OoO 52c06f6861 fix(ppt): admin guard for destructive /cache commands (critic Medium-3) ...

Critic Medium-3：群組內任意成員可執行破壞性快取指令的問題。

新增機制：
- ADMIN_USER_IDS：新增 OPENCLAW_ADMIN_USER_IDS 環境變數
  逗號分隔的 user_id；未設時退回 ALLOWED_USERS（向後兼容）
- _is_admin(user_id)：fail-closed 判定函式
- _CURRENT_USER_ID_CTX：ContextVar 在 webhook 入口（msg + callback）
  set 當前 user_id，避免改 handle_cmd 30+ 處呼叫端簽名

權限模型：
| 指令                              | 權限    | 行為                |
| /cache status                     | 已授權  | 任何已授權用戶可看  |
| /cache cleanup [days]             | 已授權  | 預設乾跑可預覽      |
| /cache flush <type>               | admin   | 拒絕非 admin        |
| /cache cleanup [days] confirm     | admin   | 拒絕非 admin        |
| /cache cleanup [days<1] confirm   | -       | 強制乾跑（防呆）    |

非 admin 嘗試破壞性指令時，回傳清楚錯誤訊息引導設定環境變數。
admin 操作會額外寫 sys_log.warning 留軌跡（含 user_id）。

煙霧測試：
- syntax OK
- _is_admin(None) / _is_admin("abc") / _is_admin(unknown_id) 皆 False
- ContextVar set/get 行為正確

剩餘 Medium 1/2 + Info 類後續再處理（非緊急）。

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

2026-05-02 17:35:48 +08:00

.claude

style(ppt): align PPT palette perfectly with MOMO Pro v2 design tokens (Beige, Warm Ink, Caramel Orange) as per frontend upgrade roadmap

2026-05-02 15:01:55 +08:00

.gitea/workflows

fix(runtime): 強化健康檢查監控韌性

2026-05-01 14:46:49 +08:00

.github/workflows

Fix Telegram bot natural language communication issue

2026-04-22 14:27:50 +08:00

.windsurf/workflows

feat: 實作 PPT 簡報資料庫持久化機制

2026-04-20 22:59:04 +08:00

aiops-core

feat: EwoooC 初始化 — 完整專案推版至 Gitea

2026-04-19 01:21:13 +08:00

bin

feat: EwoooC 初始化 — 完整專案推版至 Gitea

2026-04-19 01:21:13 +08:00

crawler

feat: EwoooC 初始化 — 完整專案推版至 Gitea

2026-04-19 01:21:13 +08:00

data

feat: EwoooC 初始化 — 完整專案推版至 Gitea

2026-04-19 01:21:13 +08:00

database

fix(db): 補齊 action_plans schema drift

2026-04-30 14:45:40 +08:00

deploy

feat: EwoooC 初始化 — 完整專案推版至 Gitea

2026-04-19 01:21:13 +08:00

deploy_scripts

feat: EwoooC 初始化 — 完整專案推版至 Gitea

2026-04-19 01:21:13 +08:00

docker

fix(runtime): 強化健康檢查監控韌性

2026-05-01 14:46:49 +08:00

docs

style(ppt): align PPT palette perfectly with MOMO Pro v2 design tokens (Beige, Warm Ink, Caramel Orange) as per frontend upgrade roadmap

2026-05-02 15:01:55 +08:00

export_assets

feat: EwoooC 初始化 — 完整專案推版至 Gitea

2026-04-19 01:21:13 +08:00

k8s

feat: EwoooC 初始化 — 完整專案推版至 Gitea

2026-04-19 01:21:13 +08:00

k8s 2

feat: EwoooC 初始化 — 完整專案推版至 Gitea

2026-04-19 01:21:13 +08:00

migrations

feat(competitor): persist match attempts

2026-05-01 20:56:17 +08:00

MOMO Pro

style(ppt): align PPT palette perfectly with MOMO Pro v2 design tokens (Beige, Warm Ink, Caramel Orange) as per frontend upgrade roadmap

2026-05-02 15:01:55 +08:00

monitoring

fix(runtime): 強化健康檢查監控韌性

2026-05-01 14:46:49 +08:00

n8n-workflows

feat: EwoooC 初始化 — 完整專案推版至 Gitea

2026-04-19 01:21:13 +08:00

nextcloud

feat: EwoooC 初始化 — 完整專案推版至 Gitea

2026-04-19 01:21:13 +08:00

routes

fix(ppt): admin guard for destructive /cache commands (critic Medium-3)

2026-05-02 17:35:48 +08:00

scripts

fix(ppt): address critic findings on commit 38967ce (HIGH-1, HIGH-2, Medium-4)

2026-05-02 17:23:02 +08:00

services

fix(ppt): address critic findings on commit 38967ce (HIGH-1, HIGH-2, Medium-4)

2026-05-02 17:23:02 +08:00

static/images

fix(frontend): 掛載 Flask web static assets

2026-04-30 23:53:23 +08:00

static_maintenance

feat: EwoooC 初始化 — 完整專案推版至 Gitea

2026-04-19 01:21:13 +08:00

templates

style(ppt): align PPT palette perfectly with MOMO Pro v2 design tokens (Beige, Warm Ink, Caramel Orange) as per frontend upgrade roadmap

2026-05-02 15:01:55 +08:00

tests

test(openclaw): assert /menu returns full main menu keyboard

2026-05-02 16:13:43 +08:00

utils

fix(momo): block EC404 auto-open with end-to-end URL guard

2026-05-02 12:00:34 +08:00

web

feat(frontend): sync latest MOMO Pro prototype styling

2026-05-01 20:32:23 +08:00

__init__.py

feat: EwoooC 初始化 — 完整專案推版至 Gitea

2026-04-19 01:21:13 +08:00

.claudeignore

feat: 實作 PPT 簡報資料庫持久化機制

2026-04-20 22:59:04 +08:00

.env.example

fix(runtime): 強化健康檢查監控韌性

2026-05-01 14:46:49 +08:00

.gitignore

feat(frontend): 新增 V2 dashboard feature flag

2026-04-30 23:45:49 +08:00

.gitlab-ci.yml

feat: EwoooC 初始化 — 完整專案推版至 Gitea

2026-04-19 01:21:13 +08:00

AGENTS.md

fix(runtime): 強化健康檢查監控韌性

2026-05-01 14:46:49 +08:00

app.py

fix(openclaw): route wakeup phrases back to menu

2026-05-02 16:03:49 +08:00

auth.py

refactor(routes): 刪除 app.py 首頁重複路由

2026-04-29 21:11:45 +08:00

AUTO_IMPORT_README.md

chore(cleanup): 移除 legacy 5888 測試入口

2026-04-30 14:12:21 +08:00

CLAUDE.md

docs(governance): 建立 Codex 專案入口與記憶索引

2026-04-29 22:11:23 +08:00

CODE_REVIEW_GUIDE.md

Fix Telegram bot natural language communication issue

2026-04-22 14:27:50 +08:00

components

fix(repo): update broken symlink to correct components path

2026-04-20 23:59:33 +08:00

config.py

feat(reports): move monthly analysis to v2 shell

2026-05-01 21:13:18 +08:00

CONSTITUTION.md

fix(ai): supersede old product picks

2026-05-01 16:24:15 +08:00

deploy_docker_guide.md

feat: EwoooC 初始化 — 完整專案推版至 Gitea

2026-04-19 01:21:13 +08:00

deploy_docker_uat.sh

feat: EwoooC 初始化 — 完整專案推版至 Gitea

2026-04-19 01:21:13 +08:00

DEPLOY_README.md

feat: EwoooC 初始化 — 完整專案推版至 Gitea

2026-04-19 01:21:13 +08:00

deploy_to_uat.sh

feat: EwoooC 初始化 — 完整專案推版至 Gitea

2026-04-19 01:21:13 +08:00

DEPLOYMENT_WORKFLOW.md

feat: EwoooC 初始化 — 完整專案推版至 Gitea

2026-04-19 01:21:13 +08:00

design_assets_recommendation.md

feat: EwoooC 初始化 — 完整專案推版至 Gitea

2026-04-19 01:21:13 +08:00

disable_maintenance.sh

feat: EwoooC 初始化 — 完整專案推版至 Gitea

2026-04-19 01:21:13 +08:00

docker-compose.devops.yml

feat: EwoooC 初始化 — 完整專案推版至 Gitea

2026-04-19 01:21:13 +08:00

docker-compose.yml

fix(frontend): 掛載 Flask web static assets

2026-04-30 23:53:23 +08:00

Dockerfile

feat(ppt): redesign all 6 reports to professional standard + cache versioning

2026-05-02 16:26:27 +08:00

DRIFT_SCANNER_FIX_GUIDE.md

fix: drift-scanner pods cleanup script and guide

2026-04-22 11:14:48 +08:00

DRIFT_SCANNER_NOTES.md

add drift-scanner cleanup notes

2026-04-22 14:27:50 +08:00

enable_maintenance.sh

feat: EwoooC 初始化 — 完整專案推版至 Gitea

2026-04-19 01:21:13 +08:00

final_report.md

feat: EwoooC 初始化 — 完整專案推版至 Gitea

2026-04-19 01:21:13 +08:00

GOOGLE_DRIVE_SETUP.md

chore(cleanup): 移除 legacy 5888 測試入口

2026-04-30 14:12:21 +08:00

gunicorn.conf.py

fix(dashboard): prewarm cache and expose pick evidence

2026-05-01 16:34:13 +08:00

gunicorn.service

feat: EwoooC 初始化 — 完整專案推版至 Gitea

2026-04-19 01:21:13 +08:00

incorrect_images.txt

feat: EwoooC 初始化 — 完整專案推版至 Gitea

2026-04-19 01:21:13 +08:00

kill_old_gunicorn.sh

feat: EwoooC 初始化 — 完整專案推版至 Gitea

2026-04-19 01:21:13 +08:00

messageImage_1768497700711.jpg

feat: EwoooC 初始化 — 完整專案推版至 Gitea

2026-04-19 01:21:13 +08:00

momo-scheduler.service

feat: EwoooC 初始化 — 完整專案推版至 Gitea

2026-04-19 01:21:13 +08:00

momo.service

feat: EwoooC 初始化 — 完整專案推版至 Gitea

2026-04-19 01:21:13 +08:00

monitor_memory_trend.sh

feat: EwoooC 初始化 — 完整專案推版至 Gitea

2026-04-19 01:21:13 +08:00

nginx.conf

feat: EwoooC 初始化 — 完整專案推版至 Gitea

2026-04-19 01:21:13 +08:00

PROJECT_CONSTITUTION.md

docs(governance): 建立 Codex 專案入口與記憶索引

2026-04-29 22:11:23 +08:00

pyvenv.cfg

feat: EwoooC 初始化 — 完整專案推版至 Gitea

2026-04-19 01:21:13 +08:00

quick_fix.sh

feat: EwoooC 初始化 — 完整專案推版至 Gitea

2026-04-19 01:21:13 +08:00

requirements.txt

fix(security): 全域健檢 — 40 項安全/Bug/品質修復

2026-04-22 01:12:23 +08:00

run_scheduler.py

feat(ai): 自動補抓並重算 PChome 挑品

2026-05-01 14:02:37 +08:00

run_security_tests.sh

feat: EwoooC 初始化 — 完整專案推版至 Gitea

2026-04-19 01:21:13 +08:00

run_telegram_bot.py

fix(telegram): dedupe webhook+polling updates via shared DB guard

2026-05-02 12:01:04 +08:00

scheduler.py

fix(momo): block EC404 auto-open with end-to-end URL guard

2026-05-02 12:00:34 +08:00

SECURITY_FIX_DATABASE_PASSWORD.md

fix: resolve datetime variable scope error and duplicate alert notifications

2026-04-22 14:32:34 +08:00

SECURITY_FIX_SUMMARY.md

fix(devops): 清理舊端口與危險 compose 操作

2026-04-30 14:24:53 +08:00

setup_maintenance_and_fix_timeout.sh

feat: EwoooC 初始化 — 完整專案推版至 Gitea

2026-04-19 01:21:13 +08:00

start_momo.command

fix(devops): 清理舊端口與危險 compose 操作

2026-04-30 14:24:53 +08:00

sync_env.sh

feat: EwoooC 初始化 — 完整專案推版至 Gitea

2026-04-19 01:21:13 +08:00

test_vendor.xlsx

feat: EwoooC 初始化 — 完整專案推版至 Gitea

2026-04-19 01:21:13 +08:00

TODO_NEXT_STEPS.txt

refactor(openclaw): 抽出 Telegram API helper

2026-04-30 14:24:45 +08:00

vendor_email_template.xlsx

feat: EwoooC 初始化 — 完整專案推版至 Gitea

2026-04-19 01:21:13 +08:00

即時業績_當日_20260112.xlsx

feat: EwoooC 初始化 — 完整專案推版至 Gitea

2026-04-19 01:21:13 +08:00

廠商清單_含郵件欄位_20260112_233715.xlsx

feat: EwoooC 初始化 — 完整專案推版至 Gitea

2026-04-19 01:21:13 +08:00

活頁簿2.xlsx

feat: EwoooC 初始化 — 完整專案推版至 Gitea

2026-04-19 01:21:13 +08:00

測試_MAIL欄位_大寫.xlsx

feat: EwoooC 初始化 — 完整專案推版至 Gitea

2026-04-19 01:21:13 +08:00

Description

EwoooC — 商品看板 + 業績報表 + AI KM (Flask + pgvector, Docker Compose on 188)

37 MiB

Languages

PostScript 59.7%

Python 30.9%

HTML 4.2%

CSS 2.1%

JavaScript 1.9%

Other 1.1%