fix(awooop): use shared redis for approval gates
This commit is contained in:
OG T
@@ -1,3 +1,17 @@
|
||||
## 2026-05-06 | AwoooP approval and MCP Gate 5 stop importing aioredis
|
||||
|
||||
**背景**:整合計畫 P0-L 指出 AwoooP approval token service 與 MCP Gate 5 還在 runtime import `aioredis`;這會讓 approval / gateway path 在 Python 3.11+ 或套件漂移時直接壞掉,也繞過既有 Redis pool 管理。
|
||||
|
||||
**本次修補**:
|
||||
- `awooop_approval_token.py` 的 `record_approval()` / `check_approval_quorum()` 改用 `src.core.redis_client.get_redis()`,不再自行 `aioredis.from_url()` 或關閉共享連線。
|
||||
- `plugins/mcp/gateway.py` Gate 5 approval lookup 同步改用共享 Redis pool。
|
||||
- 補 `test_awooop_approval_token.py` 與 `test_mcp_gateway_gate5.py`,鎖住 jti replay、quorum、MCP Gate 5 approval 與 read-scope bypass。
|
||||
|
||||
**驗證**:
|
||||
- `pytest tests/test_awooop_approval_token.py tests/test_mcp_gateway_gate5.py tests/test_awooop_operator_auth.py -q` → 12 passed。
|
||||
- `py_compile` touched backend files OK;ruff fatal checks OK。
|
||||
- `rg "import aioredis|aioredis.from_url" approval token + MCP gateway` 無命中。
|
||||
|
||||
## 2026-05-06 | AwoooP approval decide no longer trusts browser identity
|
||||
|
||||
**背景**:AwoooP Operator Console 的 `/api/v1/platform/approvals/{run_id}/decide` 仍接受前端 body 內的 `approver_id`,前端甚至硬編 `approver_id: "operator"`;這會讓 audit identity 無法作為真實審批證據。
|
||||
|
||||
@@ -189,6 +189,9 @@ Goal: prevent the automation flywheel from bypassing governance.
|
||||
|
||||
Progress:
|
||||
|
||||
- 2026-05-06: P0-L first enforcement patch landed. AwoooP approval token
|
||||
storage and MCP Gateway Gate 5 now use the shared Redis pool instead of
|
||||
runtime `aioredis.from_url()` clients.
|
||||
- 2026-05-06: P0-I first enforcement patch landed. The AwoooP approval decide
|
||||
endpoint now derives `approver_id` from trusted operator headers instead of
|
||||
frontend body data, and production fails closed when `AWOOOP_OPERATOR_API_KEY`
|
||||
|
||||
Reference in New Issue
Block a user