PNArchives/Memoh
1
0
Fork 0
mirror of https://github.com/memohai/Memoh.git synced 2026-04-25 07:00:48 +09:00
Code Issues Packages Projects Releases Wiki Activity
Files
1f30e666e0460e3d693e78637d8c45fd9c7338ee
Memoh/internal/handlers/subagent.go
T
Acbox 1f30e666e0 feat(web): use generate sdk
2026-02-11 15:23:47 +08:00

475 lines
15 KiB
Go
Raw Blame History

package handlers
import (
"context"
"errors"
"log/slog"
"net/http"
"strings"
"github.com/labstack/echo/v4"
"github.com/memohai/memoh/internal/auth"
"github.com/memohai/memoh/internal/bots"
"github.com/memohai/memoh/internal/identity"
"github.com/memohai/memoh/internal/subagent"
"github.com/memohai/memoh/internal/users"
)
type SubagentHandler struct {
service *subagent.Service
botService *bots.Service
userService *users.Service
logger *slog.Logger
}
func NewSubagentHandler(log *slog.Logger, service *subagent.Service, botService *bots.Service, userService *users.Service) *SubagentHandler {
return &SubagentHandler{
service: service,
botService: botService,
userService: userService,
logger: log.With(slog.String("handler", "subagent")),
}
}
func (h *SubagentHandler) Register(e *echo.Echo) {
group := e.Group("/bots/:bot_id/subagents")
group.POST("", h.Create)
group.GET("", h.List)
group.GET("/:id", h.Get)
group.PUT("/:id", h.Update)
group.DELETE("/:id", h.Delete)
group.GET("/:id/context", h.GetContext)
group.PUT("/:id/context", h.UpdateContext)
group.GET("/:id/skills", h.GetSkills)
group.PUT("/:id/skills", h.UpdateSkills)
group.POST("/:id/skills", h.AddSkills)
}
// Create godoc
// @Summary Create subagent
// @Description Create a subagent for current user
// @Tags subagent
// @Param bot_id path string true "Bot ID"
// @Param payload body subagent.CreateRequest true "Subagent payload"
// @Success 201 {object} subagent.Subagent
// @Failure 400 {object} ErrorResponse
// @Failure 500 {object} ErrorResponse
// @Router /bots/{bot_id}/subagents [post]
func (h *SubagentHandler) Create(c echo.Context) error {
userID, err := h.requireUserID(c)
if err != nil {
return err
}
botID := strings.TrimSpace(c.Param("bot_id"))
if botID == "" {
return echo.NewHTTPError(http.StatusBadRequest, "bot id is required")
}
if _, err := h.authorizeBotAccess(c.Request().Context(), userID, botID); err != nil {
return err
}
var req subagent.CreateRequest
if err := c.Bind(&req); err != nil {
return echo.NewHTTPError(http.StatusBadRequest, err.Error())
}
resp, err := h.service.Create(c.Request().Context(), botID, req)
if err != nil {
return echo.NewHTTPError(http.StatusInternalServerError, err.Error())
}
return c.JSON(http.StatusCreated, resp)
}
// List godoc
// @Summary List subagents
// @Description List subagents for current user
// @Tags subagent
// @Param bot_id path string true "Bot ID"
// @Success 200 {object} subagent.ListResponse
// @Failure 400 {object} ErrorResponse
// @Failure 500 {object} ErrorResponse
// @Router /bots/{bot_id}/subagents [get]
func (h *SubagentHandler) List(c echo.Context) error {
userID, err := h.requireUserID(c)
if err != nil {
return err
}
botID := strings.TrimSpace(c.Param("bot_id"))
if botID == "" {
return echo.NewHTTPError(http.StatusBadRequest, "bot id is required")
}
if _, err := h.authorizeBotAccess(c.Request().Context(), userID, botID); err != nil {
return err
}
items, err := h.service.List(c.Request().Context(), botID)
if err != nil {
return echo.NewHTTPError(http.StatusInternalServerError, err.Error())
}
return c.JSON(http.StatusOK, subagent.ListResponse{Items: items})
}
// Get godoc
// @Summary Get subagent
// @Description Get a subagent by ID
// @Tags subagent
// @Param bot_id path string true "Bot ID"
// @Param id path string true "Subagent ID"
// @Success 200 {object} subagent.Subagent
// @Failure 400 {object} ErrorResponse
// @Failure 404 {object} ErrorResponse
// @Failure 500 {object} ErrorResponse
// @Router /bots/{bot_id}/subagents/{id} [get]
func (h *SubagentHandler) Get(c echo.Context) error {
userID, err := h.requireUserID(c)
if err != nil {
return err
}
botID := strings.TrimSpace(c.Param("bot_id"))
if botID == "" {
return echo.NewHTTPError(http.StatusBadRequest, "bot id is required")
}
id := c.Param("id")
if id == "" {
return echo.NewHTTPError(http.StatusBadRequest, "id is required")
}
item, err := h.service.Get(c.Request().Context(), id)
if err != nil {
return echo.NewHTTPError(http.StatusNotFound, err.Error())
}
if item.BotID != botID {
return echo.NewHTTPError(http.StatusForbidden, "bot mismatch")
}
if _, err := h.authorizeBotAccess(c.Request().Context(), userID, botID); err != nil {
return err
}
return c.JSON(http.StatusOK, item)
}
// Update godoc
// @Summary Update subagent
// @Description Update a subagent by ID
// @Tags subagent
// @Param bot_id path string true "Bot ID"
// @Param id path string true "Subagent ID"
// @Param payload body subagent.UpdateRequest true "Subagent payload"
// @Success 200 {object} subagent.Subagent
// @Failure 400 {object} ErrorResponse
// @Failure 404 {object} ErrorResponse
// @Failure 500 {object} ErrorResponse
// @Router /bots/{bot_id}/subagents/{id} [put]
func (h *SubagentHandler) Update(c echo.Context) error {
userID, err := h.requireUserID(c)
if err != nil {
return err
}
botID := strings.TrimSpace(c.Param("bot_id"))
if botID == "" {
return echo.NewHTTPError(http.StatusBadRequest, "bot id is required")
}
id := c.Param("id")
if id == "" {
return echo.NewHTTPError(http.StatusBadRequest, "id is required")
}
var req subagent.UpdateRequest
if err := c.Bind(&req); err != nil {
return echo.NewHTTPError(http.StatusBadRequest, err.Error())
}
item, err := h.service.Get(c.Request().Context(), id)
if err != nil {
return echo.NewHTTPError(http.StatusNotFound, err.Error())
}
if item.BotID != botID {
return echo.NewHTTPError(http.StatusForbidden, "bot mismatch")
}
if _, err := h.authorizeBotAccess(c.Request().Context(), userID, botID); err != nil {
return err
}
resp, err := h.service.Update(c.Request().Context(), id, req)
if err != nil {
return echo.NewHTTPError(http.StatusInternalServerError, err.Error())
}
return c.JSON(http.StatusOK, resp)
}
// Delete godoc
// @Summary Delete subagent
// @Description Delete a subagent by ID
// @Tags subagent
// @Param bot_id path string true "Bot ID"
// @Param id path string true "Subagent ID"
// @Success 204 "No Content"
// @Failure 400 {object} ErrorResponse
// @Failure 404 {object} ErrorResponse
// @Failure 500 {object} ErrorResponse
// @Router /bots/{bot_id}/subagents/{id} [delete]
func (h *SubagentHandler) Delete(c echo.Context) error {
userID, err := h.requireUserID(c)
if err != nil {
return err
}
botID := strings.TrimSpace(c.Param("bot_id"))
if botID == "" {
return echo.NewHTTPError(http.StatusBadRequest, "bot id is required")
}
id := c.Param("id")
if id == "" {
return echo.NewHTTPError(http.StatusBadRequest, "id is required")
}
item, err := h.service.Get(c.Request().Context(), id)
if err != nil {
return echo.NewHTTPError(http.StatusNotFound, err.Error())
}
if item.BotID != botID {
return echo.NewHTTPError(http.StatusForbidden, "bot mismatch")
}
if _, err := h.authorizeBotAccess(c.Request().Context(), userID, botID); err != nil {
return err
}
if err := h.service.Delete(c.Request().Context(), id); err != nil {
return echo.NewHTTPError(http.StatusInternalServerError, err.Error())
}
return c.NoContent(http.StatusNoContent)
}
// GetContext godoc
// @Summary Get subagent context
// @Description Get a subagent's message context
// @Tags subagent
// @Param bot_id path string true "Bot ID"
// @Param id path string true "Subagent ID"
// @Success 200 {object} subagent.ContextResponse
// @Failure 400 {object} ErrorResponse
// @Failure 404 {object} ErrorResponse
// @Failure 500 {object} ErrorResponse
// @Router /bots/{bot_id}/subagents/{id}/context [get]
func (h *SubagentHandler) GetContext(c echo.Context) error {
userID, err := h.requireUserID(c)
if err != nil {
return err
}
botID := strings.TrimSpace(c.Param("bot_id"))
if botID == "" {
return echo.NewHTTPError(http.StatusBadRequest, "bot id is required")
}
id := c.Param("id")
if id == "" {
return echo.NewHTTPError(http.StatusBadRequest, "id is required")
}
item, err := h.service.Get(c.Request().Context(), id)
if err != nil {
return echo.NewHTTPError(http.StatusNotFound, err.Error())
}
if item.BotID != botID {
return echo.NewHTTPError(http.StatusForbidden, "bot mismatch")
}
if _, err := h.authorizeBotAccess(c.Request().Context(), userID, botID); err != nil {
return err
}
return c.JSON(http.StatusOK, subagent.ContextResponse{Messages: item.Messages})
}
// UpdateContext godoc
// @Summary Update subagent context
// @Description Update a subagent's message context
// @Tags subagent
// @Param bot_id path string true "Bot ID"
// @Param id path string true "Subagent ID"
// @Param payload body subagent.UpdateContextRequest true "Context payload"
// @Success 200 {object} subagent.ContextResponse
// @Failure 400 {object} ErrorResponse
// @Failure 404 {object} ErrorResponse
// @Failure 500 {object} ErrorResponse
// @Router /bots/{bot_id}/subagents/{id}/context [put]
func (h *SubagentHandler) UpdateContext(c echo.Context) error {
userID, err := h.requireUserID(c)
if err != nil {
return err
}
botID := strings.TrimSpace(c.Param("bot_id"))
if botID == "" {
return echo.NewHTTPError(http.StatusBadRequest, "bot id is required")
}
id := c.Param("id")
if id == "" {
return echo.NewHTTPError(http.StatusBadRequest, "id is required")
}
var req subagent.UpdateContextRequest
if err := c.Bind(&req); err != nil {
return echo.NewHTTPError(http.StatusBadRequest, err.Error())
}
item, err := h.service.Get(c.Request().Context(), id)
if err != nil {
return echo.NewHTTPError(http.StatusNotFound, err.Error())
}
if item.BotID != botID {
return echo.NewHTTPError(http.StatusForbidden, "bot mismatch")
}
if _, err := h.authorizeBotAccess(c.Request().Context(), userID, botID); err != nil {
return err
}
updated, err := h.service.UpdateContext(c.Request().Context(), id, req)
if err != nil {
return echo.NewHTTPError(http.StatusInternalServerError, err.Error())
}
return c.JSON(http.StatusOK, subagent.ContextResponse{Messages: updated.Messages})
}
// GetSkills godoc
// @Summary Get subagent skills
// @Description Get a subagent's skills
// @Tags subagent
// @Param bot_id path string true "Bot ID"
// @Param id path string true "Subagent ID"
// @Success 200 {object} subagent.SkillsResponse
// @Failure 400 {object} ErrorResponse
// @Failure 404 {object} ErrorResponse
// @Failure 500 {object} ErrorResponse
// @Router /bots/{bot_id}/subagents/{id}/skills [get]
func (h *SubagentHandler) GetSkills(c echo.Context) error {
userID, err := h.requireUserID(c)
if err != nil {
return err
}
botID := strings.TrimSpace(c.Param("bot_id"))
if botID == "" {
return echo.NewHTTPError(http.StatusBadRequest, "bot id is required")
}
id := c.Param("id")
if id == "" {
return echo.NewHTTPError(http.StatusBadRequest, "id is required")
}
item, err := h.service.Get(c.Request().Context(), id)
if err != nil {
return echo.NewHTTPError(http.StatusNotFound, err.Error())
}
if item.BotID != botID {
return echo.NewHTTPError(http.StatusForbidden, "bot mismatch")
}
if _, err := h.authorizeBotAccess(c.Request().Context(), userID, botID); err != nil {
return err
}
return c.JSON(http.StatusOK, subagent.SkillsResponse{Skills: item.Skills})
}
// UpdateSkills godoc
// @Summary Update subagent skills
// @Description Replace a subagent's skills
// @Tags subagent
// @Param bot_id path string true "Bot ID"
// @Param id path string true "Subagent ID"
// @Param payload body subagent.UpdateSkillsRequest true "Skills payload"
// @Success 200 {object} subagent.SkillsResponse
// @Failure 400 {object} ErrorResponse
// @Failure 404 {object} ErrorResponse
// @Failure 500 {object} ErrorResponse
// @Router /bots/{bot_id}/subagents/{id}/skills [put]
func (h *SubagentHandler) UpdateSkills(c echo.Context) error {
userID, err := h.requireUserID(c)
if err != nil {
return err
}
botID := strings.TrimSpace(c.Param("bot_id"))
if botID == "" {
return echo.NewHTTPError(http.StatusBadRequest, "bot id is required")
}
id := c.Param("id")
if id == "" {
return echo.NewHTTPError(http.StatusBadRequest, "id is required")
}
var req subagent.UpdateSkillsRequest
if err := c.Bind(&req); err != nil {
return echo.NewHTTPError(http.StatusBadRequest, err.Error())
}
item, err := h.service.Get(c.Request().Context(), id)
if err != nil {
return echo.NewHTTPError(http.StatusNotFound, err.Error())
}
if item.BotID != botID {
return echo.NewHTTPError(http.StatusForbidden, "bot mismatch")
}
if _, err := h.authorizeBotAccess(c.Request().Context(), userID, botID); err != nil {
return err
}
updated, err := h.service.UpdateSkills(c.Request().Context(), id, req)
if err != nil {
return echo.NewHTTPError(http.StatusInternalServerError, err.Error())
}
return c.JSON(http.StatusOK, subagent.SkillsResponse{Skills: updated.Skills})
}
// AddSkills godoc
// @Summary Add subagent skills
// @Description Add skills to a subagent
// @Tags subagent
// @Param bot_id path string true "Bot ID"
// @Param id path string true "Subagent ID"
// @Param payload body subagent.AddSkillsRequest true "Skills payload"
// @Success 200 {object} subagent.SkillsResponse
// @Failure 400 {object} ErrorResponse
// @Failure 404 {object} ErrorResponse
// @Failure 500 {object} ErrorResponse
// @Router /bots/{bot_id}/subagents/{id}/skills [post]
func (h *SubagentHandler) AddSkills(c echo.Context) error {
userID, err := h.requireUserID(c)
if err != nil {
return err
}
botID := strings.TrimSpace(c.Param("bot_id"))
if botID == "" {
return echo.NewHTTPError(http.StatusBadRequest, "bot id is required")
}
id := c.Param("id")
if id == "" {
return echo.NewHTTPError(http.StatusBadRequest, "id is required")
}
var req subagent.AddSkillsRequest
if err := c.Bind(&req); err != nil {
return echo.NewHTTPError(http.StatusBadRequest, err.Error())
}
item, err := h.service.Get(c.Request().Context(), id)
if err != nil {
return echo.NewHTTPError(http.StatusNotFound, err.Error())
}
if item.BotID != botID {
return echo.NewHTTPError(http.StatusForbidden, "user mismatch")
}
if _, err := h.authorizeBotAccess(c.Request().Context(), userID, botID); err != nil {
return err
}
updated, err := h.service.AddSkills(c.Request().Context(), id, req)
if err != nil {
return echo.NewHTTPError(http.StatusInternalServerError, err.Error())
}
return c.JSON(http.StatusOK, subagent.SkillsResponse{Skills: updated.Skills})
}
func (h *SubagentHandler) requireUserID(c echo.Context) (string, error) {
userID, err := auth.UserIDFromContext(c)
if err != nil {
return "", err
}
if err := identity.ValidateUserID(userID); err != nil {
return "", echo.NewHTTPError(http.StatusBadRequest, err.Error())
}
return userID, nil
}
func (h *SubagentHandler) authorizeBotAccess(ctx context.Context, actorID, botID string) (bots.Bot, error) {
if h.botService == nil || h.userService == nil {
return bots.Bot{}, echo.NewHTTPError(http.StatusInternalServerError, "bot services not configured")
}
isAdmin, err := h.userService.IsAdmin(ctx, actorID)
if err != nil {
return bots.Bot{}, echo.NewHTTPError(http.StatusInternalServerError, err.Error())
}
bot, err := h.botService.AuthorizeAccess(ctx, actorID, botID, isAdmin, bots.AccessPolicy{AllowPublicMember: false})
if err != nil {
if errors.Is(err, bots.ErrBotNotFound) {
return bots.Bot{}, echo.NewHTTPError(http.StatusNotFound, "bot not found")
}
if errors.Is(err, bots.ErrBotAccessDenied) {
return bots.Bot{}, echo.NewHTTPError(http.StatusForbidden, "bot access denied")
}
return bots.Bot{}, echo.NewHTTPError(http.StatusInternalServerError, err.Error())
}
return bot, nil
}
Reference in New Issue View Git Blame Copy Permalink