XF/GIA
1
0
Fork 0
Code Issues 2 Pull Requests Actions Packages Projects Releases Wiki Activity

Increase security and reformat

Browse Source
This commit is contained in:
Mark Veidemanis
2026-03-07 20:52:13 +00:00
parent 10588a18b9
commit bca4d6898f
144 changed files with 6735 additions and 3960 deletions
Download Patch File Download Diff File Expand all files Collapse all files

113
core/views/automation.py
View File

@@ -11,7 +11,11 @@ from django.urls import reverse
from django.utils import timezone
from django.views import View
from core.commands.policies import BP_VARIANT_KEYS, BP_VARIANT_META, ensure_variant_policies_for_profile
from core.commands.policies import (
BP_VARIANT_KEYS,
BP_VARIANT_META,
ensure_variant_policies_for_profile,
)
from core.models import (
AIRunLog,
BusinessPlanDocument,
@@ -56,7 +60,9 @@ class CommandRoutingSettings(LoginRequiredMixin, View):
@staticmethod
def _redirect_with_scope(request):
service = str(request.GET.get("service") or request.POST.get("service") or "").strip()
service = str(
request.GET.get("service") or request.POST.get("service") or ""
).strip()
identifier = str(
request.GET.get("identifier") or request.POST.get("identifier") or ""
).strip()
@@ -94,11 +100,14 @@ class CommandRoutingSettings(LoginRequiredMixin, View):
{
"variant_key": key,
"variant_label": str(meta.get("name") or key),
"trigger_token": str(meta.get("trigger_token") or profile.trigger_token or ""),
"trigger_token": str(
meta.get("trigger_token") or profile.trigger_token or ""
),
"template_supported": bool(meta.get("template_supported")),
"warn_verbatim_plan": bool(
key in {"bp", "bp_set_range"}
and str(getattr(row, "generation_mode", "") or "") == "verbatim"
and str(getattr(row, "generation_mode", "") or "")
== "verbatim"
and bool(getattr(row, "send_plan_to_egress", False))
),
"row": row,
@@ -119,7 +128,9 @@ class CommandRoutingSettings(LoginRequiredMixin, View):
for row in bindings
if str(row.direction or "").strip() == "egress" and bool(row.enabled)
]
profile.preview_mode = preview_profile_id and str(profile.id) == preview_profile_id
profile.preview_mode = (
preview_profile_id and str(profile.id) == preview_profile_id
)
documents = BusinessPlanDocument.objects.filter(user=request.user).order_by(
"-updated_at"
)[:30]
@@ -147,7 +158,9 @@ class CommandRoutingSettings(LoginRequiredMixin, View):
if action == "profile_create":
slug = (
str(request.POST.get("command_slug") or request.POST.get("slug") or "bp")
str(
request.POST.get("command_slug") or request.POST.get("slug") or "bp"
)
.strip()
.lower()
or "bp"
@@ -156,7 +169,10 @@ class CommandRoutingSettings(LoginRequiredMixin, View):
user=request.user,
slug=slug,
defaults={
"name": str(request.POST.get("name") or ("Codex" if slug == "codex" else "Business Plan")).strip()
"name": str(
request.POST.get("name")
or ("Codex" if slug == "codex" else "Business Plan")
).strip()
or ("Codex" if slug == "codex" else "Business Plan"),
"enabled": True,
"trigger_token": str(
@@ -167,10 +183,14 @@ class CommandRoutingSettings(LoginRequiredMixin, View):
"template_text": str(request.POST.get("template_text") or ""),
},
)
profile.name = str(request.POST.get("name") or profile.name).strip() or profile.name
profile.name = (
str(request.POST.get("name") or profile.name).strip() or profile.name
)
if slug == "bp":
profile.trigger_token = ".bp"
profile.template_text = str(request.POST.get("template_text") or profile.template_text or "")
profile.template_text = str(
request.POST.get("template_text") or profile.template_text or ""
)
if slug == "codex":
profile.trigger_token = ".codex"
profile.reply_required = False
@@ -317,11 +337,17 @@ class CommandRoutingSettings(LoginRequiredMixin, View):
variant_key=variant_key,
)
policy.enabled = bool(request.POST.get("enabled"))
mode = str(request.POST.get("generation_mode") or "verbatim").strip().lower()
mode = (
str(request.POST.get("generation_mode") or "verbatim").strip().lower()
)
policy.generation_mode = mode if mode in {"ai", "verbatim"} else "verbatim"
policy.send_plan_to_egress = bool(request.POST.get("send_plan_to_egress"))
policy.send_status_to_source = bool(request.POST.get("send_status_to_source"))
policy.send_status_to_egress = bool(request.POST.get("send_status_to_egress"))
policy.send_status_to_source = bool(
request.POST.get("send_status_to_source")
)
policy.send_status_to_egress = bool(
request.POST.get("send_status_to_egress")
)
policy.store_document = bool(request.POST.get("store_document"))
policy.save()
return self._redirect_with_scope(request)
@@ -343,7 +369,9 @@ class CommandRoutingSettings(LoginRequiredMixin, View):
user=request.user,
)
ensure_variant_policies_for_profile(profile)
service = str(request.GET.get("service") or request.POST.get("service") or "").strip()
service = str(
request.GET.get("service") or request.POST.get("service") or ""
).strip()
identifier = str(
request.GET.get("identifier") or request.POST.get("identifier") or ""
).strip()
@@ -391,18 +419,14 @@ class TranslationSettings(LoginRequiredMixin, View):
request.POST.get("a_channel_identifier") or ""
).strip(),
a_language=str(
request.POST.get("a_language")
or inferred.get("a_language")
or "en"
request.POST.get("a_language") or inferred.get("a_language") or "en"
).strip(),
b_service=str(request.POST.get("b_service") or "web").strip(),
b_channel_identifier=str(
request.POST.get("b_channel_identifier") or ""
).strip(),
b_language=str(
request.POST.get("b_language")
or inferred.get("b_language")
or "en"
request.POST.get("b_language") or inferred.get("b_language") or "en"
).strip(),
direction=str(request.POST.get("direction") or "bidirectional").strip(),
quick_mode_title=quick_title,
@@ -434,7 +458,9 @@ class AIExecutionLogSettings(LoginRequiredMixin, View):
total_ok = runs_qs.filter(status="ok").count()
total_failed = runs_qs.filter(status="failed").count()
avg_ms = runs_qs.aggregate(v=Avg("duration_ms")).get("v") or 0
success_rate = (float(total_ok) / float(total_runs) * 100.0) if total_runs else 0.0
success_rate = (
(float(total_ok) / float(total_runs) * 100.0) if total_runs else 0.0
)
usage_totals = runs_qs.aggregate(
prompt_chars_total=Sum("prompt_chars"),
@@ -531,6 +557,53 @@ class AIExecutionRunDetailTabView(LoginRequiredMixin, View):
)
class BusinessPlanInbox(LoginRequiredMixin, View):
template_name = "pages/business-plan-inbox.html"
def get(self, request):
status_filter = str(request.GET.get("status") or "").strip().lower()
service_filter = str(request.GET.get("service") or "").strip().lower()
query = str(request.GET.get("q") or "").strip()
rows = (
BusinessPlanDocument.objects.filter(user=request.user)
.select_related("command_profile")
.annotate(revision_count=Count("revisions"))
.order_by("-updated_at")
)
if status_filter in {"draft", "final"}:
rows = rows.filter(status=status_filter)
if service_filter in {"xmpp", "whatsapp", "signal", "instagram", "web"}:
rows = rows.filter(source_service=service_filter)
if query:
rows = rows.filter(
Q(title__icontains=query)
| Q(source_channel_identifier__icontains=query)
| Q(command_profile__name__icontains=query)
)
stats = BusinessPlanDocument.objects.filter(user=request.user).aggregate(
total=Count("id"),
draft=Count("id", filter=Q(status="draft")),
final=Count("id", filter=Q(status="final")),
)
return render(
request,
self.template_name,
{
"documents": rows[:250],
"filters": {
"status": status_filter,
"service": service_filter,
"q": query,
},
"stats": stats,
"service_choices": ("xmpp", "whatsapp", "signal", "instagram", "web"),
},
)
class BusinessPlanEditor(LoginRequiredMixin, View):
template_name = "pages/business-plan-editor.html"