Commit Graph

492 Commits

Author SHA1 Message Date
bvandeusen 03cbd4d0c1 feat(api): add /api/requests user-facing CRUD
Implements POST/GET/GET:id/DELETE /api/requests handlers delegating to
lidarrrequests.Service; wires routes in RequireUser group and threads
the service through Mount and server.go.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-29 17:40:49 -04:00
bvandeusen 9192eb9f0a fix(api): gofmt + revive cleanup on lidarr search handler 2026-04-29 17:35:45 -04:00
bvandeusen 905e27a988 feat(api): add /api/lidarr/search proxy with library/request enrichment
Implements GET /api/lidarr/search?q=&kind=artist|album|track. Validates
kind and q, loads lidarr_config per-request, calls the matching Lidarr
Lookup* method, enriches each result with in_library (EXISTS by MBID
against artists/albums/tracks) and requested (HasNonTerminalRequestForMBID),
and returns a normalized JSON array. Adds lidarrCfg field to handlers struct
and threads lidarrconfig.Service through Mount and server.Router.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-29 17:35:00 -04:00
bvandeusen 4492826354 feat(auth): add RequireAdmin middleware for /api/admin/* routes
Replaces the old X-API-Token-based RequireAdmin in middleware.go with a
context-aware RequireAdmin() that runs after RequireUser, checks
user.IsAdmin, and returns 403 {"error":"not_authorized"} for non-admins
or 500 {"error":"internal_error"} if RequireUser was bypassed. Updates
server.go to mount RequireUser then RequireAdmin on the /api/admin group.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-29 17:27:47 -04:00
bvandeusen f73a5ccef5 feat(lidarrrequests): add Reconciler worker matching approved requests to library
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-29 17:17:32 -04:00
bvandeusen b11fc117e7 feat(lidarrrequests): request lifecycle service (create/list/approve/reject/cancel)
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-29 17:12:03 -04:00
bvandeusen 429b75131b feat(lidarrconfig): typed singleton config wrapper
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-29 16:29:22 -04:00
bvandeusen ebff8f69a0 fix(lidarr): address review findings on HTTP client
- Add ArtistMBID/AlbumMBID to LookupResult so handlers can build the
  full lidarr_requests row from album/track lookups (parent MBID is
  needed for the AddAlbum API call and for the schema's NOT NULL
  lidarr_artist_mbid)
- Trim trailing slash on BaseURL before joining paths to avoid
  double-slash URLs when operators enter "http://lidarr.lan/"
- Check json.Marshal errors in AddArtist/AddAlbum
- Extract lidarrImage as a named unexported type instead of repeating
  the anonymous struct three times
- Add NewClient(baseURL, apiKey) constructor with 30s default timeout
- Add ErrLookupFailed test coverage for the 4xx-non-auth branch on
  both get and post helpers
- Rename TestListRootFolders_BadJSON -> _NullBody (it tests null,
  not malformed); add a real malformed-JSON test
- Defensive separator guard on LookupAlbum.Secondary so an empty
  ArtistName doesn't produce a leading " · "

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-29 16:26:23 -04:00
bvandeusen a43fa09a04 feat(lidarr): typed HTTP client for v1 API (lookup, add, profiles, ping)
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-29 15:25:10 -04:00
bvandeusen a5bb79f2a8 fix(db): clarify lidarr_requests query semantics
- HasNonTerminalRequestForMBID: use named parameter @mbid so the
  generated Go signature is `mbid string` instead of the misleading
  `lidarrArtistMbid string` (the value applies to all three MBID
  columns, not just the artist column)
- CancelLidarrRequest: comment dual role of $2 (ownership guard +
  decided_by audit field) for future readers
- CompleteLidarrRequest: document the per-kind one-of-three contract
  for matched_*_id parameters

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-29 15:19:54 -04:00
bvandeusen 9ceac5c639 feat(db): add lidarr_config + lidarr_requests schema (migration 0010)
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-29 15:10:01 -04:00
bvandeusen d77f2d4459 docs(plan): add M5a Lidarr connection + search/add implementation plan
21-task TDD plan implementing the M5a spec (committed in 17406ee).
Tasks 1-4 are step-level (write test → run → implement → run → commit);
Tasks 5-21 are paragraph-level with template references back to 1-4
to keep the plan navigable while preserving full coverage.

Coverage:
- Task 1: migration 0010 + sqlc queries
- Task 2: internal/lidarr typed client
- Task 3: internal/lidarrconfig singleton wrapper
- Task 4: internal/lidarrrequests Service
- Task 5: internal/lidarrrequests Reconciler worker
- Task 6: RequireAdmin middleware
- Tasks 7-10: API handlers (search, requests CRUD, admin lidarr, admin requests)
- Task 11: cmd/minstrel main wires reconciler
- Tasks 12-13: web design tokens + API clients
- Tasks 14-15: DiscoverResultCard + StatusPill components
- Tasks 16-20: /discover, /requests, /admin/* routes
- Task 21: verification + branch finish

Self-review checklist confirms every spec section maps to a task.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-04-29 15:01:20 -04:00
bvandeusen 17406eebee docs(spec): add M5a Lidarr connection + search/add design
M5a is the foundation slice of M5 (Lidarr integration + quarantine).
Decomposed into M5a/M5b/M5c during brainstorming on 2026-04-29:

- M5a (this spec) — Lidarr connection + search/add + admin shell
- M5b — Quarantine workflow (per-user soft-hide, admin resolution)
- M5c — Radio suggested-additions (out-of-library MBIDs surfaced)

Each ships as its own PR with its own brainstorm/spec/plan cycle.

Key decisions captured:
- Permissions: search-all, add-admin via request queue
- Config: DB-only, Settings UI is the only entry point (no YAML)
- Settings shape: dedicated /admin/* route group, hard route gate
- Search UX: standalone /discover route, all three granularities
- Lifecycle: library scan as source of truth + 5-min reconciler worker
- Quality profile/root folder: default + per-add admin override
- UI lands at FabledSword design system bar (forest-teal accent;
  Moss/Bronze/Oxblood action buttons; per project_design_system memory)

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-04-29 14:25:08 -04:00
bvandeusen 2238a8a209 Merge pull request 'test: stop wiping admin user during integration tests' (#29) from dev into main 2026-04-29 16:24:07 +00:00
bvandeusen 21310e7716 test: bootstrap test saves/restores non-test users
Companion to the dbtest.ResetDB change. The bootstrap integration
test fundamentally needs an empty users table — it exercises the
"first time admin is created" path, which Bootstrap() guards with
a count==0 check. So this test alone still has to TRUNCATE users.

To keep the operator's admin login intact on a shared dev DB:

- Before TRUNCATE, save every user that doesn't start with 'test-'.
- Use cfg.Username = 'test-admin' for the bootstrap call so the
  test row is itself test-prefixed and gets cleaned up by other
  tests' ResetDB calls.
- t.Cleanup restores the saved rows after assertions complete,
  so admin/admin (or whatever password the operator set) keeps
  working between test runs.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-04-29 12:04:16 -04:00
bvandeusen 937a1930ad test: add dbtest.ResetDB helper that preserves admin user
Integration tests previously TRUNCATEd the users table at setup,
which wiped the operator's admin login every time the suite ran
against a Postgres instance shared with their dev environment.

This commit:

- Adds internal/dbtest/reset.go exposing ResetDB(t, pool) and
  TestUserPrefix. ResetDB truncates every data table EXCEPT users,
  then deletes only users whose username starts with TestUserPrefix.
- Migrates 9 test files (subsonic/scrobble, subsonic/star,
  recommendation/candidates, scrobble/queue, similarity/worker,
  playevents/writer, playsessions/service, api/auth, api/me) to
  call ResetDB instead of issuing TRUNCATE-with-users.
- Renames hardcoded test usernames to use TestUserPrefix so ResetDB
  cleans them between runs. seedUser in api/auth_test now prefixes
  internally; existing call sites pass bare names.
- Leaves auth/bootstrap_test.go alone — it legitimately tests
  first-time admin bootstrap and must wipe users.

Verified locally: full integration suite with -p 1 runs cleanly
under the existing MINSTREL_TEST_DATABASE_URL setup, and the admin
row in the shared dev DB survives the run.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-04-29 11:55:06 -04:00
bvandeusen 132dddbc37 Merge pull request 'feat: M4c radio similarity-driven candidate pool + 80% queue refresh (closes M4)' (#28) from dev into main 2026-04-29 14:45:17 +00:00
bvandeusen d8b955ff0c feat(web): radio queue auto-refreshes at 80% via ?exclude= param
Adds _radioSeedId state and a module-level $effect.root that triggers a
/api/radio?seed_track=…&exclude=… fetch when queue consumption reaches
80%, appending new tracks without resetting the radio seed. Clears seed
on any non-radio enqueue (playQueue/enqueueTrack/enqueueTracks). Five
new vitest cases cover the trigger threshold, append logic, in-flight
guard, and manual-enqueue reset path.
2026-04-29 08:50:24 -04:00
bvandeusen 8647f9ebe0 feat(api): radio uses similarity pool with exclude param + M3 fallback
Wire LoadCandidatesFromSimilarity as the primary candidate loader with
an ?exclude= query param for comma-separated UUID filtering; fall back
to LoadCandidates on error. Thread SimilarityWeight into ScoringWeights
and update testHandlers recCfg accordingly.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-29 08:47:31 -04:00
bvandeusen b8e3019654 fix(db): split seed_info CTE so similar-artist works without seed genre
The combined seed_info CTE filtered the seed out when its genre was
NULL/empty. Restored the spec's two-CTE design (seed_artist + seed_tags)
so similar-artist matching works regardless of the seed's genre coverage.
Drops the genre workaround from the SimilarArtist test.
2026-04-29 08:43:42 -04:00
bvandeusen 51811c9d35 feat(recommendation): add LoadCandidatesFromSimilarity (5-source candidate pool)
Implements M4c's similarity-driven candidate pool: CandidateSourceLimits,
DefaultCandidateSourceLimits, and LoadCandidatesFromSimilarity consuming
LoadRadioCandidatesV2 (5-way UNION + max-score dedup). Adds 10 integration
tests covering all sources, exclusions, dedup, and edge cases.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-29 08:30:53 -04:00
bvandeusen bb3f911761 feat(recommendation): extend Score with SimilarityScore + SimilarityWeight 2026-04-29 08:01:53 -04:00
bvandeusen 362cb2c9ce feat(db): add LoadRadioCandidatesV2 sqlc query (5-way UNION) 2026-04-29 07:56:57 -04:00
bvandeusen 2e6d2ffd03 docs(plan): add M4c radio similarity-driven candidate pool plan
6-task TDD-shaped plan covering: LoadRadioCandidatesV2 sqlc query
(5-way UNION), Score() extension with SimilarityScore + SimilarityWeight,
LoadCandidatesFromSimilarity Go function with CandidateSourceLimits +
10 integration tests covering all sources + dedup + exclude + recently-
played + seed-excluded + empty library, radio handler with exclude
param + parseExcludeParam helper + M3 fallback + 4 new HTTP tests,
frontend queue refresh at 80% with radioSeedId state + clear-on-non-
radio-enqueue + 5 vitest tests, final verification + branch finish
(closes M4).
2026-04-29 06:58:22 -04:00
bvandeusen 267c4ad80b docs(spec): add M4c radio similarity-driven candidate pool design
Third and final M4 sub-plan (Fable #347) — closes M4. Replaces M3's
whole-library candidate pool with a 5-way SQL UNION (LB-similar tracks /
tracks by similar artists / MB-tag overlap / likes-overlap / random
fill). Adds a new SimilarityScore × SimilarityWeight term to M3's Score()
formula. Web client auto-refreshes the queue when 80% consumed via a new
?exclude= query param. No lazy LB fetch (M4b's worker + random
augmentation handle sparse data). Fallback to M3 LoadCandidates on any
similarity-pool error.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-04-28 23:02:01 -04:00
bvandeusen d9cbf4e434 Merge pull request 'feat: M4b inbound ListenBrainz similarity ingest' (#27) from dev into main 2026-04-29 01:22:37 +00:00
bvandeusen 358bfd9453 feat(cmd): start similarity worker alongside HTTP server 2026-04-28 20:25:11 -04:00
bvandeusen 893adf04c9 feat(similarity): implement Worker.tickOnce with track + artist passes
Replace stub with full tickOnce: drains played tracks/artists via
ListPlayedTracksNeedingSimilarity / ListPlayedArtistsNeedingSimilarity,
calls LB SimilarRecordings/SimilarArtists, filters to local library via
bulk MBID lookup, enforces top-K=20 by score, and upserts similarity
rows. 429 aborts the entire tick; other errors log-and-skip. Ten
integration tests covering no-op, library filtering, top-K cap, 7-day
freshness cap, stale refresh, 429 abort, transient skip, and artist
pass.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-28 20:06:47 -04:00
bvandeusen 9adad094b0 feat(similarity): add Worker skeleton with constructor + Run loop 2026-04-28 20:02:15 -04:00
bvandeusen b0d1d6bb46 feat(listenbrainz): add SimilarArtists client method 2026-04-28 20:01:17 -04:00
bvandeusen 23d55a868b feat(listenbrainz): add SimilarRecordings client method 2026-04-28 19:59:38 -04:00
bvandeusen d4e0e5fae3 feat(db): add similarity sqlc queries (list-needing, get-by-mbids, upsert) 2026-04-28 19:58:05 -04:00
bvandeusen fc2d35d33c feat(db): add migration 0009 for similarity (track_similarity + artist_similarity) 2026-04-28 19:57:02 -04:00
bvandeusen 9ec9caf667 docs(plan): add M4b ListenBrainz inbound similarity ingest plan
8-task TDD-shaped plan covering: migration 0009 (track_similarity +
artist_similarity tables with multi-source PK), sqlc queries (list-
needing, get-by-mbids, upsert), LB client SimilarRecordings + Similar
Artists methods (7 httptest tests each), Worker skeleton + tickOnce
with track and artist passes (10 integration tests covering top-K=20,
7-day cap, in-library filter, 429-abort-tick, transient-skip, no-MBID
skip), main.go boot wiring, final verification.
2026-04-28 19:51:57 -04:00
bvandeusen 86cb8e5cbf docs(spec): add M4b ListenBrainz inbound similarity ingest design
Second M4 sub-plan (Fable #346). Periodic worker pulls track-track and
artist-artist similarity edges from LB's public /explore/* endpoints,
filters to the local library, stores top-20 per source track in two new
tables (track_similarity, artist_similarity). Hourly tick, batch=5,
weekly re-fetch cap per row, passive retry via timer. No auth (public
endpoints). Discovery within library handled by LB's collaborative-
filtering response naturally surfacing unplayed library tracks; spec
notes M4c will add a serendipity floor + lazy fetch + sparse-fallback.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-04-28 19:46:23 -04:00
bvandeusen 6b5526788e Merge pull request 'feat: M4a outbound ListenBrainz scrobble worker' (#26) from dev into main 2026-04-28 22:36:57 +00:00
bvandeusen 13e12d97ae feat(web): add /settings page with ListenBrainz section
Adds api.put helper, ListenBrainz API module with query/mutation
helpers, a /settings route with token + enable/disable UI, and 5
tests. Adds Settings to the Shell nav.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-28 15:45:42 -04:00
bvandeusen 46b23424c2 feat(cmd): start scrobble worker alongside HTTP server 2026-04-28 09:28:13 -04:00
bvandeusen 1d1119ac32 feat(api): add GET/PUT /api/me/listenbrainz endpoints
Exposes user ListenBrainz config (token_set bool, enabled, last_scrobbled_at)
via write-only token semantics; enforces no-enable-without-token at the API layer.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-28 09:27:06 -04:00
bvandeusen 4d123f1b71 feat(playevents): post-commit MaybeEnqueue in RecordPlayEnded + Synthetic 2026-04-28 09:23:21 -04:00
bvandeusen 9490bad360 feat(scrobble): add Worker with tickOnce, batched submit, retry/fail/auth handling
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-28 09:20:23 -04:00
bvandeusen 8ce39a8868 feat(scrobble): add backoffDelay schedule (1m, 5m, 30m, 2h, 6h, give up) 2026-04-28 09:14:08 -04:00
bvandeusen dba1deaad1 feat(scrobble): add MaybeEnqueue with idempotent insert + threshold gate
Bridges closed play_events to the scrobble_queue: loads the event,
applies the Qualifies() threshold, checks user LB config (enabled + token),
and inserts via ON CONFLICT DO NOTHING for idempotency. Best-effort —
callers (playevents.Writer hooks, Task 8) will log and swallow errors.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-28 09:13:11 -04:00
bvandeusen 767e246b73 feat(scrobble): add pure Qualifies threshold function 2026-04-28 09:10:39 -04:00
bvandeusen 5359a16091 style(scrobble): rename unused r *http.Request to _ in client tests
Caught by revive's unused-parameter check. The four error-path tests
don't read the request body, so the parameter is properly named _.
2026-04-28 09:09:45 -04:00
bvandeusen 3d23f4930c feat(scrobble): add pure ListenBrainz HTTP client with typed errors
Implements the HTTP client for ListenBrainz submit-listens with typed
sentinel errors (ErrAuth, ErrPermanent, ErrTransient, *RetryAfterError)
so the scrobble worker can branch on response semantics. All 9 httptest-
driven tests pass.
2026-04-28 08:45:13 -04:00
bvandeusen a0e21f21b6 feat(db): add ListenBrainz user-config and scrobble_queue queries 2026-04-28 08:42:38 -04:00
bvandeusen efc2308348 feat(db): add migration 0008 for scrobble (users LB columns + scrobble_queue table) 2026-04-28 08:40:39 -04:00
bvandeusen 08b360b67e Merge pull request 'ci: drop push:dev trigger; PR is the gate' (#25) from dev into main 2026-04-28 12:35:52 +00:00
bvandeusen a90deab862 docs(plan): add M4a outbound scrobble worker implementation plan
12-task TDD-shaped plan covering: migration 0008 (users LB columns +
scrobble_queue table), sqlc query additions, pure ListenBrainz HTTP
client with typed errors and httptest coverage, threshold function,
MaybeEnqueue with idempotent insert + threshold gate, backoff schedule
1m→5m→30m→2h→6h, Worker with batched submit + retry/fail/auth handling,
playevents.Writer post-commit best-effort hooks, GET/PUT
/api/me/listenbrainz endpoints, /settings page in SvelteKit, full
verification sequence.
2026-04-28 08:34:26 -04:00