furyhawk/deer-flow
1
0
Fork 0
mirror of https://github.com/bytedance/deer-flow.git synced 2026-06-18 21:55:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(channels): harden runtime credential management APIs (#3581)

Browse Source 
* fix(channels): harden runtime credential management APIs

* fix(channels): address review feedback on credential hardening

Follow-up to the runtime credential-hardening pass, resolving five review
findings:

- WeChat auth persistence now writes through a 0o600 NamedTemporaryFile +
  Path.replace instead of write_text-then-chmod, so the iLink bot_token is
  never briefly readable at umask defaults (mirrors ChannelRuntimeConfigStore).
- The post-write chmod is split into its own try/except: a chmod failure on a
  filesystem without POSIX perms now logs at debug instead of masquerading as
  a "failed to persist" warning.
- Extracted the three near-identical _require_admin_user helpers (mcp,
  channel_connections, channels) into a single require_admin_user(request, *,
  detail) in app/gateway/deps.py; each router supplies its own detail string.
- Strengthened the runtime-config-store chmod coverage: a new test injects a
  temp-file chmod failure and asserts it is logged at debug while the
  destination is still owner-only (mutation-verified to fail if the chmod is
  dropped), plus a loose-pre-existing-file case.
- Removed the unused _FakeRepo from the blocking-io test: its isinstance gate
  routes through the repo-less 503 path, so neither stub was ever invoked.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

---------

Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
Co-authored-by: Willem Jiang <willem.jiang@gmail.com>
This commit is contained in:
Nan Gao
2026-06-18 04:45:33 +02:00
committed by GitHub
parent 68ba4198b8
commit 2b301e8211
11 changed files with 314 additions and 56 deletions
Download Patch File Download Diff File Expand all files Collapse all files
backend/tests/test_mcp_config_secrets.py
+4 -3
View File
@@ -12,15 +12,16 @@ from types import SimpleNamespace
import pytest
from fastapi import HTTPException
from app.gateway.deps import require_admin_user
from app.gateway.routers import mcp as mcp_router
from app.gateway.routers.mcp import (
_ADMIN_REQUIRED_DETAIL,
_MCP_STDIO_COMMAND_ALLOWLIST_ENV,
McpConfigUpdateRequest,
McpOAuthConfigResponse,
McpServerConfigResponse,
_mask_server_config,
_merge_preserving_secrets,
_require_admin_user,
_validate_mcp_update_request,
reset_mcp_tools_cache_endpoint,
update_mcp_configuration,
@@ -334,10 +335,10 @@ def _request_with_role(system_role: str):
@pytest.mark.asyncio
async def test_mcp_config_requires_admin_user():
"""MCP config is system-level executable configuration, not a normal user setting."""
await _require_admin_user(_request_with_role("admin"))
await require_admin_user(_request_with_role("admin"), detail=_ADMIN_REQUIRED_DETAIL)
with pytest.raises(HTTPException) as exc_info:
await _require_admin_user(_request_with_role("user"))
await require_admin_user(_request_with_role("user"), detail=_ADMIN_REQUIRED_DETAIL)
assert exc_info.value.status_code == 403