rose-ash/next/tests/inbox.sh

#!/usr/bin/env bash
# next/tests/inbox.sh — m2 Step 5d test (the federation acceptance
# suite for POST /actors/<id>/inbox).
#
# Wire format: body = term_codec:encode(SignedActivity). The
# receiver decodes, looks up the peer-AS (via Cfg :peer_as map or
# peer_actors gen_server), runs pipeline:validate_inbound/3 against
# the receiving actor's inbox log, and either:
#   202 Accepted        pipeline ok, appended to inbox
#   401 Unauthorized    bad sig / unknown peer
#   404 Not Found       target actor unknown
#   422 Unprocessable   envelope / replay failure

set -uo pipefail
cd "$(git rev-parse --show-toplevel)"

SX_SERVER="${SX_SERVER:-hosts/ocaml/_build/default/bin/sx_server.exe}"
if [ ! -x "$SX_SERVER" ]; then
  SX_SERVER="/root/rose-ash/hosts/ocaml/_build/default/bin/sx_server.exe"
fi
if [ ! -x "$SX_SERVER" ]; then
  echo "ERROR: sx_server.exe not found." >&2
  exit 1
fi

VERBOSE="${1:-}"
PASS=0; FAIL=0; ERRORS=""
TMPFILE=$(mktemp); trap "rm -f $TMPFILE" EXIT

# Alice (target) hosts the kernel; Bob (peer) signs activities with BobKS.
# Alice's actor-state carries Alice's own key (not used for inbox
# verification — the peer-AS does). The :peer_as Cfg map gives the
# inbox handler bob's keys directly so peer-AS resolution doesn't
# need the peer_actors gen_server in the pure path.
SETUP='AK = <<1,2,3,4>>, AKS = [{key_id,k1},{algorithm,ed25519},{value,AK}], AAS = [{public_keys,[[{id,k1},{created,0},{value,AK}]]}], BK = <<5,6,7,8>>, BKS = [{key_id,k1},{algorithm,ed25519},{value,BK}], BAS = [{public_keys,[[{id,k1},{created,0},{value,BK}]]}], EvilK = <<9,9,9,9>>, EvilAS = [{public_keys,[[{id,k1},{created,0},{value,EvilK}]]}], Env = outbox:construct(note, bob, 1, [{content,hi}]), Signed = outbox:sign(Env, BKS), Body = term_codec:encode(Signed), nx_kernel:start_link(alice, AKS, AAS), InboxPath = <<47,97,99,116,111,114,115,47,97,108,105,99,101,47,105,110,98,111,120>>, Cfg = [{peer_as, [{bob, BAS}]}, {kernel, nx_kernel}],'

cat > "$TMPFILE" <<EPOCHS
(epoch 1)
(load "lib/erlang/tokenizer.sx")
(load "lib/erlang/parser.sx")
(load "lib/erlang/parser-core.sx")
(load "lib/erlang/parser-expr.sx")
(load "lib/erlang/parser-module.sx")
(load "lib/erlang/transpile.sx")
(load "lib/erlang/runtime.sx")
(load "lib/erlang/vm/dispatcher.sx")
(epoch 2)
(eval "(er-load-gen-server!)")
(epoch 3)
(eval "(get (erlang-load-module (file-read \"next/kernel/envelope.erl\")) :name)")
(epoch 4)
(eval "(get (erlang-load-module (file-read \"next/kernel/log.erl\")) :name)")
(epoch 5)
(eval "(get (erlang-load-module (file-read \"next/kernel/pipeline.erl\")) :name)")
(epoch 6)
(eval "(get (erlang-load-module (file-read \"next/kernel/outbox.erl\")) :name)")
(epoch 7)
(eval "(get (erlang-load-module (file-read \"next/kernel/nx_kernel.erl\")) :name)")
(epoch 8)
(eval "(get (erlang-load-module (file-read \"next/kernel/term_codec.erl\")) :name)")
(epoch 9)
(eval "(get (erlang-load-module (file-read \"next/kernel/peer_actors.erl\")) :name)")
(epoch 10)
(eval "(get (erlang-load-module (file-read \"next/kernel/http_server.erl\")) :name)")

;; Happy path: valid signed activity, known peer -> 202
(epoch 20)
(eval "(get (erlang-eval-ast \"${SETUP} Req = [{method, <<80,79,83,84>>}, {path, InboxPath}, {headers, []}, {body, Body}], case http_server:route(Req, Cfg) of [{status, 202}, _, _] -> true; _ -> false end\") :name)")

;; Happy path: inbox tip advances to 1
(epoch 21)
(eval "(erlang-eval-ast \"${SETUP} Req = [{method, <<80,79,83,84>>}, {path, InboxPath}, {headers, []}, {body, Body}], http_server:route(Req, Cfg), nx_kernel:inbox_tip_for(alice)\")")

;; Outbox tip stays 0 after inbox delivery (independent buckets)
(epoch 22)
(eval "(erlang-eval-ast \"${SETUP} Req = [{method, <<80,79,83,84>>}, {path, InboxPath}, {headers, []}, {body, Body}], http_server:route(Req, Cfg), nx_kernel:log_tip_for(alice)\")")

;; Empty body -> 422 (decode failure before sig)
(epoch 23)
(eval "(get (erlang-eval-ast \"${SETUP} Req = [{method, <<80,79,83,84>>}, {path, InboxPath}, {headers, []}, {body, <<>>}], case http_server:route(Req, Cfg) of [{status, 422}, _, _] -> true; _ -> false end\") :name)")

;; Garbage body -> 422
(epoch 24)
(eval "(get (erlang-eval-ast \"${SETUP} Req = [{method, <<80,79,83,84>>}, {path, InboxPath}, {headers, []}, {body, <<99,99,99,99>>}], case http_server:route(Req, Cfg) of [{status, 422}, _, _] -> true; _ -> false end\") :name)")

;; Unknown peer (no entry in :peer_as map) -> 401
(epoch 25)
(eval "(get (erlang-eval-ast \"${SETUP} EmptyCfg = [{peer_as, []}, {kernel, nx_kernel}], Req = [{method, <<80,79,83,84>>}, {path, InboxPath}, {headers, []}, {body, Body}], case http_server:route(Req, EmptyCfg) of [{status, 401}, _, _] -> true; _ -> false end\") :name)")

;; Wrong peer-AS keys (EvilAS) -> 401 (bad_signature)
(epoch 26)
(eval "(get (erlang-eval-ast \"${SETUP} EvilCfg = [{peer_as, [{bob, EvilAS}]}, {kernel, nx_kernel}], Req = [{method, <<80,79,83,84>>}, {path, InboxPath}, {headers, []}, {body, Body}], case http_server:route(Req, EvilCfg) of [{status, 401}, _, _] -> true; _ -> false end\") :name)")

;; Replay: deliver same activity twice -> second one 422
(epoch 27)
(eval "(get (erlang-eval-ast \"${SETUP} Req = [{method, <<80,79,83,84>>}, {path, InboxPath}, {headers, []}, {body, Body}], http_server:route(Req, Cfg), case http_server:route(Req, Cfg) of [{status, 422}, _, _] -> true; _ -> false end\") :name)")

;; Unknown target actor -> 404
(epoch 28)
(eval "(get (erlang-eval-ast \"${SETUP} GhostPath = <<47,97,99,116,111,114,115,47,103,104,111,115,116,47,105,110,98,111,120>>, Req = [{method, <<80,79,83,84>>}, {path, GhostPath}, {headers, []}, {body, Body}], case http_server:route(Req, Cfg) of [{status, 404}, _, _] -> true; _ -> false end\") :name)")

;; Two distinct activities -> inbox tip = 2
(epoch 29)
(eval "(erlang-eval-ast \"${SETUP} Env2 = outbox:construct(note, bob, 2, [{content,bye}]), Signed2 = outbox:sign(Env2, BKS), Body2 = term_codec:encode(Signed2), Req1 = [{method, <<80,79,83,84>>}, {path, InboxPath}, {headers, []}, {body, Body}], Req2 = [{method, <<80,79,83,84>>}, {path, InboxPath}, {headers, []}, {body, Body2}], http_server:route(Req1, Cfg), http_server:route(Req2, Cfg), nx_kernel:inbox_tip_for(alice)\")")

EPOCHS

OUTPUT=$(timeout 600 "$SX_SERVER" < "$TMPFILE" 2>/dev/null)

check() {
  local epoch="$1" desc="$2" expected="$3"
  local actual
  actual=$(echo "$OUTPUT" | awk -v e="$epoch" '
    $0 ~ "^\\(ok-len " e " " { getline; print; exit }
    $0 ~ "^\\(ok " e " "     { print; exit }
    $0 ~ "^\\(error " e " "  { print; exit }
  ')
  [ -z "$actual" ] && actual="<no output for epoch $epoch>"
  if echo "$actual" | grep -qF -- "$expected"; then
    PASS=$((PASS+1))
    [ "$VERBOSE" = "-v" ] && echo "  ok $desc"
  else
    FAIL=$((FAIL+1))
    ERRORS+="  FAIL [$desc] (epoch $epoch) expected: $expected | actual: $actual
"
  fi
}

check 10  "http_server module loaded"        "http_server"
check 20  "happy path -> 202"                "true"
check 21  "inbox tip advances to 1"          "1"
check 22  "outbox tip unchanged (= 0)"       "0"
check 23  "empty body -> 422"                "true"
check 24  "garbage body -> 422"              "true"
check 25  "unknown peer -> 401"              "true"
check 26  "bad peer-AS keys -> 401"          "true"
check 27  "replay -> 422 on second delivery" "true"
check 28  "unknown target actor -> 404"      "true"
check 29  "two activities -> inbox tip = 2"  "2"

TOTAL=$((PASS+FAIL))
if [ $FAIL -eq 0 ]; then
  echo "ok $PASS/$TOTAL next/tests/inbox.sh passed"
else
  echo "FAIL $PASS/$TOTAL passed, $FAIL failed:"
  echo "$ERRORS"
fi
[ $FAIL -eq 0 ]