feat(web): drop SessionProfile, wire observations into AttackerDetail (DEBT-050 / DEBT-036 closure)

Destructive half of BEHAVE-INTEGRATION.md Phase 1. SessionProfile + its kd_* columns + the dialect ALTER TABLE migration helpers are deleted outright; pre-v1, the table shipped empty, no migration ceremony required (per the no-new-_migrate_-pre-v1 memory rule). DEBT-036 closes via DEBT-050 supersedure. AttackerDetail's ``observations`` field is wired to the new ``observations`` table and returns an empty list until the BEHAVE-SHELL extractor (DEBT-050 Phase 2) starts emitting. decnet/web/db/models/attackers.py — SessionProfile class deleted (~135 lines), KD_PAUSE_*/KD_START_OF_ACTION_IDLE_S module constants deleted, module docstring updated to point at the observations table. AttackerIdentity.kd_digraph_simhash is KEPT — it's the v2 federation centroid hook, not a SessionProfile field; docstring repointed to the BEHAVE primitive that will populate it. decnet/web/db/sqlmodel_repo/attackers/sessions.py — DELETED. SessionProfilesMixin dropped from the AttackersMixin MRO. decnet/web/db/repository.py — abstract upsert_session_profile + get_session_profile removed. decnet/web/db/sqlite/repository.py + mysql/repository.py — _migrate_session_profile_table helpers and their initialize() calls removed. mysql initialize() now goes attackers → column_types → admin (no session_profile step). decnet/web/db/models/__init__.py — SessionProfile re-export gone. decnet/web/db/models/attacker_intel.py — docstring cross-reference to SessionProfile.schema_version retargeted to AttackerIdentity. decnet/web/router/attackers/api_get_attacker_detail.py — adds ``observations: []`` to the response by calling ``repo.latest_observation_per_primitive(uuid)`` and projecting to a list sorted by primitive path. Empty until the extractor lands; shape matches BEHAVE-INTEGRATION.md §"AttackerDetail consumer". tests/profiler/test_session_profile.py — DELETED (56 lines). tests/db/test_base_repo.py — DummyRepo loses upsert_session_profile and get_session_profile overrides. tests/db/mysql/test_mysql_migration.py — initialize-call-order assertion updated; session_profile step removed from the expected sequence; docstring records why. tests/ttp/test_lifter_absence.py — docstring "no SessionProfile" → "no ObservationRow".
2026-05-03 07:33:37 -04:00
parent 0972325527
commit a2a61b636e
14 changed files with 41 additions and 357 deletions
--- a/decnet/web/db/sqlmodel_repo/attackers/init.py
+++ b/decnet/web/db/sqlmodel_repo/attackers/init.py
@@ -1,9 +1,9 @@
 """Attacker repository methods.

-The full domain spans ~500 lines of methods across attacker rows,
-behavior signals, session profiles, SMTP victim tracking, and
-log-derived activity views.  Each concern lives in its own submixin;
-``AttackersMixin`` composes them.
+Per-concern submixins composed onto ``AttackersMixin``. The legacy
+``SessionProfilesMixin`` was dropped when the BEHAVE-SHELL
+``observations`` table replaced the ``session_profile`` column-zoo
+(see DEBT-050 → ``decnet/web/db/sqlmodel_repo/observations.py``).

 ``_deserialize_attacker`` lives on ``AttackersCoreMixin`` and is reached
 from ``IdentitiesMixin.list_observations_for_identity`` via ``self.`` —
@@ -15,14 +15,12 @@ from __future__ import annotations
 from decnet.web.db.sqlmodel_repo.attackers._core import AttackersCoreMixin
 from decnet.web.db.sqlmodel_repo.attackers.activity import AttackerActivityMixin
 from decnet.web.db.sqlmodel_repo.attackers.behavior import AttackerBehaviorMixin
-from decnet.web.db.sqlmodel_repo.attackers.sessions import SessionProfilesMixin
 from decnet.web.db.sqlmodel_repo.attackers.smtp import SmtpTargetsMixin


 class AttackersMixin(
    AttackerActivityMixin,
    AttackerBehaviorMixin,
-    SessionProfilesMixin,
    SmtpTargetsMixin,
    AttackersCoreMixin,
 ):
--- a/decnet/web/db/sqlmodel_repo/attackers/sessions.py
+++ b/decnet/web/db/sqlmodel_repo/attackers/sessions.py
@@ -1,51 +0,0 @@
-"""Per-session profile rows (keystroke-dynamics features land here at
-ingestion-time post-V2)."""
-from __future__ import annotations
-
-from typing import Any, Optional
-
-from sqlalchemy import select
-
-from decnet.web.db.models import SessionProfile
-
-
-from decnet.web.db.sqlmodel_repo._helpers import _MixinBase
-
-class SessionProfilesMixin(_MixinBase):
-    async def upsert_session_profile(
-        self,
-        sid: str,
-        data: dict[str, Any],
-    ) -> None:
-        """
-        Write (or update) the session_profile row for *sid*.
-
-        Pre-v1, the typical call is the empty-write path at session close:
-        `upsert_session_profile(sid, {"log_id": <id>})` — all keystroke
-        feature columns stay NULL until the V2 ingestion job populates them.
-        """
-        async with self._session() as session:
-            result = await session.execute(
-                select(SessionProfile).where(SessionProfile.sid == sid)
-            )
-            existing = result.scalar_one_or_none()
-            if existing:
-                for k, v in data.items():
-                    setattr(existing, k, v)
-                session.add(existing)
-            else:
-                session.add(SessionProfile(sid=sid, **data))
-            await session.commit()
-
-    async def get_session_profile(
-        self,
-        sid: str,
-    ) -> Optional[dict[str, Any]]:
-        async with self._session() as session:
-            result = await session.execute(
-                select(SessionProfile).where(SessionProfile.sid == sid)
-            )
-            row = result.scalar_one_or_none()
-            if not row:
-                return None
-            return row.model_dump(mode="json")