fix(access): verify subscription readiness with real user keys
When subscription access is requested with an explicit access_api_key, assign the subscription to the real target user, bind that user's API key to the subscription group, and probe readiness with the same key instead of falling back to a managed synthetic user. Update the runtime/reconcile flows, adapter tests, and source-of-truth docs so subscription_ready now reflects user-visible host access rather than managed-key-only closure success.
This commit is contained in:
@@ -160,12 +160,18 @@
|
||||
- `billing_model_source=channel_mapped`
|
||||
|
||||
2. subscription 场景的 gateway probe 语义必须保持:
|
||||
- 最终 probe key 是宿主 managed key
|
||||
- 不是外部原始 `access_api_key`
|
||||
- closure artifact 必须把“请求传入的 key”和“实际探测使用的 key”分开表达:
|
||||
- `requested_probe_api_key` = 调用方传入原始 key
|
||||
- `effective_probe_key_source=managed_subscription` = 实际 gateway probe 走宿主 managed key
|
||||
- `probe_api_key` 仅继续保留给 `self_service` 向后兼容,不再用于 `subscription`
|
||||
- 当请求显式提供 `requested_probe_api_key` 时:
|
||||
- 最终 probe key 必须是**目标用户自己的 gateway key**
|
||||
- 不能再用宿主 synthetic managed key 把 closure 伪装成 `ready`
|
||||
- closure artifact 必须落 `requested_probe_api_key`
|
||||
- `effective_probe_key_source=requested_probe_api_key`
|
||||
- 仅当请求**没有**显式提供 `requested_probe_api_key` 时,才允许 fallback 到宿主 managed subscription key:
|
||||
- `effective_probe_key_source=managed_subscription`
|
||||
- `probe_api_key` 仅继续保留给 `self_service` 向后兼容,不再用于 `subscription`
|
||||
- 对于真实用户 subscription ready,最终必须同时满足:
|
||||
- `GET /api/v1/subscriptions/active` 非空
|
||||
- `GET /api/v1/groups/available` 可见目标 subscription group
|
||||
- 目标用户自己的 key 直探 `/v1/models` 与 `/v1/chat/completions` 为 `HTTP 200`
|
||||
|
||||
3. 任何 live 结论都必须先确认:
|
||||
- 在线 CRM 进程启动时间
|
||||
@@ -208,6 +214,6 @@
|
||||
- ❌ 把历史 review/task board 当当前 gate
|
||||
- ❌ 把历史 PASS artifact 当当前 latest-head 真相
|
||||
- ❌ 把 `/v1/models` 通过当成 completion 已通过
|
||||
- ❌ 把 subscription 场景原始 `access_api_key` 当成最终 probe key
|
||||
- ❌ 把 `subscription` closure 里的 `requested_probe_api_key` 误读成实际 gateway probe key
|
||||
- ❌ 在 `requested_probe_api_key` 已提供时,仍然用 managed synthetic key 把 `subscription_ready` 判真
|
||||
- ❌ 把旧 artifact 里的 `managed_subscription` 语义继续当成最新实现
|
||||
- ❌ 把 harness 参数错误(`PACK_PATH`、容器目标、probe auth)当成产品源码失败
|
||||
|
||||
Reference in New Issue
Block a user