mirror of
https://github.com/1Panel-dev/MaxKB.git
synced 2025-12-26 01:33:05 +00:00
fix: Chat log add to knowledge permission
--bug=1060944 --user=张展玮 【权限】用户只有知识库的查看权限,但可以将对话日志中的信息添加到知识库作为分段,并可删除 https://www.tapd.cn/62980211/s/1763639
This commit is contained in:
zhangzhanwei
zhanweizhang7
parent
82701e7513
commit
6b17b450d4
|
|
@ -20,8 +20,10 @@ from rest_framework.utils.formatting import lazy_format
|
|||
from application.models import ChatRecord, ApplicationAccessToken, Application
|
||||
from application.serializers.application_chat import ChatCountSerializer
|
||||
from application.serializers.common import ChatInfo
|
||||
from common.auth.authentication import get_is_permissions
|
||||
from common.constants.permission_constants import PermissionConstants, RoleConstants, ViewPermission, CompareConstants
|
||||
from common.db.search import page_search
|
||||
from common.exception.app_exception import AppApiException
|
||||
from common.exception.app_exception import AppApiException, AppUnauthorizedFailed
|
||||
from common.utils.common import post
|
||||
from knowledge.models import Paragraph, Document, Problem, ProblemParagraphMapping, Knowledge
|
||||
from knowledge.serializers.common import get_embedding_model_id_by_knowledge_id, update_document_char_length
|
||||
|
|
@ -254,8 +256,27 @@ class ApplicationChatRecordAddKnowledgeSerializer(serializers.Serializer):
|
|||
|
||||
@post(post_function=post_embedding_paragraph)
|
||||
@transaction.atomic
|
||||
def post_improve(self, instance: Dict):
|
||||
ApplicationChatRecordAddKnowledgeSerializer(data=instance).is_valid(raise_exception=True)
|
||||
def post_improve(self, instance: Dict, request=None, scope='WORKSPACE', with_valid=True):
|
||||
if with_valid:
|
||||
ApplicationChatRecordAddKnowledgeSerializer(data=instance).is_valid(raise_exception=True)
|
||||
self.is_valid(raise_exception=True)
|
||||
if scope == 'WORKSPACE':
|
||||
is_permission = get_is_permissions(request=request, workspace_id=self.data.get('workspace_id'),
|
||||
knowledge_id=self.data.get("knowledge_id"))(
|
||||
PermissionConstants.KNOWLEDGE_DOCUMENT_EDIT.get_workspace_knowledge_permission(),
|
||||
PermissionConstants.KNOWLEDGE_DOCUMENT_EDIT.get_workspace_permission_workspace_manage_role(),
|
||||
RoleConstants.WORKSPACE_MANAGE.get_workspace_role(),
|
||||
ViewPermission([RoleConstants.USER.get_workspace_role()],
|
||||
[PermissionConstants.KNOWLEDGE.get_workspace_knowledge_permission()],
|
||||
CompareConstants.AND),
|
||||
)
|
||||
else:
|
||||
is_permission = get_is_permissions(request=request, workspace_id=self.data.get('workspace_id'),
|
||||
knowledge_id=self.data.get("knowledge_id"))(
|
||||
PermissionConstants.RESOURCE_KNOWLEDGE_DOCUMENT_EDIT, RoleConstants.ADMIN
|
||||
)
|
||||
if not is_permission:
|
||||
raise AppUnauthorizedFailed(403, gettext('No permission to access'))
|
||||
|
||||
chat_ids = instance['chat_ids']
|
||||
document_id = instance['document_id']
|
||||
|
|
@ -372,9 +393,26 @@ class ApplicationChatRecordImproveSerializer(serializers.Serializer):
|
|||
|
||||
@post(post_function=post_embedding_paragraph)
|
||||
@transaction.atomic
|
||||
def improve(self, instance: Dict, with_valid=True):
|
||||
def improve(self, instance: Dict, request=None, scope='WORKSPACE', with_valid=True):
|
||||
if with_valid:
|
||||
self.is_valid(raise_exception=True)
|
||||
if scope == 'WORKSPACE':
|
||||
is_permission = get_is_permissions(request, workspace_id=self.data.get('workspace_id'),
|
||||
knowledge_id=self.data.get("knowledge_id"))(
|
||||
PermissionConstants.KNOWLEDGE_DOCUMENT_EDIT.get_workspace_knowledge_permission(),
|
||||
PermissionConstants.KNOWLEDGE_DOCUMENT_EDIT.get_workspace_permission_workspace_manage_role(),
|
||||
RoleConstants.WORKSPACE_MANAGE.get_workspace_role(),
|
||||
ViewPermission([RoleConstants.USER.get_workspace_role()],
|
||||
[PermissionConstants.KNOWLEDGE.get_workspace_knowledge_permission()],
|
||||
CompareConstants.AND),
|
||||
)
|
||||
else:
|
||||
is_permission = get_is_permissions(request, workspace_id=self.data.get('workspace_id'),
|
||||
knowledge_id=self.data.get("knowledge_id"))(
|
||||
PermissionConstants.RESOURCE_KNOWLEDGE_DOCUMENT_EDIT, RoleConstants.ADMIN
|
||||
)
|
||||
if not is_permission:
|
||||
raise AppUnauthorizedFailed(403, gettext('No permission to access'))
|
||||
ApplicationChatRecordImproveInstanceSerializer(data=instance).is_valid(raise_exception=True)
|
||||
chat_record_id = self.data.get('chat_record_id')
|
||||
chat_id = self.data.get('chat_id')
|
||||
|
|
@ -427,9 +465,28 @@ class ApplicationChatRecordImproveSerializer(serializers.Serializer):
|
|||
|
||||
workspace_id = serializers.CharField(required=True, label=_("Workspace ID"))
|
||||
|
||||
def delete(self, with_valid=True):
|
||||
def delete(self, request=None, scope='WORKSPACE', with_valid=True):
|
||||
if with_valid:
|
||||
self.is_valid(raise_exception=True)
|
||||
if scope == 'WORKSPACE':
|
||||
is_permission = get_is_permissions(request=request, workspace_id=self.data.get('workspace_id'),
|
||||
knowledge_id=self.data.get("knowledge_id"))(
|
||||
PermissionConstants.KNOWLEDGE_DOCUMENT_EDIT.get_workspace_knowledge_permission(),
|
||||
PermissionConstants.KNOWLEDGE_DOCUMENT_EDIT.get_workspace_permission_workspace_manage_role(),
|
||||
RoleConstants.WORKSPACE_MANAGE.get_workspace_role(),
|
||||
ViewPermission([RoleConstants.USER.get_workspace_role()],
|
||||
[PermissionConstants.KNOWLEDGE.get_workspace_knowledge_permission()],
|
||||
CompareConstants.AND),
|
||||
)
|
||||
else:
|
||||
is_permission = get_is_permissions(request=request, workspace_id=self.data.get('workspace_id'),
|
||||
knowledge_id=self.data.get("knowledge_id"))(
|
||||
PermissionConstants.RESOURCE_KNOWLEDGE_DOCUMENT_EDIT, RoleConstants.ADMIN
|
||||
)
|
||||
|
||||
if not is_permission:
|
||||
raise AppUnauthorizedFailed(403, gettext('No permission to access'))
|
||||
|
||||
workspace_id = self.data.get('workspace_id')
|
||||
chat_record_id = self.data.get('chat_record_id')
|
||||
chat_id = self.data.get('chat_id')
|
||||
|
|
|
|||
|
|
@ -129,7 +129,7 @@ class ApplicationChatRecordAddKnowledge(APIView):
|
|||
RoleConstants.WORKSPACE_MANAGE.get_workspace_role())
|
||||
def post(self, request: Request, workspace_id: str, application_id: str):
|
||||
return result.success(ApplicationChatRecordAddKnowledgeSerializer().post_improve(
|
||||
{'workspace_id': workspace_id, 'application_id': application_id, **request.data}))
|
||||
{'workspace_id': workspace_id, 'application_id': application_id, **request.data}, request=request))
|
||||
|
||||
|
||||
class ApplicationChatRecordImprove(APIView):
|
||||
|
|
@ -186,7 +186,7 @@ class ApplicationChatRecordImproveParagraph(APIView):
|
|||
return result.success(ApplicationChatRecordImproveSerializer(
|
||||
data={'workspace_id': workspace_id, 'application_id': application_id, 'chat_id': chat_id,
|
||||
'chat_record_id': chat_record_id,
|
||||
'knowledge_id': knowledge_id, 'document_id': document_id}).improve(request.data))
|
||||
'knowledge_id': knowledge_id, 'document_id': document_id}).improve(request.data, request=request))
|
||||
|
||||
class Operate(APIView):
|
||||
authentication_classes = [TokenAuth]
|
||||
|
|
@ -214,4 +214,4 @@ class ApplicationChatRecordImproveParagraph(APIView):
|
|||
data={'chat_id': chat_id, 'chat_record_id': chat_record_id, 'workspace_id': workspace_id,
|
||||
'application_id': application_id,
|
||||
'knowledge_id': knowledge_id, 'document_id': document_id,
|
||||
'paragraph_id': paragraph_id}).delete())
|
||||
'paragraph_id': paragraph_id}).delete(request=request))
|
||||
|
|
|
|||
Loading…
Reference in New Issue