Skip to content

Commit 11ce2e2

Browse files
wxg0103wxg0103
committed
refactor: permission
1 parent 15eea40 commit 11ce2e2

File tree

1 file changed

+136
-36
lines changed

1 file changed

+136
-36
lines changed

apps/common/constants/permission_constants.py

Lines changed: 136 additions & 36 deletions
Original file line numberDiff line numberDiff line change
@@ -40,6 +40,10 @@ class Group(Enum):
4040
LOGIN_AUTH = "LOGIN_AUTH"
4141
SYSTEM_API_KEY = "SYSTEM_API_KEY"
4242
APPEARANCE_SETTINGS = "APPEARANCE_SETTINGS"
43+
CHAT_USER = "CHAT_USER"
44+
USER_GROUP = "USER_GROUP"
45+
CHAT_USER_AUTH = "CHAT_USER_AUTH"
46+
OTHER = "OTHER"
4347

4448

4549
class SystemGroup(Enum):
@@ -54,13 +58,13 @@ class SystemGroup(Enum):
5458
RESOURCE_TOOL = "RESOURCE_TOOL"
5559
RESOURCE_MODEL = "RESOURCE_MODEL"
5660
RESOURCE_PERMISSION = "RESOURCE_PERMISSION"
57-
SHARED_KNOWLEDGE = "SHARED_KNOWLEDGE"
58-
SHARED_MODEL = "SHARED_MODEL"
59-
SHARED_TOOL = "SHARED_TOOL"
61+
CHAT_USER = "CHAT_USER"
62+
# SHARED_KNOWLEDGE = "SHARED_KNOWLEDGE"
63+
# SHARED_MODEL = "SHARED_MODEL"
64+
# SHARED_TOOL = "SHARED_TOOL"
6065
SYSTEM_SETTING = "SYSTEM_SETTING"
6166
OPERATION_LOG = "OPERATION_LOG"
6267
OTHER = "OTHER"
63-
APPLICATION = "APPLICATION"
6468

6569

6670
class WorkspaceGroup(Enum):
@@ -102,6 +106,7 @@ class Operate(Enum):
102106
VECTOR = "READ+VECTOR" # 向量化
103107
MIGRATE = "READ+MIGRATE" # 迁移
104108
RELATE = "READ+RELATE" # 关联
109+
USER_GROUP = "READ+USER_GROUP" # 用户组
105110

106111

107112
class RoleGroup(Enum):
@@ -183,9 +188,9 @@ def get_workspace_role(self):
183188
SystemGroup.RESOURCE_TOOL.value: _("Resource Tool"),
184189
SystemGroup.RESOURCE_MODEL.value: _("Resource Model"),
185190
SystemGroup.RESOURCE_PERMISSION.value: _("Resource Permission"),
186-
SystemGroup.SHARED_KNOWLEDGE.value: _("Shared Knowledge"),
187-
SystemGroup.SHARED_MODEL.value: _("Shared Model"),
188-
SystemGroup.SHARED_TOOL.value: _("Shared Tool"),
191+
# SystemGroup.SHARED_KNOWLEDGE.value: _("Shared Knowledge"),
192+
# SystemGroup.SHARED_MODEL.value: _("Shared Model"),
193+
# SystemGroup.SHARED_TOOL.value: _("Shared Tool"),
189194
SystemGroup.OPERATION_LOG.value: _("Operation Log"),
190195
SystemGroup.OTHER.value: _("Other"),
191196
WorkspaceGroup.SYSTEM_MANAGEMENT.value: _("System Management"),
@@ -216,7 +221,10 @@ def get_workspace_role(self):
216221
Group.LOGIN_AUTH.value: _("Login Auth"),
217222
Group.DISPLAY_SETTINGS.value: _("Display Settings"),
218223
Group.SYSTEM_API_KEY.value: _("System API Key"),
219-
Group.APPEARANCE_SETTINGS.value:_("Appearance Settings")
224+
Group.APPEARANCE_SETTINGS.value: _("Appearance Settings"),
225+
Group.CHAT_USER.value: _("Chat User"),
226+
Group.USER_GROUP.value: _("User Group"),
227+
Group.CHAT_USER_AUTH.value: _("Chat User Auth"),
220228

221229
}
222230

@@ -521,51 +529,143 @@ class PermissionConstants(Enum):
521529
)
522530
APPLICATION_READ = Permission(group=Group.APPLICATION, operate=Operate.READ,
523531
role_list=[RoleConstants.ADMIN, RoleConstants.USER],
524-
parent_group=[SystemGroup.APPLICATION],
532+
parent_group=[WorkspaceGroup.APPLICATION, UserGroup.APPLICATION],
525533
resource_permission_group_list=[ResourcePermissionGroup.VIEW],
526534
)
527535
APPLICATION_EXPORT = Permission(group=Group.APPLICATION, operate=Operate.EXPORT,
528536
role_list=[RoleConstants.ADMIN, RoleConstants.USER],
529-
parent_group=[SystemGroup.APPLICATION]
537+
parent_group=[WorkspaceGroup.APPLICATION, UserGroup.APPLICATION],
530538
)
531539
APPLICATION_DELETE = Permission(group=Group.APPLICATION, operate=Operate.DELETE,
532540
role_list=[RoleConstants.ADMIN, RoleConstants.USER],
533-
parent_group=[SystemGroup.APPLICATION],
541+
parent_group=[WorkspaceGroup.APPLICATION, UserGroup.APPLICATION],
534542
resource_permission_group_list=[ResourcePermissionGroup.VIEW],
535543
)
536544
APPLICATION_EDIT = Permission(group=Group.APPLICATION, operate=Operate.EDIT,
537545
role_list=[RoleConstants.ADMIN, RoleConstants.USER],
538-
parent_group=[SystemGroup.APPLICATION],
546+
parent_group=[WorkspaceGroup.APPLICATION, UserGroup.APPLICATION],
539547
resource_permission_group_list=[ResourcePermissionGroup.VIEW],
540548
)
541-
SYSTEM_API_KEY_READ = Permission(group=Group.SYSTEM_API_KEY, operate=Operate.READ,
542-
role_list=[RoleConstants.ADMIN],
543-
parent_group=[SystemGroup.SYSTEM_SETTING]
544-
)
545-
SYSTEM_API_KEY_EDIT = Permission(group=Group.SYSTEM_API_KEY, operate=Operate.EDIT,
549+
SYSTEM_API_KEY_EDIT = Permission(group=Group.OTHER, operate=Operate.EDIT,
546550
role_list=[RoleConstants.ADMIN],
547-
parent_group=[SystemGroup.SYSTEM_SETTING]
551+
parent_group=[SystemGroup.OTHER],
552+
label=_('System API Key')
548553
)
549-
SYSTEM_API_KEY_DELETE = Permission(group=Group.SYSTEM_API_KEY, operate=Operate.DELETE,
550-
role_list=[RoleConstants.ADMIN],
551-
parent_group=[SystemGroup.SYSTEM_SETTING]
552-
)
553-
SYSTEM_API_KEY_CREATE = Permission(group=Group.SYSTEM_API_KEY, operate=Operate.CREATE,
554-
role_list=[RoleConstants.ADMIN],
555-
parent_group=[SystemGroup.SYSTEM_SETTING]
556-
)
557554
APPEARANCE_SETTINGS_READ = Permission(group=Group.APPEARANCE_SETTINGS, operate=Operate.READ,
558-
role_list=[RoleConstants.ADMIN],
559-
parent_group=[SystemGroup.SYSTEM_SETTING]
560-
)
555+
role_list=[RoleConstants.ADMIN],
556+
parent_group=[SystemGroup.SYSTEM_SETTING]
557+
)
561558
APPEARANCE_SETTINGS_EDIT = Permission(group=Group.APPEARANCE_SETTINGS, operate=Operate.EDIT,
562-
role_list=[RoleConstants.ADMIN],
563-
parent_group=[SystemGroup.SYSTEM_SETTING]
564-
)
565-
566-
567-
568-
559+
role_list=[RoleConstants.ADMIN],
560+
parent_group=[SystemGroup.SYSTEM_SETTING]
561+
)
562+
CHAT_USER_READ = Permission(group=Group.CHAT_USER, operate=Operate.READ,
563+
role_list=[RoleConstants.ADMIN],
564+
parent_group=[SystemGroup.CHAT_USER],
565+
label=_('Sync users')
566+
)
567+
CHAT_USER_CREATE = Permission(group=Group.CHAT_USER, operate=Operate.CREATE,
568+
role_list=[RoleConstants.ADMIN],
569+
parent_group=[SystemGroup.CHAT_USER]
570+
)
571+
CHAT_USER_SYNC = Permission(group=Group.CHAT_USER, operate=Operate.SYNC,
572+
role_list=[RoleConstants.ADMIN],
573+
parent_group=[SystemGroup.CHAT_USER]
574+
)
575+
CHAT_USER_EDIT = Permission(group=Group.CHAT_USER, operate=Operate.EDIT,
576+
role_list=[RoleConstants.ADMIN],
577+
parent_group=[SystemGroup.CHAT_USER]
578+
)
579+
CHAT_USER_DELETE = Permission(group=Group.CHAT_USER, operate=Operate.DELETE,
580+
role_list=[RoleConstants.ADMIN],
581+
parent_group=[SystemGroup.CHAT_USER]
582+
)
583+
CHAT_USER_GROUP = Permission(group=Group.CHAT_USER, operate=Operate.USER_GROUP,
584+
role_list=[RoleConstants.ADMIN],
585+
parent_group=[SystemGroup.CHAT_USER],
586+
label=_('Set up user groups')
587+
)
588+
USER_GROUP_READ = Permission(group=Group.USER_GROUP, operate=Operate.READ,
589+
role_list=[RoleConstants.ADMIN],
590+
parent_group=[SystemGroup.CHAT_USER]
591+
)
592+
USER_GROUP_CREATE = Permission(group=Group.USER_GROUP, operate=Operate.CREATE,
593+
role_list=[RoleConstants.ADMIN],
594+
parent_group=[SystemGroup.CHAT_USER]
595+
)
596+
USER_GROUP_EDIT = Permission(group=Group.USER_GROUP, operate=Operate.EDIT,
597+
role_list=[RoleConstants.ADMIN],
598+
parent_group=[SystemGroup.CHAT_USER]
599+
)
600+
USER_GROUP_DELETE = Permission(group=Group.USER_GROUP, operate=Operate.DELETE,
601+
role_list=[RoleConstants.ADMIN],
602+
parent_group=[SystemGroup.CHAT_USER]
603+
)
604+
USER_GROUP_ADD_MEMBER = Permission(group=Group.USER_GROUP, operate=Operate.ADD_MEMBER,
605+
role_list=[RoleConstants.ADMIN],
606+
parent_group=[SystemGroup.CHAT_USER]
607+
)
608+
USER_GROUP_REMOVE_MEMBER = Permission(group=Group.USER_GROUP, operate=Operate.REMOVE_MEMBER,
609+
role_list=[RoleConstants.ADMIN],
610+
parent_group=[SystemGroup.CHAT_USER]
611+
)
612+
CHAT_USER_AUTH_READ = Permission(group=Group.CHAT_USER_AUTH, operate=Operate.READ,
613+
role_list=[RoleConstants.ADMIN],
614+
parent_group=[SystemGroup.CHAT_USER]
615+
)
616+
CHAT_USER_AUTH_EDIT = Permission(group=Group.CHAT_USER_AUTH, operate=Operate.EDIT,
617+
role_list=[RoleConstants.ADMIN],
618+
parent_group=[SystemGroup.CHAT_USER]
619+
)
620+
WORKSPACE_CHAT_USER_READ = Permission(group=Group.CHAT_USER, operate=Operate.READ,
621+
role_list=[RoleConstants.ADMIN],
622+
parent_group=[WorkspaceGroup.SYSTEM_MANAGEMENT],
623+
)
624+
WORKSPACE_CHAT_USER_CREATE = Permission(group=Group.CHAT_USER, operate=Operate.CREATE,
625+
role_list=[RoleConstants.ADMIN],
626+
parent_group=[WorkspaceGroup.SYSTEM_MANAGEMENT],
627+
)
628+
WORKSPACE_CHAT_USER_EDIT = Permission(group=Group.CHAT_USER, operate=Operate.EDIT,
629+
role_list=[RoleConstants.ADMIN],
630+
parent_group=[WorkspaceGroup.SYSTEM_MANAGEMENT],
631+
)
632+
WORKSPACE_CHAT_USER_DELETE = Permission(group=Group.CHAT_USER, operate=Operate.DELETE,
633+
role_list=[RoleConstants.ADMIN],
634+
parent_group=[WorkspaceGroup.SYSTEM_MANAGEMENT],
635+
)
636+
WORKSPACE_CHAT_USER_SYNC = Permission(group=Group.CHAT_USER, operate=Operate.SYNC,
637+
role_list=[RoleConstants.ADMIN],
638+
parent_group=[WorkspaceGroup.SYSTEM_MANAGEMENT],
639+
)
640+
WORKSPACE_CHAT_USER_GROUP = Permission(group=Group.CHAT_USER, operate=Operate.USER_GROUP,
641+
role_list=[RoleConstants.ADMIN],
642+
parent_group=[WorkspaceGroup.SYSTEM_MANAGEMENT],
643+
label=_('Set up user groups')
644+
)
645+
WORKSPACE_USER_GROUP_READ = Permission(group=Group.USER_GROUP, operate=Operate.READ,
646+
role_list=[RoleConstants.ADMIN],
647+
parent_group=[WorkspaceGroup.SYSTEM_MANAGEMENT]
648+
)
649+
WORKSPACE_USER_GROUP_CREATE = Permission(group=Group.USER_GROUP, operate=Operate.CREATE,
650+
role_list=[RoleConstants.ADMIN],
651+
parent_group=[WorkspaceGroup.SYSTEM_MANAGEMENT]
652+
)
653+
WORKSPACE_USER_GROUP_EDIT = Permission(group=Group.USER_GROUP, operate=Operate.EDIT,
654+
role_list=[RoleConstants.ADMIN],
655+
parent_group=[WorkspaceGroup.SYSTEM_MANAGEMENT]
656+
)
657+
WORKSPACE_USER_GROUP_DELETE = Permission(group=Group.USER_GROUP, operate=Operate.DELETE,
658+
role_list=[RoleConstants.ADMIN],
659+
parent_group=[WorkspaceGroup.SYSTEM_MANAGEMENT]
660+
)
661+
WORKSPACE_USER_GROUP_ADD_MEMBER = Permission(group=Group.USER_GROUP, operate=Operate.ADD_MEMBER,
662+
role_list=[RoleConstants.ADMIN],
663+
parent_group=[WorkspaceGroup.SYSTEM_MANAGEMENT]
664+
)
665+
WORKSPACE_USER_GROUP_REMOVE_MEMBER = Permission(group=Group.USER_GROUP, operate=Operate.REMOVE_MEMBER,
666+
role_list=[RoleConstants.ADMIN],
667+
parent_group=[WorkspaceGroup.SYSTEM_MANAGEMENT]
668+
)
569669

570670
def get_workspace_application_permission(self):
571671
return lambda r, kwargs: Permission(group=self.value.group, operate=self.value.operate,

0 commit comments

Comments
 (0)