feat: 支持 ONLYOFFICE 持久化配置管理

- 添加 SettingsRenderForm schema 和 renderForm 字段 - 实现数据库 schema 自动迁移（onlyoffice_enabled, onlyoffice_public_url, onlyoffice_jwt_secret_encrypted） - 新增 resolve_onlyoffice_settings() 函数支持运行时配置解析 - 知识库服务改用数据库配置替代运行时配置 - 前端添加文件渲染配置页面，支持 JWT 密钥管理 - 完善相关测试覆盖
2026-05-09 08:02:01 +00:00
parent 94122fd34b
commit 4fbd313f35
14 changed files with 735 additions and 314 deletions
--- a/server/tests/test_settings_persistence.py
+++ b/server/tests/test_settings_persistence.py
@@ -35,7 +35,7 @@ def build_temp_secret_dir() -> Path:
    return Path(tempfile.mkdtemp(prefix="xf-settings-test-"))


-def test_settings_service_persists_non_secret_and_secret_fields(monkeypatch) -> None:
+def test_settings_service_persists_non_secret_and_secret_fields(monkeypatch) -> None:
    temp_dir = build_temp_secret_dir()
    monkeypatch.setattr(secret_box, "SECRET_KEY_FILE", temp_dir / "settings.key")
    monkeypatch.setattr(Base.metadata, "create_all", lambda *args, **kwargs: None)
@@ -51,30 +51,44 @@ def test_settings_service_persists_non_secret_and_secret_fields(monkeypatch) ->
        payload["adminForm"]["adminEmail"] = "admin@example.com"
        payload["adminForm"]["newPassword"] = "54321"
        payload["adminForm"]["confirmPassword"] = "54321"
-        payload["llmForm"]["mainModel"] = "glm-4.5"
-        payload["llmForm"]["mainApiKey"] = "main-secret"
-        payload["mailForm"]["password"] = "smtp-secret"
-
-        saved_snapshot = service.save_settings_snapshot(SettingsWrite(**payload))
+        payload["llmForm"]["mainModel"] = "glm-4.5"
+        payload["llmForm"]["mainApiKey"] = "main-secret"
+        payload["renderForm"]["enabled"] = True
+        payload["renderForm"]["publicUrl"] = "http://10.10.10.122:8082"
+        payload["renderForm"]["jwtSecret"] = "change-me-onlyoffice"
+        payload["mailForm"]["password"] = "smtp-secret"
+
+        saved_snapshot = service.save_settings_snapshot(SettingsWrite(**payload))

        assert saved_snapshot.companyForm.companyName == "YGSOFT"
        assert saved_snapshot.companyForm.displayName == "云广软件"
-        assert saved_snapshot.llmForm.mainModel == "glm-4.5"
-        assert saved_snapshot.llmForm.mainApiKey == ""
-        assert saved_snapshot.llmForm.mainApiKeyConfigured is True
-        assert saved_snapshot.mailForm.password == ""
-        assert saved_snapshot.mailForm.passwordConfigured is True
-        assert saved_snapshot.adminForm.newPassword == ""
+        assert saved_snapshot.llmForm.mainModel == "glm-4.5"
+        assert saved_snapshot.llmForm.mainApiKey == ""
+        assert saved_snapshot.llmForm.mainApiKeyConfigured is True
+        assert saved_snapshot.renderForm.enabled is True
+        assert saved_snapshot.renderForm.publicUrl == "http://10.10.10.122:8082"
+        assert saved_snapshot.renderForm.jwtSecret == ""
+        assert saved_snapshot.renderForm.jwtSecretConfigured is True
+        assert saved_snapshot.mailForm.password == ""
+        assert saved_snapshot.mailForm.passwordConfigured is True
+        assert saved_snapshot.adminForm.newPassword == ""
        assert saved_snapshot.adminForm.adminPasswordConfigured is True
-
-        model_row = db.get(SystemModelSetting, "main")
-        assert model_row is not None
-        assert model_row.model_name == "glm-4.5"
-        assert model_row.api_key_encrypted
-
-        assert service.load_saved_model_api_key("main") == "main-secret"
-        assert service.verify_admin_login("admin-root", "54321") is not None
-        assert service.verify_admin_login("admin@example.com", "54321") is not None
+
+        model_row = db.get(SystemModelSetting, "main")
+        settings_row = db.get(SystemSetting, "default")
+        secrets_row = db.get(SystemSettingSecret, "default")
+        assert model_row is not None
+        assert model_row.model_name == "glm-4.5"
+        assert model_row.api_key_encrypted
+        assert settings_row is not None
+        assert settings_row.onlyoffice_enabled is True
+        assert settings_row.onlyoffice_public_url == "http://10.10.10.122:8082"
+        assert secrets_row is not None
+        assert secrets_row.onlyoffice_jwt_secret_encrypted
+
+        assert service.load_saved_model_api_key("main") == "main-secret"
+        assert service.verify_admin_login("admin-root", "54321") is not None
+        assert service.verify_admin_login("admin@example.com", "54321") is not None


 def test_blank_secret_input_does_not_clear_saved_secret(monkeypatch) -> None: