Files
ragflow/internal/handler/agent.go

259 lines
6.6 KiB
Go
Raw Normal View History

//
// Copyright 2026 The InfiniFlow Authors. All Rights Reserved.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//
package handler
import (
feat: implement POST /api/v1/agents/<agent_id>/upload API (#15633) ## Summary Implement the `POST /api/v1/agents/<agent_id>/upload` endpoint in Go, allowing file uploads associated with agent canvases. ### Changes - **Modified**: `internal/service/agent.go` — Added `CheckCanvasAccess` method (owner + team-level permission semantics) - **Modified**: `internal/handler/agent.go` — Added `UploadAgentFile` handler with auth check, multipart file parsing, and delegation to `FileService`. Added `fileUploader` interface for testability. - **Modified**: `internal/router/router.go` — Registered `POST /:agent_id/upload` route - **Modified**: `cmd/server_main.go` — Wired `fileService` into `AgentHandler` - **New**: `internal/service/agent_test.go` — 4 service-level tests for `CheckCanvasAccess` (owner, team member, private denial, not found) - **New**: `internal/handler/agent_upload_test.go` — 3 handler-level tests (success with fake file service, cross-user denial, empty file rejection) ### Testing All 7 tests pass with zero mocking of the DB layer (in-memory SQLite): ``` === RUN TestCheckCanvasAccess_Owner --- PASS === RUN TestCheckCanvasAccess_NotOwner --- PASS === RUN TestCheckCanvasAccess_PrivateCanvas_Denied --- PASS === RUN TestCheckCanvasAccess_NotFound --- PASS === RUN TestUploadAgentFileHandler_Success --- PASS === RUN TestUploadAgentFileHandler_NoPermission --- PASS === RUN TestUploadAgentFileHandler_NoFiles --- PASS ``` Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-04 17:21:47 +08:00
"fmt"
"mime/multipart"
"net/http"
"strconv"
"strings"
"github.com/gin-gonic/gin"
"ragflow/internal/common"
"ragflow/internal/service"
)
feat: implement POST /api/v1/agents/<agent_id>/upload API (#15633) ## Summary Implement the `POST /api/v1/agents/<agent_id>/upload` endpoint in Go, allowing file uploads associated with agent canvases. ### Changes - **Modified**: `internal/service/agent.go` — Added `CheckCanvasAccess` method (owner + team-level permission semantics) - **Modified**: `internal/handler/agent.go` — Added `UploadAgentFile` handler with auth check, multipart file parsing, and delegation to `FileService`. Added `fileUploader` interface for testability. - **Modified**: `internal/router/router.go` — Registered `POST /:agent_id/upload` route - **Modified**: `cmd/server_main.go` — Wired `fileService` into `AgentHandler` - **New**: `internal/service/agent_test.go` — 4 service-level tests for `CheckCanvasAccess` (owner, team member, private denial, not found) - **New**: `internal/handler/agent_upload_test.go` — 3 handler-level tests (success with fake file service, cross-user denial, empty file rejection) ### Testing All 7 tests pass with zero mocking of the DB layer (in-memory SQLite): ``` === RUN TestCheckCanvasAccess_Owner --- PASS === RUN TestCheckCanvasAccess_NotOwner --- PASS === RUN TestCheckCanvasAccess_PrivateCanvas_Denied --- PASS === RUN TestCheckCanvasAccess_NotFound --- PASS === RUN TestUploadAgentFileHandler_Success --- PASS === RUN TestUploadAgentFileHandler_NoPermission --- PASS === RUN TestUploadAgentFileHandler_NoFiles --- PASS ``` Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-04 17:21:47 +08:00
// AgentHandler agent handler
// fileUploader is the subset of FileService used by agent handlers.
type fileUploader interface {
UploadFile(tenantID, parentID string, files []*multipart.FileHeader) ([]map[string]interface{}, error)
}
// AgentHandler agent handler
type AgentHandler struct {
agentService *service.AgentService
feat: implement POST /api/v1/agents/<agent_id>/upload API (#15633) ## Summary Implement the `POST /api/v1/agents/<agent_id>/upload` endpoint in Go, allowing file uploads associated with agent canvases. ### Changes - **Modified**: `internal/service/agent.go` — Added `CheckCanvasAccess` method (owner + team-level permission semantics) - **Modified**: `internal/handler/agent.go` — Added `UploadAgentFile` handler with auth check, multipart file parsing, and delegation to `FileService`. Added `fileUploader` interface for testability. - **Modified**: `internal/router/router.go` — Registered `POST /:agent_id/upload` route - **Modified**: `cmd/server_main.go` — Wired `fileService` into `AgentHandler` - **New**: `internal/service/agent_test.go` — 4 service-level tests for `CheckCanvasAccess` (owner, team member, private denial, not found) - **New**: `internal/handler/agent_upload_test.go` — 3 handler-level tests (success with fake file service, cross-user denial, empty file rejection) ### Testing All 7 tests pass with zero mocking of the DB layer (in-memory SQLite): ``` === RUN TestCheckCanvasAccess_Owner --- PASS === RUN TestCheckCanvasAccess_NotOwner --- PASS === RUN TestCheckCanvasAccess_PrivateCanvas_Denied --- PASS === RUN TestCheckCanvasAccess_NotFound --- PASS === RUN TestUploadAgentFileHandler_Success --- PASS === RUN TestUploadAgentFileHandler_NoPermission --- PASS === RUN TestUploadAgentFileHandler_NoFiles --- PASS ``` Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-04 17:21:47 +08:00
fileService fileUploader
}
// NewAgentHandler create agent handler
feat: implement POST /api/v1/agents/<agent_id>/upload API (#15633) ## Summary Implement the `POST /api/v1/agents/<agent_id>/upload` endpoint in Go, allowing file uploads associated with agent canvases. ### Changes - **Modified**: `internal/service/agent.go` — Added `CheckCanvasAccess` method (owner + team-level permission semantics) - **Modified**: `internal/handler/agent.go` — Added `UploadAgentFile` handler with auth check, multipart file parsing, and delegation to `FileService`. Added `fileUploader` interface for testability. - **Modified**: `internal/router/router.go` — Registered `POST /:agent_id/upload` route - **Modified**: `cmd/server_main.go` — Wired `fileService` into `AgentHandler` - **New**: `internal/service/agent_test.go` — 4 service-level tests for `CheckCanvasAccess` (owner, team member, private denial, not found) - **New**: `internal/handler/agent_upload_test.go` — 3 handler-level tests (success with fake file service, cross-user denial, empty file rejection) ### Testing All 7 tests pass with zero mocking of the DB layer (in-memory SQLite): ``` === RUN TestCheckCanvasAccess_Owner --- PASS === RUN TestCheckCanvasAccess_NotOwner --- PASS === RUN TestCheckCanvasAccess_PrivateCanvas_Denied --- PASS === RUN TestCheckCanvasAccess_NotFound --- PASS === RUN TestUploadAgentFileHandler_Success --- PASS === RUN TestUploadAgentFileHandler_NoPermission --- PASS === RUN TestUploadAgentFileHandler_NoFiles --- PASS ``` Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-04 17:21:47 +08:00
func NewAgentHandler(agentService *service.AgentService, fileService *service.FileService) *AgentHandler {
return &AgentHandler{agentService: agentService, fileService: fileService}
}
// ListAgents lists agent canvases for the current user.
// @Summary List Agents
// @Description List agent canvases accessible to the current user (Home dashboard tile)
// @Tags agents
// @Produce json
// @Param keywords query string false "Filter by title keyword"
// @Param page query int false "Page number (0 = no pagination)"
// @Param page_size query int false "Items per page (0 = no pagination)"
// @Param orderby query string false "Order-by field (default: create_time)"
// @Param desc query bool false "Descending order (default: true)"
// @Param owner_ids query string false "Comma-separated owner IDs to filter (default: all authorised tenants)"
// @Param canvas_category query string false "Canvas category (default: agent_canvas)"
// @Success 200 {object} service.ListAgentsResponse
// @Router /api/v1/agents [get]
func (h *AgentHandler) ListAgents(c *gin.Context) {
user, errorCode, errorMessage := GetUser(c)
if errorCode != common.CodeSuccess {
jsonError(c, errorCode, errorMessage)
return
}
keywords := c.Query("keywords")
canvasCategory := c.Query("canvas_category")
page := 0
if v := c.Query("page"); v != "" {
if p, err := strconv.Atoi(v); err == nil && p > 0 {
page = p
}
}
pageSize := 0
if v := c.Query("page_size"); v != "" {
if ps, err := strconv.Atoi(v); err == nil && ps > 0 {
pageSize = ps
}
}
orderby := c.DefaultQuery("orderby", "create_time")
desc := true
if v := c.Query("desc"); v != "" {
desc = strings.ToLower(v) != "false"
}
var ownerIDs []string
if raw := c.Query("owner_ids"); raw != "" {
for _, id := range strings.Split(raw, ",") {
id = strings.TrimSpace(id)
if id != "" {
ownerIDs = append(ownerIDs, id)
}
}
}
result, code, err := h.agentService.ListAgents(
user.ID,
keywords,
page,
pageSize,
orderby,
desc,
ownerIDs,
canvasCategory,
)
if err != nil {
c.JSON(http.StatusOK, gin.H{
"code": code,
"data": false,
"message": err.Error(),
})
return
}
c.JSON(http.StatusOK, gin.H{
"code": common.CodeSuccess,
"data": result,
"message": "success",
})
}
feat: implement GET /api/v1/agents/<agent_id>/versions API (#15629) ## Summary Implement the `GET /api/v1/agents/<agent_id>/versions` endpoint in Go, listing all version snapshots for an agent canvas in descending update time order. ### Changes - **New**: `internal/dao/user_canvas_version.go` — `UserCanvasVersionDAO` with `ListByCanvasID` (ordered by update_time DESC) and `GetByID` - **Modified**: `internal/service/agent.go` — Added `CheckCanvasAccess`, `ListVersions`, `GetVersion` methods - **Modified**: `internal/handler/agent.go` — Added `ListAgentVersions` handler with auth check - **Modified**: `internal/router/router.go` — Registered `GET /:agent_id/versions` route - **New**: `internal/service/agent_test.go` — 5 service-level tests (SQLite in-memory DB, zero mock) - **Modified**: `internal/handler/agent_test.go` — 3 handler-level tests (real DB, pre-authenticated context) ### Testing All 8 tests pass with zero mocking (in-memory SQLite replaces MySQL): ``` === RUN TestListVersions_Success --- PASS === RUN TestListVersions_Empty --- PASS === RUN TestCheckCanvasAccess_Owner --- PASS === RUN TestCheckCanvasAccess_NotOwner --- PASS === RUN TestCheckCanvasAccess_NotFound --- PASS === RUN TestListAgentVersionsHandler_Success --- PASS === RUN TestListAgentVersionsHandler_NoPermission --- PASS === RUN TestListAgentVersionsHandler_CanvasNotFound --- PASS ``` Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-04 15:36:26 +08:00
// ListAgentVersions returns versions for a specific agent.
// @Summary List Agent Versions
// @Description Returns all versions for a specific agent, ordered by update_time DESC.
// @Tags agents
// @Produce json
// @Param agent_id path string true "Agent ID"
// @Success 200 {object} map[string]interface{}
// @Router /api/v1/agents/{agent_id}/versions [get]
func (h *AgentHandler) ListAgentVersions(c *gin.Context) {
user, errorCode, errorMessage := GetUser(c)
if errorCode != common.CodeSuccess {
jsonError(c, errorCode, errorMessage)
return
}
agentID := c.Param("agent_id")
if agentID == "" {
c.JSON(http.StatusOK, gin.H{
"code": common.CodeArgumentError,
"data": nil,
"message": "agent_id is required",
})
return
}
ok, err := h.agentService.CheckCanvasAccess(user.ID, agentID)
if err != nil || !ok {
c.JSON(http.StatusOK, gin.H{
"code": common.CodeOperatingError,
"data": nil,
"message": "Agent not found or no permission.",
})
return
}
versions, err := h.agentService.ListVersions(agentID)
if err != nil {
c.JSON(http.StatusOK, gin.H{
"code": common.CodeServerError,
"data": nil,
"message": err.Error(),
})
return
}
c.JSON(http.StatusOK, gin.H{
"code": common.CodeSuccess,
"data": versions,
"message": "",
})
}
feat: implement POST /api/v1/agents/<agent_id>/upload API (#15633) ## Summary Implement the `POST /api/v1/agents/<agent_id>/upload` endpoint in Go, allowing file uploads associated with agent canvases. ### Changes - **Modified**: `internal/service/agent.go` — Added `CheckCanvasAccess` method (owner + team-level permission semantics) - **Modified**: `internal/handler/agent.go` — Added `UploadAgentFile` handler with auth check, multipart file parsing, and delegation to `FileService`. Added `fileUploader` interface for testability. - **Modified**: `internal/router/router.go` — Registered `POST /:agent_id/upload` route - **Modified**: `cmd/server_main.go` — Wired `fileService` into `AgentHandler` - **New**: `internal/service/agent_test.go` — 4 service-level tests for `CheckCanvasAccess` (owner, team member, private denial, not found) - **New**: `internal/handler/agent_upload_test.go` — 3 handler-level tests (success with fake file service, cross-user denial, empty file rejection) ### Testing All 7 tests pass with zero mocking of the DB layer (in-memory SQLite): ``` === RUN TestCheckCanvasAccess_Owner --- PASS === RUN TestCheckCanvasAccess_NotOwner --- PASS === RUN TestCheckCanvasAccess_PrivateCanvas_Denied --- PASS === RUN TestCheckCanvasAccess_NotFound --- PASS === RUN TestUploadAgentFileHandler_Success --- PASS === RUN TestUploadAgentFileHandler_NoPermission --- PASS === RUN TestUploadAgentFileHandler_NoFiles --- PASS ``` Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-04 17:21:47 +08:00
// UploadAgentFile uploads one or more files associated with an agent.
// @Summary Upload Agent File
// @Description Upload one or more files for an agent canvas.
// @Tags agents
// @Accept multipart/form-data
// @Produce json
// @Param agent_id path string true "Agent ID"
// @Param file formData file true "File(s) to upload (multiple files supported)"
// @Success 200 {object} map[string]interface{}
// @Router /api/v1/agents/{agent_id}/upload [post]
func (h *AgentHandler) UploadAgentFile(c *gin.Context) {
user, errorCode, errorMessage := GetUser(c)
if errorCode != common.CodeSuccess {
jsonError(c, errorCode, errorMessage)
return
}
agentID := c.Param("agent_id")
if agentID == "" {
c.JSON(http.StatusOK, gin.H{
"code": common.CodeArgumentError,
"data": nil,
"message": "agent_id is required",
})
return
}
ok, err := h.agentService.CheckCanvasAccess(user.ID, agentID)
if err != nil || !ok {
c.JSON(http.StatusOK, gin.H{
"code": common.CodeOperatingError,
"data": nil,
"message": "Agent not found or no permission.",
})
return
}
form, err := c.MultipartForm()
if err != nil {
c.JSON(http.StatusOK, gin.H{
"code": common.CodeArgumentError,
"data": nil,
"message": fmt.Sprintf("invalid form data: %v", err),
})
return
}
files := form.File["file"]
if len(files) == 0 {
c.JSON(http.StatusOK, gin.H{
"code": common.CodeArgumentError,
"data": nil,
"message": "You have to upload at least one file.",
})
return
}
// Use the canvas owner's tenant ID for file ownership.
uploaded, err := h.fileService.UploadFile(user.ID, "", files)
if err != nil {
c.JSON(http.StatusOK, gin.H{
"code": common.CodeOperatingError,
"data": nil,
"message": err.Error(),
})
return
}
c.JSON(http.StatusOK, gin.H{
"code": common.CodeSuccess,
"data": uploaded,
"message": "",
})
}