Open godgunman opened 4 years ago
I have one thing to add:
Should we allow website users inputting aiModel
and aiConfidence
in CreateArticleCategory
?
I think in the resolver we should restrict the appId
that can provide aiModel
and aiConfidence
.
We can have all our AIs under the same appId
and give different userId
to different AI models. The userId
/ appId
is designed so that each different "app" can manage their own userId
.
When AI scripts invoke CreateArticleCategory
it will send secret key to API server, which API server recognizes in checkSecret
and sets corresponding appId
for resolvers to use. This is exactly how rumors-line-bot
communicates with rumors-api
, we can re-use the mechanism to achieve server-to-server communication between our API and the AIs.
3/18 結論
CreateCategory
: 蓋一個新的 util function 決定一個人是不是 admin (另外有個檔案?),非 admin 的人呼叫的話就 errorCreateArticleCategory
: checkSecret
認出新的 shared secret 並且設定 graphql context 的 appId
。 不同 AI model 可以使用不同 query.userId
,或使用不同 aiModel
欄位。