feat: initialize managed portal

2026-04-27 10:04:36 +08:00
commit d4e351df71
145 changed files with 13425 additions and 0 deletions
--- a/internal/server/managed_handlers_test.go
+++ b/internal/server/managed_handlers_test.go
@@ -0,0 +1,271 @@
+package server
+
+import (
+	"bytes"
+	"encoding/json"
+	"io"
+	"net/http"
+	"net/http/httptest"
+	"strings"
+	"testing"
+
+	"managed-portal/internal/managed"
+)
+
+type fakeDockerRuntime struct {
+	statusByContainer map[string]string
+	restarted         []string
+}
+
+type roundTripFunc func(req *http.Request) (*http.Response, error)
+
+func (fn roundTripFunc) RoundTrip(req *http.Request) (*http.Response, error) {
+	return fn(req)
+}
+
+func (f *fakeDockerRuntime) GetContainerStatus(containerName string) (string, error) {
+	if status, ok := f.statusByContainer[containerName]; ok {
+		return status, nil
+	}
+	return "unknown", nil
+}
+
+func (f *fakeDockerRuntime) RestartContainer(containerName string) error {
+	f.restarted = append(f.restarted, containerName)
+	return nil
+}
+
+func TestManagedServicesHandlers(t *testing.T) {
+	t.Parallel()
+
+	storeConfigPath := "/srv/store/config/local.yaml"
+	storeRTSP := "rtsp://store-old/stream"
+
+	srv := New(nil)
+	registry := &managed.Registry{
+		Services: []managed.Service{{
+			ID:            "store_dwell_alert",
+			DisplayName:   "Store Dwell Alert",
+			ProjectType:   "store_dwell_alert",
+			ProjectRoot:   "/srv/store",
+			ContainerName: "store-dwell-alert",
+			ServiceName:   "store-dwell-alert",
+			APIBaseURL:    "http://managed.invalid/store",
+			ResultType:    "store_dwell_alert",
+		}, {
+			ID:            "people_flow_project",
+			DisplayName:   "People Flow Project",
+			ProjectType:   "people_flow_project",
+			ProjectRoot:   "/srv/people",
+			ContainerName: "people-flow-project",
+			ServiceName:   "people-flow-project",
+			APIBaseURL:    "http://managed.invalid/people",
+			ResultType:    "people_flow_project",
+		}},
+	}
+
+	client := &http.Client{Transport: roundTripFunc(func(r *http.Request) (*http.Response, error) {
+		response := func(status int, body any) (*http.Response, error) {
+			data, err := json.Marshal(body)
+			if err != nil {
+				return nil, err
+			}
+			return &http.Response{
+				StatusCode: status,
+				Header:     make(http.Header),
+				Body:       io.NopCloser(bytes.NewReader(data)),
+			}, nil
+		}
+
+		switch {
+		case r.Method == http.MethodGet && r.URL.Path == "/store/api/manage/config":
+			return response(http.StatusOK, map[string]any{
+				"config_path": storeConfigPath,
+				"stream":      map[string]any{"rtsp_url": storeRTSP},
+			})
+		case r.Method == http.MethodPut && r.URL.Path == "/store/api/manage/config":
+			var payload map[string]string
+			if err := json.NewDecoder(r.Body).Decode(&payload); err != nil {
+				t.Fatalf("decode store config update: %v", err)
+			}
+			storeRTSP = payload["rtsp_url"]
+			return response(http.StatusOK, map[string]any{
+				"config_path": storeConfigPath,
+				"stream":      map[string]any{"rtsp_url": storeRTSP},
+			})
+		case r.Method == http.MethodGet && r.URL.Path == "/store/api/manage/summary":
+			return response(http.StatusOK, managed.ResultSummary{
+				ResultType:     "store_dwell_alert",
+				Headline:       "Latest report shows 2 active customers, longest dwell 850s",
+				LastResultTime: "2026-04-16T09:30:00+08:00",
+				Metrics: map[string]any{
+					"longest_dwell_seconds": 850,
+				},
+			})
+		case r.Method == http.MethodGet && r.URL.Path == "/store/api/manage/files":
+			return response(http.StatusOK, map[string]any{
+				"files": []managed.ResultFile{{
+					Path: "logs/events.jsonl",
+					Name: "events.jsonl",
+				}},
+			})
+		case r.Method == http.MethodGet && r.URL.Path == "/store/api/manage/files/preview":
+			return response(http.StatusOK, managed.FilePreview{
+				Path:  "logs/events.jsonl",
+				Lines: []string{"preview"},
+				Count: 1,
+			})
+		case r.Method == http.MethodGet && r.URL.Path == "/store/api/manage/files/download":
+			return &http.Response{
+				StatusCode: http.StatusOK,
+				Header: http.Header{
+					"Content-Disposition": []string{`attachment; filename="events.jsonl"`},
+				},
+				Body: io.NopCloser(strings.NewReader("store-download")),
+			}, nil
+		case r.Method == http.MethodGet && r.URL.Path == "/people/api/manage/config":
+			return response(http.StatusOK, map[string]any{
+				"config_path": "/srv/people/config/local.yaml",
+				"runtime":     map[string]any{"rtsp_url": "rtsp://people-old/stream"},
+			})
+		case r.Method == http.MethodGet && r.URL.Path == "/people/api/manage/summary":
+			return response(http.StatusOK, managed.ResultSummary{
+				ResultType:     "people_flow_project",
+				Headline:       "Latest window counted 5 people",
+				LastResultTime: "2026-04-16T09:00:00+08:00",
+				Metrics: map[string]any{
+					"recent_window_stats": []map[string]any{{"total_people": 5}},
+				},
+			})
+		case r.Method == http.MethodGet && r.URL.Path == "/people/api/manage/files":
+			return response(http.StatusOK, map[string]any{"files": []managed.ResultFile{}})
+		default:
+			t.Fatalf("unexpected child request: %s %s", r.Method, r.URL.String())
+			return nil, nil
+		}
+	})}
+
+	docker := &fakeDockerRuntime{
+		statusByContainer: map[string]string{
+			"store-dwell-alert":   "running",
+			"people-flow-project": "stopped",
+		},
+	}
+	srv.managedManager = managed.NewManager(registry, docker, managed.NewRemoteClient(client))
+
+	t.Run("GET /api/managed-services", func(t *testing.T) {
+		recorder := httptest.NewRecorder()
+		req := httptest.NewRequest(http.MethodGet, "/api/managed-services", nil)
+		srv.engine.ServeHTTP(recorder, req)
+
+		if recorder.Code != http.StatusOK {
+			t.Fatalf("status = %d body = %s", recorder.Code, recorder.Body.String())
+		}
+
+		var payload struct {
+			Services []managed.ServiceState `json:"services"`
+		}
+		if err := json.Unmarshal(recorder.Body.Bytes(), &payload); err != nil {
+			t.Fatalf("json.Unmarshal() error = %v", err)
+		}
+		if len(payload.Services) != 2 {
+			t.Fatalf("len(services) = %d", len(payload.Services))
+		}
+		if payload.Services[0].RTSP == "" {
+			t.Fatalf("expected RTSP in list response")
+		}
+	})
+
+	t.Run("GET /api/managed-services/:id", func(t *testing.T) {
+		recorder := httptest.NewRecorder()
+		req := httptest.NewRequest(http.MethodGet, "/api/managed-services/store_dwell_alert", nil)
+		srv.engine.ServeHTTP(recorder, req)
+
+		if recorder.Code != http.StatusOK {
+			t.Fatalf("status = %d body = %s", recorder.Code, recorder.Body.String())
+		}
+		if !strings.Contains(recorder.Body.String(), "longest_dwell_seconds") {
+			t.Fatalf("detail response missing summary metrics: %s", recorder.Body.String())
+		}
+	})
+
+	t.Run("PUT /api/managed-services/:id/config", func(t *testing.T) {
+		recorder := httptest.NewRecorder()
+		body := bytes.NewBufferString(`{"rtsp_url":"rtsp://store-new/stream"}`)
+		req := httptest.NewRequest(http.MethodPut, "/api/managed-services/store_dwell_alert/config", body)
+		req.Header.Set("Content-Type", "application/json")
+		srv.engine.ServeHTTP(recorder, req)
+
+		if recorder.Code != http.StatusOK {
+			t.Fatalf("status = %d body = %s", recorder.Code, recorder.Body.String())
+		}
+		if storeRTSP != "rtsp://store-new/stream" {
+			t.Fatalf("storeRTSP = %q", storeRTSP)
+		}
+	})
+
+	t.Run("POST /api/managed-services/:id/restart", func(t *testing.T) {
+		recorder := httptest.NewRecorder()
+		req := httptest.NewRequest(http.MethodPost, "/api/managed-services/people_flow_project/restart", nil)
+		srv.engine.ServeHTTP(recorder, req)
+
+		if recorder.Code != http.StatusOK {
+			t.Fatalf("status = %d body = %s", recorder.Code, recorder.Body.String())
+		}
+		if len(docker.restarted) != 1 || docker.restarted[0] != "people-flow-project" {
+			t.Fatalf("restarted = %#v", docker.restarted)
+		}
+	})
+
+	t.Run("GET /api/managed-services/:id/results/summary", func(t *testing.T) {
+		recorder := httptest.NewRecorder()
+		req := httptest.NewRequest(http.MethodGet, "/api/managed-services/store_dwell_alert/results/summary", nil)
+		srv.engine.ServeHTTP(recorder, req)
+
+		if recorder.Code != http.StatusOK {
+			t.Fatalf("status = %d body = %s", recorder.Code, recorder.Body.String())
+		}
+		if !strings.Contains(recorder.Body.String(), "active customers") {
+			t.Fatalf("summary response = %s", recorder.Body.String())
+		}
+	})
+
+	t.Run("GET /api/managed-services/:id/results/files", func(t *testing.T) {
+		recorder := httptest.NewRecorder()
+		req := httptest.NewRequest(http.MethodGet, "/api/managed-services/store_dwell_alert/results/files", nil)
+		srv.engine.ServeHTTP(recorder, req)
+
+		if recorder.Code != http.StatusOK {
+			t.Fatalf("status = %d body = %s", recorder.Code, recorder.Body.String())
+		}
+		if !strings.Contains(recorder.Body.String(), "events.jsonl") {
+			t.Fatalf("files response missing expected file: %s", recorder.Body.String())
+		}
+	})
+
+	t.Run("GET /api/managed-services/:id/results/preview", func(t *testing.T) {
+		recorder := httptest.NewRecorder()
+		req := httptest.NewRequest(http.MethodGet, "/api/managed-services/store_dwell_alert/results/preview?path=logs/events.jsonl&lines=1", nil)
+		srv.engine.ServeHTTP(recorder, req)
+
+		if recorder.Code != http.StatusOK {
+			t.Fatalf("status = %d body = %s", recorder.Code, recorder.Body.String())
+		}
+		if !strings.Contains(recorder.Body.String(), "preview") {
+			t.Fatalf("preview response = %s", recorder.Body.String())
+		}
+	})
+
+	t.Run("GET /api/managed-services/:id/results/download", func(t *testing.T) {
+		recorder := httptest.NewRecorder()
+		req := httptest.NewRequest(http.MethodGet, "/api/managed-services/store_dwell_alert/results/download?path=logs/events.jsonl", nil)
+		srv.engine.ServeHTTP(recorder, req)
+
+		if recorder.Code != http.StatusOK {
+			t.Fatalf("status = %d body = %s", recorder.Code, recorder.Body.String())
+		}
+		if got := recorder.Body.String(); got != "store-download" {
+			t.Fatalf("download body = %q", got)
+		}
+	})
+}
--- a/internal/server/server.go
+++ b/internal/server/server.go
@@ -0,0 +1,223 @@
+package server
+
+import (
+	"errors"
+	"io"
+	"net/http"
+	"os"
+	"strconv"
+	"strings"
+
+	"github.com/gin-contrib/cors"
+	"github.com/gin-gonic/gin"
+
+	"managed-portal/internal/config"
+	"managed-portal/internal/managed"
+	"managed-portal/internal/webdevice"
+)
+
+type Server struct {
+	cfg            *config.Config
+	engine         *gin.Engine
+	managedManager *managed.Manager
+	webDeviceSvc   *webdevice.Service
+}
+
+func New(cfg *config.Config) *Server {
+	if cfg == nil {
+		cfg = config.Load()
+	}
+
+	engine := gin.New()
+	engine.Use(gin.Logger(), gin.Recovery())
+	engine.Use(cors.Default())
+
+	srv := &Server{
+		cfg:    cfg,
+		engine: engine,
+	}
+	srv.managedManager = managed.NewManager(loadRegistry(cfg.RegistryPath), nil, nil)
+	srv.webDeviceSvc = webdevice.NewService()
+	srv.registerRoutes()
+	return srv
+}
+
+func (s *Server) registerRoutes() {
+	api := s.engine.Group("/api")
+	api.GET("/health", func(c *gin.Context) {
+		c.JSON(http.StatusOK, gin.H{"status": "ok"})
+	})
+	api.GET("/managed-services", s.listManagedServices)
+	api.GET("/managed-services/:id", s.getManagedService)
+	api.PUT("/managed-services/:id/config", s.updateManagedServiceConfig)
+	api.POST("/managed-services/:id/restart", s.restartManagedService)
+	api.GET("/managed-services/:id/results/summary", s.getManagedServiceSummary)
+	api.GET("/managed-services/:id/results/files", s.listManagedServiceFiles)
+	api.GET("/managed-services/:id/results/preview", s.previewManagedServiceFile)
+	api.GET("/managed-services/:id/results/download", s.downloadManagedServiceFile)
+	api.GET("/web-devices/scan", s.scanWebDevices)
+	s.engine.Any("/proxy/web/:ip/*proxyPath", s.proxyWebDevice)
+}
+
+func (s *Server) Engine() *gin.Engine {
+	return s.engine
+}
+
+func (s *Server) Start() error {
+	return s.engine.Run(s.cfg.HTTPAddr)
+}
+
+func loadRegistry(path string) *managed.Registry {
+	registry, err := managed.LoadRegistry(path)
+	if err != nil {
+		return managed.EmptyRegistry()
+	}
+	return registry
+}
+
+func (s *Server) listManagedServices(c *gin.Context) {
+	c.JSON(http.StatusOK, gin.H{
+		"services": s.managedManager.List(),
+	})
+}
+
+func (s *Server) getManagedService(c *gin.Context) {
+	service, err := s.managedManager.Detail(c.Param("id"))
+	if err != nil {
+		s.handleManagedError(c, err)
+		return
+	}
+	c.JSON(http.StatusOK, gin.H{"service": service})
+}
+
+func (s *Server) updateManagedServiceConfig(c *gin.Context) {
+	var req struct {
+		RTSPURL string `json:"rtsp_url"`
+		RTSP    string `json:"rtsp"`
+	}
+	if err := c.ShouldBindJSON(&req); err != nil {
+		c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
+		return
+	}
+
+	rtsp := strings.TrimSpace(req.RTSPURL)
+	if rtsp == "" {
+		rtsp = strings.TrimSpace(req.RTSP)
+	}
+
+	service, err := s.managedManager.UpdateRTSP(c.Param("id"), rtsp)
+	if err != nil {
+		s.handleManagedError(c, err)
+		return
+	}
+	c.JSON(http.StatusOK, gin.H{"service": service})
+}
+
+func (s *Server) restartManagedService(c *gin.Context) {
+	service, err := s.managedManager.Restart(c.Param("id"))
+	if err != nil {
+		s.handleManagedError(c, err)
+		return
+	}
+	c.JSON(http.StatusOK, gin.H{"service": service})
+}
+
+func (s *Server) getManagedServiceSummary(c *gin.Context) {
+	summary, err := s.managedManager.Summary(c.Param("id"))
+	if err != nil {
+		s.handleManagedError(c, err)
+		return
+	}
+	c.JSON(http.StatusOK, gin.H{"summary": summary})
+}
+
+func (s *Server) listManagedServiceFiles(c *gin.Context) {
+	files, err := s.managedManager.Files(c.Param("id"))
+	if err != nil {
+		s.handleManagedError(c, err)
+		return
+	}
+	c.JSON(http.StatusOK, gin.H{"files": files})
+}
+
+func (s *Server) previewManagedServiceFile(c *gin.Context) {
+	lines := 2000
+	if raw := strings.TrimSpace(c.Query("lines")); raw != "" {
+		parsed, err := strconv.Atoi(raw)
+		if err != nil || parsed <= 0 {
+			c.JSON(http.StatusBadRequest, gin.H{"error": "lines 参数必须为正整数"})
+			return
+		}
+		if parsed > 2000 {
+			parsed = 2000
+		}
+		lines = parsed
+	}
+
+	preview, err := s.managedManager.PreviewFile(c.Param("id"), c.Query("path"), lines)
+	if err != nil {
+		s.handleManagedError(c, err)
+		return
+	}
+	c.JSON(http.StatusOK, preview)
+}
+
+func (s *Server) downloadManagedServiceFile(c *gin.Context) {
+	resp, err := s.managedManager.Download(c.Request.Context(), c.Param("id"), c.Query("path"))
+	if err != nil {
+		s.handleManagedError(c, err)
+		return
+	}
+	defer resp.Body.Close()
+
+	if contentType := resp.Header.Get("Content-Type"); contentType != "" {
+		c.Header("Content-Type", contentType)
+	}
+	if contentDisposition := resp.Header.Get("Content-Disposition"); contentDisposition != "" {
+		c.Header("Content-Disposition", contentDisposition)
+	}
+	if _, err := io.Copy(c.Writer, resp.Body); err != nil {
+		c.JSON(http.StatusInternalServerError, gin.H{"error": "读取文件失败"})
+		return
+	}
+}
+
+func (s *Server) handleManagedError(c *gin.Context, err error) {
+	switch {
+	case errors.Is(err, managed.ErrServiceNotFound):
+		c.JSON(http.StatusNotFound, gin.H{"error": "被管理服务不存在"})
+	case os.IsNotExist(err):
+		c.JSON(http.StatusNotFound, gin.H{"error": err.Error()})
+	case strings.Contains(err.Error(), "rtsp url"):
+		c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
+	case strings.Contains(err.Error(), "invalid file path"):
+		c.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
+	default:
+		c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
+	}
+}
+
+func (s *Server) scanWebDevices(c *gin.Context) {
+	result, err := s.webDeviceSvc.Scan(c.Request)
+	if err != nil {
+		c.JSON(http.StatusInternalServerError, gin.H{"error": "获取网卡信息失败: " + err.Error()})
+		return
+	}
+	c.JSON(http.StatusOK, result)
+}
+
+func (s *Server) proxyWebDevice(c *gin.Context) {
+	err := s.webDeviceSvc.ProxyHTTP(c.Writer, c.Request, c.Param("ip"), c.Param("proxyPath"))
+	switch {
+	case err == nil:
+		return
+	case errors.Is(err, webdevice.ErrInvalidTargetIP):
+		c.JSON(http.StatusBadRequest, gin.H{"error": "仅支持内网IPv4地址"})
+	case errors.Is(err, webdevice.ErrTargetNotAllowed):
+		c.JSON(http.StatusForbidden, gin.H{"error": "目标IP未在扫描结果中，请先扫描网页设备"})
+	case errors.Is(err, webdevice.ErrInvalidProxyURL):
+		c.JSON(http.StatusInternalServerError, gin.H{"error": "代理目标无效"})
+	default:
+		c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
+	}
+}
--- a/internal/server/server_test.go
+++ b/internal/server/server_test.go
@@ -0,0 +1,23 @@
+package server
+
+import (
+	"net/http"
+	"net/http/httptest"
+	"strings"
+	"testing"
+)
+
+func TestHealth(t *testing.T) {
+	srv := New(nil)
+	req := httptest.NewRequest(http.MethodGet, "/api/health", nil)
+	rec := httptest.NewRecorder()
+
+	srv.Engine().ServeHTTP(rec, req)
+
+	if rec.Code != http.StatusOK {
+		t.Fatalf("status = %d, want %d", rec.Code, http.StatusOK)
+	}
+	if body := rec.Body.String(); !strings.Contains(body, `"status":"ok"`) {
+		t.Fatalf("unexpected body: %s", body)
+	}
+}
--- a/internal/server/webdevice_handlers_test.go
+++ b/internal/server/webdevice_handlers_test.go
@@ -0,0 +1,83 @@
+package server
+
+import (
+	"net/http"
+	"net/http/httptest"
+	"strings"
+	"testing"
+
+	"managed-portal/internal/webdevice"
+)
+
+func TestWebDeviceHandlers(t *testing.T) {
+	t.Parallel()
+
+	t.Run("GET /api/web-devices/scan", func(t *testing.T) {
+		srv := New(nil)
+		svc := webdevice.NewService()
+		svc.SetInterfaceGetter(func() ([]webdevice.InterfaceInfo, error) {
+			return []webdevice.InterfaceInfo{{
+				Name:    "eth0",
+				IP:      "10.8.0.14",
+				Netmask: "255.255.255.0",
+			}}, nil
+		})
+		svc.SetTCPScanner(func(ip, netmask string, port int, excludeIPs map[string]bool) ([]webdevice.TCPDevice, error) {
+			return []webdevice.TCPDevice{{IP: "192.168.1.124", Port: 80}}, nil
+		})
+		svc.SetForwarderFactory(func(ip string, port int, listenAddress, targetAddress string) (*webdevice.WebDeviceForwarder, error) {
+			return nil, nil
+		})
+		srv.webDeviceSvc = svc
+
+		recorder := httptest.NewRecorder()
+		req := httptest.NewRequest(http.MethodGet, "http://10.8.0.14:13000/api/web-devices/scan", nil)
+		srv.engine.ServeHTTP(recorder, req)
+
+		if recorder.Code != http.StatusOK {
+			t.Fatalf("status = %d body = %s", recorder.Code, recorder.Body.String())
+		}
+		if !strings.Contains(recorder.Body.String(), "192.168.1.124") {
+			t.Fatalf("scan response = %s", recorder.Body.String())
+		}
+	})
+
+	t.Run("ANY /proxy/web/:ip/*proxyPath rejects unscanned IP", func(t *testing.T) {
+		srv := New(nil)
+
+		recorder := httptest.NewRecorder()
+		req := httptest.NewRequest(http.MethodGet, "http://portal/proxy/web/192.168.1.124/", nil)
+		srv.engine.ServeHTTP(recorder, req)
+
+		if recorder.Code != http.StatusForbidden {
+			t.Fatalf("status = %d body = %s", recorder.Code, recorder.Body.String())
+		}
+	})
+
+	t.Run("ANY /proxy/web/:ip/*proxyPath proxies allowed IP", func(t *testing.T) {
+		upstream := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+			w.Header().Set("Content-Type", "text/html")
+			_, _ = w.Write([]byte(`<html><head></head><body><img src="/doc/logo.png"></body></html>`))
+		}))
+		defer upstream.Close()
+
+		srv := New(nil)
+		svc := webdevice.NewService()
+		svc.AllowIP("192.168.1.124")
+		svc.SetProxyTargetResolver(func(ip string) string {
+			return upstream.URL
+		})
+		srv.webDeviceSvc = svc
+
+		recorder := httptest.NewRecorder()
+		req := httptest.NewRequest(http.MethodGet, "http://portal/proxy/web/192.168.1.124/", nil)
+		srv.engine.ServeHTTP(recorder, req)
+
+		if recorder.Code != http.StatusOK {
+			t.Fatalf("status = %d body = %s", recorder.Code, recorder.Body.String())
+		}
+		if !strings.Contains(recorder.Body.String(), "/proxy/web/192.168.1.124/doc/logo.png") {
+			t.Fatalf("proxy response = %s", recorder.Body.String())
+		}
+	})
+}