GitLab

The 403 detection PR changed the 401 handler condition from
`account.Type == AccountTypeOAuth` to
`account.Type == AccountTypeOAuth && account.Platform == PlatformOpenAI`,
which accidentally excluded Gemini OAuth from the temp-unschedulable path.

Fix: use `!= PlatformAntigravity` instead, preserving Gemini behavior
while correctly excluding Antigravity (whose 401 is handled by
applyErrorPolicy's temp_unschedulable_rules).

Update tests to reflect Antigravity's new 401 semantics:
- HandleUpstreamError: Antigravity OAuth 401 now uses SetError
- CheckErrorPolicy: Antigravity 401 second hit stays TempUnscheduled
- DB fallback: split into Gemini (escalates) and Antigravity (stays temp)

Backend:
- Detect and classify 403 responses into three types:
  validation (account needs Google verification),
  violation (terms of service / banned),
  forbidden (generic 403)
- Extract verification/appeal URLs from 403 response body
  (structured JSON parsing with regex fallback)
- Add needs_verify, is_banned, needs_reauth, error_code fields
  to UsageInfo (omitempty for zero impact on other platforms)
- Handle 403 in request path: classify and permanently set account error
- Save validation_url in error_message for degraded path recovery
- Enrich usage with account error on both success and degraded paths
- Add singleflight dedup for usage requests with independent context
- Differentiate cache TTL: success/403 → 3min, errors → 1min
- Return degraded UsageInfo instead of HTTP 500 on quota fetch errors

Frontend:
- Display forbidden status badges with color coding (red for banned,
  amber for needs verification, gray for generic)
- Show clickable verification/appeal URL links
- Display needs_reauth and degraded error states in usage cell
- Add Antigravity tier label badge next to platform type

Tests:
- Comprehensive unit tests for classifyForbiddenType (7 cases)
- Unit tests for extractValidationURL (8 cases including unicode escapes)
- Integration test for FetchQuota forbidden path

feat(groups): add rate multipliers management modal

fix: 管理员重置配额补全 monthly 字段并修复 ristretto 缓存异步问题 fix issue #964

- 后端 handler：ResetSubscriptionQuotaRequest 新增 Monthly 字段，
  验证逻辑扩展为 daily/weekly/monthly 至少一项为 true
- 后端 service：AdminResetQuota 新增 resetMonthly 参数，
  调用 ResetMonthlyUsage；重置后追加 subCacheL1.Wait()，
  保证 ristretto Del() 的异步删除立即生效，消除重置后
  /v1/usage 返回旧用量数据的竞态窗口
- 后端测试：更新存量测试用例匹配新签名，补充
  TestAdminResetQuota_ResetMonthlyOnly /
  TestAdminResetQuota_ResetMonthlyUsageError 两个新用例
- 前端 API：resetQuota options 类型新增 monthly: boolean
- 前端视图：confirmResetQuota 改为同时重置 daily/weekly/monthly
- i18n：中英文确认提示文案更新，提及每月配额
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

feat: GPT Private设置数据不用于训练

Add a dedicated modal in group management for viewing, adding, editing,
and deleting per-user rate multipliers within a group.

Backend:
- GET /admin/groups/:id/rate-multipliers - list entries with user details
- PUT /admin/groups/:id/rate-multipliers - batch sync (full replace)
- DELETE /admin/groups/:id/rate-multipliers - clear all entries
- Repository: GetByGroupID, SyncGroupRateMultipliers methods on
  user_group_rate_multipliers table (same table as user-side rates)

Frontend:
- New GroupRateMultipliersModal component with:
  - User search and add with email autocomplete
  - Editable rate column with local edit mode (cancel/save)
  - Batch adjust: multiply all rates by a factor
  - Clear all (local operation, requires save to persist)
  - Pagination (10/20/50 per page)
  - Platform icon with brand colors in group info bar
  - Unsaved changes indicator with revert option
- Unit tests for all three backend endpoints

privacy_mode 改为由 TokenRefreshService 在 token 刷新后异步补设。
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

fix Antigravity gemini thought signature fix

精准收紧 accounts.extra 观测字段触发的调度重建

fix: 修复gpt-5.2以上模型映射到gpt-5.2以下时verbosity参数引发的报错

feat(admin): add metric toggle to usage charts

fix: 为 Anthropic Messages API 流式转发添加下游 keepalive ping

降低 ops_error_logs 与 scheduler_outbox 的数据库写放大

降低 admin/dashboard 读路径压力，避免 snapshot-v2 并发击穿

降低 quota 与 Codex 快照热路径的数据库写放大

feat: 修复 Gemini 生图接口并新增前端生图测试能力

Feature/管理员可以重置账号额度

将 /v1/chat/completions 端点从 ResponseWriter 劫持模式重构为独立的
类型安全转换路径，与 Anthropic Messages 端点架构对齐：

- 在 apicompat 包新增 Chat Completions 完整类型定义和双向转换器
- 新增 ForwardAsChatCompletions service 方法，走 Responses API 上游
- Handler 改为独立的账号选择/failover 循环，不再劫持 Responses handler
- 提取 handleCompatErrorResponse 为 Chat Completions 和 Messages 共用
- 删除旧的 forwardChatCompletions 直传路径及相关死代码

Anthropic Messages API 的流式转发路径（gateway_service.go）在上游长时间
无数据时（如 Opus extended thinking 阶段）不会向下游发送任何内容，导致
Cloudflare Tunnel 等代理因连接空闲而断开。

复用已有的 StreamKeepaliveInterval 配置（默认 10 秒），在 select 循环中
添加 keepalive 分支，定时发送 Anthropic 原生格式的 ping 事件保活，与
OpenAI 兼容路径的实现模式保持一致。
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

feat: 添加 OpenAI Chat Completions 兼容端点（基于 #648，修复编译错误和运行时 panic）

fix: 补充缺失的组级和账户级运维告警指标