fix(chat): 定时功能审计修复 — 消除重复解析 + ID碰撞 + 输入补全
Some checks failed
CI / Lint & TypeCheck (push) Has been cancelled
CI / Unit Tests (push) Has been cancelled
CI / Build Frontend (push) Has been cancelled
CI / Rust Check (push) Has been cancelled
CI / Security Scan (push) Has been cancelled
CI / E2E Tests (push) Has been cancelled
Some checks failed
CI / Lint & TypeCheck (push) Has been cancelled
CI / Unit Tests (push) Has been cancelled
CI / Build Frontend (push) Has been cancelled
CI / Rust Check (push) Has been cancelled
CI / Security Scan (push) Has been cancelled
CI / E2E Tests (push) Has been cancelled
审计发现修复: - H-01: 存储 ParsedSchedule 避免重复 parse_nl_schedule 调用 - H-03: trigger ID 追加 UUID 片段防止高并发碰撞 - C-02: execute_trigger 验证错误信息明确系统 Hand 必须注册 - M-02: SchedulerService 传递 trigger_name 作为 task_description - M-01: 添加拦截路径跳过 post_hook 的设计注释
This commit is contained in:
iven
@@ -77,7 +77,7 @@ impl SchedulerService {
|
||||
kernel_lock: &Arc<Mutex<Option<Kernel>>>,
|
||||
) -> Result<()> {
|
||||
// Collect due triggers under lock
|
||||
let to_execute: Vec<(String, String, String)> = {
|
||||
let to_execute: Vec<(String, String, String, String)> = {
|
||||
let kernel_guard = kernel_lock.lock().await;
|
||||
let kernel = match kernel_guard.as_ref() {
|
||||
Some(k) => k,
|
||||
@@ -103,7 +103,8 @@ impl SchedulerService {
|
||||
.filter_map(|t| {
|
||||
if let zclaw_hands::TriggerType::Schedule { ref cron } = t.config.trigger_type {
|
||||
if Self::should_fire_cron(cron, &now) {
|
||||
Some((t.config.id.clone(), t.config.hand_id.clone(), cron.clone()))
|
||||
// (trigger_id, hand_id, cron_expr, trigger_name)
|
||||
Some((t.config.id.clone(), t.config.hand_id.clone(), cron.clone(), t.config.name.clone()))
|
||||
} else {
|
||||
None
|
||||
}
|
||||
@@ -123,7 +124,7 @@ impl SchedulerService {
|
||||
// If parallel execution is needed, spawn each execute_hand in a separate task
|
||||
// and collect results via JoinSet.
|
||||
let now = chrono::Utc::now();
|
||||
for (trigger_id, hand_id, cron_expr) in to_execute {
|
||||
for (trigger_id, hand_id, cron_expr, trigger_name) in to_execute {
|
||||
tracing::info!(
|
||||
"[Scheduler] Firing scheduled trigger '{}' → hand '{}' (cron: {})",
|
||||
trigger_id, hand_id, cron_expr
|
||||
@@ -138,6 +139,7 @@ impl SchedulerService {
|
||||
let input = serde_json::json!({
|
||||
"trigger_id": trigger_id,
|
||||
"trigger_type": "schedule",
|
||||
"task_description": trigger_name,
|
||||
"cron": cron_expr,
|
||||
"fired_at": now.to_rfc3339(),
|
||||
});
|
||||
|
||||
@@ -305,9 +305,10 @@ impl TriggerManager {
|
||||
};
|
||||
|
||||
// Get hand (outside of our lock to avoid potential deadlock with hand_registry)
|
||||
// System hands (prefixed with '_') must be registered at boot — same rule as create_trigger.
|
||||
let hand = self.hand_registry.get(&hand_id).await
|
||||
.ok_or_else(|| zclaw_types::ZclawError::InvalidInput(
|
||||
format!("Hand '{}' not found", hand_id)
|
||||
format!("Hand '{}' not found (system hands must be registered at boot)", hand_id)
|
||||
))?;
|
||||
|
||||
// Update state before execution
|
||||
|
||||
Reference in New Issue
Block a user