From 55c5c28596fef41a5fe22ed92261d799742c63cf Mon Sep 17 00:00:00 2001 From: zhangzhanwei Date: Mon, 30 Jun 2025 18:13:09 +0800 Subject: [PATCH] fix: Knowledge chat user permission --- apps/common/constants/permission_constants.py | 17 +++++++++++++---- ui/src/permission/application/workspace.ts | 2 +- ui/src/permission/knowledge/system-manage.ts | 2 ++ ui/src/permission/knowledge/system-share.ts | 9 +++++++++ ui/src/permission/knowledge/workspace.ts | 9 +++++++++ ui/src/router/modules/document.ts | 4 ++-- ui/src/utils/permission/data.ts | 10 ++++++++-- ui/src/views/chat-user/index.vue | 18 ++++++++++++++++-- 8 files changed, 60 insertions(+), 11 deletions(-) diff --git a/apps/common/constants/permission_constants.py b/apps/common/constants/permission_constants.py index 262fd0b9a..b3562a743 100644 --- a/apps/common/constants/permission_constants.py +++ b/apps/common/constants/permission_constants.py @@ -44,6 +44,7 @@ class Group(Enum): KNOWLEDGE_PROBLEM = "KNOWLEDGE_PROBLEM" SYSTEM_KNOWLEDGE_PROBLEM = "SYSTEM_KNOWLEDGE_PROBLEM" SYSTEM_RES_KNOWLEDGE_PROBLEM = "SYSTEM_RESOURCE_KNOWLEDGE_PROBLEM" + SYSTEM_KNOWLEDGE_CHAT_USER = "SYSTEM_KNOWLEDGE_CHAT_USER" MODEL = "MODEL" SYSTEM_MODEL = "SYSTEM_MODEL" @@ -145,7 +146,7 @@ class Operate(Enum): EMBED = "READ+EMBED" # 嵌入 ACCESS = "READ+ACCESS" # 访问限制 DISPLAY = "READ+DISPLAY" # 显示设置 - API_KET = "READ+API_KEY" # API_KEY + API_KEY = "READ+API_KEY" # API_KEY PUBLIC_ACCESS = "READ+PUBLIC_ACCESS" # 公共访问链接 Q_WEIXIN = "READ+Q_WEIXIN" # 企业微信 FEISHU = "READ+FEISHU" # 飞书 @@ -313,7 +314,7 @@ Permission_Label = { Operate.EMBED.value: _('Embed third party'), Operate.ACCESS.value: _('Access restrictions'), Operate.DISPLAY.value: _('Display Settings'), - Operate.API_KET.value: _('API_KET'), + Operate.API_KEY.value: _('API_KEY'), Operate.PUBLIC_ACCESS.value: _('Public access link'), Operate.Q_WEIXIN.value: _('Enterprise WeiXin'), Operate.FEISHU.value: _('Feishu'), @@ -339,6 +340,7 @@ Permission_Label = { Group.SYSTEM_KNOWLEDGE.value: _("Knowledge"), Group.SYSTEM_KNOWLEDGE_DOCUMENT.value: _("Document"), Group.SYSTEM_KNOWLEDGE_PROBLEM.value: _("Problem"), + Group.SYSTEM_KNOWLEDGE_CHAT_USER.value: _("Dialogue users"), Group.SYSTEM_RES_TOOL.value: _("Tool"), Group.SYSTEM_RES_MODEL.value: _("Model"), Group.SYSTEM_RES_KNOWLEDGE.value: _("Knowledge"), @@ -815,7 +817,7 @@ class PermissionConstants(Enum): ResourcePermissionConst.APPLICATION_MANGE], ) - APPLICATION_OVERVIEW_API_KEY = Permission(group=Group.APPLICATION_OVERVIEW, operate=Operate.API_KET, + APPLICATION_OVERVIEW_API_KEY = Permission(group=Group.APPLICATION_OVERVIEW, operate=Operate.API_KEY, role_list=[RoleConstants.ADMIN, RoleConstants.USER], parent_group=[WorkspaceGroup.APPLICATION, UserGroup.APPLICATION], resource_permission_group_list=[ @@ -1144,7 +1146,14 @@ class PermissionConstants(Enum): group=Group.SYSTEM_KNOWLEDGE_PROBLEM, operate=Operate.DELETE, role_list=[RoleConstants.ADMIN], parent_group=[SystemGroup.SHARED_KNOWLEDGE] ) - + SHARED_KNOWLEDGE_CHAT_USER_READ = Permission( + group=Group.SYSTEM_KNOWLEDGE_CHAT_USER, operate=Operate.READ, role_list=[RoleConstants.ADMIN], + parent_group=[SystemGroup.SHARED_KNOWLEDGE] + ) + SHARED_KNOWLEDGE_CHAT_USER_EDIT = Permission( + group=Group.SYSTEM_KNOWLEDGE_CHAT_USER, operate=Operate.EDIT, role_list=[RoleConstants.ADMIN], + parent_group=[SystemGroup.SHARED_KNOWLEDGE] + ) SHARED_MODEL_CREATE = Permission( group=Group.SYSTEM_MODEL, operate=Operate.CREATE, role_list=[RoleConstants.ADMIN, RoleConstants.USER], parent_group=[SystemGroup.SHARED_MODEL] diff --git a/ui/src/permission/application/workspace.ts b/ui/src/permission/application/workspace.ts index 0ce3cca32..647d638e3 100644 --- a/ui/src/permission/application/workspace.ts +++ b/ui/src/permission/application/workspace.ts @@ -95,7 +95,7 @@ const workspace = { ], 'OR' ), - chat_user_edit: (source_id:string) => + application_chat_user_edit: (source_id:string) => hasPermission( [ RoleConst.ADMIN, diff --git a/ui/src/permission/knowledge/system-manage.ts b/ui/src/permission/knowledge/system-manage.ts index fa36be346..ffeec63cb 100644 --- a/ui/src/permission/knowledge/system-manage.ts +++ b/ui/src/permission/knowledge/system-manage.ts @@ -30,6 +30,8 @@ const workspace = { doc_export: () => false, doc_download: () => false, + knowledge_chat_user_edit: () => false, + problem_create: () => false, problem_relate: () => false, problem_delete: () => false, diff --git a/ui/src/permission/knowledge/system-share.ts b/ui/src/permission/knowledge/system-share.ts index 5da0f253a..669ef8eac 100644 --- a/ui/src/permission/knowledge/system-share.ts +++ b/ui/src/permission/knowledge/system-share.ts @@ -140,6 +140,15 @@ const share = { ], 'OR' ), + knowledge_chat_user_edit: () => + hasPermission( + [ + RoleConst.ADMIN, + PermissionConst.SHARED_KNOWLEDGE_CHAT_USER_EDIT + ], + 'OR' + ) + , problem_relate: () => hasPermission ( [ diff --git a/ui/src/permission/knowledge/workspace.ts b/ui/src/permission/knowledge/workspace.ts index c796e7b7d..b960fa29b 100644 --- a/ui/src/permission/knowledge/workspace.ts +++ b/ui/src/permission/knowledge/workspace.ts @@ -154,6 +154,15 @@ const workspace = { PermissionConst.KNOWLEDGE_DOCUMENT_DOWNLOAD_SOURCE_FILE.getWorkspacePermissionWorkspaceManageRole, ], 'OR', + ), + knowledge_chat_user_edit: (source_id:string) => + hasPermission( + [ + RoleConst.WORKSPACE_MANAGE.getWorkspaceRole, + PermissionConst.KNOWLEDGE_CHAT_USER_EDIT.getKnowledgeWorkspaceResourcePermission(source_id), + PermissionConst.KNOWLEDGE_CHAT_USER_EDIT.getWorkspacePermissionWorkspaceManageRole, + ] + ,'OR' ), problem_create: (source_id:string) => hasPermission( diff --git a/ui/src/router/modules/document.ts b/ui/src/router/modules/document.ts index 3e3d21ef2..b5a9f700d 100644 --- a/ui/src/router/modules/document.ts +++ b/ui/src/router/modules/document.ts @@ -88,11 +88,11 @@ const DocumentRouter = { RoleConst.WORKSPACE_MANAGE.getWorkspaceRole, () => { const to: any = get_next_route() - return PermissionConst.WORKSPACE_CHAT_USER_READ.getKnowledgeWorkspaceResourcePermission( + return PermissionConst.KNOWLEDGE_CHAT_USER_READ.getKnowledgeWorkspaceResourcePermission( to ? to.params.id : '', ) }, - PermissionConst.WORKSPACE_CHAT_USER_READ.getWorkspacePermissionWorkspaceManageRole, + PermissionConst.KNOWLEDGE_CHAT_USER_READ.getWorkspacePermissionWorkspaceManageRole, ], }, component: () => import('@/views/chat-user/index.vue'), diff --git a/ui/src/utils/permission/data.ts b/ui/src/utils/permission/data.ts index d92c4d65d..2a8c9c1c6 100644 --- a/ui/src/utils/permission/data.ts +++ b/ui/src/utils/permission/data.ts @@ -146,8 +146,11 @@ const PermissionConst = { APPLICATION_ACCESS_READ: new Permission('APPLICATION_ACCESS:READ'), APPLICATION_ACCESS_EDIT: new Permission('APPLICATION_ACCESS:READ+EDIT'), - APPLICATION_CHAT_USER_READ: new Permission('CHAT_USER:READ'), - APPLICATION_CHAT_USER_EDIT: new Permission('CHAT_USER:READ+EDIT'), + APPLICATION_CHAT_USER_READ: new Permission('APPLICATION_CHAT_USER:READ'), + APPLICATION_CHAT_USER_EDIT: new Permission('APPLICATION_CHAT_USER:READ+EDIT'), + + KNOWLEDGE_CHAT_USER_READ: new Permission('KNOWLEDGE_CHAT_USER:READ'), + KNOWLEDGE_CHAT_USER_EDIT: new Permission('KNOWLEDGE_CHAT_USER:READ+EDIT'), SHARED_TOOL_READ: new Permission('SYSTEM_TOOL:READ'), SHARED_TOOL_CREATE: new Permission('SYSTEM_TOOL:READ+CREATE'), @@ -186,6 +189,9 @@ const PermissionConst = { SHARED_KNOWLEDGE_PROBLEM_CREATE: new Permission('SYSTEM_KNOWLEDGE_PROBLEM:READ+CREATE'), SHARED_KNOWLEDGE_PROBLEM_EDIT: new Permission('SYSTEM_KNOWLEDGE_PROBLEM:READ+EDIT'), SHARED_KNOWLEDGE_PROBLEM_DELETE: new Permission('SYSTEM_KNOWLEDGE_PROBLEM:READ+DELETE'), + + SHARED_KNOWLEDGE_CHAT_USER_READ: new Permission('SYSTEM_KNOWLEDGE_CHAT_USER:READ'), + SHARED_KNOWLEDGE_CHAT_USER_EDIT: new Permission('SYSTEM_KNOWLEDGE_CHAT_USER:READ+EDIT'), TOOL_CREATE: new Permission('TOOL:READ+CREATE'), TOOL_EDIT: new Permission('TOOL:READ+EDIT'), diff --git a/ui/src/views/chat-user/index.vue b/ui/src/views/chat-user/index.vue index a7ae073d9..2be6a7e7b 100644 --- a/ui/src/views/chat-user/index.vue +++ b/ui/src/views/chat-user/index.vue @@ -42,7 +42,7 @@ {{ t('common.save') }} @@ -57,7 +57,7 @@ :placeholder="$t('common.inputPlaceholder')" style="width: 220px" clearable />
{{ $t('views.chatUser.autoAuthorization') }}
({ + "APPLICATION": new ComplexPermission([RoleConst.ADMIN, RoleConst.WORKSPACE_MANAGE.getWorkspaceRole], + [PermissionConst.APPLICATION_CHAT_USER_EDIT, + PermissionConst.APPLICATION_CHAT_USER_EDIT.getApplicationWorkspaceResourcePermission(id)],[],'OR'), + "KNOWLEDGE": new ComplexPermission([RoleConst.ADMIN, RoleConst.WORKSPACE_MANAGE.getWorkspaceRole], + [PermissionConst.KNOWLEDGE_CHAT_USER_EDIT, + PermissionConst.KNOWLEDGE_CHAT_USER_EDIT.getKnowledgeWorkspaceResourcePermission(id)],[],'OR'), +}) + const resource = reactive({ resource_id: route.params.id as string, resource_type: route.meta.resourceType as string }) const filterText = ref('')