feat: 扩展风险规则体系、审批动态路由与预算中心列表化改造

- 新增 25+ 条风险规则（预算/报销/申请/通用类），完善风险规则模拟与反馈发布机制 - 引入费用审批动态路由、平台风险分级、预审与风险阶段管理 - 预算中心列表化改造，优化票据夹仪表盘与数字员工工作看板 - 新增 Hermes 风险线索收集器、Agent 链路追踪中心 - 扩展数字员工能力库（18 个领域 Skill）与交通费用自动预估 - 完善报销申请快速预览、权限控制与前端测试覆盖
2026-06-01 17:07:14 +08:00
parent 7989f3a159
commit 92444e7eae
285 changed files with 25075 additions and 2986 deletions
--- a/server/tests/test_risk_rule_revision_endpoints.py
+++ b/server/tests/test_risk_rule_revision_endpoints.py
@@ -14,6 +14,8 @@ from app.main import create_app
 from app.models.agent_asset import AgentAsset
 from app.schemas.agent_asset import AgentAssetRiskRuleGenerateRequest
 from app.services.agent_asset_rule_library import AgentAssetRuleLibraryManager
+from app.services.agent_asset_risk_rule_regeneration import AgentAssetRiskRuleRegenerationService
+from app.services.agent_assets import AgentAssetService
 from app.services.risk_rule_generation import RiskRuleGenerationService


@@ -111,6 +113,95 @@ def test_create_risk_rule_revision_endpoint_keeps_active_version(tmp_path) -> No
    assert payload["config_json"]["last_operation"]["action"] == "create_revision"


+def test_regenerate_risk_rule_endpoint_returns_updated_detail(tmp_path, monkeypatch) -> None:
+    client, session_factory = build_client()
+    asset_id = _create_rule(session_factory, tmp_path)
+
+    def fake_regenerate(self, target_asset_id, body, *, actor, request_id=None):
+        del body, request_id
+        asset = self.db.get(AgentAsset, target_asset_id)
+        assert asset is not None
+        config = dict(asset.config_json or {})
+        config["generation_status"] = "completed"
+        config["last_operation"] = {"action": "regenerate", "actor": actor, "at": "2026-05-30T00:00:00+00:00"}
+        asset.config_json = config
+        self.db.add(asset)
+        self.db.flush()
+        return asset
+
+    monkeypatch.setattr(AgentAssetRiskRuleRegenerationService, "regenerate", fake_regenerate)
+
+    response = client.post(
+        f"/api/v1/agent-assets/{asset_id}/risk-rules/regenerate",
+        headers=_finance_headers(),
+        json={"natural_language": "差旅票据城市与申报目的地不一致时要求补充说明。"},
+    )
+
+    assert response.status_code == 200
+    payload = response.json()
+    assert payload["config_json"]["generation_status"] == "completed"
+    assert payload["config_json"]["last_operation"]["action"] == "regenerate"
+
+
+def test_risk_rule_admin_only_actions_block_non_admin_users(tmp_path) -> None:
+    client, session_factory = build_client()
+    asset_id = _create_rule(session_factory, tmp_path)
+
+    generate_response = client.post(
+        "/api/v1/agent-assets/risk-rules/generate",
+        headers=_finance_headers(),
+        json={
+            "business_domain": "expense",
+            "expense_category": "travel",
+            "rule_title": "普通财务新建规则",
+            "natural_language": "差旅票据城市与申报目的地不一致时提示风险。",
+        },
+    )
+    assert generate_response.status_code == 403
+
+    simulate_response = client.post(
+        f"/api/v1/agent-assets/{asset_id}/risk-rule-tests/simulate",
+        headers=_finance_headers(),
+        json={"message": "测试一张差旅票据。"},
+    )
+    assert simulate_response.status_code == 403
+
+    delete_response = client.delete(
+        f"/api/v1/agent-assets/{asset_id}",
+        headers=_manager_headers(),
+    )
+    assert delete_response.status_code == 403
+
+
+def test_manager_can_toggle_risk_rule_enabled_endpoint(tmp_path, monkeypatch) -> None:
+    client, session_factory = build_client()
+    asset_id = _create_rule(session_factory, tmp_path)
+
+    def fake_toggle(self, target_asset_id, *, enabled, actor, request_id=None):
+        del request_id
+        asset = self.db.get(AgentAsset, target_asset_id)
+        assert asset is not None
+        config = dict(asset.config_json or {})
+        config["enabled"] = bool(enabled)
+        config["last_operation"] = {"action": "offline", "actor": actor}
+        asset.config_json = config
+        self.db.add(asset)
+        self.db.flush()
+        return asset
+
+    monkeypatch.setattr(AgentAssetService, "set_risk_rule_enabled", fake_toggle)
+
+    response = client.post(
+        f"/api/v1/agent-assets/{asset_id}/risk-rule-enabled",
+        headers=_manager_headers(),
+        json={"enabled": False},
+    )
+
+    assert response.status_code == 200
+    assert response.json()["config_json"]["enabled"] is False
+    assert response.json()["config_json"]["last_operation"]["actor"] == "manager"
+
+
 def _create_rule(session_factory: sessionmaker[Session], tmp_path) -> str:
    with session_factory() as db:
        return RiskRuleGenerationService(
@@ -147,3 +238,12 @@ def _finance_headers() -> dict[str, str]:
        "x-auth-role-codes": "finance",
        "x-actor": "finance",
    }
+
+
+def _manager_headers() -> dict[str, str]:
+    return {
+        "x-auth-username": "manager",
+        "x-auth-name": "manager",
+        "x-auth-role-codes": "manager",
+        "x-actor": "manager",
+    }