Sources: "Check source" read-only spot-check action
Per Codex — a per-row Check button that previews a LIVE source on demand,
intentionally read-only and ephemeral.
* POST /api/admin/sources/{id}/preview — admin-gated, safe-fetch + heuristic
preview (reuses the candidate preview path), returns the result. Mutates
NOTHING: no DB write, no poll attempt, no health/state change. 404 on missing.
* UI: per-row Check button with a Checking… state; results in an inline row
under the source (sampled, would-pass %, recent-7d, example accept/skip
headlines) with dismiss; inline error on failure. "Checked just now" is
local UI state only. Heuristic v1 — model deep-check left for later.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
@@ -198,3 +198,18 @@ def test_export_sources_csv_escapes_formula_injection(tmp_path, monkeypatch):
|
||||
assert "'=HYPERLINK" in body # leading apostrophe defuses the formula (CSV may quote the cell)
|
||||
assert "'+danger" in body
|
||||
assert ",=HYPERLINK" not in body # never written as a bare, evaluable formula cell
|
||||
|
||||
|
||||
def test_source_check_preview_is_readonly(tmp_path, monkeypatch):
|
||||
app, api = _make(tmp_path, monkeypatch, admin_email="boss@x.com")
|
||||
monkeypatch.setattr(api.feeds, "preview_feed", lambda url, **k: {"url": url, "sampled": 8, "accepted": 6})
|
||||
tc = _signin(app, api, "boss@x.com")
|
||||
before = _src(tc)
|
||||
r = tc.post("/api/admin/sources/1/preview").json()
|
||||
assert r["sampled"] == 8 and r["accepted"] == 6
|
||||
after = _src(tc)
|
||||
# read-only: no state/health change, no poll attempt recorded
|
||||
assert after["status"] == before["status"] and after["served"] == before["served"]
|
||||
assert after["last_success_at"] == before["last_success_at"] and after["next_due_at"] == before["next_due_at"]
|
||||
assert TestClient(app).post("/api/admin/sources/1/preview").status_code == 401 # gated
|
||||
assert tc.post("/api/admin/sources/999/preview").status_code == 404
|
||||
|
||||
Reference in New Issue
Block a user