From eeb59db9be44d419aba4870ad4211273cd4c62f2 Mon Sep 17 00:00:00 2001 From: zhaoyilun Date: Sun, 12 Jul 2026 12:45:58 +0800 Subject: [PATCH] docs: harden login reachability schema --- docs/go-mcp-minimal-plan.md | 30 +++++++- ...-12-login-reachability-validation-items.md | 76 ++++++++++++++++--- .../2026-07-12-send-upload-deep-dive.md | 23 +++--- .../capability-source-matrix.md | 6 +- scripts/extract-send-upload-deep-dive.ps1 | 51 ++++++++++--- 5 files changed, 148 insertions(+), 38 deletions(-) diff --git a/docs/go-mcp-minimal-plan.md b/docs/go-mcp-minimal-plan.md index 6b62394..2a5704c 100644 --- a/docs/go-mcp-minimal-plan.md +++ b/docs/go-mcp-minimal-plan.md @@ -10,6 +10,28 @@ --- +## 2026-07-12 Current Next Node Correction + +当前下一节点不再是泛化的 `N12-pre` 离线证据整理,也不是 A-route/RPA UI 演示。A-route/RPA 只保留为备选;主线继续走 B-route,也就是面向登录态客户端的 `in_process_adapter_research` / `in_process_contract`。 + +**当前主线节点:B-route 登录可达性 schema/probe package。** + +本节点的目标是在 2026-07-13 可登录环境执行前,把验证口径一次性补齐,避免明天反复采证。活动产物: + +- `docs/source-discovery/2026-07-12-login-reachability-validation-items.md` +- `docs/source-discovery/2026-07-12-send-upload-deep-dive.md` +- `docs/source-discovery/2026-07-12-inprocess-adapter-static-map.md` +- `docs/source-discovery/capability-source-matrix.md` + +本节点通过条件: + +1. 登录验证清单包含 P0 项:one-shot 测试目标、登录态 server/auth、in-process adapter 可达性、发送前后 sent-record 快照、sent-record 来源、结构化失败原因、消息/文件 ack 关联。 +2. `isphere_send_message` 只在 direct/group 目标、`AppContextManager` / `Chat` / `XMPPConnection` 可达、sent-record 内容哈希/ack 关联通过后解除生产阻塞。 +3. `isphere_send_file` 只在 `FileUploadPara`、`IFileTransfer.FileUpload`、`FileUploadResult.FileID`、`trans_UploadCompleted(fileId)` / `Chat.sendFileMessage`、文件 sent-record/ack 关联通过后解除生产阻塞。 +4. 外部 sidecar 仍是 preview/probe-only;A-route UIA/RPA 仍是 backup-only。 + +--- + ## 1. Node Tree ```text @@ -962,16 +984,16 @@ Every node must satisfy these rules: ## 4. Current Next Node -Current guidance after N0-N15 remote updates is: +Current guidance after the 2026-07-12 offline B-route audit and login-validation schema hardening is: ```text -当前下一步:MCP 核心工具合同冻结 + 只读消息源 discovery + N12-pre 证据包整理。 +当前下一步:B-route 登录可达性 schema/probe package;明天在可登录环境采集一次性证据。 ``` Immediate next action: ```text -Use `docs/mcp-core-tools-contract.md` and `docs/mcp-core-business-plan.md` as the active business route. Prioritize `isphere_search_contacts`, `isphere_search_groups`, `isphere_receive_messages`, and `isphere_receive_files`, then move `isphere_send_message` and `isphere_send_file` into Stage D after source discovery and connector verification. +Use `docs/source-discovery/2026-07-12-login-reachability-validation-items.md` as the active schema. Build the 2026-07-13 login reachability probe package around one-shot targets, runtime/server/auth state, in-process adapter reachability, before/after sent-record snapshots, structured failure reasons, and message/file ack correlation. ``` -N12-pre offline evidence remains pre-gate context. Existing UIA selector/report work is auxiliary evidence and fallback support only; the project core is MCP communication capability for contacts, groups, messages, and files. +Business status: contact search, group search, receive messages, and receive file-list remain the stable MCP foundation. `isphere_send_message` and `isphere_send_file` are implemented as preview/contract paths, but production send/file remains blocked until logged-in B-route reachability and sent-record/ack correlation pass. N12-pre/offline evidence remains pre-gate context. Existing UIA selector/report/RPA work is auxiliary evidence and fallback support only; the project core is MCP communication capability for contacts, groups, messages, and files. diff --git a/docs/source-discovery/2026-07-12-login-reachability-validation-items.md b/docs/source-discovery/2026-07-12-login-reachability-validation-items.md index aadca2d..a067567 100644 --- a/docs/source-discovery/2026-07-12-login-reachability-validation-items.md +++ b/docs/source-discovery/2026-07-12-login-reachability-validation-items.md @@ -2,56 +2,94 @@ Date: 2026-07-12 -Purpose: this is the operator-facing checklist for the 2026-07-13 logged-in environment. It is generated from the offline send/upload deep dive and should be used to build the one-shot reachability probe package. +Purpose: this is the operator-facing checklist for the 2026-07-13 logged-in environment. It is generated from the offline send/upload deep dive and should be used to build the one-shot reachability probe package. P0 items are blocking; production send remains disabled until all relevant P0 evidence is collected and correlated. + +## Operator rules + +- Run the probe only after the target iSphere/IMPlatformClient session is visibly logged in. +- Use a pre-agreed direct test JID and optional group test JID; record them in the output JSON. +- Use one-shot test content and one safe small test file; record SHA256 hashes, not raw sensitive content. +- Capture before/after sent-record snapshots around the one-shot send/upload test. +- Do not mark production ready unless ack/sent-record correlation is machine-verifiable. ## P0 items +### Define one-shot test targets and operator confirmation + +- Category: test_rule +- Evidence to capture: direct JID, optional group JID, self-send/sandbox-account flag, operator confirmation, one-send-only flag, test content/file hash seed +- Unlocks: reliable ack and sent-record correlation + +### Capture before/after sent-record snapshots + +- Category: snapshot +- Evidence to capture: before count/last summary, after count/last summary, target ref, content hash or file hash, timestamp window +- Unlocks: machine-verifiable send result + +### Identify sent-record and ack source paths + +- Category: sent_record_source +- Evidence to capture: MessageCenter::OnMessageSended availability, PacketReader/SaveToDB/MsgLib source availability, MCP audit ref, ack/ref id if present +- Unlocks: production gate evidence + +### Confirm in-process adapter reachability mode + +- Category: adapter_reachability +- Evidence to capture: process bitness, CLR/.NET version, user/session id, loaded managed assemblies, same-process/managed-harness/injection requirement, stop-condition reason if blocked +- Unlocks: B-route implementation decision + ### Confirm logged-in IMPlatformClient.exe process and loaded assemblies - Category: runtime -- Evidence to capture: process id, module list, loaded managed assemblies +- Evidence to capture: process id, module list, loaded managed assemblies, login/user presence without leaking credentials - Unlocks: all B-route adapter tests ### Confirm AppContextManager/IAppContextManager reachability - Category: runtime -- Evidence to capture: type visible, instance path, SendTxtMessageByJid callable shape +- Evidence to capture: type visible, instance path, SendTxtMessageByJid callable shape, direct/group chat type mapping - Unlocks: text send high-level path ### Confirm Chat/XMPPConnection authenticated state - Category: runtime -- Evidence to capture: Chat instance, XMPPConnection state, target JID mapping +- Evidence to capture: Chat instance, XMPPConnection state, target JID mapping, group ChatRoom branch if target is group - Unlocks: text and file message finalization ### Capture FileUploadPara required values without leaking token - Category: file_upload -- Evidence to capture: host, port, domain, local path presence, IsImg/IsPublic, token-present boolean/hash only +- Evidence to capture: host, port, domain, local path presence, IsImg/IsPublic, token-present boolean/hash only, timeout/cache flags if visible - Unlocks: upload_file probe ### Confirm IFileTransfer/FileTransfer.FileUpload reachability - Category: file_upload -- Evidence to capture: service instance or constructor path, method signature, safe call readiness +- Evidence to capture: service instance or constructor path, method signature, safe call readiness, HTTP status/failure channel mapping - Unlocks: file upload ### Confirm FileUploadResult.FileID after safe test upload - Category: file_upload_result -- Evidence to capture: FileID present, size/name or URL/remote folder metadata, failure code if upload fails +- Evidence to capture: FileID present, size/name or URL/remote folder metadata, HTTP status, service error code/message if upload fails - Unlocks: send_file_message ### Confirm trans_UploadCompleted/SendFileMessage consumes FileID - Category: send_file_message -- Evidence to capture: FileID enters payload, Chat.sendFileMessage invoked, sent file record/ack +- Evidence to capture: FileID enters payload, Chat.sendFileMessage invoked, sent file record/ack, failure reason if target/permission blocks - Unlocks: production file send +### Capture structured failure reasons for every probe step + +- Category: failure_reason +- Evidence to capture: step name, exception type, error code, message, offline/permission/target-not-found/token/file-size/file-type/network-timeout classification +- Unlocks: actionable next decision when probe fails + ### Correlate sent record/ack with content hash or file hash - Category: ack -- Evidence to capture: sent record timestamp, target ref, body/file metadata hash, ack/ref id +- Evidence to capture: sent record source, timestamp, target ref, body/file metadata hash, ack/ref id, before/after snapshot diff - Unlocks: production gate ## P1 items @@ -59,7 +97,7 @@ Purpose: this is the operator-facing checklist for the 2026-07-13 logged-in envi ### Confirm group ChatRoom branch and permissions - Category: group -- Evidence to capture: ChatRoom type, speech/upload permission state, group JID +- Evidence to capture: ChatRoom type, speech/upload permission state, group JID, mute/permission failure reason - Unlocks: group send/file send ### If B-route reachability fails, capture A-route UI evidence @@ -68,8 +106,24 @@ Purpose: this is the operator-facing checklist for the 2026-07-13 logged-in envi - Evidence to capture: window hwnd, rtbSendMessage, btnSend, screenshots, failure reason - Unlocks: demo fallback only +## Required output schema + +Every probe run should emit JSON with these top-level sections: + +- `run`: timestamp, machine, operator confirmation, one-shot flags. +- `targets`: direct JID, optional group JID, target type, source of target selection. +- `runtime`: process id, bitness, CLR/.NET version, user/session, loaded assemblies. +- `reachability`: AppContextManager, MessageScheduling, Chat, XMPPConnection, IFileTransfer, FileUploadPara, FileUploadResult, Chat.sendFileMessage. +- `server_auth`: host, port, domain, token_present, token_hash_prefix only, accessToken/clientId presence when visible. +- `snapshots`: before/after counts and last-record summaries for sent-record sources. +- `attempts`: probe-only, optional one-shot text, optional safe upload, optional file-message finalization. +- `failures`: structured failure code, exception type, message, classification, next action. +- `correlation`: content/file hash match, target match, timestamp window, ack/ref id. + ## Pass criteria - Text send can move forward when logged-in runtime exposes AppContextManager or MessageScheduling plus Chat/XMPPConnection and sent-record/ack correlation is possible. - File send can move forward when logged-in runtime exposes IFileTransfer/FileUpload, FileUploadPara values, FileUploadResult.FileID, and Chat.sendFileMessage finalization evidence. -- Production remains blocked if any P0 item is missing or only static evidence is available. +- Production remains blocked if any P0 item is missing, if failure reasons are unstructured, or if only static evidence is available. +- Text production can move forward only when one-shot target, before/after snapshot, sent-record source, and content-hash/ack correlation all pass. +- File production can move forward only when FileUploadPara values, IFileTransfer reachability, FileUploadResult.FileID, file-message finalization, and file sent-record/ack correlation all pass. diff --git a/docs/source-discovery/2026-07-12-send-upload-deep-dive.md b/docs/source-discovery/2026-07-12-send-upload-deep-dive.md index cf03cd1..1618ddf 100644 --- a/docs/source-discovery/2026-07-12-send-upload-deep-dive.md +++ b/docs/source-discovery/2026-07-12-send-upload-deep-dive.md @@ -46,15 +46,20 @@ Offline deep dive confirms the remaining work is not generic sending code. The b | Priority | Category | Validation item | Evidence to capture | Unlocks | | --- | --- | --- | --- | --- | -| P0 | runtime | Confirm logged-in IMPlatformClient.exe process and loaded assemblies | process id, module list, loaded managed assemblies | all B-route adapter tests | -| P0 | runtime | Confirm AppContextManager/IAppContextManager reachability | type visible, instance path, SendTxtMessageByJid callable shape | text send high-level path | -| P0 | runtime | Confirm Chat/XMPPConnection authenticated state | Chat instance, XMPPConnection state, target JID mapping | text and file message finalization | -| P0 | file_upload | Capture FileUploadPara required values without leaking token | host, port, domain, local path presence, IsImg/IsPublic, token-present boolean/hash only | upload_file probe | -| P0 | file_upload | Confirm IFileTransfer/FileTransfer.FileUpload reachability | service instance or constructor path, method signature, safe call readiness | file upload | -| P0 | file_upload_result | Confirm FileUploadResult.FileID after safe test upload | FileID present, size/name or URL/remote folder metadata, failure code if upload fails | send_file_message | -| P0 | send_file_message | Confirm trans_UploadCompleted/SendFileMessage consumes FileID | FileID enters payload, Chat.sendFileMessage invoked, sent file record/ack | production file send | -| P0 | ack | Correlate sent record/ack with content hash or file hash | sent record timestamp, target ref, body/file metadata hash, ack/ref id | production gate | -| P1 | group | Confirm group ChatRoom branch and permissions | ChatRoom type, speech/upload permission state, group JID | group send/file send | +| P0 | test_rule | Define one-shot test targets and operator confirmation | direct JID, optional group JID, self-send/sandbox-account flag, operator confirmation, one-send-only flag, test content/file hash seed | reliable ack and sent-record correlation | +| P0 | snapshot | Capture before/after sent-record snapshots | before count/last summary, after count/last summary, target ref, content hash or file hash, timestamp window | machine-verifiable send result | +| P0 | sent_record_source | Identify sent-record and ack source paths | MessageCenter::OnMessageSended availability, PacketReader/SaveToDB/MsgLib source availability, MCP audit ref, ack/ref id if present | production gate evidence | +| P0 | adapter_reachability | Confirm in-process adapter reachability mode | process bitness, CLR/.NET version, user/session id, loaded managed assemblies, same-process/managed-harness/injection requirement, stop-condition reason if blocked | B-route implementation decision | +| P0 | runtime | Confirm logged-in IMPlatformClient.exe process and loaded assemblies | process id, module list, loaded managed assemblies, login/user presence without leaking credentials | all B-route adapter tests | +| P0 | runtime | Confirm AppContextManager/IAppContextManager reachability | type visible, instance path, SendTxtMessageByJid callable shape, direct/group chat type mapping | text send high-level path | +| P0 | runtime | Confirm Chat/XMPPConnection authenticated state | Chat instance, XMPPConnection state, target JID mapping, group ChatRoom branch if target is group | text and file message finalization | +| P0 | file_upload | Capture FileUploadPara required values without leaking token | host, port, domain, local path presence, IsImg/IsPublic, token-present boolean/hash only, timeout/cache flags if visible | upload_file probe | +| P0 | file_upload | Confirm IFileTransfer/FileTransfer.FileUpload reachability | service instance or constructor path, method signature, safe call readiness, HTTP status/failure channel mapping | file upload | +| P0 | file_upload_result | Confirm FileUploadResult.FileID after safe test upload | FileID present, size/name or URL/remote folder metadata, HTTP status, service error code/message if upload fails | send_file_message | +| P0 | send_file_message | Confirm trans_UploadCompleted/SendFileMessage consumes FileID | FileID enters payload, Chat.sendFileMessage invoked, sent file record/ack, failure reason if target/permission blocks | production file send | +| P0 | failure_reason | Capture structured failure reasons for every probe step | step name, exception type, error code, message, offline/permission/target-not-found/token/file-size/file-type/network-timeout classification | actionable next decision when probe fails | +| P0 | ack | Correlate sent record/ack with content hash or file hash | sent record source, timestamp, target ref, body/file metadata hash, ack/ref id, before/after snapshot diff | production gate | +| P1 | group | Confirm group ChatRoom branch and permissions | ChatRoom type, speech/upload permission state, group JID, mute/permission failure reason | group send/file send | | P1 | fallback | If B-route reachability fails, capture A-route UI evidence | window hwnd, rtbSendMessage, btnSend, screenshots, failure reason | demo fallback only | ## Evidence by item diff --git a/docs/source-discovery/capability-source-matrix.md b/docs/source-discovery/capability-source-matrix.md index e8d26ef..e79c822 100644 --- a/docs/source-discovery/capability-source-matrix.md +++ b/docs/source-discovery/capability-source-matrix.md @@ -45,8 +45,8 @@ Route rule: UIA helper / A-route / RPA is a backup route only. It can preserve d | `isphere_search_contacts` | bare sender/receiver JIDs extracted from normalized log-backed messages loaded from configured PacketReader file or directory source | validated copied `MsgLib.db` tables: `TD_Roster`, `TD_CustomEffigy`, `tblRecent`, `tblChatLevel`, `tblPersonMsg`; decrypted roster/contact stanzas from `Smark.SendReceive`; UIA helper source if display names are still missing | `docs/source-discovery/2026-07-10-msglib-readonly-schema-extraction.md`; `internal/isphere/contacts_test.go`; `internal/tools/isphere_contacts_test.go` | C34 documents optional MsgLib contact display enrichment; R2 adds deterministic exact-match-first ranking, case-insensitive de-duplication across log/MsgLib candidates, and preserves `source`/`raw_ref` | core contact search complete; optional richer fields later | | `isphere_search_groups` | decrypted `PacketReader.ProcessPacket` `type="groupchat"` stanzas and conference/MUC JIDs loaded from configured PacketReader file or directory source | validated copied `MsgLib.db` tables: `tblMsgGroupPersonMsg`, `TD_WorkGroupAuth`, `tblRecent`; UIA helper source if group display names are still missing | `docs/source-discovery/2026-07-10-msglib-readonly-schema-extraction.md`; `internal/isphere/groups_test.go`; `internal/tools/isphere_groups_test.go`; C9 ignored-log scan: PacketReader 86 groupchat/86 conference hits; Smark 24 groupchat/658 conference/631 muc hits | C34 documents optional MsgLib group display enrichment; R2 adds deterministic exact-match-first ranking, case-insensitive de-duplication across log/MsgLib candidates, and preserves `source`/`raw_ref` | core group search complete; optional member/owner hierarchy later | | `isphere_receive_files` | decrypted `PacketReader.ProcessPacket` file-transfer message stanzas via `internal/isphere.ListFilesFromMessages` and `isphere_receive_files` list mode; configured PacketReader file or directory source; `zyl\importal\` cache entries remain unlinked | MsgLib `TD_ReceiveFileRecord` safe metadata through explicit copied-DB path; decrypted `Smark.SendReceive` and `SaveToDB` traces for file-reference reconciliation; future UIA/client connector for download | `docs/source-discovery/2026-07-09-n12-pre-zyl-schema-notes.md#c12-file-transfer-evidence-precheck`; `docs/source-discovery/2026-07-10-file-download-mapping-precheck.md`; `docs/source-discovery/2026-07-10-file-cache-mapping-diagnostic.md`; `docs/source-discovery/2026-07-10-file-download-mapping-v2.md`; `docs/reports/2026-07-10-business-goals-smoke.md` | C22 verifies safe file-list contract args; R10 proves resolver scoring with fixture accepted matches; R11 adds structured download preview with `blocked`/`planned` status and side-effect flags false; R13/R14 confirms list is ready but real download is still blocked. | blocked for real download pending accepted real cache mapping and copy gate; list mode is complete | -| `isphere_send_message` | B-route selected: `in_process_adapter_research` after offline reverse. Static call path is confirmed through `AppContextManager.SendTxtMessageByJid(...)`, `MessageScheduling.SendChatMessage(...)`, `Chat.SendMessage`, and `XMPPConnection.send`, but no existing IPC/plugin/local HTTP send bridge is confirmed; default MCP tool still exposes preview/dry-run unless an explicit connector mode is configured | A-route fallback is now implemented for UI action: `ISPHERE_SEND_CONNECTOR_MODE=uia_rpa` calls WinHelper `uia_send_message` against a configured HWND, writes `rtbSendMessage`, and clicks `btnSend`; this stays backup-only and network/protocol replay remains deferred | `docs/source-discovery/2026-07-10-send-message-source-precheck.md`; `docs/source-discovery/2026-07-10-send-message-connector-selection.md`; `docs/source-discovery/2026-07-10-send-sidecar-b-first-plan.md`; `docs/source-discovery/2026-07-10-returned-live-probe-analysis.md`; `docs/source-discovery/2026-07-10-send-connector-preflight.md`; `docs/source-discovery/2026-07-10-send-sandbox-gate.md`; `docs/source-discovery/2026-07-10-returned-send-sandbox-analysis.md`; `docs/source-discovery/2026-07-10-returned-send-sandbox-analysis-v2.md`; `docs/source-discovery/2026-07-10-returned-send-sent-record-diagnostic.md`; `docs/source-discovery/2026-07-11-a-route-uia-send.md`; `docs/source-discovery/2026-07-11-a-route-open-real-chat-window.md`; `docs/source-discovery/2026-07-12-broute-text-send-static-map.md`; `docs/source-discovery/2026-07-12-broute-bridge-static-map.md`; `docs/source-discovery/2026-07-12-offline-broute-reverse-decision.md`; `docs/source-discovery/2026-07-12-inprocess-adapter-static-map.md`; `docs/source-discovery/2026-07-12-send-upload-deep-dive.md`; `docs/source-discovery/2026-07-12-login-reachability-validation-items.md`; `internal/tools/isphere_send_message_test.go`; `cmd/isphere-capability-smoke/main.go`; `docs/reports/2026-07-10-business-goals-smoke.md` | R6f-R6l define connector contract, audit/idempotency replay, production gate, B-route shell, strict-v2 package, and explicit production closure. R10a validates two returned sent-record packages as manual-only evidence. A-route adds local UI action readiness: synthetic window proof plus real offline `frmP2PChat` open/write/click target proof. Offline B-route reverse confirms the send call path but rejects existing IPC/plugin-first for this evidence set; business delivery is still not verified because local runtime is offline and no success/ack or sent-record hash evidence has passed. | B-route now exposes only the `in_process_contract` connector mode for request-shape/audit validation; next work is the 2026-07-13 login reachability probe covering AppContextManager/IAppContextManager, Chat/XMPPConnection, target JID mapping, and sent-record/content-hash/ack correlation; keep external sidecar preview/probe-only and A-route UI action backup-only; production remains blocked until those P0 items pass | -| `isphere_send_file` | B-route selected after offline reverse: managed file send is upload-first through `OffLineFileSend.sendFile()`, `FileUploadPara`, `IMPP.Service*.dll` `IFileTransfer.FileUpload(...)`, then chat file-message finalization through `trans_UploadCompleted(fileId)`, `MessageScheduling.SendFileMessage`, and `Chat.sendFileMessage(...)`; current MCP tool exposes preview/dry-run only | A-route file fallback is not implemented yet; real offline UIA dump did not expose stable `btnSendFile`, so the fallback slice remains toolbar/menu locator discovery; native `TcpFileTransfer.dll` is not the first B-route bridge because managed upload/message flow is now mapped | `docs/source-discovery/2026-07-10-send-message-source-precheck.md`; `docs/source-discovery/2026-07-10-send-message-connector-selection.md`; `docs/source-discovery/2026-07-10-send-sidecar-b-first-plan.md`; `docs/source-discovery/2026-07-10-returned-live-probe-analysis.md`; `docs/source-discovery/2026-07-10-send-connector-preflight.md`; `docs/source-discovery/2026-07-10-send-file-sandbox-gate.md`; `docs/source-discovery/2026-07-11-a-route-open-real-chat-window.md`; `docs/source-discovery/2026-07-12-broute-file-send-static-map.md`; `docs/source-discovery/2026-07-12-broute-bridge-static-map.md`; `docs/source-discovery/2026-07-12-offline-broute-reverse-decision.md`; `docs/source-discovery/2026-07-12-inprocess-adapter-static-map.md`; `docs/source-discovery/2026-07-12-send-upload-deep-dive.md`; `docs/source-discovery/2026-07-12-login-reachability-validation-items.md`; `internal/tools/isphere_files_test.go`; `docs/reports/2026-07-10-business-goals-smoke.md` | R7 registers send-file preview as the tenth MCP tool; R8 adds audit/idempotency duplicate/conflict hardening without raw file paths/content; R9 builds and verifies the online send-file evidence package; R13/R14 confirms preview is ready and production upload remains blocked. Offline B-route reverse confirms upload-first/file-message-second and shows file id/auth/runtime reachability are the blockers. A-route real-window work confirms file-button automation still needs a separate locator node. | blocked until the login reachability probe proves `FileUploadPara` host/port/domain/local path/token presence, logged-in access to `IFileTransfer.FileUpload`, returned `FileUploadResult.FileID`, and `Chat.sendFileMessage` finalization; production file upload/send remains blocked until online upload plus sent-record/ack evidence exists; A-route locator remains backup-only | +| `isphere_send_message` | B-route selected: `in_process_adapter_research` after offline reverse. Static call path is confirmed through `AppContextManager.SendTxtMessageByJid(...)`, `MessageScheduling.SendChatMessage(...)`, `Chat.SendMessage`, and `XMPPConnection.send`, but no existing IPC/plugin/local HTTP send bridge is confirmed; default MCP tool still exposes preview/dry-run unless an explicit connector mode is configured | A-route fallback is now implemented for UI action: `ISPHERE_SEND_CONNECTOR_MODE=uia_rpa` calls WinHelper `uia_send_message` against a configured HWND, writes `rtbSendMessage`, and clicks `btnSend`; this stays backup-only and network/protocol replay remains deferred | `docs/source-discovery/2026-07-10-send-message-source-precheck.md`; `docs/source-discovery/2026-07-10-send-message-connector-selection.md`; `docs/source-discovery/2026-07-10-send-sidecar-b-first-plan.md`; `docs/source-discovery/2026-07-10-returned-live-probe-analysis.md`; `docs/source-discovery/2026-07-10-send-connector-preflight.md`; `docs/source-discovery/2026-07-10-send-sandbox-gate.md`; `docs/source-discovery/2026-07-10-returned-send-sandbox-analysis.md`; `docs/source-discovery/2026-07-10-returned-send-sandbox-analysis-v2.md`; `docs/source-discovery/2026-07-10-returned-send-sent-record-diagnostic.md`; `docs/source-discovery/2026-07-11-a-route-uia-send.md`; `docs/source-discovery/2026-07-11-a-route-open-real-chat-window.md`; `docs/source-discovery/2026-07-12-broute-text-send-static-map.md`; `docs/source-discovery/2026-07-12-broute-bridge-static-map.md`; `docs/source-discovery/2026-07-12-offline-broute-reverse-decision.md`; `docs/source-discovery/2026-07-12-inprocess-adapter-static-map.md`; `docs/source-discovery/2026-07-12-send-upload-deep-dive.md`; `docs/source-discovery/2026-07-12-login-reachability-validation-items.md`; `internal/tools/isphere_send_message_test.go`; `cmd/isphere-capability-smoke/main.go`; `docs/reports/2026-07-10-business-goals-smoke.md` | R6f-R6l define connector contract, audit/idempotency replay, production gate, B-route shell, strict-v2 package, and explicit production closure. R10a validates two returned sent-record packages as manual-only evidence. A-route adds local UI action readiness: synthetic window proof plus real offline `frmP2PChat` open/write/click target proof. Offline B-route reverse confirms the send call path but rejects existing IPC/plugin-first for this evidence set; business delivery is still not verified because local runtime is offline and no success/ack or sent-record hash evidence has passed. | B-route now exposes only the `in_process_contract` connector mode for request-shape/audit validation; next work is the 2026-07-13 login reachability probe using `docs/source-discovery/2026-07-12-login-reachability-validation-items.md` as the active schema: one-shot direct/group target rule, AppContextManager/IAppContextManager and Chat/XMPPConnection reachability, in-process adapter reachability mode, before/after sent-record snapshots, sent-record source identification, structured failure reasons, and content-hash/ack correlation; keep external sidecar preview/probe-only and A-route UI action backup-only; production remains blocked until those P0 items pass | +| `isphere_send_file` | B-route selected after offline reverse: managed file send is upload-first through `OffLineFileSend.sendFile()`, `FileUploadPara`, `IMPP.Service*.dll` `IFileTransfer.FileUpload(...)`, then chat file-message finalization through `trans_UploadCompleted(fileId)`, `MessageScheduling.SendFileMessage`, and `Chat.sendFileMessage(...)`; current MCP tool exposes preview/dry-run only | A-route file fallback is not implemented yet; real offline UIA dump did not expose stable `btnSendFile`, so the fallback slice remains toolbar/menu locator discovery; native `TcpFileTransfer.dll` is not the first B-route bridge because managed upload/message flow is now mapped | `docs/source-discovery/2026-07-10-send-message-source-precheck.md`; `docs/source-discovery/2026-07-10-send-message-connector-selection.md`; `docs/source-discovery/2026-07-10-send-sidecar-b-first-plan.md`; `docs/source-discovery/2026-07-10-returned-live-probe-analysis.md`; `docs/source-discovery/2026-07-10-send-connector-preflight.md`; `docs/source-discovery/2026-07-10-send-file-sandbox-gate.md`; `docs/source-discovery/2026-07-11-a-route-open-real-chat-window.md`; `docs/source-discovery/2026-07-12-broute-file-send-static-map.md`; `docs/source-discovery/2026-07-12-broute-bridge-static-map.md`; `docs/source-discovery/2026-07-12-offline-broute-reverse-decision.md`; `docs/source-discovery/2026-07-12-inprocess-adapter-static-map.md`; `docs/source-discovery/2026-07-12-send-upload-deep-dive.md`; `docs/source-discovery/2026-07-12-login-reachability-validation-items.md`; `internal/tools/isphere_files_test.go`; `docs/reports/2026-07-10-business-goals-smoke.md` | R7 registers send-file preview as the tenth MCP tool; R8 adds audit/idempotency duplicate/conflict hardening without raw file paths/content; R9 builds and verifies the online send-file evidence package; R13/R14 confirms preview is ready and production upload remains blocked. Offline B-route reverse confirms upload-first/file-message-second and shows file id/auth/runtime reachability are the blockers. A-route real-window work confirms file-button automation still needs a separate locator node. | blocked until the login reachability probe proves `FileUploadPara` host/port/domain/local path/token presence or hash-only token evidence, logged-in access to `IFileTransfer.FileUpload`, returned `FileUploadResult.FileID`, `trans_UploadCompleted(fileId)` / `Chat.sendFileMessage` finalization, structured failure reasons, before/after sent-record snapshots, and file hash/ack correlation; production file upload/send remains blocked until online upload plus sent-record/ack evidence exists; A-route locator remains backup-only | ## Stage C entry rule @@ -63,4 +63,4 @@ Start Stage C with a narrow log-backed `isphere_receive_messages` source abstrac ## Deferred source work -`MsgLib.db` has a validated copied read-only open path through the bundled 32-bit `System.Data.SQLite.dll` and password `123`. C27 adds `MsgLibReadSidecar` as the bounded x86 .NET reader boundary, C28 adds the Go `internal/msglib` process client, C29 adds bounded `display_entities` extraction, C30 wires it as optional contact/group MCP enrichment, C31 proves real copied-DB MCP enrichment with sanitized output, C32 reuses it for receive-message display fields, C33 proves that receive display path through a real copied-DB MCP smoke without printing entity values, C34 documents the operator setup/verification path, C35 maps MsgLib message tables to receive-message contract fields without reading row values, C36 adds metadata-only `message_sources` readiness, C37 defines the bounded DB-backed receive-source design, C38 implements sidecar/Go-wrapper `list_messages` with sanitized verification, C39 adds a Go adapter from MsgLib list results to the receive-message domain model, C40 adds explicit tool-level `msglib_readonly` source selection, C41 wires env-configured explicit MsgLib receive with optional sanitized smoke, R1 documents source reconciliation keys, and R2 hardens contact/group search ranking and de-duplication. R6j/R6k confirm the send-message strict-v2 production gate is still not passed; R10a confirms the returned sent-record packages are manual-only evidence and do not unlock production send; R10/R11 define file-download resolver/preview behavior while keeping real copy blocked; R12 adds receive-source reconciliation without changing default routing; R13/R14 publish business-goals smoke and the release-candidate status. A-route now proves UI write/click readiness against synthetic and real offline chat windows, but not online delivery. The active B-route follow-up is now the login reachability probe path in `docs/source-discovery/2026-07-12-login-reachability-validation-items.md`, generated from `docs/source-discovery/2026-07-12-send-upload-deep-dive.md`: validate logged-in adapter reachability before production send/file work. A-route RPA remains backup-only under `docs/superpowers/plans/2026-07-11-a-route-rpa-send.md`. +`MsgLib.db` has a validated copied read-only open path through the bundled 32-bit `System.Data.SQLite.dll` and password `123`. C27 adds `MsgLibReadSidecar` as the bounded x86 .NET reader boundary, C28 adds the Go `internal/msglib` process client, C29 adds bounded `display_entities` extraction, C30 wires it as optional contact/group MCP enrichment, C31 proves real copied-DB MCP enrichment with sanitized output, C32 reuses it for receive-message display fields, C33 proves that receive display path through a real copied-DB MCP smoke without printing entity values, C34 documents the operator setup/verification path, C35 maps MsgLib message tables to receive-message contract fields without reading row values, C36 adds metadata-only `message_sources` readiness, C37 defines the bounded DB-backed receive-source design, C38 implements sidecar/Go-wrapper `list_messages` with sanitized verification, C39 adds a Go adapter from MsgLib list results to the receive-message domain model, C40 adds explicit tool-level `msglib_readonly` source selection, C41 wires env-configured explicit MsgLib receive with optional sanitized smoke, R1 documents source reconciliation keys, and R2 hardens contact/group search ranking and de-duplication. R6j/R6k confirm the send-message strict-v2 production gate is still not passed; R10a confirms the returned sent-record packages are manual-only evidence and do not unlock production send; R10/R11 define file-download resolver/preview behavior while keeping real copy blocked; R12 adds receive-source reconciliation without changing default routing; R13/R14 publish business-goals smoke and the release-candidate status. A-route now proves UI write/click readiness against synthetic and real offline chat windows, but not online delivery. The active B-route follow-up is now the login reachability probe path in `docs/source-discovery/2026-07-12-login-reachability-validation-items.md`, generated from `docs/source-discovery/2026-07-12-send-upload-deep-dive.md`: validate logged-in adapter reachability with one-shot targets, structured failure reasons, before/after sent-record snapshots, in-process adapter reachability mode, and message/file ack correlation before production send/file work. A-route RPA remains backup-only under `docs/superpowers/plans/2026-07-11-a-route-rpa-send.md`. diff --git a/scripts/extract-send-upload-deep-dive.ps1 b/scripts/extract-send-upload-deep-dive.ps1 index 0f1eedc..ea46ebd 100644 --- a/scripts/extract-send-upload-deep-dive.ps1 +++ b/scripts/extract-send-upload-deep-dive.ps1 @@ -224,15 +224,20 @@ $itemResults = foreach ($item in $items) { } $newValidationItems = @( - [pscustomobject]@{ priority = "P0"; category = "runtime"; item = "Confirm logged-in IMPlatformClient.exe process and loaded assemblies"; evidence = "process id, module list, loaded managed assemblies"; unlocks = "all B-route adapter tests" }, - [pscustomobject]@{ priority = "P0"; category = "runtime"; item = "Confirm AppContextManager/IAppContextManager reachability"; evidence = "type visible, instance path, SendTxtMessageByJid callable shape"; unlocks = "text send high-level path" }, - [pscustomobject]@{ priority = "P0"; category = "runtime"; item = "Confirm Chat/XMPPConnection authenticated state"; evidence = "Chat instance, XMPPConnection state, target JID mapping"; unlocks = "text and file message finalization" }, - [pscustomobject]@{ priority = "P0"; category = "file_upload"; item = "Capture FileUploadPara required values without leaking token"; evidence = "host, port, domain, local path presence, IsImg/IsPublic, token-present boolean/hash only"; unlocks = "upload_file probe" }, - [pscustomobject]@{ priority = "P0"; category = "file_upload"; item = "Confirm IFileTransfer/FileTransfer.FileUpload reachability"; evidence = "service instance or constructor path, method signature, safe call readiness"; unlocks = "file upload" }, - [pscustomobject]@{ priority = "P0"; category = "file_upload_result"; item = "Confirm FileUploadResult.FileID after safe test upload"; evidence = "FileID present, size/name or URL/remote folder metadata, failure code if upload fails"; unlocks = "send_file_message" }, - [pscustomobject]@{ priority = "P0"; category = "send_file_message"; item = "Confirm trans_UploadCompleted/SendFileMessage consumes FileID"; evidence = "FileID enters payload, Chat.sendFileMessage invoked, sent file record/ack"; unlocks = "production file send" }, - [pscustomobject]@{ priority = "P0"; category = "ack"; item = "Correlate sent record/ack with content hash or file hash"; evidence = "sent record timestamp, target ref, body/file metadata hash, ack/ref id"; unlocks = "production gate" }, - [pscustomobject]@{ priority = "P1"; category = "group"; item = "Confirm group ChatRoom branch and permissions"; evidence = "ChatRoom type, speech/upload permission state, group JID"; unlocks = "group send/file send" }, + [pscustomobject]@{ priority = "P0"; category = "test_rule"; item = "Define one-shot test targets and operator confirmation"; evidence = "direct JID, optional group JID, self-send/sandbox-account flag, operator confirmation, one-send-only flag, test content/file hash seed"; unlocks = "reliable ack and sent-record correlation" }, + [pscustomobject]@{ priority = "P0"; category = "snapshot"; item = "Capture before/after sent-record snapshots"; evidence = "before count/last summary, after count/last summary, target ref, content hash or file hash, timestamp window"; unlocks = "machine-verifiable send result" }, + [pscustomobject]@{ priority = "P0"; category = "sent_record_source"; item = "Identify sent-record and ack source paths"; evidence = "MessageCenter::OnMessageSended availability, PacketReader/SaveToDB/MsgLib source availability, MCP audit ref, ack/ref id if present"; unlocks = "production gate evidence" }, + [pscustomobject]@{ priority = "P0"; category = "adapter_reachability"; item = "Confirm in-process adapter reachability mode"; evidence = "process bitness, CLR/.NET version, user/session id, loaded managed assemblies, same-process/managed-harness/injection requirement, stop-condition reason if blocked"; unlocks = "B-route implementation decision" }, + [pscustomobject]@{ priority = "P0"; category = "runtime"; item = "Confirm logged-in IMPlatformClient.exe process and loaded assemblies"; evidence = "process id, module list, loaded managed assemblies, login/user presence without leaking credentials"; unlocks = "all B-route adapter tests" }, + [pscustomobject]@{ priority = "P0"; category = "runtime"; item = "Confirm AppContextManager/IAppContextManager reachability"; evidence = "type visible, instance path, SendTxtMessageByJid callable shape, direct/group chat type mapping"; unlocks = "text send high-level path" }, + [pscustomobject]@{ priority = "P0"; category = "runtime"; item = "Confirm Chat/XMPPConnection authenticated state"; evidence = "Chat instance, XMPPConnection state, target JID mapping, group ChatRoom branch if target is group"; unlocks = "text and file message finalization" }, + [pscustomobject]@{ priority = "P0"; category = "file_upload"; item = "Capture FileUploadPara required values without leaking token"; evidence = "host, port, domain, local path presence, IsImg/IsPublic, token-present boolean/hash only, timeout/cache flags if visible"; unlocks = "upload_file probe" }, + [pscustomobject]@{ priority = "P0"; category = "file_upload"; item = "Confirm IFileTransfer/FileTransfer.FileUpload reachability"; evidence = "service instance or constructor path, method signature, safe call readiness, HTTP status/failure channel mapping"; unlocks = "file upload" }, + [pscustomobject]@{ priority = "P0"; category = "file_upload_result"; item = "Confirm FileUploadResult.FileID after safe test upload"; evidence = "FileID present, size/name or URL/remote folder metadata, HTTP status, service error code/message if upload fails"; unlocks = "send_file_message" }, + [pscustomobject]@{ priority = "P0"; category = "send_file_message"; item = "Confirm trans_UploadCompleted/SendFileMessage consumes FileID"; evidence = "FileID enters payload, Chat.sendFileMessage invoked, sent file record/ack, failure reason if target/permission blocks"; unlocks = "production file send" }, + [pscustomobject]@{ priority = "P0"; category = "failure_reason"; item = "Capture structured failure reasons for every probe step"; evidence = "step name, exception type, error code, message, offline/permission/target-not-found/token/file-size/file-type/network-timeout classification"; unlocks = "actionable next decision when probe fails" }, + [pscustomobject]@{ priority = "P0"; category = "ack"; item = "Correlate sent record/ack with content hash or file hash"; evidence = "sent record source, timestamp, target ref, body/file metadata hash, ack/ref id, before/after snapshot diff"; unlocks = "production gate" }, + [pscustomobject]@{ priority = "P1"; category = "group"; item = "Confirm group ChatRoom branch and permissions"; evidence = "ChatRoom type, speech/upload permission state, group JID, mute/permission failure reason"; unlocks = "group send/file send" }, [pscustomobject]@{ priority = "P1"; category = "fallback"; item = "If B-route reachability fails, capture A-route UI evidence"; evidence = "window hwnd, rtbSendMessage, btnSend, screenshots, failure reason"; unlocks = "demo fallback only" } ) @@ -332,7 +337,15 @@ $validation.Add("# Login Reachability Validation Items") $validation.Add("") $validation.Add("Date: 2026-07-12") $validation.Add("") -$validation.Add("Purpose: this is the operator-facing checklist for the 2026-07-13 logged-in environment. It is generated from the offline send/upload deep dive and should be used to build the one-shot reachability probe package.") +$validation.Add("Purpose: this is the operator-facing checklist for the 2026-07-13 logged-in environment. It is generated from the offline send/upload deep dive and should be used to build the one-shot reachability probe package. P0 items are blocking; production send remains disabled until all relevant P0 evidence is collected and correlated.") +$validation.Add("") +$validation.Add("## Operator rules") +$validation.Add("") +$validation.Add("- Run the probe only after the target iSphere/IMPlatformClient session is visibly logged in.") +$validation.Add("- Use a pre-agreed direct test JID and optional group test JID; record them in the output JSON.") +$validation.Add("- Use one-shot test content and one safe small test file; record SHA256 hashes, not raw sensitive content.") +$validation.Add("- Capture before/after sent-record snapshots around the one-shot send/upload test.") +$validation.Add("- Do not mark production ready unless ack/sent-record correlation is machine-verifiable.") $validation.Add("") $validation.Add("## P0 items") $validation.Add("") @@ -354,11 +367,27 @@ foreach ($v in $newValidationItems | Where-Object { $_.priority -eq "P1" }) { $validation.Add("- Unlocks: $($v.unlocks)") $validation.Add("") } +$validation.Add("## Required output schema") +$validation.Add("") +$validation.Add("Every probe run should emit JSON with these top-level sections:") +$validation.Add("") +$validation.Add("- ``run``: timestamp, machine, operator confirmation, one-shot flags.") +$validation.Add("- ``targets``: direct JID, optional group JID, target type, source of target selection.") +$validation.Add("- ``runtime``: process id, bitness, CLR/.NET version, user/session, loaded assemblies.") +$validation.Add("- ``reachability``: AppContextManager, MessageScheduling, Chat, XMPPConnection, IFileTransfer, FileUploadPara, FileUploadResult, Chat.sendFileMessage.") +$validation.Add("- ``server_auth``: host, port, domain, token_present, token_hash_prefix only, accessToken/clientId presence when visible.") +$validation.Add("- ``snapshots``: before/after counts and last-record summaries for sent-record sources.") +$validation.Add("- ``attempts``: probe-only, optional one-shot text, optional safe upload, optional file-message finalization.") +$validation.Add("- ``failures``: structured failure code, exception type, message, classification, next action.") +$validation.Add("- ``correlation``: content/file hash match, target match, timestamp window, ack/ref id.") +$validation.Add("") $validation.Add("## Pass criteria") $validation.Add("") $validation.Add("- Text send can move forward when logged-in runtime exposes AppContextManager or MessageScheduling plus Chat/XMPPConnection and sent-record/ack correlation is possible.") $validation.Add("- File send can move forward when logged-in runtime exposes IFileTransfer/FileUpload, FileUploadPara values, FileUploadResult.FileID, and Chat.sendFileMessage finalization evidence.") -$validation.Add("- Production remains blocked if any P0 item is missing or only static evidence is available.") +$validation.Add("- Production remains blocked if any P0 item is missing, if failure reasons are unstructured, or if only static evidence is available.") +$validation.Add("- Text production can move forward only when one-shot target, before/after snapshot, sent-record source, and content-hash/ack correlation all pass.") +$validation.Add("- File production can move forward only when FileUploadPara values, IFileTransfer reachability, FileUploadResult.FileID, file-message finalization, and file sent-record/ack correlation all pass.") Write-Utf8NoBomLf $validationFullPath ($validation -join "`n")