Merge remote-tracking branch 'upstream/dev' into feat/obsidian-plugin

surfsense_web/lib/apis/anonymous-chat-api.service.ts

@@ -12,6 +12,10 @@ import { ValidationError } from "../error";
 
 const BASE = "/api/v1/public/anon-chat";
 
+export type AnonUploadResult =
+	| { ok: true; data: { filename: string; size_bytes: number } }
+	| { ok: false; reason: "quota_exceeded" };
+
 class AnonymousChatApiService {
 	private baseUrl: string;
 
@@ -71,7 +75,7 @@ class AnonymousChatApiService {
 		});
 	};
 
-	uploadDocument = async (file: File): Promise<{ filename: string; size_bytes: number }> => {
+	uploadDocument = async (file: File): Promise<AnonUploadResult> => {
 		const formData = new FormData();
 		formData.append("file", file);
 		const res = await fetch(this.fullUrl("/upload"), {
@@ -79,11 +83,15 @@ class AnonymousChatApiService {
 			credentials: "include",
 			body: formData,
 		});
+		if (res.status === 409) {
+			return { ok: false, reason: "quota_exceeded" };
+		}
 		if (!res.ok) {
 			const body = await res.json().catch(() => ({}));
 			throw new Error(body.detail || `Upload failed: ${res.status}`);
 		}
-		return res.json();
+		const data = await res.json();
+		return { ok: true, data };
 	};
 
 	getDocument = async (): Promise<{ filename: string; size_bytes: number } | null> => {

surfsense_web/lib/apis/base-api.service.ts

@@ -1,4 +1,5 @@
 import type { ZodType } from "zod";
+import { getClientPlatform } from "../agent-filesystem";
 import { getBearerToken, handleUnauthorized, refreshAccessToken } from "../auth-utils";
 import {
 	AbortedError,
@@ -75,6 +76,8 @@ class BaseApiService {
 			const defaultOptions: RequestOptions = {
 				headers: {
 					Authorization: `Bearer ${this.bearerToken || ""}`,
+					"X-SurfSense-Client-Platform":
+						typeof window === "undefined" ? "web" : getClientPlatform(),
 				},
 				method: "GET",
 				responseType: ResponseType.JSON,

surfsense_web/lib/apis/connectors-api.service.ts

@@ -414,16 +414,8 @@ class ConnectorsApiService {
 	 * Subsequent calls to this tool will skip HITL approval.
 	 */
 	trustMCPTool = async (connectorId: number, toolName: string): Promise<void> => {
-		const backendUrl = process.env.NEXT_PUBLIC_FASTAPI_BACKEND_URL || "http://localhost:8000";
-		const token =
-			typeof window !== "undefined" ? document.cookie.match(/fapiToken=([^;]+)/)?.[1] : undefined;
-		await fetch(`${backendUrl}/api/v1/connectors/mcp/${connectorId}/trust-tool`, {
-			method: "POST",
-			headers: {
-				"Content-Type": "application/json",
-				...(token ? { Authorization: `Bearer ${token}` } : {}),
-			},
-			body: JSON.stringify({ tool_name: toolName }),
+		await baseApiService.post(`/api/v1/connectors/mcp/${connectorId}/trust-tool`, undefined, {
+			body: { tool_name: toolName },
 		});
 	};
 
@@ -431,16 +423,8 @@ class ConnectorsApiService {
 	 * Remove a tool from the MCP connector's "Always Allow" list.
 	 */
 	untrustMCPTool = async (connectorId: number, toolName: string): Promise<void> => {
-		const backendUrl = process.env.NEXT_PUBLIC_FASTAPI_BACKEND_URL || "http://localhost:8000";
-		const token =
-			typeof window !== "undefined" ? document.cookie.match(/fapiToken=([^;]+)/)?.[1] : undefined;
-		await fetch(`${backendUrl}/api/v1/connectors/mcp/${connectorId}/untrust-tool`, {
-			method: "POST",
-			headers: {
-				"Content-Type": "application/json",
-				...(token ? { Authorization: `Bearer ${token}` } : {}),
-			},
-			body: JSON.stringify({ tool_name: toolName }),
+		await baseApiService.post(`/api/v1/connectors/mcp/${connectorId}/untrust-tool`, undefined, {
+			body: { tool_name: toolName },
 		});
 	};