Scott.Idem/OSIT-AE-API-FastAPI
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(agent): implement Agent Bridge for secure diagnostics

Browse Source
This commit is contained in:
Scott Idem
2026-01-06 19:00:03 -05:00
parent 6470af0a01
commit 836ed97d07
3 changed files with 72 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
GEMINI.md
View File

@@ -67,8 +67,13 @@ I am an interactive CLI agent assisting with software engineering tasks for One
## Current To-Do List ## Current To-Do List
1. **Docker Environment Insight Improvements (Priority: High)**: Implement methods/endpoints to give the agent more insight into the actual Docker runtime environment. 1. **Docker Environment Insight Improvements (Priority: High)**: Implement methods/endpoints to give the agent more insight into the actual Docker runtime environment.
2. **Security - Field Allowlists (Priority: High)**: Finish populating `searchable_fields` for all remaining object definitions. 2. **Security - Field Allowlists (Priority: Done)**: Finished populating `searchable_fields` for all object definitions (Core, CMS, Events, Membership, Orders, Other).
3. **Refactoring - Modularize `db_sql.py` (Priority: Done/Low)**: Successfully implemented a facade pattern, moving search builders and Redis helpers to modular files. This reduced `db_sql.py` by nearly 500 lines while preserving stability. Further modularization of core CRUD should only be attempted if stability risks are mitigated. 3. **Refactoring - Modularize `db_sql.py` (Priority: Done/Low)**: Successfully implemented a facade pattern, moving search builders and Redis helpers to modular files. This reduced `db_sql.py` by nearly 500 lines while preserving stability. Further modularization of core CRUD should only be attempted if stability risks are mitigated.
4. **Specialized Endpoints (Priority: Medium)**: Plan modernization of custom logic (importing, websockets) to match V3 patterns. 4. **Specialized Endpoints (Priority: Medium)**: Plan modernization of custom logic (importing, websockets) to match V3 patterns.
5. **Security - Authentication (Priority: High)**: Continue refining and enforcing JWT-based authentication across all V3 endpoints. 5. **Security - Authentication (Priority: High)**: Continue refining and enforcing JWT-based authentication across all V3 endpoints.
### Workflow & Collaboration
- **`GEMINI.md` Strategy:** The user is creating `GEMINI.md` files in key project directories. Their understanding is that context flows from the current directory up the tree, with `~/.gemini/GEMINI.md` serving as a global catch-all for general memories.
- **Agents Sync (rsync):** Shared documentation, notes, and architectural updates are pushed to the `agents_sync` directory using `rsync`. This allows real-time coordination between different specialized agents (e.g., FastAPI backend and Svelte frontend agents).
- **Home Server:** The user self-hosts a Proxmox server for services like Nextcloud.

7
app/main.py
View File

@@ -16,7 +16,7 @@ import logging
import app.log import app.log
# Import the routers here first: # Import the routers here first:
from app.routers import ae_obj, aether_cfg, api_crud, api_crud_v2, api_crud_v3, api, importing, sql, account, activity_log, address, archive, archive_content, contact, data_store, event, event_abstract, event_badge, event_badge_importing, event_badge_template, event_device, event_exhibit, event_exhibit_tracking, event_file, event_importing, event_location, event_person, event_person_detail, event_person_tracking, event_presentation, event_presenter, event_registration, event_session, flask_cfg, fundraising, grant, hosted_file, journal, journal_entry, log_client_viewing, lookup, membership_cfg, membership_group, membership_person_group, membership_person, membership_person_profile, membership_type, membership_person_type, order, order_v3, order_line, order_cart, organization, page, person, person_user, post, post_comment, product, qr, site, site_domain, user, util_email, websockets_redis, e_confex, e_cvent, c_idaa, e_impexium, e_stripe from app.routers import ae_obj, aether_cfg, api_crud, api_crud_v2, api_crud_v3, agent_bridge, api, importing, sql, account, activity_log, address, archive, archive_content, contact, data_store, event, event_abstract, event_badge, event_badge_importing, event_badge_template, event_device, event_exhibit, event_exhibit_tracking, event_file, event_importing, event_location, event_person, event_person_detail, event_person_tracking, event_presentation, event_presenter, event_registration, event_session, flask_cfg, fundraising, grant, hosted_file, journal, journal_entry, log_client_viewing, lookup, membership_cfg, membership_group, membership_person_group, membership_person, membership_person_profile, membership_type, membership_person_type, order, order_v3, order_line, order_cart, organization, page, person, person_user, post, post_comment, product, qr, site, site_domain, user, util_email, websockets_redis, e_confex, e_cvent, c_idaa, e_impexium, e_stripe
# cont_edu_cert, cont_edu_cert_person, # cont_edu_cert, cont_edu_cert_person,
# from app.routers import aether_cfg, sql # from app.routers import aether_cfg, sql
@@ -120,6 +120,11 @@ app.include_router(
prefix='/v3/crud', prefix='/v3/crud',
tags=['CRUD v3'], tags=['CRUD v3'],
) )
app.include_router(
agent_bridge.router,
prefix='/agent',
tags=['Agent Bridge'],
)
app.include_router( app.include_router(
api.router, api.router,
prefix='/api', prefix='/api',

60
app/routers/agent_bridge.py Normal file
View File

@@ -0,0 +1,60 @@
from fastapi import APIRouter, Depends, HTTPException
import os
import platform
import json
from typing import Dict, Any
from app.lib_general_v3 import AccountContext, get_account_context
from app.models.response_models import Resp_Body_Base, mk_resp
router = APIRouter()
@router.get("/status", response_model=Resp_Body_Base, tags=["Agent Bridge"])
async def get_container_status(
account: AccountContext = Depends(get_account_context)
):
"""
Returns diagnostic information about the container environment.
Only accessible to administrators/managers via existing hierarchy.
"""
# Simple check for administrative access
if not getattr(account, "administrator", False) and not getattr(account, "manager", False):
raise HTTPException(status_code=403, detail="Administrative access required.")
status_data = {
"os": platform.system(),
"release": platform.release(),
"python_version": platform.python_version(),
"hostname": platform.node(),
"cpu_count": os.cpu_count(),
"environment_vars": {k: v for k, v in os.environ.items() if "PASSWORD" not in k.upper() and "KEY" not in k.upper() and "SECRET" not in k.upper()},
"cwd": os.getcwd(),
"container": os.path.exists('/.dockerenv')
}
return mk_resp(data=status_data)
@router.get("/logs", response_model=Resp_Body_Base, tags=["Agent Bridge"])
async def get_latest_logs(
lines: int = 50,
account: AccountContext = Depends(get_account_context)
):
"""
Returns the last N lines of the application log.
"""
if not getattr(account, "administrator", False) and not getattr(account, "manager", False):
raise HTTPException(status_code=403, detail="Administrative access required.")
from app.config import settings
log_path = settings.LOG_PATH.get('app', '/logs/aether_api.log')
if not os.path.exists(log_path):
return mk_resp(data=False, status_message=f"Log file not found at {log_path}")
try:
with open(log_path, 'r') as f:
log_lines = f.readlines()
latest = log_lines[-lines:] if len(log_lines) > lines else log_lines
return mk_resp(data="".join(latest))
except Exception as e:
return mk_resp(data=False, status_message=str(e))