fe9b8ec02a
* feat: Implement multi-tenant architecture with tenant and knowledge base models - Added data models for tenants, knowledge bases, and related configurations. - Introduced role and permission management for users in the multi-tenant system. - Created a service layer for managing tenants and knowledge bases, including CRUD operations. - Developed a tenant-aware instance manager for LightRAG with caching and isolation features. - Added a migration script to transition existing workspace-based deployments to the new multi-tenant architecture. * chore: ignore lightrag/api/webui/assets/ directory * chore: stop tracking lightrag/api/webui/assets (ignore in .gitignore) * feat: Initialize LightRAG Multi-Tenant Stack with PostgreSQL - Added README.md for project overview, setup instructions, and architecture details. - Created docker-compose.yml to define services: PostgreSQL, Redis, LightRAG API, and Web UI. - Introduced env.example for environment variable configuration. - Implemented init-postgres.sql for PostgreSQL schema initialization with multi-tenant support. - Added reproduce_issue.py for testing default tenant access via API. * feat: Enhance TenantSelector and update related components for improved multi-tenant support * feat: Enhance testing capabilities and update documentation - Updated Makefile to include new test commands for various modes (compatibility, isolation, multi-tenant, security, coverage, and dry-run). - Modified API health check endpoint in Makefile to reflect new port configuration. - Updated QUICK_START.md and README.md to reflect changes in service URLs and ports. - Added environment variables for testing modes in env.example. - Introduced run_all_tests.sh script to automate testing across different modes. - Created conftest.py for pytest configuration, including database fixtures and mock services. - Implemented database helper functions for streamlined database operations in tests. - Added test collection hooks to skip tests based on the current MULTITENANT_MODE. * feat: Implement multi-tenant support with demo mode enabled by default - Added multi-tenant configuration to the environment and Docker setup. - Created pre-configured demo tenants (acme-corp and techstart) for testing. - Updated API endpoints to support tenant-specific data access. - Enhanced Makefile commands for better service management and database operations. - Introduced user-tenant membership system with role-based access control. - Added comprehensive documentation for multi-tenant setup and usage. - Fixed issues with document visibility in multi-tenant environments. - Implemented necessary database migrations for user memberships and legacy support. * feat(audit): Add final audit report for multi-tenant implementation - Documented overall assessment, architecture overview, test results, security findings, and recommendations. - Included detailed findings on critical security issues and architectural concerns. fix(security): Implement security fixes based on audit findings - Removed global RAG fallback and enforced strict tenant context. - Configured super-admin access and required user authentication for tenant access. - Cleared localStorage on logout and improved error handling in WebUI. chore(logs): Create task logs for audit and security fixes implementation - Documented actions, decisions, and next steps for both audit and security fixes. - Summarized test results and remaining recommendations. chore(scripts): Enhance development stack management scripts - Added scripts for cleaning, starting, and stopping the development stack. - Improved output messages and ensured graceful shutdown of services. feat(starter): Initialize PostgreSQL with AGE extension support - Created initialization scripts for PostgreSQL extensions including uuid-ossp, vector, and AGE. - Ensured successful installation and verification of extensions. * feat: Implement auto-select for first tenant and KB on initial load in WebUI - Removed WEBUI_INITIAL_STATE_FIX.md as the issue is resolved. - Added useTenantInitialization hook to automatically select the first available tenant and KB on app load. - Integrated the new hook into the Root component of the WebUI. - Updated RetrievalTesting component to ensure a KB is selected before allowing user interaction. - Created end-to-end tests for multi-tenant isolation and real service interactions. - Added scripts for starting, stopping, and cleaning the development stack. - Enhanced API and tenant routes to support tenant-specific pipeline status initialization. - Updated constants for backend URL to reflect the correct port. - Improved error handling and logging in various components. * feat: Add multi-tenant support with enhanced E2E testing scripts and client functionality * update client * Add integration and unit tests for multi-tenant API, models, security, and storage - Implement integration tests for tenant and knowledge base management endpoints in `test_tenant_api_routes.py`. - Create unit tests for tenant isolation, model validation, and role permissions in `test_tenant_models.py`. - Add security tests to enforce role-based permissions and context validation in `test_tenant_security.py`. - Develop tests for tenant-aware storage operations and context isolation in `test_tenant_storage_phase3.py`. * feat(e2e): Implement OpenAI model support and database reset functionality * Add comprehensive test suite for gpt-5-nano compatibility - Introduced tests for parameter normalization, embeddings, and entity extraction. - Implemented direct API testing for gpt-5-nano. - Validated .env configuration loading and OpenAI API connectivity. - Analyzed reasoning token overhead with various token limits. - Documented test procedures and expected outcomes in README files. - Ensured all tests pass for production readiness. * kg(postgres_impl): ensure AGE extension is loaded in session and configure graph initialization * dev: add hybrid dev helper scripts, Makefile, docker-compose.dev-db and local development docs * feat(dev): add dev helper scripts and local development documentation for hybrid setup * feat(multi-tenant): add detailed specifications and logs for multi-tenant improvements, including UX, backend handling, and ingestion pipeline * feat(migration): add generated tenant/kb columns, indexes, triggers; drop unused tables; update schema and docs * test(backward-compat): adapt tests to new StorageNameSpace/TenantService APIs (use concrete dummy storages) * chore: multi-tenant and UX updates — docs, webui, storage, tenant service adjustments * tests: stabilize integration tests + skip external services; fix multi-tenant API behavior and idempotency - gpt5_nano_compatibility: add pytest-asyncio markers, skip when OPENAI key missing, prevent module-level asyncio.run collection, add conftest - Ollama tests: add server availability check and skip markers; avoid pytest collection warnings by renaming helper classes - Graph storage tests: rename interactive test functions to avoid pytest collection - Document & Tenant routes: support external_ids for idempotency; ensure HTTPExceptions are re-raised - LightRAG core: support external_ids in apipeline_enqueue_documents and idempotent logic - Tests updated to match API changes (tenant routes & document routes) - Add logs and scripts for inspection and audit
104 lines
3.9 KiB
Python
104 lines
3.9 KiB
Python
import time
|
|
import os
|
|
import sys
|
|
from client import LightRAGClient, print_success, print_error, print_step
|
|
|
|
# Configuration
|
|
BASE_URL = os.getenv("LIGHTRAG_API_URL", "http://localhost:9621")
|
|
USERNAME = os.getenv("AUTH_USER", "admin")
|
|
PASSWORD = os.getenv("AUTH_PASS", "admin123")
|
|
|
|
def run_tests():
|
|
client = LightRAGClient(BASE_URL, USERNAME, PASSWORD)
|
|
client.login()
|
|
|
|
suffix = int(time.time())
|
|
tenant_name = f"Deletion_Test_Tenant_{suffix}"
|
|
kb_name = f"Deletion_Test_KB_{suffix}"
|
|
|
|
print_step("SETUP: Creating Tenant and KB")
|
|
tenant_id = client.create_tenant(tenant_name, "Deletion Test Tenant")
|
|
kb_id = client.create_kb(tenant_id, kb_name, "Deletion Test KB")
|
|
|
|
# 1. Ingest Document 1
|
|
print_step("STEP 1: Ingesting Document 1")
|
|
doc1_content = f"Project Flamingo is codenamed 'Flamingo-{suffix}'."
|
|
client.ingest_text(tenant_id, kb_id, doc1_content)
|
|
|
|
# 2. Ingest Document 2 (Control)
|
|
print_step("STEP 2: Ingesting Document 2 (Control)")
|
|
doc2_content = f"Project Eagle is codenamed 'Eagle-{suffix}'."
|
|
client.ingest_text(tenant_id, kb_id, doc2_content)
|
|
|
|
# 3. Wait for Indexing
|
|
client.wait_for_indexing(tenant_id, kb_id)
|
|
|
|
# Get Document IDs
|
|
docs = client.get_documents(tenant_id, kb_id)
|
|
doc1_id = next((d['id'] for d in docs if "Flamingo" in d.get('content_summary', '')), None)
|
|
doc2_id = next((d['id'] for d in docs if "Eagle" in d.get('content_summary', '')), None)
|
|
|
|
if not doc1_id:
|
|
# Fallback: try to find by content match if summary is truncated
|
|
print("Warning: Could not find doc1 by summary, checking all docs...")
|
|
pass
|
|
|
|
if not doc1_id or not doc2_id:
|
|
print_error("Failed to resolve document IDs")
|
|
for d in docs:
|
|
print(f"Doc: {d.get('content_summary')} ID: {d.get('id')}")
|
|
sys.exit(1)
|
|
|
|
# 4. Verify both exist
|
|
print_step("STEP 3: Verifying both documents exist")
|
|
|
|
resp1 = client.query(tenant_id, kb_id, "What is the codename for Project Flamingo?")
|
|
if ("Flamingo" in resp1 and str(suffix) in resp1) or f"Flamingo-{suffix}" in resp1:
|
|
print_success("Document 1 found.")
|
|
else:
|
|
print_error(f"Document 1 NOT found. Response: {resp1}")
|
|
sys.exit(1)
|
|
|
|
resp2 = client.query(tenant_id, kb_id, "What is the codename for Project Eagle?")
|
|
if ("Eagle" in resp2 and str(suffix) in resp2) or f"Eagle-{suffix}" in resp2:
|
|
print_success("Document 2 found.")
|
|
else:
|
|
print_error(f"Document 2 NOT found. Response: {resp2}")
|
|
sys.exit(1)
|
|
|
|
# 5. Delete Document 1
|
|
print_step("STEP 4: Deleting Document 1")
|
|
client.delete_document(tenant_id, kb_id, doc1_id)
|
|
|
|
# Wait for deletion to complete
|
|
client.wait_for_pipeline(tenant_id, kb_id)
|
|
|
|
# Clear cache to ensure fresh results
|
|
client.clear_cache(tenant_id, kb_id)
|
|
|
|
# 6. Verify Document 1 is gone
|
|
print_step("STEP 5: Verifying Document 1 is gone")
|
|
resp1_after = client.query(tenant_id, kb_id, "What is the codename for Project Flamingo?")
|
|
|
|
# We expect the answer to NOT contain the specific secret code (Flamingo-{suffix})
|
|
# It might echo the word "Flamingo" in the question, but the actual secret should not be there
|
|
secret_code = f"Flamingo-{suffix}"
|
|
if secret_code not in resp1_after:
|
|
print_success("Document 1 successfully deleted (Secret not found in answer).")
|
|
else:
|
|
print_error(f"Document 1 STILL FOUND after deletion! Response: {resp1_after}")
|
|
sys.exit(1)
|
|
|
|
# 7. Verify Document 2 still exists
|
|
print_step("STEP 6: Verifying Document 2 still exists")
|
|
resp2_after = client.query(tenant_id, kb_id, "What is the public announcement?")
|
|
if "Eagle" in resp2_after and str(suffix) in resp2_after:
|
|
print_success("Document 2 still exists.")
|
|
else:
|
|
print_error(f"Document 2 disappeared! Response: {resp2_after}")
|
|
sys.exit(1)
|
|
|
|
print_step("🎉 DELETION TESTS PASSED!")
|
|
|
|
if __name__ == "__main__":
|
|
run_tests()
|