6.8 KiB
Inconsistency audit with exact fixes (treating README.md as authoritative)
Backend auth_rules schema mismatch Evidence: Migration (creates mismatched columns): See "CREATE TABLE IF NOT EXISTS auth_rules ... UNIQUE(rule_type, operation, rule_target)". Active code uses rule_type, pattern_type, pattern_value, action: Insert: "INSERT INTO auth_rules (rule_type, pattern_type, pattern_value, action)" Delete: "DELETE FROM auth_rules WHERE rule_type = ? AND pattern_type = ? AND pattern_value = ?" Query mapping: map_auth_query_type_to_response() Queries: "... WHERE rule_type LIKE '%blacklist%'" Validator checks: "... WHERE rule_type = 'blacklist' AND pattern_type = 'pubkey' AND pattern_value = ?" "... WHERE rule_type = 'blacklist' AND pattern_type = 'hash' AND pattern_value = ?" "... WHERE rule_type = 'whitelist' AND pattern_type = 'pubkey' AND pattern_value = ?" Embedded schema expects pattern columns and active/indexes: "CREATE TABLE auth_rules ( ... )" "CREATE INDEX idx_auth_rules_pattern ON auth_rules(pattern_type, pattern_value)" "CREATE INDEX idx_auth_rules_active ON auth_rules(active)" Fix (update migration to align with sql_schema.h/config.c): Replace the DDL at "create_auth_rules_sql" with: CREATE TABLE IF NOT EXISTS auth_rules ( id INTEGER PRIMARY KEY AUTOINCREMENT, rule_type TEXT NOT NULL, -- 'whitelist' | 'blacklist' pattern_type TEXT NOT NULL, -- 'pubkey' | 'hash' | future pattern_value TEXT NOT NULL, -- hex pubkey/hash action TEXT NOT NULL, -- 'allow' | 'deny' active INTEGER DEFAULT 1, created_at INTEGER DEFAULT (strftime('%s','now')), UNIQUE(rule_type, pattern_type, pattern_value) ); After creation, also create indexes as in "sql_schema.h": CREATE INDEX idx_auth_rules_pattern ON auth_rules(pattern_type, pattern_value); CREATE INDEX idx_auth_rules_type ON auth_rules(rule_type); CREATE INDEX idx_auth_rules_active ON auth_rules(active); Duplicate UI function + stale DOM id usage Evidence: Duplicate definition of disconnectFromRelay() and disconnectFromRelay(); the second overwrites the first and uses legacy element access paths. Stale variable: "const relayUrl = document.getElementById('relay-url');" — no element with id="relay-url" exists; the real input is "relay-connection-url" and is referenced as "relayConnectionUrl". Calls using relayUrl.value.trim() (must use relayConnectionUrl): "sendConfigUpdateCommand() publish URL" "loadAuthRules() publish URL" "deleteAuthRule() publish URL" Tests: "testGetAuthRules()" "testClearAuthRules()" "testAddBlacklist()" "testAddWhitelist()" "testConfigQuery()" "testPostEvent()" Fix: Remove the duplicate legacy function entirely: delete the second disconnectFromRelay(). Remove stale variable: delete "const relayUrl = document.getElementById('relay-url');". Replace every relayUrl.value.trim() occurrence with relayConnectionUrl.value.trim() at the lines listed above. Supported NIPs inconsistency (README vs UI fallback) Evidence: README implemented NIPs checklist (authoritative): "NIPs list" shows: 1, 9, 11, 13, 15, 20, 33, 40, 42 implemented. UI fallback for manual relay info includes unsupported/undocumented NIPs and misses implemented ones: "supported_nips: [1, 2, 4, 9, 11, 12, 15, 16, 20, 22]" "supported_nips: [1, 2, 4, 9, 11, 12, 15, 16, 20, 22]" Fix: Replace both arrays with: [1, 9, 11, 13, 15, 20, 33, 40, 42] Config key mismatches (README vs UI edit form) Evidence: README keys (authoritative): "Available Configuration Keys"–(README.md:110) relay_description, relay_contact, max_connections, max_subscriptions_per_client, max_event_tags, max_content_length, auth_enabled, nip42_auth_required, nip42_auth_required_kinds, nip42_challenge_timeout, pow_min_difficulty, nip40_expiration_enabled UI currently declares/uses many non-README keys: Field types: "fieldTypes" include nip42_auth_required_events, nip42_auth_required_subscriptions, relay_port, pow_mode, nip40_expiration_strict, nip40_expiration_filter, nip40_expiration_grace_period, max_total_subscriptions, max_filters_per_subscription, max_message_length, default_limit, max_limit. Descriptions: "descriptions" reflect the same non-README keys. Fix: Restrict UI form generation to README keys and rename mismatches: Combine nip42_auth_required_events/subscriptions into README’s "nip42_auth_required" (boolean). Rename nip42_challenge_expiration to "nip42_challenge_timeout". Remove or hide (advanced section) non-README keys: relay_port, pow_mode, nip40_expiration_strict, nip40_expiration_filter, nip40_expiration_grace_period, max_total_subscriptions, max_filters_per_subscription, max_message_length, default_limit, max_limit. Update both "fieldTypes" and "descriptions" to reflect only README keys (data types and labels consistent). First-time startup port override (-p) ignored when -a and -r are also provided Observation: You confirmed: first run with -p 7777 works, but with -p plus -a and -r the override isn’t honored. Likely cause: The code path that handles admin/relay key overrides on first-time setup bypasses persisting the CLI port override to config/unified cache before server start, so "start_websocket_relay(-1, ...)" falls back to default. Fix: Ensure first_time_startup_sequence applies cli_options.port_override to persistent config and cache BEFORE default config insertion and before starting the server. Specifically: In the first-time path (main): After "first_time_startup_sequence(&cli_options)" and before creating defaults on the -a/-r path at "populate_default_config_values()", write the port override: set_config_value_in_table("relay_port", "", "integer", "WebSocket port", "relay", 0); and update unified cache if required by the port resolution code. Verify the code path where -a/-r trigger direct table population also applies/overwrites the port with the CLI-provided value. Add a regression test to assert that -p is honored with and without -a/-r on first run. Minor consistency recommendations UI NIP-11 fallback version string: Consider aligning with backend version source (e.g., src/version.h). The UI currently hardcodes "1.0.0" at "version: '1.0.0'". UI hardcoded relay pubkey fallback: "getRelayPubkey()" returns a constant when not connected. Safe for dev, but should not leak into production paths. Added TODO items (as requested)
The following todos were added/organized: Remove duplicate disconnectFromRelay() and standardize to relay-connection-url Replace all relayUrl.value references with relayConnectionUrl.value in api/index.html Align Supported NIPs fallback arrays in api/index.html with README (1,9,11,13,15,20,33,40,42) Update config form keys/descriptions in api/index.html to match README keys Fix backend auth_rules migration in src/main.c to match src/sql_schema.h/src/config.c Investigate and fix first-time startup port override ignored when -a and -r are provided Add tests for port override and auth_rules flows Rebuild via ./make_and_restart_relay.sh and validate against README