fix(access): verify subscription readiness with real user keys

When subscription access is requested with an explicit access_api_key, assign the subscription to the real target user, bind that user's API key to the subscription group, and probe readiness with the same key instead of falling back to a managed synthetic user.

Update the runtime/reconcile flows, adapter tests, and source-of-truth docs so subscription_ready now reflects user-visible host access rather than managed-key-only closure success.
This commit is contained in:
phamnazage-jpg
2026-06-01 09:55:11 +08:00
parent 702ae19a61
commit c588a95c7d
11 changed files with 260 additions and 24 deletions

View File

@@ -160,12 +160,18 @@
- `billing_model_source=channel_mapped`
2. subscription 场景的 gateway probe 语义必须保持:
- 最终 probe key 是宿主 managed key
- 不是外部原始 `access_api_key`
- closure artifact 必须把“请求传入的 key”和“实际探测使用的 key”分开表达
- `requested_probe_api_key` = 调用方传入原始 key
- `effective_probe_key_source=managed_subscription` = 实际 gateway probe 走宿主 managed key
- `probe_api_key` 仅继续保留给 `self_service` 向后兼容,不再用于 `subscription`
- 当请求显式提供 `requested_probe_api_key` 时:
- 最终 probe key 必须是**目标用户自己的 gateway key**
- 不能再用宿主 synthetic managed key 把 closure 伪装成 `ready`
- closure artifact 必须落 `requested_probe_api_key`
- `effective_probe_key_source=requested_probe_api_key`
- 仅当请求**没有**显式提供 `requested_probe_api_key` 时,才允许 fallback 到宿主 managed subscription key
- `effective_probe_key_source=managed_subscription`
- `probe_api_key` 仅继续保留给 `self_service` 向后兼容,不再用于 `subscription`
- 对于真实用户 subscription ready最终必须同时满足
- `GET /api/v1/subscriptions/active` 非空
- `GET /api/v1/groups/available` 可见目标 subscription group
- 目标用户自己的 key 直探 `/v1/models``/v1/chat/completions``HTTP 200`
3. 任何 live 结论都必须先确认:
- 在线 CRM 进程启动时间
@@ -208,6 +214,6 @@
- ❌ 把历史 review/task board 当当前 gate
- ❌ 把历史 PASS artifact 当当前 latest-head 真相
- ❌ 把 `/v1/models` 通过当成 completion 已通过
-把 subscription 场景原始 `access_api_key` 当成最终 probe key
- ❌ 把 `subscription` closure 里的 `requested_probe_api_key` 误读成实际 gateway probe key
-`requested_probe_api_key` 已提供时,仍然用 managed synthetic key 把 `subscription_ready` 判真
- ❌ 把旧 artifact 里的 `managed_subscription` 语义继续当成最新实现
- ❌ 把 harness 参数错误(`PACK_PATH`、容器目标、probe auth当成产品源码失败