2025-11-21 23:23:53 -03:00
|
|
|
use crate::shared::models::UserSession;
|
|
|
|
|
use crate::shared::state::AppState;
|
|
|
|
|
use diesel::prelude::*;
|
|
|
|
|
use log::{error, trace, warn};
|
|
|
|
|
use rhai::{Dynamic, Engine};
|
|
|
|
|
use std::sync::Arc;
|
|
|
|
|
use uuid::Uuid;
|
|
|
|
|
pub fn use_tool_keyword(state: Arc<AppState>, user: UserSession, engine: &mut Engine) {
|
|
|
|
|
let state_clone = Arc::clone(&state);
|
2025-12-26 08:59:25 -03:00
|
|
|
let user_clone = user;
|
2025-12-23 18:40:58 -03:00
|
|
|
|
2025-11-21 23:23:53 -03:00
|
|
|
engine
|
2025-12-26 08:59:25 -03:00
|
|
|
.register_custom_syntax(["USE", "TOOL", "$expr$"], false, move |context, inputs| {
|
2025-11-21 23:23:53 -03:00
|
|
|
let tool_path = context.eval_expression_tree(&inputs[0])?;
|
|
|
|
|
let tool_path_str = tool_path.to_string().trim_matches('"').to_string();
|
|
|
|
|
trace!(
|
Looking at this diff, I can see it's a comprehensive documentation
update and code refactoring focused on:
1. Adding new documentation pages to the table of contents
2. Restructuring the bot templates documentation
3. Changing keyword syntax from underscore format to space format (e.g.,
`SET_BOT_MEMORY` → `SET BOT MEMORY`)
4. Updating compiler and keyword registration to support the new
space-based syntax
5. Adding new keyword modules (social media, lead scoring, templates,
etc.)
Refactor BASIC keywords to use spaces instead of underscores
Change keyword syntax from underscore format (SET_BOT_MEMORY) to more
natural space-separated format (SET BOT MEMORY) throughout the codebase.
Key changes:
- Update Rhai custom syntax registration to use space tokens
- Simplify compiler preprocessing (fewer replacements needed)
- Update all template .bas files to use new syntax
- Expand documentation with consolidated examples and new sections
- Add new keyword modules: social_media, lead_scoring, send_template,
core_functions, qrcode, sms, procedures, import_export, llm_macros,
on_form_submit
2025-11-30 10:53:59 -03:00
|
|
|
"USE TOOL command executed: {} for session: {}",
|
2025-11-21 23:23:53 -03:00
|
|
|
tool_path_str,
|
|
|
|
|
user_clone.id
|
|
|
|
|
);
|
|
|
|
|
let tool_name = tool_path_str
|
|
|
|
|
.strip_prefix(".gbdialog/")
|
|
|
|
|
.unwrap_or(&tool_path_str)
|
|
|
|
|
.strip_suffix(".bas")
|
|
|
|
|
.unwrap_or(&tool_path_str)
|
|
|
|
|
.to_string();
|
|
|
|
|
if tool_name.is_empty() {
|
|
|
|
|
return Err(Box::new(rhai::EvalAltResult::ErrorRuntime(
|
|
|
|
|
"Invalid tool name".into(),
|
|
|
|
|
rhai::Position::NONE,
|
|
|
|
|
)));
|
|
|
|
|
}
|
|
|
|
|
let state_for_task = Arc::clone(&state_clone);
|
|
|
|
|
let user_for_task = user_clone.clone();
|
2025-12-26 08:59:25 -03:00
|
|
|
let tool_name_for_task = tool_name;
|
2025-11-21 23:23:53 -03:00
|
|
|
let (tx, rx) = std::sync::mpsc::channel();
|
|
|
|
|
std::thread::spawn(move || {
|
|
|
|
|
let rt = tokio::runtime::Builder::new_multi_thread()
|
|
|
|
|
.worker_threads(2)
|
|
|
|
|
.enable_all()
|
|
|
|
|
.build();
|
feat(autotask): Implement AutoTask system with intent classification and app generation
- Add IntentClassifier with 7 intent types (APP_CREATE, TODO, MONITOR, ACTION, SCHEDULE, GOAL, TOOL)
- Add AppGenerator with LLM-powered app structure analysis
- Add DesignerAI for modifying apps through conversation
- Add app_server for serving generated apps with clean URLs
- Add db_api for CRUD operations on bot database tables
- Add ask_later keyword for pending info collection
- Add migration 6.1.1 with tables: pending_info, auto_tasks, execution_plans, task_approvals, task_decisions, safety_audit_log, generated_apps, intent_classifications, designer_changes
- Write apps to S3 drive and sync to SITE_ROOT for serving
- Clean URL structure: /apps/{app_name}/
- Integrate with DriveMonitor for file sync
Based on Chapter 17 - Autonomous Tasks specification
2025-12-27 21:10:09 -03:00
|
|
|
let send_err = if let Ok(_rt) = rt {
|
|
|
|
|
let result = associate_tool_with_session(
|
|
|
|
|
&state_for_task,
|
|
|
|
|
&user_for_task,
|
|
|
|
|
&tool_name_for_task,
|
|
|
|
|
);
|
2025-11-21 23:23:53 -03:00
|
|
|
tx.send(result).err()
|
|
|
|
|
} else {
|
|
|
|
|
tx.send(Err("Failed to build tokio runtime".to_string()))
|
|
|
|
|
.err()
|
|
|
|
|
};
|
|
|
|
|
if send_err.is_some() {
|
|
|
|
|
error!("Failed to send result from thread");
|
|
|
|
|
}
|
|
|
|
|
});
|
|
|
|
|
match rx.recv_timeout(std::time::Duration::from_secs(10)) {
|
|
|
|
|
Ok(Ok(message)) => Ok(Dynamic::from(message)),
|
|
|
|
|
Ok(Err(e)) => Err(Box::new(rhai::EvalAltResult::ErrorRuntime(
|
|
|
|
|
e.into(),
|
|
|
|
|
rhai::Position::NONE,
|
|
|
|
|
))),
|
|
|
|
|
Err(std::sync::mpsc::RecvTimeoutError::Timeout) => {
|
|
|
|
|
Err(Box::new(rhai::EvalAltResult::ErrorRuntime(
|
Looking at this diff, I can see it's a comprehensive documentation
update and code refactoring focused on:
1. Adding new documentation pages to the table of contents
2. Restructuring the bot templates documentation
3. Changing keyword syntax from underscore format to space format (e.g.,
`SET_BOT_MEMORY` → `SET BOT MEMORY`)
4. Updating compiler and keyword registration to support the new
space-based syntax
5. Adding new keyword modules (social media, lead scoring, templates,
etc.)
Refactor BASIC keywords to use spaces instead of underscores
Change keyword syntax from underscore format (SET_BOT_MEMORY) to more
natural space-separated format (SET BOT MEMORY) throughout the codebase.
Key changes:
- Update Rhai custom syntax registration to use space tokens
- Simplify compiler preprocessing (fewer replacements needed)
- Update all template .bas files to use new syntax
- Expand documentation with consolidated examples and new sections
- Add new keyword modules: social_media, lead_scoring, send_template,
core_functions, qrcode, sms, procedures, import_export, llm_macros,
on_form_submit
2025-11-30 10:53:59 -03:00
|
|
|
"USE TOOL timed out".into(),
|
2025-11-21 23:23:53 -03:00
|
|
|
rhai::Position::NONE,
|
|
|
|
|
)))
|
|
|
|
|
}
|
|
|
|
|
Err(e) => Err(Box::new(rhai::EvalAltResult::ErrorRuntime(
|
Looking at this diff, I can see it's a comprehensive documentation
update and code refactoring focused on:
1. Adding new documentation pages to the table of contents
2. Restructuring the bot templates documentation
3. Changing keyword syntax from underscore format to space format (e.g.,
`SET_BOT_MEMORY` → `SET BOT MEMORY`)
4. Updating compiler and keyword registration to support the new
space-based syntax
5. Adding new keyword modules (social media, lead scoring, templates,
etc.)
Refactor BASIC keywords to use spaces instead of underscores
Change keyword syntax from underscore format (SET_BOT_MEMORY) to more
natural space-separated format (SET BOT MEMORY) throughout the codebase.
Key changes:
- Update Rhai custom syntax registration to use space tokens
- Simplify compiler preprocessing (fewer replacements needed)
- Update all template .bas files to use new syntax
- Expand documentation with consolidated examples and new sections
- Add new keyword modules: social_media, lead_scoring, send_template,
core_functions, qrcode, sms, procedures, import_export, llm_macros,
on_form_submit
2025-11-30 10:53:59 -03:00
|
|
|
format!("USE TOOL failed: {}", e).into(),
|
2025-11-21 23:23:53 -03:00
|
|
|
rhai::Position::NONE,
|
|
|
|
|
))),
|
|
|
|
|
}
|
|
|
|
|
})
|
feat(security): Complete security infrastructure implementation
SECURITY MODULES ADDED:
- security/auth.rs: Full RBAC with roles (Anonymous, User, Moderator, Admin, SuperAdmin, Service, Bot, BotOwner, BotOperator, BotViewer) and permissions
- security/cors.rs: Hardened CORS (no wildcard in production, env-based config)
- security/panic_handler.rs: Panic catching middleware with safe 500 responses
- security/path_guard.rs: Path traversal protection, null byte prevention
- security/request_id.rs: UUID request tracking with correlation IDs
- security/error_sanitizer.rs: Sensitive data redaction from responses
- security/zitadel_auth.rs: Zitadel token introspection and role mapping
- security/sql_guard.rs: SQL injection prevention with table whitelist
- security/command_guard.rs: Command injection prevention
- security/secrets.rs: Zeroizing secret management
- security/validation.rs: Input validation utilities
- security/rate_limiter.rs: Rate limiting with governor crate
- security/headers.rs: Security headers (CSP, HSTS, X-Frame-Options)
MAIN.RS UPDATES:
- Replaced tower_http::cors::Any with hardened create_cors_layer()
- Added panic handler middleware
- Added request ID tracking middleware
- Set global panic hook
SECURITY STATUS:
- 0 unwrap() in production code
- 0 panic! in production code
- 0 unsafe blocks
- cargo audit: PASS (no vulnerabilities)
- Estimated completion: ~98%
Remaining: Wire auth middleware to handlers, audit logs for sensitive data
2025-12-28 19:29:18 -03:00
|
|
|
.expect("valid syntax registration");
|
2025-11-21 23:23:53 -03:00
|
|
|
}
|
feat(autotask): Implement AutoTask system with intent classification and app generation
- Add IntentClassifier with 7 intent types (APP_CREATE, TODO, MONITOR, ACTION, SCHEDULE, GOAL, TOOL)
- Add AppGenerator with LLM-powered app structure analysis
- Add DesignerAI for modifying apps through conversation
- Add app_server for serving generated apps with clean URLs
- Add db_api for CRUD operations on bot database tables
- Add ask_later keyword for pending info collection
- Add migration 6.1.1 with tables: pending_info, auto_tasks, execution_plans, task_approvals, task_decisions, safety_audit_log, generated_apps, intent_classifications, designer_changes
- Write apps to S3 drive and sync to SITE_ROOT for serving
- Clean URL structure: /apps/{app_name}/
- Integrate with DriveMonitor for file sync
Based on Chapter 17 - Autonomous Tasks specification
2025-12-27 21:10:09 -03:00
|
|
|
fn associate_tool_with_session(
|
2025-11-21 23:23:53 -03:00
|
|
|
state: &AppState,
|
|
|
|
|
user: &UserSession,
|
|
|
|
|
tool_name: &str,
|
|
|
|
|
) -> Result<String, String> {
|
|
|
|
|
use crate::shared::models::schema::{basic_tools, session_tool_associations};
|
|
|
|
|
let mut conn = state.conn.get().map_err(|e| format!("DB error: {}", e))?;
|
|
|
|
|
let tool_exists: Result<bool, diesel::result::Error> = basic_tools::table
|
|
|
|
|
.filter(basic_tools::bot_id.eq(user.bot_id.to_string()))
|
|
|
|
|
.filter(basic_tools::tool_name.eq(tool_name))
|
|
|
|
|
.filter(basic_tools::is_active.eq(1))
|
|
|
|
|
.select(diesel::dsl::count(basic_tools::id))
|
|
|
|
|
.first::<i64>(&mut *conn)
|
|
|
|
|
.map(|count| count > 0);
|
|
|
|
|
match tool_exists {
|
|
|
|
|
Ok(true) => {
|
|
|
|
|
trace!(
|
|
|
|
|
"Tool '{}' exists and is active for bot '{}'",
|
|
|
|
|
tool_name,
|
|
|
|
|
user.bot_id
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
Ok(false) => {
|
|
|
|
|
warn!(
|
|
|
|
|
"Tool '{}' does not exist or is not active for bot '{}'",
|
|
|
|
|
tool_name, user.bot_id
|
|
|
|
|
);
|
|
|
|
|
return Err(format!(
|
|
|
|
|
"Tool '{}' is not available. Make sure the tool file is compiled and active.",
|
|
|
|
|
tool_name
|
|
|
|
|
));
|
|
|
|
|
}
|
|
|
|
|
Err(e) => {
|
|
|
|
|
error!("Failed to check tool existence: {}", e);
|
|
|
|
|
return Err(format!("Database error while checking tool: {}", e));
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
let association_id = Uuid::new_v4().to_string();
|
|
|
|
|
let session_id_str = user.id.to_string();
|
|
|
|
|
let added_at = chrono::Utc::now().to_rfc3339();
|
|
|
|
|
let insert_result: Result<usize, diesel::result::Error> =
|
|
|
|
|
diesel::insert_into(session_tool_associations::table)
|
|
|
|
|
.values((
|
|
|
|
|
session_tool_associations::id.eq(&association_id),
|
|
|
|
|
session_tool_associations::session_id.eq(&session_id_str),
|
|
|
|
|
session_tool_associations::tool_name.eq(tool_name),
|
|
|
|
|
session_tool_associations::added_at.eq(&added_at),
|
|
|
|
|
))
|
|
|
|
|
.on_conflict((
|
|
|
|
|
session_tool_associations::session_id,
|
|
|
|
|
session_tool_associations::tool_name,
|
|
|
|
|
))
|
|
|
|
|
.do_nothing()
|
|
|
|
|
.execute(&mut *conn);
|
|
|
|
|
match insert_result {
|
|
|
|
|
Ok(rows_affected) => {
|
|
|
|
|
if rows_affected > 0 {
|
|
|
|
|
trace!(
|
|
|
|
|
"Tool '{}' newly associated with session '{}' (user: {}, bot: {})",
|
|
|
|
|
tool_name,
|
|
|
|
|
user.id,
|
|
|
|
|
user.user_id,
|
|
|
|
|
user.bot_id
|
|
|
|
|
);
|
|
|
|
|
Ok(format!(
|
|
|
|
|
"Tool '{}' is now available in this conversation",
|
|
|
|
|
tool_name
|
|
|
|
|
))
|
|
|
|
|
} else {
|
|
|
|
|
trace!(
|
|
|
|
|
"Tool '{}' was already associated with session '{}'",
|
|
|
|
|
tool_name,
|
|
|
|
|
user.id
|
|
|
|
|
);
|
|
|
|
|
Ok(format!(
|
|
|
|
|
"Tool '{}' is already available in this conversation",
|
|
|
|
|
tool_name
|
|
|
|
|
))
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
Err(e) => {
|
|
|
|
|
error!(
|
|
|
|
|
"Failed to associate tool '{}' with session '{}': {}",
|
|
|
|
|
tool_name, user.id, e
|
|
|
|
|
);
|
|
|
|
|
Err(format!("Failed to add tool to session: {}", e))
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
pub fn get_session_tools(
|
|
|
|
|
conn: &mut PgConnection,
|
|
|
|
|
session_id: &Uuid,
|
|
|
|
|
) -> Result<Vec<String>, diesel::result::Error> {
|
|
|
|
|
use crate::shared::models::schema::session_tool_associations;
|
|
|
|
|
let session_id_str = session_id.to_string();
|
|
|
|
|
session_tool_associations::table
|
|
|
|
|
.filter(session_tool_associations::session_id.eq(&session_id_str))
|
|
|
|
|
.select(session_tool_associations::tool_name)
|
|
|
|
|
.load::<String>(conn)
|
|
|
|
|
}
|
|
|
|
|
pub fn clear_session_tools(
|
|
|
|
|
conn: &mut PgConnection,
|
|
|
|
|
session_id: &Uuid,
|
|
|
|
|
) -> Result<usize, diesel::result::Error> {
|
|
|
|
|
use crate::shared::models::schema::session_tool_associations;
|
|
|
|
|
let session_id_str = session_id.to_string();
|
|
|
|
|
diesel::delete(
|
|
|
|
|
session_tool_associations::table
|
|
|
|
|
.filter(session_tool_associations::session_id.eq(&session_id_str)),
|
|
|
|
|
)
|
|
|
|
|
.execute(conn)
|
|
|
|
|
}
|