mirror of
https://github.com/bytedance/deer-flow.git
synced 2026-06-18 21:55:59 +00:00
Nan Gao
8c0830aea1
* fix(channels): add operational guardrails * make format * fix(channels): converge with #3582 to avoid merge-order conflicts Drop this PR's DingTalk INFO-log redaction and hand it to #3582, which already restructures that handler and will redact the same log there. This PR no longer touches dingtalk.py, so the two PRs can merge to main in any order without a conflict. For WeChat, drop the contested thread_ts priority reorder (review #3) and keep only what inbound dedupe needs: a server-stable message_id in the inbound metadata (message_id/msg_id, no client_id per review #6). This is a single added line inside the metadata dict, a region #3582 never touches, so it auto-merges regardless of order. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> * fix(channels): address three correctness review findings 1. Connect-code cap was racy (willem #1): _create_state ran delete-expired, count, and insert as three separate transactions, so concurrent connect POSTs from one owner could each see count < cap and all insert past it. Add ChannelConnectionRepository.create_oauth_state_within_cap which does delete+count+insert in a single transaction serialized per (owner, provider) — Postgres via pg_advisory_xact_lock, SQLite via the write lock the leading DELETE takes — and have the router use it. 2. Inbound dedupe key fell back to "" workspace (willem #3): two workspaces delivering without team/guild/aibotid would collapse to the same key and dedupe each other's messages. _inbound_dedupe_key now fails closed (returns None) when no workspace identifier is present. 3. Dedupe key was recorded on receipt and never released on failure (ShenAC #1): a transient error (DB blip, Gateway 503) left the key in place for the full TTL, so a provider redelivery of the same message_id — exactly the retry dedupe should absorb — was silently dropped. _handle_message now releases the key in the unexpected-exception branch so redelivery can recover, while keeping record-on-receipt so retries during handling are still deduped. Tests: repo cap enforcement incl. concurrent-issuance non-leak; dedupe fail-closed; dedupe key release-on-failure redelivery recovery. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> * fix(channels): address cleanup/efficiency and test review findings Efficiency / cleanup: - Dedupe key set drops client-generated ids (client_msg_id, client_id); keep only server-stable event_id/message_id/msg_id, which a provider's own redelivery preserves (ShenAC #6). Every provider already emits message_id. - TTL/overflow pruning of _recent_inbound_events is now O(k): switch to an OrderedDict and popitem(last=False) from the front instead of scanning all 4096 entries on every inbound (willem #4). - Log "received inbound" only after the dedupe check so a provider retrying N times no longer logs N accepts; document that manager dedupe covers the agent run/final answer, not provider ack side-effects (willem #5, ShenAC #2). - Slack drops the redundant `team_id or event.get("team")` fallback the caller already resolved (willem #6). - create_oauth_state_within_cap prunes only this owner/provider's expired codes instead of a global DELETE on every connect POST; global cleanup still runs on consume_oauth_state (willem #7). Tests: - Dedupe test uses tmp_path instead of a leaked mkdtemp, uses distinct objects per publish, and adds a negative control: a different message_id is still processed, catching over-dedupe regressions (willem #8, ShenAC #4). - Slack HTTP-mode rejection test supplies app_token so the missing-token early return can't mask the guard, giving the state assertions teeth (ShenAC #3). - count_oauth_states test pins that the active row survives, not just the count (ShenAC #5). Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> * make format --------- Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
138 lines
4.6 KiB
Python
138 lines
4.6 KiB
Python
"""Slack connection tests for user-owned channel bindings."""
|
|
|
|
from __future__ import annotations
|
|
|
|
import sys
|
|
from datetime import UTC, datetime, timedelta
|
|
from types import ModuleType
|
|
from unittest.mock import AsyncMock, MagicMock
|
|
|
|
from app.channels.message_bus import MessageBus, OutboundMessage
|
|
|
|
|
|
async def _make_repo(tmp_path):
|
|
from deerflow.persistence.channel_connections import ChannelConnectionRepository, ChannelCredentialCipher
|
|
from deerflow.persistence.engine import get_session_factory, init_engine
|
|
|
|
await init_engine("sqlite", url=f"sqlite+aiosqlite:///{tmp_path / 'slack.db'}", sqlite_dir=str(tmp_path))
|
|
return ChannelConnectionRepository(
|
|
get_session_factory(),
|
|
cipher=ChannelCredentialCipher.from_key("slack-secret"),
|
|
)
|
|
|
|
|
|
def test_slack_connect_command_binds_socket_mode_identity(tmp_path):
|
|
import anyio
|
|
|
|
from app.channels.slack import SlackChannel
|
|
|
|
async def go():
|
|
repo = await _make_repo(tmp_path)
|
|
state = "slack-bind-code"
|
|
await repo.create_oauth_state(
|
|
owner_user_id="deerflow-user-1",
|
|
provider="slack",
|
|
state=state,
|
|
expires_at=datetime.now(UTC) + timedelta(minutes=5),
|
|
)
|
|
channel = SlackChannel(
|
|
bus=MessageBus(),
|
|
config={"bot_token": "xoxb-operator", "app_token": "xapp-operator", "connection_repo": repo},
|
|
)
|
|
channel._web_client = MagicMock()
|
|
|
|
handled = await channel._bind_connection_from_connect_code(
|
|
event={
|
|
"user": "U123",
|
|
"channel": "C123",
|
|
"ts": "1710000000.000100",
|
|
},
|
|
team_id="T123",
|
|
code=state,
|
|
)
|
|
|
|
connections = await repo.list_connections("deerflow-user-1")
|
|
assert handled is True
|
|
assert len(connections) == 1
|
|
assert connections[0]["provider"] == "slack"
|
|
assert connections[0]["external_account_id"] == "U123"
|
|
assert connections[0]["workspace_id"] == "T123"
|
|
assert connections[0]["metadata"]["channel_id"] == "C123"
|
|
channel._web_client.chat_postMessage.assert_called_once()
|
|
await repo.close()
|
|
|
|
anyio.run(go)
|
|
|
|
|
|
def test_slack_send_uses_connection_bot_token_when_connection_id_is_present():
|
|
import anyio
|
|
|
|
from app.channels.slack import SlackChannel
|
|
|
|
async def go():
|
|
repo = AsyncMock()
|
|
repo.get_credentials.return_value = {"access_token": "xoxb-connection-token"}
|
|
web_client = MagicMock()
|
|
web_client_factory = MagicMock(return_value=web_client)
|
|
channel = SlackChannel(
|
|
bus=MessageBus(),
|
|
config={
|
|
"connection_repo": repo,
|
|
"web_client_factory": web_client_factory,
|
|
},
|
|
)
|
|
|
|
msg = OutboundMessage(
|
|
channel_name="slack",
|
|
chat_id="C123",
|
|
thread_id="thread-1",
|
|
text="hello",
|
|
connection_id="connection-1",
|
|
)
|
|
await channel.send(msg)
|
|
|
|
repo.get_credentials.assert_awaited_once_with("connection-1")
|
|
web_client_factory.assert_called_once_with(token="xoxb-connection-token")
|
|
web_client.chat_postMessage.assert_called_once()
|
|
|
|
anyio.run(go)
|
|
|
|
|
|
def test_slack_http_events_mode_is_rejected(monkeypatch, caplog):
|
|
import anyio
|
|
|
|
from app.channels.slack import SlackChannel
|
|
|
|
slack_sdk = ModuleType("slack_sdk")
|
|
slack_sdk.WebClient = object
|
|
socket_mode = ModuleType("slack_sdk.socket_mode")
|
|
socket_mode.SocketModeClient = object
|
|
response = ModuleType("slack_sdk.socket_mode.response")
|
|
response.SocketModeResponse = object
|
|
monkeypatch.setitem(sys.modules, "slack_sdk", slack_sdk)
|
|
monkeypatch.setitem(sys.modules, "slack_sdk.socket_mode", socket_mode)
|
|
monkeypatch.setitem(sys.modules, "slack_sdk.socket_mode.response", response)
|
|
|
|
async def go():
|
|
channel = SlackChannel(
|
|
bus=MessageBus(),
|
|
config={
|
|
"bot_token": "xoxb-operator",
|
|
# Provide app_token too so the missing-token early return cannot
|
|
# fire before the HTTP-mode guard — otherwise the state assertions
|
|
# below would hold even if the guard were deleted.
|
|
"app_token": "xapp-token",
|
|
"event_delivery": "http",
|
|
"connection_repo": MagicMock(),
|
|
},
|
|
)
|
|
|
|
with caplog.at_level("ERROR", logger="app.channels.slack"):
|
|
await channel.start()
|
|
|
|
assert channel._running is False
|
|
assert channel._web_client is None
|
|
assert "Slack HTTP Events mode is not supported" in caplog.text
|
|
|
|
anyio.run(go)
|