fix(ops): 修复日志级别过滤并增强OpenAI错误诊断日志

- 移除 warn 级别下 access info 的强制入库补写，确保运行时日志级别真实生效

- 将 OpenAI fallback matched 与 passthrough 断流提示按需求降级为 info

- 为 codex_cli_only 与 instructions required 场景补充请求诊断字段（含 User-Agent）

- 出于安全考虑移除请求体预览，仅保留 request_body_size 与白名单头信息

- 新增/更新回归测试，覆盖 Forward 入口到日志落库链路

backend/internal/server/middleware/request_access_logger_test.go

@@ -201,7 +201,7 @@ func TestLogger_HealthPathSkipped(t *testing.T) {
 	}
 }
 
-func TestLogger_AccessLogStillIndexedWhenLevelWarn(t *testing.T) {
+func TestLogger_AccessLogDroppedWhenLevelWarn(t *testing.T) {
 	gin.SetMode(gin.TestMode)
 	sink := initMiddlewareTestLoggerWithLevel(t, "warn")
 
@@ -220,30 +220,9 @@ func TestLogger_AccessLogStillIndexedWhenLevelWarn(t *testing.T) {
 	}
 
 	events := sink.list()
-	if len(events) == 0 {
-		t.Fatalf("expected access log event to be indexed when level=warn")
-	}
-
-	found := false
 	for _, event := range events {
-		if event == nil || event.Message != "http request completed" {
-			continue
+		if event != nil && event.Message == "http request completed" {
+			t.Fatalf("access log should not be indexed when level=warn: %+v", event)
 		}
-		found = true
-		if event.Level != "info" {
-			t.Fatalf("event level=%q, want info", event.Level)
-		}
-		if event.Component != "http.access" && event.Fields["component"] != "http.access" {
-			t.Fatalf("event component mismatch: component=%q fields=%v", event.Component, event.Fields["component"])
-		}
-		if _, ok := event.Fields["status_code"]; !ok {
-			t.Fatalf("status_code field missing: %+v", event.Fields)
-		}
-		if _, ok := event.Fields["request_id"]; !ok {
-			t.Fatalf("request_id field missing: %+v", event.Fields)
-		}
-	}
-	if !found {
-		t.Fatalf("access log event not found")
 	}
 }