Skip to content

Commit 3b4b658

Browse files
zhanweizhang7zhanweizhang7
committed
feat: System common user permission by resource authorization
1 parent b5efa49 commit 3b4b658

File tree

8 files changed

+126
-57
lines changed

8 files changed

+126
-57
lines changed

ui/src/permission/application/workspace.ts

Lines changed: 13 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -1,11 +1,11 @@
11
import { hasPermission } from '@/utils/permission/index'
22
import { PermissionConst, RoleConst } from '@/utils/permission/data'
3+
import { ComplexPermission } from '@/utils/permission/type'
34

45
const workspace = {
56
create: () =>
67
hasPermission(
78
[
8-
RoleConst.ADMIN,
99
RoleConst.USER.getWorkspaceRole,
1010
RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
1111
PermissionConst.APPLICATION_CREATE.getWorkspacePermission,
@@ -16,7 +16,7 @@ const workspace = {
1616
edit: (source_id:string) =>
1717
hasPermission(
1818
[
19-
RoleConst.ADMIN,
19+
new ComplexPermission([RoleConst.USER],[PermissionConst.APPLICATION.getApplicationWorkspaceResourcePermission(source_id)],[],'AND'),
2020
RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
2121
PermissionConst.APPLICATION_EDIT.getWorkspacePermissionWorkspaceManageRole,
2222
PermissionConst.APPLICATION_EDIT.getApplicationWorkspaceResourcePermission(source_id)
@@ -26,7 +26,7 @@ const workspace = {
2626
export: (source_id:string) =>
2727
hasPermission(
2828
[
29-
RoleConst.ADMIN,
29+
new ComplexPermission([RoleConst.USER],[PermissionConst.APPLICATION.getApplicationWorkspaceResourcePermission(source_id)],[],'AND'),
3030
RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
3131
PermissionConst.APPLICATION_EXPORT.getWorkspacePermissionWorkspaceManageRole,
3232
PermissionConst.APPLICATION_EXPORT.getApplicationWorkspaceResourcePermission(source_id)
@@ -36,7 +36,7 @@ const workspace = {
3636
delete: (source_id:string) =>
3737
hasPermission(
3838
[
39-
RoleConst.ADMIN,
39+
new ComplexPermission([RoleConst.USER],[PermissionConst.APPLICATION.getApplicationWorkspaceResourcePermission(source_id)],[],'AND'),
4040
RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
4141
PermissionConst.APPLICATION_DELETE.getWorkspacePermissionWorkspaceManageRole,
4242
PermissionConst.APPLICATION_DELETE.getApplicationWorkspaceResourcePermission(source_id)
@@ -46,7 +46,7 @@ const workspace = {
4646
overview_embed: (source_id:string) =>
4747
hasPermission(
4848
[
49-
RoleConst.ADMIN,
49+
new ComplexPermission([RoleConst.USER],[PermissionConst.APPLICATION.getApplicationWorkspaceResourcePermission(source_id)],[],'AND'),
5050
RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
5151
PermissionConst.APPLICATION_OVERVIEW_EMBEDDED.getWorkspacePermissionWorkspaceManageRole,
5252
PermissionConst.APPLICATION_OVERVIEW_EMBEDDED.getApplicationWorkspaceResourcePermission(source_id)
@@ -55,8 +55,7 @@ const workspace = {
5555
),
5656
overview_access: (source_id:string) =>
5757
hasPermission(
58-
[
59-
RoleConst.ADMIN,
58+
[new ComplexPermission([RoleConst.USER],[PermissionConst.APPLICATION.getApplicationWorkspaceResourcePermission(source_id)],[],'AND'),
6059
RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
6160
PermissionConst.APPLICATION_OVERVIEW_ACCESS.getWorkspacePermissionWorkspaceManageRole,
6261
PermissionConst.APPLICATION_OVERVIEW_ACCESS.getApplicationWorkspaceResourcePermission(source_id)
@@ -68,7 +67,7 @@ const workspace = {
6867
overview_display: (source_id:string) =>
6968
hasPermission(
7069
[
71-
RoleConst.ADMIN,
70+
new ComplexPermission([RoleConst.USER],[PermissionConst.APPLICATION.getApplicationWorkspaceResourcePermission(source_id)],[],'AND'),
7271
RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
7372
PermissionConst.APPLICATION_OVERVIEW_DISPLAY.getWorkspacePermissionWorkspaceManageRole,
7473
PermissionConst.APPLICATION_OVERVIEW_DISPLAY.getApplicationWorkspaceResourcePermission(source_id)
@@ -78,7 +77,7 @@ const workspace = {
7877
overview_api_key: (source_id:string) =>
7978
hasPermission(
8079
[
81-
RoleConst.ADMIN,
80+
new ComplexPermission([RoleConst.USER],[PermissionConst.APPLICATION.getApplicationWorkspaceResourcePermission(source_id)],[],'AND'),
8281
RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
8382
PermissionConst.APPLICATION_OVERVIEW_API_KEY.getWorkspacePermissionWorkspaceManageRole,
8483
PermissionConst.APPLICATION_OVERVIEW_API_KEY.getApplicationWorkspaceResourcePermission(source_id)
@@ -88,7 +87,7 @@ const workspace = {
8887
access_edit: (source_id:string) =>
8988
hasPermission(
9089
[
91-
RoleConst.ADMIN,
90+
new ComplexPermission([RoleConst.USER],[PermissionConst.APPLICATION.getApplicationWorkspaceResourcePermission(source_id)],[],'AND'),
9291
RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
9392
PermissionConst.APPLICATION_ACCESS_EDIT.getWorkspacePermissionWorkspaceManageRole,
9493
PermissionConst.APPLICATION_ACCESS_EDIT.getApplicationWorkspaceResourcePermission(source_id)
@@ -98,7 +97,7 @@ const workspace = {
9897
application_chat_user_edit: (source_id:string) =>
9998
hasPermission(
10099
[
101-
RoleConst.ADMIN,
100+
new ComplexPermission([RoleConst.USER],[PermissionConst.APPLICATION.getApplicationWorkspaceResourcePermission(source_id)],[],'AND'),
102101
RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
103102
PermissionConst.APPLICATION_CHAT_USER_EDIT.getWorkspacePermissionWorkspaceManageRole,
104103
PermissionConst.APPLICATION_CHAT_USER_EDIT.getApplicationWorkspaceResourcePermission(source_id)
@@ -108,7 +107,7 @@ const workspace = {
108107
chat_log_clear: (source_id:string) =>
109108
hasPermission(
110109
[
111-
RoleConst.ADMIN,
110+
new ComplexPermission([RoleConst.USER],[PermissionConst.APPLICATION.getApplicationWorkspaceResourcePermission(source_id)],[],'AND'),
112111
RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
113112
PermissionConst.APPLICATION_CHAT_LOG_CLEAR_POLICY.getWorkspacePermissionWorkspaceManageRole,
114113
PermissionConst.APPLICATION_CHAT_LOG_CLEAR_POLICY.getApplicationWorkspaceResourcePermission(source_id)
@@ -118,7 +117,7 @@ const workspace = {
118117
chat_log_export: (source_id:string) =>
119118
hasPermission(
120119
[
121-
RoleConst.ADMIN,
120+
new ComplexPermission([RoleConst.USER],[PermissionConst.APPLICATION.getApplicationWorkspaceResourcePermission(source_id)],[],'AND'),
122121
RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
123122
PermissionConst.APPLICATION_CHAT_LOG_EXPORT.getWorkspacePermissionWorkspaceManageRole,
124123
PermissionConst.APPLICATION_CHAT_LOG_EXPORT.getApplicationWorkspaceResourcePermission(source_id)
@@ -128,7 +127,7 @@ const workspace = {
128127
chat_log_add_knowledge: (source_id:string) =>
129128
hasPermission(
130129
[
131-
RoleConst.ADMIN,
130+
new ComplexPermission([RoleConst.USER],[PermissionConst.APPLICATION.getApplicationWorkspaceResourcePermission(source_id)],[],'AND'),
132131
RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
133132
PermissionConst.APPLICATION_CHAT_LOG_ADD_KNOWLEDGE.getWorkspacePermissionWorkspaceManageRole,
134133
PermissionConst.APPLICATION_CHAT_LOG_ADD_KNOWLEDGE.getApplicationWorkspaceResourcePermission(source_id)

ui/src/permission/knowledge/workspace.ts

Lines changed: 19 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -23,6 +23,7 @@ const workspace = {
2323
sync: (source_id:string) =>
2424
hasPermission(
2525
[
26+
new ComplexPermission([RoleConst.USER],[PermissionConst.KNOWLEDGE.getKnowledgeWorkspaceResourcePermission(source_id)],[],'AND'),
2627
RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
2728
PermissionConst.KNOWLEDGE_DOCUMENT_SYNC.getKnowledgeWorkspaceResourcePermission(source_id),
2829
PermissionConst.KNOWLEDGE_DOCUMENT_SYNC.getWorkspacePermissionWorkspaceManageRole,
@@ -32,6 +33,7 @@ const workspace = {
3233
vector: (source_id:string) =>
3334
hasPermission(
3435
[
36+
new ComplexPermission([RoleConst.USER],[PermissionConst.KNOWLEDGE.getKnowledgeWorkspaceResourcePermission(source_id)],[],'AND'),
3537
RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
3638
PermissionConst.KNOWLEDGE_DOCUMENT_VECTOR.getKnowledgeWorkspaceResourcePermission(source_id),
3739
PermissionConst.KNOWLEDGE_DOCUMENT_VECTOR.getWorkspacePermissionWorkspaceManageRole,
@@ -41,6 +43,7 @@ const workspace = {
4143
generate: (source_id:string) =>
4244
hasPermission(
4345
[
46+
new ComplexPermission([RoleConst.USER],[PermissionConst.KNOWLEDGE.getKnowledgeWorkspaceResourcePermission(source_id)],[],'AND'),
4447
RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
4548
PermissionConst.KNOWLEDGE_GENERATE.getKnowledgeWorkspaceResourcePermission(source_id),
4649
PermissionConst.KNOWLEDGE_GENERATE.getWorkspacePermissionWorkspaceManageRole,
@@ -50,6 +53,7 @@ const workspace = {
5053
setting: (source_id:string) =>
5154
hasPermission(
5255
[
56+
new ComplexPermission([RoleConst.USER],[PermissionConst.KNOWLEDGE.getKnowledgeWorkspaceResourcePermission(source_id)],[],'AND'),
5357
RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
5458
PermissionConst.KNOWLEDGE_EDIT.getKnowledgeWorkspaceResourcePermission(source_id),
5559
PermissionConst.KNOWLEDGE_EDIT.getWorkspacePermissionWorkspaceManageRole,
@@ -59,6 +63,7 @@ const workspace = {
5963
export: (source_id:string) =>
6064
hasPermission(
6165
[
66+
new ComplexPermission([RoleConst.USER],[PermissionConst.KNOWLEDGE.getKnowledgeWorkspaceResourcePermission(source_id)],[],'AND'),
6267
RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
6368
PermissionConst.KNOWLEDGE_EXPORT.getKnowledgeWorkspaceResourcePermission(source_id),
6469
PermissionConst.KNOWLEDGE_EXPORT.getWorkspacePermissionWorkspaceManageRole,
@@ -68,6 +73,7 @@ const workspace = {
6873
delete: (source_id:string) =>
6974
hasPermission(
7075
[
76+
new ComplexPermission([RoleConst.USER],[PermissionConst.KNOWLEDGE.getKnowledgeWorkspaceResourcePermission(source_id)],[],'AND'),
7177
RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
7278
PermissionConst.KNOWLEDGE_DELETE.getKnowledgeWorkspaceResourcePermission(source_id),
7379
PermissionConst.KNOWLEDGE_DELETE.getWorkspacePermissionWorkspaceManageRole,
@@ -77,6 +83,7 @@ const workspace = {
7783
doc_create: (source_id:string) =>
7884
hasPermission(
7985
[
86+
new ComplexPermission([RoleConst.USER],[PermissionConst.KNOWLEDGE.getKnowledgeWorkspaceResourcePermission(source_id)],[],'AND'),
8087
RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
8188
PermissionConst.KNOWLEDGE_DOCUMENT_CREATE.getKnowledgeWorkspaceResourcePermission(source_id),
8289
PermissionConst.KNOWLEDGE_DOCUMENT_CREATE.getWorkspacePermissionWorkspaceManageRole,
@@ -86,6 +93,7 @@ const workspace = {
8693
doc_vector: (source_id:string) =>
8794
hasPermission(
8895
[
96+
new ComplexPermission([RoleConst.USER],[PermissionConst.KNOWLEDGE.getKnowledgeWorkspaceResourcePermission(source_id)],[],'AND'),
8997
RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
9098
PermissionConst.KNOWLEDGE_DOCUMENT_VECTOR.getKnowledgeWorkspaceResourcePermission(source_id),
9199
PermissionConst.KNOWLEDGE_DOCUMENT_VECTOR.getWorkspacePermissionWorkspaceManageRole,
@@ -95,6 +103,7 @@ const workspace = {
95103
doc_generate: (source_id:string) =>
96104
hasPermission(
97105
[
106+
new ComplexPermission([RoleConst.USER],[PermissionConst.KNOWLEDGE.getKnowledgeWorkspaceResourcePermission(source_id)],[],'AND'),
98107
RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
99108
PermissionConst.KNOWLEDGE_DOCUMENT_GENERATE.getKnowledgeWorkspaceResourcePermission(source_id),
100109
PermissionConst.KNOWLEDGE_DOCUMENT_GENERATE.getWorkspacePermissionWorkspaceManageRole,
@@ -104,6 +113,7 @@ const workspace = {
104113
doc_migrate: (source_id:string) =>
105114
hasPermission(
106115
[
116+
new ComplexPermission([RoleConst.USER],[PermissionConst.KNOWLEDGE.getKnowledgeWorkspaceResourcePermission(source_id)],[],'AND'),
107117
RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
108118
PermissionConst.KNOWLEDGE_DOCUMENT_MIGRATE.getKnowledgeWorkspaceResourcePermission(source_id),
109119
PermissionConst.KNOWLEDGE_DOCUMENT_MIGRATE.getWorkspacePermissionWorkspaceManageRole,
@@ -113,6 +123,7 @@ const workspace = {
113123
doc_edit: (source_id:string) =>
114124
hasPermission(
115125
[
126+
new ComplexPermission([RoleConst.USER],[PermissionConst.KNOWLEDGE.getKnowledgeWorkspaceResourcePermission(source_id)],[],'AND'),
116127
RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
117128
PermissionConst.KNOWLEDGE_DOCUMENT_EDIT.getKnowledgeWorkspaceResourcePermission(source_id),
118129
PermissionConst.KNOWLEDGE_DOCUMENT_EDIT.getWorkspacePermissionWorkspaceManageRole,
@@ -122,6 +133,7 @@ const workspace = {
122133
doc_sync: (source_id:string) =>
123134
hasPermission(
124135
[
136+
new ComplexPermission([RoleConst.USER],[PermissionConst.KNOWLEDGE.getKnowledgeWorkspaceResourcePermission(source_id)],[],'AND'),
125137
RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
126138
PermissionConst.KNOWLEDGE_DOCUMENT_SYNC.getKnowledgeWorkspaceResourcePermission(source_id),
127139
PermissionConst.KNOWLEDGE_DOCUMENT_SYNC.getWorkspacePermissionWorkspaceManageRole,
@@ -131,6 +143,7 @@ const workspace = {
131143
doc_delete: (source_id:string) =>
132144
hasPermission(
133145
[
146+
new ComplexPermission([RoleConst.USER],[PermissionConst.KNOWLEDGE.getKnowledgeWorkspaceResourcePermission(source_id)],[],'AND'),
134147
RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
135148
PermissionConst.KNOWLEDGE_DOCUMENT_DELETE.getKnowledgeWorkspaceResourcePermission(source_id),
136149
PermissionConst.KNOWLEDGE_DOCUMENT_DELETE.getWorkspacePermissionWorkspaceManageRole,
@@ -140,6 +153,7 @@ const workspace = {
140153
doc_export: (source_id:string) =>
141154
hasPermission(
142155
[
156+
new ComplexPermission([RoleConst.USER],[PermissionConst.KNOWLEDGE.getKnowledgeWorkspaceResourcePermission(source_id)],[],'AND'),
143157
RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
144158
PermissionConst.KNOWLEDGE_DOCUMENT_EXPORT.getKnowledgeWorkspaceResourcePermission(source_id),
145159
PermissionConst.KNOWLEDGE_DOCUMENT_EXPORT.getWorkspacePermissionWorkspaceManageRole,
@@ -149,6 +163,7 @@ const workspace = {
149163
doc_download: (source_id:string) =>
150164
hasPermission(
151165
[
166+
new ComplexPermission([RoleConst.USER],[PermissionConst.KNOWLEDGE.getKnowledgeWorkspaceResourcePermission(source_id)],[],'AND'),
152167
RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
153168
PermissionConst.KNOWLEDGE_DOCUMENT_DOWNLOAD_SOURCE_FILE.getKnowledgeWorkspaceResourcePermission(source_id),
154169
PermissionConst.KNOWLEDGE_DOCUMENT_DOWNLOAD_SOURCE_FILE.getWorkspacePermissionWorkspaceManageRole,
@@ -158,6 +173,7 @@ const workspace = {
158173
knowledge_chat_user_edit: (source_id:string) =>
159174
hasPermission(
160175
[
176+
new ComplexPermission([RoleConst.USER],[PermissionConst.KNOWLEDGE.getKnowledgeWorkspaceResourcePermission(source_id)],[],'AND'),
161177
RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
162178
PermissionConst.KNOWLEDGE_CHAT_USER_EDIT.getKnowledgeWorkspaceResourcePermission(source_id),
163179
PermissionConst.KNOWLEDGE_CHAT_USER_EDIT.getWorkspacePermissionWorkspaceManageRole,
@@ -167,6 +183,7 @@ const workspace = {
167183
problem_create: (source_id:string) =>
168184
hasPermission(
169185
[
186+
new ComplexPermission([RoleConst.USER],[PermissionConst.KNOWLEDGE.getKnowledgeWorkspaceResourcePermission(source_id)],[],'AND'),
170187
RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
171188
PermissionConst.KNOWLEDGE_PROBLEM_CREATE.getKnowledgeWorkspaceResourcePermission(source_id),
172189
PermissionConst.KNOWLEDGE_PROBLEM_CREATE.getWorkspacePermissionWorkspaceManageRole,
@@ -176,6 +193,7 @@ const workspace = {
176193
problem_relate: (source_id:string) =>
177194
hasPermission(
178195
[
196+
new ComplexPermission([RoleConst.USER],[PermissionConst.KNOWLEDGE.getKnowledgeWorkspaceResourcePermission(source_id)],[],'AND'),
179197
RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
180198
PermissionConst.KNOWLEDGE_PROBLEM_RELATE.getKnowledgeWorkspaceResourcePermission(source_id),
181199
PermissionConst.KNOWLEDGE_PROBLEM_RELATE.getWorkspacePermissionWorkspaceManageRole,
@@ -185,6 +203,7 @@ const workspace = {
185203
problem_delete: (source_id:string) =>
186204
hasPermission(
187205
[
206+
new ComplexPermission([RoleConst.USER],[PermissionConst.KNOWLEDGE.getKnowledgeWorkspaceResourcePermission(source_id)],[],'AND'),
188207
RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
189208
PermissionConst.KNOWLEDGE_PROBLEM_DELETE.getKnowledgeWorkspaceResourcePermission(source_id),
190209
PermissionConst.KNOWLEDGE_PROBLEM_DELETE.getWorkspacePermissionWorkspaceManageRole,

ui/src/permission/model/workspace.ts

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -23,6 +23,7 @@ const workspace = {
2323
modify: (source_id:string) =>
2424
hasPermission(
2525
[
26+
new ComplexPermission([RoleConst.USER],[PermissionConst.MODEL.getModelWorkspaceResourcePermission(source_id)],[],'AND'),
2627
RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
2728
PermissionConst.MODEL_EDIT.getModelWorkspaceResourcePermission(source_id),
2829
PermissionConst.MODEL_EDIT.getWorkspacePermissionWorkspaceManageRole
@@ -32,7 +33,7 @@ const workspace = {
3233
paramSetting: (source_id:string) =>
3334
hasPermission(
3435
[
35-
RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
36+
new ComplexPermission([RoleConst.USER],[PermissionConst.MODEL.getModelWorkspaceResourcePermission(source_id)],[],'AND'),
3637
PermissionConst.MODEL_EDIT.getModelWorkspaceResourcePermission(source_id),
3738
PermissionConst.MODEL_EDIT.getWorkspacePermissionWorkspaceManageRole
3839
],
@@ -41,7 +42,7 @@ const workspace = {
4142
delete: (source_id:string) =>
4243
hasPermission(
4344
[
44-
RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
45+
new ComplexPermission([RoleConst.USER],[PermissionConst.MODEL.getModelWorkspaceResourcePermission(source_id)],[],'AND'),
4546
PermissionConst.MODEL_DELETE.getModelWorkspaceResourcePermission(source_id),
4647
PermissionConst.MODEL_DELETE.getWorkspacePermissionWorkspaceManageRole
4748
],

0 commit comments

Comments
 (0)