✨ Feature: add agent repository page and APIs#3289
Conversation
Introduce Agent Repository backend APIs, database/service support, frontend views, client services, and tests. Migrate Agent Space navigation and permissions to /agent-repository with updated SQL and localization.
Introduce Agent Repository backend APIs, database/service support, frontend views, client services, and tests. Migrate Agent Space navigation and permissions to /agent-repository with updated SQL and localization.
|
智能体仓库,已上架的智能体,可通过类别进行筛选 
|
| STATUS_SHARED, | ||
| }) | ||
|
|
||
| OWNERSHIP_ALL = "all" |
There was a problem hiding this comment.
破坏性变更:状态常量从大写改为小写(NOT_SHARED → not_shared),但数据库中已有记录仍使用大写值。需要数据迁移脚本 UPDATE ag_agent_repository_t SET status = LOWER(status) 来更新现有数据,否则查询会匹配不到旧数据。
| STATUS_NOT_SHARED: 1, | ||
| } | ||
|
|
||
| _AGENT_REPOSITORY_CATEGORIES: List[Dict[str, Any]] = [ |
There was a problem hiding this comment.
i18n 问题:分类名称硬编码为中文("写作助手"、"编程开发"等),但项目支持中英文双语。如果前端使用英文 locale,用户看到的仍是中文分类名。建议存储 i18n key,由前端翻译。
| ) | ||
| rows = query.order_by(AgentRepository.agent_repository_id.desc()).all() | ||
| return [as_dict(row) for row in rows] | ||
|
|
There was a problem hiding this comment.
性能问题:用 LIKE 查询 CSV 格式的 group_ids 字段无法使用索引,数据量大时会全表扫描。建议改用 PostgreSQL ARRAY 类型或关联表。
🔍 Code Review Comments1. [安全/漏洞] options API 缺少权限过滤 2. [逻辑漏洞] CSV group_ids 子串误匹配 3. [代码规范] f-string 日志格式 |
YehongPan
left a comment
YehongPan
left a comment
There was a problem hiding this comment.
Code Review
- [安全/漏洞]
list_agent_repository_options_api返回的 options 数据(categories/icons/tags)未做权限过滤,所有登录用户均可获取完整预设列表,应确认是否符合设计意图。 - [逻辑漏洞]
_build_group_ids_overlap_condition使用LIKE '%,gid,%'匹配 CSV 格式的 group_ids,当 group_id 是另一个 group_id 的子串时(如 id=1 匹配 id=11),会产生误匹配。应改用 PostgreSQL 数组类型或 JSON 数组。 - [代码规范]
agent_repository_app.py中多处使用logger.error(f"...")的 f-string 日志格式,应改为logger.error("...", exc_info=True)以保留异常堆栈信息。
| raise HTTPException(status_code=HTTPStatus.UNAUTHORIZED, detail=str(e)) | ||
| except ValueError as e: | ||
| raise HTTPException(status_code=HTTPStatus.BAD_REQUEST, detail=str(e)) | ||
| except Exception as e: |
There was a problem hiding this comment.
[代码规范] except Exception: 过于宽泛,建议捕获更具体的异常类型,避免掩盖潜在错误。
| raise HTTPException(status_code=HTTPStatus.UNAUTHORIZED, detail=str(e)) | ||
| except ValueError as e: | ||
| raise HTTPException(status_code=HTTPStatus.BAD_REQUEST, detail=str(e)) | ||
| except Exception as e: |
There was a problem hiding this comment.
[代码规范] except Exception: 过于宽泛,建议捕获更具体的异常类型,避免掩盖潜在错误。
| raise HTTPException(status_code=HTTPStatus.UNAUTHORIZED, detail=str(e)) | ||
| except ValueError as e: | ||
| raise HTTPException(status_code=HTTPStatus.NOT_FOUND, detail=str(e)) | ||
| except Exception as e: |
There was a problem hiding this comment.
[代码规范] except Exception: 过于宽泛,建议捕获更具体的异常类型,避免掩盖潜在错误。
|
点击查看详情有智能体详情的弹窗 |
|
“我的”按钮下展示所有有编辑权限的智能体,可以按“我创建的”和“其它”来分别筛选。 
|
|
点击编辑按钮会跳转到智能体配置的页面。 |
|
已发布的智能体,可以申请上架,需要选择智能体的图标,类别和标签。 |
|
申请上架的智能体会有“审核中”的字样显示(初次上架是“审核中”,后续是“更新审核中”),同时可以查看审核进度。在审核进度弹窗,可以取消上架。 
|
|
租户管理员可以打开审核中心查看所有待审核智能体,可以选择通过或者驳回。 
|
|
审核通过的智能体,会显示“已上架”,点击查看审核状态可以看到详情。 
|
|
通过审核的智能体,可以在仓库页面看到。 
|
|
已经上架的智能体,在发布了更新版本后,可以再次申请上架,此时不会替换仓库中的智能体版本,需要审核通过之后才会替换。同时,可以查看审核状态,或取消申请上架。 
|
|
上架申请被驳回后的表现 
|
| {"id": 4, "name": "客户服务"}, | ||
| {"id": 5, "name": "效率工具"}, | ||
| {"id": 6, "name": "创意设计"}, | ||
| {"id": 0, "name": "其它"}, |
There was a problem hiding this comment.
原则上后端代码不出现中文或图标,建议将相关逻辑放到前端
|
Agent repository is a large feature addition (27 files, +5497/-1054). The architectural split of agent templates into a dedicated repository layer needs careful review of the migration path for existing agents. Please confirm backward compatibility with existing agent configurations. |
4 participants
Introduce Agent Repository backend APIs, database/service support, frontend views, client services, and tests. Migrate Agent Space navigation and permissions to /agent-repository with updated SQL and localization.