fix(runtime): implement issue #1493 runtime_state_query permission, masking, rate limit and audit

[moonandlife]

Summary

• Implemented complete behavior for Issue Issue 9：完整实现 runtime state query 的权限、脱敏、限流和审计行为 #1493 in
• Added/updated focused tests in
• Ensured coverage artifact path is redirected to in to satisfy repository root cleanup policy

What Changed

• Added unified redaction placeholder:
• Enforced namespace ACL deny path with audit ()
• Implemented reveal permission soft-downgrade behavior:
  • when but permission missing, request continues with masked values
  • writes audit reason
• Implemented sliding-window rate limit per principal with audit ()
• Added success-path audit record () with result count
• Kept behavior to omit value field
• Normalized and clamped query pagination params (, )

Validation

• Ran: ============================= test session starts ==============================
  platform linux -- Python 3.11.15, pytest-9.0.3, pluggy-1.6.0 -- /home/moonlife/miniconda/envs/sage/bin/python3
  cachedir: .pytest_cache
  rootdir: /home/moonlife/hust/SAGE
  configfile: pytest.ini
  plugins: anyio-4.13.0, asyncio-1.3.0, mock-3.15.1, cov-7.1.0
  asyncio: mode=Mode.STRICT, debug=False, asyncio_default_fixture_loop_scope=None, asyncio_default_test_loop_scope=function
  collecting ... collected 6 items

src/tests/test_flownet_runtime_state_query.py::test_query_runtime_state_masks_value_and_writes_success_audit PASSED [ 16%]
src/tests/test_flownet_runtime_state_query.py::test_query_runtime_state_reveal_permission_denied_downgrades_to_redacted PASSED [ 33%]
src/tests/test_flownet_runtime_state_query.py::test_query_runtime_state_namespace_forbidden_is_audited PASSED [ 50%]
src/tests/test_flownet_runtime_state_query.py::test_query_runtime_state_rate_limited_is_audited PASSED [ 66%]
src/tests/test_flownet_runtime_state_query.py::test_query_runtime_state_include_values_false_hides_value_field PASSED [ 83%]
src/tests/test_flownet_runtime_state_query.py::test_query_runtime_state_limit_and_cursor_are_normalized PASSED [100%]

============================== 6 passed in 0.47s ===============================

• Result:

Related

• Closes Issue 9：完整实现 runtime state query 的权限、脱敏、限流和审计行为 #1493
• Parent: SAGE 运行时与流处理能力补强 #1484

[Copilot]

Pull request overview

Implements the missing production-grade behaviors for FlowNet runtime state queries (Issue #1493): namespace ACL enforcement, permission-based value masking, sliding-window rate limiting, and consistent audit recording. Adds focused unit tests for the new behaviors and adjusts the dev CLI test runner to redirect coverage artifacts into the repo-managed .sage/ directory.

Changes:

• Implemented reveal-permission “soft downgrade” (masked results instead of hard rejection) plus unified redaction placeholder and success-path auditing.
• Enforced namespace ACL deny path and per-principal sliding-window rate limiting with audit records.
• Added a dedicated test suite covering masking, permission downgrade, namespace denial, rate limiting, include-values behavior, and pagination normalization; redirected coverage output via COVERAGE_FILE.

Reviewed changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated no comments.

File	Description
src/sage/runtime/flownet/client/node_runtime.py	Adds redaction placeholder, reveal permission soft-downgrade, rate limit + ACL enforcement, and consistent auditing for runtime state queries.
src/tests/test_flownet_runtime_state_query.py	Introduces focused tests validating masking, auditing, ACL denial, rate limiting, and pagination normalization.
src/sage/tools/cli/commands/dev.py	Redirects pytest-cov output to .sage/.coverage to avoid repository-root artifacts and ensures .sage/ exists.