From 46bc5ca73b8e8e166321e789f47e24ede50677d2 Mon Sep 17 00:00:00 2001
From: QTom <qt@truesightai.com>
Date: Sat, 28 Mar 2026 21:56:45 +0800
Subject: [PATCH] =?UTF-8?q?feat(antigravity):=20=E4=BB=A4=E7=89=8C?=
 =?UTF-8?q?=E5=88=B7=E6=96=B0=E5=A4=B1=E8=B4=A5=E5=8F=8A=E5=88=9B=E5=BB=BA?=
 =?UTF-8?q?=E8=B4=A6=E5=8F=B7=E6=97=B6=E4=B9=9F=E8=AE=BE=E7=BD=AE=E9=9A=90?=
 =?UTF-8?q?=E7=A7=81?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- token_refresh: 不可重试错误和重试耗尽两条路径添加 ensureAntigravityPrivacy
- admin_service: CreateAccount 为 Antigravity OAuth 账号异步设置隐私

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 backend/internal/service/admin_service.go         | 13 +++++++++++++
 backend/internal/service/token_refresh_service.go |  2 ++
 2 files changed, 15 insertions(+)

diff --git a/backend/internal/service/admin_service.go b/backend/internal/service/admin_service.go
index 88c064f3..50b8d26c 100644
--- a/backend/internal/service/admin_service.go
+++ b/backend/internal/service/admin_service.go
@@ -5,6 +5,7 @@ import (
 	"errors"
 	"fmt"
 	"io"
+	"log/slog"
 	"net/http"
 	"strings"
 	"time"
@@ -1587,6 +1588,18 @@ func (s *adminServiceImpl) CreateAccount(ctx context.Context, input *CreateAccou
 		}
 	}
 
+	// Antigravity OAuth 账号：创建后异步设置隐私
+	if account.Platform == PlatformAntigravity && account.Type == AccountTypeOAuth {
+		go func() {
+			defer func() {
+				if r := recover(); r != nil {
+					slog.Error("create_account_antigravity_privacy_panic", "account_id", account.ID, "recover", r)
+				}
+			}()
+			s.EnsureAntigravityPrivacy(context.Background(), account)
+		}()
+	}
+
 	return account, nil
 }
 
diff --git a/backend/internal/service/token_refresh_service.go b/backend/internal/service/token_refresh_service.go
index d39095ea..fb2b5210 100644
--- a/backend/internal/service/token_refresh_service.go
+++ b/backend/internal/service/token_refresh_service.go
@@ -305,6 +305,7 @@ func (s *TokenRefreshService) refreshWithRetry(ctx context.Context, account *Acc
 			}
 			// 刷新失败但 access_token 可能仍有效，尝试设置隐私
 			s.ensureOpenAIPrivacy(ctx, account)
+			s.ensureAntigravityPrivacy(ctx, account)
 			return err
 		}
 
@@ -334,6 +335,7 @@ func (s *TokenRefreshService) refreshWithRetry(ctx context.Context, account *Acc
 
 	// 刷新失败但 access_token 可能仍有效，尝试设置隐私
 	s.ensureOpenAIPrivacy(ctx, account)
+	s.ensureAntigravityPrivacy(ctx, account)
 
 	// 设置临时不可调度 10 分钟（不标记 error，保持 status=active 让下个刷新周期能继续尝试）
 	until := time.Now().Add(tokenRefreshTempUnschedDuration)