From 77c66cf4cf5499cc728c84a6bcdc4110705f4eff Mon Sep 17 00:00:00 2001 From: Sam Saffron Date: Wed, 20 Nov 2024 18:26:16 +1100 Subject: [PATCH 1/2] DEV: improve artifact presentation 1. Keep source in a "details" block after rendered so it does not overwhelm users 2. Ensure artifacts are never indexed by robots 3. Cache break our CSS that changed recently --- .../discourse_ai/ai_bot/artifacts_controller.rb | 1 + .../ai_bot/shared_ai_conversations/show.html.erb | 2 +- config/locales/server.en.yml | 1 + lib/ai_bot/tools/create_artifact.rb | 8 ++++++-- spec/requests/ai_bot/artifacts_controller_spec.rb | 3 ++- 5 files changed, 11 insertions(+), 4 deletions(-) diff --git a/app/controllers/discourse_ai/ai_bot/artifacts_controller.rb b/app/controllers/discourse_ai/ai_bot/artifacts_controller.rb index ac3b9d860..3ae65ef81 100644 --- a/app/controllers/discourse_ai/ai_bot/artifacts_controller.rb +++ b/app/controllers/discourse_ai/ai_bot/artifacts_controller.rb @@ -68,6 +68,7 @@ def show response.headers.delete("X-Frame-Options") response.headers["Content-Security-Policy"] = "script-src 'unsafe-inline';" + response.headers["X-Robots-Tag"] = "noindex" # Render the content render html: trusted_html.html_safe, layout: false, content_type: "text/html" diff --git a/app/views/discourse_ai/ai_bot/shared_ai_conversations/show.html.erb b/app/views/discourse_ai/ai_bot/shared_ai_conversations/show.html.erb index ac307a9b2..b72ea2b5a 100644 --- a/app/views/discourse_ai/ai_bot/shared_ai_conversations/show.html.erb +++ b/app/views/discourse_ai/ai_bot/shared_ai_conversations/show.html.erb @@ -10,7 +10,7 @@ "> - "> + ">
diff --git a/config/locales/server.en.yml b/config/locales/server.en.yml index f3e8e9184..fdbd16c58 100644 --- a/config/locales/server.en.yml +++ b/config/locales/server.en.yml @@ -175,6 +175,7 @@ en: discourse_ai: ai_artifact: link: "Show Artifact in new tab" + view_source: "View Source" unknown_model: "Unknown AI model" tools: diff --git a/lib/ai_bot/tools/create_artifact.rb b/lib/ai_bot/tools/create_artifact.rb index cb2d8d57f..a3b994031 100644 --- a/lib/ai_bot/tools/create_artifact.rb +++ b/lib/ai_bot/tools/create_artifact.rb @@ -103,10 +103,14 @@ def update_custom_html(artifact = nil) content << [:js, "### JavaScript\n\n```javascript\n#{js}\n```"] if js.present? - content << [:preview, "### Preview\n\n#{artifact_div}"] if artifact_div - content.sort_by! { |c| c[0] === @selected_tab ? 1 : 0 } if !artifact + if artifact + content.unshift([nil, "[details='#{I18n.t("discourse_ai.ai_artifact.view_source")}']"]) + content << [nil, "[/details]"] + end + + content << [:preview, "### Preview\n\n#{artifact_div}"] if artifact_div self.custom_raw = content.map { |c| c[1] }.join("\n\n") end diff --git a/spec/requests/ai_bot/artifacts_controller_spec.rb b/spec/requests/ai_bot/artifacts_controller_spec.rb index 10f7bcdeb..c017fe578 100644 --- a/spec/requests/ai_bot/artifacts_controller_spec.rb +++ b/spec/requests/ai_bot/artifacts_controller_spec.rb @@ -67,11 +67,12 @@ def parse_srcdoc(html) end end - it "removes security headers" do + it "removes security headers and disables crawling" do sign_in(user) get "/discourse-ai/ai-bot/artifacts/#{artifact.id}" expect(response.headers["X-Frame-Options"]).to eq(nil) expect(response.headers["Content-Security-Policy"]).to eq("script-src 'unsafe-inline';") + expect(response.headers["X-Robots-Tag"]).to eq("noindex") end end end From 3b6f6585a0471744c4d689d7cda3a49190a4f219 Mon Sep 17 00:00:00 2001 From: Sam Saffron Date: Wed, 20 Nov 2024 18:43:08 +1100 Subject: [PATCH 2/2] write spec --- lib/ai_bot/tools/create_artifact.rb | 2 +- .../ai_bot/tools/create_artifact_spec.rb | 36 +++++++++++++++++++ 2 files changed, 37 insertions(+), 1 deletion(-) diff --git a/lib/ai_bot/tools/create_artifact.rb b/lib/ai_bot/tools/create_artifact.rb index a3b994031..4986b8b0e 100644 --- a/lib/ai_bot/tools/create_artifact.rb +++ b/lib/ai_bot/tools/create_artifact.rb @@ -93,7 +93,7 @@ def update_custom_html(artifact = nil) js = parameters[:js].to_s artifact_div = - "
" if artifact + "
" if artifact content = [] diff --git a/spec/lib/modules/ai_bot/tools/create_artifact_spec.rb b/spec/lib/modules/ai_bot/tools/create_artifact_spec.rb index f4e955fc0..785088d15 100644 --- a/spec/lib/modules/ai_bot/tools/create_artifact_spec.rb +++ b/spec/lib/modules/ai_bot/tools/create_artifact_spec.rb @@ -4,10 +4,46 @@ fab!(:llm_model) let(:bot_user) { DiscourseAi::AiBot::EntryPoint.find_user_from_model(llm_model.name) } let(:llm) { DiscourseAi::Completions::Llm.proxy("custom:#{llm_model.id}") } + fab!(:post) before { SiteSetting.ai_bot_enabled = true } describe "#process" do + it "correctly adds details block on final invoke" do + tool = + described_class.new( + { html_body: "hello" }, + bot_user: Fabricate(:user), + llm: llm, + context: { + post_id: post.id, + }, + ) + + tool.parameters = { html_body: "hello" } + + tool.invoke {} + + artifact_id = AiArtifact.order("id desc").limit(1).pluck(:id).first + + expected = <<~MD + [details='View Source'] + + ### HTML + + ```html + hello + ``` + + [/details] + + ### Preview + +
+ MD + expect(tool.custom_raw.strip).to eq(expected.strip) + end + it "can correctly handle partial updates" do tool = described_class.new({}, bot_user: bot_user, llm: llm)