chore(release): v0.6.2 — ourmoji admin module-toggle endpoint

Bumps version to 0.6.2 and adds the admin endpoint used to enable the
restricted Ourmoji module per-user in production. Also adds user-facing
module docs and the CHANGELOG entry.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

Author: InfantLab

CHANGELOG.md

@@ -7,6 +7,13 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+## [0.6.2] - 2026-04-20
+
+### Added
+
+- **Ourmoji module** (restricted / feature-flagged): daily emoji oracle + multi-night dream-telepathy experiment runs, nightly role assignments, morning dream capture with voice or text, reveal flow, and experiment-run management page. Hidden unless the user has the `ourmoji` feature flag.
+- **Admin module-toggle endpoint**: `PATCH /api/v1/admin/users/:id/modules` merges per-user feature flags (e.g. `{ "ourmoji": true }`) into `user_preferences.enabled_modules`. Requires `admin:users:write`.
+
 ## [0.6.1] - 2026-03-29
 
 ### Theme: PWA, Push Notifications & Accessibility (WCAG 2.2 AA)

app/package.json

@@ -1,6 +1,6 @@
 {
   "name": "tada",
-  "version": "0.6.1",
+  "version": "0.6.2",
   "private": true,
   "type": "module",
   "description": "Personal lifelogger - Track Activities, Discover Achievements",

app/server/api/v1/admin/users/[id]/modules.patch.ts

@@ -0,0 +1,107 @@
+/**
+ * PATCH /api/v1/admin/users/:id/modules
+ *
+ * Toggle per-user feature module flags (e.g. ourmoji).
+ * Merges the supplied flags into the existing `enabled_modules` JSON field
+ * on `user_preferences`, creating the row if it doesn't exist.
+ *
+ * Body: { "ourmoji": true, "someOtherFlag": false }
+ */
+
+import * as z from "zod";
+import { nanoid } from "nanoid";
+import { requireAdmin } from "~/server/utils/admin";
+import { success, notFound, validationError } from "~/server/utils/response";
+import { logAuthEvent } from "~/server/utils/authEvents";
+import { db } from "~/server/db";
+import { users, userPreferences } from "~/server/db/schema";
+import { eq, sql } from "drizzle-orm";
+
+const bodySchema = z.record(z.string(), z.boolean()).refine(
+  (obj) => Object.keys(obj).length > 0,
+  { message: "At least one module flag is required" },
+);
+
+export default defineEventHandler(async (event) => {
+  requireAdmin(event, "admin:users:write");
+
+  const userId = getRouterParam(event, "id");
+  if (!userId) {
+    throw createError(notFound(event, "User"));
+  }
+
+  // Verify user exists
+  const user = await db
+    .select({ id: users.id })
+    .from(users)
+    .where(eq(users.id, userId))
+    .limit(1);
+
+  if (user.length === 0) {
+    throw createError(notFound(event, "User"));
+  }
+
+  const body = await readBody(event);
+  const parseResult = bodySchema.safeParse(body);
+
+  if (!parseResult.success) {
+    const errors: Record<string, string[]> = {};
+    for (const issue of parseResult.error.issues) {
+      const path = issue.path.join(".") || "_root";
+      if (!errors[path]) errors[path] = [];
+      errors[path].push(issue.message);
+    }
+    throw createError(validationError(event, errors));
+  }
+
+  const flags = parseResult.data;
+
+  // Fetch existing preferences row
+  const existing = await db
+    .select()
+    .from(userPreferences)
+    .where(eq(userPreferences.userId, userId))
+    .limit(1);
+
+  let previousModules: Record<string, boolean> = {};
+  let updatedModules: Record<string, boolean>;
+
+  if (existing.length === 0) {
+    // Create preferences row with the supplied flags
+    updatedModules = { ...flags };
+    await db.insert(userPreferences).values({
+      id: nanoid(),
+      userId,
+      enabledModules: updatedModules,
+    });
+  } else {
+    // Merge flags into existing enabled_modules
+    const current = existing[0].enabledModules;
+    previousModules =
+      current && typeof current === "object" ? { ...current } : {};
+    updatedModules = { ...previousModules, ...flags };
+
+    await db
+      .update(userPreferences)
+      .set({
+        enabledModules: updatedModules,
+        updatedAt: sql`(datetime('now'))`,
+      })
+      .where(eq(userPreferences.userId, userId));
+  }
+
+  const auth = event.context.auth!;
+  await logAuthEvent({
+    event,
+    userId: auth.userId,
+    eventType: "admin:user_updated",
+    metadata: {
+      targetUserId: userId,
+      action: "modules_updated",
+      changes: flags,
+      previousModules,
+    },
+  });
+
+  return success(event, { enabledModules: updatedModules });
+});

docs/modules/README.md

@@ -14,6 +14,7 @@ Entry types define **how** an activity is recorded. Each module provides its own
 | [Sessions](./sessions.md) | `timed` | Timer for meditation and focused practices |
 | [Tally](./tally.md) | `tally` | Count-based tracking for discrete activities |
 | [Rhythms](./rhythms.md) | — | Graceful chains that celebrate consistency |
+| [Ourmoji](./ourmoji.md) ⚠️ | `ourmoji`, `dream-experiment` | Restricted: daily emoji oracle + shared dream experiments |
 
 ## Data Flow Modules
 

docs/modules/ourmoji.md

@@ -0,0 +1,81 @@
+# Ourmoji
+
+> ⚠️ **Restricted module — not on general release.**
+> Ourmoji is gated behind a per-user feature flag and currently enabled only for a small group of collaborators. It is not part of the public Ta-Da! experience and may change or be removed without notice.
+
+**A daily emoji oracle and shared dream experiment.**
+
+Each morning an emoji is drawn from a Sacred Set and paired with a poetic reflection that references the moon phase and the Wheel of Year. On enrolled nights, paired participants run a structured dream-telepathy experiment: a Sender focuses on a target emoji before sleep, a Receiver records their dream and guesses the emoji the next morning.
+
+## What it does
+
+- **Daily Ourmoji** — A first-class daily entry showing today's emoji, reflection, moon phase, and Wheel of Year context
+- **Calendar view** — Scrollable history of past Ourmojis as a grid, each tappable for full reflection
+- **Dream experiments** — Multi-night runs pairing participants as Sender / Receiver / Control / Rest
+- **Nightly assignment** — Roles assigned automatically at 21:00 in the earliest participant timezone, blinded to the Receiver
+- **Morning dream capture** — Voice or text dream recording followed by an emoji guess, locked once submitted
+- **Reveal flow** — After both participants submit, the target emoji is revealed alongside the recorded dream
+- **Neutral progress stats** — During active runs only nights-completed and submission counts are shown; hit rates and p-values are hidden until the run finishes
+- **Experiment management** — Create, pause, resume, and review experiment runs from a dedicated page
+
+## Philosophy
+
+Ourmoji is a research-flavoured ritual layer on top of Ta-Da!. Where the rest of the app celebrates everyday accomplishments, Ourmoji explores the symbolic and oneiric edge — daily oracles, shared dreams, and rigorously logged "what if?" experiments. It is intentionally narrow in audience: the goal is to learn from a small cohort before deciding whether anything here belongs in the general release.
+
+## Access
+
+Ourmoji is hidden unless the authenticated user has the `ourmoji` feature flag. Without the flag:
+
+- No navigation entry appears
+- API endpoints under `/api/ourmoji/**` return as if the feature does not exist
+- No error or upsell is shown
+
+### Enabling for a user
+
+An admin can toggle module flags via the admin API:
+
+```http
+PATCH /api/v1/admin/users/:userId/modules
+Content-Type: application/json
+
+{ "ourmoji": true }
+```
+
+The body is a `Record<string, boolean>` — flags are merged into the user's existing `enabled_modules` preferences. Set a flag to `false` to disable it. The endpoint creates a `user_preferences` row automatically if the user doesn't have one yet.
+
+Requires admin auth (`ADMIN_USER_IDS` env var) with `admin:users:write` permission.
+
+## Module definition
+
+| Field | Value |
+|-------|-------|
+| Types | `ourmoji`, `dream-experiment` |
+| Label | Ourmoji |
+| Status | Restricted (feature-flagged) |
+| Requires | `ourmoji` feature flag |
+| Notifications | Web Push (nightly assignment, morning prompt) |
+
+## Code
+
+| Path | Purpose |
+|------|---------|
+| `app/modules/entry-types/ourmoji/index.ts` | Daily Ourmoji entry type registration |
+| `app/modules/entry-types/dream-experiment/index.ts` | Dream experiment entry type registration |
+| `app/pages/ourmoji.vue` | Daily Ourmoji + calendar page |
+| `app/pages/ourmoji/experiments.vue` | Experiment run management page |
+| `app/components/ourmoji/` | Daily card, calendar, dream capture, reveal, experiment manager components |
+| `app/composables/useOurmoji.ts` | Client state for daily + calendar |
+| `app/composables/useDreamExperimentFlow.ts` | Client state for nightly assignment + morning flow |
+| `app/server/api/ourmoji/` | REST endpoints (daily, calendar, experiments, submissions) |
+| `app/server/services/ourmoji/` | Daily ingest, scheduling, randomization, notifications, submissions |
+| `app/server/plugins/ourmoji-scheduler.ts` | Nitro plugin driving nightly assignment sweeps |
+| `app/server/db/migrations/0023_ourmoji_module.sql` | Schema for experiments, assignments, submissions |
+| `app/utils/ourmoji/` | Sacred Set + Wheel of Year helpers |
+
+## Specification
+
+Full design lives in [`specs/013-ourmoji-module/`](../../specs/013-ourmoji-module/) — see `spec.md`, `data-model.md`, and `contracts/openapi.yaml`.
+
+---
+
+[Back to modules](./README.md)