ai-char/ai-char-bot
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

fixes

Browse Source
This commit is contained in:
xds
2026-02-18 17:06:17 +03:00
parent 7488665d04
commit 4af5134726
1 changed files with 29 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

41
api/endpoints/generation_router.py
View File

@@ -1,26 +1,31 @@
import logging
import os
import json
from typing import List, Optional from typing import List, Optional
from fastapi import APIRouter, UploadFile, File, Form, Header, HTTPException from fastapi import APIRouter, UploadFile, File, Form, Header, HTTPException
from fastapi.params import Depends from fastapi.params import Depends
from starlette import status
from starlette.requests import Request from starlette.requests import Request
from api import service
from api.dependency import get_generation_service, get_project_id, get_dao from api.dependency import get_generation_service, get_project_id, get_dao
from repos.dao import DAO from api.endpoints.auth import get_current_user
from api.models import (
from api.models import GenerationResponse, GenerationRequest, GenerationsResponse, PromptResponse, PromptRequest, GenerationGroupResponse GenerationResponse,
from api.models import FinancialReport GenerationRequest,
GenerationsResponse,
PromptResponse,
PromptRequest,
GenerationGroupResponse,
FinancialReport,
ExternalGenerationRequest
)
from api.service.generation_service import GenerationService from api.service.generation_service import GenerationService
from models.Generation import Generation from repos.dao import DAO
from utils.external_auth import verify_signature
from starlette import status
import logging
logger = logging.getLogger(__name__) logger = logging.getLogger(__name__)
from api.endpoints.auth import get_current_user
router = APIRouter(prefix='/api/generations', tags=["Generation"]) router = APIRouter(prefix='/api/generations', tags=["Generation"])
@@ -162,6 +167,14 @@ async def get_generation(generation_id: str,
logger.debug(f"get_generation called for ID: {generation_id}") logger.debug(f"get_generation called for ID: {generation_id}")
gen = await generation_service.get_generation(generation_id) gen = await generation_service.get_generation(generation_id)
if gen and gen.created_by != str(current_user["_id"]): if gen and gen.created_by != str(current_user["_id"]):
# Check project membership
is_member = False
if gen.project_id:
project = await generation_service.dao.projects.get_project(gen.project_id)
if project and str(current_user["_id"]) in project.members:
is_member = True
if not is_member:
raise HTTPException(status_code=403, detail="Access denied") raise HTTPException(status_code=403, detail="Access denied")
return gen return gen
@@ -178,9 +191,6 @@ async def import_external_generation(
Import a generation from an external source. Import a generation from an external source.
Requires server-to-server authentication via HMAC signature. Requires server-to-server authentication via HMAC signature.
""" """
import os
from utils.external_auth import verify_signature
from api.models import ExternalGenerationRequest
logger.info("import_external_generation called") logger.info("import_external_generation called")
# Get raw request body for signature verification # Get raw request body for signature verification
@@ -197,7 +207,6 @@ async def import_external_generation(
raise HTTPException(status_code=401, detail="Invalid signature") raise HTTPException(status_code=401, detail="Invalid signature")
# Parse request body # Parse request body
import json
try: try:
data = json.loads(body.decode('utf-8')) data = json.loads(body.decode('utf-8'))
external_gen = ExternalGenerationRequest(**data) external_gen = ExternalGenerationRequest(**data)