Merge remote-tracking branch 'origin/v2' into v2

Author: liqiang-fit2cloud

apps/application/serializers/application.py

@@ -40,7 +40,8 @@
 from maxkb.conf import PROJECT_DIR
 from models_provider.models import Model
 from models_provider.tools import get_model_instance_by_model_workspace_id
-from system_manage.models import WorkspaceUserResourcePermission
+from system_manage.models import WorkspaceUserResourcePermission, AuthTargetType
+from system_manage.serializers.user_resource_permission import UserResourcePermissionSerializer
 from tools.models import Tool, ToolScope
 from tools.serializers.tool import ToolModelSerializer
 from users.models import User
@@ -430,9 +431,15 @@ class ApplicationSerializer(serializers.Serializer):
     def insert(self, instance: Dict):
         application_type = instance.get('type')
         if 'WORK_FLOW' == application_type:
-            return self.insert_workflow(instance)
+            r = self.insert_workflow(instance)
         else:
-            return self.insert_simple(instance)
+            r = self.insert_simple(instance)
+        UserResourcePermissionSerializer(data={
+            'workspace_id': self.data.get('workspace_id'),
+            'user_id': self.data.get('user_id'),
+            'auth_target_type': AuthTargetType.APPLICATION.value
+        }).auth_resource(str(r.get('id')))
+        return r
 
     def insert_workflow(self, instance: Dict):
         self.is_valid(raise_exception=True)

apps/knowledge/serializers/knowledge.py

@@ -21,7 +21,7 @@
 from application.models import ApplicationKnowledgeMapping
 from common.config.embedding_config import VectorStore
 from common.constants.cache_version import Cache_Version
-from common.constants.permission_constants import ResourceAuthType, ResourcePermission
+from common.constants.permission_constants import ResourceAuthType, ResourcePermission, ResourcePermissionRole
 from common.database_model_manage.database_model_manage import DatabaseModelManage
 from common.db.search import native_search, get_dynamics_model, native_page_search
 from common.db.sql_execute import select_list
@@ -42,6 +42,7 @@
 from maxkb.conf import PROJECT_DIR
 from models_provider.models import Model
 from system_manage.models import WorkspaceUserResourcePermission, AuthTargetType
+from system_manage.serializers.user_resource_permission import UserResourcePermissionSerializer
 from users.serializers.user import is_workspace_manage
 
 
@@ -553,21 +554,12 @@ def save_base(self, instance, with_valid=True):
             QuerySet(ProblemParagraphMapping).bulk_create(
                 problem_paragraph_mapping_list
             ) if len(problem_paragraph_mapping_list) > 0 else None
-
-            # 自动授权给创建者
-            WorkspaceUserResourcePermission(
-                target=knowledge_id,
-                auth_target_type=AuthTargetType.KNOWLEDGE,
-                permission_list=[ResourcePermission.VIEW, ResourcePermission.MANAGE],
-                workspace_id=self.data.get('workspace_id'),
-                user_id=self.data.get('user_id'),
-                auth_type=ResourceAuthType.RESOURCE_PERMISSION_GROUP
-            ).save()
-            # 刷新缓存
-            version = Cache_Version.PERMISSION_LIST.get_version()
-            key = Cache_Version.PERMISSION_LIST.get_key(user_id=self.data.get('user_id'))
-            cache.delete(key, version=version)
-
+            # 自动资源给授权当前用户
+            UserResourcePermissionSerializer(data={
+                'workspace_id': self.data.get('workspace_id'),
+                'user_id': self.data.get('user_id'),
+                'auth_target_type': AuthTargetType.KNOWLEDGE.value
+            }).auth_resource(str(knowledge_id))
             return {
                 **KnowledgeModelSerializer(knowledge).data,
                 'user_id': self.data.get('user_id'),

apps/models_provider/serializers/model_serializer.py

@@ -26,6 +26,7 @@
 from models_provider.models import Model, Status
 from models_provider.tools import get_model_credential
 from system_manage.models import WorkspaceUserResourcePermission, AuthTargetType
+from system_manage.serializers.user_resource_permission import UserResourcePermissionSerializer
 from users.serializers.user import is_workspace_manage
 
 
@@ -326,19 +327,11 @@ def insert(self, workspace_id, with_valid=True):
             model = Model(**model_data)
             try:
                 model.save()
-                # 自动授权给创建者
-                WorkspaceUserResourcePermission(
-                    target=model.id,
-                    auth_target_type=AuthTargetType.MODEL,
-                    permission_list=[ResourcePermission.VIEW, ResourcePermission.MANAGE],
-                    workspace_id=workspace_id,
-                    user_id=self.data.get('user_id'),
-                    auth_type=ResourceAuthType.RESOURCE_PERMISSION_GROUP
-                ).save()
-                # 刷新缓存
-                version = Cache_Version.PERMISSION_LIST.get_version()
-                key = Cache_Version.PERMISSION_LIST.get_key(user_id=self.data.get('user_id'))
-                cache.delete(key, version=version)
+                UserResourcePermissionSerializer(data={
+                    'workspace_id': self.data.get('workspace_id'),
+                    'user_id': self.data.get('user_id'),
+                    'auth_target_type': AuthTargetType.MODEL.value
+                }).auth_resource(str(model.id))
             except Exception as save_error:
                 # 可添加日志记录
                 raise AppApiException(500, _("Model saving failed")) from save_error

apps/system_manage/serializers/user_resource_permission.py

@@ -29,6 +29,7 @@
 from models_provider.models import Model
 from system_manage.models import WorkspaceUserResourcePermission, AuthTargetType
 from tools.models import Tool
+from users.serializers.user import is_workspace_manage
 
 
 class PermissionSerializer(serializers.Serializer):
@@ -101,6 +102,33 @@ def get_queryset(self):
                 auth_target_type=self.data.get('auth_target_type'))
         }
 
+    def auth_resource(self, resource_id: str):
+        self.is_valid(raise_exception=True)
+        workspace_manage = is_workspace_manage(self.data.get('user_id'), self.data.get('workspace_id'))
+        if not workspace_manage:
+            auth_target_type = self.data.get('auth_target_type')
+            workspace_id = self.data.get('workspace_id')
+            user_id = self.data.get('user_id')
+            wurp = QuerySet(WorkspaceUserResourcePermission).filter(auth_target_type=auth_target_type,
+                                                                    workspace_id=workspace_id).first()
+            auth_type = wurp.auth_type if wurp else ResourceAuthType.RESOURCE_PERMISSION_GROUP
+            # 自动授权给创建者
+            WorkspaceUserResourcePermission(
+                target=resource_id,
+                auth_target_type=auth_target_type,
+                permission_list=[ResourcePermission.VIEW,
+                                 ResourcePermission.MANAGE] if auth_type == ResourceAuthType.RESOURCE_PERMISSION_GROUP else [
+                    ResourcePermissionRole.ROLE],
+                workspace_id=workspace_id,
+                user_id=user_id,
+                auth_type=auth_type
+            ).save()
+            # 刷新缓存
+            version = Cache_Version.PERMISSION_LIST.get_version()
+            key = Cache_Version.PERMISSION_LIST.get_key(user_id=user_id)
+            cache.delete(key, version=version)
+        return True
+
     def list(self, user, with_valid=True):
         if with_valid:
             self.is_valid(raise_exception=True)

apps/tools/serializers/tool.py

@@ -29,6 +29,7 @@
 from knowledge.models import File, FileSourceType
 from maxkb.const import CONFIG, PROJECT_DIR
 from system_manage.models import AuthTargetType, WorkspaceUserResourcePermission
+from system_manage.serializers.user_resource_permission import UserResourcePermissionSerializer
 from tools.models import Tool, ToolScope, ToolFolder, ToolType
 from tools.serializers.tool_folder import ToolFolderFlatSerializer
 from users.serializers.user import is_workspace_manage
@@ -219,20 +220,11 @@ def insert(self, instance, with_valid=True):
             ).save()
 
             # 自动授权给创建者
-            WorkspaceUserResourcePermission(
-                target=tool_id,
-                auth_target_type=AuthTargetType.TOOL,
-                permission_list=[ResourcePermission.VIEW, ResourcePermission.MANAGE],
-                workspace_id=self.data.get('workspace_id'),
-                user_id=self.data.get('user_id'),
-                auth_type=ResourceAuthType.RESOURCE_PERMISSION_GROUP
-            ).save()
-
-            # 刷新缓存
-            version = Cache_Version.PERMISSION_LIST.get_version()
-            key = Cache_Version.PERMISSION_LIST.get_key(user_id=self.data.get('user_id'))
-            cache.delete(key, version=version)
-
+            UserResourcePermissionSerializer(data={
+                'workspace_id': self.data.get('workspace_id'),
+                'user_id': self.data.get('user_id'),
+                'auth_target_type': AuthTargetType.TOOL.value
+            }).auth_resource(str(tool_id))
             return ToolSerializer.Operate(data={
                 'id': tool_id, 'workspace_id': self.data.get('workspace_id')
             }).one()

ui/src/assets/chat/user-login-bg.png

@@ -11,6 +11,6 @@
 <style lang="scss" scoped>
 .login-warp {
   height: 100vh;
-  background: url('@/assets/chat/user-login-bg.jpg') no-repeat center;
+  background: url('@/assets/chat/user-login-bg.png') var(--app-layout-bg-color) no-repeat center;
 }
 </style>

ui/src/layout/login-layout/UserLoginLayout.vue

@@ -5,8 +5,9 @@ export default {
   addModel: 'Add Model',
 
   delete: {
-    confirmTitle: 'Delete Model',
-    confirmMessage: 'Are you sure you want to delete the model:',
+    confirmTitle: 'Delete Model：',
+    confirmMessage:
+      'Deleting the model will affect the resources currently using it. Please proceed with caution.',
   },
   tip: {
     createSuccessMessage: 'Model created successfully',

ui/src/locales/lang/en-US/views/model.ts

@@ -1,7 +1,5 @@
 export default {
   title: 'Tool',
-  internalTitle: 'Internal Tool',
-  added: 'Added',
   createTool: 'Create Tool',
   editTool: 'Edit Tool',
   copyTool: 'Copy Tool',
@@ -16,7 +14,7 @@ export default {
     image: 'Image',
     developer: 'Developer',
     communication: 'Communication',
-    searchResult: '{count} search results for'
+    searchResult: '{count} search results for',
   },
   searchBar: {
     placeholder: 'Search by tool name',
@@ -38,6 +36,7 @@ export default {
   form: {
     toolName: {
       label: 'Name',
+      name: 'Tool Name',
       placeholder: 'Please enter the tool name',
       requiredMessage: 'Please enter the tool name',
     },

ui/src/locales/lang/en-US/views/tool.ts

@@ -4,8 +4,8 @@ export default {
   providerPlaceholder: '选择供应商',
   addModel: '添加模型',
   delete: {
-    confirmTitle: '删除模型',
-    confirmMessage: '是否删除模型：',
+    confirmTitle: '是否删除：',
+    confirmMessage: '模型删除后将影响正在使用该模型的资源，请谨慎操作。',
   },
   tip: {
     createSuccessMessage: '创建模型成功',