Skip to content

feat: add database tables and API routes for agentic chat feature #17570

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 18 commits into from
May 2, 2025
Merged

feat: add database tables and API routes for agentic chat feature #17570

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
18 commits
Select commit Hold shift + click to select a range
f762a76
Initial chat schema
kylecarbs Apr 9, 2025
dd506e6
And we have chat!
kylecarbs Apr 9, 2025
d848a94
Add more MCP stuff
kylecarbs Apr 10, 2025
1134736
Add tools
kylecarbs Apr 10, 2025
6a583e0
Add tool invocation stories stuff
kylecarbs Apr 10, 2025
725d738
Add more tools
kylecarbs Apr 16, 2025
9068d8b
Improve chat
kylecarbs Apr 19, 2025
10b534c
chore: make gen, fmt, lint
johnstcn Apr 25, 2025
3faa0b4
site: remove chat-related changes for separate PR
johnstcn Apr 28, 2025
7a5c2d2
coderd/rbac: update chat rbac
johnstcn Apr 29, 2025
d3f1cf4
coderd/database: only generate ID at database side, order messages by…
johnstcn Apr 30, 2025
d9aab39
fix(coderd/database): fix down migration and add fixture
johnstcn Apr 30, 2025
8071f9c
chore: add experiment agentic-chat, add tests for chat API routes
johnstcn May 1, 2025
40c3d5e
chore: update kylecarbs/aisdk-go to v0.0.8
johnstcn May 2, 2025
3cf8f60
fix(coderd/ai): support overriding base URL for OpenAI provider, requ…
johnstcn May 2, 2025
ccefabe
fix(coderd): avoid serializing null message content in postChatMessages
johnstcn May 2, 2025
05fa48d
fix(coderd): chat: avoid panic if no messages are accumulated
johnstcn May 2, 2025
8481ad5
fix(coderd): chat: do not pass tools to model for generating chat title
johnstcn May 2, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
coderd/rbac: update chat rbac
  • Loading branch information
@johnstcn
johnstcn committed May 2, 2025
commit 7a5c2d24cf18892f7f75144d46f7cdbe5acf35a7
35 changes: 17 additions & 18 deletions coderd/database/dbauthz/dbauthz.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1270,10 +1270,7 @@ func (q *querier) DeleteApplicationConnectAPIKeysByUserID(ctx context.Context, u
}

func (q *querier) DeleteChat(ctx context.Context, id uuid.UUID) error {
if err := q.authorizeContext(ctx, policy.ActionDelete, rbac.ResourceChat.WithID(id)); err != nil {
return err
}
return q.db.DeleteChat(ctx, id)
return deleteQ(q.log, q.auth, q.db.GetChatByID, q.db.DeleteChat)(ctx, id)
}

func (q *querier) DeleteCoordinator(ctx context.Context, id uuid.UUID) error {
Expand Down Expand Up @@ -1694,24 +1691,19 @@ func (q *querier) GetAuthorizationUserRoles(ctx context.Context, userID uuid.UUI
}

func (q *querier) GetChatByID(ctx context.Context, id uuid.UUID) (database.Chat, error) {
if err := q.authorizeContext(ctx, policy.ActionRead, rbac.ResourceChat.WithID(id)); err != nil {
return database.Chat{}, err
}
return q.db.GetChatByID(ctx, id)
return fetch(q.log, q.auth, q.db.GetChatByID)(ctx, id)
}

func (q *querier) GetChatMessagesByChatID(ctx context.Context, chatID uuid.UUID) ([]database.ChatMessage, error) {
if err := q.authorizeContext(ctx, policy.ActionRead, rbac.ResourceChat.WithID(chatID)); err != nil {
c, err := q.GetChatByID(ctx, chatID)
if err != nil {
return nil, err
}
return q.db.GetChatMessagesByChatID(ctx, chatID)
return q.db.GetChatMessagesByChatID(ctx, c.ID)
}

func (q *querier) GetChatsByOwnerID(ctx context.Context, ownerID uuid.UUID) ([]database.Chat, error) {
if err := q.authorizeContext(ctx, policy.ActionRead, rbac.ResourceChat); err != nil {
return nil, err
}
return q.db.GetChatsByOwnerID(ctx, ownerID)
return fetchWithPostFilter(q.auth, policy.ActionRead, q.db.GetChatsByOwnerID)(ctx, ownerID)
}

func (q *querier) GetCoordinatorResumeTokenSigningKey(ctx context.Context) (string, error) {
Expand Down Expand Up @@ -3348,7 +3340,14 @@ func (q *querier) InsertChat(ctx context.Context, arg database.InsertChatParams)
}

func (q *querier) InsertChatMessages(ctx context.Context, arg database.InsertChatMessagesParams) ([]database.ChatMessage, error) {
return insert(q.log, q.auth, rbac.ResourceChat.WithID(arg.ChatID), q.db.InsertChatMessages)(ctx, arg)
c, err := q.db.GetChatByID(ctx, arg.ChatID)
if err != nil {
return nil, err
}
if err := q.authorizeContext(ctx, policy.ActionUpdate, c); err != nil {
return nil, err
}
return q.db.InsertChatMessages(ctx, arg)
}

func (q *querier) InsertCryptoKey(ctx context.Context, arg database.InsertCryptoKeyParams) (database.CryptoKey, error) {
Expand Down Expand Up @@ -4000,10 +3999,10 @@ func (q *querier) UpdateAPIKeyByID(ctx context.Context, arg database.UpdateAPIKe
}

func (q *querier) UpdateChatByID(ctx context.Context, arg database.UpdateChatByIDParams) error {
if err := q.authorizeContext(ctx, policy.ActionUpdate, rbac.ResourceChat.WithID(arg.ID)); err != nil {
return err
fetch := func(ctx context.Context, arg database.UpdateChatByIDParams) (database.Chat, error) {
return q.db.GetChatByID(ctx, arg.ID)
}
return q.db.UpdateChatByID(ctx, arg)
return update(q.log, q.auth, fetch, q.db.UpdateChatByID)(ctx, arg)
}

func (q *querier) UpdateCryptoKeyDeletesAt(ctx context.Context, arg database.UpdateCryptoKeyDeletesAtParams) (database.CryptoKey, error) {
Expand Down
73 changes: 73 additions & 0 deletions coderd/database/dbauthz/dbauthz_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5307,3 +5307,76 @@ func (s *MethodTestSuite) TestResourcesProvisionerdserver() {
}).Asserts(rbac.ResourceWorkspaceAgentDevcontainers, policy.ActionCreate)
}))
}

func (s *MethodTestSuite) TestChat() {
createChat := func(t *testing.T, db database.Store) (database.User, database.Chat, database.ChatMessage) {
t.Helper()

usr := dbgen.User(t, db, database.User{})
chat := dbgen.Chat(s.T(), db, database.Chat{
OwnerID: usr.ID,
})
msg := dbgen.ChatMessage(s.T(), db, database.ChatMessage{
ChatID: chat.ID,
})

return usr, chat, msg
}

s.Run("DeleteChat", s.Subtest(func(db database.Store, check *expects) {
_, c, _ := createChat(s.T(), db)
check.Args(c.ID).Asserts(c, policy.ActionDelete)
}))

s.Run("GetChatByID", s.Subtest(func(db database.Store, check *expects) {
_, c, _ := createChat(s.T(), db)
check.Args(c.ID).Asserts(c, policy.ActionRead).Returns(c)
}))

s.Run("GetChatMessagesByChatID", s.Subtest(func(db database.Store, check *expects) {
_, c, m := createChat(s.T(), db)
check.Args(c.ID).Asserts(c, policy.ActionRead).Returns([]database.ChatMessage{m})
}))

s.Run("GetChatsByOwnerID", s.Subtest(func(db database.Store, check *expects) {
u1, u1c1, _ := createChat(s.T(), db)
u1c2 := dbgen.Chat(s.T(), db, database.Chat{
OwnerID: u1.ID,
})
_, _, _ = createChat(s.T(), db) // other user's chat
check.Args(u1.ID).Asserts(u1c2, policy.ActionRead, u1c1, policy.ActionRead).Returns([]database.Chat{u1c1, u1c2})
}))

s.Run("InsertChat", s.Subtest(func(db database.Store, check *expects) {
usr := dbgen.User(s.T(), db, database.User{})
check.Args(database.InsertChatParams{
OwnerID: usr.ID,
Title: "test chat",
CreatedAt: dbtime.Now(),
UpdatedAt: dbtime.Now(),
}).Asserts(rbac.ResourceChat.WithOwner(usr.ID.String()), policy.ActionCreate)
}))

s.Run("InsertChatMessages", s.Subtest(func(db database.Store, check *expects) {
usr := dbgen.User(s.T(), db, database.User{})
chat := dbgen.Chat(s.T(), db, database.Chat{
OwnerID: usr.ID,
})
check.Args(database.InsertChatMessagesParams{
ChatID: chat.ID,
CreatedAt: dbtime.Now(),
Model: "test-model",
Provider: "test-provider",
Content: []byte(`[]`),
}).Asserts(chat, policy.ActionUpdate)
}))

s.Run("UpdateChatByID", s.Subtest(func(db database.Store, check *expects) {
_, c, _ := createChat(s.T(), db)
check.Args(database.UpdateChatByIDParams{
ID: c.ID,
Title: "new title",
UpdatedAt: dbtime.Now(),
}).Asserts(c, policy.ActionUpdate)
}))
}
13 changes: 13 additions & 0 deletions coderd/database/dbgen/dbgen.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -154,6 +154,19 @@ func Chat(t testing.TB, db database.Store, seed database.Chat) database.Chat {
return chat
}

func ChatMessage(t testing.TB, db database.Store, seed database.ChatMessage) database.ChatMessage {
msg, err := db.InsertChatMessages(genCtx, database.InsertChatMessagesParams{
CreatedAt: takeFirst(seed.CreatedAt, dbtime.Now()),
ChatID: takeFirst(seed.ChatID, uuid.New()),
Model: takeFirst(seed.Model, "train"),
Provider: takeFirst(seed.Provider, "thomas"),
Content: takeFirstSlice(seed.Content, []byte(`[{"text": "Choo choo!"}]`)),
})
require.NoError(t, err, "insert chat message")
require.Len(t, msg, 1, "insert one chat message did not return exactly one message")
return msg[0]
}

func WorkspaceAgentPortShare(t testing.TB, db database.Store, orig database.WorkspaceAgentPortShare) database.WorkspaceAgentPortShare {
ps, err := db.UpsertWorkspaceAgentPortShare(genCtx, database.UpsertWorkspaceAgentPortShareParams{
WorkspaceID: takeFirst(orig.WorkspaceID, uuid.New()),
Expand Down
2 changes: 2 additions & 0 deletions coderd/database/dbmem/dbmem.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8487,6 +8487,8 @@ func (q *FakeQuerier) InsertChatMessages(ctx context.Context, arg database.Inser
Content: content,
})
}

q.chatMessages = append(q.chatMessages, messages...)
return messages, nil
}

Expand Down
5 changes: 5 additions & 0 deletions coderd/database/modelmethods.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -568,3 +568,8 @@ func (m WorkspaceAgentVolumeResourceMonitor) Debounce(

return m.DebouncedUntil, false
}

func (c Chat) RBACObject() rbac.Object {
return rbac.ResourceChat.WithID(c.ID).
WithOwner(c.OwnerID.String())
}
2 changes: 2 additions & 0 deletions coderd/rbac/roles.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -299,6 +299,8 @@ func ReloadBuiltinRoles(opts *RoleOptions) {
ResourceOrganizationMember.Type: {policy.ActionRead},
// Users can create provisioner daemons scoped to themselves.
ResourceProvisionerDaemon.Type: {policy.ActionRead, policy.ActionCreate, policy.ActionRead, policy.ActionUpdate},
// Users can create, read, update, and delete their own agentic chat messages.
ResourceChat.Type: {policy.ActionCreate, policy.ActionRead, policy.ActionUpdate, policy.ActionDelete},
})...,
),
}.withCachedRegoValue()
Expand Down
31 changes: 31 additions & 0 deletions coderd/rbac/roles_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -831,6 +831,37 @@ func TestRolePermissions(t *testing.T) {
},
},
},
// Members may read their own chats.
{
Name: "CreateReadUpdateDeleteMyChats",
Actions: []policy.Action{policy.ActionCreate, policy.ActionRead, policy.ActionUpdate, policy.ActionDelete},
Resource: rbac.ResourceChat.WithOwner(currentUser.String()),
AuthorizeMap: map[bool][]hasAuthSubjects{
true: {memberMe, orgMemberMe, owner},
false: {
userAdmin, orgUserAdmin, templateAdmin,
orgAuditor, orgTemplateAdmin,
otherOrgMember, otherOrgAuditor, otherOrgUserAdmin, otherOrgTemplateAdmin,
orgAdmin, otherOrgAdmin,
},
},
},
// Only owners can create, read, update, and delete other users' chats.
{
Name: "CreateReadUpdateDeleteOtherUserChats",
Actions: []policy.Action{policy.ActionCreate, policy.ActionRead, policy.ActionUpdate, policy.ActionDelete},
Resource: rbac.ResourceChat.WithOwner(uuid.NewString()), // some other user
AuthorizeMap: map[bool][]hasAuthSubjects{
true: {owner},
false: {
memberMe, orgMemberMe,
userAdmin, orgUserAdmin, templateAdmin,
orgAuditor, orgTemplateAdmin,
otherOrgMember, otherOrgAuditor, otherOrgUserAdmin, otherOrgTemplateAdmin,
orgAdmin, otherOrgAdmin,
},
},
},
}

// We expect every permission to be tested above.
Expand Down