15308555518/ MaxKB
1
0
Fork 0
mirror of https://github.com/1Panel-dev/MaxKB.git synced 2025-12-29 07:52:50 +00:00
Code Issues Actions 4 Packages Projects Releases Wiki Activity

feat: Application permission

This commit is contained in:
zhangzhanwei 2025-06-25 17:18:47 +08:00 committed by zhanweizhang7
parent a73e0b10f9
commit c3ee492176
15 changed files with 194 additions and 113 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
ui/src/permission/application/index.ts Normal file
View File

@ -0,0 +1,5 @@
import workspace from './workspace'
const permission = {
workspace,
}
export default permission

101
ui/src/permission/application/workspace.ts Normal file
View File

@ -0,0 +1,101 @@
import { hasPermission } from '@/utils/permission/index'
import { PermissionConst, RoleConst } from '@/utils/permission/data'
const workspace = {
create: () =>
hasPermission(
[
RoleConst.ADMIN,
RoleConst.USER.getWorkspaceRole,
RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
PermissionConst.APPLICATION_CREATE.getWorkspacePermission,
PermissionConst.APPLICATION_CREATE.getWorkspacePermissionWorkspaceManageRole,
],
'OR'
),
edit: (source_id:string) =>
hasPermission(
[
RoleConst.ADMIN,
RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
PermissionConst.APPLICATION_EDIT.getWorkspacePermissionWorkspaceManageRole,
PermissionConst.APPLICATION_EDIT.getApplicationWorkspaceResourcePermission(source_id)
],
'OR'
),
export: (source_id:string) =>
hasPermission(
[
RoleConst.ADMIN,
RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
PermissionConst.APPLICATION_EXPORT.getWorkspacePermissionWorkspaceManageRole,
PermissionConst.APPLICATION_EXPORT.getApplicationWorkspaceResourcePermission(source_id)
],
'OR'
),
delete: (source_id:string) =>
hasPermission(
[
RoleConst.ADMIN,
RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
PermissionConst.APPLICATION_DELETE.getWorkspacePermissionWorkspaceManageRole,
PermissionConst.APPLICATION_DELETE.getApplicationWorkspaceResourcePermission(source_id)
],
'OR'
),
overview_embed: (source_id:string) =>
hasPermission(
[
RoleConst.ADMIN,
RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
PermissionConst.APPLICATION_OVERVIEW_EMBEDDED.getWorkspacePermissionWorkspaceManageRole,
PermissionConst.APPLICATION_OVERVIEW_EMBEDDED.getApplicationWorkspaceResourcePermission(source_id)
],
'OR'
),
overview_access: (source_id:string) =>
hasPermission(
[
RoleConst.ADMIN,
RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
PermissionConst.APPLICATION_OVERVIEW_ACCESS.getWorkspacePermissionWorkspaceManageRole,
PermissionConst.APPLICATION_OVERVIEW_ACCESS.getApplicationWorkspaceResourcePermission(source_id)
],
'OR'
)
,
overview_display: (source_id:string) =>
hasPermission(
[
RoleConst.ADMIN,
RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
PermissionConst.APPLICATION_OVERVIEW_DISPLAY.getWorkspacePermissionWorkspaceManageRole,
PermissionConst.APPLICATION_OVERVIEW_DISPLAY.getApplicationWorkspaceResourcePermission(source_id)
],
'OR'
),
overview_api_key: (source_id:string) =>
hasPermission(
[
RoleConst.ADMIN,
RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
PermissionConst.APPLICATION_OVERVIEW_API_KEY.getWorkspacePermissionWorkspaceManageRole,
PermissionConst.APPLICATION_OVERVIEW_API_KEY.getApplicationWorkspaceResourcePermission(source_id)
],
'OR'
),
access_edit: (source_id:string) =>
hasPermission(
[
RoleConst.ADMIN,
RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
PermissionConst.APPLICATION_ACCESS_EDIT.getWorkspacePermissionWorkspaceManageRole,
PermissionConst.APPLICATION_ACCESS_EDIT.getApplicationWorkspaceResourcePermission(source_id)
],
'OR'
),
}
export default workspace

2
ui/src/permission/index.ts
View File

@ -1,9 +1,11 @@
import tool from '@/permission/tool'
import model from '@/permission/model'
import knowledge from '@/permission/knowledge'
import application from '@/permission/application'
const permission = {
tool,
model,
knowledge,
application,
}
export default permission

12
ui/src/permission/knowledge/workspace.ts
View File

@ -32,7 +32,7 @@ const workspace = {
PermissionConst.KNOWLEDGE_DOCUMENT_SYNC.getWorkspacePermissionWorkspaceManageRole,
],
'OR',
),
),
vector: (source_id:string) =>
hasPermission(
[
@ -122,7 +122,7 @@ const workspace = {
PermissionConst.KNOWLEDGE_DOCUMENT_MIGRATE.getWorkspacePermissionWorkspaceManageRole,
],
'OR',
),
),
doc_edit: (source_id:string) =>
hasPermission(
[
@ -142,7 +142,7 @@ const workspace = {
PermissionConst.KNOWLEDGE_DOCUMENT_SYNC.getWorkspacePermissionWorkspaceManageRole,
],
'OR',
),
),
doc_delete: (source_id:string) =>
hasPermission(
[
@ -152,7 +152,7 @@ const workspace = {
PermissionConst.KNOWLEDGE_DOCUMENT_DELETE.getWorkspacePermissionWorkspaceManageRole,
],
'OR',
),
),
doc_export: (source_id:string) =>
hasPermission(
[
@ -162,7 +162,7 @@ const workspace = {
PermissionConst.KNOWLEDGE_DOCUMENT_EXPORT.getWorkspacePermissionWorkspaceManageRole,
],
'OR',
),
),
problem_create: (source_id:string) =>
hasPermission(
[
@ -192,7 +192,7 @@ const workspace = {
PermissionConst.KNOWLEDGE_PROBLEM_DELETE.getWorkspacePermissionWorkspaceManageRole,
],
'OR',
),
),
}
export default workspace

16
ui/src/router/modules/application-detail.ts
View File

@ -19,10 +19,6 @@ const ApplicationDetailRouter = {
active: 'overview',
parentPath: '/application/:id/:type',
parentName: 'ApplicationDetail',
permission: [
PermissionConst.APPLICATION_OVERVIEW_READ.getWorkspacePermission,
RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
],
},
component: () => import('@/views/application-overview/index.vue'),
},
@ -53,18 +49,6 @@ const ApplicationDetailRouter = {
},
component: () => import('@/views/application/ApplicationAccess.vue'),
},
{
path: 'hit-test',
name: 'AppHitTest',
meta: {
icon: 'app-hit-test',
title: 'views.application.hitTest.title',
active: 'hit-test',
parentPath: '/application/:id/:type',
parentName: 'ApplicationDetail',
},
component: () => import('@/views/hit-test/index.vue'),
},
{
path: 'chat-user',
name: 'applicationChatUser',

1
ui/src/router/modules/application.ts
View File

@ -7,6 +7,7 @@ const applicationRouter = {
menu: true,
permission: [
RoleConst.ADMIN,
RoleConst.USER,
RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
PermissionConst.APPLICATION_READ.getWorkspacePermissionWorkspaceManageRole,
PermissionConst.APPLICATION_READ.getWorkspacePermission,

1
ui/src/router/modules/knowledge.ts
View File

@ -7,6 +7,7 @@ const ModelRouter = {
menu: true,
permission: [
RoleConst.ADMIN,
RoleConst.USER,
RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
PermissionConst.KNOWLEDGE_READ.getWorkspacePermission,
PermissionConst.KNOWLEDGE_READ.getWorkspacePermissionWorkspaceManageRole,

1
ui/src/router/modules/model.ts
View File

@ -7,6 +7,7 @@ const ModelRouter = {
menu: true,
permission: [
RoleConst.ADMIN,
RoleConst.USER,
RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
PermissionConst.MODEL_READ.getWorkspacePermission,
PermissionConst.MODEL_READ.getWorkspacePermissionWorkspaceManageRole,

13
ui/src/router/modules/system.ts
View File

@ -18,7 +18,14 @@ const systemRouter = {
activeMenu: '/system',
parentPath: '/system',
parentName: 'system',
permission: [RoleConst.ADMIN, EditionConst.IS_EE],
permission: [
new ComplexPermission(
[RoleConst.ADMIN,],
[PermissionConst.USER_READ],
[EditionConst.IS_EE],
'OR',
),
],
},
component: () => import('@/views/system/user-manage/index.vue'),
},
@ -55,8 +62,8 @@ const systemRouter = {
parentName: 'system',
permission: [
new ComplexPermission(
[RoleConst.WORKSPACE_MANAGE.getWorkspaceRole, RoleConst.ADMIN],
[PermissionConst.WORKSPACE_WORKSPACE_READ],
[RoleConst.WORKSPACE_MANAGE, RoleConst.ADMIN],
[PermissionConst.WORKSPACE_WORKSPACE_READ.getWorkspacePermissionWorkspaceManageRole],
[EditionConst.IS_EE],
'OR',
),

1
ui/src/router/modules/tool.ts
View File

@ -7,6 +7,7 @@ const ModelRouter = {
menu: true,
permission: [
RoleConst.ADMIN,
RoleConst.USER,
RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
PermissionConst.TOOL_READ.getWorkspacePermission,
PermissionConst.TOOL_READ.getWorkspacePermissionWorkspaceManageRole,

16
ui/src/utils/permission/data.ts
View File

@ -123,20 +123,20 @@ const PermissionConst = {
APPLICATION_TO_CHAT:new Permission('APPLICATION:READ+TO_CHAT'),
APPLICATION_OVERVIEW_READ:new Permission('OVERVIEW:READ'),
APPLICATION_OVERVIEW_EMBEDDED:new Permission('OVERVIEW:READ'),
APPLICATION_OVERVIEW_ACCESS:new Permission('OVERVIEW:READ'),
APPLICATION_OVERVIEW_DISPLAY:new Permission('OVERVIEW:READ'),
APPLICATION_OVERVIEW_API_KEY:new Permission('OVERVIEW:READ'),
APPLICATION_OVERVIEW_PUBLIC:new Permission('OVERVIEW:READ'),
APPLICATION_OVERVIEW_READ:new Permission('APPLICATION_OVERVIEW:READ'),
APPLICATION_OVERVIEW_EMBEDDED:new Permission('APPLICATION_OVERVIEW:READ+EMBED'),
APPLICATION_OVERVIEW_ACCESS:new Permission('APPLICATION_OVERVIEW:READ+ACCESS'),
APPLICATION_OVERVIEW_DISPLAY:new Permission('APPLICATION_OVERVIEW:READ+DISPLAY'),
APPLICATION_OVERVIEW_API_KEY:new Permission('APPLICATION_OVERVIEW:READ+API_KEY'),
APPLICATION_OVERVIEW_PUBLIC:new Permission('APPLICATION_OVERVIEW:READ+PUBLIC_ACCESS'),
APPLICATION_CHAT_LOG:new Permission('APPLICATION_CHAT_LOG:READ'),
APPLICATION_CHAT_LOG_ANNOTATION:new Permission('APPLICATION_CHAT_LOG:READ+ANNOTATION'),
APPLICATION_CHAT_LOG_EXPORT:new Permission('APPLICATION_CHAT_LOG:READ+EXPORT'),
APPLICATION_CHAT_LOG_POLICY:new Permission('APPLICATION_CHAT_LOG:READ+CLEAR_POLICY'),
APPLICATION_ACCESS_READ:new Permission('APPLICATION_CHAT_LOG:READ'),
APPLICATION_ACCESS_EDIT:new Permission('APPLICATION_CHAT_LOG:READ+EDIT'),
APPLICATION_ACCESS_READ:new Permission('APPLICATION_ACCESS:READ'),
APPLICATION_ACCESS_EDIT:new Permission('APPLICATION_ACCESS:READ+EDIT'),
SHARED_TOOL_READ:new Permission('SYSTEM_TOOL:READ'),
SHARED_TOOL_CREATE:new Permission('SYSTEM_TOOL:READ+CREATE'),

43
ui/src/views/application-overview/index.vue
View File

@ -52,11 +52,6 @@
:active-text="$t('views.applicationOverview.appInfo.openText')"
:inactive-text="$t('views.applicationOverview.appInfo.closeText')"
:before-change="() => changeState(accessToken.is_active)"
v-hasPermission="[
RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
RoleConst.USER.getWorkspaceRole,
PermissionConst.APPLICATION_EDIT.getWorkspacePermission,
]"
/>
</div>
@ -98,11 +93,7 @@
<el-button
:disabled="!accessToken?.is_active"
@click="openDialog"
v-hasPermission="[
RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
RoleConst.USER.getWorkspaceRole,
PermissionConst.APPLICATION_OVERVIEW_EMBEDDED.getWorkspacePermission,
]"
v-if="permissionPrecise.overview_embed(id)"
>
<AppIcon iconName="app-export" class="mr-4"></AppIcon>
{{ $t('views.applicationOverview.appInfo.embedInWebsite') }}
@ -110,11 +101,7 @@
<!-- 访问限制 -->
<el-button
@click="openLimitDialog"
v-hasPermission="[
RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
RoleConst.USER.getWorkspaceRole,
PermissionConst.APPLICATION_OVERVIEW_ACCESS.getWorkspacePermission,
]"
v-if="permissionPrecise.overview_access(id)"
>
<el-icon class="mr-4"><Lock /></el-icon>
{{ $t('views.applicationOverview.appInfo.accessControl') }}
@ -122,11 +109,7 @@
<!-- 显示设置 -->
<el-button
@click="openDisplaySettingDialog"
v-hasPermission="[
RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
RoleConst.USER.getWorkspaceRole,
PermissionConst.APPLICATION_OVERVIEW_DISPLAY.getWorkspacePermission,
]"
v-if="permissionPrecise.overview_display(id)"
>
<el-icon class="mr-4"><Setting /></el-icon>
{{ $t('views.applicationOverview.appInfo.displaySetting') }}
@ -169,11 +152,7 @@
<div>
<el-button
@click="openAPIKeyDialog"
v-hasPermission="[
RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
RoleConst.USER.getWorkspaceRole,
PermissionConst.APPLICATION_OVERVIEW_API_KEY.getWorkspacePermission,
]"
v-if="permissionPrecise.overview_api_key(id)"
>
<el-icon class="mr-4"><Key /></el-icon>
{{ $t('views.applicationOverview.appInfo.apiKey') }}</el-button
@ -251,10 +230,20 @@ import { copyClick } from '@/utils/clipboard'
import { isAppIcon } from '@/utils/common'
import useStore from '@/stores'
import { t } from '@/locales'
import { PermissionConst, RoleConst, EditionConst } from '@/utils/permission/data'
import { EditionConst } from '@/utils/permission/data'
import { hasPermission } from '@/utils/permission/index'
const { user, application } = useStore()
import permissionMap from '@/permission'
const route = useRoute()
const apiType = computed<'workspace'>(() => {
return 'workspace'
})
const permissionPrecise = computed(() => {
return permissionMap['application'][apiType.value]
})
const { user, application } = useStore()
const {
params: { id },
} = route as any

23
ui/src/views/application/ApplicationAccess.vue
View File

@ -28,15 +28,11 @@
v-model="item.isActive"
@change="changeStatus(item.key, item.isActive)"
:disabled="!item.exists"
v-hasPermission="[RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
RoleConst.USER.getWorkspaceRole,
PermissionConst.APPLICATION_ACCESS_EDIT.getWorkspacePermission]"
v-if="permissionPrecise.access_edit(id)"
/>
<el-divider direction="vertical" />
<el-button class="mr-4" @click="openDrawer(item.key)"
v-hasPermission="[RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
RoleConst.USER.getWorkspaceRole,
PermissionConst.APPLICATION_ACCESS_EDIT.getWorkspacePermission]"
v-if="permissionPrecise.access_edit(id)"
>{{
$t('views.application.applicationAccess.setting')
}}</el-button>
@ -50,14 +46,22 @@
</template>
<script setup lang="ts">
import { reactive, ref, onMounted } from 'vue'
import { reactive, ref, onMounted, computed } from 'vue'
import AccessSettingDrawer from './component/AccessSettingDrawer.vue'
import applicationApi from '@/api/application/application'
import { MsgSuccess } from '@/utils/message'
import { useRoute } from 'vue-router'
import { t } from '@/locales'
import { PermissionConst, RoleConst } from '@/utils/permission/data'
import { hasPermission } from '@/utils/permission/index'
import permissionMap from '@/permission'
const route = useRoute()
const apiType = computed<'workspace'>(() => {
return 'workspace'
})
const permissionPrecise = computed(() => {
return permissionMap['application'][apiType.value]
})
//
const platforms = reactive([
@ -105,7 +109,6 @@ const platforms = reactive([
const AccessSettingDrawerRef = ref()
const loading = ref(false)
const route = useRoute()
const {
params: { id },
} = route as any

19
ui/src/views/application/ApplicationSetting.vue
View File

@ -8,11 +8,7 @@
type="primary"
@click="submit(applicationFormRef)"
:disabled="loading"
v-hasPermission="[
RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
RoleConst.USER.getWorkspaceRole,
PermissionConst.APPLICATION_OVERVIEW_PUBLIC.getWorkspacePermission,
]"
v-if="permissionPrecise.edit(id)"
>
{{ $t('views.application.buttons.publish') }}
</el-button>
@ -432,7 +428,7 @@
</div>
</template>
<script setup lang="ts">
import { reactive, ref, onMounted } from 'vue'
import { reactive, ref, onMounted, computed } from 'vue'
import { useRoute } from 'vue-router'
import { groupBy } from 'lodash'
import AIModeParamSettingDialog from './component/AIModeParamSettingDialog.vue'
@ -450,10 +446,19 @@ import TTSModeParamSettingDialog from './component/TTSModeParamSettingDialog.vue
import ReasoningParamSettingDialog from './component/ReasoningParamSettingDialog.vue'
import { PermissionConst, RoleConst } from '@/utils/permission/data'
import { hasPermission } from '@/utils/permission/index'
import permissionMap from '@/permission'
const route = useRoute()
const apiType = computed<'workspace'>(() => {
return 'workspace'
})
const permissionPrecise = computed(() => {
return permissionMap['application'][apiType.value]
})
const { knowledge, model, application } = useStore()
const route = useRoute()
const {
params: { id },
} = route as any

53
ui/src/views/application/index.vue
View File

@ -43,16 +43,12 @@
<el-option v-for="u in user_options" :key="u.id" :value="u.id" :label="u.username" />
</el-select>
</div>
<el-dropdown trigger="click">
<el-dropdown trigger="click"
v-if="permissionPrecise.create()"
>
<el-button
type="primary"
class="ml-8"
v-hasPermission="[
RoleConst.ADMIN,
RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
PermissionConst.APPLICATION_EDIT.getWorkspacePermissionWorkspaceManageRole,
PermissionConst.APPLICATION_EDIT.getWorkspacePermission,
]"
>
{{ $t('common.create') }}
<el-icon class="el-icon--right">
@ -234,16 +230,7 @@
</el-dropdown-item>
<el-dropdown-item
@click.stop="settingApplication(item)"
v-if="
hasPermission(
[
RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
RoleConst.USER.getWorkspaceRole,
PermissionConst.APPLICATION_EDIT.getWorkspacePermission,
],
'OR',
)
"
v-if="permissionPrecise.edit(item.id)"
>
<el-icon><Setting /></el-icon>
{{ $t('common.setting') }}
@ -252,14 +239,7 @@
divided
@click.stop="exportApplication(item)"
v-if="
hasPermission(
[
RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
RoleConst.USER.getWorkspaceRole,
PermissionConst.APPLICATION_EXPORT.getWorkspacePermission,
],
'OR',
)
permissionPrecise.export(item.id)
"
>
<AppIcon iconName="app-export"></AppIcon>
@ -270,14 +250,7 @@
icon="Delete"
@click.stop="deleteApplication(item)"
v-if="
hasPermission(
[
RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
RoleConst.USER.getWorkspaceRole,
PermissionConst.APPLICATION_DELETE.getWorkspacePermission,
],
'OR',
)
permissionPrecise.delete(item.id)
"
>{{ $t('common.delete') }}</el-dropdown-item
>
@ -309,14 +282,22 @@ import ApplicaitonApi from '@/api/application/application'
import { MsgSuccess, MsgConfirm, MsgError } from '@/utils/message'
import useStore from '@/stores'
import { t } from '@/locales'
import { useRouter } from 'vue-router'
import { useRouter, useRoute } from 'vue-router'
import { isWorkFlow } from '@/utils/application'
import { dateFormat } from '@/utils/time'
import { PermissionConst, RoleConst } from '@/utils/permission/data'
import { hasPermission } from '@/utils/permission/index'
import { FolderSource } from '@/enums/common'
import permissionMap from '@/permission'
const router = useRouter()
const route = useRoute()
const apiType = computed<'workspace'>(() => {
return 'workspace'
})
const permissionPrecise = computed(() => {
return permissionMap['application'][apiType.value]
})
const { folder, application, user } = useStore()
const loading = ref(false)