feat(cli): user-scoped public API — checkin, form, kudos, user commands

[xergioalex]

Summary

• New commands: dailybot checkin list/complete, dailybot form list/submit, dailybot kudos give, dailybot user list — all scoped to the authenticated user's Bearer session (dailybot login)
• Interactive menu overhaul: grouped sections (Check-ins / Forms / Team / Session), stable action IDs, Esc returns to menu without exiting, kudos skips confirmation in TUI mode, check-in UX aligned with form UX
• Dev tooling: clitest refresh for hot-reload during development, DAILYBOT_CONFIG_DIR env override for isolated sandbox configs, docker network integration for local API testing

New commands

Command	Description
dailybot checkin list	List today's pending check-ins
dailybot checkin complete <uuid>	Complete a check-in (interactive or -a index=answer flags)
dailybot form list	List forms visible to the user (shows question count)
dailybot form submit <uuid>	Submit a form (guided per-question prompts or --content JSON)
dailybot kudos give --to <name> --message <msg>	Give kudos; receiver resolved by name or UUID
dailybot user list	List org members (Name + UUID only — no email exposed)

All new commands support --json for machine-readable output and structured exit codes (2 usage error · 3 not authenticated · 4 permission denied · 5 quota exhausted · 6 rate limited · 7 user aborted).

Auth model

New commands use the Bearer token path (dailybot login → credentials.json) rather than the existing API-key path used by dailybot agent *. Acts as the logged-in user — same visibility and permissions as the webapp.

Key implementation decisions

• list_users() paginates with _MAX_LIST_PAGES = 50 safety cap — prevents an infinite loop against a misbehaving backend
• dailybot user list omits email addresses (PII minimization for open-source)
• dailybot form list uses ?include=questions to get question counts in one request (N+1 avoided); backend prompt at tmp/backend-form-list-questions-prompt.md
• dailybot form submit uses GET /v1/forms/{uuid}/ for guided prompts; backend prompt at tmp/backend-form-detail-prompt.md
• DAILYBOT_CONFIG_DIR env var redirects all ~/.config/dailybot/ file access for sandbox isolation
• Interactive menu refactored to stable action IDs + _HANDLER_MAP dispatch — adding future actions requires only one entry in the map

Security audit

• No hardcoded secrets, tokens, or API keys in any new code
• docker/local/cli/.env (which contains real dev tokens) is gitignored and not tracked
• Bearer token never logged or printed; all credential writes use os.chmod(path, 0o600)
• exit_for_api_error translates raw API errors to safe user-facing messages
• Fixed one real vulnerability: unbounded pagination loop in list_users() → added _MAX_LIST_PAGES = 50 cap

Bugs fixed

Bug	Fix
TestInteractiveLogin hung forever	Mock returned old "Quit" value; after menu refactor only "exit" triggers the exit path
9 ruff violations (import order, f-string docstrings, unused import)	Fixed via ruff --fix + manual inline of docstring text
1 mypy no-redef error in collect_checkin_answers	Renamed duplicate answers variable to collected

Test plan

• pytest tests/api_client_test.py — new methods + pagination cap test
• pytest tests/public_api_commands_test.py — all new commands end-to-end (auth guard, JSON mode, all error exit codes, self-kudos rejection, ambiguous receiver)
• pytest tests/commands_test.py — full existing suite including fixed interactive login test
• pytest tests/config_test.py — DAILYBOT_CONFIG_DIR isolation
• ruff check dailybot_cli tests → clean
• mypy dailybot_cli → clean
• 170 tests total, 0 failures

Made with Cursor