mirror of
https://github.com/1Panel-dev/MaxKB.git
synced 2025-12-26 01:33:05 +00:00
feat: tool model resource permission (#3395)
This commit is contained in:
shaohuzhang1
GitHub
parent
ac7e39fb18
commit
ce5850b6d4
|
|
@ -20,6 +20,8 @@ class AuthTargetType(models.TextChoices):
|
|||
"""授权目标"""
|
||||
KNOWLEDGE = Group.KNOWLEDGE.value, '知识库'
|
||||
APPLICATION = Group.APPLICATION.value, '应用'
|
||||
TOOL = Group.TOOL.value, '工具'
|
||||
MODEL = Group.MODEL.value, '模型'
|
||||
|
||||
|
||||
class WorkspaceUserResourcePermission(models.Model):
|
||||
|
|
|
|||
|
|
@ -26,7 +26,9 @@ from common.utils.common import get_file_content
|
|||
from common.utils.split_model import group_by
|
||||
from knowledge.models import Knowledge
|
||||
from maxkb.conf import PROJECT_DIR
|
||||
from models_provider.models import Model
|
||||
from system_manage.models import WorkspaceUserResourcePermission, AuthTargetType
|
||||
from tools.models import Tool
|
||||
|
||||
|
||||
class PermissionSerializer(serializers.Serializer):
|
||||
|
|
@ -64,7 +66,7 @@ class UpdateUserResourcePermissionRequest(serializers.Serializer):
|
|||
illegal_target_id_list = select_list(
|
||||
get_file_content(
|
||||
os.path.join(PROJECT_DIR, "apps", "system_manage", 'sql', 'check_member_permission_target_exists.sql')),
|
||||
[json.dumps(user_resource_permission_list), workspace_id, workspace_id])
|
||||
[json.dumps(user_resource_permission_list), workspace_id, workspace_id, workspace_id, workspace_id])
|
||||
if illegal_target_id_list is not None and len(illegal_target_id_list) > 0:
|
||||
raise AppApiException(500,
|
||||
_('Non-existent application|knowledge base id[') + str(illegal_target_id_list) + ']')
|
||||
|
|
@ -78,6 +80,10 @@ class UserResourcePermissionSerializer(serializers.Serializer):
|
|||
return {
|
||||
"knowledge_query_set": QuerySet(Knowledge)
|
||||
.filter(workspace_id=self.data.get('workspace_id')),
|
||||
'tool_query_set': QuerySet(Tool)
|
||||
.filter(workspace_id=self.data.get('workspace_id')),
|
||||
'model_query_set': QuerySet(Model)
|
||||
.filter(workspace_id=self.data.get('workspace_id')),
|
||||
'application_query_set': QuerySet(Application)
|
||||
.filter(workspace_id=self.data.get('workspace_id')),
|
||||
'workspace_user_resource_permission_query_set': QuerySet(WorkspaceUserResourcePermission).filter(
|
||||
|
|
|
|||
|
|
@ -17,6 +17,20 @@ FROM
|
|||
'APPLICATION' AS "auth_target_type"
|
||||
FROM
|
||||
application
|
||||
WHERE workspace_id= %s
|
||||
UNION
|
||||
SELECT
|
||||
"id",
|
||||
'MODEL' AS "auth_target_type"
|
||||
FROM
|
||||
model
|
||||
WHERE workspace_id= %s
|
||||
UNION
|
||||
SELECT
|
||||
"id",
|
||||
'TOOL' AS "auth_target_type"
|
||||
FROM
|
||||
tool
|
||||
WHERE workspace_id= %s
|
||||
) "app_and_knowledge_temp"
|
||||
ON "app_and_knowledge_temp"."id" = static_temp."target_id" and app_and_knowledge_temp."auth_target_type"=static_temp."auth_target_type"
|
||||
|
|
|
|||
|
|
@ -20,6 +20,26 @@ FROM (SELECT "id",
|
|||
folder_id
|
||||
FROM application
|
||||
${application_query_set}
|
||||
UNION
|
||||
SELECT "id",
|
||||
"name",
|
||||
'TOOL' AS "auth_target_type",
|
||||
user_id,
|
||||
workspace_id,
|
||||
icon,
|
||||
folder_id
|
||||
FROM tool
|
||||
${tool_query_set}
|
||||
UNION
|
||||
SELECT "id",
|
||||
"name",
|
||||
'MODEL' AS "auth_target_type",
|
||||
user_id,
|
||||
workspace_id,
|
||||
provider as icon,
|
||||
'default' as folder_id
|
||||
FROM model
|
||||
${model_query_set}
|
||||
) app_or_knowledge
|
||||
LEFT JOIN (SELECT *
|
||||
FROM workspace_user_resource_permission
|
||||
|
|
|
|||
|
|
@ -1,3 +1,4 @@
|
|||
import { Permission } from '@/utils/permission/type'
|
||||
import { Result } from '@/request/Result'
|
||||
import { get, put, post, del } from '@/request/index'
|
||||
import type { pageRequest } from '@/api/type/common'
|
||||
|
|
@ -82,6 +83,19 @@ const getSystemFolder: (
|
|||
data?: any,
|
||||
loading?: Ref<boolean>,
|
||||
) => Promise<Result<Array<any>>> = (workspace_id, source, data, loading) => {
|
||||
if (source == 'MODEL') {
|
||||
return Promise.resolve(
|
||||
Result.success([
|
||||
{
|
||||
id: 'default',
|
||||
name: '根目录',
|
||||
desc: null,
|
||||
parent_id: null,
|
||||
children: [],
|
||||
},
|
||||
]),
|
||||
)
|
||||
}
|
||||
return get(`${prefix}/${workspace_id}/${source}/folder`, data, loading)
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -4,10 +4,12 @@ export enum AuthorizationEnum {
|
|||
ROLE = 'ROLE',
|
||||
KNOWLEDGE = 'KNOWLEDGE',
|
||||
APPLICATION = 'APPLICATION',
|
||||
MODEL = 'MODEL',
|
||||
TOOL = 'TOOL',
|
||||
}
|
||||
|
||||
export enum RoleTypeEnum {
|
||||
ADMIN = 'ADMIN',
|
||||
USER = 'USER',
|
||||
WORKSPACE_MANAGE = 'WORKSPACE_MANAGE',
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -110,7 +110,6 @@ const filterText = ref('')
|
|||
const activeName = ref(AuthorizationEnum.KNOWLEDGE)
|
||||
const tableHeight = ref(0)
|
||||
|
||||
|
||||
const settingTags = reactive([
|
||||
{
|
||||
label: t('views.knowledge.title'),
|
||||
|
|
@ -124,6 +123,18 @@ const settingTags = reactive([
|
|||
data: [] as any,
|
||||
isRole: false,
|
||||
},
|
||||
{
|
||||
label: t('views.tool.title'),
|
||||
value: AuthorizationEnum.TOOL,
|
||||
data: [] as any,
|
||||
isRole: false,
|
||||
},
|
||||
{
|
||||
label: t('views.model.title'),
|
||||
value: AuthorizationEnum.MODEL,
|
||||
data: [] as any,
|
||||
isRole: false,
|
||||
},
|
||||
])
|
||||
|
||||
watch(filterText, (val: any) => {
|
||||
|
|
|
|||
Loading…
Reference in New Issue