Conversation
dosubot
bot
added
the
size:M
|
Related Documentation Checked 1 published document(s) in 1 knowledge base(s). No updates required. How did I do? Any feedback? |
Soulter
changed the title
![sourcery-ai[bot]](https://avatars.githubusercontent.com/in/48477?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
Hey - 我发现了 1 个问题,并留下了一些整体性的反馈:
_check_admin_permission辅助函数在python.py和shell.py中都有重复实现;建议把它移动到一个共享模块或工具函数中,这样可以让权限逻辑集中管理,更便于维护。_check_admin_permission返回的错误信息现在不再区分本地和非本地执行(例如之前是“Local shell execution”,现在是“Shell execution”);如果这种区分对用户很重要,建议根据被调用的具体工具对消息进行参数化。
给 AI 代理的提示词
Please address the comments from this code review:
## Overall Comments
- `_check_admin_permission` 辅助函数在 `python.py` 和 `shell.py` 中都有重复实现;建议把它移动到一个共享模块或工具函数中,这样可以让权限逻辑集中管理,更便于维护。
- `_check_admin_permission` 返回的错误信息现在不再区分本地和非本地执行(例如之前是“Local shell execution”,现在是“Shell execution”);如果这种区分对用户很重要,建议根据被调用的具体工具对消息进行参数化。
## Individual Comments
### Comment 1
<location> `astrbot/core/computer/tools/python.py:81-84` </location>
<code_context>
async def call(
self, context: ContextWrapper[AstrAgentContext], code: str, silent: bool = False
) -> ToolExecResult:
+ if permission_error := _check_admin_permission(context):
+ return permission_error
sb = await get_booter(
</code_context>
<issue_to_address>
**issue (bug_risk):** `call` 方法被标注为返回 `ToolExecResult`,但在权限检查失败时现在可能会返回一个普通字符串。
由于 `_check_admin_permission` 的返回类型是 `str | None`,这些 `call` 方法现在在某些情况下会返回一个裸的 `str`,而不是声明的 `ToolExecResult`。除非 `ToolExecResult` 明确允许 `str`,否则这会破坏函数的契约,并且可能会让期望获得结构化结果的调用方感到困惑。请将该错误包装成一个符合 `ToolExecResult` 结构的值,或者扩展 `ToolExecResult` 以包含这种情况,并相应地更新调用方。
</issue_to_address>帮我变得更有用!请对每条评论点 👍 或 👎,我会根据这些反馈改进之后的评审。
Original comment in English
Hey - I've found 1 issue, and left some high level feedback:
- The
_check_admin_permissionhelper is duplicated in bothpython.pyandshell.py; consider moving it to a shared module or utility to keep the permission logic centralized and easier to maintain. - The error message returned from
_check_admin_permissionno longer distinguishes between local and non-local execution (e.g., previously "Local shell execution" vs now "Shell execution"); if that distinction is important to users, consider parameterizing the message based on the specific tool being called.
Prompt for AI Agents
Please address the comments from this code review:
## Overall Comments
- The `_check_admin_permission` helper is duplicated in both `python.py` and `shell.py`; consider moving it to a shared module or utility to keep the permission logic centralized and easier to maintain.
- The error message returned from `_check_admin_permission` no longer distinguishes between local and non-local execution (e.g., previously "Local shell execution" vs now "Shell execution"); if that distinction is important to users, consider parameterizing the message based on the specific tool being called.
## Individual Comments
### Comment 1
<location> `astrbot/core/computer/tools/python.py:81-84` </location>
<code_context>
async def call(
self, context: ContextWrapper[AstrAgentContext], code: str, silent: bool = False
) -> ToolExecResult:
+ if permission_error := _check_admin_permission(context):
+ return permission_error
sb = await get_booter(
</code_context>
<issue_to_address>
**issue (bug_risk):** The `call` method is annotated to return `ToolExecResult` but can now return a plain string on permission failure.
Because `_check_admin_permission` returns `str | None`, these `call` methods now sometimes return a bare `str` instead of the annotated `ToolExecResult`. Unless `ToolExecResult` explicitly permits `str`, this breaks the function’s contract and may confuse callers expecting a structured result. Please either wrap the error in a `ToolExecResult`-shaped value or extend `ToolExecResult` to include this case and update callers accordingly.
</issue_to_address>Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.
Comment on lines
81
to
+84
| async def call( | ||
| self, context: ContextWrapper[AstrAgentContext], code: str, silent: bool = False | ||
| ) -> ToolExecResult: | ||
| if permission_error := _check_admin_permission(context): |
Contributor
There was a problem hiding this comment.
issue (bug_risk): call 方法被标注为返回 ToolExecResult,但在权限检查失败时现在可能会返回一个普通字符串。
由于 _check_admin_permission 的返回类型是 str | None,这些 call 方法现在在某些情况下会返回一个裸的 str,而不是声明的 ToolExecResult。除非 ToolExecResult 明确允许 str,否则这会破坏函数的契约,并且可能会让期望获得结构化结果的调用方感到困惑。请将该错误包装成一个符合 ToolExecResult 结构的值,或者扩展 ToolExecResult 以包含这种情况,并相应地更新调用方。
Original comment in English
issue (bug_risk): The call method is annotated to return ToolExecResult but can now return a plain string on permission failure.
Because _check_admin_permission returns str | None, these call methods now sometimes return a bare str instead of the annotated ToolExecResult. Unless ToolExecResult explicitly permits str, this breaks the function’s contract and may confuse callers expecting a structured result. Please either wrap the error in a ToolExecResult-shaped value or extend ToolExecResult to include this case and update callers accordingly.
dosubot
bot
added
the
area:core
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Modifications / 改动点
Screenshots or Test Results / 运行截图或测试结果
Checklist / 检查清单
requirements.txt和pyproject.toml文件相应位置。/ I have ensured that no new dependencies are introduced, OR if new dependencies are introduced, they have been added to the appropriate locations inrequirements.txtandpyproject.toml.Summary by Sourcery
将 Python 和 shell 的 computer-use 工具置于可配置的仅管理员权限之下,并在提供方配置元数据中暴露该设置。
新功能:
computer_use_require_admin,用于控制 Python 和 shell 的 computer-use 工具是否需要 AstrBot 管理员权限。增强:
Original summary in English
Summary by Sourcery
Gate Python and shell computer-use tools behind configurable admin-only permissions and expose the setting in provider configuration metadata.
New Features:
computer_use_require_adminto control whether Python and shell computer-use tools require AstrBot admin privileges.Enhancements: