id}"),
503        KernelEvent::ReasoningFragment { session_id, .. } => format!("session:{session_id}"),
504        KernelEvent::KnowledgePersisted { session_id, .. } => format!("session:{session_id}"),
505        KernelEvent::KnowledgeRemoved { session_id, .. } => format!("session:{session_id}"),
506        _ => "system".to_string(),
507    }
508}
509
510/// Subscribe the audit trail to all kernel events.
511///
512/// The bus is broadcast-based; this spawns a long-running task that
513/// forwards every event into the audit trail as a structured entry.
514/// Lagged subscribers are logged and recovered.
515pub fn attach_audit_trail(bus: &EventBus, audit: Arc<AuditTrail>) {
516    let mut rx = bus.subscribe();
517    tokio::spawn(async move {
518        loop {
519            match rx.recv().await {
520                Ok(event) => {
521                    let actor = extract_agent_id(&event);
522                    let action = kernel_event_to_audit_action(&event);
523                    let resource = format!("{event:?}");
524                    audit.append(actor, action, resource);
525                }
526                Err(tokio::sync::broadcast::error::RecvError::Lagged(n)) => {
527                    // Surface the drop as a metric so operators can detect
528                    // incomplete audit trails instead of the events
529                    // vanishing silently (state-area F4).
530                    crate::metrics::get_metrics().audit_lagged_events.inc_by(n);
531                    tracing::warn!(
532                        skipped = n,
533                        "Audit trail subscriber lagged, skipping events"
534                    );
535                    continue;
536                }
537                Err(tokio::sync::broadcast::error::RecvError::Closed) => {
538                    tracing::info!("Audit trail event bus closed, exiting");
539                    break;
540                }
541            }
542        }
543    });
544}
545
546#[cfg(test)]
547mod tests {
548    use super::*;
549
550    fn sample_event(name: &str) -> KernelEvent {
551        KernelEvent::AgentCreated {
552            id: AgentId::new_v4(),
553            name: name.to_string(),
554        }
555    }
556
557    #[test]
558    fn test_event_bus_uses_sdk() {
559        let bus: EventBus = EventBus::new(256);
560        assert!(format!("{:?}", bus).contains("EventBus"));
561    }
562
563    #[tokio::test]
564    async fn test_publish_no_subscribers_ok() {
565        let bus = EventBus::new(16);
566        let result = bus.publish(sample_event("orphan"));
567        assert!(result.is_ok());
568    }
569
570    #[tokio::test]
571    async fn test_single_subscriber_receives_event() {
572        let bus = EventBus::new(16);
573        let mut rx = bus.subscribe();
574
575        let event = sample_event("test-agent");
576        bus.publish(event.clone()).unwrap();
577
578        let received = rx.try_recv().expect("should receive event");
579        match received {
580            KernelEvent::AgentCreated { name, .. } => assert_eq!(name, "test-agent"),
581            _ => panic!("wrong event type"),
582        }
583    }
584
585    #[tokio::test]
586    async fn test_multiple_subscribers_receive_events() {
587        let bus = EventBus::new(16);
588        let mut rx1 = bus.subscribe();
589        let mut rx2 = bus.subscribe();
590
591        let event = sample_event("multi");
592        bus.publish(event.clone()).unwrap();
593
594        let r1 = rx1.try_recv().expect("rx1 should receive event");
595        let r2 = rx2.try_recv().expect("rx2 should receive event");
596
597        assert!(matches!(r1, KernelEvent::AgentCreated { .. }));
598        assert!(matches!(r2, KernelEvent::AgentCreated { .. }));
599    }
600
601    #[tokio::test]
602    async fn test_kernel_event_to_audit_action() {
603        let event = KernelEvent::AgentFailed {
604            id: AgentId::new_v4(),
605            error: "boom".to_string(),
606        };
607        let action = kernel_event_to_audit_action(&event);
608        match action {
609            AuditAction::AgentExit { reason } => assert_eq!(reason, "boom"),
610            other => panic!("expected AgentExit, got {other:?}"),
611        }
612    }
613
614    // ── RFC-015 chat transparency event coverage ──
615
616    /// Round-trip JSON serialization for every new RFC-015 variant. This
617    /// guards against accidental renames that would break the WebSocket
618    /// wire format on the frontend.
619    #[test]
620    fn test_rfc015_event_round_trip_json() {
621        let cases: Vec<KernelEvent> = vec![
622            KernelEvent::ToolExecutionStarted {
623                session_id: "s1".into(),
624                tool_name: "read_file".into(),
625                tool_call_id: "call_1".into(),
626                tool_args: serde_json::json!({"path": "/src/main.rs"}),
627                context: None,
628            },
629            KernelEvent::ToolExecutionFinished {
630                session_id: "s1".into(),
631                tool_call_id: "call_1".into(),
632                tool_name: "read_file".into(),
633                duration_ms: 234,
634                is_error: false,
635                output_summary: "fn main() {}".into(),
636            },
637            KernelEvent::ToolExecutionProgress {
638                session_id: "s1".into(),
639                tool_call_id: "call_1".into(),
640                tool_name: "read_file".into(),
641                progress: "reading line 42/100".into(),
642                tab_id: None,
643                context: None,
644            },
645            KernelEvent::MemoryRecallUsed {
646                session_id: "s1".into(),
647                query: "rust errors".into(),
648                count: 3,
649                source: "warm".into(),
650            },
651            KernelEvent::TokenUsageUpdate {
652                session_id: "s1".into(),
653                input_tokens: 1234,
654                output_tokens: 567,
655            },
656            KernelEvent::ReasoningFragment {
657                session_id: "s1".into(),
658                content: "compaction done".into(),
659                source: "compaction".into(),
660            },
661        ];
662        for event in cases {
663            let json = serde_json::to_string(&event).expect("serialize");
664            let back: KernelEvent = serde_json::from_str(&json).expect("deserialize");
665            let json2 = serde_json::to_string(&back).expect("serialize round-trip");
666            assert_eq!(json, json2, "round-trip should be stable");
667        }
668    }
669
670    /// Tool progress events serialize/deserialize cleanly and round-trip
671    /// stable JSON, matching the wire format the WS layer expects.
672    #[test]
673    fn test_tool_execution_progress_serde_round_trip() {
674        let event = KernelEvent::ToolExecutionProgress {
675            session_id: "s-abc".into(),
676            tool_call_id: "call_42".into(),
677            tool_name: "browse".into(),
678            progress: "loading https://example.com".into(),
679            tab_id: Some(Uuid::new_v4()),
680            context: None,
681        };
682        let json = serde_json::to_string(&event).expect("serialize");
683        let back: KernelEvent = serde_json::from_str(&json).expect("deserialize");
684        match back {
685            KernelEvent::ToolExecutionProgress {
686                ref session_id,
687                ref tool_call_id,
688                ref tool_name,
689                ref progress,
690                tab_id,
691                ..
692            } => {
693                assert_eq!(session_id, "s-abc");
694                assert_eq!(tool_call_id, "call_42");
695                assert_eq!(tool_name, "browse");
696                assert_eq!(progress, "loading https://example.com");
697                assert!(tab_id.is_some(), "tab_id should round-trip when present");
698            }
699            other => panic!("expected ToolExecutionProgress, got {other:?}"),
700        }
701    }
702
703    /// The audit-action mapping for tool progress should produce a stable,
704    /// searchable detail string (used by the audit-trail UI to filter).
705    /// When `tab_id` is set, the detail includes `:tab=<id>`; when absent,
706    /// the original `tool_progress:<tool>` form is preserved (back-compat
707    /// for older oxi-agent versions that don't propagate tabs).
708    #[test]
709    fn test_tool_execution_progress_audit_action() {
710        let with_tab = KernelEvent::ToolExecutionProgress {
711            session_id: "s1".into(),
712            tool_call_id: "c1".into(),
713            tool_name: "browse".into(),
714            progress: "navigating".into(),
715            tab_id: Some(Uuid::new_v4()),
716            context: None,
717        };
718        match kernel_event_to_audit_action(&with_tab) {
719            AuditAction::Other { detail } => {
720                assert!(detail.contains("tool_progress"), "detail: {detail}");
721                assert!(detail.contains("browse"), "detail: {detail}");
722                assert!(
723                    detail.contains(":tab="),
724                    "detail should include tab id: {detail}"
725                );
726            }
727            other => panic!("expected Other, got {other:?}"),
728        }
729        let without_tab = KernelEvent::ToolExecutionProgress {
730            session_id: "s1".into(),
731            tool_call_id: "c1".into(),
732            tool_name: "browse".into(),
733            progress: "navigating".into(),
734            tab_id: None,
735            context: None,
736        };
737        match kernel_event_to_audit_action(&without_tab) {
738            AuditAction::Other { detail } => {
739                assert_eq!(detail, "tool_progress:browse");
740            }
741            other => panic!("expected Other, got {other:?}"),
742        }
743    }
744
745    /// `tab_id` is optional in serde (`#[serde(default)]`) so older oxi-agent
746    /// versions that don't emit it still round-trip cleanly. This guards the
747    /// backwards-compat contract explicitly.
748    #[test]
749    fn test_tool_execution_progress_tab_id_optional_in_serde() {
750        // Simulate a payload from a legacy oxi-agent (no tab_id key).
751        // KernelEvent is externally tagged, so the variant is the JSON key.
752        let legacy_json = r#"{
753            "ToolExecutionProgress": {
754                "session_id": "s-old",
755                "tool_call_id": "call_legacy",
756                "tool_name": "browse",
757                "progress": "step 1"
758            }
759        }"#;
760        let event: KernelEvent = serde_json::from_str(legacy_json).expect("deserialize legacy");
761        match &event {
762            KernelEvent::ToolExecutionProgress {
763                session_id,
764                tool_call_id,
765                tool_name,
766                progress,
767                tab_id,
768                ..
769            } => {
770                assert_eq!(session_id, "s-old");
771                assert_eq!(tool_call_id, "call_legacy");
772                assert_eq!(tool_name, "browse");
773                assert_eq!(progress, "step 1");
774                assert!(tab_id.is_none(), "missing field should default to None");
775            }
776            other => panic!("expected ToolExecutionProgress, got {other:?}"),
777        }
778        // And re-serialise — `skip_serializing_if = "Option::is_none"` keeps
779        // the wire format clean when downstream tools don't set tab_id.
780        let json = serde_json::to_string(&event).expect("serialize");
781        assert!(
782            !json.contains("tab_id"),
783            "tab_id should be omitted when None: {json}"
784        );
785    }
786
787    /// The agent_id extractor should map session-scoped RFC-015 events to
788    /// `session:<id>` for audit-trail grouping, while non-session events
789    /// keep their existing behaviour.
790    #[test]
791    fn test_rfc015_extract_agent_id() {
792        let event = KernelEvent::ToolExecutionStarted {
793            session_id: "abc-123".into(),
794            tool_name: "bash".into(),
795            tool_call_id: "c1".into(),
796            tool_args: serde_json::Value::Null,
797            context: None,
798        };
799        // The function is private; verify via the public AuditAction mapping
800        // that session-scoped events do not collide with real agent ids.
801        let action = kernel_event_to_audit_action(&event);
802        match action {
803            AuditAction::Other { detail } => {
804                assert!(
805                    detail.contains("bash"),
806                    "tool name in audit detail: {detail}"
807                );
808            }
809            other => panic!("expected Other, got {other:?}"),
810        }
811    }
812}