@ian2018cs/agenthub 0.1.44 → 0.1.46

package/server/database/db.js

@@ -247,6 +247,63 @@ const runMigrations = () => {
       )
     `);
 
+    // Migration: Add super_admin role (recreate users table with updated CHECK constraint)
+    const hasAnyUser = db.prepare('SELECT COUNT(*) as count FROM users').get().count > 0;
+    const hasSuperAdmin = db.prepare("SELECT COUNT(*) as count FROM users WHERE role = 'super_admin'").get().count > 0;
+
+    if (hasAnyUser && !hasSuperAdmin) {
+      console.log('Running migration: Adding super_admin role and promoting first admin');
+      db.exec('PRAGMA foreign_keys = OFF');
+      db.transaction(() => {
+        db.exec(`CREATE TABLE users_new (
+          id INTEGER PRIMARY KEY AUTOINCREMENT,
+          username TEXT UNIQUE,
+          password_hash TEXT,
+          email TEXT UNIQUE,
+          uuid TEXT,
+          role TEXT DEFAULT 'user' CHECK(role IN ('admin', 'user', 'super_admin')),
+          status TEXT DEFAULT 'active' CHECK(status IN ('active', 'disabled')),
+          created_at DATETIME DEFAULT CURRENT_TIMESTAMP,
+          last_login DATETIME,
+          is_active BOOLEAN DEFAULT 1,
+          git_name TEXT,
+          git_email TEXT,
+          has_completed_onboarding BOOLEAN DEFAULT 0,
+          total_limit_usd REAL DEFAULT NULL,
+          daily_limit_usd REAL DEFAULT NULL
+        )`);
+        db.exec('INSERT INTO users_new SELECT id,username,password_hash,email,uuid,role,status,created_at,last_login,is_active,git_name,git_email,has_completed_onboarding,total_limit_usd,daily_limit_usd FROM users');
+        db.exec('DROP TABLE users');
+        db.exec('ALTER TABLE users_new RENAME TO users');
+        db.exec("UPDATE users SET role='super_admin' WHERE id=(SELECT MIN(id) FROM users WHERE role='admin')");
+      })();
+      db.exec('PRAGMA foreign_keys = ON');
+      db.exec('CREATE UNIQUE INDEX IF NOT EXISTS idx_users_uuid ON users(uuid)');
+      db.exec('CREATE INDEX IF NOT EXISTS idx_users_role ON users(role)');
+      db.exec('CREATE INDEX IF NOT EXISTS idx_users_status ON users(status)');
+      db.exec('CREATE UNIQUE INDEX IF NOT EXISTS idx_users_email ON users(email)');
+    }
+
+    // 聊天图片持久化关联表
+    db.exec(`
+      CREATE TABLE IF NOT EXISTS message_images (
+        id INTEGER PRIMARY KEY AUTOINCREMENT,
+        upload_batch_id TEXT NOT NULL,
+        user_uuid TEXT NOT NULL,
+        session_id TEXT,
+        message_content TEXT,
+        original_name TEXT NOT NULL,
+        file_hash TEXT NOT NULL,
+        file_ext TEXT NOT NULL,
+        file_size INTEGER NOT NULL,
+        mime_type TEXT NOT NULL,
+        created_at DATETIME DEFAULT CURRENT_TIMESTAMP
+      )
+    `);
+    db.exec('CREATE INDEX IF NOT EXISTS idx_msg_images_batch ON message_images(upload_batch_id)');
+    db.exec('CREATE INDEX IF NOT EXISTS idx_msg_images_session ON message_images(session_id)');
+    db.exec('CREATE INDEX IF NOT EXISTS idx_msg_images_created ON message_images(created_at)');
+
     console.log('Database migrations completed successfully');
   } catch (error) {
     console.error('Error running migrations:', error.message);
@@ -418,6 +475,15 @@ const userDb = {
     }
   },
 
+  // Update user role
+  updateUserRole: (userId, role) => {
+    try {
+      db.prepare('UPDATE users SET role = ? WHERE id = ?').run(role, userId);
+    } catch (err) {
+      throw err;
+    }
+  },
+
   // Update user status
   updateUserStatus: (userId, status) => {
     try {
@@ -775,13 +841,13 @@ const usageDb = {
     try {
       return db.prepare(`
         SELECT
-          user_uuid,
-          SUM(total_cost_usd) as total_cost,
-          SUM(request_count) as total_requests,
-          SUM(session_count) as total_sessions,
-          MAX(date) as last_active
-        FROM usage_daily_summary
-        GROUP BY user_uuid
+          uds.user_uuid,
+          SUM(uds.total_cost_usd) as total_cost,
+          SUM(uds.request_count) as total_requests,
+          (SELECT COUNT(DISTINCT ur.session_id) FROM usage_records ur WHERE ur.user_uuid = uds.user_uuid AND ur.session_id IS NOT NULL) as total_sessions,
+          MAX(uds.date) as last_active
+        FROM usage_daily_summary uds
+        GROUP BY uds.user_uuid
         ORDER BY total_cost DESC
       `).all();
     } catch (err) {
@@ -819,10 +885,10 @@ const usageDb = {
           SUM(total_input_tokens) as total_input_tokens,
           SUM(total_output_tokens) as total_output_tokens,
           SUM(request_count) as total_requests,
-          SUM(session_count) as total_sessions
+          (SELECT COUNT(DISTINCT session_id) FROM usage_records WHERE user_uuid = ? AND session_id IS NOT NULL) as total_sessions
         FROM usage_daily_summary
         WHERE user_uuid = ?
-      `).get(userUuid);
+      `).get(userUuid, userUuid);
     } catch (err) {
       throw err;
     }
@@ -839,6 +905,7 @@ const usageDb = {
           COUNT(*) as requests
         FROM usage_records
         WHERE user_uuid = ? AND created_at >= ? AND created_at <= ?
+          AND COALESCE(raw_model, model) != '<synthetic>'
         GROUP BY COALESCE(raw_model, model)
         ORDER BY cost DESC
       `).all(userUuid, startDate + 'T00:00:00', endDate + 'T23:59:59');
@@ -854,11 +921,11 @@ const usageDb = {
         SELECT
           SUM(total_cost_usd) as total_cost,
           SUM(request_count) as total_requests,
-          SUM(session_count) as total_sessions,
+          (SELECT COUNT(DISTINCT session_id) FROM usage_records WHERE date(created_at) >= ? AND date(created_at) <= ? AND session_id IS NOT NULL) as total_sessions,
           COUNT(DISTINCT user_uuid) as active_users
         FROM usage_daily_summary
         WHERE date >= ? AND date <= ?
-      `).get(startDate, endDate);
+      `).get(startDate, endDate, startDate, endDate);
 
       const dailyTrend = db.prepare(`
         SELECT
@@ -879,6 +946,7 @@ const usageDb = {
           COUNT(*) as requests
         FROM usage_records
         WHERE created_at >= ? AND created_at <= ?
+          AND COALESCE(raw_model, model) != '<synthetic>'
         GROUP BY COALESCE(raw_model, model)
         ORDER BY cost DESC
       `).all(startDate + 'T00:00:00', endDate + 'T23:59:59');
@@ -1153,6 +1221,78 @@ const feishuDb = {
   }
 };
 
+// Image database operations (聊天图片持久化)
+const imageDb = {
+  insertImage: ({ upload_batch_id, user_uuid, original_name, file_hash, file_ext, file_size, mime_type }) => {
+    const result = db.prepare(`
+      INSERT INTO message_images (upload_batch_id, user_uuid, original_name, file_hash, file_ext, file_size, mime_type)
+      VALUES (?, ?, ?, ?, ?, ?, ?)
+    `).run(upload_batch_id, user_uuid, original_name, file_hash, file_ext, file_size, mime_type);
+    return result.lastInsertRowid;
+  },
+
+  associateBatch: (uploadBatchId, sessionId, messageContent) => {
+    db.prepare(`
+      UPDATE message_images SET session_id = ?, message_content = ? WHERE upload_batch_id = ?
+    `).run(sessionId, messageContent || null, uploadBatchId);
+  },
+
+  getImagesBySession: (sessionId) => {
+    return db.prepare(`
+      SELECT id, upload_batch_id, original_name, file_hash, file_ext, mime_type, message_content, created_at
+      FROM message_images WHERE session_id = ? ORDER BY created_at ASC
+    `).all(sessionId);
+  },
+
+  getImageById: (imageId) => {
+    return db.prepare(`
+      SELECT id, user_uuid, original_name, file_hash, file_ext, mime_type, created_at
+      FROM message_images WHERE id = ?
+    `).get(imageId) || null;
+  },
+
+  getExpiredImages: (days) => {
+    return db.prepare(`
+      SELECT id, user_uuid, file_hash, file_ext
+      FROM message_images WHERE created_at < datetime('now', '-' || ? || ' days')
+    `).all(days);
+  },
+
+  deleteImagesByIds: (ids) => {
+    if (!ids.length) return;
+    const placeholders = ids.map(() => '?').join(',');
+    db.prepare(`DELETE FROM message_images WHERE id IN (${placeholders})`).run(...ids);
+  },
+
+  deleteOrphanedImages: (hours) => {
+    const rows = db.prepare(`
+      SELECT id, user_uuid, file_hash, file_ext
+      FROM message_images WHERE session_id IS NULL AND created_at < datetime('now', '-' || ? || ' hours')
+    `).all(hours);
+    if (rows.length) {
+      const ids = rows.map(r => r.id);
+      const placeholders = ids.map(() => '?').join(',');
+      db.prepare(`DELETE FROM message_images WHERE id IN (${placeholders})`).run(...ids);
+    }
+    return rows;
+  },
+
+  countByHash: (userUuid, fileHash, excludeIds) => {
+    if (!excludeIds.length) {
+      const row = db.prepare(`
+        SELECT COUNT(*) as count FROM message_images WHERE user_uuid = ? AND file_hash = ?
+      `).get(userUuid, fileHash);
+      return row.count;
+    }
+    const placeholders = excludeIds.map(() => '?').join(',');
+    const row = db.prepare(`
+      SELECT COUNT(*) as count FROM message_images
+      WHERE user_uuid = ? AND file_hash = ? AND id NOT IN (${placeholders})
+    `).get(userUuid, fileHash, ...excludeIds);
+    return row.count;
+  }
+};
+
 export {
   db,
   initializeDatabase,
@@ -1161,5 +1301,6 @@ export {
   verificationDb,
   domainWhitelistDb,
   settingsDb,
-  feishuDb
+  feishuDb,
+  imageDb
 };

package/server/database/init.sql

@@ -11,7 +11,7 @@ CREATE TABLE IF NOT EXISTS users (
     password_hash TEXT,
     email TEXT UNIQUE,
     uuid TEXT,
-    role TEXT DEFAULT 'user' CHECK(role IN ('admin', 'user')),
+    role TEXT DEFAULT 'user' CHECK(role IN ('admin', 'user', 'super_admin')),
     status TEXT DEFAULT 'active' CHECK(status IN ('active', 'disabled')),
     created_at DATETIME DEFAULT CURRENT_TIMESTAMP,
     last_login DATETIME,

package/server/index.js

@@ -55,11 +55,13 @@ import usageRoutes from './routes/usage.js';
 import skillsRoutes from './routes/skills.js';
 import mcpReposRoutes from './routes/mcp-repos.js';
 import settingsRoutes from './routes/settings.js';
-import { initializeDatabase, userDb } from './database/db.js';
+import { initializeDatabase, userDb, imageDb } from './database/db.js';
 import { validateApiKey, authenticateToken, authenticateWebSocket } from './middleware/auth.js';
 import { getUserPaths, initCodexDirectories, initGeminiDirectories } from './services/user-directories.js';
 import { startUsageScanner } from './services/usage-scanner.js';
 import { startFeishuService, stopFeishuService } from './services/feishu/index.js';
+import { saveImage, getImagePath } from './services/image-storage.js';
+import { startImageCleanup } from './services/image-cleanup.js';
 
 // File system watcher for projects folder - per user
 const userWatchers = new Map(); // Map<userUuid, { watcher, clients: Set<ws> }>
@@ -382,13 +384,40 @@ app.get('/api/projects/:projectName/sessions/:sessionId/messages', authenticateT
 
         const result = await getSessionMessages(projectName, sessionId, parsedLimit, parsedOffset, req.user.uuid);
 
+        // Query persistent images for this session
+        let sessionImages = [];
+        try {
+            const images = imageDb.getImagesBySession(sessionId);
+            if (images.length > 0) {
+                // Group by upload_batch_id
+                const batchMap = new Map();
+                for (const img of images) {
+                    if (!batchMap.has(img.upload_batch_id)) {
+                        batchMap.set(img.upload_batch_id, {
+                            batchId: img.upload_batch_id,
+                            messageContent: img.message_content,
+                            createdAt: img.created_at,
+                            images: [],
+                        });
+                    }
+                    batchMap.get(img.upload_batch_id).images.push({
+                        id: img.id,
+                        name: img.original_name,
+                    });
+                }
+                sessionImages = Array.from(batchMap.values());
+            }
+        } catch (err) {
+            console.error('[WARN] Failed to load session images:', err.message);
+        }
+
         // Handle both old and new response formats
         if (Array.isArray(result)) {
             // Backward compatibility: no pagination parameters were provided
-            res.json({ messages: result });
+            res.json({ messages: result, sessionImages });
         } else {
             // New format with pagination info
-            res.json(result);
+            res.json({ ...result, sessionImages });
         }
     } catch (error) {
         res.status(500).json({ error: error.message });
@@ -729,6 +758,22 @@ function handleChatConnection(ws, userData) {
                     ...data.options,
                     userUuid,
                 }, writer);
+
+                // Associate uploaded images with the session after query completes
+                if (data.options?.uploadBatchId) {
+                    const sessionId = writer.getSessionId();
+                    if (sessionId) {
+                        try {
+                            imageDb.associateBatch(
+                                data.options.uploadBatchId,
+                                sessionId,
+                                data.command?.substring(0, 500) || ''
+                            );
+                        } catch (err) {
+                            console.error('[WARN] Failed to associate image batch:', err.message);
+                        }
+                    }
+                }
             } else if (data.type === 'abort-session') {
                 console.log('[DEBUG] Abort session request:', data.sessionId);
                 // Use Claude Agents SDK
@@ -1749,6 +1794,40 @@ Agent instructions:`;
     }
 });
 
+// Serve persistent chat images
+app.get('/api/images/:imageId', authenticateToken, (req, res) => {
+    try {
+        const imageId = parseInt(req.params.imageId, 10);
+        if (isNaN(imageId)) {
+            return res.status(400).json({ error: 'Invalid image ID' });
+        }
+
+        const image = imageDb.getImageById(imageId);
+        if (!image) {
+            return res.status(404).json({ error: 'Image not found' });
+        }
+
+        // Security: users can only access their own images
+        if (image.user_uuid !== req.user.uuid) {
+            return res.status(403).json({ error: 'Forbidden' });
+        }
+
+        const filePath = getImagePath(image.user_uuid, image.file_hash, image.file_ext);
+
+        // Check if file still exists on disk (may have been cleaned up)
+        if (!fs.existsSync(filePath)) {
+            return res.status(410).json({ error: 'Image expired' });
+        }
+
+        res.setHeader('Content-Type', image.mime_type);
+        res.setHeader('Cache-Control', 'private, max-age=86400');
+        res.sendFile(filePath);
+    } catch (error) {
+        console.error('Error serving image:', error);
+        res.status(500).json({ error: 'Internal server error' });
+    }
+});
+
 // Image upload endpoint
 app.post('/api/projects/:projectName/upload-images', authenticateToken, async (req, res) => {
     try {
@@ -1800,6 +1879,11 @@ app.post('/api/projects/:projectName/upload-images', authenticateToken, async (r
             }
 
             try {
+                // Generate a batch ID for this upload group
+                const { randomUUID } = await import('crypto');
+                const uploadBatchId = randomUUID();
+                const userUuid = req.user.uuid;
+
                 // Process uploaded images
                 const processedImages = await Promise.all(
                     req.files.map(async (file) => {
@@ -1811,7 +1895,23 @@ app.post('/api/projects/:projectName/upload-images', authenticateToken, async (r
                         // Clean up temp file immediately
                         await fs.unlink(file.path);
 
+                        // Persist image to file system (hash-deduplicated)
+                        const ext = file.originalname.split('.').pop()?.toLowerCase() || 'bin';
+                        const { fileHash } = await saveImage(userUuid, buffer, ext);
+
+                        // Insert DB record (session_id=NULL, will be associated later)
+                        const imageId = imageDb.insertImage({
+                            upload_batch_id: uploadBatchId,
+                            user_uuid: userUuid,
+                            original_name: file.originalname,
+                            file_hash: fileHash,
+                            file_ext: ext,
+                            file_size: file.size,
+                            mime_type: mimeType,
+                        });
+
                         return {
+                            id: Number(imageId),
                             name: file.originalname,
                             data: `data:${mimeType};base64,${base64}`,
                             size: file.size,
@@ -1820,7 +1920,7 @@ app.post('/api/projects/:projectName/upload-images', authenticateToken, async (r
                     })
                 );
 
-                res.json({ images: processedImages });
+                res.json({ images: processedImages, uploadBatchId });
             } catch (error) {
                 console.error('Error processing images:', error);
                 // Clean up any remaining files
@@ -2251,6 +2351,9 @@ async function startServer() {
             // Start usage scanner service
             startUsageScanner();
 
+            // Start image cleanup service (30-day expiry)
+            startImageCleanup();
+
             // Start Feishu integration service (if configured)
             if (process.env.FEISHU_APP_ID && process.env.FEISHU_APP_SECRET) {
                 startFeishuService().catch(err =>

package/server/routes/admin.js

@@ -7,14 +7,22 @@ import { deleteUserDirectories, initUserDirectories } from '../services/user-dir
 
 const router = express.Router();
 
-// Admin middleware
+// Admin middleware - allows both admin and super_admin
 const requireAdmin = (req, res, next) => {
-  if (req.user.role !== 'admin') {
+  if (req.user.role !== 'admin' && req.user.role !== 'super_admin') {
     return res.status(403).json({ error: 'Admin access required' });
   }
   next();
 };
 
+// Super admin only middleware
+const requireSuperAdmin = (req, res, next) => {
+  if (req.user.role !== 'super_admin') {
+    return res.status(403).json({ error: 'Super admin access required' });
+  }
+  next();
+};
+
 // Apply auth and admin middleware to all routes
 router.use(authenticateToken);
 router.use(requireAdmin);
@@ -108,6 +116,11 @@ router.patch('/users/:id', (req, res) => {
       return res.status(404).json({ error: 'User not found' });
     }
 
+    // admin cannot operate on other admin/super_admin users
+    if (req.user.role === 'admin' && ['admin', 'super_admin'].includes(user.role)) {
+      return res.status(403).json({ error: '无权操作管理员账户' });
+    }
+
     userDb.updateUserStatus(id, status);
     res.json({ success: true, message: `User status updated to ${status}` });
   } catch (error) {
@@ -131,6 +144,11 @@ router.delete('/users/:id', async (req, res) => {
       return res.status(404).json({ error: 'User not found' });
     }
 
+    // admin cannot delete other admin/super_admin users
+    if (req.user.role === 'admin' && ['admin', 'super_admin'].includes(user.role)) {
+      return res.status(403).json({ error: '无权删除管理员账户' });
+    }
+
     // Delete user directories
     if (user.uuid) {
       await deleteUserDirectories(user.uuid);
@@ -167,6 +185,11 @@ router.patch('/users/:id/password', async (req, res) => {
       return res.status(404).json({ error: '用户不存在' });
     }
 
+    // admin cannot reset password of other admin/super_admin users
+    if (req.user.role === 'admin' && ['admin', 'super_admin'].includes(user.role)) {
+      return res.status(403).json({ error: '无权重置管理员密码' });
+    }
+
     // Can only reset password for password-login users
     if (!user.password_hash) {
       return res.status(400).json({ error: '该用户使用邮箱验证码登录，无法重置密码' });
@@ -186,6 +209,37 @@ router.patch('/users/:id/password', async (req, res) => {
   }
 });
 
+// Update user role (super_admin only)
+router.patch('/users/:id/role', requireSuperAdmin, (req, res) => {
+  try {
+    const { id } = req.params;
+    const { role } = req.body;
+
+    if (!['admin', 'user'].includes(role)) {
+      return res.status(400).json({ error: '只能设置为 admin 或 user' });
+    }
+
+    if (parseInt(id) === req.user.id) {
+      return res.status(400).json({ error: '不能修改自己的角色' });
+    }
+
+    const user = userDb.getUserById(id);
+    if (!user) {
+      return res.status(404).json({ error: 'User not found' });
+    }
+
+    if (user.role === 'super_admin') {
+      return res.status(403).json({ error: '不能修改超级管理员的角色' });
+    }
+
+    userDb.updateUserRole(id, role);
+    res.json({ success: true, message: '用户角色已更新' });
+  } catch (error) {
+    console.error('Error updating user role:', error);
+    res.status(500).json({ error: '更新用户角色失败' });
+  }
+});
+
 // ==================== User Spending Limits ====================
 
 // Get user spending limits
@@ -227,9 +281,17 @@ router.patch('/users/:id/limits', (req, res) => {
       }
     }
 
-    // Prevent modifying own limits
-    if (parseInt(id) === req.user.id) {
-      return res.status(400).json({ error: '不能修改自己的额度限制' });
+    const isSelf = parseInt(id) === req.user.id;
+
+    // admin can only set limits for themselves or for user-role accounts
+    if (req.user.role === 'admin' && !isSelf) {
+      const targetUser = userDb.getUserById(id);
+      if (!targetUser) {
+        return res.status(404).json({ error: 'User not found' });
+      }
+      if (['admin', 'super_admin'].includes(targetUser.role)) {
+        return res.status(403).json({ error: '无权修改管理员账户的限额' });
+      }
     }
 
     const user = userDb.getUserById(id);

package/server/routes/auth.js

@@ -111,13 +111,13 @@ router.post('/verify-code', async (req, res) => {
     // If user doesn't exist, create new user (registration)
     if (!user) {
       const userCount = userDb.getUserCount();
-      const role = userCount === 0 ? 'admin' : 'user';
+      const role = userCount === 0 ? 'super_admin' : 'user';
       const uuid = uuidv4();
 
       user = userDb.createUserWithEmail(email, uuid, role);
 
-      // Apply default total limit for non-admin users
-      if (role !== 'admin') {
+      // Apply default total limit for regular users only
+      if (role === 'user') {
         const defaultTotalLimit = settingsDb.get('default_total_limit_usd');
         if (defaultTotalLimit !== null) {
           userDb.updateUserLimits(user.id, parseFloat(defaultTotalLimit), null);
@@ -276,6 +276,7 @@ router.patch('/change-password', authenticateToken, async (req, res) => {
 // Get current user's spending limit status
 router.get('/limit-status', authenticateToken, (req, res) => {
   try {
+    if (req.user.role === 'super_admin') return res.json({ allowed: true });
     const status = usageDb.checkUserLimits(req.user.uuid);
     res.json(status);
   } catch (error) {

package/server/routes/usage.js

@@ -7,7 +7,7 @@ const router = express.Router();
 
 // Admin middleware
 const requireAdmin = (req, res, next) => {
-  if (req.user.role !== 'admin') {
+  if (req.user.role !== 'admin' && req.user.role !== 'super_admin') {
     return res.status(403).json({ error: 'Admin access required' });
   }
   next();

package/server/services/feishu/sdk-bridge.js

@@ -16,7 +16,7 @@
  */
 
 import { queryClaudeSDK } from '../../claude-sdk.js';
-import { usageDb } from '../../database/db.js';
+import { usageDb, userDb } from '../../database/db.js';
 import { feishuDb } from './feishu-db.js';
 import fs from 'fs/promises';
 import path from 'path';
@@ -413,14 +413,17 @@ async function runQuery({
   larkClient,
   pendingApprovals,
 }) {
-  // 限额检查
-  const limitStatus = usageDb.checkUserLimits(userUuid);
-  if (!limitStatus.allowed) {
-    const reason = limitStatus.reason === 'daily_limit_exceeded'
-      ? `每日用量已达上限 ($${limitStatus.limit.toFixed(2)})`
-      : `总用量已达上限 ($${limitStatus.limit.toFixed(2)})`;
-    await larkClient.sendText(chatId, `⚠️ ${reason}，请联系管理员。`);
-    return;
+  // 限额检查（super_admin 豁免）
+  const feishuUser = userDb.getUserByUuid(userUuid);
+  if (feishuUser?.role !== 'super_admin') {
+    const limitStatus = usageDb.checkUserLimits(userUuid);
+    if (!limitStatus.allowed) {
+      const reason = limitStatus.reason === 'daily_limit_exceeded'
+        ? `每日用量已达上限 ($${limitStatus.limit.toFixed(2)})`
+        : `总用量已达上限 ($${limitStatus.limit.toFixed(2)})`;
+      await larkClient.sendText(chatId, `⚠️ ${reason}，请联系管理员。`);
+      return;
+    }
   }
 
   const { claude_session_id, cwd, permission_mode } = state || {};

package/server/services/image-cleanup.js

@@ -0,0 +1,79 @@
+/**
+ * image-cleanup.js — 定时清理过期图片
+ *
+ * - 每小时运行一次
+ * - 删除 30 天以上的图片记录和文件
+ * - 删除 24 小时以上未关联 session 的孤儿图片
+ * - 删文件前检查同 hash 是否还有其他引用（去重安全）
+ */
+
+import { imageDb } from '../database/db.js';
+import { deleteImageFile } from './image-storage.js';
+
+const CLEANUP_INTERVAL_MS = 60 * 60 * 1000; // 1 hour
+const RETENTION_DAYS = 30;
+const ORPHAN_HOURS = 24;
+
+let cleanupInterval = null;
+
+export function startImageCleanup() {
+  console.log('[ImageCleanup] Starting image cleanup service');
+
+  // Initial cleanup after 30s
+  setTimeout(() => runCleanup(), 30000);
+
+  // Schedule periodic cleanup
+  cleanupInterval = setInterval(() => runCleanup(), CLEANUP_INTERVAL_MS);
+  console.log(`[ImageCleanup] Scheduled to run every ${CLEANUP_INTERVAL_MS / 1000 / 60} minutes`);
+}
+
+export function stopImageCleanup() {
+  if (cleanupInterval) {
+    clearInterval(cleanupInterval);
+    cleanupInterval = null;
+  }
+}
+
+async function runCleanup() {
+  try {
+    let deletedFiles = 0;
+    let deletedRecords = 0;
+
+    // 1. Clean expired images (>30 days)
+    const expiredImages = imageDb.getExpiredImages(RETENTION_DAYS);
+    if (expiredImages.length > 0) {
+      const expiredIds = expiredImages.map(img => img.id);
+
+      // Delete files only when no other records reference the same hash
+      for (const img of expiredImages) {
+        const otherRefs = imageDb.countByHash(img.user_uuid, img.file_hash, expiredIds);
+        if (otherRefs === 0) {
+          await deleteImageFile(img.user_uuid, img.file_hash, img.file_ext);
+          deletedFiles++;
+        }
+      }
+
+      imageDb.deleteImagesByIds(expiredIds);
+      deletedRecords += expiredIds.length;
+    }
+
+    // 2. Clean orphaned uploads (session_id IS NULL, >24h)
+    const orphaned = imageDb.deleteOrphanedImages(ORPHAN_HOURS);
+    if (orphaned.length > 0) {
+      for (const img of orphaned) {
+        const otherRefs = imageDb.countByHash(img.user_uuid, img.file_hash, [img.id]);
+        if (otherRefs === 0) {
+          await deleteImageFile(img.user_uuid, img.file_hash, img.file_ext);
+          deletedFiles++;
+        }
+      }
+      deletedRecords += orphaned.length;
+    }
+
+    if (deletedRecords > 0) {
+      console.log(`[ImageCleanup] Cleaned up ${deletedRecords} records, ${deletedFiles} files`);
+    }
+  } catch (error) {
+    console.error('[ImageCleanup] Error during cleanup:', error);
+  }
+}