Files
ragflow/internal/dao/api_token_beta_test.go

72 lines
1.7 KiB
Go
Raw Normal View History

//
// Copyright 2026 The InfiniFlow Authors. All Rights Reserved.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//
package dao
import (
"testing"
"github.com/glebarez/sqlite"
"gorm.io/gorm"
"ragflow/internal/entity"
)
func setupAPITokenBetaTestDB(t *testing.T) *gorm.DB {
t.Helper()
db, err := gorm.Open(sqlite.Open(":memory:"), &gorm.Config{
TranslateError: true,
})
if err != nil {
t.Fatalf("failed to open sqlite: %v", err)
}
if err := db.AutoMigrate(&entity.APIToken{}); err != nil {
t.Fatalf("failed to migrate api_token: %v", err)
}
return db
}
func TestAPITokenDAOGetByBeta(t *testing.T) {
db := setupAPITokenBetaTestDB(t)
pushDB(t, db)
beta := "beta-token"
if err := db.Create(&entity.APIToken{
TenantID: "tenant-1",
Token: "token-1",
Beta: &beta,
}).Error; err != nil {
t.Fatalf("failed to create api token: %v", err)
}
got, err := NewAPITokenDAO().GetByBeta(beta)
if err != nil {
t.Fatalf("GetByBeta failed: %v", err)
}
feat(go): implement chatbots/<dialog_id>/info and searchbots/detail (#15420) ### What problem does this PR solve? Part of #15240 (rewriting the RAGFlow API server in Go). Implements the two public bot endpoints from `api/apps/restful_apis/bot_api.py`: - **`GET /api/v1/chatbots/<dialog_id>/info`** (`chatbots_inputs`) — returns `{title, avatar, prologue, has_tavily_key}` for a dialog the authenticated tenant owns (tenant match + `status == VALID`), otherwise `"Authentication error: no access to this chatbot!"`. - **`GET /api/v1/searchbots/detail`** (`detail_share_embedded`) — returns search-app detail for a `search_id` the tenant can access. Permission is checked across the tenant's joined tenants; denial returns `"Has no permission for this operation."` (operating error, `data: false`) and a missing app returns `"Can't find this Search App!"`. Both endpoints authenticate with an SDK **beta token** (`Authorization: Bearer <beta>`) rather than a session — the token is resolved to a tenant via `APIToken.query(beta=token)`, backed by a new `APITokenDAO.GetByBeta`. Because they perform their own token-based auth, the routes are registered on the unauthenticated route group (mirroring the Python blueprint, which has no `@login_required`). Both live in a new `internal/handler/bot.go` + `internal/service/bot.go` since they share the same source module. Handler unit tests cover the auth, success, and error-mapping paths. ### Type of change - [x] New Feature (non-breaking change which adds functionality) --------- Co-authored-by: Claude Code <claude@anthropic.com> Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com> Co-authored-by: Ling Qin <qinling0210@163.com>
2026-07-02 00:46:00 -10:00
if len(got) == 0 {
t.Fatal("expected token(s), got empty list")
}
feat(go): implement chatbots/<dialog_id>/info and searchbots/detail (#15420) ### What problem does this PR solve? Part of #15240 (rewriting the RAGFlow API server in Go). Implements the two public bot endpoints from `api/apps/restful_apis/bot_api.py`: - **`GET /api/v1/chatbots/<dialog_id>/info`** (`chatbots_inputs`) — returns `{title, avatar, prologue, has_tavily_key}` for a dialog the authenticated tenant owns (tenant match + `status == VALID`), otherwise `"Authentication error: no access to this chatbot!"`. - **`GET /api/v1/searchbots/detail`** (`detail_share_embedded`) — returns search-app detail for a `search_id` the tenant can access. Permission is checked across the tenant's joined tenants; denial returns `"Has no permission for this operation."` (operating error, `data: false`) and a missing app returns `"Can't find this Search App!"`. Both endpoints authenticate with an SDK **beta token** (`Authorization: Bearer <beta>`) rather than a session — the token is resolved to a tenant via `APIToken.query(beta=token)`, backed by a new `APITokenDAO.GetByBeta`. Because they perform their own token-based auth, the routes are registered on the unauthenticated route group (mirroring the Python blueprint, which has no `@login_required`). Both live in a new `internal/handler/bot.go` + `internal/service/bot.go` since they share the same source module. Handler unit tests cover the auth, success, and error-mapping paths. ### Type of change - [x] New Feature (non-breaking change which adds functionality) --------- Co-authored-by: Claude Code <claude@anthropic.com> Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com> Co-authored-by: Ling Qin <qinling0210@163.com>
2026-07-02 00:46:00 -10:00
if got[0].TenantID != "tenant-1" {
t.Fatalf("TenantID = %q, want tenant-1", got[0].TenantID)
}
feat(go): implement chatbots/<dialog_id>/info and searchbots/detail (#15420) ### What problem does this PR solve? Part of #15240 (rewriting the RAGFlow API server in Go). Implements the two public bot endpoints from `api/apps/restful_apis/bot_api.py`: - **`GET /api/v1/chatbots/<dialog_id>/info`** (`chatbots_inputs`) — returns `{title, avatar, prologue, has_tavily_key}` for a dialog the authenticated tenant owns (tenant match + `status == VALID`), otherwise `"Authentication error: no access to this chatbot!"`. - **`GET /api/v1/searchbots/detail`** (`detail_share_embedded`) — returns search-app detail for a `search_id` the tenant can access. Permission is checked across the tenant's joined tenants; denial returns `"Has no permission for this operation."` (operating error, `data: false`) and a missing app returns `"Can't find this Search App!"`. Both endpoints authenticate with an SDK **beta token** (`Authorization: Bearer <beta>`) rather than a session — the token is resolved to a tenant via `APIToken.query(beta=token)`, backed by a new `APITokenDAO.GetByBeta`. Because they perform their own token-based auth, the routes are registered on the unauthenticated route group (mirroring the Python blueprint, which has no `@login_required`). Both live in a new `internal/handler/bot.go` + `internal/service/bot.go` since they share the same source module. Handler unit tests cover the auth, success, and error-mapping paths. ### Type of change - [x] New Feature (non-breaking change which adds functionality) --------- Co-authored-by: Claude Code <claude@anthropic.com> Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com> Co-authored-by: Ling Qin <qinling0210@163.com>
2026-07-02 00:46:00 -10:00
if got[0].Beta == nil || *got[0].Beta != beta {
t.Fatalf("Beta = %v, want %q", got[0].Beta, beta)
}
}