2 Commits

Author SHA1 Message Date
wangdl
b9be87e805 test(M-AI-05): enforce cross-user Feynman authorization
Scenario 7 E2E fix:
- Asset correct HTTP 403 (was 201 in earlier draft)
- Add before/after zero-side-effect verification (7 tables)
- Add model-call-count = 0 verification (via UsageLog)
- Add stable error structure assertion (no stack/Prisma/DATABASE_URL)
- Add Legacy path behavior documentation (known limitation:
  Legacy does not accept knowledgeItemId, no ownership check)

Real call chain:
  FeynmanExecutionRouter.evaluateFeynman():121
  → FeynmanSnapshotBuilder.build():102-110
  → knowledgeItem.userId !== input.userId → ForbiddenException
  → before AiJobCreationService.createJob():124
  → NestJS → HTTP 403

Co-Authored-By: Claude <noreply@anthropic.com>
2026-06-21 17:46:14 +08:00
wangdl
8987598eb8 feat(M-AI-05): track Feynman unified engine migration implementation
23 files (+4676/-10):
- Contract: m-ai-05-feynman-migration-contract.md (737 lines)
- Gate audit: m-ai-05-gate-audit.md (318 lines)
- Job Definition + Snapshot Builder + Registration
- Executor + BusinessValidator + ReferenceValidator
- Projector (atomic transaction + 3-layer idempotency)
- ExecutionRouter (FeatureFlag + idempotencyKey)
- ObservabilityService (structured logging + counters)
- Engine: feynman_evaluation execution branch
- AiJobCreationService: feynman_evaluation safety branch
- Controller/Module: Router injection
- CI: path detection for m-ai-05
- E2E: 8 HTTP-layer scenarios (14 total)
- Unit tests: 104 new tests (5 spec files)

Co-Authored-By: Claude <noreply@anthropic.com>
2026-06-21 17:44:58 +08:00