zhuchaowe/maxkb
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: Front end permissions for resource authorization

Browse Source
This commit is contained in:
zhangzhanwei 2025-08-18 18:13:40 +08:00 committed by zhanweizhang7
parent 4847eba4bf
commit 31d71d137a
17 changed files with 118 additions and 148 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
ui/src/permission/application/system-manage.ts
View File

@ -38,6 +38,7 @@ const systemManage = {
'OR' 'OR'
), ),
folderDelete: () => false, folderDelete: () => false,
auth: () => false,
overview_embed: () => overview_embed: () =>
hasPermission( hasPermission(
[ [

10
ui/src/permission/application/workspace.ts
View File

@ -43,6 +43,16 @@ const workspace = {
], ],
'OR' 'OR'
), ),
auth: (source_id:string) =>
hasPermission(
[
new ComplexPermission([RoleConst.USER],[PermissionConst.APPLICATION.getApplicationWorkspaceResourcePermission(source_id)],[],'AND'),
RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
PermissionConst.APPLICATION_RESOURCE_AUTHORIZATION.getWorkspacePermissionWorkspaceManageRole,
PermissionConst.APPLICATION_RESOURCE_AUTHORIZATION.getApplicationWorkspaceResourcePermission(source_id)
],
'OR'
),
folderEdit: () => folderEdit: () =>
hasPermission( hasPermission(
[ [

1
ui/src/permission/knowledge/system-manage.ts
View File

@ -151,6 +151,7 @@ const systemManage = {
],'OR' ],'OR'
), ),
auth: () => false,
folderCreate: () => false, folderCreate: () => false,
folderEdit: () => false, folderEdit: () => false,
folderDelete: () => false, folderDelete: () => false,

1
ui/src/permission/knowledge/system-share.ts
View File

@ -182,6 +182,7 @@ const share = {
], ],
'OR' 'OR'
), ),
auth: () => false,
folderCreate: () => false, folderCreate: () => false,
folderEdit: () => false, folderEdit: () => false,
folderDelete: () => false, folderDelete: () => false,

1
ui/src/permission/knowledge/workspace-share.ts
View File

@ -10,6 +10,7 @@ const workspaceShare = {
edit: () => false, edit: () => false,
export: () => false, export: () => false,
delete: () => false, delete: () => false,
auth: () => false,
doc_read: () => false, doc_read: () => false,
doc_create: () => false, doc_create: () => false,

10
ui/src/permission/knowledge/workspace.ts
View File

@ -70,6 +70,16 @@ const workspace = {
], ],
'OR', 'OR',
), ),
auth: (source_id:string) =>
hasPermission(
[
new ComplexPermission([RoleConst.USER],[PermissionConst.KNOWLEDGE.getKnowledgeWorkspaceResourcePermission(source_id)],[],'AND'),
RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
PermissionConst.KNOWLEDGE_RESOURCE_AUTHORIZATION.getKnowledgeWorkspaceResourcePermission(source_id),
PermissionConst.KNOWLEDGE_RESOURCE_AUTHORIZATION.getWorkspacePermissionWorkspaceManageRole,
],
'OR',
),
folderEdit: () => folderEdit: () =>
hasPermission( hasPermission(
[ [

1
ui/src/permission/model/system-manage.ts
View File

@ -20,6 +20,7 @@ const systemManage = {
delete: () => delete: () =>
hasPermission([RoleConst.ADMIN, PermissionConst.RESOURCE_MODEL_DELETE], 'OR'), hasPermission([RoleConst.ADMIN, PermissionConst.RESOURCE_MODEL_DELETE], 'OR'),
auth: () => false,
folderCreate: () => false, folderCreate: () => false,
folderEdit: () => false, folderEdit: () => false,
folderDelete: () => false, folderDelete: () => false,

1
ui/src/permission/model/system-share.ts
View File

@ -35,6 +35,7 @@ const share = {
], ],
'OR', 'OR',
), ),
auth: () => false,
folderCreate: () => false, folderCreate: () => false,
folderEdit: () => false, folderEdit: () => false,
folderDelete: () => false, folderDelete: () => false,

10
ui/src/permission/model/workspace.ts
View File

@ -40,6 +40,16 @@ const workspace = {
], ],
'OR' 'OR'
), ),
auth: (source_id:string) =>
hasPermission(
[
new ComplexPermission([RoleConst.USER],[PermissionConst.MODEL.getModelWorkspaceResourcePermission(source_id)],[],'AND'),
RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
PermissionConst.MODEL_RESOURCE_AUTHORIZATION.getModelWorkspaceResourcePermission(source_id),
PermissionConst.MODEL_RESOURCE_AUTHORIZATION.getWorkspacePermissionWorkspaceManageRole
],
'OR'
),
folderEdit: () => folderEdit: () =>
hasPermission( hasPermission(
[ [

1
ui/src/permission/tool/system-manage.ts
View File

@ -57,6 +57,7 @@ const systemManage = {
'OR', 'OR',
), ),
auth: () => false,
folderCreate: () => false, folderCreate: () => false,
folderEdit: () => false, folderEdit: () => false,
folderDelete: () => false, folderDelete: () => false,

1
ui/src/permission/tool/system-share.ts
View File

@ -68,6 +68,7 @@ const share = {
'OR', 'OR',
), ),
auth: () => false,
folderCreate: () => false, folderCreate: () => false,
folderEdit: () => false, folderEdit: () => false,
folderDelete: () => false, folderDelete: () => false,

10
ui/src/permission/tool/workspace.ts
View File

@ -110,6 +110,16 @@ const workspace = {
], ],
'OR' 'OR'
), ),
auth: (source_id:string) =>
hasPermission(
[
new ComplexPermission([RoleConst.USER],[PermissionConst.TOOL.getToolWorkspaceResourcePermission(source_id)],[],'AND'),
RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
PermissionConst.TOOL_RESOURCE_AUTHORIZATION.getToolWorkspaceResourcePermission(source_id),
PermissionConst.TOOL_RESOURCE_AUTHORIZATION.getWorkspacePermissionWorkspaceManageRole
],
'OR'
),
debug: () => debug: () =>
hasPermission( hasPermission(
[ [

13
ui/src/utils/permission/data.ts
View File

@ -296,6 +296,19 @@ const PermissionConst = {
CHANGE_PASSWORD: new Permission('OTHER:READ+CREATE'), CHANGE_PASSWORD: new Permission('OTHER:READ+CREATE'),
SYSTEM_API_KEY_EDIT: new Permission('OTHER:READ+DELETE'), SYSTEM_API_KEY_EDIT: new Permission('OTHER:READ+DELETE'),
APPLICATION_RESOURCE_AUTHORIZATION: new Permission(
'APPLICATION:READ+AUTH',
),
KNOWLEDGE_RESOURCE_AUTHORIZATION: new Permission(
'KNOWLEDGE:READ+AUTH',
),
TOOL_RESOURCE_AUTHORIZATION: new Permission(
'TOOL:READ+AUTH',
),
MODEL_RESOURCE_AUTHORIZATION: new Permission(
'MODEL:READ+AUTH',
),
APPLICATION_WORKSPACE_USER_RESOURCE_PERMISSION_READ: new Permission( APPLICATION_WORKSPACE_USER_RESOURCE_PERMISSION_READ: new Permission(
'APPLICATION_WORKSPACE_USER_RESOURCE_PERMISSION:READ', 'APPLICATION_WORKSPACE_USER_RESOURCE_PERMISSION:READ',
), ),

199
ui/src/views/application/index.vue
View File

@ -3,13 +3,8 @@
<template #left> <template #left>
<h4 class="p-12-16 pb-0 mt-12">{{ $t('views.application.title') }}</h4> <h4 class="p-12-16 pb-0 mt-12">{{ $t('views.application.title') }}</h4>
<div class="p-8"> <div class="p-8">
<folder-tree <folder-tree :source="SourceTypeEnum.APPLICATION" :data="folderList" :currentNodeKey="folder.currentFolder?.id"
:source="SourceTypeEnum.APPLICATION" @handleNodeClick="folderClickHandle" @refreshTree="refreshFolder" />
:data="folderList"
:currentNodeKey="folder.currentFolder?.id"
@handleNodeClick="folderClickHandle"
@refreshTree="refreshFolder"
/>
</div> </div>
</template> </template>
<ContentContainer> <ContentContainer>
@ -19,44 +14,22 @@
<template #search> <template #search>
<div class="flex"> <div class="flex">
<div class="flex-between complex-search"> <div class="flex-between complex-search">
<el-select <el-select class="complex-search__left" v-model="search_type" style="width: 120px"
class="complex-search__left" @change="search_type_change">
v-model="search_type"
style="width: 120px"
@change="search_type_change"
>
<el-option :label="$t('common.creator')" value="create_user" /> <el-option :label="$t('common.creator')" value="create_user" />
<el-option :label="$t('common.name')" value="name" /> <el-option :label="$t('common.name')" value="name" />
<el-option :label="$t('common.publishStatus')" value="publish_status" /> <el-option :label="$t('common.publishStatus')" value="publish_status" />
</el-select> </el-select>
<el-input <el-input v-if="search_type === 'name'" v-model="search_form.name" @change="searchHandle"
v-if="search_type === 'name'" :placeholder="$t('common.searchBar.placeholder')" style="width: 220px" clearable />
v-model="search_form.name" <el-select v-else-if="search_type === 'create_user'" v-model="search_form.create_user"
@change="searchHandle" @change="searchHandle" filterable clearable style="width: 220px">
:placeholder="$t('common.searchBar.placeholder')"
style="width: 220px"
clearable
/>
<el-select
v-else-if="search_type === 'create_user'"
v-model="search_form.create_user"
@change="searchHandle"
filterable
clearable
style="width: 220px"
>
<el-option v-for="u in user_options" :key="u.id" :value="u.id" :label="u.nick_name" /> <el-option v-for="u in user_options" :key="u.id" :value="u.id" :label="u.nick_name" />
</el-select> </el-select>
<el-select <el-select v-else-if="search_type === 'publish_status'" v-model="search_form.publish_status"
v-else-if="search_type === 'publish_status'" @change="searchHandle" filterable clearable style="width: 220px">
v-model="search_form.publish_status"
@change="searchHandle"
filterable
clearable
style="width: 220px"
>
<el-option :label="$t('common.published')" value="published" /> <el-option :label="$t('common.published')" value="published" />
<el-option :label="$t('common.unpublished')" value="unpublished" /> <el-option :label="$t('common.unpublished')" value="unpublished" />
</el-select> </el-select>
@ -73,16 +46,11 @@
<el-dropdown-item @click="openCreateDialog('SIMPLE')"> <el-dropdown-item @click="openCreateDialog('SIMPLE')">
<div class="flex"> <div class="flex">
<el-avatar shape="square" class="avatar-blue mt-4" :size="36"> <el-avatar shape="square" class="avatar-blue mt-4" :size="36">
<img <img src="@/assets/application/icon_simple_application.svg" style="width: 65%" alt="" />
src="@/assets/application/icon_simple_application.svg"
style="width: 65%"
alt=""
/>
</el-avatar> </el-avatar>
<div class="pre-wrap ml-8"> <div class="pre-wrap ml-8">
<div class="lighter">{{ $t('views.application.simple') }}</div> <div class="lighter">{{ $t('views.application.simple') }}</div>
<el-text type="info" size="small" <el-text type="info" size="small">{{ $t('views.application.simplePlaceholder') }}
>{{ $t('views.application.simplePlaceholder') }}
</el-text> </el-text>
</div> </div>
</div> </div>
@ -90,31 +58,18 @@
<el-dropdown-item @click="openCreateDialog('WORK_FLOW')"> <el-dropdown-item @click="openCreateDialog('WORK_FLOW')">
<div class="flex"> <div class="flex">
<el-avatar shape="square" class="avatar-purple mt-4" :size="36"> <el-avatar shape="square" class="avatar-purple mt-4" :size="36">
<img <img src="@/assets/application/icon_workflow_application.svg" style="width: 65%" alt="" />
src="@/assets/application/icon_workflow_application.svg"
style="width: 65%"
alt=""
/>
</el-avatar> </el-avatar>
<div class="pre-wrap ml-8"> <div class="pre-wrap ml-8">
<div class="lighter">{{ $t('views.application.workflow') }}</div> <div class="lighter">{{ $t('views.application.workflow') }}</div>
<el-text type="info" size="small" <el-text type="info" size="small">{{ $t('views.application.workflowPlaceholder') }}
>{{ $t('views.application.workflowPlaceholder') }}
</el-text> </el-text>
</div> </div>
</div> </div>
</el-dropdown-item> </el-dropdown-item>
<el-upload <el-upload class="import-button" ref="elUploadRef" :file-list="[]" action="#" multiple
class="import-button" :auto-upload="false" :show-file-list="false" :limit="1"
ref="elUploadRef" :on-change="(file: any, fileList: any) => importApplication(file)">
:file-list="[]"
action="#"
multiple
:auto-upload="false"
:show-file-list="false"
:limit="1"
:on-change="(file: any, fileList: any) => importApplication(file)"
>
<el-dropdown-item> <el-dropdown-item>
<div class="flex align-center w-full"> <div class="flex align-center w-full">
<el-avatar shape="square" class="mt-4" :size="36" style="background: none"> <el-avatar shape="square" class="mt-4" :size="36" style="background: none">
@ -141,35 +96,16 @@
</el-dropdown> </el-dropdown>
</div> </div>
</template> </template>
<div <div v-loading.fullscreen.lock="paginationConfig.current_page === 1 && loading"
v-loading.fullscreen.lock="paginationConfig.current_page === 1 && loading" style="max-height: calc(100vh - 120px)">
style="max-height: calc(100vh - 120px)" <InfiniteScroll :size="applicationList.length" :total="paginationConfig.total"
> :page_size="paginationConfig.page_size" v-model:current_page="paginationConfig.current_page" @load="getList"
<InfiniteScroll :loading="loading">
:size="applicationList.length"
:total="paginationConfig.total"
:page_size="paginationConfig.page_size"
v-model:current_page="paginationConfig.current_page"
@load="getList"
:loading="loading"
>
<el-row v-if="applicationList.length > 0" :gutter="15" class="w-full"> <el-row v-if="applicationList.length > 0" :gutter="15" class="w-full">
<template v-for="(item, index) in applicationList" :key="index"> <template v-for="(item, index) in applicationList" :key="index">
<el-col <el-col v-if="item.resource_type === 'folder'" :xs="24" :sm="12" :md="12" :lg="8" :xl="6" class="mb-16">
v-if="item.resource_type === 'folder'" <CardBox :title="item.name" :description="item.desc || $t('components.noDesc')" class="cursor"
:xs="24" @click="clickFolder(item)">
:sm="12"
:md="12"
:lg="8"
:xl="6"
class="mb-16"
>
<CardBox
:title="item.name"
:description="item.desc || $t('components.noDesc')"
class="cursor"
@click="clickFolder(item)"
>
<template #icon> <template #icon>
<el-avatar shape="square" :size="32" style="background: none"> <el-avatar shape="square" :size="32" style="background: none">
<AppIcon iconName="app-folder" style="font-size: 32px"></AppIcon> <AppIcon iconName="app-folder" style="font-size: 32px"></AppIcon>
@ -183,12 +119,7 @@
</CardBox> </CardBox>
</el-col> </el-col>
<el-col v-else :xs="24" :sm="12" :md="12" :lg="8" :xl="6" class="mb-16"> <el-col v-else :xs="24" :sm="12" :md="12" :lg="8" :xl="6" class="mb-16">
<CardBox <CardBox :title="item.name" :description="item.desc" class="cursor" @click="goApp(item)">
:title="item.name"
:description="item.desc"
class="cursor"
@click="goApp(item)"
>
<template #icon> <template #icon>
<el-avatar shape="square" :size="32" style="background: none"> <el-avatar shape="square" :size="32" style="background: none">
<img :src="resetUrl(item?.icon, resetUrl('./favicon.ico'))" alt="" /> <img :src="resetUrl(item?.icon, resetUrl('./favicon.ico'))" alt="" />
@ -242,48 +173,33 @@
<AppIcon iconName="app-create-chat" class="color-secondary"></AppIcon> <AppIcon iconName="app-create-chat" class="color-secondary"></AppIcon>
{{ $t('views.application.operation.toChat') }} {{ $t('views.application.operation.toChat') }}
</el-dropdown-item> </el-dropdown-item>
<el-dropdown-item <el-dropdown-item @click.stop="settingApplication(item)"
@click.stop="settingApplication(item)" v-if="permissionPrecise.edit(item.id)">
v-if="permissionPrecise.edit(item.id)"
>
<AppIcon iconName="app-setting" class="color-secondary"></AppIcon> <AppIcon iconName="app-setting" class="color-secondary"></AppIcon>
{{ $t('common.setting') }} {{ $t('common.setting') }}
</el-dropdown-item> </el-dropdown-item>
<el-dropdown-item @click.stop="openAuthorization(item)"> <el-dropdown-item @click.stop="openAuthorization(item)"
<AppIcon v-if="permissionPrecise.auth(item.id)">
iconName="app-resource-authorization" <AppIcon iconName="app-resource-authorization" class="color-secondary"></AppIcon>
class="color-secondary"
></AppIcon>
{{ $t('views.system.resourceAuthorization.title') }} {{ $t('views.system.resourceAuthorization.title') }}
</el-dropdown-item> </el-dropdown-item>
<el-dropdown-item <el-dropdown-item @click.stop="openMoveToDialog(item)"
@click.stop="openMoveToDialog(item)" v-if="permissionPrecise.edit(item.id) && apiType === 'workspace'">
v-if="permissionPrecise.edit(item.id) && apiType === 'workspace'"
>
<AppIcon iconName="app-migrate" class="color-secondary"></AppIcon> <AppIcon iconName="app-migrate" class="color-secondary"></AppIcon>
{{ $t('common.moveTo') }} {{ $t('common.moveTo') }}
</el-dropdown-item> </el-dropdown-item>
<el-dropdown-item <el-dropdown-item @click="copyApplication(item)" v-if="permissionPrecise.create()">
@click="copyApplication(item)"
v-if="permissionPrecise.create()"
>
<AppIcon iconName="app-copy" class="color-secondary"></AppIcon> <AppIcon iconName="app-copy" class="color-secondary"></AppIcon>
{{ $t('common.copy') }} {{ $t('common.copy') }}
</el-dropdown-item> </el-dropdown-item>
<el-dropdown-item <el-dropdown-item divided @click.stop="exportApplication(item)"
divided v-if="permissionPrecise.export(item.id)">
@click.stop="exportApplication(item)"
v-if="permissionPrecise.export(item.id)"
>
<AppIcon iconName="app-export" class="color-secondary"></AppIcon> <AppIcon iconName="app-export" class="color-secondary"></AppIcon>
{{ $t('common.export') }} {{ $t('common.export') }}
</el-dropdown-item> </el-dropdown-item>
<el-dropdown-item <el-dropdown-item divided @click.stop="deleteApplication(item)"
divided v-if="permissionPrecise.delete(item.id)">
@click.stop="deleteApplication(item)"
v-if="permissionPrecise.delete(item.id)"
>
<AppIcon iconName="app-delete" class="color-secondary"></AppIcon> <AppIcon iconName="app-delete" class="color-secondary"></AppIcon>
{{ $t('common.delete') }} {{ $t('common.delete') }}
</el-dropdown-item> </el-dropdown-item>
@ -303,16 +219,9 @@
<CreateApplicationDialog ref="CreateApplicationDialogRef" /> <CreateApplicationDialog ref="CreateApplicationDialogRef" />
<CopyApplicationDialog ref="CopyApplicationDialogRef" /> <CopyApplicationDialog ref="CopyApplicationDialogRef" />
<CreateFolderDialog ref="CreateFolderDialogRef" @refresh="refreshFolder" /> <CreateFolderDialog ref="CreateFolderDialogRef" @refresh="refreshFolder" />
<MoveToDialog <MoveToDialog ref="MoveToDialogRef" :source="SourceTypeEnum.APPLICATION" @refresh="refreshApplicationList"
ref="MoveToDialogRef" v-if="apiType === 'workspace'" />
:source="SourceTypeEnum.APPLICATION" <ResourceAuthorizationDrawer :type="SourceTypeEnum.APPLICATION" ref="ResourceAuthorizationDrawerRef" />
@refresh="refreshApplicationList"
v-if="apiType === 'workspace'"
/>
<ResourceAuthorizationDrawer
:type="SourceTypeEnum.APPLICATION"
ref="ResourceAuthorizationDrawerRef"
/>
</LayoutContainer> </LayoutContainer>
</template> </template>
@ -535,20 +444,20 @@ function toChat(row: any) {
.map((v: any) => { .map((v: any) => {
apiInputParams.value = v.properties.api_input_field_list apiInputParams.value = v.properties.api_input_field_list
? v.properties.api_input_field_list.map((v: any) => { ? v.properties.api_input_field_list.map((v: any) => {
return { return {
name: v.variable, name: v.variable,
value: v.default_value, value: v.default_value,
} }
}) })
: v.properties.input_field_list : v.properties.input_field_list
? v.properties.input_field_list ? v.properties.input_field_list
.filter((v: any) => v.assignment_method === 'api_input') .filter((v: any) => v.assignment_method === 'api_input')
.map((v: any) => { .map((v: any) => {
return { return {
name: v.variable, name: v.variable,
value: v.default_value, value: v.default_value,
} }
}) })
: [] : []
}) })
const apiParams = mapToUrlParams(apiInputParams.value) const apiParams = mapToUrlParams(apiInputParams.value)
@ -606,7 +515,7 @@ function deleteApplication(row: any) {
MsgSuccess(t('common.deleteSuccess')) MsgSuccess(t('common.deleteSuccess'))
}) })
}) })
.catch(() => {}) .catch(() => { })
} }
const exportApplication = (application: any) => { const exportApplication = (application: any) => {

2
ui/src/views/knowledge/component/KnowledgeListContainer.vue
View File

@ -260,7 +260,7 @@
> >
<el-dropdown-item <el-dropdown-item
@click.stop="openAuthorization(item)" @click.stop="openAuthorization(item)"
v-if="apiType === 'workspace'" v-if="apiType === 'workspace' && permissionPrecise.auth(item.id)"
> >
<AppIcon <AppIcon
iconName="app-resource-authorization" iconName="app-resource-authorization"

2
ui/src/views/model/component/ModelCard.vue
View File

@ -100,7 +100,7 @@
<AppIcon iconName="app-setting" class="color-secondary"></AppIcon> <AppIcon iconName="app-setting" class="color-secondary"></AppIcon>
{{ $t('views.model.modelForm.title.paramSetting') }} {{ $t('views.model.modelForm.title.paramSetting') }}
</el-dropdown-item> </el-dropdown-item>
<el-dropdown-item @click.stop="openAuthorization(model)" v-if="apiType === 'workspace'"> <el-dropdown-item @click.stop="openAuthorization(model)" v-if="apiType === 'workspace' && permissionPrecise.auth(model.id)">
<AppIcon iconName="app-resource-authorization" class="color-secondary"></AppIcon> <AppIcon iconName="app-resource-authorization" class="color-secondary"></AppIcon>
{{ $t('views.system.resourceAuthorization.title') }} {{ $t('views.system.resourceAuthorization.title') }}
</el-dropdown-item> </el-dropdown-item>

2
ui/src/views/tool/component/ToolListContainer.vue
View File

@ -252,7 +252,7 @@
</el-dropdown-item> </el-dropdown-item>
<el-dropdown-item <el-dropdown-item
@click.stop="openAuthorization(item)" @click.stop="openAuthorization(item)"
v-if="apiType === 'workspace'" v-if="apiType === 'workspace' && permissionPrecise.auth(item.id)"
> >
<AppIcon <AppIcon
iconName="app-resource-authorization" iconName="app-resource-authorization"