15 Commits

Author SHA1 Message Date
Gan, Jimmy 56a8ff28ad fix: resolve CI test failures — schema, OPC mocking, download auth, router reloads
Fix 20 pre-existing test failures:
- Update mock conversation DB schema with missing columns
- Add in-memory OPC database mock to avoid PostgreSQL dependency in CI
- Fix file download endpoint to check auth before revealing file existence
- Reload routers.system and routers.security in test_app for fresh config
- Reset cached Docker client in security router between tests
- Fix websocket auth test to properly check for connection rejection

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-03 21:57:00 +08:00
Gan, Jimmy e35319f881 fix: separate public and authenticated file endpoints
Deploy Dashboard (Dev) / deploy-dev (push) Has been cancelled
Run Tests / Backend Tests (push) Failing after 5m3s
Run Tests / Frontend Tests (push) Failing after 3m56s
Run Tests / Backend Tests (pull_request) Failing after 5m10s
Run Tests / Frontend Tests (pull_request) Failing after 14m30s
Run Tests / Test Summary (push) Failing after 16s
Run Tests / Test Summary (pull_request) Failing after 18s
2026-04-21 22:14:35 +08:00
Gan, Jimmy f1b39d0a8a fix: allow unauthenticated access to token-based file downloads
Deploy Dashboard (Dev) / deploy-dev (push) Failing after 2m37s
Run Tests / Backend Tests (push) Failing after 5m2s
Run Tests / Frontend Tests (push) Failing after 2m7s
Run Tests / Backend Tests (pull_request) Failing after 5m5s
Run Tests / Frontend Tests (pull_request) Failing after 2m25s
Run Tests / Test Summary (push) Failing after 14s
Run Tests / Test Summary (pull_request) Failing after 12s
2026-04-21 21:57:40 +08:00
Gan, Jimmy 88e53f3f8e fix: implement streaming downloads for large files
Run Tests / Backend Tests (pull_request) Failing after 5m29s
Run Tests / Frontend Tests (pull_request) Failing after 3m55s
Run Tests / Test Summary (pull_request) Failing after 18s
- Add token-based download system with 5-minute expiry
- Stream files in 8MB chunks on backend (no memory loading)
- Use browser native download with tokens on frontend
- Fixes hang on large files (10GB+) by avoiding memory buffering
2026-04-18 11:03:22 +08:00
Gan, Jimmy 1ee244ee39 fix: set filename in file download response
Run Tests / Backend Tests (pull_request) Failing after 5m23s
Run Tests / Frontend Tests (pull_request) Failing after 34s
Run Tests / Test Summary (pull_request) Failing after 15s
2026-04-17 14:17:33 +08:00
Gan, Jimmy 67c4394c2d fix: handle permission errors when browsing directories
Deploy Dashboard (Dev) / deploy-dev (push) Failing after 2m11s
Run Tests / Backend Tests (push) Failing after 5m47s
Run Tests / Frontend Tests (push) Failing after 1m30s
Run Tests / Test Summary (push) Failing after 14s
Run Tests / Frontend Tests (pull_request) Failing after 2m20s
Run Tests / Test Summary (pull_request) Failing after 18s
Run Tests / Backend Tests (pull_request) Failing after 4m9s
2026-04-11 14:06:15 +08:00
Gan, Jimmy dac163d88c security: fix critical vulnerabilities (issues #2 and #3)
Deploy Dashboard (Dev) / deploy-dev (push) Failing after 55s
Run Tests / Backend Tests (push) Successful in 2m2s
Run Tests / Test Summary (push) Failing after 12s
Run Tests / Frontend Tests (push) Failing after 2m4s
Issue #2: Unprotected Chat Summary Trigger (CRITICAL)
- Add authentication and admin authorization to /trigger endpoint
- Add path validation to prevent directory traversal
- Block access to system directories (/etc, /root, /sys, /proc, /boot)
- Add tests for unauthorized access and invalid paths

Issue #3: Exception Information Disclosure (HIGH)
- Replace raw exception messages with generic errors
- Log full exception details server-side with logger.exception()
- Affected files: auth.py, files.py, passkey.py, opc_agents.py
- Prevents information leakage about system architecture

Security Impact:
- Prevents unauthenticated file system writes
- Reduces reconnaissance opportunities for attackers
- Maintains security while preserving debugging capability

Tests: 214 passing, all security tests verified
2026-04-08 00:57:14 +08:00
Gan, Jimmy b981c06d59 feat: comprehensive test infrastructure improvements
Deploy Dashboard (Dev) / deploy-dev (push) Successful in 2m26s
Run Tests / Backend Tests (push) Failing after 2m36s
Run Tests / Frontend Tests (push) Failing after 2m23s
Run Tests / Test Summary (push) Failing after 13s
- Fix unit test imports: add env setup in conftest.py before module imports
- Add 24 new auth router tests (RBAC, preferences, password validation)
- Add 16 new tests for litellm and chat_summary routers
- Apply black formatting and ruff linting across codebase
- Add pre-commit hooks configuration (black, ruff, file checks)
- Increase CI coverage threshold from 40% to 50%

Test Results:
- 206 tests passing (91 unit + 115 integration)
- Coverage: 58.79% on core modules
- auth.py: 57% → 85%, litellm.py: 23% → 87%, chat_summary.py: 41% → 100%
- auth_service: 96.51%, config: 100%, rbac: 93.48%
2026-04-08 00:21:32 +08:00
Gan, Jimmy e98cbb0abb feat: comprehensive test infrastructure improvements
Deploy Dashboard (Dev) / deploy-dev (push) Successful in 3m35s
Run Tests / Backend Tests (push) Successful in 2m36s
Run Tests / Frontend Tests (push) Failing after 51s
Run Tests / Test Summary (push) Failing after 14s
Phase 1: Fix immediate test failures
- Fix path handling in files router (strip leading slashes)
- Fix test assertions to match actual API behavior
- Add proper error handling for missing files in download endpoint
- Reload files router in test fixtures to pick up config changes
- Fix upload endpoint test to use query params instead of form data

Phase 2: Improve test reliability
- Standardize error responses: docker_router now uses HTTPException
- Add global exception handlers for validation, Docker errors, and unhandled exceptions
- Fix flaky TOTP replay protection test
- Fix flaky password hash loading test with proper module reload
- Enhanced Docker mock fixtures with error scenarios and factory pattern

Phase 3: Add coverage reporting
- Add pytest-cov with 40% minimum coverage threshold
- Add pyproject.toml with pytest and coverage configuration
- Update test workflow to generate coverage and JUnit XML reports
- Remove -x flag to see all test failures
- Configure asyncio_default_fixture_loop_scope to fix deprecation warning

Results:
- All 144 tests passing (was 137 passed, 5 failed, 2 skipped)
- Test execution time: ~3s locally
- Coverage: 43% (above 40% threshold)
- No skipped tests
- Standardized error handling across all endpoints
2026-04-07 08:02:38 +08:00
Gan, Jimmy 4201917e17 fix: harden dashboard RBAC and cookie auth flows
Deploy Dashboard (Dev) / deploy-dev (push) Successful in 2m17s
Restrict Docker/Files writes to admins, move terminal websocket auth to cookie-first with temporary query fallback, and migrate refresh-token handling to httpOnly cookies for safer session persistence.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-09 23:44:23 +08:00
Gan, Jimmy 44f0ed5d04 fix: harden dashboard auth and terminal flows
Deploy Dashboard (Dev) / deploy-dev (push) Successful in 3m29s
Tighten terminal websocket auth and proxy trust handling while making file-backed auth/RBAC writes atomic to reduce high-impact security and persistence risks.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-06 23:53:58 +08:00
Gan, Jimmy 394a1aa367 security: harden dashboard (SSH keys, auth, uploads, CORS, non-root)
Remove SSH private keys from git, add SECRET_KEY validation, move WS
auth from query string to first message, add session limits/idle timeout,
PBKDF2 Fernet key, refresh token rotation, TOTP replay protection,
file upload size limit + filename sanitization, symlink safety check,
restrict CORS methods, IP-gate OpenClaw token, run container as non-root,
rate-limit refresh/passkey endpoints, sanitize Gitea path params.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-02-26 17:22:25 +08:00
Gan, Jimmy be1f3b3ad6 Add security improvements: refresh tokens, passkeys, CSP, audit logging, TOTP encryption
- Shorten access token to 30min with 7-day refresh token flow
- Add WebAuthn passkey registration and login with TOTP fallback
- Add Content-Security-Policy header
- Add audit logging middleware to /volume1/docker/nas-dashboard/audit.log
- Block /volume1/docker/ in files endpoint
- Encrypt TOTP secret at rest with Fernet (derived from SECRET_KEY)
- New deps: py_webauthn, cryptography
2026-02-22 11:04:40 +08:00
Gan, Jimmy b1dee47126 Add CORS, rate limiting, security headers, and files endpoint protection 2026-02-21 11:18:29 +08:00
Gan, Jimmy 70aa421d7f Add NAS dashboard MVP: Docker mgmt, Gitea, Files, Terminal 2026-02-19 01:59:50 +08:00