1Panel-dev · zhanweizhang7 · Oct 15, 2025 · Oct 15, 2025 · shaohuzhang1 · Oct 15, 2025
diff --git a/apps/folders/serializers/folder.py b/apps/folders/serializers/folder.py
@@ -296,12 +296,13 @@ def get_folder_tree(self,
         if name is not None:
             base_q &= Q(name__contains=name)
         if not workspace_manage:
-            base_q &= Q(id__in=WorkspaceUserResourcePermission.objects.filter(user_id=current_user.id,
-                                                                          auth_target_type=self.data.get('source'),
-                                                                          workspace_id=self.data.get('workspace_id'),
-                                                                          permission_list__contains=['VIEW'])
-                .values_list(
-                    'target', flat=True))
+            base_q &= (Q(id__in=WorkspaceUserResourcePermission.objects.filter(user_id=current_user.id,
+                                                                               auth_target_type=self.data.get('source'),
+                                                                               workspace_id=self.data.get(
+                                                                                   'workspace_id'),
+                                                                               permission_list__contains=['VIEW'])
+            .values_list(
+                'target', flat=True)) | Q(id=self.data.get('workspace_id')))
 
         nodes = Folder.objects.filter(base_q).get_cached_trees()
 

diff --git a/apps/system_manage/migrations/0003_alter_workspaceuserresourcepermission_target.py b/apps/system_manage/migrations/0003_alter_workspaceuserresourcepermission_target.py
@@ -1,10 +1,63 @@
 # Generated by Django 5.2.6 on 2025-10-11 02:54
+from functools import reduce
 
 from django.db import migrations, models
+from django.db.models import QuerySet
 
+from common.constants.permission_constants import WorkspaceUserRoleMapping
+from common.utils.common import group_by
+from application.models import ApplicationFolder
+from knowledge.models import KnowledgeFolder
+from tools.models import ToolFolder
+from system_manage.models import WorkspaceUserResourcePermission
+from users.models import User
 
-class Migration(migrations.Migration):
 
+def delete_auth(folder_model):
+    QuerySet(WorkspaceUserResourcePermission).filter(target__in=QuerySet(folder_model).values_list('id')).delete()
+
+
+def get_workspace_user_resource_permission_list(auth_target_type, workspace_user_role_mapping_model_workspace_dict,
+                                                folder_model):
+    return reduce(lambda x, y: [*x, *y], [
+        [WorkspaceUserResourcePermission(target=f.id, workspace_id=f.workspace_id, user_id=wurm.user_id,
+                                         auth_target_type=auth_target_type, auth_type="RESOURCE_PERMISSION_GROUP",
+                                         permission_list=['VIEW']) for wurm in
+         workspace_user_role_mapping_model_workspace_dict.get(f.workspace_id, [])] for f in
+        QuerySet(folder_model).all()], [])
+
+
+def auth_folder(apps, schema_editor):
+    from common.database_model_manage.database_model_manage import DatabaseModelManage
+    DatabaseModelManage.init()
+    workspace_user_role_mapping_model = DatabaseModelManage.get_model("workspace_user_role_mapping")
+    if workspace_user_role_mapping_model is None:
+        workspace_user_role_mapping_model_workspace_dict = {
+            'default': [WorkspaceUserRoleMapping('default', '', u.id) for u in QuerySet(User).all()]}
+    else:
+        workspace_user_role_mapping_model_workspace_dict = group_by(
+            [v for v in {str(wurm.user_id) + str(wurm.workspace_id): wurm for wurm in
+                         QuerySet(workspace_user_role_mapping_model)}.values()],
+            lambda item: item.workspace_id)
+
+    workspace_user_resource_permission_list = get_workspace_user_resource_permission_list("APPLICATION",
+                                                                                          workspace_user_role_mapping_model_workspace_dict,
+                                                                                          ApplicationFolder)
+
+    workspace_user_resource_permission_list += get_workspace_user_resource_permission_list("TOOL",
+                                                                                           workspace_user_role_mapping_model_workspace_dict,
+                                                                                           ToolFolder)
+
+    workspace_user_resource_permission_list += get_workspace_user_resource_permission_list("KNOWLEDGE",
+                                                                                           workspace_user_role_mapping_model_workspace_dict,
+                                                                                           KnowledgeFolder)
+    delete_auth(ApplicationFolder)
+    delete_auth(ToolFolder)
+    delete_auth(KnowledgeFolder)
+    QuerySet(WorkspaceUserResourcePermission).bulk_create(workspace_user_resource_permission_list)
+
+
+class Migration(migrations.Migration):
     dependencies = [
         ('system_manage', '0002_refresh_collation_reindex'),
     ]
@@ -15,4 +68,5 @@ class Migration(migrations.Migration):
             name='target',
             field=models.CharField(db_index=True, max_length=128, verbose_name='知识库/应用id'),
         ),
+        migrations.RunPython(auth_folder, atomic=False)
     ]