Draft: Authorize container for ai chat feature
What does this MR do and why?
The resources processed by the AI chat feature must belong to a namespace hierarchy whose root namespace subscribes to the Ultimate plan as of this writing. Moreover, the user using the feature must belong to the namespace (group or project) that houses the resource.
This MR updates the helper class Authorize
to check the described conditions.
How to set up and validate locally
Make sure you have the usual access/setup for working with AI features.
-
Create a new user.
-
Create a new group owned by the user that's using the Ultimate Plan (simulate SaaS.)
Also create a project and add a new issue with a comment.
- Make sure that the new group does have the experimental AI + third party AI feature enabled.
(Authority
did previously checked for experimental AI + third party AI features.)
Group.last.namespace_settings.update(experiment_features_enabled: true, third_party_ai_features_enabled: true)
- Ask the ai chat service to summarize the new issue as the usual
root
user.
Run:
new_issue = Issue.last # the new issue created in the new group
root = User.first
content = "Summarize the issue #{new_issue.to_reference(full: true)}"
response = Llm::ExecuteMethodService.new(root, root, :chat, { sync: true, content: content }).execute
Make sure the issue cannot be found. It should be failing because root
is not a member of the project housing the new issue.
#<ServiceResponse:0x0000000165d54d80
@http_status=:ok,
@message=nil,
@payload=
{:request_id=>"0c8f00b7-743a-4bd7-9616-2c604c4c66ca",
:role=>"assistant",
:content=>"I am sorry, I am unable to find the issue you are looking for.",
:errors=>["I am sorry, I am unable to find the issue you are looking for."]},
- Add
root
to the newly created group and retry the summary request.
The service should return a summary:
=> #<ServiceResponse:0x0000000177654460
@http_status=:ok,
@message=nil,
@payload=
{:request_id=>"360e0eab-4665-4212-bf9b-a76c7513d96d",
:role=>"assistant",
:content=>
"Here is the summary for issue ultimate-group/project-a#1:\n\n## Economy, oil price, and housing are the main topics discussed in the comments. \n- The economy is tanking. \n- The oil price is soaring. \n- The housing is costly.",
:errors=>[]},
@reason=nil,
@status=:success>
- Now downgrade the newly created group's plan to the Premium plan.
The same summary request should return a message saying the specified issue cannot be found.
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.