feat: add public answer sharing#3306
Conversation
There was a problem hiding this comment.
Pull request overview
Note
Copilot was unable to run its full agentic suite in this review.
Adds a “public share” feature for conversation threads, including backend endpoints to create/read immutable share snapshots and a frontend UI flow to generate and copy share links, plus tests and auth middleware updates to allow anonymous share reads.
Changes:
- Backend: introduce
/api/sharesrouter (create share from owned thread; public read by share id) and update auth middleware to allow anonymous GETs for share reads. - Frontend: add
createThreadShareAPI + types, add share button inMessageList, and add a new/share/[share_id]page for public viewing. - Tests: add backend router/auth middleware tests and a frontend unit test for the share create API.
Reviewed changes
Copilot reviewed 11 out of 11 changed files in this pull request and generated 7 comments.
Show a summary per file
| File | Description |
|---|---|
| frontend/tests/unit/core/threads/api.test.ts | Adds a unit test validating createThreadShare request payload. |
| frontend/src/core/threads/types.ts | Introduces share response types used by the frontend. |
| frontend/src/core/threads/api.ts | Adds createThreadShare API wrapper for creating a share. |
| frontend/src/components/workspace/messages/message-list.tsx | Adds share action UI per assistant turn and supporting logic. |
| frontend/src/app/share/[share_id]/page.tsx | New public share viewer page that loads and displays shared messages. |
| backend/tests/test_shares_router.py | Adds coverage for share creation, validation, and public read behavior. |
| backend/tests/test_auth_middleware.py | Adds coverage for anonymous share reads vs protected share creation. |
| backend/app/gateway/routers/shares.py | Implements share create/read endpoints and snapshot persistence. |
| backend/app/gateway/routers/init.py | Exposes the new shares router module. |
| backend/app/gateway/auth_middleware.py | Adds method+path-based public-route detection for share reads. |
| backend/app/gateway/app.py | Mounts the new shares router into the gateway app. |
|
@LittleChenLiya, we cannot publicly share the thread without the owner's permission. How do we store this permission in the system? |
|
现在公开分享权限会作为内部分享元数据持久化,包括 我也收紧了创建分享的权限边界:公开分享必须来自明确归当前用户所有的 thread,不再接受 legacy/null-owner thread 的宽松访问路径。同时新增 验证:
Addressed in 903bcf9. Public share permission is now persisted as internal share metadata, including I also tightened the creation boundary: public shares must come from a thread explicitly owned by the current user, instead of accepting the legacy/null-owner access path. I added Validation:
|
问题原因
当前聊天回答只能在登录后的原会话中查看,用户无法把某个问答片段生成可公开访问的只读链接。
修改内容
GET /api/shares/{share_id}。/share/{share_id}链接。关联 issue
Closes #3288
Problem Cause
Chat answers can currently only be viewed from the authenticated source conversation, so users cannot create a public read-only link for a selected Q&A snippet.
Changes
GET /api/shares/{share_id}./share/{share_id}link.Related Issue
Closes #3288