fix(分组): 强化上下文分组可信校验

- 引入 Hydrated 标记限制复用来源 - 无效上下文分组允许被新值覆盖自愈 - 更新相关单测覆盖
2026-01-10 08:40:27 +08:00
parent 2597fe78ba
commit 72f78f8a56
8 changed files with 16 additions and 4 deletions
--- a/backend/internal/repository/api_key_repo.go
+++ b/backend/internal/repository/api_key_repo.go
@@ -317,6 +317,7 @@ func groupEntityToService(g *dbent.Group) *service.Group {
 		RateMultiplier:      g.RateMultiplier,
 		IsExclusive:         g.IsExclusive,
 		Status:              g.Status,
+		Hydrated:            true,
 		SubscriptionType:    g.SubscriptionType,
 		DailyLimitUSD:       g.DailyLimitUsd,
 		WeeklyLimitUSD:      g.WeeklyLimitUsd,
--- a/backend/internal/server/middleware/api_key_auth.go
+++ b/backend/internal/server/middleware/api_key_auth.go
@@ -182,7 +182,7 @@ func setGroupContext(c *gin.Context, group *service.Group) {
 	if !service.IsGroupContextValid(group) {
 		return
 	}
-	if existing, ok := c.Request.Context().Value(ctxkey.Group).(*service.Group); ok && existing != nil && existing.ID == group.ID {
+	if existing, ok := c.Request.Context().Value(ctxkey.Group).(*service.Group); ok && existing != nil && existing.ID == group.ID && service.IsGroupContextValid(existing) {
 		return
 	}
 	ctx := context.WithValue(c.Request.Context(), ctxkey.Group, group)
--- a/backend/internal/server/middleware/api_key_auth_google_test.go
+++ b/backend/internal/server/middleware/api_key_auth_google_test.go
@@ -142,6 +142,7 @@ func TestApiKeyAuthWithSubscriptionGoogleSetsGroupContext(t *testing.T) {
 		Name:     "g1",
 		Status:   service.StatusActive,
 		Platform: service.PlatformGemini,
+		Hydrated: true,
 	}
 	user := &service.User{
 		ID:          7,
--- a/backend/internal/server/middleware/api_key_auth_test.go
+++ b/backend/internal/server/middleware/api_key_auth_test.go
@@ -26,6 +26,7 @@ func TestSimpleModeBypassesQuotaCheck(t *testing.T) {
 		ID:               42,
 		Name:             "sub",
 		Status:           service.StatusActive,
+		Hydrated:         true,
 		SubscriptionType: service.SubscriptionTypeSubscription,
 		DailyLimitUSD:    &limit,
 	}
@@ -119,6 +120,7 @@ func TestAPIKeyAuthSetsGroupContext(t *testing.T) {
 		Name:     "g1",
 		Status:   service.StatusActive,
 		Platform: service.PlatformAnthropic,
+		Hydrated: true,
 	}
 	user := &service.User{
 		ID:          7,
--- a/backend/internal/service/gateway_multiplatform_test.go
+++ b/backend/internal/service/gateway_multiplatform_test.go
@@ -1072,6 +1072,7 @@ func TestGatewayService_GroupResolution_ReusesContextGroup(t *testing.T) {
 		ID:       groupID,
 		Platform: PlatformAnthropic,
 		Status:   StatusActive,
+		Hydrated: true,
 	}
 	ctx = context.WithValue(ctx, ctxkey.Group, group)

@@ -1106,8 +1107,9 @@ func TestGatewayService_GroupResolution_IgnoresInvalidContextGroup(t *testing.T)
 	ctx := context.Background()
 	groupID := int64(42)
 	ctxGroup := &Group{
-		ID:     groupID,
-		Status: StatusActive,
+		ID:       groupID,
+		Platform: PlatformAnthropic,
+		Status:   StatusActive,
 	}
 	ctx = context.WithValue(ctx, ctxkey.Group, ctxGroup)

@@ -1153,6 +1155,7 @@ func TestGatewayService_GroupResolution_FallbackUsesLiteOnce(t *testing.T) {
 		Status:          StatusActive,
 		ClaudeCodeOnly:  true,
 		FallbackGroupID: &fallbackID,
+		Hydrated:        true,
 	}
 	fallbackGroup := &Group{
 		ID:       fallbackID,
--- a/backend/internal/service/gateway_service.go
+++ b/backend/internal/service/gateway_service.go
@@ -643,7 +643,7 @@ func (s *GatewayService) withGroupContext(ctx context.Context, group *Group) con
 	if !IsGroupContextValid(group) {
 		return ctx
 	}
-	if existing, ok := ctx.Value(ctxkey.Group).(*Group); ok && existing != nil && existing.ID == group.ID {
+	if existing, ok := ctx.Value(ctxkey.Group).(*Group); ok && existing != nil && existing.ID == group.ID && IsGroupContextValid(existing) {
 		return ctx
 	}
 	return context.WithValue(ctx, ctxkey.Group, group)
--- a/backend/internal/service/gemini_multiplatform_test.go
+++ b/backend/internal/service/gemini_multiplatform_test.go
@@ -261,6 +261,7 @@ func TestGeminiMessagesCompatService_GroupResolution_ReusesContextGroup(t *testi
 		ID:       groupID,
 		Platform: PlatformGemini,
 		Status:   StatusActive,
+		Hydrated: true,
 	}
 	ctx = context.WithValue(ctx, ctxkey.Group, group)

--- a/backend/internal/service/group.go
+++ b/backend/internal/service/group.go
@@ -10,6 +10,7 @@ type Group struct {
 	RateMultiplier float64
 	IsExclusive    bool
 	Status         string
+	Hydrated       bool // indicates the group was loaded from a trusted repository source

 	SubscriptionType    string
 	DailyLimitUSD       *float64
@@ -81,6 +82,9 @@ func IsGroupContextValid(group *Group) bool {
 	if group.ID <= 0 {
 		return false
 	}
+	if !group.Hydrated {
+		return false
+	}
 	if group.Platform == "" || group.Status == "" {
 		return false
 	}