🐛 fix(ai-safety): 修正完全模式执行口径与本地工具失败判定

- 修正完全模式下 DML 与过程调用的安全提示和限制说明 - 区分连接探针失败与可恢复 SQL 执行错误，避免数据探针被误终止 - 修复本地 execute_sql 写语句结果返回 affectedRows - 补充 AI 安全、本地工具执行与 SQL 限制回归测试
2026-06-28 17:31:32 +08:00 · 2026-06-17 09:49:59 +08:00
parent 7ff3e00759
commit 3e140c1bc6
14 changed files with 254 additions and 24 deletions
--- a/internal/ai/safety/classifier_test.go
+++ b/internal/ai/safety/classifier_test.go
@@ -124,6 +124,7 @@ func TestGuard_Full(t *testing.T) {
 		{"INSERT INTO t VALUES (1)", true},
 		{"DROP TABLE t", true},
 		{"CREATE TABLE t (id INT)", true},
+		{"CALL bulk_insert_users(100000)", true},
 	}
 	for _, tt := range tests {
 		result := g.Check(tt.sql)
--- a/internal/ai/safety/guard.go
+++ b/internal/ai/safety/guard.go
@@ -51,7 +51,7 @@ func (g *Guard) isAllowed(opType ai.SQLOperationType) bool {
 	case ai.PermissionReadWrite:
 		return opType == ai.SQLOpQuery || opType == ai.SQLOpDML
 	case ai.PermissionFull:
-		return opType == ai.SQLOpQuery || opType == ai.SQLOpDML || opType == ai.SQLOpDDL
+		return true
 	default:
 		return opType == ai.SQLOpQuery
 	}