diff --git a/apps/system_manage/models/workspace_user_permission.py b/apps/system_manage/models/workspace_user_permission.py index e853b850c..88179a802 100644 --- a/apps/system_manage/models/workspace_user_permission.py +++ b/apps/system_manage/models/workspace_user_permission.py @@ -20,6 +20,8 @@ class AuthTargetType(models.TextChoices): """授权目标""" KNOWLEDGE = Group.KNOWLEDGE.value, '知识库' APPLICATION = Group.APPLICATION.value, '应用' + TOOL = Group.TOOL.value, '工具' + MODEL = Group.MODEL.value, '模型' class WorkspaceUserResourcePermission(models.Model): diff --git a/apps/system_manage/serializers/user_resource_permission.py b/apps/system_manage/serializers/user_resource_permission.py index 35e8d494b..a06d6e1c7 100644 --- a/apps/system_manage/serializers/user_resource_permission.py +++ b/apps/system_manage/serializers/user_resource_permission.py @@ -26,7 +26,9 @@ from common.utils.common import get_file_content from common.utils.split_model import group_by from knowledge.models import Knowledge from maxkb.conf import PROJECT_DIR +from models_provider.models import Model from system_manage.models import WorkspaceUserResourcePermission, AuthTargetType +from tools.models import Tool class PermissionSerializer(serializers.Serializer): @@ -64,7 +66,7 @@ class UpdateUserResourcePermissionRequest(serializers.Serializer): illegal_target_id_list = select_list( get_file_content( os.path.join(PROJECT_DIR, "apps", "system_manage", 'sql', 'check_member_permission_target_exists.sql')), - [json.dumps(user_resource_permission_list), workspace_id, workspace_id]) + [json.dumps(user_resource_permission_list), workspace_id, workspace_id, workspace_id, workspace_id]) if illegal_target_id_list is not None and len(illegal_target_id_list) > 0: raise AppApiException(500, _('Non-existent application|knowledge base id[') + str(illegal_target_id_list) + ']') @@ -78,6 +80,10 @@ class UserResourcePermissionSerializer(serializers.Serializer): return { "knowledge_query_set": QuerySet(Knowledge) .filter(workspace_id=self.data.get('workspace_id')), + 'tool_query_set': QuerySet(Tool) + .filter(workspace_id=self.data.get('workspace_id')), + 'model_query_set': QuerySet(Model) + .filter(workspace_id=self.data.get('workspace_id')), 'application_query_set': QuerySet(Application) .filter(workspace_id=self.data.get('workspace_id')), 'workspace_user_resource_permission_query_set': QuerySet(WorkspaceUserResourcePermission).filter( diff --git a/apps/system_manage/sql/check_member_permission_target_exists.sql b/apps/system_manage/sql/check_member_permission_target_exists.sql index 5516054e3..3f1bc0824 100644 --- a/apps/system_manage/sql/check_member_permission_target_exists.sql +++ b/apps/system_manage/sql/check_member_permission_target_exists.sql @@ -17,6 +17,20 @@ FROM 'APPLICATION' AS "auth_target_type" FROM application + WHERE workspace_id= %s + UNION + SELECT + "id", + 'MODEL' AS "auth_target_type" + FROM + model + WHERE workspace_id= %s + UNION + SELECT + "id", + 'TOOL' AS "auth_target_type" + FROM + tool WHERE workspace_id= %s ) "app_and_knowledge_temp" ON "app_and_knowledge_temp"."id" = static_temp."target_id" and app_and_knowledge_temp."auth_target_type"=static_temp."auth_target_type" diff --git a/apps/system_manage/sql/get_user_resource_permission.sql b/apps/system_manage/sql/get_user_resource_permission.sql index 8d88e5ccd..00ccb30e0 100644 --- a/apps/system_manage/sql/get_user_resource_permission.sql +++ b/apps/system_manage/sql/get_user_resource_permission.sql @@ -20,6 +20,26 @@ FROM (SELECT "id", folder_id FROM application ${application_query_set} + UNION + SELECT "id", + "name", + 'TOOL' AS "auth_target_type", + user_id, + workspace_id, + icon, + folder_id + FROM tool + ${tool_query_set} + UNION + SELECT "id", + "name", + 'MODEL' AS "auth_target_type", + user_id, + workspace_id, + provider as icon, + 'default' as folder_id + FROM model + ${model_query_set} ) app_or_knowledge LEFT JOIN (SELECT * FROM workspace_user_resource_permission diff --git a/ui/src/api/system/resource-authorization.ts b/ui/src/api/system/resource-authorization.ts index 2d3f74af3..34d0a174f 100644 --- a/ui/src/api/system/resource-authorization.ts +++ b/ui/src/api/system/resource-authorization.ts @@ -1,3 +1,4 @@ +import { Permission } from '@/utils/permission/type' import { Result } from '@/request/Result' import { get, put, post, del } from '@/request/index' import type { pageRequest } from '@/api/type/common' @@ -82,6 +83,19 @@ const getSystemFolder: ( data?: any, loading?: Ref, ) => Promise>> = (workspace_id, source, data, loading) => { + if (source == 'MODEL') { + return Promise.resolve( + Result.success([ + { + id: 'default', + name: '根目录', + desc: null, + parent_id: null, + children: [], + }, + ]), + ) + } return get(`${prefix}/${workspace_id}/${source}/folder`, data, loading) } diff --git a/ui/src/enums/system.ts b/ui/src/enums/system.ts index 16d4221ad..3fcbf7217 100644 --- a/ui/src/enums/system.ts +++ b/ui/src/enums/system.ts @@ -4,10 +4,12 @@ export enum AuthorizationEnum { ROLE = 'ROLE', KNOWLEDGE = 'KNOWLEDGE', APPLICATION = 'APPLICATION', + MODEL = 'MODEL', + TOOL = 'TOOL', } export enum RoleTypeEnum { ADMIN = 'ADMIN', USER = 'USER', WORKSPACE_MANAGE = 'WORKSPACE_MANAGE', -} \ No newline at end of file +} diff --git a/ui/src/views/system/resource-authorization/index.vue b/ui/src/views/system/resource-authorization/index.vue index 0d043b6ad..f66804097 100644 --- a/ui/src/views/system/resource-authorization/index.vue +++ b/ui/src/views/system/resource-authorization/index.vue @@ -110,7 +110,6 @@ const filterText = ref('') const activeName = ref(AuthorizationEnum.KNOWLEDGE) const tableHeight = ref(0) - const settingTags = reactive([ { label: t('views.knowledge.title'), @@ -124,6 +123,18 @@ const settingTags = reactive([ data: [] as any, isRole: false, }, + { + label: t('views.tool.title'), + value: AuthorizationEnum.TOOL, + data: [] as any, + isRole: false, + }, + { + label: t('views.model.title'), + value: AuthorizationEnum.MODEL, + data: [] as any, + isRole: false, + }, ]) watch(filterText, (val: any) => {