PNArchives/Memoh
1
0
Fork 0
mirror of https://github.com/memohai/Memoh.git synced 2026-04-27 07:16:19 +09:00
Code Issues Packages Projects Releases Wiki Activity

fix: enforce speech/LLM isolation in providers and models

Browse Source 
SQL queries (CountProviders, CountModels, ListModels, ListEnabledModels,
ListModelsByProviderID) now exclude speech types. Added IsLLMClientType
guard to prevent cross-domain queries via /models?client_type and
/providers/:id/import-models. Frontend provider forms no longer offer
edge-speech as a client type option.

Also fixed pre-existing SA5011 staticcheck warnings in proxy_test.go
and executor_test.go.
This commit is contained in:
Acbox
2026-04-14 21:07:27 +08:00
parent 84f1d0612a
commit 6328281fc2
10 changed files with 50 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files
internal/handlers/providers.go
+8
View File
@@ -313,6 +313,14 @@ func (h *ProvidersHandler) ImportModels(c echo.Context) error {
ctx = oauthctx.WithUserID(ctx, userID)
}
provider, err := h.service.Get(ctx, id)
if err != nil {
return echo.NewHTTPError(http.StatusNotFound, fmt.Sprintf("provider not found: %v", err))
}
if !models.IsLLMClientType(models.ClientType(provider.ClientType)) {
return echo.NewHTTPError(http.StatusBadRequest, "import models is not supported for speech providers")
}
remoteModels, err := h.service.FetchRemoteModels(ctx, id)
if err != nil {
return echo.NewHTTPError(http.StatusInternalServerError, fmt.Sprintf("fetch remote models: %v", err))