feat: 会话附件删除接口与图片输入模型兼容投影 (clean v2)#714
Open
wynxing wants to merge 6 commits into
Open
Conversation
- 从 RuntimePort 拆出 SessionAssetPort 独立端口,新增 DeleteSessionAsset 方法 - Gateway 注册 DELETE /api/session-assets 端点,多工作区路由和安全 ACL 适配 - CLI Bridge 实现 DeleteSessionAsset,修复 Save 缺少会话存在性校验、Open 缺少 os.ErrNotExist 映射 - Runtime 图片投影:不支持图片的模型对历史图片替换为占位文本,不修改持久化消息 - Runtime 拒绝不支持的当前图片输入,避免上游 400 - Web ChatInput 取消上传时调用 deleteSessionAsset 释放服务端资源 - Web useSessionStore 新增 _pendingNewSession 防止新会话期间自动切换
- 修复 handleSessionAssetRead 中 ACL 检查使用了 sessionAssetDeleteMethod 的 bug - 修复 handleSessionAssetDelete 中 ACL 检查使用了 sessionAssetReadMethod 的 bug - 为 newStablePromptSources 添加 nil source 过滤,防止 collectPromptSections panic - 补充 ACL 独立生效测试(read-only 和 delete-only ACL 场景) - 补充 nil source 和 mixed nil/valid source 测试 - 补充 multi_workspace Delete 不支持 SessionAssetPort 的错误返回测试 - 补充图片投影空消息和混合消息的边界测试
…setPort 方法被提升的测试缺陷 将 recordingPortWithoutSessionAsset 的嵌入类型从 *recordingPort 改为 RuntimePort 接口, 避免 Go 方法提升机制将 SessionAssetPort 的方法也一并提升,导致类型断言永远成功。
TestNetworkServerSessionAssetACLIndependent 直接用 sessionAssetReadMethod/ sessionAssetDeleteMethod(混合大小写)作为 allow map 键,但 IsAllowed 查找时 用 strings.ToLower 归一化,导致键不匹配返回 403。改用 normalizedMethodSet() 构造内层 map,与生产代码 NewStrictControlPlaneACL 保持一致。
|
Codex usage limits have been reached for code reviews. Please check with the admins of this repo to increase the limits by adding credits. |
![fennoai[bot]](https://avatars.githubusercontent.com/in/1924301?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
发现 1 个需要处理的问题。
验证未完成:本地环境中 go 不可用,且 vitest 二进制不可执行,因此未能运行目标测试。
未能定位到 diff 行的发现
internal/gateway/network_server.go:698: 这里仍然只允许GET, POST, OPTIONS,但本 PR 新增的GatewayAPI.deleteSessionAsset()会发起带Authorization和X-NeoCode-Workspace-Hash的DELETE请求。浏览器在跨源场景会先发送 preflight,如果Access-Control-Allow-Methods不包含DELETE,实际删除请求会被浏览器拦截,导致 Web 端无法清理已上传但发送失败的附件。请把DELETE加入允许方法,并补一个OPTIONS预检覆盖。
Codecov Report❌ Patch coverage is 📢 Thoughts on this report? Let us know! |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Clean version of PR #712 without formatting noise.
Changes:
This PR replaces #712 with a cleaner diff.