refactor: comprehensive codebase review — security, performance, quality, UX

Security: - Fix NUT protocol command injection (validate names against safe regex) - Enable Jinja2 autoescape=True to prevent HTML injection via external data - Add WebhookProviderConfig validation model Performance: - Shared aiohttp.ClientSession singleton (replaces 40+ per-request sessions) - Fix 4 N+1 queries with batch IN loads (poller, scheduler, memory, broadcast) - asyncio.gather for Gitea commands and notification dispatcher - Add DB indexes on NotificationTrackerState.tracker_id, CommandTrackerListener - LRU cache for compiled Jinja2 templates - Daily EventLog cleanup job (90-day retention) - 30s HTTP timeout on all external calls - GROUP BY for target type counts (replaces 7 sequential queries) Code quality: - Extract get_owned_entity() helper (replaces 11 duplicate functions) - Extract slot_helpers.py (load_slots, save_slots, render_template_preview) - Extract command_utils.py (tracker lookup, last event, collection IDs) - Extract http_session.py (shared session lifecycle) - Provider connection validation dedup (3x → 1 helper) - Command dispatch tables replacing if/elif chains - Album+links fetch helper (fetch_albums_with_links) - Provider dispatch polymorphism (list_provider_collections) - Immutable _enrich_assets (no longer mutates in-place) - Fix _format_assets return type + handler unpacking Frontend: - Fix 18+ hardcoded English strings → t() with new i18n keys (en + ru) - Mobile "More" nav panel with provider filter and search - Shared Button.svelte component (4 variants, 2 sizes) - Shared ErrorBanner.svelte component (8 pages updated) - SvelteKit goto() replacing window.location.href - Dashboard grid fixed for 4 cards, paginator opacity consistency Functionality: - max_instances=1 on scheduler jobs (prevents duplicate events) - Webhook provider in watcher (prevents error spam) - Fix stale SQLModel reference in poller - Gitea get_repo() direct API call
2026-03-28 13:22:26 +03:00
parent 616b221c92
commit b803d004e1
65 changed files with 1934 additions and 1498 deletions
@@ -6,7 +6,6 @@ import hmac
 import logging
 from typing import Any

-import aiohttp
 from fastapi import APIRouter, Depends, Header, HTTPException, Request
 from sqlmodel import select
 from sqlmodel.ext.asyncio.session import AsyncSession
@@ -16,6 +15,7 @@ from notify_bridge_core.notifications.telegram.client import TelegramClient
 from ..database.engine import get_session
 from ..database.models import TelegramBot, TelegramChat
 from ..services.telegram import save_chat_from_webhook
+from .base import CommandResponse
 from .handler import handle_command, send_media_group, send_reply

 _LOGGER = logging.getLogger(__name__)
@@ -89,15 +89,13 @@ async def telegram_webhook(
            return {"ok": True, "skipped": "commands_disabled"}
        effective_lang = chat_row.language_override or msg_language
        message_id = message.get("message_id")
-        cmd_response = await handle_command(bot, chat_id, text, language_code=effective_lang)
-        if cmd_response is not None:
-            if isinstance(cmd_response, dict) and "media" in cmd_response:
-                await send_reply(bot.token, chat_id, cmd_response["text"], reply_to_message_id=message_id)
-                await send_media_group(bot.token, chat_id, cmd_response["media"], reply_to_message_id=message_id)
-            elif isinstance(cmd_response, list):
-                await send_media_group(bot.token, chat_id, cmd_response, reply_to_message_id=message_id)
-            else:
-                await send_reply(bot.token, chat_id, cmd_response, reply_to_message_id=message_id)
+        responses = await handle_command(bot, chat_id, text, language_code=effective_lang)
+        if responses:
+            for resp in responses:
+                if resp.text:
+                    await send_reply(bot.token, chat_id, resp.text, reply_to_message_id=message_id)
+                if resp.media:
+                    await send_media_group(bot.token, chat_id, resp.media, reply_to_message_id=message_id)
            return {"ok": True}

    return {"ok": True, "skipped": "not_a_command"}
@@ -105,13 +103,15 @@ async def telegram_webhook(

 async def register_webhook(bot_token: str, webhook_url: str, secret: str | None = None) -> dict:
    """Register webhook URL with Telegram Bot API via TelegramClient."""
-    async with aiohttp.ClientSession() as http:
-        client = TelegramClient(http, bot_token)
-        return await client.set_webhook(webhook_url, secret=secret)
+    from ..services.http_session import get_http_session
+    http = await get_http_session()
+    client = TelegramClient(http, bot_token)
+    return await client.set_webhook(webhook_url, secret=secret)


 async def unregister_webhook(bot_token: str) -> dict:
    """Remove webhook from Telegram Bot API via TelegramClient."""
-    async with aiohttp.ClientSession() as http:
-        client = TelegramClient(http, bot_token)
-        return await client.delete_webhook()
+    from ..services.http_session import get_http_session
+    http = await get_http_session()
+    client = TelegramClient(http, bot_token)
+    return await client.delete_webhook()