fix: Knowledge workflow permission

apps/application/flow/step_node/data_source_web_node/impl/base_data_source_web_node.py

@@ -65,7 +65,7 @@ def execute(self, **kwargs) -> NodeResult:
         try:
             ForkManage(source_url, selector.split(" ") if selector is not None else []).fork(3, set(), collect_handler)
 
-            return NodeResult({'document_list': document_list},
+            return NodeResult({'document_list': document_list,'source_url': source_url, 'selector': selector},
                               self.workflow_manage.params.get('knowledge_base') or {})
 
         except Exception as e:

apps/application/flow/step_node/knowledge_write_node/impl/base_knowledge_write_node.py

@@ -208,7 +208,7 @@ def execute(self, documents, **kwargs) -> NodeResult:
             "paragraphs": [{
                 "title": p.get("title"),
                 "content": p.get("content"),
-            } for p in document.get("paragraphs")[0:4]]
+            } for p in document.get("paragraphs")[0:5]]
         } for document in documents]
 
         return NodeResult({'write_content': write_content_list}, {})

apps/knowledge/views/knowledge_workflow.py

@@ -20,12 +20,34 @@
 class KnowledgeDatasourceFormListView(APIView):
     authentication_classes = [TokenAuth]
 
+    @has_permissions(
+        PermissionConstants.KNOWLEDGE_WORKFLOW_READ.get_workspace_knowledge_permission(),
+        PermissionConstants.KNOWLEDGE_WORKFLOW_READ.get_workspace_permission_workspace_manage_role(),
+        RoleConstants.WORKSPACE_MANAGE.get_workspace_role(),
+        ViewPermission(
+            [RoleConstants.USER.get_workspace_role()],
+            [PermissionConstants.KNOWLEDGE.get_workspace_knowledge_permission()],
+            CompareConstants.AND
+        ),
+    )
     def post(self, request: Request, workspace_id: str, knowledge_id: str, type: str, id: str):
         return result.success(KnowledgeWorkflowSerializer.Datasource(
             data={'type': type, 'id': id, 'params': request.data, 'function_name': 'get_form_list'}).action())
 
 
 class KnowledgeDatasourceView(APIView):
+    authentication_classes = [TokenAuth]
+
+    @has_permissions(
+        PermissionConstants.KNOWLEDGE_WORKFLOW_READ.get_workspace_knowledge_permission(),
+        PermissionConstants.KNOWLEDGE_WORKFLOW_READ.get_workspace_permission_workspace_manage_role(),
+        RoleConstants.WORKSPACE_MANAGE.get_workspace_role(),
+        ViewPermission(
+            [RoleConstants.USER.get_workspace_role()],
+            [PermissionConstants.KNOWLEDGE.get_workspace_knowledge_permission()],
+            CompareConstants.AND
+        ),
+    )
     def post(self, request: Request, workspace_id: str, knowledge_id: str, type: str, id: str, function_name: str):
         return result.success(KnowledgeWorkflowSerializer.Datasource(
             data={'type': type, 'id': id, 'params': request.data, 'function_name': function_name}).action())
@@ -45,8 +67,8 @@ class KnowledgeWorkflowUploadDocumentView(APIView):
         tags=[_('Knowledge Base')]  # type: ignore
     )
     @has_permissions(
-        PermissionConstants.KNOWLEDGE_READ.get_workspace_knowledge_permission(),
-        PermissionConstants.KNOWLEDGE_READ.get_workspace_permission_workspace_manage_role(),
+        PermissionConstants.KNOWLEDGE_WORKFLOW_READ.get_workspace_knowledge_permission(),
+        PermissionConstants.KNOWLEDGE_WORKFLOW_READ.get_workspace_permission_workspace_manage_role(),
         RoleConstants.WORKSPACE_MANAGE.get_workspace_role(),
         ViewPermission(
             [RoleConstants.USER.get_workspace_role()],
@@ -99,8 +121,8 @@ class Operate(APIView):
             tags=[_('Knowledge Base')]  # type: ignore
         )
         @has_permissions(
-            PermissionConstants.KNOWLEDGE_READ.get_workspace_knowledge_permission(),
-            PermissionConstants.KNOWLEDGE_READ.get_workspace_permission_workspace_manage_role(),
+            PermissionConstants.KNOWLEDGE_WORKFLOW_READ.get_workspace_knowledge_permission(),
+            PermissionConstants.KNOWLEDGE_WORKFLOW_READ.get_workspace_permission_workspace_manage_role(),
             RoleConstants.WORKSPACE_MANAGE.get_workspace_role(),
             ViewPermission(
                 [RoleConstants.USER.get_workspace_role()],
@@ -204,8 +226,8 @@ def put(self, request: Request, workspace_id: str, knowledge_id: str):
             tags=[_('Knowledge Base')]  # type: ignore
         )
         @has_permissions(
-            PermissionConstants.KNOWLEDGE_READ.get_workspace_knowledge_permission(),
-            PermissionConstants.KNOWLEDGE_READ.get_workspace_permission_workspace_manage_role(),
+            PermissionConstants.KNOWLEDGE_WORKFLOW_READ.get_workspace_knowledge_permission(),
+            PermissionConstants.KNOWLEDGE_WORKFLOW_READ.get_workspace_permission_workspace_manage_role(),
             RoleConstants.WORKSPACE_MANAGE.get_workspace_role(),
             ViewPermission(
                 [RoleConstants.USER.get_workspace_role()],
@@ -232,8 +254,8 @@ class KnowledgeWorkflowVersionView(APIView):
         tags=[_('Knowledge Base')]  # type: ignore
     )
     @has_permissions(
-        PermissionConstants.KNOWLEDGE_READ.get_workspace_knowledge_permission(),
-        PermissionConstants.KNOWLEDGE_READ.get_workspace_permission_workspace_manage_role(),
+        PermissionConstants.KNOWLEDGE_WORKFLOW_READ.get_workspace_knowledge_permission(),
+        PermissionConstants.KNOWLEDGE_WORKFLOW_READ.get_workspace_permission_workspace_manage_role(),
         RoleConstants.WORKSPACE_MANAGE.get_workspace_role(),
         ViewPermission(
             [RoleConstants.USER.get_workspace_role()],
@@ -260,8 +282,8 @@ class McpServers(APIView):
         responses=SpeechToTextAPI.get_response(),
         tags=[_('Knowledge Base')]  # type: ignore
     )
-    @has_permissions(PermissionConstants.KNOWLEDGE_READ.get_workspace_application_permission(),
-                     PermissionConstants.KNOWLEDGE_READ.get_workspace_permission_workspace_manage_role(),
+    @has_permissions(PermissionConstants.KNOWLEDGE_WORKFLOW_READ.get_workspace_application_permission(),
+                     PermissionConstants.KNOWLEDGE_WORKFLOW_READ.get_workspace_permission_workspace_manage_role(),
                      ViewPermission([RoleConstants.USER.get_workspace_role()],
                                     [PermissionConstants.KNOWLEDGE.get_workspace_application_permission()],
                                     CompareConstants.AND),

apps/knowledge/views/knowledge_workflow_version.py

@@ -44,8 +44,8 @@ class KnowledgeWorkflowVersionView(APIView):
         responses=KnowledgeVersionListAPI.get_response(),
         tags=[_('Knowledge/Version')]  # type: ignore
     )
-    @has_permissions(PermissionConstants.KNOWLEDGE_READ.get_workspace_knowledge_permission(),
-                     PermissionConstants.KNOWLEDGE_READ.get_workspace_permission_workspace_manage_role(),
+    @has_permissions(PermissionConstants.KNOWLEDGE_WORKFLOW_READ.get_workspace_knowledge_permission(),
+                     PermissionConstants.KNOWLEDGE_WORKFLOW_READ.get_workspace_permission_workspace_manage_role(),
                      ViewPermission([RoleConstants.USER.get_workspace_role()],
                                     [PermissionConstants.KNOWLEDGE.get_workspace_knowledge_permission()],
                                     CompareConstants.AND),
@@ -68,8 +68,8 @@ class Page(APIView):
             responses=KnowledgeVersionPageAPI.get_response(),
             tags=[_('Knowledge/Version')]  # type: ignore
         )
-        @has_permissions(PermissionConstants.KNOWLEDGE_READ.get_workspace_knowledge_permission(),
-                         PermissionConstants.KNOWLEDGE_READ.get_workspace_permission_workspace_manage_role(),
+        @has_permissions(PermissionConstants.KNOWLEDGE_WORKFLOW_READ.get_workspace_knowledge_permission(),
+                         PermissionConstants.KNOWLEDGE_WORKFLOW_READ.get_workspace_permission_workspace_manage_role(),
                          ViewPermission([RoleConstants.USER.get_workspace_role()],
                                         [PermissionConstants.KNOWLEDGE.get_workspace_knowledge_permission()],
                                         CompareConstants.AND),
@@ -93,8 +93,8 @@ class Operate(APIView):
             responses=KnowledgeVersionOperateAPI.get_response(),
             tags=[_('Knowledge/Version')]  # type: ignore
         )
-        @has_permissions(PermissionConstants.KNOWLEDGE_EDIT.get_workspace_knowledge_permission(),
-                         PermissionConstants.KNOWLEDGE_EDIT.get_workspace_permission_workspace_manage_role(),
+        @has_permissions(PermissionConstants.KNOWLEDGE_WORKFLOW_READ.get_workspace_knowledge_permission(),
+                         PermissionConstants.KNOWLEDGE_WORKFLOW_READ.get_workspace_permission_workspace_manage_role(),
                          ViewPermission([RoleConstants.USER.get_workspace_role()],
                                         [PermissionConstants.KNOWLEDGE.get_workspace_knowledge_permission()],
                                         CompareConstants.AND),
@@ -115,8 +115,8 @@ def get(self, request: Request, workspace_id: str, knowledge_id: str, knowledge_
             responses=KnowledgeVersionOperateAPI.get_response(),
             tags=[_('Knowledge/Version')]  # type: ignore
         )
-        @has_permissions(PermissionConstants.KNOWLEDGE_EDIT.get_workspace_knowledge_permission(),
-                         PermissionConstants.KNOWLEDGE_EDIT.get_workspace_permission_workspace_manage_role(),
+        @has_permissions(PermissionConstants.KNOWLEDGE_WORKFLOW_EDIT.get_workspace_knowledge_permission(),
+                         PermissionConstants.KNOWLEDGE_WORKFLOW_EDIT.get_workspace_permission_workspace_manage_role(),
                          ViewPermission([RoleConstants.USER.get_workspace_role()],
                                         [PermissionConstants.KNOWLEDGE.get_workspace_knowledge_permission()],
                                         CompareConstants.AND),

ui/src/views/knowledge-workflow/component/PublishHistory.vue

@@ -42,7 +42,10 @@
                     </el-button>
                     <template #dropdown>
                       <el-dropdown-menu>
-                        <el-dropdown-item @click.stop="openEditVersion(row)">
+                        <el-dropdown-item
+                          v-if="permissionPrecise.workflow_edit(id)"
+                          @click.stop="openEditVersion(row)"
+                        >
                           <AppIcon iconName="app-edit" class="color-secondary"></AppIcon>
                           {{ $t('common.edit') }}
                         </el-dropdown-item>
@@ -75,9 +78,11 @@ import { datetimeFormat } from '@/utils/time'
 import { MsgSuccess, MsgError } from '@/utils/message'
 import { t } from '@/locales'
 import { loadSharedApi } from '@/utils/dynamics-api/shared-api'
+import permissionMap from '@/permission'
+
 const route = useRoute()
 const {
-  params: { id },
+  params: { id, folderId },
 } = route as any
 const apiType = computed(() => {
   if (route.path.includes('shared')) {
@@ -89,6 +94,10 @@ const apiType = computed(() => {
   }
 })
 
+const permissionPrecise = computed(() => {
+  return permissionMap['knowledge'][apiType.value]
+})
+
 const emit = defineEmits(['click', 'refreshVersion'])
 const loading = ref(false)
 const LogData = ref<any[]>([])