sarman/tftsr-devops_investigation
1
1
Fork 0
Code Issues 4 Pull Requests Actions 34 Packages Projects 3 Releases 6 Wiki Activity
249d20bf85
tftsr-devops_investigation/src-tauri/src/ai/ollama.rs
Shaun Arman a04d6fc8f5
Some checks failed
Test / frontend-typecheck (pull_request) Successful in 1m52s
Details
Test / frontend-tests (pull_request) Successful in 1m51s
Details
Test / rust-fmt-check (pull_request) Failing after 1m58s
Details
Test / rust-clippy (pull_request) Failing after 3m4s
Details
Test / rust-tests (pull_request) Successful in 4m31s
Details
PR Review Automation / review (pull_request) Successful in 4m43s
Details
fix(security): backend-only PII redaction; fix fmt CI failure 
Resolves all three findings from the second automated review and
fixes the cargo fmt --check CI failure (formatting drift in analysis.rs
from a prior merge).

[BLOCKER 1 + BLOCKER 2 + WARNING]
Frontend no longer performs any PII scanning or redaction. All three
concerns stemmed from the same root cause: outMessage was derived
on the frontend and used for display, DB storage (via lastUserMsgRef
and the chat bubble), and the AI payload — causing the original message
to be silently replaced before the backend received it.

Fix: frontend sends the original message verbatim. Backend is now the
sole authority. chat_message auto-redacts the typed message text using
PiiDetector + apply_redactions() before building the full payload, logs
the PII types via tracing::warn, and stores only the redacted form in
ai_messages and the audit log. The redacted form is returned to the
caller as ChatResponse.user_message (Option<String>, absent from direct
provider calls).

Frontend uses message (original) for the chat bubble and
lastUserMsgRef — resolution steps show natural language, not
[Password] tokens. The AI and DB see only the redacted version.

CI fix: cargo fmt applied to analysis.rs; all format checks now pass.
2026-05-31 19:36:44 -05:00

108 lines
3.1 KiB
Rust
Raw Blame History

use async_trait::async_trait;
use std::time::Duration;
use crate::ai::provider::Provider;
use crate::ai::{ChatResponse, Message, ProviderInfo, TokenUsage};
use crate::state::ProviderConfig;
pub struct OllamaProvider;
#[async_trait]
impl Provider for OllamaProvider {
fn name(&self) -> &str {
"ollama"
}
fn info(&self) -> ProviderInfo {
ProviderInfo {
name: "Ollama (Local)".to_string(),
supports_streaming: true,
models: vec![
"llama3.1".to_string(),
"llama3".to_string(),
"mistral".to_string(),
"codellama".to_string(),
"phi3".to_string(),
],
}
}
async fn chat(
&self,
messages: Vec<Message>,
config: &ProviderConfig,
_tools: Option<Vec<crate::ai::Tool>>,
) -> anyhow::Result<ChatResponse> {
let client = reqwest::Client::builder()
.timeout(Duration::from_secs(60))
.build()?;
let base_url = if config.api_url.is_empty() {
"http://localhost:11434".to_string()
} else {
config.api_url.trim_end_matches('/').to_string()
};
let url = format!("{base_url}/api/chat");
// Ollama expects {model, messages: [{role, content}], stream: false}
let api_messages: Vec<serde_json::Value> = messages
.iter()
.map(|m| {
serde_json::json!({
"role": m.role,
"content": m.content,
})
})
.collect();
let body = serde_json::json!({
"model": config.model,
"messages": api_messages,
"stream": false,
});
let resp = client
.post(&url)
.header("Content-Type", "application/json")
.json(&body)
.send()
.await?;
if !resp.status().is_success() {
let status = resp.status();
let text = resp.text().await?;
anyhow::bail!("Ollama API error {status}: {text}");
}
let json: serde_json::Value = resp.json().await?;
// Parse response.message.content
let content = json["message"]["content"]
.as_str()
.ok_or_else(|| anyhow::anyhow!("No content in Ollama response"))?
.to_string();
// Ollama provides eval_count / prompt_eval_count
let usage = {
let prompt_tokens = json["prompt_eval_count"].as_u64().unwrap_or(0) as u32;
let completion_tokens = json["eval_count"].as_u64().unwrap_or(0) as u32;
if prompt_tokens > 0 || completion_tokens > 0 {
Some(TokenUsage {
prompt_tokens,
completion_tokens,
total_tokens: prompt_tokens + completion_tokens,
})
} else {
None
}
};
Ok(ChatResponse {
content,
model: config.model.clone(),
usage,
user_message: None,
tool_calls: None,
})
}
}
Reference in New Issue View Git Blame Copy Permalink