wangdl
|
b9be87e805
|
test(M-AI-05): enforce cross-user Feynman authorization
Scenario 7 E2E fix:
- Asset correct HTTP 403 (was 201 in earlier draft)
- Add before/after zero-side-effect verification (7 tables)
- Add model-call-count = 0 verification (via UsageLog)
- Add stable error structure assertion (no stack/Prisma/DATABASE_URL)
- Add Legacy path behavior documentation (known limitation:
Legacy does not accept knowledgeItemId, no ownership check)
Real call chain:
FeynmanExecutionRouter.evaluateFeynman():121
→ FeynmanSnapshotBuilder.build():102-110
→ knowledgeItem.userId !== input.userId → ForbiddenException
→ before AiJobCreationService.createJob():124
→ NestJS → HTTP 403
Co-Authored-By: Claude <noreply@anthropic.com>
|
2026-06-21 17:46:14 +08:00 |
|