Merge remote-tracking branch 'origin/main' into fix/issue-188

Author: Bill Chirico

biome.json

@@ -8,7 +8,8 @@
       "!node_modules",
       "!coverage",
       "!logs",
-      "!data"
+      "!data",
+      "!feat-issue-164"
     ]
   },
   "linter": {

config.json

@@ -42,7 +42,8 @@
     "debugFooter": true,
     "debugFooterLevel": "verbose",
     "moderationLogChannel": "1473219285651292201",
-    "statusReactions": true
+    "statusReactions": true,
+    "dailyBudgetUsd": 10
   },
   "welcome": {
     "enabled": true,
@@ -281,5 +282,23 @@
   "reminders": {
     "enabled": false,
     "maxPerUser": 25
+  },
+  "aiAutoMod": {
+    "enabled": false,
+    "model": "claude-haiku-4-5",
+    "thresholds": {
+      "toxicity": 0.7,
+      "spam": 0.8,
+      "harassment": 0.7
+    },
+    "actions": {
+      "toxicity": "flag",
+      "spam": "delete",
+      "harassment": "warn"
+    },
+    "timeoutDurationMs": 300000,
+    "flagChannelId": null,
+    "autoDelete": true,
+    "exemptRoleIds": []
   }
 }

migrations/004_command_aliases.cjs

@@ -0,0 +1,35 @@
+/**
+ * Migration 004: Guild Command Aliases Table
+ *
+ * Stores per-guild command aliases created by guild admins.
+ * Each alias maps a short custom name (e.g. "w") to an existing bot command (e.g. "warn").
+ * discord_command_id stores the ID returned by Discord after registering the alias
+ * as a guild-specific slash command, enabling clean removal later.
+ */
+
+/** @param {import('node-pg-migrate').MigrationBuilder} pgm */
+exports.up = (pgm) => {
+  pgm.sql(`
+    CREATE TABLE IF NOT EXISTS guild_command_aliases (
+      id SERIAL PRIMARY KEY,
+      guild_id TEXT NOT NULL,
+      alias TEXT NOT NULL,
+      target_command TEXT NOT NULL,
+      discord_command_id TEXT,
+      created_by TEXT NOT NULL,
+      created_at TIMESTAMPTZ DEFAULT NOW(),
+      UNIQUE(guild_id, alias)
+    )
+  `);
+
+  pgm.sql(`
+    CREATE INDEX IF NOT EXISTS idx_guild_command_aliases_guild_id
+    ON guild_command_aliases(guild_id)
+  `);
+};
+
+/** @param {import('node-pg-migrate').MigrationBuilder} pgm */
+exports.down = (pgm) => {
+  pgm.sql(`DROP INDEX IF EXISTS idx_guild_command_aliases_guild_id`);
+  pgm.sql(`DROP TABLE IF EXISTS guild_command_aliases`);
+};

migrations/004_performance_indexes.cjs

@@ -0,0 +1,70 @@
+/**
+ * Migration 004: Performance Indexes
+ *
+ * Adds missing composite indexes and a pg_trgm GIN index to resolve:
+ *
+ * 1. ai_feedback trend queries — getFeedbackTrend() filters by guild_id AND
+ *    created_at but only had a single-column guild_id index, forcing a full
+ *    guild scan + sort for every trend call.
+ *
+ * 2. conversations ILIKE search — content ILIKE '%...%' is a seq-scan
+ *    without pg_trgm. Installing the extension + GIN index reduces search from
+ *    O(n) to O(log n * trigram matches).
+ *
+ * 3. conversations(guild_id, created_at) — The default 30-day listing query
+ *    (WHERE guild_id = $1 AND created_at >= $2 ORDER BY created_at DESC)
+ *    benefits from a dedicated 2-column index over the existing 3-column
+ *    (guild_id, channel_id, created_at) composite when channel_id is not filtered.
+ *
+ * 4. flagged_messages(guild_id, message_id) — POST /flag and the detail
+ *    endpoint both do WHERE guild_id = $1 AND message_id = ANY($2) which
+ *    the existing (guild_id, status) index cannot serve efficiently.
+ */
+
+/** @param {import('node-pg-migrate').MigrationBuilder} pgm */
+exports.up = (pgm) => {
+  // ai_feedback: composite for trend + recent queries
+  // getFeedbackTrend: WHERE guild_id = $1 AND created_at >= NOW() - INTERVAL ...
+  // getRecentFeedback: WHERE guild_id = $1 ORDER BY created_at DESC LIMIT $2
+  pgm.sql(`
+    CREATE INDEX IF NOT EXISTS idx_ai_feedback_guild_created
+    ON ai_feedback(guild_id, created_at DESC)
+  `);
+
+  // conversations: pg_trgm for ILIKE searches
+  // Enable the extension first (idempotent)
+  pgm.sql(`CREATE EXTENSION IF NOT EXISTS pg_trgm`);
+
+  // GIN index over content column -- supports col ILIKE '%term%' and col ~ 'pattern'
+  pgm.sql(`
+    CREATE INDEX IF NOT EXISTS idx_conversations_content_trgm
+    ON conversations USING gin(content gin_trgm_ops)
+  `);
+
+  // conversations: (guild_id, created_at) for default 30-day listing
+  // The existing idx_conversations_guild_channel_created covers (guild_id, channel_id, created_at)
+  // but queries that filter only by guild_id + date range skip the channel_id column,
+  // making this 2-column index cheaper to scan.
+  pgm.sql(`
+    CREATE INDEX IF NOT EXISTS idx_conversations_guild_created
+    ON conversations(guild_id, created_at DESC)
+  `);
+
+  // flagged_messages: (guild_id, message_id) for detail + flag endpoints
+  // Used by:
+  //   GET /:conversationId  -> WHERE guild_id = $1 AND message_id = ANY($2)
+  //   POST /:conversationId/flag -> msgCheck + anchorCheck in parallel
+  pgm.sql(`
+    CREATE INDEX IF NOT EXISTS idx_flagged_messages_guild_message
+    ON flagged_messages(guild_id, message_id)
+  `);
+};
+
+/** @param {import('node-pg-migrate').MigrationBuilder} pgm */
+exports.down = (pgm) => {
+  pgm.sql(`DROP INDEX IF EXISTS idx_flagged_messages_guild_message`);
+  pgm.sql(`DROP INDEX IF EXISTS idx_conversations_guild_created`);
+  pgm.sql(`DROP INDEX IF EXISTS idx_conversations_content_trgm`);
+  pgm.sql(`DROP INDEX IF EXISTS idx_ai_feedback_guild_created`);
+  // Note: do NOT drop pg_trgm extension on down -- it may be used elsewhere.
+};

migrations/004_reaction_roles.cjs

@@ -0,0 +1,54 @@
+'use strict';
+
+/**
+ * Migration: Reaction Role Menus
+ *
+ * Creates tables to persist reaction-role mappings across bot restarts.
+ *
+ * - reaction_role_menus: One row per "reaction role" message posted in Discord
+ * - reaction_role_entries: One row per emoji→role mapping attached to a menu
+ */
+
+/** @param {import('node-pg-migrate').MigrationBuilder} pgm */
+exports.up = (pgm) => {
+  // ── reaction_role_menus ────────────────────────────────────────────
+  pgm.sql(`
+    CREATE TABLE IF NOT EXISTS reaction_role_menus (
+      id SERIAL PRIMARY KEY,
+      guild_id TEXT NOT NULL,
+      channel_id TEXT NOT NULL,
+      message_id TEXT NOT NULL,
+      title TEXT NOT NULL DEFAULT 'React to get a role',
+      description TEXT,
+      created_at TIMESTAMPTZ DEFAULT NOW(),
+      UNIQUE (guild_id, message_id)
+    )
+  `);
+  pgm.sql(
+    'CREATE INDEX IF NOT EXISTS idx_reaction_role_menus_guild ON reaction_role_menus(guild_id)',
+  );
+  pgm.sql(
+    'CREATE UNIQUE INDEX IF NOT EXISTS idx_reaction_role_menus_message ON reaction_role_menus(message_id)',
+  );
+
+  // ── reaction_role_entries ──────────────────────────────────────────
+  pgm.sql(`
+    CREATE TABLE IF NOT EXISTS reaction_role_entries (
+      id SERIAL PRIMARY KEY,
+      menu_id INTEGER NOT NULL REFERENCES reaction_role_menus(id) ON DELETE CASCADE,
+      emoji TEXT NOT NULL,
+      role_id TEXT NOT NULL,
+      created_at TIMESTAMPTZ DEFAULT NOW(),
+      UNIQUE (menu_id, emoji)
+    )
+  `);
+  pgm.sql(
+    'CREATE INDEX IF NOT EXISTS idx_reaction_role_entries_menu ON reaction_role_entries(menu_id)',
+  );
+};
+
+/** @param {import('node-pg-migrate').MigrationBuilder} pgm */
+exports.down = (pgm) => {
+  pgm.sql('DROP TABLE IF EXISTS reaction_role_entries');
+  pgm.sql('DROP TABLE IF EXISTS reaction_role_menus');
+};

migrations/004_voice_sessions.cjs

@@ -0,0 +1,51 @@
+/**
+ * Migration 004: Voice Sessions Table
+ *
+ * Tracks voice channel activity for engagement metrics.
+ * Records join/leave/move events with duration.
+ * Gated behind voice.enabled in config (opt-in per guild).
+ */
+
+'use strict';
+
+/** @param {import('node-pg-migrate').MigrationBuilder} pgm */
+exports.up = (pgm) => {
+  pgm.sql(`
+    CREATE TABLE IF NOT EXISTS voice_sessions (
+      id SERIAL PRIMARY KEY,
+      guild_id TEXT NOT NULL,
+      user_id TEXT NOT NULL,
+      channel_id TEXT NOT NULL,
+      joined_at TIMESTAMPTZ NOT NULL DEFAULT NOW(),
+      left_at TIMESTAMPTZ,
+      duration_seconds INTEGER,
+      CONSTRAINT chk_duration_nonneg CHECK (duration_seconds IS NULL OR duration_seconds >= 0)
+    )
+  `);
+
+  pgm.sql(`
+    CREATE INDEX IF NOT EXISTS idx_voice_sessions_guild_user
+    ON voice_sessions(guild_id, user_id)
+  `);
+
+  pgm.sql(`
+    CREATE INDEX IF NOT EXISTS idx_voice_sessions_guild_joined
+    ON voice_sessions(guild_id, joined_at)
+  `);
+
+  // Unique partial index prevents duplicate open sessions for the same (guild_id, user_id)
+  // This ensures crash recovery cannot leave multiple open rows per user per guild
+  pgm.sql(`
+    CREATE UNIQUE INDEX IF NOT EXISTS idx_voice_sessions_open_unique
+    ON voice_sessions(guild_id, user_id)
+    WHERE left_at IS NULL
+  `);
+};
+
+/** @param {import('node-pg-migrate').MigrationBuilder} pgm */
+exports.down = (pgm) => {
+  pgm.sql(`DROP INDEX IF EXISTS idx_voice_sessions_open_unique`);
+  pgm.sql(`DROP INDEX IF EXISTS idx_voice_sessions_guild_joined`);
+  pgm.sql(`DROP INDEX IF EXISTS idx_voice_sessions_guild_user`);
+  pgm.sql(`DROP TABLE IF EXISTS voice_sessions`);
+};

migrations/005_webhook_notifications.cjs

@@ -0,0 +1,42 @@
+/* eslint-disable */
+'use strict';
+
+/**
+ * Migration 005: Webhook notifications delivery log
+ *
+ * Creates webhook_delivery_log table to store delivery attempts
+ * per webhook endpoint. Endpoint configs live in the per-guild config JSON.
+ */
+
+/** @param {import('node-pg-migrate').MigrationBuilder} pgm */
+exports.up = (pgm) => {
+  pgm.sql(`
+    CREATE TABLE IF NOT EXISTS webhook_delivery_log (
+      id SERIAL PRIMARY KEY,
+      guild_id TEXT NOT NULL,
+      endpoint_id TEXT NOT NULL,
+      event_type TEXT NOT NULL,
+      payload JSONB NOT NULL,
+      status TEXT NOT NULL CHECK (status IN ('success', 'failed', 'pending')),
+      response_code INTEGER,
+      response_body TEXT,
+      attempt INTEGER NOT NULL DEFAULT 1,
+      delivered_at TIMESTAMPTZ DEFAULT NOW()
+    );
+
+    CREATE INDEX IF NOT EXISTS idx_webhook_delivery_log_guild
+      ON webhook_delivery_log (guild_id, delivered_at DESC);
+
+    CREATE INDEX IF NOT EXISTS idx_webhook_delivery_log_endpoint
+      ON webhook_delivery_log (endpoint_id, delivered_at DESC);
+  `);
+};
+
+/** @param {import('node-pg-migrate').MigrationBuilder} pgm */
+exports.down = (pgm) => {
+  pgm.sql(`
+    DROP INDEX IF EXISTS idx_webhook_delivery_log_endpoint;
+    DROP INDEX IF EXISTS idx_webhook_delivery_log_guild;
+    DROP TABLE IF EXISTS webhook_delivery_log;
+  `);
+};

src/api/index.js

@@ -9,13 +9,16 @@ import { requireAuth } from './middleware/auth.js';
 import aiFeedbackRouter from './routes/ai-feedback.js';
 import auditLogRouter from './routes/auditLog.js';
 import authRouter from './routes/auth.js';
+import backupRouter from './routes/backup.js';
 import communityRouter from './routes/community.js';
 import configRouter from './routes/config.js';
 import conversationsRouter from './routes/conversations.js';
 import guildsRouter from './routes/guilds.js';
 import healthRouter from './routes/health.js';
 import membersRouter from './routes/members.js';
 import moderationRouter from './routes/moderation.js';
+import notificationsRouter from './routes/notifications.js';
+import performanceRouter from './routes/performance.js';
 import ticketsRouter from './routes/tickets.js';
 import webhooksRouter from './routes/webhooks.js';
 
@@ -58,7 +61,16 @@ router.use('/moderation', requireAuth(), auditLogMiddleware(), moderationRouter)
 // GET-only; no audit middleware needed (reads are not mutating actions)
 router.use('/guilds', requireAuth(), auditLogRouter);
 
+// Performance metrics — require x-api-secret (authenticated via route handler)
+router.use('/performance', performanceRouter);
+
+// Notification webhook management routes — require API secret or OAuth2 JWT
+router.use('/guilds', requireAuth(), auditLogMiddleware(), notificationsRouter);
+
 // Webhook routes — require API secret or OAuth2 JWT (endpoint further restricts to api-secret)
 router.use('/webhooks', requireAuth(), webhooksRouter);
 
+// Backup routes — require API secret or OAuth2 JWT
+router.use('/backups', requireAuth(), auditLogMiddleware(), backupRouter);
+
 export default router;

src/api/middleware/auditLog.js

@@ -7,6 +7,7 @@
 import { info, error as logError } from '../../logger.js';
 import { getConfig } from '../../modules/config.js';
 import { maskSensitiveFields } from '../utils/configAllowlist.js';
+import { broadcastAuditEntry } from '../ws/auditStream.js';
 
 /** HTTP methods considered mutating */
 const MUTATING_METHODS = new Set(['POST', 'PUT', 'PATCH', 'DELETE']);
@@ -104,7 +105,8 @@ function insertAuditEntry(pool, entry) {
   try {
     const result = pool.query(
       `INSERT INTO audit_logs (guild_id, user_id, action, target_type, target_id, details, ip_address)
-       VALUES ($1, $2, $3, $4, $5, $6, $7)`,
+       VALUES ($1, $2, $3, $4, $5, $6, $7)
+       RETURNING id, guild_id, user_id, action, target_type, target_id, details, ip_address, created_at`,
       [
         guildId || 'global',
         userId,
@@ -118,8 +120,26 @@ function insertAuditEntry(pool, entry) {
 
     if (result && typeof result.then === 'function') {
       result
-        .then(() => {
+        .then((insertResult) => {
           info('Audit log entry created', { action, guildId, userId });
+          // Broadcast to real-time audit log WebSocket clients
+          const row = insertResult?.rows?.[0];
+          const broadcastEntry = {
+            guild_id: guildId || 'global',
+            user_id: userId,
+            action,
+            target_type: targetType || null,
+            target_id: targetId || null,
+            details: details || null,
+            ip_address: ipAddress || null,
+            created_at: new Date().toISOString(),
+            ...(row || {}),
+          };
+          try {
+            broadcastAuditEntry(broadcastEntry);
+          } catch {
+            // Non-critical — streaming failure must not affect audit integrity
+          }
         })
         .catch((err) => {
           logError('Failed to insert audit log entry', { error: err.message, action, guildId });