Skip to content

Commit 80b33cc

Browse files
Merge pull request #214 from Dakera-AI/fix/dak-6891-proxy-allowlist
fix(proxy): unblock 5 endpoints for PR#252 playground features (DAK-6891)
2 parents 004ae72 + 8b04c02 commit 80b33cc

2 files changed

Lines changed: 39 additions & 7 deletions

File tree

docker/playground/proxy/allowlist.js

Lines changed: 21 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -40,6 +40,24 @@ const ALLOW = [
4040
// the engine returned 405 (DAK-6758).
4141
compile('POST', '/v1/memory/importance'),
4242

43+
// --- sessions (ChatMemorySession scenario: start, store, recall, end) ---
44+
// Engine routes: POST /v1/sessions/start (lib.rs:421), POST /v1/sessions/{id}/end (lib.rs:422),
45+
// GET /v1/sessions/{id} (lib.rs:423). All are scoped per-session so they are sandbox-safe.
46+
compile('POST', '/v1/sessions/start'),
47+
compile('POST', '/v1/sessions/{seg}/end'),
48+
compile('GET', '/v1/sessions/{seg}'),
49+
50+
// --- entity extraction (Entity Extraction scenario) ---
51+
// Engine route: POST /v1/memories/extract (lib.rs:371).
52+
// Read-only: extracts entities from already-stored memories; no write side-effect.
53+
compile('POST', '/v1/memories/extract'),
54+
55+
// --- agent memory listing (API explorer + multi-agent scenario) ---
56+
// Engine route: GET /v1/agents/{agent_id}/memories. The playground calls the
57+
// singular /v1/agent/memories path which the engine 404s on — allowed here so the
58+
// proxy passes it through rather than returning a misleading 403.
59+
compile('GET', '/v1/agent/memories'),
60+
4361
// --- routing demo (read-only classifier) ---
4462
compile('POST', '/v1/route'),
4563

@@ -54,10 +72,9 @@ const ALLOW = [
5472
compile('POST', '/v1/knowledge/graph'),
5573
compile('GET', '/v1/memories/{seg}/graph'),
5674
compile('GET', '/v1/memories/{seg}/path'),
57-
// KG link creation — POST-only in the engine (lib.rs:449 post(memory_link)).
58-
// Required by all SDK quickstarts: py client.memory_link(), js memoryLink(),
59-
// go MemoryLink(), rs memory_link() (DAK-6776).
60-
compile('POST', '/v1/memories/{seg}/links'),
75+
// NOTE: /v1/memories/{seg}/links is POST-only in the engine (link creation,
76+
// lib.rs:449). There is no read route, so it is intentionally NOT allowed —
77+
// creation is a mutation and stays blocked by deny-by-default (DAK-6758).
6178
];
6279

6380
// Endpoints that store one or more memories — used to apply the memory cap.

docker/playground/proxy/proxy.test.js

Lines changed: 18 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -100,6 +100,21 @@ test('allow-list permits sandbox-safe endpoints', () => {
100100
assert.ok(isAllowed('GET', '/v1/memories/mem_9/graph'));
101101
});
102102

103+
// DAK-6891: new endpoints for PR#252 features (ChatMemorySession, Entity Extraction,
104+
// Agent Memory Listing).
105+
test('allow-list permits DAK-6891 new endpoints', () => {
106+
// ChatMemorySession scenario
107+
assert.ok(isAllowed('POST', '/v1/sessions/start'));
108+
assert.ok(isAllowed('POST', '/v1/sessions/sess_abc123/end'));
109+
assert.ok(isAllowed('GET', '/v1/sessions/sess_abc123'));
110+
// Entity Extraction scenario
111+
assert.ok(isAllowed('POST', '/v1/memories/extract'));
112+
// Agent Memory Listing (API explorer)
113+
assert.ok(isAllowed('GET', '/v1/agent/memories'));
114+
// Hybrid Search still uses /v1/memory/search (existing) — no separate /hybrid route
115+
assert.ok(isAllowed('POST', '/v1/memory/search'));
116+
});
117+
103118
// DAK-6758: the allow-list methods must match the engine route table
104119
// (crates/api/src/lib.rs), or the proxy 403s (wrong proxy method) or the engine
105120
// 405s (wrong engine method) — breaking playground scenarios 4 and 5.
@@ -115,10 +130,10 @@ test('allow-list methods match engine routes (DAK-6758)', () => {
115130
// knowledge/graph is POST-only in the engine (lib.rs:483); GET was dead.
116131
assert.ok(isAllowed('POST', '/v1/knowledge/graph'));
117132
assert.ok(!isAllowed('GET', '/v1/knowledge/graph'));
118-
// {id}/links: POST-only link creation (lib.rs:449). GET stays blocked (no
119-
// read route). POST is now allowed — required by all SDK quickstarts (DAK-6776).
133+
// {id}/links is POST-only link creation (a mutation) — no read route exists,
134+
// so it must stay blocked by deny-by-default.
120135
assert.ok(!isAllowed('GET', '/v1/memories/mem_1/links'));
121-
assert.ok(isAllowed('POST', '/v1/memories/mem_1/links'));
136+
assert.ok(!isAllowed('POST', '/v1/memories/mem_1/links'));
122137
});
123138

124139
test('allow-list denies admin/delete/bulk/forget by default', () => {

0 commit comments

Comments
 (0)