15308555518/ MaxKB
1
0
Fork 0
mirror of https://github.com/1Panel-dev/MaxKB.git synced 2025-12-26 10:12:51 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

feat: Front end permissions for resource authorization

This commit is contained in:
zhangzhanwei 2025-08-18 18:13:40 +08:00 committed by zhanweizhang7
parent 4847eba4bf
commit 31d71d137a
17 changed files with 118 additions and 148 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
ui/src/permission/application/system-manage.ts
View File

@ -38,6 +38,7 @@ const systemManage = {
'OR'
),
folderDelete: () => false,
auth: () => false,
overview_embed: () =>
hasPermission(
[

10
ui/src/permission/application/workspace.ts
View File

@ -43,6 +43,16 @@ const workspace = {
],
'OR'
),
auth: (source_id:string) =>
hasPermission(
[
new ComplexPermission([RoleConst.USER],[PermissionConst.APPLICATION.getApplicationWorkspaceResourcePermission(source_id)],[],'AND'),
RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
PermissionConst.APPLICATION_RESOURCE_AUTHORIZATION.getWorkspacePermissionWorkspaceManageRole,
PermissionConst.APPLICATION_RESOURCE_AUTHORIZATION.getApplicationWorkspaceResourcePermission(source_id)
],
'OR'
),
folderEdit: () =>
hasPermission(
[

1
ui/src/permission/knowledge/system-manage.ts
View File

@ -151,6 +151,7 @@ const systemManage = {
],'OR'
),
auth: () => false,
folderCreate: () => false,
folderEdit: () => false,
folderDelete: () => false,

1
ui/src/permission/knowledge/system-share.ts
View File

@ -182,6 +182,7 @@ const share = {
],
'OR'
),
auth: () => false,
folderCreate: () => false,
folderEdit: () => false,
folderDelete: () => false,

1
ui/src/permission/knowledge/workspace-share.ts
View File

@ -10,6 +10,7 @@ const workspaceShare = {
edit: () => false,
export: () => false,
delete: () => false,
auth: () => false,
doc_read: () => false,
doc_create: () => false,

10
ui/src/permission/knowledge/workspace.ts
View File

@ -70,6 +70,16 @@ const workspace = {
],
'OR',
),
auth: (source_id:string) =>
hasPermission(
[
new ComplexPermission([RoleConst.USER],[PermissionConst.KNOWLEDGE.getKnowledgeWorkspaceResourcePermission(source_id)],[],'AND'),
RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
PermissionConst.KNOWLEDGE_RESOURCE_AUTHORIZATION.getKnowledgeWorkspaceResourcePermission(source_id),
PermissionConst.KNOWLEDGE_RESOURCE_AUTHORIZATION.getWorkspacePermissionWorkspaceManageRole,
],
'OR',
),
folderEdit: () =>
hasPermission(
[

1
ui/src/permission/model/system-manage.ts
View File

@ -20,6 +20,7 @@ const systemManage = {
delete: () =>
hasPermission([RoleConst.ADMIN, PermissionConst.RESOURCE_MODEL_DELETE], 'OR'),
auth: () => false,
folderCreate: () => false,
folderEdit: () => false,
folderDelete: () => false,

1
ui/src/permission/model/system-share.ts
View File

@ -35,6 +35,7 @@ const share = {
],
'OR',
),
auth: () => false,
folderCreate: () => false,
folderEdit: () => false,
folderDelete: () => false,

10
ui/src/permission/model/workspace.ts
View File

@ -40,6 +40,16 @@ const workspace = {
],
'OR'
),
auth: (source_id:string) =>
hasPermission(
[
new ComplexPermission([RoleConst.USER],[PermissionConst.MODEL.getModelWorkspaceResourcePermission(source_id)],[],'AND'),
RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
PermissionConst.MODEL_RESOURCE_AUTHORIZATION.getModelWorkspaceResourcePermission(source_id),
PermissionConst.MODEL_RESOURCE_AUTHORIZATION.getWorkspacePermissionWorkspaceManageRole
],
'OR'
),
folderEdit: () =>
hasPermission(
[

1
ui/src/permission/tool/system-manage.ts
View File

@ -57,6 +57,7 @@ const systemManage = {
'OR',
),
auth: () => false,
folderCreate: () => false,
folderEdit: () => false,
folderDelete: () => false,

1
ui/src/permission/tool/system-share.ts
View File

@ -68,6 +68,7 @@ const share = {
'OR',
),
auth: () => false,
folderCreate: () => false,
folderEdit: () => false,
folderDelete: () => false,

10
ui/src/permission/tool/workspace.ts
View File

@ -110,6 +110,16 @@ const workspace = {
],
'OR'
),
auth: (source_id:string) =>
hasPermission(
[
new ComplexPermission([RoleConst.USER],[PermissionConst.TOOL.getToolWorkspaceResourcePermission(source_id)],[],'AND'),
RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
PermissionConst.TOOL_RESOURCE_AUTHORIZATION.getToolWorkspaceResourcePermission(source_id),
PermissionConst.TOOL_RESOURCE_AUTHORIZATION.getWorkspacePermissionWorkspaceManageRole
],
'OR'
),
debug: () =>
hasPermission(
[

13
ui/src/utils/permission/data.ts
View File

@ -296,6 +296,19 @@ const PermissionConst = {
CHANGE_PASSWORD: new Permission('OTHER:READ+CREATE'),
SYSTEM_API_KEY_EDIT: new Permission('OTHER:READ+DELETE'),
APPLICATION_RESOURCE_AUTHORIZATION: new Permission(
'APPLICATION:READ+AUTH',
),
KNOWLEDGE_RESOURCE_AUTHORIZATION: new Permission(
'KNOWLEDGE:READ+AUTH',
),
TOOL_RESOURCE_AUTHORIZATION: new Permission(
'TOOL:READ+AUTH',
),
MODEL_RESOURCE_AUTHORIZATION: new Permission(
'MODEL:READ+AUTH',
),
APPLICATION_WORKSPACE_USER_RESOURCE_PERMISSION_READ: new Permission(
'APPLICATION_WORKSPACE_USER_RESOURCE_PERMISSION:READ',
),

199
ui/src/views/application/index.vue
View File

@ -3,13 +3,8 @@
<template #left>
<h4 class="p-12-16 pb-0 mt-12">{{ $t('views.application.title') }}</h4>
<div class="p-8">
<folder-tree
:source="SourceTypeEnum.APPLICATION"
:data="folderList"
:currentNodeKey="folder.currentFolder?.id"
@handleNodeClick="folderClickHandle"
@refreshTree="refreshFolder"
/>
<folder-tree :source="SourceTypeEnum.APPLICATION" :data="folderList" :currentNodeKey="folder.currentFolder?.id"
@handleNodeClick="folderClickHandle" @refreshTree="refreshFolder" />
</div>
</template>
<ContentContainer>
@ -19,44 +14,22 @@
<template #search>
<div class="flex">
<div class="flex-between complex-search">
<el-select
class="complex-search__left"
v-model="search_type"
style="width: 120px"
@change="search_type_change"
>
<el-select class="complex-search__left" v-model="search_type" style="width: 120px"
@change="search_type_change">
<el-option :label="$t('common.creator')" value="create_user" />
<el-option :label="$t('common.name')" value="name" />
<el-option :label="$t('common.publishStatus')" value="publish_status" />
</el-select>
<el-input
v-if="search_type === 'name'"
v-model="search_form.name"
@change="searchHandle"
:placeholder="$t('common.searchBar.placeholder')"
style="width: 220px"
clearable
/>
<el-select
v-else-if="search_type === 'create_user'"
v-model="search_form.create_user"
@change="searchHandle"
filterable
clearable
style="width: 220px"
>
<el-input v-if="search_type === 'name'" v-model="search_form.name" @change="searchHandle"
:placeholder="$t('common.searchBar.placeholder')" style="width: 220px" clearable />
<el-select v-else-if="search_type === 'create_user'" v-model="search_form.create_user"
@change="searchHandle" filterable clearable style="width: 220px">
<el-option v-for="u in user_options" :key="u.id" :value="u.id" :label="u.nick_name" />
</el-select>
<el-select
v-else-if="search_type === 'publish_status'"
v-model="search_form.publish_status"
@change="searchHandle"
filterable
clearable
style="width: 220px"
>
<el-select v-else-if="search_type === 'publish_status'" v-model="search_form.publish_status"
@change="searchHandle" filterable clearable style="width: 220px">
<el-option :label="$t('common.published')" value="published" />
<el-option :label="$t('common.unpublished')" value="unpublished" />
</el-select>
@ -73,16 +46,11 @@
<el-dropdown-item @click="openCreateDialog('SIMPLE')">
<div class="flex">
<el-avatar shape="square" class="avatar-blue mt-4" :size="36">
<img
src="@/assets/application/icon_simple_application.svg"
style="width: 65%"
alt=""
/>
<img src="@/assets/application/icon_simple_application.svg" style="width: 65%" alt="" />
</el-avatar>
<div class="pre-wrap ml-8">
<div class="lighter">{{ $t('views.application.simple') }}</div>
<el-text type="info" size="small"
>{{ $t('views.application.simplePlaceholder') }}
<el-text type="info" size="small">{{ $t('views.application.simplePlaceholder') }}
</el-text>
</div>
</div>
@ -90,31 +58,18 @@
<el-dropdown-item @click="openCreateDialog('WORK_FLOW')">
<div class="flex">
<el-avatar shape="square" class="avatar-purple mt-4" :size="36">
<img
src="@/assets/application/icon_workflow_application.svg"
style="width: 65%"
alt=""
/>
<img src="@/assets/application/icon_workflow_application.svg" style="width: 65%" alt="" />
</el-avatar>
<div class="pre-wrap ml-8">
<div class="lighter">{{ $t('views.application.workflow') }}</div>
<el-text type="info" size="small"
>{{ $t('views.application.workflowPlaceholder') }}
<el-text type="info" size="small">{{ $t('views.application.workflowPlaceholder') }}
</el-text>
</div>
</div>
</el-dropdown-item>
<el-upload
class="import-button"
ref="elUploadRef"
:file-list="[]"
action="#"
multiple
:auto-upload="false"
:show-file-list="false"
:limit="1"
:on-change="(file: any, fileList: any) => importApplication(file)"
>
<el-upload class="import-button" ref="elUploadRef" :file-list="[]" action="#" multiple
:auto-upload="false" :show-file-list="false" :limit="1"
:on-change="(file: any, fileList: any) => importApplication(file)">
<el-dropdown-item>
<div class="flex align-center w-full">
<el-avatar shape="square" class="mt-4" :size="36" style="background: none">
@ -141,35 +96,16 @@
</el-dropdown>
</div>
</template>
<div
v-loading.fullscreen.lock="paginationConfig.current_page === 1 && loading"
style="max-height: calc(100vh - 120px)"
>
<InfiniteScroll
:size="applicationList.length"
:total="paginationConfig.total"
:page_size="paginationConfig.page_size"
v-model:current_page="paginationConfig.current_page"
@load="getList"
:loading="loading"
>
<div v-loading.fullscreen.lock="paginationConfig.current_page === 1 && loading"
style="max-height: calc(100vh - 120px)">
<InfiniteScroll :size="applicationList.length" :total="paginationConfig.total"
:page_size="paginationConfig.page_size" v-model:current_page="paginationConfig.current_page" @load="getList"
:loading="loading">
<el-row v-if="applicationList.length > 0" :gutter="15" class="w-full">
<template v-for="(item, index) in applicationList" :key="index">
<el-col
v-if="item.resource_type === 'folder'"
:xs="24"
:sm="12"
:md="12"
:lg="8"
:xl="6"
class="mb-16"
>
<CardBox
:title="item.name"
:description="item.desc || $t('components.noDesc')"
class="cursor"
@click="clickFolder(item)"
>
<el-col v-if="item.resource_type === 'folder'" :xs="24" :sm="12" :md="12" :lg="8" :xl="6" class="mb-16">
<CardBox :title="item.name" :description="item.desc || $t('components.noDesc')" class="cursor"
@click="clickFolder(item)">
<template #icon>
<el-avatar shape="square" :size="32" style="background: none">
<AppIcon iconName="app-folder" style="font-size: 32px"></AppIcon>
@ -183,12 +119,7 @@
</CardBox>
</el-col>
<el-col v-else :xs="24" :sm="12" :md="12" :lg="8" :xl="6" class="mb-16">
<CardBox
:title="item.name"
:description="item.desc"
class="cursor"
@click="goApp(item)"
>
<CardBox :title="item.name" :description="item.desc" class="cursor" @click="goApp(item)">
<template #icon>
<el-avatar shape="square" :size="32" style="background: none">
<img :src="resetUrl(item?.icon, resetUrl('./favicon.ico'))" alt="" />
@ -242,48 +173,33 @@
<AppIcon iconName="app-create-chat" class="color-secondary"></AppIcon>
{{ $t('views.application.operation.toChat') }}
</el-dropdown-item>
<el-dropdown-item
@click.stop="settingApplication(item)"
v-if="permissionPrecise.edit(item.id)"
>
<el-dropdown-item @click.stop="settingApplication(item)"
v-if="permissionPrecise.edit(item.id)">
<AppIcon iconName="app-setting" class="color-secondary"></AppIcon>
{{ $t('common.setting') }}
</el-dropdown-item>
<el-dropdown-item @click.stop="openAuthorization(item)">
<AppIcon
iconName="app-resource-authorization"
class="color-secondary"
></AppIcon>
<el-dropdown-item @click.stop="openAuthorization(item)"
v-if="permissionPrecise.auth(item.id)">
<AppIcon iconName="app-resource-authorization" class="color-secondary"></AppIcon>
{{ $t('views.system.resourceAuthorization.title') }}
</el-dropdown-item>
<el-dropdown-item
@click.stop="openMoveToDialog(item)"
v-if="permissionPrecise.edit(item.id) && apiType === 'workspace'"
>
<el-dropdown-item @click.stop="openMoveToDialog(item)"
v-if="permissionPrecise.edit(item.id) && apiType === 'workspace'">
<AppIcon iconName="app-migrate" class="color-secondary"></AppIcon>
{{ $t('common.moveTo') }}
</el-dropdown-item>
<el-dropdown-item
@click="copyApplication(item)"
v-if="permissionPrecise.create()"
>
<el-dropdown-item @click="copyApplication(item)" v-if="permissionPrecise.create()">
<AppIcon iconName="app-copy" class="color-secondary"></AppIcon>
{{ $t('common.copy') }}
</el-dropdown-item>
<el-dropdown-item
divided
@click.stop="exportApplication(item)"
v-if="permissionPrecise.export(item.id)"
>
<el-dropdown-item divided @click.stop="exportApplication(item)"
v-if="permissionPrecise.export(item.id)">
<AppIcon iconName="app-export" class="color-secondary"></AppIcon>
{{ $t('common.export') }}
</el-dropdown-item>
<el-dropdown-item
divided
@click.stop="deleteApplication(item)"
v-if="permissionPrecise.delete(item.id)"
>
<el-dropdown-item divided @click.stop="deleteApplication(item)"
v-if="permissionPrecise.delete(item.id)">
<AppIcon iconName="app-delete" class="color-secondary"></AppIcon>
{{ $t('common.delete') }}
</el-dropdown-item>
@ -303,16 +219,9 @@
<CreateApplicationDialog ref="CreateApplicationDialogRef" />
<CopyApplicationDialog ref="CopyApplicationDialogRef" />
<CreateFolderDialog ref="CreateFolderDialogRef" @refresh="refreshFolder" />
<MoveToDialog
ref="MoveToDialogRef"
:source="SourceTypeEnum.APPLICATION"
@refresh="refreshApplicationList"
v-if="apiType === 'workspace'"
/>
<ResourceAuthorizationDrawer
:type="SourceTypeEnum.APPLICATION"
ref="ResourceAuthorizationDrawerRef"
/>
<MoveToDialog ref="MoveToDialogRef" :source="SourceTypeEnum.APPLICATION" @refresh="refreshApplicationList"
v-if="apiType === 'workspace'" />
<ResourceAuthorizationDrawer :type="SourceTypeEnum.APPLICATION" ref="ResourceAuthorizationDrawerRef" />
</LayoutContainer>
</template>
@ -535,20 +444,20 @@ function toChat(row: any) {
.map((v: any) => {
apiInputParams.value = v.properties.api_input_field_list
? v.properties.api_input_field_list.map((v: any) => {
return {
name: v.variable,
value: v.default_value,
}
})
return {
name: v.variable,
value: v.default_value,
}
})
: v.properties.input_field_list
? v.properties.input_field_list
.filter((v: any) => v.assignment_method === 'api_input')
.map((v: any) => {
return {
name: v.variable,
value: v.default_value,
}
})
.filter((v: any) => v.assignment_method === 'api_input')
.map((v: any) => {
return {
name: v.variable,
value: v.default_value,
}
})
: []
})
const apiParams = mapToUrlParams(apiInputParams.value)
@ -606,7 +515,7 @@ function deleteApplication(row: any) {
MsgSuccess(t('common.deleteSuccess'))
})
})
.catch(() => {})
.catch(() => { })
}
const exportApplication = (application: any) => {

2
ui/src/views/knowledge/component/KnowledgeListContainer.vue
View File

@ -260,7 +260,7 @@
>
<el-dropdown-item
@click.stop="openAuthorization(item)"
v-if="apiType === 'workspace'"
v-if="apiType === 'workspace' && permissionPrecise.auth(item.id)"
>
<AppIcon
iconName="app-resource-authorization"

2
ui/src/views/model/component/ModelCard.vue
View File

@ -100,7 +100,7 @@
<AppIcon iconName="app-setting" class="color-secondary"></AppIcon>
{{ $t('views.model.modelForm.title.paramSetting') }}
</el-dropdown-item>
<el-dropdown-item @click.stop="openAuthorization(model)" v-if="apiType === 'workspace'">
<el-dropdown-item @click.stop="openAuthorization(model)" v-if="apiType === 'workspace' && permissionPrecise.auth(model.id)">
<AppIcon iconName="app-resource-authorization" class="color-secondary"></AppIcon>
{{ $t('views.system.resourceAuthorization.title') }}
</el-dropdown-item>

2
ui/src/views/tool/component/ToolListContainer.vue
View File

@ -252,7 +252,7 @@
</el-dropdown-item>
<el-dropdown-item
@click.stop="openAuthorization(item)"
v-if="apiType === 'workspace'"
v-if="apiType === 'workspace' && permissionPrecise.auth(item.id)"
>
<AppIcon
iconName="app-resource-authorization"