feat(antigravity): 自动设置隐私并支持后台手动重试
新增 Antigravity OAuth 隐私设置能力,在账号创建、刷新、导入和后台 Token 刷新路径自动调用 setUserSettings + fetchUserInfo 关闭遥测; 持久化后同步内存 Extra,错误处理改为日志记录。 Made-with: Cursor
This commit is contained in:
@@ -65,6 +65,10 @@ type AdminService interface {
|
||||
SetAccountError(ctx context.Context, id int64, errorMsg string) error
|
||||
// EnsureOpenAIPrivacy 检查 OpenAI OAuth 账号 privacy_mode,未设置则尝试关闭训练数据共享并持久化。
|
||||
EnsureOpenAIPrivacy(ctx context.Context, account *Account) string
|
||||
// EnsureAntigravityPrivacy 检查 Antigravity OAuth 账号 privacy_mode,未设置则调用 setUserSettings 并持久化。
|
||||
EnsureAntigravityPrivacy(ctx context.Context, account *Account) string
|
||||
// ForceAntigravityPrivacy 强制重新设置 Antigravity OAuth 账号隐私,无论当前状态。
|
||||
ForceAntigravityPrivacy(ctx context.Context, account *Account) string
|
||||
SetAccountSchedulable(ctx context.Context, id int64, schedulable bool) (*Account, error)
|
||||
BulkUpdateAccounts(ctx context.Context, input *BulkUpdateAccountsInput) (*BulkUpdateAccountsResult, error)
|
||||
CheckMixedChannelRisk(ctx context.Context, currentAccountID int64, currentAccountPlatform string, groupIDs []int64) error
|
||||
@@ -2661,3 +2665,79 @@ func (s *adminServiceImpl) EnsureOpenAIPrivacy(ctx context.Context, account *Acc
|
||||
_ = s.accountRepo.UpdateExtra(ctx, account.ID, map[string]any{"privacy_mode": mode})
|
||||
return mode
|
||||
}
|
||||
|
||||
// EnsureAntigravityPrivacy 检查 Antigravity OAuth 账号隐私状态。
|
||||
// 如果 Extra["privacy_mode"] 已存在(无论成功或失败),直接跳过。
|
||||
// 仅对从未设置过隐私的账号执行 setUserSettings + fetchUserInfo 流程。
|
||||
// 用户可通过前端 ForceAntigravityPrivacy(SetPrivacy 按钮)强制重新设置。
|
||||
func (s *adminServiceImpl) EnsureAntigravityPrivacy(ctx context.Context, account *Account) string {
|
||||
if account.Platform != PlatformAntigravity || account.Type != AccountTypeOAuth {
|
||||
return ""
|
||||
}
|
||||
// 已设置过则跳过(无论成功或失败),用户可通过 Force 手动重试
|
||||
if account.Extra != nil {
|
||||
if existing, ok := account.Extra["privacy_mode"].(string); ok && existing != "" {
|
||||
return existing
|
||||
}
|
||||
}
|
||||
|
||||
token, _ := account.Credentials["access_token"].(string)
|
||||
if token == "" {
|
||||
return ""
|
||||
}
|
||||
|
||||
projectID, _ := account.Credentials["project_id"].(string)
|
||||
|
||||
var proxyURL string
|
||||
if account.ProxyID != nil {
|
||||
if p, err := s.proxyRepo.GetByID(ctx, *account.ProxyID); err == nil && p != nil {
|
||||
proxyURL = p.URL()
|
||||
}
|
||||
}
|
||||
|
||||
mode := setAntigravityPrivacy(ctx, token, projectID, proxyURL)
|
||||
if mode == "" {
|
||||
return ""
|
||||
}
|
||||
|
||||
if err := s.accountRepo.UpdateExtra(ctx, account.ID, map[string]any{"privacy_mode": mode}); err != nil {
|
||||
logger.LegacyPrintf("service.admin", "update_antigravity_privacy_mode_failed: account_id=%d err=%v", account.ID, err)
|
||||
return mode
|
||||
}
|
||||
applyAntigravityPrivacyMode(account, mode)
|
||||
return mode
|
||||
}
|
||||
|
||||
// ForceAntigravityPrivacy 强制重新设置 Antigravity OAuth 账号隐私,无论当前状态。
|
||||
func (s *adminServiceImpl) ForceAntigravityPrivacy(ctx context.Context, account *Account) string {
|
||||
if account.Platform != PlatformAntigravity || account.Type != AccountTypeOAuth {
|
||||
return ""
|
||||
}
|
||||
|
||||
token, _ := account.Credentials["access_token"].(string)
|
||||
if token == "" {
|
||||
return ""
|
||||
}
|
||||
|
||||
projectID, _ := account.Credentials["project_id"].(string)
|
||||
|
||||
var proxyURL string
|
||||
if account.ProxyID != nil {
|
||||
if p, err := s.proxyRepo.GetByID(ctx, *account.ProxyID); err == nil && p != nil {
|
||||
proxyURL = p.URL()
|
||||
}
|
||||
}
|
||||
|
||||
mode := setAntigravityPrivacy(ctx, token, projectID, proxyURL)
|
||||
if mode == "" {
|
||||
return ""
|
||||
}
|
||||
|
||||
if err := s.accountRepo.UpdateExtra(ctx, account.ID, map[string]any{"privacy_mode": mode}); err != nil {
|
||||
logger.LegacyPrintf("service.admin", "force_update_antigravity_privacy_mode_failed: account_id=%d err=%v", account.ID, err)
|
||||
return mode
|
||||
}
|
||||
applyAntigravityPrivacyMode(account, mode)
|
||||
return mode
|
||||
}
|
||||
|
||||
|
||||
81
backend/internal/service/antigravity_privacy_service.go
Normal file
81
backend/internal/service/antigravity_privacy_service.go
Normal file
@@ -0,0 +1,81 @@
|
||||
package service
|
||||
|
||||
import (
|
||||
"context"
|
||||
"log/slog"
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
"github.com/Wei-Shaw/sub2api/internal/pkg/antigravity"
|
||||
)
|
||||
|
||||
const (
|
||||
AntigravityPrivacySet = "privacy_set"
|
||||
AntigravityPrivacyFailed = "privacy_set_failed"
|
||||
)
|
||||
|
||||
// setAntigravityPrivacy 调用 Antigravity API 设置隐私并验证结果。
|
||||
// 流程:
|
||||
// 1. setUserSettings 清空设置 → 检查返回值 {"userSettings":{}}
|
||||
// 2. fetchUserInfo 二次验证隐私是否已生效(需要 project_id)
|
||||
//
|
||||
// 返回 privacy_mode 值:"privacy_set" 成功,"privacy_set_failed" 失败,空串表示无法执行。
|
||||
func setAntigravityPrivacy(ctx context.Context, accessToken, projectID, proxyURL string) string {
|
||||
if accessToken == "" {
|
||||
return ""
|
||||
}
|
||||
|
||||
ctx, cancel := context.WithTimeout(ctx, 10*time.Second)
|
||||
defer cancel()
|
||||
|
||||
client, err := antigravity.NewClient(proxyURL)
|
||||
if err != nil {
|
||||
slog.Warn("antigravity_privacy_client_error", "error", err.Error())
|
||||
return AntigravityPrivacyFailed
|
||||
}
|
||||
|
||||
// 第 1 步:调用 setUserSettings,检查返回值
|
||||
setResp, err := client.SetUserSettings(ctx, accessToken)
|
||||
if err != nil {
|
||||
slog.Warn("antigravity_privacy_set_failed", "error", err.Error())
|
||||
return AntigravityPrivacyFailed
|
||||
}
|
||||
if !setResp.IsSuccess() {
|
||||
slog.Warn("antigravity_privacy_set_response_not_empty",
|
||||
"user_settings", setResp.UserSettings,
|
||||
)
|
||||
return AntigravityPrivacyFailed
|
||||
}
|
||||
|
||||
// 第 2 步:调用 fetchUserInfo 二次验证隐私是否已生效
|
||||
if strings.TrimSpace(projectID) == "" {
|
||||
slog.Warn("antigravity_privacy_missing_project_id")
|
||||
return AntigravityPrivacyFailed
|
||||
}
|
||||
userInfo, err := client.FetchUserInfo(ctx, accessToken, projectID)
|
||||
if err != nil {
|
||||
slog.Warn("antigravity_privacy_verify_failed", "error", err.Error())
|
||||
return AntigravityPrivacyFailed
|
||||
}
|
||||
if !userInfo.IsPrivate() {
|
||||
slog.Warn("antigravity_privacy_verify_not_private",
|
||||
"user_settings", userInfo.UserSettings,
|
||||
)
|
||||
return AntigravityPrivacyFailed
|
||||
}
|
||||
|
||||
slog.Info("antigravity_privacy_set_success")
|
||||
return AntigravityPrivacySet
|
||||
}
|
||||
|
||||
func applyAntigravityPrivacyMode(account *Account, mode string) {
|
||||
if account == nil || strings.TrimSpace(mode) == "" {
|
||||
return
|
||||
}
|
||||
extra := make(map[string]any, len(account.Extra)+1)
|
||||
for k, v := range account.Extra {
|
||||
extra[k] = v
|
||||
}
|
||||
extra["privacy_mode"] = mode
|
||||
account.Extra = extra
|
||||
}
|
||||
18
backend/internal/service/antigravity_privacy_service_test.go
Normal file
18
backend/internal/service/antigravity_privacy_service_test.go
Normal file
@@ -0,0 +1,18 @@
|
||||
//go:build unit
|
||||
|
||||
package service
|
||||
|
||||
import "testing"
|
||||
|
||||
func TestApplyAntigravityPrivacyMode_SetsInMemoryExtra(t *testing.T) {
|
||||
account := &Account{}
|
||||
|
||||
applyAntigravityPrivacyMode(account, AntigravityPrivacySet)
|
||||
|
||||
if account.Extra == nil {
|
||||
t.Fatal("expected account.Extra to be initialized")
|
||||
}
|
||||
if got := account.Extra["privacy_mode"]; got != AntigravityPrivacySet {
|
||||
t.Fatalf("expected privacy_mode %q, got %v", AntigravityPrivacySet, got)
|
||||
}
|
||||
}
|
||||
@@ -128,7 +128,7 @@ func (s *TokenRefreshService) Start() {
|
||||
)
|
||||
}
|
||||
|
||||
// Stop 停止刷新服务
|
||||
// Stop 停止刷新服务(可安全多次调用)
|
||||
func (s *TokenRefreshService) Stop() {
|
||||
close(s.stopCh)
|
||||
s.wg.Wait()
|
||||
@@ -404,6 +404,8 @@ func (s *TokenRefreshService) postRefreshActions(ctx context.Context, account *A
|
||||
}
|
||||
// OpenAI OAuth: 刷新成功后,检查是否已设置 privacy_mode,未设置则尝试关闭训练数据共享
|
||||
s.ensureOpenAIPrivacy(ctx, account)
|
||||
// Antigravity OAuth: 刷新成功后,检查是否已设置 privacy_mode,未设置则调用 setUserSettings
|
||||
s.ensureAntigravityPrivacy(ctx, account)
|
||||
}
|
||||
|
||||
// errRefreshSkipped 表示刷新被跳过(锁竞争或已被其他路径刷新),不计入 failed 或 refreshed
|
||||
@@ -477,3 +479,51 @@ func (s *TokenRefreshService) ensureOpenAIPrivacy(ctx context.Context, account *
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
// ensureAntigravityPrivacy 后台刷新中检查 Antigravity OAuth 账号隐私状态。
|
||||
// 仅做 Extra["privacy_mode"] 存在性检查,不发起 HTTP 请求,避免每轮循环产生额外网络开销。
|
||||
// 用户可通过前端 SetPrivacy 按钮强制重新设置。
|
||||
func (s *TokenRefreshService) ensureAntigravityPrivacy(ctx context.Context, account *Account) {
|
||||
if account.Platform != PlatformAntigravity || account.Type != AccountTypeOAuth {
|
||||
return
|
||||
}
|
||||
// 已设置过(无论成功或失败)则跳过,不发 HTTP
|
||||
if account.Extra != nil {
|
||||
if _, ok := account.Extra["privacy_mode"]; ok {
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
token, _ := account.Credentials["access_token"].(string)
|
||||
if token == "" {
|
||||
return
|
||||
}
|
||||
|
||||
projectID, _ := account.Credentials["project_id"].(string)
|
||||
|
||||
var proxyURL string
|
||||
if account.ProxyID != nil && s.proxyRepo != nil {
|
||||
if p, err := s.proxyRepo.GetByID(ctx, *account.ProxyID); err == nil && p != nil {
|
||||
proxyURL = p.URL()
|
||||
}
|
||||
}
|
||||
|
||||
mode := setAntigravityPrivacy(ctx, token, projectID, proxyURL)
|
||||
if mode == "" {
|
||||
return
|
||||
}
|
||||
|
||||
if err := s.accountRepo.UpdateExtra(ctx, account.ID, map[string]any{"privacy_mode": mode}); err != nil {
|
||||
slog.Warn("token_refresh.update_antigravity_privacy_mode_failed",
|
||||
"account_id", account.ID,
|
||||
"error", err,
|
||||
)
|
||||
} else {
|
||||
applyAntigravityPrivacyMode(account, mode)
|
||||
slog.Info("token_refresh.antigravity_privacy_mode_set",
|
||||
"account_id", account.ID,
|
||||
"privacy_mode", mode,
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user