dataease
diff --git a/‎.github/workflows/build_and_push.yml‎
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/build_and_push.yml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎.github/workflows/xpack.yml‎
Lines changed: 99 additions & 0 deletions b/‎.github/workflows/xpack.yml‎
Lines changed: 99 additions & 0 deletions
diff --git a/‎backend/alembic/versions/056_api_key_ddl.py‎
Lines changed: 39 additions & 0 deletions b/‎backend/alembic/versions/056_api_key_ddl.py‎
Lines changed: 39 additions & 0 deletions
diff --git a/‎backend/apps/api.py‎
Lines changed: 2 additions & 1 deletion b/‎backend/apps/api.py‎
Lines changed: 2 additions & 1 deletion
diff --git a/‎backend/apps/chat/api/chat.py‎
Lines changed: 2 additions & 2 deletions b/‎backend/apps/chat/api/chat.py‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎backend/apps/datasource/models/datasource.py‎
Lines changed: 9 additions & 8 deletions b/‎backend/apps/datasource/models/datasource.py‎
Lines changed: 9 additions & 8 deletions
diff --git a/‎backend/apps/db/db_sql.py‎
Lines changed: 1 addition & 1 deletion b/‎backend/apps/db/db_sql.py‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎backend/apps/system/api/apikey.py‎
Lines changed: 60 additions & 0 deletions b/‎backend/apps/system/api/apikey.py‎
Lines changed: 60 additions & 0 deletions
diff --git a/‎backend/apps/system/api/assistant.py‎
Lines changed: 1 addition & 1 deletion b/‎backend/apps/system/api/assistant.py‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎backend/apps/system/api/user.py‎
Lines changed: 4 additions & 8 deletions b/‎backend/apps/system/api/user.py‎
Lines changed: 4 additions & 8 deletions
@@ -7,7 +7,7 @@ on:
     inputs:
       dockerImageTag:
         description: 'Image Tag'
-        default: 'v0.9.0'
+        default: 'dev'
         required: true
       dockerImageTagWithLatest:
         description: '是否发布latest tag（正式发版时选择，测试版本切勿选择）'
 
@@ -0,0 +1,99 @@
+# .github/workflows/wheel.yml
+name: Build Wheels Universal
+
+on:
+  workflow_dispatch:
+    inputs:
+
+      target_os:
+        description: 'Select OS to run on'
+        required: false
+        default: '["ubuntu-latest","macos-latest","windows-latest","macos-15-intel","ubuntu-24.04-arm"]'
+        type: choice
+        options:
+          - '["macos-latest"]'
+          - '["macos-15-intel"]'
+          - '["ubuntu-latest"]'
+          - '["windows-latest"]'
+          - '["ubuntu-24.04-arm"]'
+          - '["ubuntu-latest","windows-latest"]'
+          - '["ubuntu-latest","macos-latest"]'
+          - '["macos-latest","windows-latest"]'
+          - '["ubuntu-latest","macos-latest","windows-latest"]'
+          - '["ubuntu-latest","macos-latest","windows-latest","macos-15-intel","ubuntu-24.04-arm"]'
+      publish:
+        description: 'Publish to repository'
+        required: false
+        default: false
+        type: boolean
+      repository:
+        description: 'Select repository to publish (Attention: Disable pypi selection until release)'
+        required: false
+        default: 'testpypi'
+        type: choice
+        options:
+          - testpypi
+          - pypi
+      xpack_branch:
+        description: 'SQLBot X-Pack Branch'
+        required: true
+        type: choice
+        default: "main"
+        options:
+          - main
+          
+jobs:
+  build:
+    runs-on: ${{ matrix.os }}
+    environment: sqlbot-xpack-env
+    defaults:
+      run:
+        working-directory: ./sqlbot-xpack
+    strategy:
+      matrix:
+        os: ${{ fromJSON(inputs.target_os) }}
+    steps:
+      - uses: actions/checkout@v4
+      - name: Check out SQLBot xpack repo
+        uses: actions/checkout@v4
+        with:
+          repository: dataease/sqlbot-xpack
+          ref: ${{ inputs.xpack_branch }}
+          path: ./sqlbot-xpack
+          token: ${{ secrets.GH_TOKEN }}
+      - name: Use Node.js ${{ matrix.node-version }}
+        uses: actions/setup-node@v4
+        with:
+          node-version: ${{ matrix.node-version }}
+      - name: Install and build
+        working-directory: ./sqlbot-xpack/xpack_static
+        run: |
+          npm install
+          npm run build:prod
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: '3.11'
+      - name: Install build tools
+        run: |
+          python -m pip install --upgrade pip
+          pip install cython wheel twine
+      - name: Install the latest version of uv
+        uses: astral-sh/setup-uv@v6
+        with:
+          version: "latest"
+      - name: Install dependencies
+        run: uv sync
+      - name: Build encrypted
+        run: python build_scripts/build.py
+      - name: Pre build wheel
+        run: python ./build_scripts/format.py encrypted   
+      - name: Build wheel
+        run: python -m pip wheel --no-deps -w dist .
+      - name: Finish build wheek
+        run: python ./build_scripts/format.py
+      - name: Show wheel
+        run: unzip -l dist/*
+      - name: Publish to repository
+        if: ${{ inputs.publish }}
+        run: twine upload --repository-url ${{ inputs.repository == 'pypi' && 'https://upload.pypi.org/legacy/' || 'https://test.pypi.org/legacy/' }} -u __token__ -p ${{ inputs.repository == 'pypi' && secrets.FORMAL_PYPI_API_TOKEN || secrets.PYPI_API_TOKEN }} dist/*.whl --verbose
@@ -0,0 +1,39 @@
+"""056_api_key_ddl
+
+Revision ID: d9a5589fc00b
+Revises: 3d4bd2d673dc
+Create Date: 2025-12-23 13:41:26.705947
+
+"""
+from alembic import op
+import sqlalchemy as sa
+import sqlmodel.sql.sqltypes
+from sqlalchemy.dialects import postgresql
+
+# revision identifiers, used by Alembic.
+revision = 'd9a5589fc00b'
+down_revision = '3d4bd2d673dc'
+branch_labels = None
+depends_on = None
+
+
+def upgrade():
+    # ### commands auto generated by Alembic - please adjust! ###
+    op.create_table('sys_apikey',
+    sa.Column('access_key', sqlmodel.sql.sqltypes.AutoString(length=255), nullable=False),
+    sa.Column('secret_key', sqlmodel.sql.sqltypes.AutoString(length=255), nullable=False),
+    sa.Column('create_time', sa.BigInteger(), nullable=False),
+    sa.Column('uid', sa.BigInteger(), nullable=False),
+    sa.Column('status', sa.Boolean(), nullable=False),
+    sa.Column('id', sa.BigInteger(), nullable=False),
+    sa.PrimaryKeyConstraint('id')
+    )
+    op.create_index(op.f('ix_sys_apikey_id'), 'sys_apikey', ['id'], unique=False)
+    # ### end Alembic commands ###
+
+
+def downgrade():
+    # ### commands auto generated by Alembic - please adjust! ###
+    op.drop_index(op.f('ix_sys_apikey_id'), table_name='sys_apikey')
+    op.drop_table('sys_apikey')
+    # ### end Alembic commands ###
@@ -5,7 +5,7 @@
 from apps.data_training.api import data_training
 from apps.datasource.api import datasource, table_relation, recommended_problem
 from apps.mcp import mcp
-from apps.system.api import login, user, aimodel, workspace, assistant, parameter
+from apps.system.api import login, user, aimodel, workspace, assistant, parameter, apikey
 from apps.terminology.api import terminology
 from apps.settings.api import base
 
@@ -25,5 +25,6 @@
 api_router.include_router(mcp.router)
 api_router.include_router(table_relation.router)
 api_router.include_router(parameter.router)
+api_router.include_router(apikey.router)
 
 api_router.include_router(recommended_problem.router)
@@ -159,7 +159,7 @@ def _err(_e: Exception):
 
 @router.get("/recent_questions/{datasource_id}", response_model=List[str],
             summary=f"{PLACEHOLDER_PREFIX}get_recommend_questions")
-@require_permissions(permission=SqlbotPermission(type='ds', keyExpression="datasource_id"))
+#@require_permissions(permission=SqlbotPermission(type='ds', keyExpression="datasource_id"))
 async def recommend_questions(session: SessionDep, current_user: CurrentUser,
                               datasource_id: int = Path(..., description=f"{PLACEHOLDER_PREFIX}ds_id")):
     return list_recent_questions(session=session, current_user=current_user, datasource_id=datasource_id)
@@ -201,7 +201,7 @@ async def question_answer_inner(session: SessionDep, current_user: CurrentUser,
                 stmt = select(ChatRecord.id, ChatRecord.chat_id, ChatRecord.analysis_record_id,
                               ChatRecord.predict_record_id, ChatRecord.regenerate_record_id,
                               ChatRecord.first_chat).where(
-                    and_(ChatRecord.id == record_id))
+                    and_(ChatRecord.id == record_id)).order_by(ChatRecord.create_time.desc())
                 _record = session.execute(stmt).fetchone()
                 if not _record:
                     raise Exception(f'Record id: {record_id} does not exist')
 
@@ -148,8 +148,8 @@ def __init__(self, attr1, attr2):
 
 
 class TableSchemaResponse(BaseModel):
-    tableName: str = None
-    tableComment: str = None
+    tableName: str = ''
+    tableComment: str | None = ''
 
 
 class ColumnSchema:
@@ -164,9 +164,9 @@ def __init__(self, attr1, attr2, attr3):
 
 
 class ColumnSchemaResponse(BaseModel):
-    fieldName: str
-    fieldType: str
-    fieldComment: str
+    fieldName: str | None = ''
+    fieldType: str | None = ''
+    fieldComment: str | None = ''
 
 
 class TableAndFields:
@@ -183,7 +183,8 @@ def __init__(self, schema, table, fields):
 class FieldObj(BaseModel):
     fieldName: str | None
 
+
 class PreviewResponse(BaseModel):
-    fields:List = []
-    data:List = []
-    sql:str = ''
+    fields: List | None = []
+    data: List | None = []
+    sql: str | None = ''
@@ -148,7 +148,7 @@ def get_table_sql(ds: CoreDatasource, conf: DatasourceConf, db_version: str = ''
     elif equals_ignore_case(ds.type, "kingbase"):
         return """
               SELECT c.relname                                       AS TABLE_NAME,
-                     COALESCE(d.description, obj_description(c.oid)) AS TABLE_COMMENT
+                     COALESCE(COALESCE(d.description, obj_description(c.oid)), '') AS TABLE_COMMENT
               FROM pg_class c
                        LEFT JOIN
                    pg_namespace n ON n.oid = c.relnamespace
 
@@ -0,0 +1,60 @@
+
+from fastapi import APIRouter
+from sqlmodel import func, select
+from apps.system.crud.apikey_manage import clear_api_key_cache
+from apps.system.models.system_model import ApiKeyModel
+from apps.system.schemas.system_schema import ApikeyGridItem, ApikeyStatus
+from common.core.deps import CurrentUser, SessionDep
+from common.utils.time import get_timestamp
+import secrets
+
+router = APIRouter(tags=["system_apikey"], prefix="/system/apikey", include_in_schema=False)
+
+@router.get("")
+async def grid(session: SessionDep, current_user: CurrentUser) -> list[ApikeyGridItem]:
+    query = select(ApiKeyModel).where(ApiKeyModel.uid == current_user.id).order_by(ApiKeyModel.create_time.desc())
+    return session.exec(query).all()
+
+@router.post("")
+async def create(session: SessionDep, current_user: CurrentUser):
+    count = session.exec(select(func.count()).select_from(ApiKeyModel)).one()
+    if count >= 5:
+        raise ValueError("Maximum of 5 API keys allowed")
+    access_key = secrets.token_urlsafe(16)
+    secret_key = secrets.token_urlsafe(32)
+    api_key = ApiKeyModel(
+        access_key=access_key,
+        secret_key=secret_key,
+        create_time=get_timestamp(),
+        uid=current_user.id,
+        status=True
+    )
+    session.add(api_key)
+    session.commit()
+    return api_key.id
+
+@router.put("/status")
+async def status(session: SessionDep, current_user: CurrentUser, dto: ApikeyStatus):
+    api_key = session.get(ApiKeyModel, dto.id)
+    if not api_key:
+        raise ValueError("API Key not found")
+    if api_key.uid != current_user.id:
+        raise PermissionError("No permission to modify this API Key")
+    if dto.status == api_key.status:
+        return
+    api_key.status = dto.status
+    await clear_api_key_cache(api_key.access_key)
+    session.add(api_key)
+    session.commit()
+
+@router.delete("/{id}")
+async def delete(session: SessionDep, current_user: CurrentUser, id: int):
+    api_key = session.get(ApiKeyModel, id)
+    if not api_key:
+        raise ValueError("API Key not found")
+    if api_key.uid != current_user.id:
+        raise PermissionError("No permission to delete this API Key")
+    await clear_api_key_cache(api_key.access_key)
+    session.delete(api_key)
+    session.commit()
+    
@@ -195,7 +195,7 @@ async def get_one(session: SessionDep, id: int = Path(description="ID")):
     return db_model
 
 
-@router.delete("/{id}", response_model=AssistantModel, summary=f"{PLACEHOLDER_PREFIX}assistant_del_api", description=f"{PLACEHOLDER_PREFIX}assistant_del_api")
+@router.delete("/{id}", summary=f"{PLACEHOLDER_PREFIX}assistant_del_api", description=f"{PLACEHOLDER_PREFIX}assistant_del_api")
 @clear_cache(namespace=CacheNamespace.EMBEDDED_INFO, cacheName=CacheName.ASSISTANT_INFO, keyExpression="id")
 async def delete(request: Request, session: SessionDep, id: int = Path(description="ID")):
     db_model = session.get(AssistantModel, id)
 
@@ -127,7 +127,6 @@ async def ws_change(session: SessionDep, current_user: CurrentUser, trans:Trans,
     user_model: UserModel = get_db_user(session = session, user_id = current_user.id)
     user_model.oid = oid
     session.add(user_model)
-    session.commit()
 
 @router.get("/{id}", response_model=UserEditor, summary=f"{PLACEHOLDER_PREFIX}user_detail_api", description=f"{PLACEHOLDER_PREFIX}user_detail_api")
 @require_permissions(permission=SqlbotPermission(role=['admin']))
@@ -142,6 +141,9 @@ async def query(session: SessionDep, trans: Trans, id: int = Path(description=f"
 
 @router.post("", summary=f"{PLACEHOLDER_PREFIX}user_create_api", description=f"{PLACEHOLDER_PREFIX}user_create_api")
 @require_permissions(permission=SqlbotPermission(role=['admin']))
+async def user_create(session: SessionDep, creator: UserCreator, trans: Trans):
+    await create(session=session, creator=creator, trans=trans)
+    
 async def create(session: SessionDep, creator: UserCreator, trans: Trans):
     if check_account_exists(session=session, account=creator.account):
         raise Exception(trans('i18n_exist', msg = f"{trans('i18n_user.account')} [{creator.account}]"))
@@ -167,7 +169,6 @@ async def create(session: SessionDep, creator: UserCreator, trans: Trans):
         session.add_all(db_model_list)
         user_model.oid = creator.oid_list[0]   
     session.add(user_model)
-    session.commit()
 
 
 @router.put("", summary=f"{PLACEHOLDER_PREFIX}user_update_api", description=f"{PLACEHOLDER_PREFIX}user_update_api")
@@ -204,7 +205,6 @@ async def update(session: SessionDep, editor: UserEditor, trans: Trans):
         session.add_all(db_model_list)
         user_model.oid = origin_oid if origin_oid in editor.oid_list else  editor.oid_list[0]
     session.add(user_model)
-    session.commit()
 
 @router.delete("/{id}", summary=f"{PLACEHOLDER_PREFIX}user_del_api", description=f"{PLACEHOLDER_PREFIX}user_del_api")
 @require_permissions(permission=SqlbotPermission(role=['admin'])) 
@@ -226,7 +226,6 @@ async def langChange(session: SessionDep, current_user: CurrentUser, trans: Tran
     db_user: UserModel = get_db_user(session=session, user_id=current_user.id)
     db_user.language = lang
     session.add(db_user)
-    session.commit()
 
 
 @router.patch("/pwd/{id}", summary=f"{PLACEHOLDER_PREFIX}reset_pwd", description=f"{PLACEHOLDER_PREFIX}reset_pwd")
@@ -238,7 +237,6 @@ async def pwdReset(session: SessionDep, current_user: CurrentUser, trans: Trans,
     db_user: UserModel = get_db_user(session=session, user_id=id)
     db_user.password = default_md5_pwd()
     session.add(db_user)
-    session.commit()
 
 @router.put("/pwd", summary=f"{PLACEHOLDER_PREFIX}update_pwd", description=f"{PLACEHOLDER_PREFIX}update_pwd")
 @clear_cache(namespace=CacheNamespace.AUTH_INFO, cacheName=CacheName.USER_INFO, keyExpression="current_user.id")
@@ -251,7 +249,6 @@ async def pwdUpdate(session: SessionDep, current_user: CurrentUser, trans: Trans
         raise Exception(trans('i18n_error', key = trans('i18n_user.password')))
     db_user.password = md5pwd(new_pwd)
     session.add(db_user)
-    session.commit()
 
 
 @router.patch("/status", summary=f"{PLACEHOLDER_PREFIX}update_status", description=f"{PLACEHOLDER_PREFIX}update_status")
@@ -265,5 +262,4 @@ async def statusChange(session: SessionDep, current_user: CurrentUser, trans: Tr
         return {"message": "status not supported"}
     db_user: UserModel = get_db_user(session=session, user_id=statusDto.id)
     db_user.status = status
-    session.add(db_user)
-    session.commit()
+    session.add(db_user)