wip: doctor/cli/docs/api to vector db consolidation; api hardening for descriptions, tenant, and scopes; migrations and conversions of all DALs to EF v10

2026-02-23 15:30:50 +02:00
parent bd8fee6ed8
commit e746577380
1424 changed files with 81225 additions and 25251 deletions
--- a/src/AdvisoryAI/StellaOps.AdvisoryAI.WebService/Endpoints/ChatEndpoints.cs
+++ b/src/AdvisoryAI/StellaOps.AdvisoryAI.WebService/Endpoints/ChatEndpoints.cs
@@ -17,6 +17,7 @@ using StellaOps.AdvisoryAI.Chat.Routing;
 using StellaOps.AdvisoryAI.Chat.Services;
 using StellaOps.AdvisoryAI.Chat.Settings;
 using StellaOps.AdvisoryAI.WebService.Contracts;
+using StellaOps.AdvisoryAI.WebService.Security;
 using System.Collections.Immutable;
 using System.Runtime.CompilerServices;
 using System.Text.Json;
@@ -43,7 +44,8 @@ public static class ChatEndpoints
    public static RouteGroupBuilder MapChatEndpoints(this IEndpointRouteBuilder builder)
    {
        var group = builder.MapGroup("/api/v1/chat")
-            .WithTags("Advisory Chat");
+            .WithTags("Advisory Chat")
+            .RequireAuthorization(AdvisoryAIPolicies.OperatePolicy);

        // Single query endpoint (non-streaming)
        group.MapPost("/query", ProcessQueryAsync)
@@ -68,6 +70,7 @@ public static class ChatEndpoints
        group.MapPost("/intent", DetectIntentAsync)
            .WithName("DetectChatIntent")
            .WithSummary("Detects intent from a user query without generating a full response")
+            .WithDescription("Classifies the user query into one of the advisory chat intents (explain, remediate, assess-risk, compare, etc.) and extracts structured parameters such as finding ID, package PURL, image reference, and environment. Useful for pre-routing or UI intent indicators without consuming LLM quota.")
            .Produces<IntentDetectionResponse>(StatusCodes.Status200OK)
            .ProducesValidationProblem();

@@ -75,6 +78,7 @@ public static class ChatEndpoints
        group.MapPost("/evidence-preview", PreviewEvidenceBundleAsync)
            .WithName("PreviewEvidenceBundle")
            .WithSummary("Previews the evidence bundle that would be assembled for a query")
+            .WithDescription("Assembles and returns a preview of the evidence bundle that would be passed to the LLM for the specified finding, without generating an AI response. Indicates which evidence types are available (VEX, reachability, binary patch, provenance, policy, ops memory, fix options) and their status.")
            .Produces<EvidenceBundlePreviewResponse>(StatusCodes.Status200OK)
            .Produces<ErrorResponse>(StatusCodes.Status400BadRequest);

@@ -82,29 +86,34 @@ public static class ChatEndpoints
        group.MapGet("/settings", GetChatSettingsAsync)
            .WithName("GetChatSettings")
            .WithSummary("Gets effective chat settings for the caller")
+            .WithDescription("Returns the effective advisory chat settings for the current tenant and user, merging global defaults, tenant overrides, and user overrides. Includes quota limits and tool access configuration.")
            .Produces<ChatSettingsResponse>(StatusCodes.Status200OK);

        group.MapPut("/settings", UpdateChatSettingsAsync)
            .WithName("UpdateChatSettings")
            .WithSummary("Updates chat settings overrides (tenant or user)")
+            .WithDescription("Applies quota and tool access overrides for the current tenant (default) or a specific user (scope=user). Overrides are layered on top of global defaults; only fields present in the request body are changed.")
            .Produces<ChatSettingsResponse>(StatusCodes.Status200OK)
            .Produces<ErrorResponse>(StatusCodes.Status400BadRequest);

        group.MapDelete("/settings", ClearChatSettingsAsync)
            .WithName("ClearChatSettings")
            .WithSummary("Clears chat settings overrides (tenant or user)")
+            .WithDescription("Removes all tenant-level or user-level chat settings overrides, reverting the affected scope to global defaults. Use scope=user to clear only the user-level override for the current user.")
            .Produces(StatusCodes.Status204NoContent);

        // Doctor endpoint
        group.MapGet("/doctor", GetChatDoctorAsync)
            .WithName("GetChatDoctor")
            .WithSummary("Returns chat limit status and tool access diagnostics")
+            .WithDescription("Returns a diagnostics report for the current tenant and user, including remaining quota across all dimensions (requests/min, requests/day, tokens/day, tool calls/day), tool provider availability, and the last quota denial if any. Referenced by error responses via the doctor action hint.")
            .Produces<ChatDoctorResponse>(StatusCodes.Status200OK);

        // Health/status endpoint for chat service
        group.MapGet("/status", GetChatStatusAsync)
            .WithName("GetChatStatus")
            .WithSummary("Gets the status of the advisory chat service")
+            .WithDescription("Returns the current operational status of the advisory chat service, including whether chat is enabled, the configured inference provider and model, maximum token limit, and whether guardrails and audit logging are active.")
            .Produces<ChatServiceStatusResponse>(StatusCodes.Status200OK);

        return group;