From cc6b18e3bc8e401b3fcecfe4308af3102f7568a7 Mon Sep 17 00:00:00 2001
From: OG T <ogt@WOOOMacMiniM4.local>
Date: Tue, 31 Mar 2026 21:53:09 +0800
Subject: [PATCH] =?UTF-8?q?fix(phase22):=20=E4=BF=AE=E5=BE=A9=20Telegram?=
 =?UTF-8?q?=20=E5=B0=8D=E8=A9=B1=E4=B8=89=E5=80=8B=20Bug=20(ADR-044)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

P0: security_interceptor.py 新增 intercept_telegram() 方法
- 修復 _handle_chat_message 的 AttributeError (致命 Bug)
- 白名單驗證，不需要 Nonce (對話訊息 vs 按鈕回調)

P1: nvidia_provider.py chat() 新增 use_json_mode 參數
- 對話場景預設 False (自然語言回應)
- RCA/分析場景傳入 True (結構化 JSON 輸出)
- openclaw.py RCA 呼叫加上 use_json_mode=True

P2: K8s ConfigMap 啟用 TELEGRAM_ENABLE_POLLING=true
- K8s AWOOOI API 接管 @tsenyangbot Long Polling
- OpenClaw (188) 停止 Telegram，改為純 REST 服務

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
---
 apps/api/src/services/nvidia_provider.py      |  9 ++++++---
 apps/api/src/services/openclaw.py             |  2 +-
 apps/api/src/services/security_interceptor.py | 19 +++++++++++++++++++
 k8s/awoooi-prod/04-configmap.yaml             |  4 +++-
 4 files changed, 29 insertions(+), 5 deletions(-)

diff --git a/apps/api/src/services/nvidia_provider.py b/apps/api/src/services/nvidia_provider.py
index b6d1e20c..c820849b 100644
--- a/apps/api/src/services/nvidia_provider.py
+++ b/apps/api/src/services/nvidia_provider.py
@@ -660,12 +660,15 @@ class NvidiaProvider:
         model: str | None = None,
         temperature: float = 0.1,
         max_tokens: int = 2048,
+        use_json_mode: bool = False,
     ) -> tuple[str, bool, int, float]:
         """
-        一般對話 (非 Tool Calling) - 用於 RCA 分析
+        一般對話 (非 Tool Calling) - 用於 RCA 分析或自由對話
 
         2026-03-29 ogt: 新增，符合模組化規範
-        從 openclaw.py 遷移，統一由 NvidiaProvider 處理所有 NVIDIA API 呼叫
+        2026-03-31 ogt: 新增 use_json_mode 參數 (Phase 22 修復)
+          - RCA/分析場景: use_json_mode=True (結構化輸出)
+          - 對話場景: use_json_mode=False (預設，自然語言回應)
 
         Args:
             prompt: 對話內容
@@ -726,7 +729,7 @@ class NvidiaProvider:
                             "messages": [{"role": "user", "content": prompt}],
                             "temperature": temperature,
                             "max_tokens": max_tokens,
-                            "response_format": {"type": "json_object"},
+                            **({"response_format": {"type": "json_object"}} if use_json_mode else {}),
                         },
                     )
                     response.raise_for_status()
diff --git a/apps/api/src/services/openclaw.py b/apps/api/src/services/openclaw.py
index de2e9734..997b2755 100644
--- a/apps/api/src/services/openclaw.py
+++ b/apps/api/src/services/openclaw.py
@@ -884,7 +884,7 @@ class OpenClawService:
                     # 2026-03-29 ogt: 使用 NvidiaProvider.chat() (模組化規範)
                     from src.services.nvidia_provider import get_nvidia_provider
                     nvidia_provider = get_nvidia_provider()
-                    response, success, total_tokens, cost_usd = await nvidia_provider.chat(prompt)
+                    response, success, total_tokens, cost_usd = await nvidia_provider.chat(prompt, use_json_mode=True)
                 elif provider == "claude":
                     response, success = await self._call_claude(prompt)
                 else:
diff --git a/apps/api/src/services/security_interceptor.py b/apps/api/src/services/security_interceptor.py
index fa97b93a..ee053a05 100644
--- a/apps/api/src/services/security_interceptor.py
+++ b/apps/api/src/services/security_interceptor.py
@@ -270,6 +270,25 @@ class TelegramSecurityInterceptor:
 
         return is_allowed
 
+    async def intercept_telegram(self, user_id: int) -> None:
+        """
+        攔截 Telegram 文字訊息 (ADR-044 Phase 22)
+
+        用於 _handle_chat_message 的白名單驗證。
+        與 verify_callback 不同，純文字訊息不需要 Nonce 防重放。
+
+        Args:
+            user_id: Telegram user ID
+
+        Raises:
+            UserNotWhitelistedError: user_id 不在白名單內
+        """
+        # 2026-03-31 ogt: Phase 22 修復 - 補齊對話訊息的安全攔截方法
+        if not self.is_whitelisted(user_id):
+            raise UserNotWhitelistedError(
+                f"User {user_id} is not in the chat whitelist"
+            )
+
     async def verify_callback(
         self,
         user_id: int,
diff --git a/k8s/awoooi-prod/04-configmap.yaml b/k8s/awoooi-prod/04-configmap.yaml
index 5b704abe..417b13d0 100644
--- a/k8s/awoooi-prod/04-configmap.yaml
+++ b/k8s/awoooi-prod/04-configmap.yaml
@@ -43,11 +43,13 @@ data:
 
   # ============================================================================
   # Phase 22: OpenClaw + Nemotron 協作 (ADR-044)
-  # 2026-03-31 ogt: 統帥需求 - @tsenyangbot 同時顯示 OpenClaw 仲裁 + Nemotron 執行
+  # 2026-03-31 ogt: 統帥需求 - @tsenyangbot 對話 + Incident 雙軌
   # ============================================================================
   ENABLE_NEMOTRON_COLLABORATION: "true"
   NEMOTRON_TIMEOUT_SECONDS: "45"
   NEMOTRON_ASYNC_UPDATE: "true"
+  # K8s 接管 @tsenyangbot Long Polling (停用 OpenClaw 188 Telegram)
+  TELEGRAM_ENABLE_POLLING: "true"
 
   # 快取 TTL (秒)
   CACHE_TTL_DASHBOARD: "300"