feat: add workspace validation for knowledge id across serializers

Author: liuruibin

apps/knowledge/serializers/document.py

@@ -259,6 +259,20 @@ class Migrate(serializers.Serializer):
         document_id_list = serializers.ListField(required=True, label=_('document list'),
                                                  child=serializers.UUIDField(required=True, label=_('document id')))
 
+        def is_valid(self, *, raise_exception=False):
+            super().is_valid(raise_exception=True)
+            workspace_id = self.data.get('workspace_id')
+            query_set = QuerySet(Knowledge).filter(id=self.data.get('knowledge_id'))
+            if workspace_id:
+                query_set = query_set.filter(workspace_id=workspace_id)
+            if not query_set.exists():
+                raise AppApiException(500, _('Knowledge id does not exist'))
+            query_set = QuerySet(Knowledge).filter(id=self.data.get('target_knowledge_id'))
+            if workspace_id:
+                query_set = query_set.filter(workspace_id=workspace_id)
+            if not query_set.exists():
+                raise AppApiException(500, _('Knowledge id does not exist'))
+
         @transaction.atomic
         def migrate(self, with_valid=True):
             if with_valid:
@@ -416,6 +430,12 @@ class Sync(serializers.Serializer):
 
         def is_valid(self, *, raise_exception=False):
             super().is_valid(raise_exception=True)
+            workspace_id = self.data.get('workspace_id')
+            query_set = QuerySet(Knowledge).filter(id=self.data.get('knowledge_id'))
+            if workspace_id:
+                query_set = query_set.filter(workspace_id=workspace_id)
+            if not query_set.exists():
+                raise AppApiException(500, _('Knowledge id does not exist'))
             document_id = self.data.get('document_id')
             first = QuerySet(Document).filter(id=document_id).first()
             if first is None:
@@ -510,6 +530,12 @@ class Operate(serializers.Serializer):
 
         def is_valid(self, *, raise_exception=False):
             super().is_valid(raise_exception=True)
+            workspace_id = self.data.get('workspace_id')
+            query_set = QuerySet(Knowledge).filter(id=self.data.get('knowledge_id'))
+            if workspace_id:
+                query_set = query_set.filter(workspace_id=workspace_id)
+            if not query_set.exists():
+                raise AppApiException(500, _('Knowledge id does not exist'))
             document_id = self.data.get('document_id')
             if not QuerySet(Document).filter(id=document_id).exists():
                 raise AppApiException(500, _('document id not exist'))
@@ -930,6 +956,12 @@ class Split(serializers.Serializer):
 
         def is_valid(self, *, instance=None, raise_exception=True):
             super().is_valid(raise_exception=True)
+            workspace_id = self.data.get('workspace_id')
+            query_set = QuerySet(Knowledge).filter(id=self.data.get('knowledge_id'))
+            if workspace_id:
+                query_set = query_set.filter(workspace_id=workspace_id)
+            if not query_set.exists():
+                raise AppApiException(500, _('Knowledge id does not exist'))
             files = instance.get('file')
             knowledge = Knowledge.objects.filter(id=self.data.get('knowledge_id')).first()
             for f in files:
@@ -1023,6 +1055,15 @@ class Batch(serializers.Serializer):
         workspace_id = serializers.CharField(required=True, label=_('workspace id'))
         knowledge_id = serializers.UUIDField(required=True, label=_('knowledge id'))
 
+        def is_valid(self, *, raise_exception=False):
+            super().is_valid(raise_exception=True)
+            workspace_id = self.data.get('workspace_id')
+            query_set = QuerySet(Knowledge).filter(id=self.data.get('knowledge_id'))
+            if workspace_id:
+                query_set = query_set.filter(workspace_id=workspace_id)
+            if not query_set.exists():
+                raise AppApiException(500, _('Knowledge id does not exist'))
+
         @staticmethod
         def link_file(source_file_id, document_id):
             if source_file_id is None:
@@ -1206,6 +1247,15 @@ class BatchGenerateRelated(serializers.Serializer):
         workspace_id = serializers.CharField(required=True, label=_('workspace id'))
         knowledge_id = serializers.UUIDField(required=True, label=_('knowledge id'))
 
+        def is_valid(self, *, raise_exception=False):
+            super().is_valid(raise_exception=True)
+            workspace_id = self.data.get('workspace_id')
+            query_set = QuerySet(Knowledge).filter(id=self.data.get('knowledge_id'))
+            if workspace_id:
+                query_set = query_set.filter(workspace_id=workspace_id)
+            if not query_set.exists():
+                raise AppApiException(500, _('Knowledge id does not exist'))
+
         def batch_generate_related(self, instance: Dict, with_valid=True):
             if with_valid:
                 self.is_valid(raise_exception=True)

apps/knowledge/serializers/knowledge.py

@@ -10,7 +10,6 @@
 import uuid_utils.compat as uuid
 from celery_once import AlreadyQueued
 from django.core import validators
-from django.core.cache import cache
 from django.db import transaction, models
 from django.db.models import QuerySet
 from django.db.models.functions import Reverse, Substr
@@ -20,8 +19,6 @@
 
 from application.models import ApplicationKnowledgeMapping
 from common.config.embedding_config import VectorStore
-from common.constants.cache_version import Cache_Version
-from common.constants.permission_constants import ResourceAuthType, ResourcePermission, ResourcePermissionRole
 from common.database_model_manage.database_model_manage import DatabaseModelManage
 from common.db.search import native_search, get_dynamics_model, native_page_search
 from common.db.sql_execute import select_list
@@ -227,6 +224,15 @@ class Operate(serializers.Serializer):
         workspace_id = serializers.CharField(required=True, label=_('workspace id'))
         knowledge_id = serializers.UUIDField(required=True, label=_('knowledge id'))
 
+        def is_valid(self, *, raise_exception=False):
+            super().is_valid(raise_exception=True)
+            workspace_id = self.data.get('workspace_id')
+            query_set = QuerySet(Knowledge).filter(id=self.data.get('knowledge_id'))
+            if workspace_id:
+                query_set = query_set.filter(workspace_id=workspace_id)
+            if not query_set.exists():
+                raise AppApiException(500, _('Knowledge id does not exist'))
+
         @transaction.atomic
         def embedding(self, with_valid=True):
             if with_valid:
@@ -618,6 +624,12 @@ class SyncWeb(serializers.Serializer):
 
         def is_valid(self, *, raise_exception=False):
             super().is_valid(raise_exception=True)
+            workspace_id = self.data.get('workspace_id')
+            query_set = QuerySet(Knowledge).filter(id=self.data.get('knowledge_id'))
+            if workspace_id:
+                query_set = query_set.filter(workspace_id=workspace_id)
+            if not query_set.exists():
+                raise AppApiException(500, _('Knowledge id does not exist'))
             first = QuerySet(Knowledge).filter(id=self.data.get("knowledge_id")).first()
             if first is None:
                 raise AppApiException(300, _('id does not exist'))
@@ -700,6 +712,12 @@ class HitTest(serializers.Serializer):
 
         def is_valid(self, *, raise_exception=True):
             super().is_valid(raise_exception=True)
+            workspace_id = self.data.get('workspace_id')
+            query_set = QuerySet(Knowledge).filter(id=self.data.get('knowledge_id'))
+            if workspace_id:
+                query_set = query_set.filter(workspace_id=workspace_id)
+            if not query_set.exists():
+                raise AppApiException(500, _('Knowledge id does not exist'))
             if not QuerySet(Knowledge).filter(id=self.data.get("knowledge_id")).exists():
                 raise AppApiException(300, _('id does not exist'))
 

apps/knowledge/serializers/paragraph.py

@@ -6,7 +6,6 @@
 from celery_once import AlreadyQueued
 from django.db import transaction
 from django.db.models import QuerySet, Count, F
-from django.db.models.aggregates import Max
 from django.utils.translation import gettext_lazy as _
 from rest_framework import serializers
 
@@ -67,12 +66,19 @@ class ParagraphSerializers(serializers.Serializer):
     content = serializers.CharField(required=True, max_length=102400, label=_('section title'))
 
     class Problem(serializers.Serializer):
+        workspace_id = serializers.CharField(required=True, label=_('workspace id'))
         knowledge_id = serializers.UUIDField(required=True, label=_('knowledge id'))
         document_id = serializers.UUIDField(required=True, label=_('document id'))
         paragraph_id = serializers.UUIDField(required=True, label=_('paragraph id'))
 
         def is_valid(self, *, raise_exception=False):
             super().is_valid(raise_exception=True)
+            workspace_id = self.data.get('workspace_id')
+            query_set = QuerySet(Knowledge).filter(id=self.data.get('knowledge_id'))
+            if workspace_id:
+                query_set = query_set.filter(workspace_id=workspace_id)
+            if not query_set.exists():
+                raise AppApiException(500, _('Knowledge id does not exist'))
             if not QuerySet(Paragraph).filter(id=self.data.get('paragraph_id')).exists():
                 raise AppApiException(500, _('Paragraph id does not exist'))
 
@@ -127,7 +133,11 @@ def save(self, instance: Dict, with_valid=True, with_embedding=True, embedding_b
                 }, model_id)
 
             return ProblemSerializers.Operate(
-                data={'knowledge_id': self.data.get('knowledge_id'), 'problem_id': problem.id}
+                data={
+                    'workspace_id':  self.data.get('workspace_id'),
+                    'knowledge_id': self.data.get('knowledge_id'),
+                    'problem_id': problem.id
+                }
             ).one(with_valid=True)
 
     class Operate(serializers.Serializer):
@@ -141,6 +151,12 @@ class Operate(serializers.Serializer):
 
         def is_valid(self, *, raise_exception=True):
             super().is_valid(raise_exception=True)
+            workspace_id = self.data.get('workspace_id')
+            query_set = QuerySet(Knowledge).filter(id=self.data.get('knowledge_id'))
+            if workspace_id:
+                query_set = query_set.filter(workspace_id=workspace_id)
+            if not query_set.exists():
+                raise AppApiException(500, _('Knowledge id does not exist'))
             if not QuerySet(Paragraph).filter(id=self.data.get('paragraph_id')).exists():
                 raise AppApiException(500, _('Paragraph id does not exist'))
 
@@ -321,11 +337,21 @@ def or_get(exists_problem_list, content, knowledge_id):
                 return Problem(id=uuid.uuid7(), content=content, knowledge_id=knowledge_id)
 
     class Query(serializers.Serializer):
+        workspace_id = serializers.CharField(required=True, label=_('workspace id'))
         knowledge_id = serializers.UUIDField(required=True, label=_('knowledge id'))
         document_id = serializers.UUIDField(required=True, label=_('document id'))
         title = serializers.CharField(required=False, label=_('section title'))
         content = serializers.CharField(required=False)
 
+        def is_valid(self, *, raise_exception=False):
+            super().is_valid(raise_exception=True)
+            workspace_id = self.data.get('workspace_id')
+            query_set = QuerySet(Knowledge).filter(id=self.data.get('knowledge_id'))
+            if workspace_id:
+                query_set = query_set.filter(workspace_id=workspace_id)
+            if not query_set.exists():
+                raise AppApiException(500, _('Knowledge id does not exist'))
+
         def get_query_set(self):
             query_set = QuerySet(model=Paragraph)
             query_set = query_set.filter(
@@ -357,6 +383,12 @@ def is_valid(self, *, raise_exception=True):
             knowledge_id = self.data.get('knowledge_id')
             paragraph_id = self.data.get('paragraph_id')
             problem_id = self.data.get("problem_id")
+            workspace_id = self.data.get('workspace_id')
+            query_set = QuerySet(Knowledge).filter(id=self.data.get('knowledge_id'))
+            if workspace_id:
+                query_set = query_set.filter(workspace_id=workspace_id)
+            if not query_set.exists():
+                raise AppApiException(500, _('Knowledge id does not exist'))
             if not QuerySet(Paragraph).filter(knowledge_id=knowledge_id, id=paragraph_id).exists():
                 raise AppApiException(500, _('Paragraph does not exist'))
             if not QuerySet(Problem).filter(knowledge_id=knowledge_id, id=problem_id).exists():
@@ -398,9 +430,19 @@ def un_association(self, with_valid=True):
             return True
 
     class Batch(serializers.Serializer):
+        workspace_id = serializers.CharField(required=False, label=_('workspace id'))
         knowledge_id = serializers.UUIDField(required=True, label=_('knowledge id'))
         document_id = serializers.UUIDField(required=True, label=_('document id'))
 
+        def is_valid(self, *, raise_exception=False):
+            super().is_valid(raise_exception=True)
+            workspace_id = self.data.get('workspace_id')
+            query_set = QuerySet(Knowledge).filter(id=self.data.get('knowledge_id'))
+            if workspace_id:
+                query_set = query_set.filter(workspace_id=workspace_id)
+            if not query_set.exists():
+                raise AppApiException(500, _('Knowledge id does not exist'))
+
         @transaction.atomic
         def batch_delete(self, instance: Dict, with_valid=True):
             if with_valid:
@@ -448,6 +490,12 @@ class Migrate(serializers.Serializer):
 
         def is_valid(self, *, raise_exception=False):
             super().is_valid(raise_exception=True)
+            workspace_id = self.data.get('workspace_id')
+            query_set = QuerySet(Knowledge).filter(id=self.data.get('knowledge_id'))
+            if workspace_id:
+                query_set = query_set.filter(workspace_id=workspace_id)
+            if not query_set.exists():
+                raise AppApiException(500, _('Knowledge id does not exist'))
             document_list = QuerySet(Document).filter(
                 id__in=[self.data.get('document_id'), self.data.get('target_document_id')])
             document_id = self.data.get('document_id')
@@ -589,6 +637,15 @@ class AdjustPosition(serializers.Serializer):
         document_id = serializers.UUIDField(required=True, label=_('document id'))
         paragraph_id = serializers.UUIDField(required=True, label=_('paragraph id'))
 
+        def is_valid(self, *, raise_exception=False):
+            super().is_valid(raise_exception=True)
+            workspace_id = self.data.get('workspace_id')
+            query_set = QuerySet(Knowledge).filter(id=self.data.get('knowledge_id'))
+            if workspace_id:
+                query_set = query_set.filter(workspace_id=workspace_id)
+            if not query_set.exists():
+                raise AppApiException(500, _('Knowledge id does not exist'))
+
         @transaction.atomic
         def adjust_position(self, new_position):
             """

apps/knowledge/serializers/problem.py

@@ -9,6 +9,7 @@
 from rest_framework import serializers
 
 from common.db.search import native_search, native_page_search
+from common.exception.app_exception import AppApiException
 from common.utils.common import get_file_content
 from knowledge.models import Problem, ProblemParagraphMapping, Paragraph, Knowledge, SourceType
 from knowledge.serializers.common import get_embedding_model_id_by_knowledge_id
@@ -59,8 +60,18 @@ class BatchAssociation(serializers.Serializer):
 
 class ProblemSerializers(serializers.Serializer):
     class BatchOperate(serializers.Serializer):
+        workspace_id = serializers.CharField(required=True, label=_('workspace id'))
         knowledge_id = serializers.UUIDField(required=True, label=_('knowledge id'))
 
+        def is_valid(self, *, raise_exception=False):
+            super().is_valid(raise_exception=True)
+            workspace_id = self.data.get('workspace_id')
+            query_set = QuerySet(Knowledge).filter(id=self.data.get('knowledge_id'))
+            if workspace_id:
+                query_set = query_set.filter(workspace_id=workspace_id)
+            if not query_set.exists():
+                raise AppApiException(500, _('Knowledge id does not exist'))
+
         def delete(self, problem_id_list: List, with_valid=True):
             if with_valid:
                 self.is_valid(raise_exception=True)
@@ -123,9 +134,19 @@ def association(self, instance: Dict, with_valid=True):
             embedding_by_data_list(data_list, model_id=model_id)
 
     class Operate(serializers.Serializer):
+        workspace_id = serializers.CharField(required=True, label=_('workspace id'))
         knowledge_id = serializers.UUIDField(required=True, label=_('knowledge id'))
         problem_id = serializers.UUIDField(required=True, label=_('problem id'))
 
+        def is_valid(self, *, raise_exception=False):
+            super().is_valid(raise_exception=True)
+            workspace_id = self.data.get('workspace_id')
+            query_set = QuerySet(Knowledge).filter(id=self.data.get('knowledge_id'))
+            if workspace_id:
+                query_set = query_set.filter(workspace_id=workspace_id)
+            if not query_set.exists():
+                raise AppApiException(500, _('Knowledge id does not exist'))
+
         def list_paragraph(self, with_valid=True):
             if with_valid:
                 self.is_valid(raise_exception=True)
@@ -176,6 +197,15 @@ class Create(serializers.Serializer):
         workspace_id = serializers.CharField(required=True, label=_('workspace id'))
         knowledge_id = serializers.UUIDField(required=True, label=_('knowledge id'))
 
+        def is_valid(self, *, raise_exception=False):
+            super().is_valid(raise_exception=True)
+            workspace_id = self.data.get('workspace_id')
+            query_set = QuerySet(Knowledge).filter(id=self.data.get('knowledge_id'))
+            if workspace_id:
+                query_set = query_set.filter(workspace_id=workspace_id)
+            if not query_set.exists():
+                raise AppApiException(500, _('Knowledge id does not exist'))
+
         def batch(self, problem_list, with_valid=True):
             if with_valid:
                 self.is_valid(raise_exception=True)
@@ -205,6 +235,15 @@ class Query(serializers.Serializer):
         knowledge_id = serializers.UUIDField(required=True, label=_('knowledge id'))
         content = serializers.CharField(required=False, label=_('content'))
 
+        def is_valid(self, *, raise_exception=False):
+            super().is_valid(raise_exception=True)
+            workspace_id = self.data.get('workspace_id')
+            query_set = QuerySet(Knowledge).filter(id=self.data.get('knowledge_id'))
+            if workspace_id:
+                query_set = query_set.filter(workspace_id=workspace_id)
+            if not query_set.exists():
+                raise AppApiException(500, _('Knowledge id does not exist'))
+
         def get_query_set(self):
             query_set = QuerySet(model=Problem)
             query_set = query_set.filter(

apps/knowledge/task/handler.py

@@ -108,8 +108,10 @@ def save_problem(knowledge_id, document_id, paragraph_id, problem):
     if problem is None or len(problem) == 0:
         return
     try:
+        workspace_id = QuerySet(Knowledge).filter(id=knowledge_id).first().workspace_id
         ParagraphSerializers.Problem(
             data={
+                'workspace_id': workspace_id,
                 "knowledge_id": knowledge_id,
                 'document_id': document_id,
                 'paragraph_id': paragraph_id