aios-management-web 0.1.0

package/server/src/services/topic-ping-service.js

@@ -0,0 +1,282 @@
+import { randomUUID } from "node:crypto";
+
+import mqtt from "mqtt";
+
+import { badRequest, notFound, serviceUnavailable } from "../utils/errors.js";
+
+const DEFAULT_TIMEOUT_MS = 15000;
+
+function firstText(...values) {
+  for (const value of values) {
+    if (typeof value === "string" && value.trim()) {
+      return value.trim();
+    }
+  }
+
+  return "";
+}
+
+function normalizeInboundPayload(messageId, sessionId) {
+  return {
+    senderId: "aios-management-web",
+    sessionId,
+    disableBlockStreaming: true,
+    text: `请直接回复 PONG ${messageId}。不要附带任何其他内容，也不要调用任何工具。`
+  };
+}
+
+function matchesPingReply(payload, sessionId, messageId) {
+  if (!payload || typeof payload !== "object") {
+    return false;
+  }
+
+  if (String(payload.sessionId || "").trim() !== sessionId) {
+    return false;
+  }
+
+  const text = String(payload.text || "").trim().toUpperCase();
+  return text.includes(`PONG ${messageId}`.toUpperCase());
+}
+
+export class TopicPingService {
+  constructor({ db, env, mqttFactory = mqtt, rpcClient = null }) {
+    this.db = db;
+    this.env = env;
+    this.mqttFactory = mqttFactory;
+    this.rpcClient = rpcClient;
+  }
+
+  isConfigured() {
+    return Boolean(this.env?.mqtt?.brokerUrl);
+  }
+
+  async pingAdmin(timeoutMs = DEFAULT_TIMEOUT_MS) {
+    const inboundTopic = firstText(this.env?.mqtt?.adminInboundTopic);
+    const outboundTopic = firstText(this.env?.mqtt?.adminOutboundTopic);
+    if (!inboundTopic || !outboundTopic) {
+      throw badRequest("缺少 admin inbound/outbound topic");
+    }
+
+    return await this.pingTopics({ inboundTopic, outboundTopic, target: "admin" }, timeoutMs);
+  }
+
+  async pingAgent(agentId, timeoutMs = DEFAULT_TIMEOUT_MS) {
+    const normalizedAgentId = String(agentId || "").trim();
+    if (!normalizedAgentId) {
+      throw badRequest("缺少数字员工 ID");
+    }
+
+    const row = this.db.prepare("SELECT * FROM agents WHERE slug = ?").get(normalizedAgentId);
+    if (!row) {
+      throw notFound(`数字员工不存在：${normalizedAgentId}`);
+    }
+
+    const remoteState = JSON.parse(row.remote_state_json || "{}");
+    const inboundTopic = firstText(
+      remoteState?.inboundTopic,
+      remoteState?.["inbound-topic"],
+      this.env?.mqtt?.agentInboundTopicTemplate?.replaceAll("{agentId}", normalizedAgentId)
+    );
+    const outboundTopic = firstText(
+      remoteState?.outboundTopic,
+      remoteState?.["outbound-topic"],
+      this.env?.mqtt?.agentOutboundTopicTemplate?.replaceAll("{agentId}", normalizedAgentId)
+    );
+
+    if (!inboundTopic || !outboundTopic) {
+      throw badRequest(`数字员工 ${normalizedAgentId} 缺少 inbound/outbound topic`);
+    }
+
+    return await this.pingTopics({
+      inboundTopic,
+      outboundTopic,
+      target: normalizedAgentId
+    }, timeoutMs);
+  }
+
+  async waitForAgentReady(agentId, {
+    timeoutMs = 90000,
+    intervalMs = 2000,
+    pingTimeoutMs = DEFAULT_TIMEOUT_MS
+  } = {}) {
+    const startedAt = Date.now();
+    let lastError = null;
+
+    while (Date.now() - startedAt < timeoutMs) {
+      try {
+        const result = await this.pingAgent(agentId, pingTimeoutMs);
+        return {
+          ...result,
+          waitedMs: Date.now() - startedAt
+        };
+      } catch (error) {
+        lastError = error;
+      }
+
+      await new Promise((resolve) => setTimeout(resolve, intervalMs));
+    }
+
+    throw serviceUnavailable(`数字员工 ${agentId} 在超时时间内仍未就绪`, {
+      agentId,
+      timeoutMs,
+      cause: lastError?.message || String(lastError || "")
+    });
+  }
+
+  async waitForAgentRuntimeReady(agentId, {
+    timeoutMs = 60000
+  } = {}) {
+    const normalizedAgentId = String(agentId || "").trim();
+    const row = this.db.prepare("SELECT * FROM agents WHERE slug = ?").get(normalizedAgentId);
+    if (!row) {
+      throw notFound(`数字员工不存在：${normalizedAgentId}`);
+    }
+    if (!this.rpcClient || typeof this.rpcClient.on !== "function" || typeof this.rpcClient.off !== "function") {
+      throw serviceUnavailable("管理端 outbound 监听未配置");
+    }
+
+    const remoteState = JSON.parse(row.remote_state_json || "{}");
+    const inboundTopic = firstText(
+      remoteState?.inboundTopic,
+      remoteState?.["inbound-topic"],
+      this.env?.mqtt?.agentInboundTopicTemplate?.replaceAll("{agentId}", normalizedAgentId)
+    );
+    const outboundTopic = firstText(
+      remoteState?.outboundTopic,
+      remoteState?.["outbound-topic"],
+      this.env?.mqtt?.agentOutboundTopicTemplate?.replaceAll("{agentId}", normalizedAgentId)
+    );
+    const startedAt = Date.now();
+
+    return await new Promise((resolve, reject) => {
+      const cleanup = () => {
+        clearTimeout(timer);
+        this.rpcClient.off("outbound_message", handleMessage);
+      };
+
+      const handleMessage = (message) => {
+        if (message?.request?.action !== "agent.create") {
+          return;
+        }
+
+        const requestedAgentId = String(message?.request?.params?.agentId || "").trim();
+        if (requestedAgentId !== normalizedAgentId) {
+          return;
+        }
+
+        cleanup();
+        resolve({
+          ok: true,
+          waitedMs: Date.now() - startedAt,
+          inboundTopic,
+          outboundTopic,
+          reply: message
+        });
+      };
+
+      const timer = setTimeout(() => {
+        cleanup();
+        reject(serviceUnavailable(`数字员工 ${normalizedAgentId} 在超时时间内仍未进入运行态`, {
+          agentId: normalizedAgentId,
+          timeoutMs
+        }));
+      }, timeoutMs);
+
+      this.rpcClient.on("outbound_message", handleMessage);
+    });
+  }
+
+  async pingTopics({ inboundTopic, outboundTopic, target }, timeoutMs = DEFAULT_TIMEOUT_MS) {
+    if (!this.isConfigured()) {
+      throw serviceUnavailable("MQTT broker 未配置");
+    }
+
+    const connect = this.mqttFactory.connect || this.mqttFactory;
+    const client = connect(this.env.mqtt.brokerUrl, {
+      clientId: `aios-web-ping-${randomUUID().slice(0, 8)}`,
+      username: this.env.mqtt.username || undefined,
+      password: this.env.mqtt.password || undefined,
+      clean: true,
+      reconnectPeriod: 0
+    });
+
+    const messageId = randomUUID().slice(0, 8).toUpperCase();
+    const sessionId = `topic-ping-${randomUUID()}`;
+    const payload = normalizeInboundPayload(messageId, sessionId);
+    const startedAt = Date.now();
+
+    try {
+      await new Promise((resolve, reject) => {
+        const cleanup = () => {
+          client.off("connect", onConnect);
+          client.off("error", onError);
+        };
+        const onConnect = () => {
+          cleanup();
+          resolve();
+        };
+        const onError = (error) => {
+          cleanup();
+          reject(error);
+        };
+        client.once("connect", onConnect);
+        client.once("error", onError);
+      });
+
+      await new Promise((resolve, reject) => {
+        client.subscribe(outboundTopic, { qos: 1 }, (error) => {
+          if (error) {
+            reject(error);
+            return;
+          }
+          resolve();
+        });
+      });
+
+      const result = await new Promise((resolve, reject) => {
+        const timer = setTimeout(() => {
+          client.off("message", onMessage);
+          reject(serviceUnavailable(`Ping 超时：${target}`, { responseTimeMs: Date.now() - startedAt }));
+        }, timeoutMs);
+
+        const onMessage = (_topic, raw) => {
+          try {
+            const message = JSON.parse(raw.toString("utf8"));
+            if (!matchesPingReply(message, sessionId, messageId)) {
+              return;
+            }
+
+            clearTimeout(timer);
+            client.off("message", onMessage);
+            resolve({
+              ok: true,
+              responseTimeMs: Date.now() - startedAt,
+              inboundTopic,
+              outboundTopic,
+              sessionId,
+              reply: message
+            });
+          } catch {
+            // Ignore unrelated malformed messages.
+          }
+        };
+
+        client.on("message", onMessage);
+        client.publish(inboundTopic, JSON.stringify(payload), { qos: 1, retain: false }, (error) => {
+          if (error) {
+            clearTimeout(timer);
+            client.off("message", onMessage);
+            reject(serviceUnavailable("发送 ping 失败", {
+              cause: error,
+              responseTimeMs: Date.now() - startedAt
+            }));
+          }
+        });
+      });
+
+      return result;
+    } finally {
+      await new Promise((resolve) => client.end(false, {}, () => resolve()));
+    }
+  }
+}

package/server/src/utils/errors.js

@@ -0,0 +1,36 @@
+export class AppError extends Error {
+  constructor(status, code, message, details) {
+    super(message);
+    this.status = status;
+    this.code = code;
+    this.details = details;
+  }
+}
+
+export function badRequest(message, details) {
+  return new AppError(400, "bad_request", message, details);
+}
+
+export function unauthorized(message = "未授权访问") {
+  return new AppError(401, "unauthorized", message);
+}
+
+export function forbidden(message = "无权限执行此操作") {
+  return new AppError(403, "forbidden", message);
+}
+
+export function notFound(message) {
+  return new AppError(404, "not_found", message);
+}
+
+export function conflict(message, details) {
+  return new AppError(409, "conflict", message, details);
+}
+
+export function internalError(message, details) {
+  return new AppError(500, "internal_error", message, details);
+}
+
+export function serviceUnavailable(message, details) {
+  return new AppError(503, "service_unavailable", message, details);
+}

package/server/src/utils/security.js

@@ -0,0 +1,22 @@
+import { randomBytes, scryptSync, timingSafeEqual } from "node:crypto";
+
+export function hashPassword(password) {
+  const salt = randomBytes(16).toString("hex");
+  const hash = scryptSync(password, salt, 64).toString("hex");
+  return `scrypt$${salt}$${hash}`;
+}
+
+export function verifyPassword(password, storedHash) {
+  if (!storedHash || !storedHash.startsWith("scrypt$")) {
+    return false;
+  }
+
+  const [, salt, expectedHash] = storedHash.split("$");
+  const actualHash = scryptSync(password, salt, 64);
+  const expected = Buffer.from(expectedHash, "hex");
+  return expected.length === actualHash.length && timingSafeEqual(expected, actualHash);
+}
+
+export function newToken() {
+  return randomBytes(32).toString("hex");
+}

package/server/test/agent-service-alignment.test.js

@@ -0,0 +1,316 @@
+import fs from "node:fs";
+import os from "node:os";
+import path from "node:path";
+
+const dataDir = fs.mkdtempSync(path.join(os.tmpdir(), "aios-web-agent-test-"));
+process.env.AIOS_WEB_DATA_DIR = dataDir;
+const { AgentService } = await import("../src/services/agent-service.js");
+
+function createDb(agentRow) {
+  return {
+    prepare(sql) {
+      if (sql.includes("WHERE status = 'normal'")) {
+        return {
+          all: () => [agentRow]
+        };
+      }
+
+      if (sql.includes("SELECT * FROM agents ORDER BY updated_at DESC")) {
+        return {
+          all: () => [agentRow]
+        };
+      }
+
+      if (sql.includes("UPDATE agents") && sql.includes("SET agent_name = ?, status = ?, remote_state_json = ?, updated_at = ?")) {
+        return {
+          run: (agentName, status, remoteStateJson, updatedAt, id) => {
+            if (agentRow.id === id) {
+              agentRow.agent_name = agentName;
+              agentRow.status = status;
+              agentRow.remote_state_json = remoteStateJson;
+              agentRow.updated_at = updatedAt;
+            }
+            return { changes: agentRow.id === id ? 1 : 0 };
+          }
+        };
+      }
+
+      if (sql.includes("SELECT u.id, u.username, u.display_name")) {
+        return {
+          all: () => []
+        };
+      }
+
+      if (sql.includes("SELECT s.slug")) {
+        return {
+          all: () => []
+        };
+      }
+
+      return {
+        get: () => null,
+        all: () => [],
+        run: () => ({ lastInsertRowid: 1 })
+      };
+    }
+  };
+}
+
+it("treats -1 quotas as unlimited when computing health", async () => {
+  const service = new AgentService({
+    db: createDb({
+      id: 1,
+      slug: "agent-a",
+      agent_name: "Agent A",
+      description: "demo",
+      docs_content: "",
+      template_name: "default",
+      status: "normal",
+      tags_json: "[]",
+      daily_limit: -1,
+      usage_snapshot_json: JSON.stringify({
+        usage: {
+          daily: 0,
+          weekly: 0,
+          monthly: 0,
+          total: 0
+        }
+      }),
+      remote_state_json: JSON.stringify({
+        agentId: "agent-a",
+        templateName: "default"
+      }),
+      created_at: "2026-05-26T00:00:00.000Z",
+      updated_at: "2026-05-26T00:00:00.000Z"
+    }),
+    rpcClient: {},
+    objectStorage: {}
+  });
+
+  const [agent] = await service.listAgents();
+  expect(agent.health).toBe("normal");
+  expect(agent.agent_name).toBe("Agent A");
+  expect(agent.usage).toEqual({
+    daily: 0
+  });
+});
+
+it("reports normal health for normal agents", async () => {
+  const service = new AgentService({
+    db: createDb({
+      id: 3,
+      slug: "normal-agent",
+      agent_name: "Normal Agent",
+      description: "",
+      docs_content: "",
+      template_name: "default",
+      status: "normal",
+      tags_json: "[]",
+      daily_limit: -1,
+      usage_snapshot_json: "{}",
+      remote_state_json: "{}",
+      created_at: "2026-05-26T00:00:00.000Z",
+      updated_at: "2026-05-26T00:00:00.000Z"
+    }),
+    rpcClient: {},
+    objectStorage: {}
+  });
+
+  const [agent] = await service.listAgents();
+  expect(agent.health).toBe("normal");
+});
+
+it("rejects setting an over-quota agent back to normal", async () => {
+  const agentRow = {
+    id: 6,
+    slug: "quota-agent",
+    agent_name: "Quota Agent",
+    description: "",
+    docs_content: "",
+    template_name: "default",
+    status: "overlimit",
+    tags_json: "[]",
+    daily_limit: 10,
+    usage_snapshot_json: JSON.stringify({
+      usage: { daily: 12, weekly: 0, monthly: 0, total: 0 }
+    }),
+    remote_state_json: "{}",
+    created_at: "2026-05-26T00:00:00.000Z",
+    updated_at: "2026-05-26T00:00:00.000Z"
+  };
+
+  const db = createDb(agentRow);
+  const service = new AgentService({
+    db: {
+      prepare(sql) {
+        if (sql.includes("SELECT * FROM agents WHERE id = ?")) {
+          return {
+            get: () => agentRow
+          };
+        }
+        return db.prepare(sql);
+      }
+    },
+    rpcClient: {
+      async call() {
+        throw new Error("should not update runtime while quota is exceeded");
+      }
+    },
+    objectStorage: {}
+  });
+
+  await expectAsync(service.updateAgent(6, { status: "normal" })).toBeRejectedWithError(/daily quota exceeded/);
+});
+
+it("finds a single agent by slug", async () => {
+  const service = new AgentService({
+    db: createDb({
+      id: 3,
+      slug: "normal-agent",
+      agent_name: "Normal Agent",
+      description: "",
+      docs_content: "",
+      template_name: "default",
+      status: "normal",
+      tags_json: "[]",
+      daily_limit: -1,
+      usage_snapshot_json: JSON.stringify({
+        usage: { daily: 0, weekly: 0, monthly: 0, total: 0 }
+      }),
+      remote_state_json: JSON.stringify({
+        agentId: "normal-agent",
+        status: "normal"
+      }),
+      created_at: "2026-05-26T00:00:00.000Z",
+      updated_at: "2026-05-26T00:00:00.000Z"
+    }),
+    rpcClient: {},
+    objectStorage: {}
+  });
+
+  const agent = await service.getAgentBySlug("normal-agent");
+  expect(agent.slug).toBe("normal-agent");
+  expect(agent.status).toBe("normal");
+});
+
+it("refreshes a single agent from remote status before returning it", async () => {
+  const service = new AgentService({
+    db: createDb({
+      id: 4,
+      slug: "created-agent",
+      agent_name: "Created Agent",
+      description: "",
+      docs_content: "",
+      template_name: "default",
+      status: "normal",
+      tags_json: "[]",
+      daily_limit: -1,
+      usage_snapshot_json: JSON.stringify({
+        usage: { daily: 0, weekly: 0, monthly: 0, total: 0 }
+      }),
+      remote_state_json: "{}",
+      created_at: "2026-05-26T00:00:00.000Z",
+      updated_at: "2026-05-26T00:00:00.000Z"
+    }),
+    rpcClient: {
+      isConfigured() {
+        return true;
+      },
+      async call(action, params) {
+        if (action === "agent.get") {
+          expect(params).toEqual({ agentId: "created-agent" });
+          return {
+            agentId: "created-agent",
+            name: "Created Agent",
+            status: "active"
+          };
+        }
+        return { ok: true };
+      }
+    },
+    objectStorage: {}
+  });
+
+  const agent = await service.getAgentBySlug("created-agent");
+  expect(agent.status).toBe("normal");
+  expect(agent.remote_state).toEqual({
+    agentId: "created-agent",
+    name: "Created Agent",
+    status: "active"
+  });
+});
+
+it("builds active agent directory for cui consumers", async () => {
+  const service = new AgentService({
+    db: createDb({
+      id: 2,
+      slug: "finance-agent",
+      agent_name: "Finance Agent",
+      description: "",
+      docs_content: "",
+      template_name: "default",
+      status: "normal",
+      tags_json: "[]",
+      daily_limit: -1,
+      usage_snapshot_json: "{}",
+      remote_state_json: JSON.stringify({
+        name: "Finance Agent Remote",
+        inboundTopic: "topic/in",
+        "outbound-topic": "topic/out"
+      }),
+      created_at: "2026-05-26T00:00:00.000Z",
+      updated_at: "2026-05-26T00:00:00.000Z"
+    }),
+    rpcClient: {},
+    objectStorage: {}
+  });
+
+  service.getPermissions = () => ([
+    { username: "zhangsan" },
+    { username: "lisi" }
+  ]);
+
+  const items = await service.listActiveAgentDirectory();
+  expect(items).toEqual([{
+    agent_id: "finance-agent",
+    agent_name: "Finance Agent",
+    status: "normal",
+    inbound_topic: "topic/in",
+    outbound_topic: "topic/out",
+    users: ["zhangsan", "lisi"]
+  }]);
+});
+
+it("only reports daily token usage fields", async () => {
+  const service = new AgentService({
+    db: createDb({
+      id: 5,
+      slug: "usage-agent",
+      agent_name: "Usage Agent",
+      description: "",
+      docs_content: "",
+      template_name: "default",
+      status: "normal",
+      tags_json: "[]",
+      daily_limit: -1,
+      usage_snapshot_json: JSON.stringify({
+        usage: {
+          daily: 12,
+          weekly: 34,
+          month: 5,
+          total: 56
+        }
+      }),
+      remote_state_json: "{}",
+      created_at: "2026-05-26T00:00:00.000Z",
+      updated_at: "2026-05-26T00:00:00.000Z"
+    }),
+    rpcClient: {},
+    objectStorage: {}
+  });
+
+  const [agent] = await service.listAgents();
+  expect(agent.usage).toEqual({
+    daily: 12
+  });
+});