ltcai 1.2.0 → 1.4.0

package/latticeai/services/tool_dispatch.py

@@ -0,0 +1,135 @@
+"""Tool registry, governance, and dispatch helpers.
+
+HTTP routers and the agent runtime share this service so policy checks and
+tool-response shaping are owned outside ``server_app``.
+"""
+
+from __future__ import annotations
+
+from pathlib import Path
+from typing import Any, Callable, Dict, Optional
+
+from fastapi import HTTPException
+
+from latticeai.core.agent import AgentDeps, AgentRuntime
+from latticeai.core.agent_prompts import (
+    CRITIC_PROMPT,
+    EXECUTOR_PROMPT,
+    MEMORY_UPDATER_PROMPT,
+    PLANNER_PROMPT,
+)
+from latticeai.core.tool_registry import ToolPermission, ToolPolicy
+from tools import AGENT_ROOT, DEFAULT_TOOL_REGISTRY, ToolError, ensure_agent_root
+
+
+_load_users: Callable[[], Dict[str, Any]] = lambda: {}
+_get_user_role: Callable[..., str] = lambda _email, _users=None: "user"
+
+FILE_CREATE_ACTIONS = set(DEFAULT_TOOL_REGISTRY.file_create_actions)
+TOOL_GOVERNANCE: Dict[str, ToolPolicy] = dict(DEFAULT_TOOL_REGISTRY.governance)
+TOOL_GOVERNANCE_DEFAULT: ToolPolicy = DEFAULT_TOOL_REGISTRY.default_policy
+ADMIN_ONLY_TOOLS: frozenset[str] = DEFAULT_TOOL_REGISTRY.admin_only_tools
+LOCAL_WRITE_BLOCKED_PREFIXES = DEFAULT_TOOL_REGISTRY.local_write_blocked_prefixes
+RISK_LEVEL_MAP = DEFAULT_TOOL_REGISTRY.risk_level_map
+
+
+def configure_tool_dispatch(
+    *,
+    load_users: Callable[[], Dict[str, Any]],
+    get_user_role: Callable[..., str],
+) -> None:
+    global _load_users, _get_user_role
+    _load_users = load_users
+    _get_user_role = get_user_role
+
+
+def agent_policy(action_name: str, args: dict) -> ToolPolicy:
+    return DEFAULT_TOOL_REGISTRY.policy_for(action_name, args)
+
+
+def agent_risk(action_name: str, args: dict) -> str:
+    return DEFAULT_TOOL_REGISTRY.risk_level(action_name, args)
+
+
+def get_tool_permission(name: str, args: Optional[dict] = None) -> ToolPermission:
+    return DEFAULT_TOOL_REGISTRY.permission(name, args or {})
+
+
+def list_tool_permissions() -> list:
+    return DEFAULT_TOOL_REGISTRY.permissions()
+
+
+def check_tool_role(tool_name: str, current_user: str) -> None:
+    if tool_name not in ADMIN_ONLY_TOOLS:
+        return
+    users = _load_users()
+    if _get_user_role(current_user, users) != "admin":
+        raise HTTPException(
+            status_code=403,
+            detail=f"'{tool_name}' 툴은 관리자 전용입니다.",
+        )
+
+
+def collect_created_files(transcript: list) -> list:
+    files = []
+    for step in transcript:
+        if step.get("action") in FILE_CREATE_ACTIONS:
+            result = step.get("result", {})
+            if isinstance(result.get("created_files"), list):
+                for rel_path in result["created_files"]:
+                    files.append({
+                        "path": rel_path,
+                        "filename": Path(rel_path).name,
+                        "bytes": 0,
+                        "action": step["action"],
+                    })
+                continue
+            path = result.get("path")
+            if path:
+                files.append({
+                    "path": path,
+                    "filename": Path(path).name,
+                    "bytes": result.get("bytes", 0),
+                    "action": step["action"],
+                })
+    return files
+
+
+def build_agent_runtime(
+    *,
+    model_router: Any,
+    execute_tool: Callable[..., Dict[str, Any]],
+    recent_chat_context: Callable[..., str],
+    clear_history: Callable[[int], Dict[str, Any]],
+    knowledge_save: Callable[..., Dict[str, Any]],
+    audit: Callable[..., None],
+) -> AgentRuntime:
+    ensure_agent_root()
+    deps = AgentDeps(
+        generate_as=model_router.generate_as,
+        generate=model_router.generate,
+        execute_tool=execute_tool,
+        policy_for=agent_policy,
+        risk_level=lambda policy: RISK_LEVEL_MAP.get(policy["risk"], "medium"),
+        check_role=check_tool_role,
+        tool_governance=TOOL_GOVERNANCE,
+        file_create_actions=frozenset(FILE_CREATE_ACTIONS),
+        recent_chat_context=recent_chat_context,
+        clear_history=clear_history,
+        knowledge_save=knowledge_save,
+        audit=audit,
+        planner_prompt=PLANNER_PROMPT,
+        executor_prompt=EXECUTOR_PROMPT,
+        critic_prompt=CRITIC_PROMPT,
+        memory_updater_prompt=MEMORY_UPDATER_PROMPT,
+        agent_root=AGENT_ROOT,
+    )
+    return AgentRuntime(deps)
+
+
+def tool_response(fn, *args):
+    try:
+        return {"status": "ok", "workspace": str(AGENT_ROOT), "result": fn(*args)}
+    except ToolError as exc:
+        raise HTTPException(status_code=400, detail=str(exc))
+

package/latticeai/services/upload_service.py

@@ -0,0 +1,99 @@
+"""Document upload parsing, safety checks, and knowledge-graph ingestion."""
+
+from __future__ import annotations
+
+import logging
+import tempfile
+from datetime import datetime
+from pathlib import Path
+
+from fastapi import HTTPException, Request, UploadFile
+
+from tools import ToolError, read_document
+
+
+async def process_uploaded_document(
+    *,
+    request: Request,
+    file: UploadFile,
+    current_user: str,
+    enable_graph: bool,
+    knowledge_graph,
+    bytes_match_extension,
+    classify_sensitive_message,
+    append_audit_event,
+    enforce_rate_limit,
+) -> dict:
+    enforce_rate_limit(current_user, "upload")
+    suffix = Path(file.filename or "upload").suffix.lower()
+    allowed = {".pdf", ".docx", ".xlsx", ".pptx", ".txt", ".md", ".csv"}
+    if suffix not in allowed:
+        raise HTTPException(status_code=400, detail=f"지원하지 않는 형식: {suffix}")
+
+    contents = await file.read()
+    if len(contents) > 10 * 1024 * 1024:
+        raise HTTPException(status_code=400, detail="파일이 너무 큽니다. 최대 10MB.")
+    if not bytes_match_extension(contents, suffix):
+        raise HTTPException(status_code=400, detail=f"파일 내용이 확장자({suffix})와 일치하지 않습니다.")
+
+    with tempfile.NamedTemporaryFile(suffix=suffix, delete=False) as tmp:
+        tmp.write(contents)
+        tmp_path = tmp.name
+
+    try:
+        result = read_document(tmp_path)
+        sensitive = classify_sensitive_message(
+            {
+                "role": "document",
+                "content": result.get("content") or result.get("preview") or "",
+                "user_email": current_user,
+                "timestamp": datetime.now().isoformat(),
+            },
+            -1,
+        )
+        try:
+            if not (enable_graph and knowledge_graph):
+                raise RuntimeError("graph disabled")
+            graph_result = knowledge_graph.ingest_document(
+                Path(tmp_path),
+                original_filename=file.filename,
+                mime_type=file.content_type,
+                uploader=current_user,
+                conversation_id=request.query_params.get("conversation_id"),
+                extracted=result,
+            )
+            result["knowledge_graph"] = {
+                "node_id": graph_result["node_id"],
+                "sha256": graph_result["sha256"],
+            }
+        except Exception as graph_error:
+            logging.warning("knowledge graph document ingest failed: %s", graph_error)
+            result["knowledge_graph"] = {"error": str(graph_error)}
+
+        append_audit_event(
+            "document_upload",
+            user_email=current_user,
+            conversation_id=request.query_params.get("conversation_id"),
+            filename=file.filename,
+            mime_type=file.content_type,
+            ext=suffix,
+            bytes=len(contents),
+            extracted_chars=result.get("chars"),
+            graph_node=(result.get("knowledge_graph") or {}).get("node_id"),
+            content_preview=sensitive.get("preview"),
+            sensitivity=sensitive.get("sensitivity"),
+            sensitive_labels=sensitive.get("labels") or [],
+        )
+    except ToolError as exc:
+        raise HTTPException(status_code=400, detail=str(exc))
+    finally:
+        try:
+            Path(tmp_path).unlink()
+        except OSError:
+            pass
+
+    result["original_filename"] = file.filename
+    return result
+
+
+__all__ = ["process_uploaded_document"]

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "ltcai",
-  "version": "1.2.0",
+  "version": "1.4.0",
   "description": "Lattice AI Workspace OS for local-first graph, memory, agent, workflow, and skill operations",
   "homepage": "https://github.com/TaeSooPark-PTS/LatticeAI#readme",
   "repository": {
@@ -19,12 +19,12 @@
     "dev": "python3 ltcai_cli.py --reload",
     "build": "npm run build:python",
     "build:python": "python3 -m build",
-    "check:python": "python3 -m py_compile ltcai_cli.py server.py latticeai/server_app.py latticeai/core/tool_registry.py latticeai/core/agent_prompts.py latticeai/core/workspace_os.py knowledge_graph.py knowledge_graph_api.py local_knowledge_api.py llm_router.py p_reinforce.py telegram_bot.py tools.py codex_telegram_bot.py",
+    "check:python": "python3 -m py_compile ltcai_cli.py server.py latticeai/server_app.py latticeai/api/chat.py latticeai/api/computer_use.py latticeai/api/deps.py latticeai/api/garden.py latticeai/api/local_files.py latticeai/api/permissions.py latticeai/api/setup.py latticeai/api/static_routes.py latticeai/api/tools.py latticeai/services/app_context.py latticeai/services/model_runtime.py latticeai/services/tool_dispatch.py latticeai/services/upload_service.py latticeai/core/tool_registry.py latticeai/core/agent_prompts.py latticeai/core/workspace_os.py knowledge_graph.py knowledge_graph_api.py local_knowledge_api.py llm_router.py p_reinforce.py telegram_bot.py tools.py codex_telegram_bot.py",
     "test": "python3 -m pytest tests/ -v",
     "test:unit": "python3 -m pytest tests/unit/ -v",
     "test:integration": "python3 -m pytest tests/integration/ -v",
     "publish:npm": "npm publish --access public",
-    "publish:pypi": "python3 -m twine upload --skip-existing dist/*.tar.gz dist/*.whl"
+    "publish:pypi": "python3 -m twine upload --skip-existing dist/ltcai-$npm_package_version.tar.gz dist/ltcai-$npm_package_version-py3-none-any.whl"
   },
   "keywords": [
     "ltcai",

package/skills/SKILL_TEMPLATE.md

@@ -1,7 +1,7 @@
 # Skill: <name>
 
 ## 메타데이터
-- **버전**: 0.1.0
+- **버전**: 1.4.0
 - **카테고리**: coding | data | document | web | system | analysis
 - **위험도**: low | medium | high
 - **필요 권한**: none | local_read | local_write | exec | network | admin

package/skills/code_review/SKILL.md

@@ -1,7 +1,7 @@
 # Skill: code_review
 
 ## 메타데이터
-- **버전**: 0.1.0
+- **버전**: 1.4.0
 - **카테고리**: coding
 - **위험도**: low
 - **필요 권한**: local_read

package/skills/data_analysis/SKILL.md

@@ -1,7 +1,7 @@
 # Skill: data_analysis
 
 ## 메타데이터
-- **버전**: 0.1.0
+- **버전**: 1.4.0
 - **카테고리**: data
 - **위험도**: low
 - **필요 권한**: local_read

package/skills/file_edit/SKILL.md

@@ -1,7 +1,7 @@
 # Skill: file_edit
 
 ## 메타데이터
-- **버전**: 0.1.0
+- **버전**: 1.4.0
 - **카테고리**: system
 - **위험도**: medium
 - **필요 권한**: local_write

package/skills/summarize_document/SKILL.md

@@ -1,7 +1,7 @@
 # Skill: summarize_document
 
 ## 메타데이터
-- **버전**: 0.1.0
+- **버전**: 1.4.0
 - **카테고리**: document
 - **위험도**: low
 - **필요 권한**: local_read

package/skills/web_search/SKILL.md

@@ -1,7 +1,7 @@
 # Skill: web_search
 
 ## 메타데이터
-- **버전**: 0.1.0
+- **버전**: 1.4.0
 - **카테고리**: web
 - **위험도**: low
 - **필요 권한**: none