tmai-core 0.8.2

Core library for tmai - agent detection, state management, and monitoring
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240

use std::fs::{self, File, OpenOptions};
use std::io::{BufWriter, Write};
use std::path::{Path, PathBuf};

use super::events::AuditEvent;
use crate::ipc::protocol::data_dir;

const AUDIT_FILE: &str = "detection.ndjson";

/// Logger for audit events in ndjson format
pub struct AuditLogger {
    enabled: bool,
    max_size_bytes: u64,
    file_path: PathBuf,
    writer: Option<BufWriter<File>>,
}

impl AuditLogger {
    /// Create a new audit logger
    ///
    /// If `enabled` is false, all log calls are no-ops.
    pub fn new(enabled: bool, max_size_bytes: u64) -> Self {
        let file_path = data_dir().join("audit").join(AUDIT_FILE);
        let writer = if enabled {
            Self::open_writer(&file_path)
        } else {
            None
        };

        Self {
            enabled,
            max_size_bytes,
            file_path,
            writer,
        }
    }

    /// Log an audit event
    ///
    /// Serializes the event as a single JSON line and appends to the log file.
    pub fn log(&mut self, event: &AuditEvent) {
        if !self.enabled {
            return;
        }

        // Ensure writer is open
        if self.writer.is_none() {
            self.writer = Self::open_writer(&self.file_path);
        }

        let writer = match self.writer.as_mut() {
            Some(w) => w,
            None => return,
        };

        // Serialize and write
        if let Ok(json) = serde_json::to_string(event) {
            if writeln!(writer, "{}", json).is_ok() {
                let _ = writer.flush();
            } else {
                // Write failed, try to reopen on next call
                self.writer = None;
            }
        }

        // Check rotation
        self.maybe_rotate();
    }

    /// Open or create the log file for appending
    fn open_writer(file_path: &Path) -> Option<BufWriter<File>> {
        // Ensure directory exists
        if let Some(dir) = file_path.parent() {
            if let Err(e) = fs::create_dir_all(dir) {
                eprintln!("Failed to create audit directory: {}", e);
                return None;
            }
        }

        match OpenOptions::new().create(true).append(true).open(file_path) {
            Ok(file) => Some(BufWriter::new(file)),
            Err(e) => {
                eprintln!("Failed to open audit log: {}", e);
                None
            }
        }
    }

    /// Rotate the log file if it exceeds max_size_bytes
    fn maybe_rotate(&mut self) {
        let metadata = match fs::metadata(&self.file_path) {
            Ok(m) => m,
            Err(_) => return,
        };

        if metadata.len() >= self.max_size_bytes {
            // Close current writer
            self.writer = None;

            // Rename current to .1
            let rotated = self.file_path.with_extension("ndjson.1");
            let _ = fs::rename(&self.file_path, &rotated);

            // Reopen fresh file
            self.writer = Self::open_writer(&self.file_path);
        }
    }
}

#[cfg(test)]
mod tests {
    use super::*;
    use crate::detectors::{DetectionConfidence, DetectionReason};

    #[test]
    fn test_disabled_logger_is_noop() {
        let mut logger = AuditLogger::new(false, 1024);
        let event = AuditEvent::AgentAppeared {
            ts: 1234567890,
            pane_id: "1".to_string(),
            agent_type: "ClaudeCode".to_string(),
            source: "capture_pane".to_string(),
            initial_status: "idle".to_string(),
        };
        // Should not panic or create files
        logger.log(&event);
    }

    #[test]
    fn test_ndjson_output() {
        let dir = tempfile::tempdir().unwrap();
        let file_path = dir.path().join("test.ndjson");

        let mut logger = AuditLogger {
            enabled: true,
            max_size_bytes: 10_485_760,
            file_path: file_path.clone(),
            writer: None,
        };

        let event = AuditEvent::AgentAppeared {
            ts: 1234567890,
            pane_id: "1".to_string(),
            agent_type: "ClaudeCode".to_string(),
            source: "capture_pane".to_string(),
            initial_status: "idle".to_string(),
        };
        logger.log(&event);

        let content = fs::read_to_string(&file_path).unwrap();
        let parsed: serde_json::Value = serde_json::from_str(content.trim()).unwrap();
        assert_eq!(parsed["event"], "AgentAppeared");
        assert_eq!(parsed["pane_id"], "1");
    }

    #[test]
    fn test_rotation() {
        let dir = tempfile::tempdir().unwrap();
        let file_path = dir.path().join("test.ndjson");

        let mut logger = AuditLogger {
            enabled: true,
            max_size_bytes: 100, // Very small for testing
            file_path: file_path.clone(),
            writer: None,
        };

        // Write enough to trigger rotation
        for i in 0..10 {
            let event = AuditEvent::AgentAppeared {
                ts: i,
                pane_id: format!("pane-{}", i),
                agent_type: "ClaudeCode".to_string(),
                source: "capture_pane".to_string(),
                initial_status: "idle".to_string(),
            };
            logger.log(&event);
        }

        // Rotated file should exist
        let rotated = file_path.with_extension("ndjson.1");
        assert!(rotated.exists(), "Rotated file should exist");
    }

    #[test]
    fn test_state_changed_event_serialization() {
        let event = AuditEvent::StateChanged {
            ts: 1234567890,
            pane_id: "5".to_string(),
            agent_type: "ClaudeCode".to_string(),
            source: "capture_pane".to_string(),
            prev_status: "idle".to_string(),
            new_status: "processing".to_string(),
            reason: DetectionReason {
                rule: "braille_spinner".to_string(),
                confidence: DetectionConfidence::Medium,
                matched_text: Some("⠋ Working".to_string()),
            },
            screen_context: None,
            prev_state_duration_ms: None,
            approval_type: None,
            approval_details: None,
        };

        let json = serde_json::to_string(&event).unwrap();
        let parsed: serde_json::Value = serde_json::from_str(&json).unwrap();
        assert_eq!(parsed["event"], "StateChanged");
        assert_eq!(parsed["reason"]["rule"], "braille_spinner");
        assert_eq!(parsed["reason"]["confidence"], "Medium");
        // approval_type/approval_details should be absent (skip_serializing_if)
        assert!(parsed.get("approval_type").is_none());
        assert!(parsed.get("approval_details").is_none());
    }

    #[test]
    fn test_state_changed_with_approval_info() {
        let event = AuditEvent::StateChanged {
            ts: 1234567890,
            pane_id: "5".to_string(),
            agent_type: "ClaudeCode".to_string(),
            source: "capture_pane".to_string(),
            prev_status: "idle".to_string(),
            new_status: "awaiting_approval".to_string(),
            reason: DetectionReason {
                rule: "proceed_prompt".to_string(),
                confidence: DetectionConfidence::High,
                matched_text: None,
            },
            screen_context: None,
            prev_state_duration_ms: Some(5000),
            approval_type: Some("user_question".to_string()),
            approval_details: Some("Do you want to proceed?".to_string()),
        };

        let json = serde_json::to_string(&event).unwrap();
        let parsed: serde_json::Value = serde_json::from_str(&json).unwrap();
        assert_eq!(parsed["approval_type"], "user_question");
        assert_eq!(parsed["approval_details"], "Do you want to proceed?");
    }
}