kai/ColaFlow
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
118 Commits 1 Branch 0 Tags
8c51fa392b8331a513bdaa19b27cac294bff4930
Commit Graph

4 Commits

Author SHA1 Message Date
Yaojia Wang
debfb95780 feat(backend): Implement Diff Preview Service for MCP (Story 5.9) 
Implement comprehensive Diff Preview Service to show changes before AI operations.
This is the core safety mechanism for M2, enabling transparency and user approval.

Domain Layer:
- Enhanced DiffPreviewService with HTML diff generation
- Added GenerateHtmlDiff() for visual change representation
- Added FormatValue() to handle dates, nulls, and long strings
- HTML output includes XSS protection with HtmlEncode

Application Layer:
- Created DiffPreviewDto and DiffFieldDto for API responses
- DTOs support JSON serialization for REST APIs

Infrastructure Layer:
- Created PendingChangeRepository with all query methods
- Created TaskLockRepository with resource locking support
- Added PendingChangeConfiguration (EF Core) with JSONB storage
- Added TaskLockConfiguration (EF Core) with unique indexes
- Updated McpDbContext with new entities
- Created EF migration AddPendingChangeAndTaskLock

Database Schema:
- pending_changes table with JSONB diff column
- task_locks table with resource locking
- Indexes for tenant_id, api_key_id, status, created_at, expires_at
- Composite indexes for performance optimization

Service Registration:
- Registered DiffPreviewService in DI container
- Registered TaskLockService in DI container
- Registered PendingChangeRepository and TaskLockRepository

Tests:
- Created DiffPreviewServiceTests with core scenarios
- Tests cover CREATE, UPDATE, and DELETE operations
- Tests verify HTML diff generation and XSS protection

Technical Highlights:
- DiffPreview stored as JSONB using value converter
- HTML diff with color-coded changes (green/red/yellow)
- Field-level diff comparison using reflection
- Truncates long values (>500 chars) for display
- Type-safe enum conversions for status fields

Story: Sprint 5, Story 5.9 - Diff Preview Service Implementation
Priority: P0 CRITICAL
Story Points: 5 (2 days)

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
 2025-11-09 17:42:44 +01:00
Yaojia Wang
c00c909489 feat(backend): Implement Story 5.4 - MCP Error Handling & Logging 
Implement comprehensive error handling and structured logging for MCP module.

**Exception Hierarchy**:
- Created McpException base class with JSON-RPC error mapping
- Implemented 8 specific exception types (Parse, InvalidRequest, MethodNotFound, etc.)
- Each exception maps to correct HTTP status code (401, 403, 404, 422, 400, 500)

**Middleware**:
- McpCorrelationIdMiddleware: Generates/extracts correlation ID for request tracking
- McpExceptionHandlerMiddleware: Global exception handler with JSON-RPC error responses
- McpLoggingMiddleware: Request/response logging with sensitive data sanitization

**Serilog Integration**:
- Configured structured logging with Console and File sinks
- Log rotation (daily, 30-day retention)
- Correlation ID enrichment in all log entries

**Features**:
- Correlation ID propagation across request chain
- Structured logging with TenantId, UserId, ApiKeyId
- Sensitive data sanitization (API keys, passwords)
- Performance metrics (request duration, slow request warnings)
- JSON-RPC 2.0 compliant error responses

**Testing**:
- 174 tests passing (all MCP module tests)
- Unit tests for all exception classes
- Unit tests for all middleware components
- 100% coverage of error mapping and HTTP status codes

**Files Added**:
- 9 exception classes in Domain/Exceptions/
- 3 middleware classes in Infrastructure/Middleware/
- 4 test files with comprehensive coverage

**Files Modified**:
- Program.cs: Serilog configuration
- McpServiceExtensions.cs: Middleware pipeline registration
- JsonRpcError.cs: Added parameterless constructor for deserialization
- MCP Infrastructure .csproj: Added Serilog package reference

**Verification**:
 All 174 MCP module tests passing
 Build successful with no errors
 Exception-to-HTTP-status mapping verified
 Correlation ID propagation tested
 Sensitive data sanitization verified

Story: docs/stories/sprint_5/story_5_4.md

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
 2025-11-08 21:08:12 +01:00
Yaojia Wang
63d0e20371 feat(backend): Implement MCP Domain Layer - PendingChange, TaskLock, DiffPreview (Story 5.3) 
Implemented comprehensive domain layer for MCP module following DDD principles:

Domain Entities & Aggregates:
- PendingChange aggregate root with approval workflow (Pending/Approved/Rejected/Expired/Applied)
- TaskLock aggregate root for concurrency control with 5-minute expiration
- Business rule enforcement at domain level

Value Objects:
- DiffPreview for CREATE/UPDATE/DELETE operations with validation
- DiffField for field-level change tracking
- PendingChangeStatus and TaskLockStatus enums

Domain Events (8 total):
- PendingChange: Created, Approved, Rejected, Expired, Applied
- TaskLock: Acquired, Released, Expired

Repository Interfaces:
- IPendingChangeRepository with query methods for status, entity, and expiration
- ITaskLockRepository with concurrency control queries

Domain Services:
- DiffPreviewService for generating diffs via reflection and JSON comparison
- TaskLockService for lock acquisition, release, and expiration management

Unit Tests (112 total, all passing):
- DiffFieldTests: 13 tests for value object behavior and equality
- DiffPreviewTests: 20 tests for operation validation and factory methods
- PendingChangeTests: 29 tests for aggregate lifecycle and business rules
- TaskLockTests: 26 tests for lock management and expiration
- Test coverage > 90% for domain layer

Technical Implementation:
- Follows DDD aggregate root pattern with encapsulation
- Uses factory methods for entity creation with validation
- Domain events for audit trail and loose coupling
- Immutable value objects with equality comparison
- Business rules enforced in domain entities (not services)
- 24-hour expiration for PendingChange, 5-minute for TaskLock
- Supports diff preview with before/after snapshots (JSON)

Story 5.3 completed - provides solid foundation for Phase 3 Diff Preview and approval workflow.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
 2025-11-08 20:56:22 +01:00
Yaojia Wang
0857a8ba2a feat(backend): Implement MCP API Key Management System (Story 5.2) 
Implemented comprehensive API Key authentication and management system
for MCP Server to ensure only authorized AI agents can access ColaFlow.

## Domain Layer
- Created McpApiKey aggregate root with BCrypt password hashing
- Implemented ApiKeyPermissions value object (read/write, resource/tool filtering)
- Added ApiKeyStatus enum (Active, Revoked)
- Created domain events (ApiKeyCreatedEvent, ApiKeyRevokedEvent)
- API key format: cola_<36 random chars> (cryptographically secure)
- Default expiration: 90 days

## Application Layer
- Implemented McpApiKeyService with full CRUD operations
- Created DTOs for API key creation, validation, and updates
- Validation logic: hash verification, expiration check, IP whitelist
- Usage tracking: last_used_at, usage_count

## Infrastructure Layer
- Created McpDbContext with PostgreSQL configuration
- EF Core entity configuration with JSONB for permissions/IP whitelist
- Implemented McpApiKeyRepository with prefix-based lookup
- Database migration: mcp_api_keys table with indexes
- Created McpApiKeyAuthenticationMiddleware for API key validation
- Middleware validates Authorization: Bearer <api_key> header

## API Layer
- Created McpApiKeysController with REST endpoints:
  - POST /api/mcp/keys - Create API Key (returns plain key once!)
  - GET /api/mcp/keys - List tenant's API Keys
  - GET /api/mcp/keys/{id} - Get API Key details
  - PATCH /api/mcp/keys/{id}/metadata - Update name/description
  - PATCH /api/mcp/keys/{id}/permissions - Update permissions
  - DELETE /api/mcp/keys/{id} - Revoke API Key
- Requires JWT authentication (not API key auth)

## Testing
- Created 17 unit tests for McpApiKey entity
- Created 7 unit tests for ApiKeyPermissions value object
- All 49 tests passing (including existing MCP tests)
- Test coverage > 80% for Domain layer

## Security Features
- BCrypt hashing with work factor 12
- API key shown only once at creation (never logged)
- Key prefix lookup for fast validation (indexed)
- Multi-tenant isolation (tenant_id filter)
- IP whitelist support
- Permission scopes (read/write, resources, tools)
- Automatic expiration after 90 days

## Database Schema
Table: mcp.mcp_api_keys
- Indexes: key_prefix (unique), tenant_id, tenant_user, expires_at, status
- JSONB columns for permissions and IP whitelist
- Soft delete via revoked_at

## Integration
- Updated Program.cs to register MCP module with configuration
- Added MCP DbContext migration in development mode
- Authentication middleware runs before MCP protocol handler

Changes:
- Created 31 new files (2321+ lines)
- Domain: 6 files (McpApiKey, events, repository, value objects)
- Application: 9 files (service, DTOs)
- Infrastructure: 8 files (DbContext, repository, middleware, migration)
- API: 1 file (McpApiKeysController)
- Tests: 2 files (17 + 7 unit tests)

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
 2025-11-08 18:40:56 +01:00