Merge branch 'loc-pricing'

Author: shrsv

cmd/app.go

@@ -21,6 +21,7 @@ type Handlers struct {
 	RunAttestationTrailer cli.ActionFunc
 	RunSetup              cli.ActionFunc
 	RunUI                 cli.ActionFunc
+	RunUsageInspect       cli.ActionFunc
 }
 
 // BuildApp constructs the full CLI app with all command wiring.
@@ -177,6 +178,22 @@ func BuildApp(version, buildTime, gitCommit string, baseFlags, debugFlags []cli.
 				},
 				Action: h.RunSelfUpdate,
 			},
+			{
+				Name:  "usage",
+				Usage: "Inspect plan and quota usage",
+				Subcommands: []*cli.Command{
+					{
+						Name:  "inspect",
+						Usage: "Fetch and display current quota envelope for selected org",
+						Flags: []cli.Flag{
+							&cli.StringFlag{Name: "api-url", Usage: "override LiveReview API base URL"},
+							&cli.StringFlag{Name: "output", Value: "pretty", Usage: "output format: pretty or json"},
+							&cli.BoolFlag{Name: "verbose", Usage: "enable verbose output"},
+						},
+						Action: h.RunUsageInspect,
+					},
+				},
+			},
 			{
 				Name:   "review-cleanup",
 				Usage:  "Clean up review session history for the current branch (called by post-commit hook)",
@@ -196,8 +213,27 @@ func BuildApp(version, buildTime, gitCommit string, baseFlags, debugFlags []cli.
 				Action: h.RunAttestationTrailer,
 			},
 			{
-				Name:   "setup",
-				Usage:  "Guided onboarding — authenticate with Hexmos and configure LiveReview + AI",
+				Name:  "setup",
+				Usage: "Guided onboarding — authenticate with Hexmos and configure LiveReview + AI",
+				Flags: []cli.Flag{
+					&cli.StringFlag{
+						Name:    "api-url",
+						Aliases: []string{"base-url"},
+						Usage:   "override LiveReview API base URL for setup",
+					},
+					&cli.BoolFlag{
+						Name:  "yes",
+						Usage: "run non-interactively; requires explicit --keep-api-url or --replace-api-url when config already exists",
+					},
+					&cli.BoolFlag{
+						Name:  "keep-api-url",
+						Usage: "when config exists, preserve existing api_url",
+					},
+					&cli.BoolFlag{
+						Name:  "replace-api-url",
+						Usage: "when config exists, replace api_url with setup target URL",
+					},
+				},
 				Action: h.RunSetup,
 			},
 			{

cmd/app_test.go

@@ -0,0 +1,34 @@
+package cmd
+
+import "testing"
+
+func TestSetupCommandIncludesAPIURLChoiceFlags(t *testing.T) {
+	app := BuildApp("dev", "now", "none", nil, nil, Handlers{})
+
+	var setupCommandFound bool
+	var setupCommandFlags map[string]bool
+
+	for _, command := range app.Commands {
+		if command.Name != "setup" {
+			continue
+		}
+		setupCommandFound = true
+		setupCommandFlags = map[string]bool{}
+		for _, flag := range command.Flags {
+			for _, name := range flag.Names() {
+				setupCommandFlags[name] = true
+			}
+		}
+		break
+	}
+
+	if !setupCommandFound {
+		t.Fatalf("setup command not found")
+	}
+
+	for _, expected := range []string{"api-url", "base-url", "yes", "keep-api-url", "replace-api-url"} {
+		if !setupCommandFlags[expected] {
+			t.Fatalf("setup command missing flag %q", expected)
+		}
+	}
+}

config/ai_connectors.go

@@ -32,6 +32,31 @@ func UpsertQuotedConfigValue(content, key, value string) string {
 	return strings.Join(lines, "\n")
 }
 
+func ReadQuotedConfigValue(content, key string) (string, bool) {
+	lines := strings.Split(content, "\n")
+	prefix := key + " ="
+
+	for _, line := range lines {
+		trimmed := strings.TrimSpace(line)
+		if !strings.HasPrefix(trimmed, prefix) {
+			continue
+		}
+
+		rawValue := strings.TrimSpace(strings.TrimPrefix(trimmed, prefix))
+		if rawValue == "" {
+			return "", true
+		}
+
+		if unquoted, err := strconv.Unquote(rawValue); err == nil {
+			return unquoted, true
+		}
+
+		return rawValue, true
+	}
+
+	return "", false
+}
+
 func StripManagedAIConnectorsSection(content, sectionBegin, sectionEnd string) string {
 	start := strings.Index(content, sectionBegin)
 	if start == -1 {

internal/appcore/auth_recovery.go

@@ -166,7 +166,7 @@ func recoverAPIKeyAndTokens(config Config, phase string) (Config, error) {
 	if err == nil {
 		updated := config
 		updated.APIKey = newKey
-		if persistErr := persistConfigUpdates(updated.ConfigPath, updated.APIURL, map[string]string{"api_key": newKey}); persistErr != nil {
+		if persistErr := persistConfigUpdates(updated.ConfigPath, map[string]string{"api_key": newKey}); persistErr != nil {
 			diag.FailureReason = fmt.Sprintf("persist api_key failed: %v", persistErr)
 			reportDiagnosticWriteError(persistAuthRecoveryDiagnostic(&diag, time.Since(started)))
 			return config, fmt.Errorf("generated a new API key but failed to persist config: %w", persistErr)
@@ -203,7 +203,7 @@ func recoverAPIKeyAndTokens(config Config, phase string) (Config, error) {
 	if strings.TrimSpace(newRefresh) != "" {
 		updated.RefreshToken = newRefresh
 	}
-	if persistErr := persistConfigUpdates(updated.ConfigPath, updated.APIURL, map[string]string{"jwt": updated.JWT, "refresh_token": updated.RefreshToken}); persistErr != nil {
+	if persistErr := persistConfigUpdates(updated.ConfigPath, map[string]string{"jwt": updated.JWT, "refresh_token": updated.RefreshToken}); persistErr != nil {
 		diag.FailureReason = fmt.Sprintf("persist refreshed tokens failed: %v", persistErr)
 		reportDiagnosticWriteError(persistAuthRecoveryDiagnostic(&diag, time.Since(started)))
 		return config, fmt.Errorf("refreshed session tokens but failed to persist them: %w", persistErr)
@@ -224,7 +224,7 @@ func recoverAPIKeyAndTokens(config Config, phase string) (Config, error) {
 	}
 
 	updated.APIKey = newKey
-	if persistErr := persistConfigUpdates(updated.ConfigPath, updated.APIURL, map[string]string{"api_key": updated.APIKey}); persistErr != nil {
+	if persistErr := persistConfigUpdates(updated.ConfigPath, map[string]string{"api_key": updated.APIKey}); persistErr != nil {
 		diag.FailureReason = fmt.Sprintf("persist recovered api_key failed: %v", persistErr)
 		reportDiagnosticWriteError(persistAuthRecoveryDiagnostic(&diag, time.Since(started)))
 		return config, fmt.Errorf("recovered API key but failed to persist config: %w", persistErr)
@@ -297,7 +297,7 @@ func resolveConfigPath(configPath string) (string, error) {
 	return configpath.ResolveConfigPath()
 }
 
-func persistConfigUpdates(configPath, apiURL string, updates map[string]string) error {
+func persistConfigUpdates(configPath string, updates map[string]string) error {
 	resolvedConfigPath, err := resolveConfigPath(configPath)
 	if err != nil {
 		return err
@@ -310,11 +310,10 @@ func persistConfigUpdates(configPath, apiURL string, updates map[string]string)
 		return err
 	}
 
-	if strings.TrimSpace(content) == "" && strings.TrimSpace(apiURL) != "" {
-		content = cfgutil.UpsertQuotedConfigValue(content, "api_url", apiURL)
-	}
-
 	for key, value := range updates {
+		if strings.EqualFold(strings.TrimSpace(key), "api_url") {
+			return fmt.Errorf("api_url updates are not allowed in auth recovery persistence")
+		}
 		if strings.TrimSpace(value) == "" {
 			continue
 		}

internal/appcore/auth_recovery_test.go

@@ -0,0 +1,117 @@
+package appcore
+
+import (
+	"net/http"
+	"os"
+	"path/filepath"
+	"strings"
+	"testing"
+
+	"github.com/HexmosTech/git-lrc/internal/reviewmodel"
+)
+
+func TestIsLiveReviewAPIKeyInvalid(t *testing.T) {
+	tests := []struct {
+		name string
+		err  error
+		want bool
+	}{
+		{
+			name: "valid unauthorized code",
+			err: &reviewmodel.APIError{
+				StatusCode: http.StatusUnauthorized,
+				Body:       `{"error_code":"LIVE_REVIEW_API_KEY_INVALID","error":"invalid"}`,
+			},
+			want: true,
+		},
+		{
+			name: "unauthorized but different error code",
+			err: &reviewmodel.APIError{
+				StatusCode: http.StatusUnauthorized,
+				Body:       `{"error_code":"SOMETHING_ELSE","error":"nope"}`,
+			},
+			want: false,
+		},
+		{
+			name: "non-401 should not trigger recovery",
+			err: &reviewmodel.APIError{
+				StatusCode: http.StatusTooManyRequests,
+				Body:       `{"error_code":"LIVE_REVIEW_API_KEY_INVALID"}`,
+			},
+			want: false,
+		},
+		{
+			name: "malformed json should not trigger recovery",
+			err: &reviewmodel.APIError{
+				StatusCode: http.StatusUnauthorized,
+				Body:       `not-json`,
+			},
+			want: false,
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			got := isLiveReviewAPIKeyInvalid(tt.err)
+			if got != tt.want {
+				t.Fatalf("isLiveReviewAPIKeyInvalid() = %v, want %v", got, tt.want)
+			}
+		})
+	}
+}
+
+func TestParseAPIErrorCode(t *testing.T) {
+	code, err := parseAPIErrorCode(`{"error_code":"LIVE_REVIEW_API_KEY_INVALID"}`)
+	if err != nil {
+		t.Fatalf("expected no error, got %v", err)
+	}
+	if code != "LIVE_REVIEW_API_KEY_INVALID" {
+		t.Fatalf("unexpected code: %s", code)
+	}
+
+	if _, err := parseAPIErrorCode(`{not-json}`); err == nil {
+		t.Fatal("expected parse error for malformed json")
+	}
+}
+
+func TestPersistConfigUpdatesPreservesExistingAPIURL(t *testing.T) {
+	tmpDir := t.TempDir()
+	configPath := filepath.Join(tmpDir, ".lrc.toml")
+	original := "api_url = \"http://localhost:8888\"\njwt = \"old\"\n"
+	if err := os.WriteFile(configPath, []byte(original), 0600); err != nil {
+		t.Fatalf("write config: %v", err)
+	}
+
+	if err := persistConfigUpdates(configPath, map[string]string{"jwt": "new"}); err != nil {
+		t.Fatalf("persist config updates: %v", err)
+	}
+
+	updatedBytes, err := os.ReadFile(configPath)
+	if err != nil {
+		t.Fatalf("read config: %v", err)
+	}
+	updated := string(updatedBytes)
+
+	if !strings.Contains(updated, `api_url = "http://localhost:8888"`) {
+		t.Fatalf("expected api_url to remain unchanged: %s", updated)
+	}
+	if !strings.Contains(updated, `jwt = "new"`) {
+		t.Fatalf("expected jwt to be updated: %s", updated)
+	}
+}
+
+func TestPersistConfigUpdatesRejectsAPIURLMutation(t *testing.T) {
+	tmpDir := t.TempDir()
+	configPath := filepath.Join(tmpDir, ".lrc.toml")
+	if err := os.WriteFile(configPath, []byte("jwt = \"old\"\n"), 0600); err != nil {
+		t.Fatalf("write config: %v", err)
+	}
+
+	err := persistConfigUpdates(configPath, map[string]string{"api_url": "https://livereview.hexmos.com"})
+	if err == nil {
+		t.Fatal("expected api_url mutation guard to fail")
+	}
+	if !strings.Contains(err.Error(), "api_url updates are not allowed") {
+		t.Fatalf("unexpected error: %v", err)
+	}
+}