Phase 5a: approval queue (request_apply_commit, pending/approve/deny)

2026-05-14 22:50:19 +02:00 · 2026-05-14 22:50:19 +02:00 · f12837fe32
commit f12837fe32
parent 4a73340150
7 changed files with 270 additions and 0 deletions
--- a/hive-c0re/src/approvals.rs
+++ b/hive-c0re/src/approvals.rs
@ -0,0 +1,167 @@
+//! Approval queue. Manager submits via `RequestApplyCommit`; the user
+//! approves/denies via the host admin CLI; on approval the host runs the
+//! corresponding action (Phase 5a: `lifecycle::rebuild(agent)`).
+
+use std::path::Path;
+use std::sync::Mutex;
+use std::time::{SystemTime, UNIX_EPOCH};
+
+use anyhow::{Context, Result, bail};
+use hive_sh4re::{Approval, ApprovalStatus};
+use rusqlite::{Connection, OptionalExtension, params};
+
+const SCHEMA: &str = r#"
+CREATE TABLE IF NOT EXISTS approvals (
+    id           INTEGER PRIMARY KEY AUTOINCREMENT,
+    agent        TEXT    NOT NULL,
+    commit_ref   TEXT    NOT NULL,
+    requested_at INTEGER NOT NULL,
+    status       TEXT    NOT NULL,
+    resolved_at  INTEGER,
+    note         TEXT
+);
+CREATE INDEX IF NOT EXISTS idx_approvals_pending
+    ON approvals (id) WHERE status = 'pending';
+"#;
+
+pub struct Approvals {
+    conn: Mutex<Connection>,
+}
+
+impl Approvals {
+    pub fn open(path: &Path) -> Result<Self> {
+        if let Some(parent) = path.parent() {
+            std::fs::create_dir_all(parent)
+                .with_context(|| format!("create approvals db parent {}", parent.display()))?;
+        }
+        let conn = Connection::open(path)
+            .with_context(|| format!("open approvals db {}", path.display()))?;
+        conn.execute_batch(SCHEMA).context("apply approvals schema")?;
+        Ok(Self {
+            conn: Mutex::new(conn),
+        })
+    }
+
+    pub fn submit(&self, agent: &str, commit_ref: &str) -> Result<i64> {
+        let conn = self.conn.lock().unwrap();
+        conn.execute(
+            "INSERT INTO approvals (agent, commit_ref, requested_at, status)
+             VALUES (?1, ?2, ?3, 'pending')",
+            params![agent, commit_ref, now_unix()],
+        )?;
+        Ok(conn.last_insert_rowid())
+    }
+
+    pub fn pending(&self) -> Result<Vec<Approval>> {
+        let conn = self.conn.lock().unwrap();
+        let mut stmt = conn.prepare(
+            "SELECT id, agent, commit_ref, requested_at, status, resolved_at, note
+               FROM approvals
+              WHERE status = 'pending'
+              ORDER BY id ASC",
+        )?;
+        let rows = stmt.query_map([], row_to_approval)?;
+        rows.collect::<rusqlite::Result<Vec<_>>>()
+            .map_err(Into::into)
+    }
+
+    pub fn get(&self, id: i64) -> Result<Option<Approval>> {
+        let conn = self.conn.lock().unwrap();
+        conn.query_row(
+            "SELECT id, agent, commit_ref, requested_at, status, resolved_at, note
+               FROM approvals WHERE id = ?1",
+            params![id],
+            row_to_approval,
+        )
+        .optional()
+        .map_err(Into::into)
+    }
+
+    /// Mark pending -> approved (or fail if not pending). Returns the (now-updated)
+    /// approval so the caller can run the action and pass the agent name.
+    pub fn mark_approved(&self, id: i64) -> Result<Approval> {
+        let conn = self.conn.lock().unwrap();
+        let current: Option<(String, String, i64, String)> = conn
+            .query_row(
+                "SELECT agent, commit_ref, requested_at, status FROM approvals WHERE id = ?1",
+                params![id],
+                |row| Ok((row.get(0)?, row.get(1)?, row.get(2)?, row.get(3)?)),
+            )
+            .optional()?;
+        let Some((agent, commit_ref, requested_at, status)) = current else {
+            bail!("approval {id} not found");
+        };
+        if status != "pending" {
+            bail!("approval {id} is {status}, not pending");
+        }
+        let resolved_at = now_unix();
+        conn.execute(
+            "UPDATE approvals SET status = 'approved', resolved_at = ?1 WHERE id = ?2",
+            params![resolved_at, id],
+        )?;
+        Ok(Approval {
+            id,
+            agent,
+            commit_ref,
+            requested_at,
+            status: ApprovalStatus::Approved,
+            resolved_at: Some(resolved_at),
+            note: None,
+        })
+    }
+
+    pub fn mark_denied(&self, id: i64) -> Result<()> {
+        let conn = self.conn.lock().unwrap();
+        let affected = conn.execute(
+            "UPDATE approvals SET status = 'denied', resolved_at = ?1
+               WHERE id = ?2 AND status = 'pending'",
+            params![now_unix(), id],
+        )?;
+        if affected == 0 {
+            bail!("approval {id} not pending");
+        }
+        Ok(())
+    }
+
+    pub fn mark_failed(&self, id: i64, note: &str) -> Result<()> {
+        let conn = self.conn.lock().unwrap();
+        conn.execute(
+            "UPDATE approvals SET status = 'failed', resolved_at = ?1, note = ?2 WHERE id = ?3",
+            params![now_unix(), note, id],
+        )?;
+        Ok(())
+    }
+}
+
+fn row_to_approval(row: &rusqlite::Row<'_>) -> rusqlite::Result<Approval> {
+    let status: String = row.get(4)?;
+    let status = match status.as_str() {
+        "pending" => ApprovalStatus::Pending,
+        "approved" => ApprovalStatus::Approved,
+        "denied" => ApprovalStatus::Denied,
+        "failed" => ApprovalStatus::Failed,
+        other => {
+            return Err(rusqlite::Error::FromSqlConversionFailure(
+                4,
+                rusqlite::types::Type::Text,
+                format!("unknown approval status '{other}'").into(),
+            ));
+        }
+    };
+    Ok(Approval {
+        id: row.get(0)?,
+        agent: row.get(1)?,
+        commit_ref: row.get(2)?,
+        requested_at: row.get(3)?,
+        status,
+        resolved_at: row.get(5)?,
+        note: row.get(6)?,
+    })
+}
+
+fn now_unix() -> i64 {
+    SystemTime::now()
+        .duration_since(UNIX_EPOCH)
+        .map(|d| d.as_secs() as i64)
+        .unwrap_or(0)
+}