feat(chat): Add open chat API endpoint with permissions and service

Author: LucienShui

src/api-key/api-key.entity.ts

@@ -10,6 +10,7 @@ export enum APIKeyPermissionType {
 
 export enum APIKeyPermissionTarget {
   RESOURCES = 'resources',
+  CHAT = 'chat',
 }
 
 export type APIKeyPermission = {

src/api-key/open.api-key.e2e-spec.ts

@@ -1,11 +1,106 @@
 import { TestClient } from 'test/test-client';
-import { APIKeyPermissionType } from './api-key.entity';
+import { APIKeyPermissionTarget, APIKeyPermissionType } from './api-key.entity';
 
-describe('APIKeyController (e2e)', () => {
+process.env.OBB_WIZARD_BASE_URL = 'http://localhost:8000';
+
+// Mock the WizardAPIService to avoid needing the actual wizard service during tests
+jest.mock('../wizard/api.wizard.service', () => {
+  return {
+    WizardAPIService: jest.fn().mockImplementation(() => ({
+      request: jest.fn().mockResolvedValue({ success: true }),
+      proxy: jest.fn().mockResolvedValue({ success: true }),
+      search: jest.fn().mockResolvedValue({ results: [] }),
+    })),
+  };
+});
+
+// Mock fetch for any direct fetch calls
+global.fetch = jest.fn().mockResolvedValue({
+  ok: true,
+  json: jest.fn().mockResolvedValue({ success: true }),
+  text: jest.fn().mockResolvedValue('success'),
+  status: 200,
+  body: {
+    getReader: jest.fn().mockReturnValue({
+      read: jest
+        .fn()
+        .mockResolvedValueOnce({
+          done: false,
+          value: new TextEncoder().encode(
+            'data: {"response_type":"bos","role":"assistant","id":"test-msg-id"}\n',
+          ),
+        })
+        .mockResolvedValueOnce({
+          done: false,
+          value: new TextEncoder().encode(
+            'data: {"response_type":"delta","message":{"content":"Hello"}}\n',
+          ),
+        })
+        .mockResolvedValueOnce({
+          done: false,
+          value: new TextEncoder().encode('data: {"response_type":"eos"}\n'),
+        })
+        .mockResolvedValueOnce({
+          done: false,
+          value: new TextEncoder().encode('data: {"response_type":"done"}\n'),
+        })
+        .mockResolvedValueOnce({ done: true, value: undefined }),
+      cancel: jest.fn(),
+    }),
+  },
+}) as jest.MockedFunction<typeof fetch>;
+
+describe('OpenAPIKeyController (e2e)', () => {
   let client: TestClient;
+  let chatApiKeyValue: string;
+  let noChatApiKeyValue: string;
 
   beforeAll(async () => {
     client = await TestClient.create();
+
+    // Create an API key with CHAT CREATE permissions for testing
+    const chatApiKeyData = {
+      user_id: client.user.id,
+      namespace_id: client.namespace.id,
+      attrs: {
+        root_resource_id: client.namespace.root_resource_id,
+        permissions: [
+          {
+            target: APIKeyPermissionTarget.CHAT,
+            permissions: [APIKeyPermissionType.CREATE],
+          },
+        ],
+      },
+    };
+
+    const chatResponse = await client
+      .post('/api/v1/api-keys')
+      .send(chatApiKeyData)
+      .expect(201);
+
+    chatApiKeyValue = chatResponse.body.value;
+
+    // Create an API key without CHAT permissions for negative testing
+    const noChatApiKeyData = {
+      user_id: client.user.id,
+      namespace_id: client.namespace.id,
+      attrs: {
+        root_resource_id: client.namespace.root_resource_id,
+        permissions: [
+          {
+            target: APIKeyPermissionTarget.RESOURCES,
+            permissions: [APIKeyPermissionType.READ],
+          },
+        ],
+      },
+    };
+
+    const noChatResponse = await client
+      .post('/api/v1/api-keys')
+      .send(noChatApiKeyData)
+      .expect(201);
+
+    noChatApiKeyValue = noChatResponse.body.value;
   });
 
   afterAll(async () => {

src/applications/apps/wechat-bot.ts

@@ -112,6 +112,10 @@ export class WechatBot extends BaseApp {
               APIKeyPermissionType.READ,
             ],
           },
+          {
+            target: APIKeyPermissionTarget.CHAT,
+            permissions: [APIKeyPermissionType.CREATE],
+          },
         ],
       },
     });

src/messages/messages.service.ts

@@ -138,6 +138,12 @@ export class MessagesService {
     });
   }
 
+  async findOne(id: string) {
+    return await this.messageRepository.findOneOrFail({
+      where: { id },
+    });
+  }
+
   async remove(conversationId: string, messageId: string, user: User) {
     return await this.messageRepository.softDelete({
       id: messageId,

src/wizard/dto/open-agent-request.dto.ts

@@ -0,0 +1,26 @@
+import { IsBoolean, IsNotEmpty, IsOptional, IsString } from 'class-validator';
+import {
+  PrivateSearchToolDto,
+  ToolDto,
+  WebSearchToolDto,
+} from 'omniboxd/wizard/dto/agent-request.dto';
+
+export class OpenAgentRequestDto {
+  @IsString()
+  @IsNotEmpty()
+  query: string;
+
+  tools: Array<PrivateSearchToolDto | WebSearchToolDto>;
+
+  @IsOptional()
+  @IsBoolean()
+  enable_thinking?: boolean;
+
+  @IsOptional()
+  @IsString()
+  lang?: '简体中文' | 'English';
+
+  @IsOptional()
+  @IsString()
+  parent_message_id?: string;
+}

src/wizard/open.wizard.controller.ts

@@ -5,6 +5,7 @@ import {
   UploadedFile,
   UseInterceptors,
 } from '@nestjs/common';
+import { RequestId } from 'omniboxd/decorators/request-id.decorators';
 import { WizardService } from 'omniboxd/wizard/wizard.service';
 import { CompressedCollectRequestDto } from 'omniboxd/wizard/dto/collect-request.dto';
 import { CollectResponseDto } from 'omniboxd/wizard/dto/collect-response.dto';
@@ -16,11 +17,16 @@ import {
   APIKeyPermissionType,
 } from 'omniboxd/api-key/api-key.entity';
 import { OpenCollectRequestDto } from 'omniboxd/wizard/dto/open-collect-request.dto';
+import { OpenAgentRequestDto } from 'omniboxd/wizard/dto/open-agent-request.dto';
 import { FileInterceptor } from '@nestjs/platform-express';
+import { OpenWizardService } from 'omniboxd/wizard/open.wizard.service';
 
 @Controller('open/api/v1/wizard')
 export class OpenWizardController {
-  constructor(private readonly wizardService: WizardService) {}
+  constructor(
+    private readonly wizardService: WizardService,
+    private readonly openWizardService: OpenWizardService,
+  ) {}
 
   @Post('collect')
   @APIKeyAuth({
@@ -49,4 +55,27 @@ export class OpenWizardController {
       compressedHtml,
     );
   }
+
+  @Post('ask')
+  @APIKeyAuth({
+    permissions: [
+      {
+        target: APIKeyPermissionTarget.CHAT,
+        permissions: [APIKeyPermissionType.CREATE],
+      },
+    ],
+  })
+  async ask(
+    @APIKey() apiKey: APIKeyEntity,
+    @UserId() userId: string,
+    @RequestId() requestId: string,
+    @Body() data: OpenAgentRequestDto,
+  ): Promise<any> {
+    return await this.openWizardService.ask(
+      userId,
+      apiKey.namespaceId,
+      requestId,
+      data,
+    );
+  }
 }

src/wizard/open.wizard.service.ts

@@ -0,0 +1,114 @@
+import { Injectable } from '@nestjs/common';
+import { MessagesService } from 'omniboxd/messages/messages.service';
+import { ConversationsService } from 'omniboxd/conversations/conversations.service';
+import { WizardService } from 'omniboxd/wizard/wizard.service';
+import { User } from 'omniboxd/user/entities/user.entity';
+import { OpenAgentRequestDto } from 'omniboxd/wizard/dto/open-agent-request.dto';
+import { AgentRequestDto } from 'omniboxd/wizard/dto/agent-request.dto';
+import { ChatResponse } from 'omniboxd/wizard/dto/chat-response.dto';
+
+@Injectable()
+export class OpenWizardService {
+  constructor(
+    private readonly wizardService: WizardService,
+    private readonly messagesService: MessagesService,
+    private readonly conversationsService: ConversationsService,
+  ) {}
+
+  async ask(
+    userId: string,
+    namespaceId: string,
+    requestId: string,
+    data: OpenAgentRequestDto,
+  ): Promise<any> {
+    const conversationId = await this.resolveConversationId(
+      userId,
+      namespaceId,
+      data.parent_message_id,
+    );
+
+    const agentRequest: AgentRequestDto = {
+      ...data,
+      conversation_id: conversationId,
+      namespace_id: namespaceId,
+      enable_thinking: data.enable_thinking ?? false,
+    };
+
+    const chunks: ChatResponse[] = await this.wizardService.streamService.chat(
+      userId,
+      agentRequest,
+      requestId,
+      'ask',
+    );
+
+    return this.mergeChunks(chunks);
+  }
+
+  private async resolveConversationId(
+    userId: string,
+    namespaceId: string,
+    parentMessageId?: string,
+  ): Promise<string> {
+    if (parentMessageId) {
+      // Find conversation_id from parent_message_id
+      const parentMessage = await this.messagesService.findOne(parentMessageId);
+      return parentMessage.conversationId;
+    } else {
+      // Create a new conversation
+      const user = { id: userId } as User;
+      const conversation = await this.conversationsService.create(
+        namespaceId,
+        user,
+      );
+      return conversation.id;
+    }
+  }
+
+  private mergeChunks(chunks: ChatResponse[]): any {
+    const messages: any[] = [];
+    let currentMessage: any = null;
+
+    for (const chunk of chunks) {
+      if (chunk.response_type === 'bos') {
+        const bosChunk = chunk;
+        currentMessage = {
+          id: bosChunk.id,
+          role: bosChunk.role,
+          parent_id: bosChunk.parentId,
+          message: {
+            role: bosChunk.role,
+          },
+          attrs: {},
+        };
+      } else if (chunk.response_type === 'delta' && currentMessage) {
+        const deltaChunk = chunk;
+        if (deltaChunk.message.content) {
+          currentMessage.message.content =
+            (currentMessage.message.content || '') + deltaChunk.message.content;
+        }
+        if (deltaChunk.message.reasoning_content) {
+          currentMessage.message.reasoning_content =
+            (currentMessage.message.reasoning_content || '') +
+            deltaChunk.message.reasoning_content;
+        }
+        if (deltaChunk.message.tool_calls) {
+          currentMessage.message.tool_calls = deltaChunk.message.tool_calls;
+        }
+        if (deltaChunk.message.tool_call_id) {
+          currentMessage.message.tool_call_id = deltaChunk.message.tool_call_id;
+        }
+        if (deltaChunk.attrs) {
+          currentMessage.attrs = {
+            ...currentMessage.attrs,
+            ...deltaChunk.attrs,
+          };
+        }
+      } else if (chunk.response_type === 'eos' && currentMessage) {
+        messages.push(currentMessage);
+        currentMessage = null;
+      }
+    }
+
+    return { messages };
+  }
+}

src/wizard/stream.service.ts

@@ -323,4 +323,30 @@ export class StreamService {
       );
     }
   }
+
+  async chat(
+    userId: string,
+    body: AgentRequestDto,
+    requestId: string,
+    mode: 'ask' | 'write' = 'ask',
+  ): Promise<any> {
+    const observable = await this.agentStream(userId, body, requestId, mode);
+
+    const chunks: ChatResponse[] = [];
+
+    return new Promise((resolve, reject) => {
+      observable.subscribe({
+        next: (event: MessageEvent) => {
+          const chunk: ChatResponse = JSON.parse(event.data as string);
+          chunks.push(chunk);
+        },
+        complete: () => {
+          resolve(chunks);
+        },
+        error: (error) => {
+          reject(error);
+        },
+      });
+    });
+  }
 }

src/wizard/wizard.module.ts

@@ -14,15 +14,18 @@ import { AttachmentsModule } from 'omniboxd/attachments/attachments.module';
 import { TasksModule } from 'omniboxd/tasks/tasks.module';
 import { MinioModule } from 'omniboxd/minio/minio.module';
 import { OpenWizardController } from 'omniboxd/wizard/open.wizard.controller';
+import { ConversationsModule } from 'omniboxd/conversations/conversations.module';
+import { OpenWizardService } from 'omniboxd/wizard/open.wizard.service';
 
 @Module({
-  providers: [WizardService, ChunkManagerService],
+  providers: [WizardService, ChunkManagerService, OpenWizardService],
   imports: [
     UserModule,
     NamespacesModule,
     NamespaceResourcesModule,
     TagModule,
     MessagesModule,
+    ConversationsModule,
     AttachmentsModule,
     TasksModule,
     MinioModule,