ZhenYi/gitdataai
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

chore(api): remove admin AI model CRUD routes

Browse Source 
Admin Next.js app now handles DB access directly for provider/model/
version/pricing management. Keep only health, sync, alerts, and billing.
This commit is contained in:
ZhenYi 2026-04-26 14:04:01 +08:00
parent 99ebfc14a7
commit ef767297f7
2 changed files with 3 additions and 427 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

409
libs/api/admin/ai_models.rs
View File

@ -1,409 +0,0 @@
//! Admin CRUD endpoints for AI Providers, Models, Versions, and Pricing.
//!
//! All write operations use `Session::no_op()` (system caller) which passes
//! the `require_system_caller` check in the service layer.
use actix_web::{HttpRequest, HttpResponse, Result, web};
use service::agent::provider::{CreateProviderRequest as SvcCreateProvider, UpdateProviderRequest as SvcUpdateProvider};
use service::agent::model::{CreateModelRequest as SvcCreateModel, UpdateModelRequest as SvcUpdateModel};
use service::agent::model_version::{CreateModelVersionRequest as SvcCreateVersion, UpdateModelVersionRequest as SvcUpdateVersion};
use service::agent::model_pricing::UpdateModelPricingRequest as SvcUpdatePricing;
use service::AppService;
use uuid::Uuid;
use crate::error::ApiError;
use crate::ApiResponse;
use service::error::AppError;
/// Validate the `x-admin-api-key` header against ADMIN_API_SHARED_KEY env var.
fn validate_admin_key(req: &HttpRequest) -> Result<(), ApiError> {
let expected = std::env::var("ADMIN_API_SHARED_KEY").ok();
let Some(expected) = expected else {
return Err(ApiError(AppError::InternalServerError(
"ADMIN_API_SHARED_KEY not configured".into(),
)));
};
let provided = req
.headers()
.get("x-admin-api-key")
.and_then(|v| v.to_str().ok())
.ok_or(ApiError(AppError::Unauthorized))?;
if provided != expected {
return Err(ApiError(AppError::Unauthorized));
}
Ok(())
}
// ─── Provider CRUD ─────────────────────────────────────────────────────────────
#[derive(serde::Deserialize, utoipa::ToSchema)]
pub struct AdminCreateProvider {
pub name: String,
pub display_name: String,
pub website: Option<String>,
}
#[derive(serde::Deserialize, utoipa::ToSchema)]
pub struct AdminUpdateProvider {
pub display_name: Option<String>,
pub website: Option<String>,
pub status: Option<String>,
}
#[utoipa::path(
post,
path = "/api/admin/ai/providers",
request_body = AdminCreateProvider,
responses(
(status = 200, description = "Provider created"),
(status = 401),
(status = 400),
),
tag = "Admin"
)]
pub async fn admin_provider_create(
req: HttpRequest,
service: web::Data<AppService>,
body: web::Json<AdminCreateProvider>,
) -> Result<HttpResponse, ApiError> {
validate_admin_key(&req)?;
let session = session::Session::no_op();
let svc_body = SvcCreateProvider {
name: body.name.clone(),
display_name: body.display_name.clone(),
website: body.website.clone(),
};
let resp = service.agent_provider_create(svc_body, &session).await?;
Ok(ApiResponse::ok(resp).to_response())
}
#[utoipa::path(
patch,
path = "/api/admin/ai/providers/{id}",
params(("id" = Uuid, Path)),
request_body = AdminUpdateProvider,
responses(
(status = 200, description = "Provider updated"),
(status = 401),
(status = 404),
),
tag = "Admin"
)]
pub async fn admin_provider_update(
req: HttpRequest,
service: web::Data<AppService>,
path: web::Path<Uuid>,
body: web::Json<AdminUpdateProvider>,
) -> Result<HttpResponse, ApiError> {
validate_admin_key(&req)?;
let id = path.into_inner();
let session = session::Session::no_op();
let svc_body = SvcUpdateProvider {
display_name: body.display_name.clone(),
website: body.website.clone(),
status: body.status.clone(),
};
let resp = service.agent_provider_update(id, svc_body, &session).await?;
Ok(ApiResponse::ok(resp).to_response())
}
#[utoipa::path(
delete,
path = "/api/admin/ai/providers/{id}",
params(("id" = Uuid, Path)),
responses(
(status = 200),
(status = 401),
(status = 404),
),
tag = "Admin"
)]
pub async fn admin_provider_delete(
req: HttpRequest,
service: web::Data<AppService>,
path: web::Path<Uuid>,
) -> Result<HttpResponse, ApiError> {
validate_admin_key(&req)?;
let id = path.into_inner();
let session = session::Session::no_op();
service.agent_provider_delete(id, &session).await?;
Ok(ApiResponse::ok(serde_json::json!({ "deleted": true })).to_response())
}
// ─── Model CRUD ────────────────────────────────────────────────────────────────
#[derive(serde::Deserialize, utoipa::ToSchema)]
pub struct AdminCreateModel {
pub provider_id: Uuid,
pub name: String,
pub modality: String,
pub capability: String,
pub context_length: i64,
#[serde(default)]
pub max_output_tokens: Option<i64>,
#[serde(default)]
pub training_cutoff: Option<chrono::DateTime<chrono::Utc>>,
#[serde(default)]
pub is_open_source: bool,
}
#[derive(serde::Deserialize, utoipa::ToSchema)]
pub struct AdminUpdateModel {
pub display_name: Option<String>,
pub modality: Option<String>,
pub capability: Option<String>,
pub context_length: Option<i64>,
pub max_output_tokens: Option<i64>,
pub training_cutoff: Option<chrono::DateTime<chrono::Utc>>,
#[serde(default)]
pub is_open_source: Option<bool>,
pub status: Option<String>,
}
#[utoipa::path(
post,
path = "/api/admin/ai/models",
request_body = AdminCreateModel,
responses(
(status = 200, description = "Model created"),
(status = 401),
(status = 400),
),
tag = "Admin"
)]
pub async fn admin_model_create(
req: HttpRequest,
service: web::Data<AppService>,
body: web::Json<AdminCreateModel>,
) -> Result<HttpResponse, ApiError> {
validate_admin_key(&req)?;
let session = session::Session::no_op();
let svc_body = SvcCreateModel {
provider_id: body.provider_id,
name: body.name.clone(),
modality: body.modality.clone(),
capability: body.capability.clone(),
context_length: body.context_length,
max_output_tokens: body.max_output_tokens,
training_cutoff: body.training_cutoff,
is_open_source: body.is_open_source,
};
let resp = service.agent_model_create(svc_body, &session).await?;
Ok(ApiResponse::ok(resp).to_response())
}
#[utoipa::path(
patch,
path = "/api/admin/ai/models/{id}",
params(("id" = Uuid, Path)),
request_body = AdminUpdateModel,
responses(
(status = 200, description = "Model updated"),
(status = 401),
(status = 404),
),
tag = "Admin"
)]
pub async fn admin_model_update(
req: HttpRequest,
service: web::Data<AppService>,
path: web::Path<Uuid>,
body: web::Json<AdminUpdateModel>,
) -> Result<HttpResponse, ApiError> {
validate_admin_key(&req)?;
let id = path.into_inner();
let session = session::Session::no_op();
let svc_body = SvcUpdateModel {
display_name: body.display_name.clone(),
modality: body.modality.clone(),
capability: body.capability.clone(),
context_length: body.context_length,
max_output_tokens: body.max_output_tokens,
training_cutoff: body.training_cutoff,
is_open_source: body.is_open_source,
status: body.status.clone(),
};
let resp = service.agent_model_update(id, svc_body, &session).await?;
Ok(ApiResponse::ok(resp).to_response())
}
#[utoipa::path(
delete,
path = "/api/admin/ai/models/{id}",
params(("id" = Uuid, Path)),
responses(
(status = 200),
(status = 401),
(status = 404),
),
tag = "Admin"
)]
pub async fn admin_model_delete(
req: HttpRequest,
service: web::Data<AppService>,
path: web::Path<Uuid>,
) -> Result<HttpResponse, ApiError> {
validate_admin_key(&req)?;
let id = path.into_inner();
let session = session::Session::no_op();
service.agent_model_delete(id, &session).await?;
Ok(ApiResponse::ok(serde_json::json!({ "deleted": true })).to_response())
}
// ─── Model Version CRUD ────────────────────────────────────────────────────────
#[derive(serde::Deserialize, utoipa::ToSchema)]
pub struct AdminCreateVersion {
pub model_id: Uuid,
pub version: String,
#[serde(default)]
pub release_date: Option<chrono::DateTime<chrono::Utc>>,
#[serde(default)]
pub change_log: Option<String>,
#[serde(default)]
pub is_default: bool,
}
#[derive(serde::Deserialize, utoipa::ToSchema)]
pub struct AdminUpdateVersion {
pub version: Option<String>,
pub release_date: Option<chrono::DateTime<chrono::Utc>>,
pub change_log: Option<String>,
#[serde(default)]
pub is_default: Option<bool>,
pub status: Option<String>,
}
#[utoipa::path(
post,
path = "/api/admin/ai/versions",
request_body = AdminCreateVersion,
responses(
(status = 200, description = "Version created"),
(status = 401),
(status = 400),
),
tag = "Admin"
)]
pub async fn admin_version_create(
req: HttpRequest,
service: web::Data<AppService>,
body: web::Json<AdminCreateVersion>,
) -> Result<HttpResponse, ApiError> {
validate_admin_key(&req)?;
let session = session::Session::no_op();
let svc_body = SvcCreateVersion {
model_id: body.model_id,
version: body.version.clone(),
release_date: body.release_date,
change_log: body.change_log.clone(),
is_default: body.is_default,
};
let resp = service.agent_model_version_create(svc_body, &session).await?;
Ok(ApiResponse::ok(resp).to_response())
}
#[utoipa::path(
patch,
path = "/api/admin/ai/versions/{id}",
params(("id" = Uuid, Path)),
request_body = AdminUpdateVersion,
responses(
(status = 200),
(status = 401),
(status = 404),
),
tag = "Admin"
)]
pub async fn admin_version_update(
req: HttpRequest,
service: web::Data<AppService>,
path: web::Path<Uuid>,
body: web::Json<AdminUpdateVersion>,
) -> Result<HttpResponse, ApiError> {
validate_admin_key(&req)?;
let id = path.into_inner();
let session = session::Session::no_op();
let svc_body = SvcUpdateVersion {
version: body.version.clone(),
release_date: body.release_date,
change_log: body.change_log.clone(),
is_default: body.is_default,
status: body.status.clone(),
};
let resp = service.agent_model_version_update(id, svc_body, &session).await?;
Ok(ApiResponse::ok(resp).to_response())
}
#[utoipa::path(
delete,
path = "/api/admin/ai/versions/{id}",
params(("id" = Uuid, Path)),
responses(
(status = 200),
(status = 401),
(status = 404),
),
tag = "Admin"
)]
pub async fn admin_version_delete(
req: HttpRequest,
service: web::Data<AppService>,
path: web::Path<Uuid>,
) -> Result<HttpResponse, ApiError> {
validate_admin_key(&req)?;
let id = path.into_inner();
let session = session::Session::no_op();
service.agent_model_version_delete(id, &session).await?;
Ok(ApiResponse::ok(serde_json::json!({ "deleted": true })).to_response())
}
// ─── Model Pricing CRUD ───────────────────────────────────────────────────────
#[derive(serde::Deserialize, utoipa::ToSchema)]
pub struct AdminCreatePricing {
pub model_version_id: Uuid,
pub input_price_per_1k_tokens: String,
pub output_price_per_1k_tokens: String,
pub currency: String,
pub effective_from: chrono::DateTime<chrono::Utc>,
}
#[derive(serde::Deserialize, utoipa::ToSchema)]
pub struct AdminUpdatePricing {
pub input_price_per_1k_tokens: Option<String>,
pub output_price_per_1k_tokens: Option<String>,
pub currency: Option<String>,
pub effective_from: Option<chrono::DateTime<chrono::Utc>>,
}
#[utoipa::path(
patch,
path = "/api/admin/ai/pricing/{id}",
params(("id" = i64, Path)),
request_body = AdminUpdatePricing,
responses(
(status = 200),
(status = 401),
(status = 404),
),
tag = "Admin"
)]
pub async fn admin_pricing_update(
req: HttpRequest,
service: web::Data<AppService>,
path: web::Path<i64>,
body: web::Json<AdminUpdatePricing>,
) -> Result<HttpResponse, ApiError> {
validate_admin_key(&req)?;
let id = path.into_inner();
let session = session::Session::no_op();
let svc_body = SvcUpdatePricing {
input_price_per_1k_tokens: body.input_price_per_1k_tokens.clone(),
output_price_per_1k_tokens: body.output_price_per_1k_tokens.clone(),
currency: body.currency.clone(),
effective_from: body.effective_from,
};
let resp = service.agent_model_pricing_update(id, svc_body, &session).await?;
Ok(ApiResponse::ok(resp).to_response())
}

21
libs/api/admin/mod.rs
View File

@ -1,12 +1,11 @@
//! Admin API endpoints — protected by `x-admin-api-key` header.
//!
//! These endpoints are called by the Admin Dashboard (Next.js) to perform
//! platform-wide operations that bypass normal user-session authorization.
//! Only platform-wide operations remain. AI model management is handled
//! directly by the admin Next.js app via database access.
use actix_web::web;
pub mod alerts;
pub mod ai_models;
pub mod billing;
pub mod sync;
@ -19,21 +18,7 @@ pub fn init_admin_routes(cfg: &mut web::ServiceConfig) {
.route(
"/workspaces/{slug}/add-credit",
web::post().to(billing::admin_workspace_add_credit),
)
// Provider CRUD
.route("/ai/providers", web::post().to(ai_models::admin_provider_create))
.route("/ai/providers/{id}", web::patch().to(ai_models::admin_provider_update))
.route("/ai/providers/{id}", web::delete().to(ai_models::admin_provider_delete))
// Model CRUD
.route("/ai/models", web::post().to(ai_models::admin_model_create))
.route("/ai/models/{id}", web::patch().to(ai_models::admin_model_update))
.route("/ai/models/{id}", web::delete().to(ai_models::admin_model_delete))
// Version CRUD
.route("/ai/versions", web::post().to(ai_models::admin_version_create))
.route("/ai/versions/{id}", web::patch().to(ai_models::admin_version_update))
.route("/ai/versions/{id}", web::delete().to(ai_models::admin_version_delete))
// Pricing update
.route("/ai/pricing/{id}", web::patch().to(ai_models::admin_pricing_update)),
),
);
}