feat: chat improvements, file viewer, usage fixes, and agent filesystem awareness

2026-04-16 13:42:06 +02:00
parent b6a5d169a9
commit a72eef4b82
10 changed files with 319 additions and 470 deletions
--- a/server/agent/agent.py
+++ b/server/agent/agent.py
@@ -96,6 +96,28 @@ async def _build_system_prompt(user_id: str | None = None) -> str:
        "- Keep responses concise. Prefer bullet points over long paragraphs."
    )

+    # Filesystem sandbox — tell the agent exactly where it can read/write
+    try:
+        from ..database import filesystem_whitelist_store as _fws
+        sandbox_dirs = await _fws.list()
+        if user_id:
+            from ..database import credential_store as _cs
+            from pathlib import Path as _Path
+            from ..users import get_user_by_id as _get_user
+            _user = await _get_user(user_id)
+            base = await _cs.get("system:users_base_folder")
+            if base and _user:
+                user_folder = str(_Path(base.rstrip("/")) / _user.username)
+                parts.append(f"Filesystem access: you may only read and write files inside your personal folder: {user_folder}")
+            elif sandbox_dirs:
+                dir_list = "\n".join(f"  - {e['path']}" for e in sandbox_dirs)
+                parts.append(f"Filesystem access: you may only read and write files inside these directories:\n{dir_list}")
+        elif sandbox_dirs:
+            dir_list = "\n".join(f"  - {e['path']}" for e in sandbox_dirs)
+            parts.append(f"Filesystem access: you may only read and write files inside these directories:\n{dir_list}")
+    except Exception:
+        pass
+
    if brain_auto_approve:
        parts.append(
            "2nd Brain access: you have standing permission to use the brain tool (capture, search, browse, stats) "