fix: Knowledge chat user permission

2025-12-25 17:22:55 +00:00 · 2025-06-30 18:13:09 +08:00 · 2025-06-30 18:13:09 +08:00 · 55c5c28596
parent 87415e96c8
commit 55c5c28596
8 changed files with 60 additions and 11 deletions
--- a/apps/common/constants/permission_constants.py
+++ b/apps/common/constants/permission_constants.py
@ -44,6 +44,7 @@ class Group(Enum):
    KNOWLEDGE_PROBLEM = "KNOWLEDGE_PROBLEM"
    SYSTEM_KNOWLEDGE_PROBLEM = "SYSTEM_KNOWLEDGE_PROBLEM"
    SYSTEM_RES_KNOWLEDGE_PROBLEM = "SYSTEM_RESOURCE_KNOWLEDGE_PROBLEM"
+    SYSTEM_KNOWLEDGE_CHAT_USER = "SYSTEM_KNOWLEDGE_CHAT_USER"

    MODEL = "MODEL"
    SYSTEM_MODEL = "SYSTEM_MODEL"
@ -145,7 +146,7 @@ class Operate(Enum):
    EMBED = "READ+EMBED"  # 嵌入
    ACCESS = "READ+ACCESS"  # 访问限制
    DISPLAY = "READ+DISPLAY"  # 显示设置
-    API_KET = "READ+API_KEY"  # API_KEY
+    API_KEY = "READ+API_KEY"  # API_KEY
    PUBLIC_ACCESS = "READ+PUBLIC_ACCESS"  # 公共访问链接
    Q_WEIXIN = "READ+Q_WEIXIN"  # 企业微信
    FEISHU = "READ+FEISHU"  # 飞书
@ -313,7 +314,7 @@ Permission_Label = {
    Operate.EMBED.value: _('Embed third party'),
    Operate.ACCESS.value: _('Access restrictions'),
    Operate.DISPLAY.value: _('Display Settings'),
-    Operate.API_KET.value: _('API_KET'),
+    Operate.API_KEY.value: _('API_KEY'),
    Operate.PUBLIC_ACCESS.value: _('Public access link'),
    Operate.Q_WEIXIN.value: _('Enterprise WeiXin'),
    Operate.FEISHU.value: _('Feishu'),
@ -339,6 +340,7 @@ Permission_Label = {
    Group.SYSTEM_KNOWLEDGE.value: _("Knowledge"),
    Group.SYSTEM_KNOWLEDGE_DOCUMENT.value: _("Document"),
    Group.SYSTEM_KNOWLEDGE_PROBLEM.value: _("Problem"),
+    Group.SYSTEM_KNOWLEDGE_CHAT_USER.value: _("Dialogue users"),
    Group.SYSTEM_RES_TOOL.value: _("Tool"),
    Group.SYSTEM_RES_MODEL.value: _("Model"),
    Group.SYSTEM_RES_KNOWLEDGE.value: _("Knowledge"),
@ -815,7 +817,7 @@ class PermissionConstants(Enum):
                                                  ResourcePermissionConst.APPLICATION_MANGE],

                                              )
-    APPLICATION_OVERVIEW_API_KEY = Permission(group=Group.APPLICATION_OVERVIEW, operate=Operate.API_KET,
+    APPLICATION_OVERVIEW_API_KEY = Permission(group=Group.APPLICATION_OVERVIEW, operate=Operate.API_KEY,
                                              role_list=[RoleConstants.ADMIN, RoleConstants.USER],
                                              parent_group=[WorkspaceGroup.APPLICATION, UserGroup.APPLICATION],
                                              resource_permission_group_list=[
@ -1144,7 +1146,14 @@ class PermissionConstants(Enum):
        group=Group.SYSTEM_KNOWLEDGE_PROBLEM, operate=Operate.DELETE, role_list=[RoleConstants.ADMIN],
        parent_group=[SystemGroup.SHARED_KNOWLEDGE]
    )
-
+    SHARED_KNOWLEDGE_CHAT_USER_READ = Permission(
+        group=Group.SYSTEM_KNOWLEDGE_CHAT_USER, operate=Operate.READ, role_list=[RoleConstants.ADMIN],
+        parent_group=[SystemGroup.SHARED_KNOWLEDGE]
+    )
+    SHARED_KNOWLEDGE_CHAT_USER_EDIT = Permission(
+        group=Group.SYSTEM_KNOWLEDGE_CHAT_USER, operate=Operate.EDIT, role_list=[RoleConstants.ADMIN],
+        parent_group=[SystemGroup.SHARED_KNOWLEDGE]
+    )
    SHARED_MODEL_CREATE = Permission(
        group=Group.SYSTEM_MODEL, operate=Operate.CREATE, role_list=[RoleConstants.ADMIN, RoleConstants.USER],
        parent_group=[SystemGroup.SHARED_MODEL]
--- a/ui/src/permission/application/workspace.ts
+++ b/ui/src/permission/application/workspace.ts
@ -95,7 +95,7 @@ const workspace = {
            ],
            'OR'
    ),
-    chat_user_edit: (source_id:string) => 
+    application_chat_user_edit: (source_id:string) => 
        hasPermission(
            [
              RoleConst.ADMIN,
--- a/ui/src/permission/knowledge/system-manage.ts
+++ b/ui/src/permission/knowledge/system-manage.ts
@ -30,6 +30,8 @@ const workspace = {
  doc_export: () => false,
  doc_download: () => false,

+  knowledge_chat_user_edit: () => false,
+
  problem_create: () => false,
  problem_relate: () => false,
  problem_delete: () => false,
--- a/ui/src/permission/knowledge/system-share.ts
+++ b/ui/src/permission/knowledge/system-share.ts
@ -140,6 +140,15 @@ const share = {
      ],
      'OR'
    ),
+  knowledge_chat_user_edit: () => 
+    hasPermission(
+      [
+        RoleConst.ADMIN,
+        PermissionConst.SHARED_KNOWLEDGE_CHAT_USER_EDIT
+      ],
+      'OR'
+    )
+    ,
  problem_relate: () => 
    hasPermission (
      [
--- a/ui/src/permission/knowledge/workspace.ts
+++ b/ui/src/permission/knowledge/workspace.ts
@ -154,6 +154,15 @@ const workspace = {
        PermissionConst.KNOWLEDGE_DOCUMENT_DOWNLOAD_SOURCE_FILE.getWorkspacePermissionWorkspaceManageRole,
      ],
      'OR',
+    ), 
+  knowledge_chat_user_edit: (source_id:string) => 
+    hasPermission(
+      [
+        RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
+        PermissionConst.KNOWLEDGE_CHAT_USER_EDIT.getKnowledgeWorkspaceResourcePermission(source_id),
+        PermissionConst.KNOWLEDGE_CHAT_USER_EDIT.getWorkspacePermissionWorkspaceManageRole,
+      ]
+      ,'OR'
    ),  
  problem_create: (source_id:string) =>
    hasPermission(
--- a/ui/src/router/modules/document.ts
+++ b/ui/src/router/modules/document.ts
@ -88,11 +88,11 @@ const DocumentRouter = {
          RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
          () => {
            const to: any = get_next_route()
-            return PermissionConst.WORKSPACE_CHAT_USER_READ.getKnowledgeWorkspaceResourcePermission(
+            return PermissionConst.KNOWLEDGE_CHAT_USER_READ.getKnowledgeWorkspaceResourcePermission(
              to ? to.params.id : '',
            )
          },
-          PermissionConst.WORKSPACE_CHAT_USER_READ.getWorkspacePermissionWorkspaceManageRole,
+          PermissionConst.KNOWLEDGE_CHAT_USER_READ.getWorkspacePermissionWorkspaceManageRole,
        ],
      },
      component: () => import('@/views/chat-user/index.vue'),
--- a/ui/src/utils/permission/data.ts
+++ b/ui/src/utils/permission/data.ts
@ -146,8 +146,11 @@ const PermissionConst = {
  APPLICATION_ACCESS_READ: new Permission('APPLICATION_ACCESS:READ'),
  APPLICATION_ACCESS_EDIT: new Permission('APPLICATION_ACCESS:READ+EDIT'),

-  APPLICATION_CHAT_USER_READ: new Permission('CHAT_USER:READ'),
-  APPLICATION_CHAT_USER_EDIT: new Permission('CHAT_USER:READ+EDIT'),
+  APPLICATION_CHAT_USER_READ: new Permission('APPLICATION_CHAT_USER:READ'),
+  APPLICATION_CHAT_USER_EDIT: new Permission('APPLICATION_CHAT_USER:READ+EDIT'),
+
+  KNOWLEDGE_CHAT_USER_READ: new Permission('KNOWLEDGE_CHAT_USER:READ'),
+  KNOWLEDGE_CHAT_USER_EDIT: new Permission('KNOWLEDGE_CHAT_USER:READ+EDIT'),

  SHARED_TOOL_READ: new Permission('SYSTEM_TOOL:READ'),
  SHARED_TOOL_CREATE: new Permission('SYSTEM_TOOL:READ+CREATE'),
@ -186,6 +189,9 @@ const PermissionConst = {
  SHARED_KNOWLEDGE_PROBLEM_CREATE: new Permission('SYSTEM_KNOWLEDGE_PROBLEM:READ+CREATE'),
  SHARED_KNOWLEDGE_PROBLEM_EDIT: new Permission('SYSTEM_KNOWLEDGE_PROBLEM:READ+EDIT'),
  SHARED_KNOWLEDGE_PROBLEM_DELETE: new Permission('SYSTEM_KNOWLEDGE_PROBLEM:READ+DELETE'),
+  
+  SHARED_KNOWLEDGE_CHAT_USER_READ: new Permission('SYSTEM_KNOWLEDGE_CHAT_USER:READ'),
+  SHARED_KNOWLEDGE_CHAT_USER_EDIT: new Permission('SYSTEM_KNOWLEDGE_CHAT_USER:READ+EDIT'),

  TOOL_CREATE: new Permission('TOOL:READ+CREATE'),
  TOOL_EDIT: new Permission('TOOL:READ+EDIT'),
--- a/ui/src/views/chat-user/index.vue
+++ b/ui/src/views/chat-user/index.vue
@ -42,7 +42,7 @@
              </span>
            </div>
            <el-button type="primary" :disabled="current?.is_auth" @click="handleSave"
-              v-if="permissionPrecise.chat_user_edit(id)"
+              v-if="hasPermission(permissionObj[(route.meta?.resourceType as string)],'OR')"
            >
              {{ t('common.save') }}
            </el-button>
@ -57,7 +57,7 @@
                :placeholder="$t('common.inputPlaceholder')" style="width: 220px" clearable />
            </div>
            <div class="flex align-center"
-              v-if="permissionPrecise.chat_user_edit(id)"
+              v-if="hasPermission(permissionObj[(route.meta?.resourceType as string)],'OR')"
            >
              <div class="color-secondary mr-8">{{ $t('views.chatUser.autoAuthorization') }}</div>
              <el-switch size="small" :model-value="current?.is_auth" @click="changeAuth"
@ -114,6 +114,11 @@ import { useRoute } from 'vue-router'
 import { SourceTypeEnum } from '@/enums/common'
 import { MsgSuccess } from '@/utils/message'
 import permissionMap from '@/permission'
+import { ComplexPermission } from '@/utils/permission/type'
+import { EditionConst, RoleConst, PermissionConst } from '@/utils/permission/data'
+import { hasPermission } from '@/utils/permission/index'
+
+

 const route = useRoute()

@ -128,6 +133,15 @@ const {
  params: { id },
 } = route as any

+const permissionObj=ref<any>({
+  "APPLICATION": new ComplexPermission([RoleConst.ADMIN, RoleConst.WORKSPACE_MANAGE.getWorkspaceRole],
+                [PermissionConst.APPLICATION_CHAT_USER_EDIT, 
+                PermissionConst.APPLICATION_CHAT_USER_EDIT.getApplicationWorkspaceResourcePermission(id)],[],'OR'),
+  "KNOWLEDGE": new ComplexPermission([RoleConst.ADMIN, RoleConst.WORKSPACE_MANAGE.getWorkspaceRole],
+                [PermissionConst.KNOWLEDGE_CHAT_USER_EDIT, 
+                PermissionConst.KNOWLEDGE_CHAT_USER_EDIT.getKnowledgeWorkspaceResourcePermission(id)],[],'OR'),
+})
+
 const resource = reactive({ resource_id: route.params.id as string, resource_type: route.meta.resourceType as string })

 const filterText = ref('')