fix: 修复 AI 回复无法送达发送者 + 重复消息 + action角色泄露 + OS环境支持
广播逻辑重构: - AI 回复 (stream_start/response/stream_segments/multi_message/stream_end) 改用 broadcastToUser 发送给所有客户端 - 用户消息回显保持 broadcastToUserExcept 排除发送者 消息去重与角色修复: - CacheMessage(user) 移至回复生成后,避免本轮 LLM 调用出现重复用户消息 - action 角色消息在 DB 存储时映射为 assistant,DeepSeek 等模型不支持自定义角色 - stream_end defer 机制确保错误路径也会终止客户端思考指示器 OS 完整环境支持: - host 包重构为 HostBackend 接口 + Direct/WSL/Docker 三种后端 - 新增 os_exec/os_file/os_system 工具供 AI 在完整 Linux 环境中自由操作 其他: - 视觉模型注入 + 图片预处理后清空 Images 避免传给 Chat 模型 - 图片 URL 相对路径→绝对 URL 转换 - DevTools 链路追踪页面 + 重启修复 - 记忆搜索模糊匹配增强 - 后台思考定时调度支持 - 管理后台页面 (模型配置/用户管理等) - docs/api 更新广播机制说明 Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
This commit is contained in:
@@ -2,207 +2,72 @@ package host
|
||||
|
||||
import (
|
||||
"context"
|
||||
"fmt"
|
||||
"os"
|
||||
"os/exec"
|
||||
"path/filepath"
|
||||
"runtime"
|
||||
"strings"
|
||||
"time"
|
||||
)
|
||||
|
||||
// Manager provides controlled access to the host machine.
|
||||
// It wraps a Sandbox for command execution and adds file system
|
||||
// operations with path allow-list enforcement.
|
||||
// HostBackend defines the interface for command execution and file system
|
||||
// operations. Implementations include DirectBackend (host OS), WSLBackend
|
||||
// (Windows Subsystem for Linux), and DockerBackend (container).
|
||||
type HostBackend interface {
|
||||
Exec(ctx context.Context, command, workDir string, timeout time.Duration) (*ExecResult, error)
|
||||
ReadFile(path string, maxBytes int) (string, error)
|
||||
WriteFile(path, content string, maxBytes int) error
|
||||
ListDir(path string) ([]DirEntry, error)
|
||||
SystemInfo() map[string]interface{}
|
||||
DiskUsage(path string) (map[string]interface{}, error)
|
||||
Name() string
|
||||
}
|
||||
|
||||
// Manager provides controlled access to the host machine. It delegates
|
||||
// to a HostBackend implementation which may be direct, WSL, or Docker.
|
||||
type Manager struct {
|
||||
sandbox *Sandbox
|
||||
allowedDirs []string
|
||||
backend HostBackend
|
||||
}
|
||||
|
||||
// NewManager creates a new host Manager.
|
||||
func NewManager(sandbox *Sandbox) *Manager {
|
||||
m := &Manager{sandbox: sandbox}
|
||||
if sandbox != nil {
|
||||
m.allowedDirs = sandbox.cfg.AllowedDirs
|
||||
}
|
||||
return m
|
||||
// NewManager creates a new host Manager with the given backend.
|
||||
func NewManager(backend HostBackend) *Manager {
|
||||
return &Manager{backend: backend}
|
||||
}
|
||||
|
||||
// SetAllowedDirs updates the list of directories accessible for file operations.
|
||||
// SetAllowedDirs updates directory restrictions. Only effective for
|
||||
// DirectBackend; WSL and Docker backends are no-ops.
|
||||
func (m *Manager) SetAllowedDirs(dirs []string) {
|
||||
m.allowedDirs = dirs
|
||||
m.sandbox.cfg.AllowedDirs = dirs
|
||||
if db, ok := m.backend.(*DirectBackend); ok {
|
||||
db.SetAllowedDirs(dirs)
|
||||
}
|
||||
}
|
||||
|
||||
// Exec runs a command in the sandbox.
|
||||
// Exec runs a command via the configured backend.
|
||||
func (m *Manager) Exec(ctx context.Context, command, workDir string, timeout time.Duration) (*ExecResult, error) {
|
||||
return m.sandbox.Exec(ctx, command, workDir, timeout)
|
||||
return m.backend.Exec(ctx, command, workDir, timeout)
|
||||
}
|
||||
|
||||
// ReadFile reads the contents of a file within allowed directories.
|
||||
// ReadFile reads a file via the configured backend.
|
||||
func (m *Manager) ReadFile(path string, maxBytes int) (string, error) {
|
||||
if maxBytes <= 0 {
|
||||
maxBytes = 1024 * 1024
|
||||
}
|
||||
if err := m.validatePath(path); err != nil {
|
||||
return "", err
|
||||
}
|
||||
info, err := os.Stat(path)
|
||||
if err != nil {
|
||||
return "", fmt.Errorf("cannot stat file: %w", err)
|
||||
}
|
||||
if info.IsDir() {
|
||||
return "", fmt.Errorf("path is a directory: %s", path)
|
||||
}
|
||||
if info.Size() > int64(maxBytes) {
|
||||
return "", fmt.Errorf("file too large: %d bytes (max %d)", info.Size(), maxBytes)
|
||||
}
|
||||
data, err := os.ReadFile(path)
|
||||
if err != nil {
|
||||
return "", fmt.Errorf("cannot read file: %w", err)
|
||||
}
|
||||
if len(data) > maxBytes {
|
||||
data = data[:maxBytes]
|
||||
}
|
||||
return string(data), nil
|
||||
return m.backend.ReadFile(path, maxBytes)
|
||||
}
|
||||
|
||||
// WriteFile writes data to a file within allowed directories.
|
||||
// WriteFile writes a file via the configured backend.
|
||||
func (m *Manager) WriteFile(path, content string, maxBytes int) error {
|
||||
if maxBytes <= 0 {
|
||||
maxBytes = 1024 * 1024
|
||||
}
|
||||
if len(content) > maxBytes {
|
||||
return fmt.Errorf("content too large: %d bytes (max %d)", len(content), maxBytes)
|
||||
}
|
||||
if err := m.validatePath(path); err != nil {
|
||||
return err
|
||||
}
|
||||
dir := filepath.Dir(path)
|
||||
if err := os.MkdirAll(dir, 0755); err != nil {
|
||||
return fmt.Errorf("cannot create directory: %w", err)
|
||||
}
|
||||
return os.WriteFile(path, []byte(content), 0644)
|
||||
return m.backend.WriteFile(path, content, maxBytes)
|
||||
}
|
||||
|
||||
// ListDir lists directory contents within allowed directories.
|
||||
// ListDir lists a directory via the configured backend.
|
||||
func (m *Manager) ListDir(path string) ([]DirEntry, error) {
|
||||
if err := m.validatePath(path); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
entries, err := os.ReadDir(path)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("cannot read directory: %w", err)
|
||||
}
|
||||
result := make([]DirEntry, 0, len(entries))
|
||||
for _, e := range entries {
|
||||
info, _ := e.Info()
|
||||
size := int64(0)
|
||||
modTime := time.Time{}
|
||||
if info != nil {
|
||||
size = info.Size()
|
||||
modTime = info.ModTime()
|
||||
}
|
||||
result = append(result, DirEntry{
|
||||
Name: e.Name(),
|
||||
IsDir: e.IsDir(),
|
||||
Size: size,
|
||||
ModTime: modTime.Format(time.RFC3339),
|
||||
})
|
||||
}
|
||||
return result, nil
|
||||
return m.backend.ListDir(path)
|
||||
}
|
||||
|
||||
// DirEntry represents a filesystem directory entry.
|
||||
type DirEntry struct {
|
||||
Name string `json:"name"`
|
||||
IsDir bool `json:"is_dir"`
|
||||
Size int64 `json:"size"`
|
||||
ModTime string `json:"mod_time"`
|
||||
}
|
||||
|
||||
// SystemInfo returns basic system information.
|
||||
// SystemInfo returns system information from the configured backend.
|
||||
func (m *Manager) SystemInfo() map[string]interface{} {
|
||||
hostname, _ := os.Hostname()
|
||||
wd, _ := os.Getwd()
|
||||
|
||||
info := map[string]interface{}{
|
||||
"hostname": hostname,
|
||||
"os": runtime.GOOS,
|
||||
"arch": runtime.GOARCH,
|
||||
"num_cpu": runtime.NumCPU(),
|
||||
"go_version": runtime.Version(),
|
||||
"work_dir": wd,
|
||||
}
|
||||
|
||||
if runtime.GOOS == "windows" {
|
||||
cmd := exec.Command("systeminfo")
|
||||
out, err := cmd.Output()
|
||||
if err == nil {
|
||||
lines := strings.Split(string(out), "\n")
|
||||
for _, line := range lines {
|
||||
line = strings.TrimSpace(line)
|
||||
if strings.Contains(line, "Total Physical Memory") {
|
||||
parts := strings.SplitN(line, ":", 2)
|
||||
if len(parts) == 2 {
|
||||
info["total_memory"] = strings.TrimSpace(parts[1])
|
||||
}
|
||||
}
|
||||
if strings.Contains(line, "OS Name") {
|
||||
parts := strings.SplitN(line, ":", 2)
|
||||
if len(parts) == 2 {
|
||||
info["os_name"] = strings.TrimSpace(parts[1])
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
} else {
|
||||
if data, err := os.ReadFile("/proc/meminfo"); err == nil {
|
||||
for _, line := range strings.Split(string(data), "\n") {
|
||||
if strings.HasPrefix(line, "MemTotal:") {
|
||||
info["total_memory"] = strings.TrimSpace(strings.TrimPrefix(line, "MemTotal:"))
|
||||
break
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
return info
|
||||
return m.backend.SystemInfo()
|
||||
}
|
||||
|
||||
// DiskUsage returns disk usage for the given path.
|
||||
// DiskUsage returns disk usage info from the configured backend.
|
||||
func (m *Manager) DiskUsage(path string) (map[string]interface{}, error) {
|
||||
if err := m.validatePath(path); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
info, err := os.Stat(path)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("cannot stat path: %w", err)
|
||||
}
|
||||
result := map[string]interface{}{
|
||||
"path": path,
|
||||
"is_dir": info.IsDir(),
|
||||
"size": info.Size(),
|
||||
"mod_time": info.ModTime().Format(time.RFC3339),
|
||||
}
|
||||
return result, nil
|
||||
return m.backend.DiskUsage(path)
|
||||
}
|
||||
|
||||
func (m *Manager) validatePath(path string) error {
|
||||
absPath, err := filepath.Abs(path)
|
||||
if err != nil {
|
||||
return fmt.Errorf("cannot resolve path: %w", err)
|
||||
}
|
||||
if len(m.allowedDirs) == 0 {
|
||||
return nil
|
||||
}
|
||||
for _, allowed := range m.allowedDirs {
|
||||
absAllowed, err := filepath.Abs(allowed)
|
||||
if err != nil {
|
||||
continue
|
||||
}
|
||||
if strings.HasPrefix(absPath, absAllowed+string(os.PathSeparator)) || absPath == absAllowed {
|
||||
return nil
|
||||
}
|
||||
}
|
||||
return fmt.Errorf("path not in allowed directories: %s", path)
|
||||
// BackendName returns the name of the active backend.
|
||||
func (m *Manager) BackendName() string {
|
||||
return m.backend.Name()
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user