diff --git a/src/app/api/v1/accounts/[accountId]/route.ts b/src/app/api/v1/accounts/[accountId]/route.ts index c330df5..271b837 100644 --- a/src/app/api/v1/accounts/[accountId]/route.ts +++ b/src/app/api/v1/accounts/[accountId]/route.ts @@ -1,5 +1,6 @@ import { NextRequest, NextResponse } from "next/server"; import { requireRequestSession } from "@/lib/boss-auth"; +import { jsonNoStore } from "@/lib/api-response"; import { deleteAiAccount, getAiAccount, saveAiAccount } from "@/lib/boss-data"; function isValidRole(value: string): value is "primary" | "backup" | "api_fallback" { @@ -16,14 +17,14 @@ export async function GET( ) { const session = await requireRequestSession(request); if (!session) { - return NextResponse.json({ ok: false, message: "UNAUTHORIZED" }, { status: 401 }); + return jsonNoStore({ ok: false, message: "UNAUTHORIZED" }, { status: 401 }); } const { accountId } = await context.params; const account = await getAiAccount(accountId); if (!account) { - return NextResponse.json({ ok: false, message: "AI_ACCOUNT_NOT_FOUND" }, { status: 404 }); + return jsonNoStore({ ok: false, message: "AI_ACCOUNT_NOT_FOUND" }, { status: 404 }); } - return NextResponse.json({ ok: true, account }); + return jsonNoStore({ ok: true, account }); } export async function PATCH( diff --git a/src/app/api/v1/master-agent/memories/route.ts b/src/app/api/v1/master-agent/memories/route.ts index 1ec75ad..ecfdb3d 100644 --- a/src/app/api/v1/master-agent/memories/route.ts +++ b/src/app/api/v1/master-agent/memories/route.ts @@ -1,5 +1,6 @@ import { NextRequest, NextResponse } from "next/server"; import { requireRequestSession } from "@/lib/boss-auth"; +import { jsonNoStore } from "@/lib/api-response"; import { createUserMasterMemory, listUserMasterMemories, @@ -27,7 +28,7 @@ function parseBoolean(value: string | null) { export async function GET(request: NextRequest) { const session = await requireRequestSession(request); if (!session) { - return NextResponse.json({ ok: false, message: "UNAUTHORIZED" }, { status: 401 }); + return jsonNoStore({ ok: false, message: "UNAUTHORIZED" }, { status: 401 }); } const { searchParams } = new URL(request.url); @@ -35,7 +36,7 @@ export async function GET(request: NextRequest) { const scope = searchParams.get("scope") as MasterMemoryScope | null; const projectId = searchParams.get("projectId")?.trim() || undefined; if (scope && !memoryScopes.has(scope)) { - return NextResponse.json({ ok: false, message: "INVALID_MEMORY_SCOPE" }, { status: 400 }); + return jsonNoStore({ ok: false, message: "INVALID_MEMORY_SCOPE" }, { status: 400 }); } const memories = await listUserMasterMemories(session.account, { @@ -43,7 +44,7 @@ export async function GET(request: NextRequest) { ...(scope ? { scope } : {}), ...(projectId ? { projectId } : {}), }); - return NextResponse.json({ ok: true, memories }); + return jsonNoStore({ ok: true, memories }); } export async function POST(request: NextRequest) { diff --git a/src/app/api/v1/master-agent/prompt-policy/route.ts b/src/app/api/v1/master-agent/prompt-policy/route.ts index 68e1b27..2152281 100644 --- a/src/app/api/v1/master-agent/prompt-policy/route.ts +++ b/src/app/api/v1/master-agent/prompt-policy/route.ts @@ -1,5 +1,6 @@ import { NextRequest, NextResponse } from "next/server"; import { requireRequestSession } from "@/lib/boss-auth"; +import { jsonNoStore } from "@/lib/api-response"; import { getMasterAgentPromptPolicy, updateMasterAgentPromptPolicy, @@ -10,11 +11,11 @@ export const runtime = "nodejs"; export async function GET(request: NextRequest) { const session = await requireRequestSession(request); if (!session) { - return NextResponse.json({ ok: false, message: "UNAUTHORIZED" }, { status: 401 }); + return jsonNoStore({ ok: false, message: "UNAUTHORIZED" }, { status: 401 }); } const policy = await getMasterAgentPromptPolicy(); - return NextResponse.json({ ok: true, policy }); + return jsonNoStore({ ok: true, policy }); } export async function POST(request: NextRequest) { diff --git a/src/app/api/v1/master-agent/prompt/route.ts b/src/app/api/v1/master-agent/prompt/route.ts index 57fea4e..b4d33e5 100644 --- a/src/app/api/v1/master-agent/prompt/route.ts +++ b/src/app/api/v1/master-agent/prompt/route.ts @@ -1,5 +1,6 @@ import { NextRequest, NextResponse } from "next/server"; import { requireRequestSession } from "@/lib/boss-auth"; +import { jsonNoStore } from "@/lib/api-response"; import { clearUserMasterPrompt, getUserMasterPrompt, @@ -11,11 +12,11 @@ export const runtime = "nodejs"; export async function GET(request: NextRequest) { const session = await requireRequestSession(request); if (!session) { - return NextResponse.json({ ok: false, message: "UNAUTHORIZED" }, { status: 401 }); + return jsonNoStore({ ok: false, message: "UNAUTHORIZED" }, { status: 401 }); } const prompt = await getUserMasterPrompt(session.account); - return NextResponse.json({ ok: true, prompt }); + return jsonNoStore({ ok: true, prompt }); } export async function POST(request: NextRequest) { diff --git a/src/app/api/v1/storage/config/route.ts b/src/app/api/v1/storage/config/route.ts index 1d3e77b..0f8de5e 100644 --- a/src/app/api/v1/storage/config/route.ts +++ b/src/app/api/v1/storage/config/route.ts @@ -1,5 +1,6 @@ import { NextRequest, NextResponse } from "next/server"; import { requireRequestSession } from "@/lib/boss-auth"; +import { jsonNoStore } from "@/lib/api-response"; import { getAttachmentStorageConfig, upsertAttachmentStorageConfig, @@ -18,11 +19,11 @@ export const runtime = "nodejs"; export async function GET(request: NextRequest) { const session = await requireRequestSession(request); if (!session) { - return NextResponse.json({ ok: false, message: "UNAUTHORIZED" }, { status: 401 }); + return jsonNoStore({ ok: false, message: "UNAUTHORIZED" }, { status: 401 }); } const config = await getAttachmentStorageConfig(session.account); - return NextResponse.json({ + return jsonNoStore({ ok: true, config: sanitizeAttachmentStorageConfig(config), }); diff --git a/tests/live-data-cache-headers.test.ts b/tests/live-data-cache-headers.test.ts index b6ebce8..5e540df 100644 --- a/tests/live-data-cache-headers.test.ts +++ b/tests/live-data-cache-headers.test.ts @@ -29,6 +29,11 @@ let getDeviceSkillsRoute: (typeof import("../src/app/api/v1/devices/[deviceId]/s let getDeviceEnrollmentsRoute: (typeof import("../src/app/api/v1/devices/enrollments/route"))["GET"]; let getPromptProfileRoute: (typeof import("../src/app/api/v1/projects/[projectId]/prompt-profile/route"))["GET"]; let getProjectMemoriesRoute: (typeof import("../src/app/api/v1/projects/[projectId]/memories/route"))["GET"]; +let getMasterAgentPromptPolicyRoute: (typeof import("../src/app/api/v1/master-agent/prompt-policy/route"))["GET"]; +let getMasterAgentPromptRoute: (typeof import("../src/app/api/v1/master-agent/prompt/route"))["GET"]; +let getMasterAgentMemoriesRoute: (typeof import("../src/app/api/v1/master-agent/memories/route"))["GET"]; +let getStorageConfigRoute: (typeof import("../src/app/api/v1/storage/config/route"))["GET"]; +let getAccountDetailRoute: (typeof import("../src/app/api/v1/accounts/[accountId]/route"))["GET"]; async function setup() { if (runtimeRoot) return; @@ -59,6 +64,11 @@ async function setup() { deviceEnrollmentsRoute, promptProfileRoute, projectMemoriesRoute, + masterAgentPromptPolicyRoute, + masterAgentPromptRoute, + masterAgentMemoriesRoute, + storageConfigRoute, + accountDetailRoute, dataModule, authModule, ] = @@ -84,6 +94,11 @@ async function setup() { import("../src/app/api/v1/devices/enrollments/route.ts"), import("../src/app/api/v1/projects/[projectId]/prompt-profile/route.ts"), import("../src/app/api/v1/projects/[projectId]/memories/route.ts"), + import("../src/app/api/v1/master-agent/prompt-policy/route.ts"), + import("../src/app/api/v1/master-agent/prompt/route.ts"), + import("../src/app/api/v1/master-agent/memories/route.ts"), + import("../src/app/api/v1/storage/config/route.ts"), + import("../src/app/api/v1/accounts/[accountId]/route.ts"), import("../src/lib/boss-data.ts"), import("../src/lib/boss-auth.ts"), ]); @@ -109,6 +124,11 @@ async function setup() { getDeviceEnrollmentsRoute = deviceEnrollmentsRoute.GET; getPromptProfileRoute = promptProfileRoute.GET; getProjectMemoriesRoute = projectMemoriesRoute.GET; + getMasterAgentPromptPolicyRoute = masterAgentPromptPolicyRoute.GET; + getMasterAgentPromptRoute = masterAgentPromptRoute.GET; + getMasterAgentMemoriesRoute = masterAgentMemoriesRoute.GET; + getStorageConfigRoute = storageConfigRoute.GET; + getAccountDetailRoute = accountDetailRoute.GET; createAuthSession = dataModule.createAuthSession; AUTH_SESSION_COOKIE = authModule.AUTH_SESSION_COOKIE; } @@ -261,4 +281,30 @@ test("live detail and summary routes disable cache storage", async () => { { params: Promise.resolve({ projectId: "master-agent" }) }, ); assertNoStoreHeader(projectMemoriesResponse); + + const masterAgentPromptPolicyResponse = await getMasterAgentPromptPolicyRoute( + await createAuthedRequest("http://127.0.0.1:3000/api/v1/master-agent/prompt-policy"), + ); + assertNoStoreHeader(masterAgentPromptPolicyResponse); + + const masterAgentPromptResponse = await getMasterAgentPromptRoute( + await createAuthedRequest("http://127.0.0.1:3000/api/v1/master-agent/prompt"), + ); + assertNoStoreHeader(masterAgentPromptResponse); + + const masterAgentMemoriesResponse = await getMasterAgentMemoriesRoute( + await createAuthedRequest("http://127.0.0.1:3000/api/v1/master-agent/memories?scope=global"), + ); + assertNoStoreHeader(masterAgentMemoriesResponse); + + const storageConfigResponse = await getStorageConfigRoute( + await createAuthedRequest("http://127.0.0.1:3000/api/v1/storage/config"), + ); + assertNoStoreHeader(storageConfigResponse); + + const accountDetailResponse = await getAccountDetailRoute( + await createAuthedRequest("http://127.0.0.1:3000/api/v1/accounts/main"), + { params: Promise.resolve({ accountId: "main" }) }, + ); + assertNoStoreHeader(accountDetailResponse); });