wooo/ewoooc
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(market-intel): gate manual fetch behind mcp readiness
All checks were successful
CD Pipeline / deploy (push) Successful in 1m6s
Details

Browse Source
This commit is contained in:
OoO
2026-05-18 15:40:56 +08:00
parent d990316d74
commit 921e9eeb15
11 changed files with 429 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
config.py
View File

@@ -320,7 +320,7 @@ YOUTUBE_API_KEY = os.getenv('YOUTUBE_API_KEY', '')
# ==========================================
# 系統版本與路徑
# ==========================================
SYSTEM_VERSION = "V10.187"
SYSTEM_VERSION = "V10.189"
LOG_FILE_PATH = os.path.join(BASE_DIR, 'logs/system.log')
public_url = PUBLIC_URL # 用於模板顯示

1
docs/adr/ADR-035-cross-platform-market-campaign-intelligence.md
View File

@@ -156,6 +156,7 @@ EwoooC 目前已有 MOMO EDM / 節慶活動資料、`promo_products`、PChome
- 2026-05-18 追加 internal MCP tool contract preview`services.market_intel.mcp_contract``/api/market_intel/mcp_tool_contract` 定義 `market_campaign_search``market_campaign_scrape``market_product_match_lookup` 三個 read-only contract並在 `services.mcp_router.TOOL_REGISTRY` 註冊 `market_intel` caller 白名單。此階段只建立可審核合約與 readiness 檢查,不啟用 `MCP_ROUTER_ENABLED`、不呼叫 MCP server、不寫 DB、不掛 scheduler。
- 2026-05-18 追加 external MCP deploy preflight preview`services.market_intel.mcp_deploy_preflight``/api/market_intel/mcp_deploy_preflight` 只讀檢查 `docker-compose.mcp.yml`、必要 env、localhost-only ports、read-only volume、Firecrawl resource guard 與 fallback plan。`docker-compose.mcp.yml` 需以 read-only bind mount 進 app 容器供 preflight 審核。此 preflight 不執行 docker/SSH、不建立 `mcp_readonly` role、不啟用 `MCP_ROUTER_ENABLED`、不寫 DB、不掛 scheduler外部 MCP stack 須等 env 與 operator smoke 全過後另行批准。
- 2026-05-18 追加 MCP activation runbook preview`services.market_intel.mcp_activation_runbook``/api/market_intel/mcp_activation_runbook` 只輸出人工啟用順序與 gate補必要 env、人工建立/驗證 `mcp_readonly`、啟動外部 MCP stack、四個 health 全過、最後才允許 `MCP_ROUTER_ENABLED=true`。此 runbook 不執行 docker/SSH、不寫 env、不建立 DB role、不跑 health、不啟用 router、不寫 DB、不掛 scheduler。
- 2026-05-18 追加 MCP fetch gate preview`services.market_intel.mcp_fetch_gate``/api/market_intel/mcp_fetch_gate` 將人工 discovery fetch 改成必須先通過市場情報 feature flags、MCP readiness、router、外部 MCP health 與 tool contract gate`run_manual_discovery(fetch=true)` 即使 flags 開啟也會先被此 gate 阻擋,直到 MCP 條件全過。此 gate 不抓電商頁、不寫 DB、不掛 scheduler、不執行 deploymentUI 預設只呼叫 `fetch=false&execute=false`
### Phase 4Coupang / Shopee Adapter

2
routes/README.md
View File

@@ -19,7 +19,7 @@
| `edm_routes.py` | EDM 與節慶儀表板 | `/edm`, `/festival` |
| `monthly_routes.py` | 月結分析 | `/monthly_summary_analysis`, `/api/monthly_summary_data` |
| `daily_sales_routes.py` | 當日業績 | `/daily_sales`, `/daily_sales/export*` |
| `market_intel_routes.py` | 市場情報 Phase 31 MCP activation runbook preview | `/market_intel`, `/market_intel/*`, `/api/market_intel/status`, `/api/market_intel/schema`, `/api/market_intel/schema_smoke`, `/api/market_intel/schema_db_probe`, `/api/market_intel/platform_seed_db_diff`, `/api/market_intel/legacy_source_bridge`, `/api/market_intel/mcp_readiness`, `/api/market_intel/mcp_tool_contract`, `/api/market_intel/mcp_deploy_preflight`, `/api/market_intel/mcp_activation_runbook`, `/api/market_intel/adapters`, `/api/market_intel/dry_run_plan`, `/api/market_intel/discovery_plan`, `/api/market_intel/manual_discovery`, `/api/market_intel/candidate_preview`, `/api/market_intel/platform_seed_plan`, `/api/market_intel/platform_seed_write_guard`, `/api/market_intel/platform_seed_writer_plan`, `/api/market_intel/migration_blueprint`, `/api/market_intel/seed_writer_cli_status`, `/api/market_intel/write_approval_runbook`, `/api/market_intel/deployment_readiness` |
| `market_intel_routes.py` | 市場情報 Phase 32 MCP fetch gate preview | `/market_intel`, `/market_intel/*`, `/api/market_intel/status`, `/api/market_intel/schema`, `/api/market_intel/schema_smoke`, `/api/market_intel/schema_db_probe`, `/api/market_intel/platform_seed_db_diff`, `/api/market_intel/legacy_source_bridge`, `/api/market_intel/mcp_readiness`, `/api/market_intel/mcp_tool_contract`, `/api/market_intel/mcp_deploy_preflight`, `/api/market_intel/mcp_activation_runbook`, `/api/market_intel/mcp_fetch_gate`, `/api/market_intel/adapters`, `/api/market_intel/dry_run_plan`, `/api/market_intel/discovery_plan`, `/api/market_intel/manual_discovery`, `/api/market_intel/candidate_preview`, `/api/market_intel/platform_seed_plan`, `/api/market_intel/platform_seed_write_guard`, `/api/market_intel/platform_seed_writer_plan`, `/api/market_intel/migration_blueprint`, `/api/market_intel/seed_writer_cli_status`, `/api/market_intel/write_approval_runbook`, `/api/market_intel/deployment_readiness` |
| `api_routes.py` | 通用任務與查詢 API | `/api/run_task`, `/api/history/*` |
| `export_routes.py` | 匯出功能 | `/api/export/*` |
| `import_routes.py` | 匯入功能 | `/api/import_excel`, `/api/import/monthly_summary` |

13
routes/market_intel_routes.py
View File

@@ -138,6 +138,19 @@ def market_intel_mcp_activation_runbook():
return jsonify(_service().build_mcp_activation_runbook())
@market_intel_bp.route("/api/market_intel/mcp_fetch_gate")
@login_required
def market_intel_mcp_fetch_gate():
fetch_requested = request.args.get("fetch", "false").lower() == "true"
execute_readiness = request.args.get("execute", "false").lower() == "true"
return jsonify(
_service().build_mcp_fetch_gate(
fetch_requested=fetch_requested,
execute_readiness=execute_readiness,
)
)
@market_intel_bp.route("/api/market_intel/adapters")
@login_required
def market_intel_adapters():

4
services/market_intel/candidate_preview.py
View File

@@ -71,6 +71,10 @@ def build_candidate_preview_from_discovery(discovery_result, *, min_band="all",
"platform_code": discovery_result.get("platform_code", "all"),
"fetch_requested": bool(discovery_result.get("fetch_requested")),
"manual_fetch_allowed": bool(discovery_result.get("manual_fetch_allowed")),
"mcp_fetch_gate": discovery_result.get("mcp_fetch_gate"),
"mcp_fetch_gate_open": bool(
(discovery_result.get("mcp_fetch_gate") or {}).get("manual_fetch_gate_open")
),
"min_band": min_band or "all",
"limit": limit,
"candidate_count": len(candidates),

22
services/market_intel/discovery_runner.py
View File

@@ -63,6 +63,7 @@ class ManualDiscoveryRunResult:
errors: int
results: list
error_message: Optional[str] = None
network_gate: Optional[dict] = None
def to_dict(self):
return asdict(self)
@@ -75,11 +76,22 @@ def _now_iso():
class ManualDiscoveryRunner:
"""手動 discovery runner透過 feature gate 控制是否允許網路探測。"""
def __init__(self, *, runtime_status, http_get: Optional[Callable] = None):
def __init__(
self,
*,
runtime_status,
http_get: Optional[Callable] = None,
network_allowed_override: Optional[bool] = None,
network_gate: Optional[dict] = None,
):
self.runtime_status = runtime_status
self.http_get = http_get or requests.get
self.network_allowed_override = network_allowed_override
self.network_gate = network_gate
def _network_allowed(self):
if self.network_allowed_override is not None:
return bool(self.network_allowed_override)
return bool(self.runtime_status.enabled and self.runtime_status.crawler_enabled)
def run(self, adapter, *, fetch=False):
@@ -105,7 +117,12 @@ class ManualDiscoveryRunner:
self._source_result(source, "blocked", True, False).to_dict()
for source in sources
],
error_message="MARKET_INTEL_ENABLED 與 MARKET_INTEL_CRAWLER_ENABLED 必須同時開啟才允許手動 fetch",
error_message=(
self.network_gate.get("operator_message")
if self.network_gate
else "MARKET_INTEL_ENABLED 與 MARKET_INTEL_CRAWLER_ENABLED 必須同時開啟才允許手動 fetch"
),
network_gate=self.network_gate,
)
capped_sources = sources[:adapter.safety_policy.max_pages_per_run]
@@ -174,6 +191,7 @@ class ManualDiscoveryRunner:
sources_fetched=fetched,
errors=errors,
results=results,
network_gate=self.network_gate,
)
def _source_result(

108
services/market_intel/mcp_fetch_gate.py Normal file
View File

@@ -0,0 +1,108 @@
"""市場情報人工 fetch 的 MCP gate preview。
這裡只計算外部 fetch 是否具備前置條件;不呼叫電商平台、不寫 DB、不掛排程。
"""
from services.market_intel.mcp_readiness import build_mcp_readiness_plan
def _status_value(runtime_status, name, default=False):
if isinstance(runtime_status, dict):
return runtime_status.get(name, default)
return getattr(runtime_status, name, default)
def build_mcp_fetch_gate_preview(
runtime_status,
*,
fetch_requested=False,
execute_readiness=False,
readiness=None,
):
"""建立人工 fetch 前的 MCP gate預設不做 health check、不連 DB。"""
fetch_requested = bool(fetch_requested)
execute_readiness = bool(execute_readiness)
readiness = readiness or build_mcp_readiness_plan(
execute_requested=execute_readiness,
)
readiness_checks = readiness.get("readiness_checks") or {}
gate_checks = {
"market_intel_enabled": bool(_status_value(runtime_status, "enabled")),
"market_intel_crawler_enabled": bool(
_status_value(runtime_status, "crawler_enabled")
),
"database_write_still_blocked": not bool(
_status_value(runtime_status, "database_write_allowed")
),
"scheduler_detached": not bool(
_status_value(runtime_status, "scheduler_attached")
),
"mcp_readiness_executed": bool(readiness.get("execute_requested")),
"mcp_router_enabled": bool(readiness.get("router_enabled")),
"external_mcp_complete": bool(readiness.get("external_mcp_complete")),
"internal_mcp_complete": bool(readiness.get("internal_mcp_complete")),
"market_intel_mcp_integrated": bool(
readiness.get("market_intel_mcp_integrated")
),
"market_intel_tool_contract_ready": bool(
readiness_checks.get("market_intel_tool_contract_ready")
),
"external_servers_all_healthy": bool(
readiness_checks.get("external_servers_all_healthy")
),
}
blocked_reasons = [
key for key, passed in gate_checks.items()
if not passed
]
if not fetch_requested:
blocked_reasons.insert(0, "fetch_false_planned_only")
prerequisites_met = not blocked_reasons
network_request_allowed = bool(fetch_requested and prerequisites_met)
return {
"mode": (
"mcp_fetch_gate_read_only"
if execute_readiness
else "mcp_fetch_gate_planned"
),
"fetch_requested": fetch_requested,
"readiness_execute_requested": bool(readiness.get("execute_requested")),
"manual_fetch_prerequisites_met": prerequisites_met,
"manual_fetch_gate_open": network_request_allowed,
"network_request_allowed": network_request_allowed,
"would_use_external_network": network_request_allowed,
"gate_checks": gate_checks,
"blocked_reasons": blocked_reasons,
"operator_message": (
"人工 fetch 已通過 MCP gate仍只允許公開頁面、限速、不得寫 DB。"
if network_request_allowed
else "人工 fetch 仍被 MCP gate 阻擋;需 feature flags、MCP health、router 與 tool contract 全部通過。"
),
"required_sequence": [
"MARKET_INTEL_ENABLED 與 MARKET_INTEL_CRAWLER_ENABLED 需由操作員明確開啟",
"MCP deploy preflight 必須通過必要 env、compose、localhost port 與 fallback 檢查",
"外部 MCP stack 四個 health endpoint 需全部 200",
"MCP_ROUTER_ENABLED 只能在 health 全過後才打開",
"manual discovery fetch 才能進入公開頁面限速探測,且仍不得寫 DB",
],
"mcp_readiness_summary": {
"mode": readiness.get("mode"),
"router_enabled": bool(readiness.get("router_enabled")),
"external_mcp_complete": bool(readiness.get("external_mcp_complete")),
"internal_mcp_complete": bool(readiness.get("internal_mcp_complete")),
"market_intel_mcp_integrated": bool(
readiness.get("market_intel_mcp_integrated")
),
"blocked_reasons": readiness.get("blocked_reasons", []),
},
"database_session_created": False,
"database_write_executed": False,
"database_commit_executed": False,
"external_network_executed": False,
"scheduler_attached": False,
"writes_executed": False,
"would_write_database": False,
}

2
services/market_intel/mcp_readiness.py
View File

@@ -255,6 +255,6 @@ def build_mcp_readiness_plan(
"先通過 /api/market_intel/mcp_deploy_preflight 的 env、compose、port 與 fallback 檢查",
"部署並健康檢查 docker-compose.mcp.yml 的 postgres / omnisearch / firecrawl / filesystem",
"四個 MCP health endpoint 全部 200 後,才在正式環境設定 MCP_ROUTER_ENABLED=true",
"把 market_intel discovery / bridge preview 改成先走 MCP readiness再允許人工 fetch",
"人工 fetch 必須先通過 /api/market_intel/mcp_fetch_gate再允許公開頁面限速探測",
],
}

31
services/market_intel/service.py
View File

@@ -23,6 +23,7 @@ from services.market_intel.legacy_source_bridge import build_legacy_source_bridg
from services.market_intel.mcp_activation_runbook import build_mcp_activation_runbook_preview
from services.market_intel.mcp_contract import build_mcp_tool_contract_preview
from services.market_intel.mcp_deploy_preflight import build_mcp_deploy_preflight_plan
from services.market_intel.mcp_fetch_gate import build_mcp_fetch_gate_preview
from services.market_intel.mcp_readiness import build_mcp_readiness_plan
from services.market_intel.migration_blueprint import build_migration_blueprint
from services.market_intel.platform_seed import build_platform_seed_rows
@@ -67,7 +68,7 @@ class MarketIntelRuntimeStatus:
class MarketIntelService:
"""市場情報入口服務,先集中 feature gate 與安全狀態。"""
phase = "phase_31_mcp_activation_runbook_preview"
phase = "phase_32_mcp_fetch_gate_preview"
def get_runtime_status(self) -> MarketIntelRuntimeStatus:
return MarketIntelRuntimeStatus(
@@ -145,6 +146,11 @@ class MarketIntelService:
"""手動執行 discovery dry-run預設不發 request永遠不寫 DB。"""
registry = get_adapter_registry()
adapters = []
status = self.get_runtime_status()
mcp_fetch_gate = self.build_mcp_fetch_gate(
fetch_requested=fetch,
execute_readiness=bool(fetch and status.enabled and status.crawler_enabled),
)
if platform_code and platform_code != "all":
adapter = get_adapter(platform_code)
@@ -160,14 +166,17 @@ class MarketIntelService:
adapters = list(registry.values())
runner = ManualDiscoveryRunner(
runtime_status=self.get_runtime_status(),
runtime_status=status,
http_get=http_get,
network_allowed_override=mcp_fetch_gate["network_request_allowed"],
network_gate=mcp_fetch_gate,
)
return {
"platform_code": platform_code or "all",
"found": True,
"fetch_requested": bool(fetch),
"manual_fetch_allowed": self.manual_fetch_allowed(),
"mcp_fetch_gate": mcp_fetch_gate,
"runs": [
runner.run(adapter, fetch=fetch).to_dict()
for adapter in adapters
@@ -347,6 +356,16 @@ class MarketIntelService:
runbook["phase"] = self.phase
return runbook
def build_mcp_fetch_gate(self, *, fetch_requested=False, execute_readiness=False):
"""回報人工 fetch 前的 MCP gate不抓電商頁、不寫 DB。"""
gate = build_mcp_fetch_gate_preview(
self.get_runtime_status(),
fetch_requested=fetch_requested,
execute_readiness=execute_readiness,
)
gate["phase"] = self.phase
return gate
def build_platform_seed_writer_plan(self, platform_code="all"):
"""建立 platform seed writer dry-run plan不建立 DB session。"""
seed_plan = self.build_platform_seed_plan(platform_code=platform_code)
@@ -425,6 +444,7 @@ class MarketIntelService:
writer_plan = self.build_platform_seed_writer_plan()
mcp_deploy_preflight = self.build_mcp_deploy_preflight()
mcp_activation_runbook = self.build_mcp_activation_runbook()
mcp_fetch_gate = self.build_mcp_fetch_gate()
checks = {
"schema_smoke_passed": bool(schema_smoke["passed"]),
"feature_flags_default_safe": bool(
@@ -464,6 +484,11 @@ class MarketIntelService:
mcp_activation_runbook["mode"] == "mcp_activation_runbook_preview"
and not mcp_activation_runbook["deployment_actions_executed"]
),
"mcp_fetch_gate_preview_safe": bool(
mcp_fetch_gate["mode"] == "mcp_fetch_gate_planned"
and not mcp_fetch_gate["network_request_allowed"]
and not mcp_fetch_gate["external_network_executed"]
),
}
ready_for_production_deploy = all(checks.values())
blocked_reasons = [
@@ -591,6 +616,7 @@ class MarketIntelService:
"/api/market_intel/mcp_tool_contract",
"/api/market_intel/mcp_deploy_preflight",
"/api/market_intel/mcp_activation_runbook",
"/api/market_intel/mcp_fetch_gate",
],
"status": status.to_dict(),
"schema_smoke": schema_smoke,
@@ -609,4 +635,5 @@ class MarketIntelService:
"mcp_tool_contract": self.build_mcp_tool_contract(),
"mcp_deploy_preflight": mcp_deploy_preflight,
"mcp_activation_runbook": mcp_activation_runbook,
"mcp_fetch_gate": mcp_fetch_gate,
}

116
templates/market_intel/disabled.html
View File

@@ -468,6 +468,24 @@
</div>
</div>
<div class="market-intel-panel" data-market-intel-mcp-fetch-gate>
<div class="market-intel-preview-head">
<div>
<p class="market-intel-muted momo-mono mb-1">MCP / FETCH GATE</p>
<h2 class="market-intel-preview-title">人工 Fetch 安全閘門</h2>
</div>
<button class="market-intel-icon-button" type="button" title="重新整理人工 Fetch 安全閘門" data-market-intel-mcp-fetch-gate-refresh>
<i class="fas fa-rotate-right" aria-hidden="true"></i>
</button>
</div>
<div class="market-intel-preview-meta" data-market-intel-mcp-fetch-gate-meta>
<span class="market-intel-pill">loading</span>
</div>
<div data-market-intel-mcp-fetch-gate-body>
<div class="market-intel-empty">讀取人工 Fetch 安全閘門中...</div>
</div>
</div>
<div class="market-intel-panel" data-market-intel-migration>
<div class="market-intel-preview-head">
<div>
@@ -536,10 +554,11 @@
const mcpReadinessRoot = document.querySelector('[data-market-intel-mcp-readiness]');
const mcpPreflightRoot = document.querySelector('[data-market-intel-mcp-preflight]');
const mcpActivationRoot = document.querySelector('[data-market-intel-mcp-activation]');
const mcpFetchGateRoot = document.querySelector('[data-market-intel-mcp-fetch-gate]');
const migrationRoot = document.querySelector('[data-market-intel-migration]');
const approvalRoot = document.querySelector('[data-market-intel-approval]');
const deployRoot = document.querySelector('[data-market-intel-deploy]');
if (!root && !writerRoot && !cliRoot && !dbProbeRoot && !seedDiffRoot && !legacyBridgeRoot && !mcpReadinessRoot && !mcpPreflightRoot && !mcpActivationRoot && !migrationRoot && !approvalRoot && !deployRoot) return;
if (!root && !writerRoot && !cliRoot && !dbProbeRoot && !seedDiffRoot && !legacyBridgeRoot && !mcpReadinessRoot && !mcpPreflightRoot && !mcpActivationRoot && !mcpFetchGateRoot && !migrationRoot && !approvalRoot && !deployRoot) return;
const meta = root ? root.querySelector('[data-market-intel-preview-meta]') : null;
const body = root ? root.querySelector('[data-market-intel-preview-body]') : null;
@@ -577,6 +596,10 @@
const mcpActivationBody = mcpActivationRoot ? mcpActivationRoot.querySelector('[data-market-intel-mcp-activation-body]') : null;
const mcpActivationRefresh = mcpActivationRoot ? mcpActivationRoot.querySelector('[data-market-intel-mcp-activation-refresh]') : null;
const mcpActivationEndpoint = "{{ url_for('market_intel.market_intel_mcp_activation_runbook') }}";
const mcpFetchGateMeta = mcpFetchGateRoot ? mcpFetchGateRoot.querySelector('[data-market-intel-mcp-fetch-gate-meta]') : null;
const mcpFetchGateBody = mcpFetchGateRoot ? mcpFetchGateRoot.querySelector('[data-market-intel-mcp-fetch-gate-body]') : null;
const mcpFetchGateRefresh = mcpFetchGateRoot ? mcpFetchGateRoot.querySelector('[data-market-intel-mcp-fetch-gate-refresh]') : null;
const mcpFetchGateEndpoint = "{{ url_for('market_intel.market_intel_mcp_fetch_gate') }}?fetch=false&execute=false";
const migrationMeta = migrationRoot ? migrationRoot.querySelector('[data-market-intel-migration-meta]') : null;
const migrationBody = migrationRoot ? migrationRoot.querySelector('[data-market-intel-migration-body]') : null;
const migrationRefresh = migrationRoot ? migrationRoot.querySelector('[data-market-intel-migration-refresh]') : null;
@@ -1195,6 +1218,93 @@
}
};
const renderMcpFetchGateMeta = data => {
mcpFetchGateMeta.innerHTML = [
`mode=${data.mode || 'unknown'}`,
`fetch=${data.fetch_requested ? 'true' : 'false'}`,
`gate=${data.manual_fetch_gate_open ? 'open' : 'blocked'}`,
`network=${data.network_request_allowed ? 'allow' : 'block'}`,
`blocked=${(data.blocked_reasons || []).length}`
].map(item => `<span class="market-intel-pill">${escapeHtml(item)}</span>`).join('');
};
const renderMcpFetchGateBody = data => {
const blockers = (data.blocked_reasons || []).join(' / ');
const checks = Object.entries(data.gate_checks || {});
const sequence = data.required_sequence || [];
const readiness = data.mcp_readiness_summary || {};
mcpFetchGateBody.innerHTML = `
<div class="market-intel-empty mb-3">人工 fetch 目前先由 MCP gate 接管;頁面預設只做 planned preview不抓外站、不寫 DB、不掛 scheduler。${blockers ? `阻擋:${escapeHtml(blockers)}` : ''}</div>
<div class="market-intel-deploy-grid">
<div data-market-intel-mcp-fetch-gate-checks>
<p class="market-intel-deploy-section-title">FETCH GATE CHECKS</p>
<div class="market-intel-check-list">${
checks.length
? checks.map(([name, passed]) => `
<div class="market-intel-check">
<div>
<strong>${escapeHtml(name)}</strong>
</div>
<span>${passed ? 'PASS' : 'BLOCK'}</span>
</div>
`).join('')
: '<div class="market-intel-empty">尚未提供 fetch gate checks。</div>'
}</div>
</div>
<div data-market-intel-mcp-fetch-gate-sequence>
<p class="market-intel-deploy-section-title">REQUIRED SEQUENCE</p>
<div class="market-intel-check-list">${
sequence.length
? sequence.map((item, index) => `
<div class="market-intel-check">
<div>
<strong>${escapeHtml(`step_${index + 1}`)}</strong>
<small>${escapeHtml(item)}</small>
</div>
<span>REQUIRED</span>
</div>
`).join('')
: '<div class="market-intel-empty">尚未提供啟用順序。</div>'
}</div>
</div>
<div data-market-intel-mcp-fetch-gate-readiness>
<p class="market-intel-deploy-section-title">READINESS SUMMARY</p>
<div class="market-intel-check-list">
<div class="market-intel-check">
<div>
<strong>router</strong>
<small>${escapeHtml(readiness.mode || 'unknown')}</small>
</div>
<span>${readiness.router_enabled ? 'ON' : 'OFF'}</span>
</div>
<div class="market-intel-check">
<div>
<strong>external_mcp</strong>
<small>${escapeHtml((readiness.blocked_reasons || []).join(' / ') || 'ready')}</small>
</div>
<span>${readiness.external_mcp_complete ? 'READY' : 'PENDING'}</span>
</div>
</div>
</div>
</div>
`;
};
const loadMcpFetchGate = async () => {
if (!mcpFetchGateMeta || !mcpFetchGateBody) return;
mcpFetchGateBody.innerHTML = '<div class="market-intel-empty">讀取人工 Fetch 安全閘門中...</div>';
try {
const response = await fetch(mcpFetchGateEndpoint, { credentials: 'same-origin' });
if (!response.ok) throw new Error(`HTTP ${response.status}`);
const data = await response.json();
renderMcpFetchGateMeta(data);
renderMcpFetchGateBody(data);
} catch (error) {
mcpFetchGateMeta.innerHTML = '<span class="market-intel-pill">error</span>';
mcpFetchGateBody.innerHTML = `<div class="market-intel-empty">人工 Fetch 安全閘門讀取失敗:${escapeHtml(error.message)}</div>`;
}
};
const renderMigrationMeta = data => {
const seedWriter = data.command_plan && data.command_plan.seed_writer_command
? data.command_plan.seed_writer_command
@@ -1456,6 +1566,9 @@
if (mcpActivationRefresh) {
mcpActivationRefresh.addEventListener('click', loadMcpActivation);
}
if (mcpFetchGateRefresh) {
mcpFetchGateRefresh.addEventListener('click', loadMcpFetchGate);
}
if (migrationRefresh) {
migrationRefresh.addEventListener('click', loadMigration);
}
@@ -1474,6 +1587,7 @@
loadMcpReadiness();
loadMcpPreflight();
loadMcpActivation();
loadMcpFetchGate();
loadMigration();
loadApproval();
loadDeploy();

141
tests/test_market_intel_skeleton.py
View File

@@ -17,6 +17,7 @@ from services.market_intel.html_diagnostics import parse_html_diagnostics
from services.market_intel.mcp_activation_runbook import build_mcp_activation_runbook_preview
from services.market_intel.mcp_contract import build_mcp_tool_contract_preview
from services.market_intel.mcp_deploy_preflight import build_mcp_deploy_preflight_plan
from services.market_intel.mcp_fetch_gate import build_mcp_fetch_gate_preview
from services.market_intel.mcp_readiness import build_mcp_readiness_plan
from services.market_intel.platform_seed_db_diff import build_platform_seed_db_diff_plan
from services.market_intel.schema_db_probe import build_schema_db_probe_plan
@@ -99,6 +100,41 @@ def test_manual_discovery_fetch_is_blocked_when_flags_are_off():
assert result["runs"][0]["status"] == "blocked"
assert result["runs"][0]["network_allowed"] is False
assert result["runs"][0]["database_write_allowed"] is False
assert result["mcp_fetch_gate"]["network_request_allowed"] is False
assert result["runs"][0]["network_gate"]["manual_fetch_gate_open"] is False
def test_manual_runner_fetch_can_be_blocked_by_mcp_gate_even_when_flags_allow():
class RuntimeStatus:
enabled = True
crawler_enabled = True
called = {"count": 0}
def fake_get(*args, **kwargs):
called["count"] += 1
raise AssertionError("MCP gate 關閉時不應發 HTTP request")
gate = {
"manual_fetch_gate_open": False,
"network_request_allowed": False,
"blocked_reasons": ["mcp_router_enabled"],
"operator_message": "人工 fetch 仍被 MCP gate 阻擋",
}
adapter = get_adapter("momo")
runner = ManualDiscoveryRunner(
runtime_status=RuntimeStatus(),
http_get=fake_get,
network_allowed_override=False,
network_gate=gate,
)
result = runner.run(adapter, fetch=True).to_dict()
assert called["count"] == 0
assert result["status"] == "blocked"
assert result["network_allowed"] is False
assert result["network_gate"]["blocked_reasons"] == ["mcp_router_enabled"]
assert "MCP gate" in result["error_message"]
def test_manual_runner_fetch_uses_injected_http_get_when_allowed():
@@ -299,6 +335,8 @@ def test_candidate_preview_default_is_empty_and_does_not_call_network():
assert preview["candidate_count"] == 0
assert preview["database_write_allowed"] is False
assert preview["scheduler_attached"] is False
assert preview["mcp_fetch_gate_open"] is False
assert preview["mcp_fetch_gate"]["network_request_allowed"] is False
assert preview["run_statuses"][0]["status"] == "planned"
@@ -314,6 +352,8 @@ def test_candidate_preview_fetch_is_blocked_when_flags_are_off():
assert called["count"] == 0
assert preview["candidate_count"] == 0
assert preview["run_statuses"][0]["status"] == "blocked"
assert preview["mcp_fetch_gate_open"] is False
assert "market_intel_enabled" in preview["mcp_fetch_gate"]["blocked_reasons"]
def test_candidate_preview_aggregates_and_filters_by_band():
@@ -399,6 +439,10 @@ def test_market_intel_preview_template_uses_safe_fetch_false_endpoint():
assert "data-market-intel-mcp-activation-stages" in template
assert "data-market-intel-mcp-activation-safety" in template
assert "data-market-intel-mcp-activation-fallback" in template
assert "data-market-intel-mcp-fetch-gate" in template
assert "data-market-intel-mcp-fetch-gate-checks" in template
assert "data-market-intel-mcp-fetch-gate-sequence" in template
assert "data-market-intel-mcp-fetch-gate-readiness" in template
assert "data-market-intel-migration" in template
assert "data-market-intel-migration-tables" in template
assert "data-market-intel-approval" in template
@@ -415,6 +459,7 @@ def test_market_intel_preview_template_uses_safe_fetch_false_endpoint():
assert "market_intel.market_intel_mcp_readiness" in template
assert "market_intel.market_intel_mcp_deploy_preflight" in template
assert "market_intel.market_intel_mcp_activation_runbook" in template
assert "market_intel.market_intel_mcp_fetch_gate" in template
assert "market_intel.market_intel_migration_blueprint" in template
assert "market_intel.market_intel_write_approval_runbook" in template
assert "market_intel.market_intel_deployment_readiness" in template
@@ -440,7 +485,7 @@ def test_legacy_source_bridge_default_is_planned_only():
bridge = MarketIntelService().build_legacy_source_bridge()
assert bridge["mode"] == "legacy_source_bridge_planned"
assert bridge["phase"] == "phase_31_mcp_activation_runbook_preview"
assert bridge["phase"] == "phase_32_mcp_fetch_gate_preview"
assert bridge["execute_requested"] is False
assert bridge["read_only_query_executed"] is False
assert bridge["database_connection_opened"] is False
@@ -598,7 +643,7 @@ def test_mcp_tool_contract_preview_is_read_only_and_whitelisted():
contract = MarketIntelService().build_mcp_tool_contract()
assert contract["mode"] == "mcp_tool_contract_preview"
assert contract["phase"] == "phase_31_mcp_activation_runbook_preview"
assert contract["phase"] == "phase_32_mcp_fetch_gate_preview"
assert contract["caller"] == "market_intel"
assert contract["contract_ready"] is True
assert contract["blocked_reasons"] == []
@@ -731,7 +776,7 @@ def test_mcp_activation_runbook_route_is_preview_only():
assert response.status_code == 200
assert data["mode"] == "mcp_activation_runbook_preview"
assert data["phase"] == "phase_31_mcp_activation_runbook_preview"
assert data["phase"] == "phase_32_mcp_fetch_gate_preview"
assert data["deployment_actions_executed"] is False
assert data["docker_command_executed"] is False
assert data["ssh_command_executed"] is False
@@ -740,6 +785,88 @@ def test_mcp_activation_runbook_route_is_preview_only():
assert data["scheduler_attached"] is False
def test_mcp_fetch_gate_default_blocks_external_fetch():
gate = MarketIntelService().build_mcp_fetch_gate(fetch_requested=True)
assert gate["mode"] == "mcp_fetch_gate_planned"
assert gate["phase"] == "phase_32_mcp_fetch_gate_preview"
assert gate["fetch_requested"] is True
assert gate["manual_fetch_gate_open"] is False
assert gate["network_request_allowed"] is False
assert gate["would_use_external_network"] is False
assert gate["database_session_created"] is False
assert gate["database_write_executed"] is False
assert gate["database_commit_executed"] is False
assert gate["external_network_executed"] is False
assert gate["scheduler_attached"] is False
assert gate["writes_executed"] is False
assert gate["would_write_database"] is False
assert "market_intel_enabled" in gate["blocked_reasons"]
assert "market_intel_crawler_enabled" in gate["blocked_reasons"]
assert "mcp_readiness_executed" in gate["blocked_reasons"]
assert "mcp_router_enabled" in gate["blocked_reasons"]
def test_mcp_fetch_gate_can_open_with_mocked_ready_state():
class RuntimeStatus:
enabled = True
crawler_enabled = True
database_write_allowed = False
scheduler_attached = False
readiness = {
"mode": "mcp_readiness_read_only",
"execute_requested": True,
"router_enabled": True,
"external_mcp_complete": True,
"internal_mcp_complete": True,
"market_intel_mcp_integrated": True,
"blocked_reasons": [],
"readiness_checks": {
"market_intel_tool_contract_ready": True,
"external_servers_all_healthy": True,
},
}
gate = build_mcp_fetch_gate_preview(
RuntimeStatus(),
fetch_requested=True,
execute_readiness=True,
readiness=readiness,
)
assert gate["mode"] == "mcp_fetch_gate_read_only"
assert gate["manual_fetch_prerequisites_met"] is True
assert gate["manual_fetch_gate_open"] is True
assert gate["network_request_allowed"] is True
assert gate["blocked_reasons"] == []
assert gate["database_write_executed"] is False
assert gate["scheduler_attached"] is False
def test_mcp_fetch_gate_route_is_preview_only():
from routes.market_intel_routes import market_intel_bp
app = Flask(__name__)
app.secret_key = "test-secret"
app.register_blueprint(market_intel_bp)
client = app.test_client()
with client.session_transaction() as session:
session["logged_in"] = True
response = client.get("/api/market_intel/mcp_fetch_gate")
data = response.get_json()
assert response.status_code == 200
assert data["mode"] == "mcp_fetch_gate_planned"
assert data["phase"] == "phase_32_mcp_fetch_gate_preview"
assert data["fetch_requested"] is False
assert data["network_request_allowed"] is False
assert data["external_network_executed"] is False
assert data["database_write_executed"] is False
assert data["scheduler_attached"] is False
def test_mcp_deploy_preflight_blocks_without_required_env():
preflight = build_mcp_deploy_preflight_plan(env={})
@@ -803,7 +930,7 @@ def test_mcp_deploy_preflight_route_is_preview_only():
assert response.status_code == 200
assert data["mode"] == "mcp_external_deploy_preflight_preview"
assert data["phase"] == "phase_31_mcp_activation_runbook_preview"
assert data["phase"] == "phase_32_mcp_fetch_gate_preview"
assert data["deployment_actions_executed"] is False
assert data["docker_command_executed"] is False
assert data["ssh_command_executed"] is False
@@ -818,7 +945,7 @@ def test_mcp_readiness_default_is_planned_only(monkeypatch):
readiness = MarketIntelService().build_mcp_readiness()
assert readiness["mode"] == "mcp_readiness_planned"
assert readiness["phase"] == "phase_31_mcp_activation_runbook_preview"
assert readiness["phase"] == "phase_32_mcp_fetch_gate_preview"
assert readiness["execute_requested"] is False
assert readiness["router_enabled"] is False
assert readiness["external_mcp_complete"] is False
@@ -1204,6 +1331,7 @@ def test_deployment_readiness_reports_app_only_release_gate():
assert readiness["checks"]["mcp_tool_contract_ready"] is True
assert readiness["checks"]["mcp_deploy_preflight_preview_safe"] is True
assert readiness["checks"]["mcp_activation_runbook_preview_safe"] is True
assert readiness["checks"]["mcp_fetch_gate_preview_safe"] is True
assert readiness["checks"]["writer_plan_dry_run_only"] is True
assert readiness["writer_plan_summary"]["writes_executed"] is False
assert "readiness_checks_not_all_passed" not in readiness["blocked_reasons"]
@@ -1223,6 +1351,7 @@ def test_deployment_readiness_reports_app_only_release_gate():
assert "/api/market_intel/mcp_tool_contract" in readiness["production_smoke_targets"]
assert "/api/market_intel/mcp_deploy_preflight" in readiness["production_smoke_targets"]
assert "/api/market_intel/mcp_activation_runbook" in readiness["production_smoke_targets"]
assert "/api/market_intel/mcp_fetch_gate" in readiness["production_smoke_targets"]
assert readiness["write_approval_runbook"]["ready_for_real_write"] is False
assert readiness["write_approval_runbook"]["writes_executed"] is False
assert readiness["migration_blueprint"]["migration_executed"] is False
@@ -1239,6 +1368,8 @@ def test_deployment_readiness_reports_app_only_release_gate():
assert readiness["mcp_deploy_preflight"]["docker_command_executed"] is False
assert readiness["mcp_activation_runbook"]["deployment_actions_executed"] is False
assert readiness["mcp_activation_runbook"]["docker_command_executed"] is False
assert readiness["mcp_fetch_gate"]["network_request_allowed"] is False
assert readiness["mcp_fetch_gate"]["external_network_executed"] is False
def test_write_approval_runbook_is_read_only_and_blocks_real_write():