From 67714c1f6d87d43a35e181d201f2a19ea29dfb99 Mon Sep 17 00:00:00 2001 From: zhangzhanwei Date: Wed, 15 Oct 2025 16:52:51 +0800 Subject: [PATCH] fix: Folder_auth_permission_migrate --- apps/folders/serializers/folder.py | 13 +++-- ..._workspaceuserresourcepermission_target.py | 56 ++++++++++++++++++- 2 files changed, 62 insertions(+), 7 deletions(-) diff --git a/apps/folders/serializers/folder.py b/apps/folders/serializers/folder.py index 8569f16a79b..99dad18c006 100644 --- a/apps/folders/serializers/folder.py +++ b/apps/folders/serializers/folder.py @@ -296,12 +296,13 @@ def get_folder_tree(self, if name is not None: base_q &= Q(name__contains=name) if not workspace_manage: - base_q &= Q(id__in=WorkspaceUserResourcePermission.objects.filter(user_id=current_user.id, - auth_target_type=self.data.get('source'), - workspace_id=self.data.get('workspace_id'), - permission_list__contains=['VIEW']) - .values_list( - 'target', flat=True)) + base_q &= (Q(id__in=WorkspaceUserResourcePermission.objects.filter(user_id=current_user.id, + auth_target_type=self.data.get('source'), + workspace_id=self.data.get( + 'workspace_id'), + permission_list__contains=['VIEW']) + .values_list( + 'target', flat=True)) | Q(id=self.data.get('workspace_id'))) nodes = Folder.objects.filter(base_q).get_cached_trees() diff --git a/apps/system_manage/migrations/0003_alter_workspaceuserresourcepermission_target.py b/apps/system_manage/migrations/0003_alter_workspaceuserresourcepermission_target.py index be6f828405e..c9525242f32 100644 --- a/apps/system_manage/migrations/0003_alter_workspaceuserresourcepermission_target.py +++ b/apps/system_manage/migrations/0003_alter_workspaceuserresourcepermission_target.py @@ -1,10 +1,63 @@ # Generated by Django 5.2.6 on 2025-10-11 02:54 +from functools import reduce from django.db import migrations, models +from django.db.models import QuerySet +from common.constants.permission_constants import WorkspaceUserRoleMapping +from common.utils.common import group_by +from application.models import ApplicationFolder +from knowledge.models import KnowledgeFolder +from tools.models import ToolFolder +from system_manage.models import WorkspaceUserResourcePermission +from users.models import User -class Migration(migrations.Migration): +def delete_auth(folder_model): + QuerySet(WorkspaceUserResourcePermission).filter(target__in=QuerySet(folder_model).values_list('id')).delete() + + +def get_workspace_user_resource_permission_list(auth_target_type, workspace_user_role_mapping_model_workspace_dict, + folder_model): + return reduce(lambda x, y: [*x, *y], [ + [WorkspaceUserResourcePermission(target=f.id, workspace_id=f.workspace_id, user_id=wurm.user_id, + auth_target_type=auth_target_type, auth_type="RESOURCE_PERMISSION_GROUP", + permission_list=['VIEW']) for wurm in + workspace_user_role_mapping_model_workspace_dict.get(f.workspace_id, [])] for f in + QuerySet(folder_model).all()], []) + + +def auth_folder(apps, schema_editor): + from common.database_model_manage.database_model_manage import DatabaseModelManage + DatabaseModelManage.init() + workspace_user_role_mapping_model = DatabaseModelManage.get_model("workspace_user_role_mapping") + if workspace_user_role_mapping_model is None: + workspace_user_role_mapping_model_workspace_dict = { + 'default': [WorkspaceUserRoleMapping('default', '', u.id) for u in QuerySet(User).all()]} + else: + workspace_user_role_mapping_model_workspace_dict = group_by( + [v for v in {str(wurm.user_id) + str(wurm.workspace_id): wurm for wurm in + QuerySet(workspace_user_role_mapping_model)}.values()], + lambda item: item.workspace_id) + + workspace_user_resource_permission_list = get_workspace_user_resource_permission_list("APPLICATION", + workspace_user_role_mapping_model_workspace_dict, + ApplicationFolder) + + workspace_user_resource_permission_list += get_workspace_user_resource_permission_list("TOOL", + workspace_user_role_mapping_model_workspace_dict, + ToolFolder) + + workspace_user_resource_permission_list += get_workspace_user_resource_permission_list("KNOWLEDGE", + workspace_user_role_mapping_model_workspace_dict, + KnowledgeFolder) + delete_auth(ApplicationFolder) + delete_auth(ToolFolder) + delete_auth(KnowledgeFolder) + QuerySet(WorkspaceUserResourcePermission).bulk_create(workspace_user_resource_permission_list) + + +class Migration(migrations.Migration): dependencies = [ ('system_manage', '0002_refresh_collation_reindex'), ] @@ -15,4 +68,5 @@ class Migration(migrations.Migration): name='target', field=models.CharField(db_index=True, max_length=128, verbose_name='知识库/应用id'), ), + migrations.RunPython(auth_folder, atomic=False) ]