feat: application add workspace manage role (#3235)

apps/application/urls.py

@@ -6,18 +6,18 @@ app_name = 'application'
 
 urlpatterns = [
 
-    path('workspace/<str:workspace_id>/application', views.Application.as_view(), name='application'),
+    path('workspace/<str:workspace_id>/application', views.ApplicationAPI.as_view(), name='application'),
-    path('workspace/<str:workspace_id>/application/import', views.Application.Import.as_view()),
+    path('workspace/<str:workspace_id>/application/import', views.ApplicationAPI.Import.as_view()),
     path('workspace/<str:workspace_id>/application/<int:current_page>/<int:page_size>',
-         views.Application.Page.as_view(), name='application_page'),
+         views.ApplicationAPI.Page.as_view(), name='application_page'),
-    path('workspace/<str:workspace_id>/application/<str:application_id>', views.Application.Operate.as_view()),
+    path('workspace/<str:workspace_id>/application/<str:application_id>', views.ApplicationAPI.Operate.as_view()),
     path('workspace/<str:workspace_id>/application/<str:application_id>/application_key',
          views.ApplicationKey.as_view()),
     path('workspace/<str:workspace_id>/application/<str:application_id>/application_stats',
          views.ApplicationStats.as_view()),
     path('workspace/<str:workspace_id>/application/<str:application_id>/application_key/<str:api_key_id>',
          views.ApplicationKey.Operate.as_view()),
-    path('workspace/<str:workspace_id>/application/<str:application_id>/export', views.Application.Export.as_view()),
+    path('workspace/<str:workspace_id>/application/<str:application_id>/export', views.ApplicationAPI.Export.as_view()),
 
     path('workspace/<str:workspace_id>/application/<str:application_id>/work_flow_version',
          views.ApplicationVersionView.as_view()),

apps/application/views/application.py

@@ -20,7 +20,7 @@ from application.serializers.application import ApplicationSerializer, Query, Ap
 from common import result
 from common.auth import TokenAuth
 from common.auth.authentication import has_permissions
-from common.constants.permission_constants import PermissionConstants
+from common.constants.permission_constants import PermissionConstants, RoleConstants
 from common.log.log import log
 
 
@@ -33,7 +33,7 @@ def get_application_operation_object(application_id):
     return {}
 
 
-class Application(APIView):
+class ApplicationAPI(APIView):
     authentication_classes = [TokenAuth]
 
     @extend_schema(
@@ -46,7 +46,8 @@ class Application(APIView):
         responses=ApplicationCreateAPI.get_response(),
         tags=[_('Application')]  # type: ignore
     )
-    @has_permissions(PermissionConstants.APPLICATION_READ.get_workspace_permission())
+    @has_permissions(PermissionConstants.APPLICATION_READ.get_workspace_permission(),
+                     RoleConstants.WORKSPACE_MANAGE.get_workspace_role())
     @log(menu='Application', operate='Create an application',
          get_operation_object=lambda r, k: {'name': r.data.get('name')},
          workspace_id=lambda r, k: k.get('workspace_id'))
@@ -63,7 +64,8 @@ class Application(APIView):
         responses=ApplicationQueryAPI.get_response(),
         tags=[_('Application')]  # type: ignore
     )
-    @has_permissions(PermissionConstants.APPLICATION_READ.get_workspace_permission())
+    @has_permissions(PermissionConstants.APPLICATION_READ.get_workspace_permission(),
+                     RoleConstants.WORKSPACE_MANAGE.get_workspace_role())
     def get(self, request: Request, workspace_id: str):
         return result.success(Query(data={'workspace_id': workspace_id, 'user_id': request.user.id}).list(request.data))
 
@@ -79,7 +81,8 @@ class Application(APIView):
             responses=ApplicationQueryAPI.get_page_response(),
             tags=[_('Application')]  # type: ignore
         )
-        @has_permissions(PermissionConstants.APPLICATION_READ.get_workspace_permission())
+        @has_permissions(PermissionConstants.APPLICATION_READ.get_workspace_permission(),
+                         RoleConstants.WORKSPACE_MANAGE.get_workspace_role())
         def get(self, request: Request, workspace_id: str, current_page: int, page_size: int):
             return result.success(
                 Query(data={'workspace_id': workspace_id, 'user_id': request.user.id}).page(current_page, page_size,
@@ -99,7 +102,7 @@ class Application(APIView):
             responses=result.DefaultResultSerializer,
             tags=[_('Application')]  # type: ignore
         )
-        @has_permissions(PermissionConstants.APPLICATION_READ)
+        @has_permissions(PermissionConstants.APPLICATION_READ, RoleConstants.WORKSPACE_MANAGE.get_workspace_role())
         @log(menu='Application', operate="Import Application", workspace_id=lambda r, k: k.get('workspace_id'))
         def post(self, request: Request, workspace_id: str):
             return result.success(ApplicationSerializer(
@@ -119,7 +122,8 @@ class Application(APIView):
             responses=ApplicationExportAPI.get_response(),
             tags=[_('Application')]  # type: ignore
         )
-        @has_permissions(PermissionConstants.APPLICATION_EXPORT.get_workspace_application_permission())
+        @has_permissions(PermissionConstants.APPLICATION_EXPORT.get_workspace_application_permission(),
+                         RoleConstants.WORKSPACE_MANAGE.get_workspace_role())
         @log(menu='Application', operate="Export Application",
              get_operation_object=lambda r, k: get_application_operation_object(k.get('application_id')),
              workspace_id=lambda r, k: k.get('workspace_id'))
@@ -140,7 +144,8 @@ class Application(APIView):
             responses=result.DefaultResultSerializer,
             tags=[_('Application')]  # type: ignore
         )
-        @has_permissions(PermissionConstants.APPLICATION_DELETE.get_workspace_application_permission())
+        @has_permissions(PermissionConstants.APPLICATION_DELETE.get_workspace_application_permission(),
+                         RoleConstants.WORKSPACE_MANAGE.get_workspace_role())
         @log(menu='Application', operate='Deleting application',
              get_operation_object=lambda r, k: get_application_operation_object(k.get('application_id')),
              workspace_id=lambda r, k: k.get('workspace_id')
@@ -160,7 +165,8 @@ class Application(APIView):
             responses=ApplicationCreateAPI.get_response(),
             tags=[_('Application')]  # type: ignore
         )
-        @has_permissions(PermissionConstants.APPLICATION_EDIT.get_workspace_application_permission())
+        @has_permissions(PermissionConstants.APPLICATION_EDIT.get_workspace_application_permission(),
+                         RoleConstants.WORKSPACE_MANAGE.get_workspace_role())
         @log(menu='Application', operate="Modify the application",
              get_operation_object=lambda r, k: get_application_operation_object(k.get('application_id')),
              workspace_id=lambda r, k: k.get('workspace_id'))
@@ -180,7 +186,8 @@ class Application(APIView):
             responses=result.DefaultResultSerializer,
             tags=[_('Application')]  # type: ignore
         )
-        @has_permissions(PermissionConstants.WORKSPACE_READ.get_workspace_application_permission())
+        @has_permissions(PermissionConstants.WORKSPACE_READ.get_workspace_application_permission(),
+                         RoleConstants.WORKSPACE_MANAGE.get_workspace_role())
         def get(self, request: Request, workspace_id: str, application_id: str):
             return result.success(ApplicationOperateSerializer(
                 data={'application_id': application_id, 'user_id': request.user.id}).one())
@@ -202,7 +209,7 @@ class Application(APIView):
              get_operation_object=lambda r, k: get_application_operation_object(k.get('application_id')),
              workspace_id=lambda r, k: k.get('workspace_id')
              )
-        def put(self, request: Request, application_id: str):
+        def put(self, request: Request, workspace_id: str, application_id: str):
             return result.success(
                 ApplicationOperateSerializer(
                     data={'application_id': application_id, 'user_id': request.user.id}).publish(request.data))

apps/application/views/application_access_token.py

@@ -16,7 +16,7 @@ from application.serializers.application_access_token import AccessTokenSerializ
 from common import result
 from common.auth import TokenAuth
 from common.auth.authentication import has_permissions
-from common.constants.permission_constants import PermissionConstants
+from common.constants.permission_constants import PermissionConstants, RoleConstants
 
 
 class AccessToken(APIView):
@@ -31,7 +31,8 @@ class AccessToken(APIView):
         request=ApplicationAccessTokenAPI.get_request(),
         tags=[_('Application')]  # type: ignore
     )
-    @has_permissions(PermissionConstants.APPLICATION_OVERVIEW_ACCESS.get_workspace_application_permission())
+    @has_permissions(PermissionConstants.APPLICATION_OVERVIEW_ACCESS.get_workspace_application_permission(),
+                     RoleConstants.WORKSPACE_MANAGE.get_workspace_role())
     def put(self, request: Request, workspace_id: str, application_id: str):
         return result.success(
             AccessTokenSerializer(data={'application_id': application_id}).edit(
@@ -45,6 +46,8 @@ class AccessToken(APIView):
         parameters=ApplicationAccessTokenAPI.get_parameters(),
         tags=[_('Application')]  # type: ignore
     )
-    @has_permissions(PermissionConstants.APPLICATION_READ.get_workspace_application_permission())
+    @has_permissions(PermissionConstants.APPLICATION_READ.get_workspace_application_permission(),
+                     RoleConstants.WORKSPACE_MANAGE.get_workspace_role()
+                     )
     def get(self, request: Request, workspace_id: str, application_id: str):
         return result.success(AccessTokenSerializer(data={'application_id': application_id}).one())

apps/application/views/application_api_key.py

@@ -9,7 +9,7 @@ from application.models import ApplicationApiKey, Application
 from application.serializers.application_api_key import ApplicationKeySerializer
 from common.auth import TokenAuth
 from common.auth.authentication import has_permissions
-from common.constants.permission_constants import PermissionConstants
+from common.constants.permission_constants import PermissionConstants, RoleConstants
 from common.log.log import log
 from common.result import result, success, DefaultResultSerializer
 
@@ -39,7 +39,9 @@ class ApplicationKey(APIView):
     @log(menu='Application', operate="Add ApiKey",
          get_operation_object=lambda r, k: get_application_operation_object(k.get('application_id')),
          workspace_id=lambda r, k: k.get('workspace_id'))
-    @has_permissions(PermissionConstants.APPLICATION_OVERVIEW_API_KEY.get_workspace_application_permission())
+    @has_permissions(PermissionConstants.APPLICATION_OVERVIEW_API_KEY.get_workspace_application_permission(),
+                     RoleConstants.WORKSPACE_MANAGE.get_workspace_role()
+                     )
     def post(self, request: Request, workspace_id: str, application_id: str):
         return result.success(ApplicationKeySerializer(
             data={'application_id': application_id, 'user_id': request.user.id,
@@ -54,7 +56,8 @@ class ApplicationKey(APIView):
         responses=ApplicationKeyAPI.List.get_response(),
         tags=[_('Application Api Key')]  # type: ignore
     )
-    @has_permissions(PermissionConstants.APPLICATION_OVERVIEW_API_KEY.get_workspace_application_permission())
+    @has_permissions(PermissionConstants.APPLICATION_OVERVIEW_API_KEY.get_workspace_application_permission(),
+                     RoleConstants.WORKSPACE_MANAGE.get_workspace_role())
     def get(self, request: Request, workspace_id: str, application_id: str):
         return result.success(ApplicationKeySerializer(
             data={'application_id': application_id,
@@ -73,7 +76,8 @@ class ApplicationKey(APIView):
             responses=DefaultResultSerializer,
             tags=[_('Application Api Key')]  # type: ignore
         )
-        @has_permissions(PermissionConstants.APPLICATION_OVERVIEW_API_KEY.get_workspace_application_permission())
+        @has_permissions(PermissionConstants.APPLICATION_OVERVIEW_API_KEY.get_workspace_application_permission(),
+                         RoleConstants.WORKSPACE_MANAGE.get_workspace_role())
         @log(menu='Application', operate="Modify application API_KEY",
              get_operation_object=lambda r, k: get_application_operation_object(k.get('application_id')),
              workspace_id=lambda r, k: k.get('workspace_id'))
@@ -94,7 +98,8 @@ class ApplicationKey(APIView):
             responses=DefaultResultSerializer,
             tags=[_('Application Api Key')]  # type: ignore
         )
-        @has_permissions(PermissionConstants.APPLICATION_OVERVIEW_API_KEY.get_workspace_application_permission())
+        @has_permissions(PermissionConstants.APPLICATION_OVERVIEW_API_KEY.get_workspace_application_permission(),
+                         RoleConstants.WORKSPACE_MANAGE.get_workspace_role())
         @log(menu='Application', operate="Delete application API_KEY",
              get_operation_object=lambda r, k: get_application_operation_object(k.get('application_id')),
              workspace_id=lambda r, k: k.get('workspace_id'))

apps/application/views/application_chat.py

@@ -16,7 +16,7 @@ from application.api.application_chat import ApplicationChatQueryAPI, Applicatio
 from application.serializers.application_chat import ApplicationChatQuerySerializers
 from common.auth import TokenAuth
 from common.auth.authentication import has_permissions
-from common.constants.permission_constants import PermissionConstants
+from common.constants.permission_constants import PermissionConstants, RoleConstants
 from common.result import result
 from common.utils.common import query_params_to_single_dict
 
@@ -34,7 +34,8 @@ class ApplicationChat(APIView):
         responses=ApplicationChatQueryAPI.get_response(),
         tags=[_("Application/Conversation Log")]  # type: ignore
     )
-    @has_permissions(PermissionConstants.APPLICATION_CHAT_LOG.get_workspace_application_permission())
+    @has_permissions(PermissionConstants.APPLICATION_CHAT_LOG.get_workspace_application_permission(),
+                     RoleConstants.WORKSPACE_MANAGE.get_workspace_role())
     def get(self, request: Request, workspace_id: str, application_id: str):
         return result.success(ApplicationChatQuerySerializers(
             data={**query_params_to_single_dict(request.query_params), 'application_id': application_id,
@@ -53,7 +54,8 @@ class ApplicationChat(APIView):
             responses=ApplicationChatQueryPageAPI.get_response(),
             tags=[_("Application/Conversation Log")]  # type: ignore
         )
-        @has_permissions(PermissionConstants.APPLICATION_CHAT_LOG.get_workspace_application_permission())
+        @has_permissions(PermissionConstants.APPLICATION_CHAT_LOG.get_workspace_application_permission(),
+                         RoleConstants.WORKSPACE_MANAGE.get_workspace_role())
         def get(self, request: Request, workspace_id: str, application_id: str, current_page: int, page_size: int):
             return result.success(ApplicationChatQuerySerializers(
                 data={**query_params_to_single_dict(request.query_params), 'application_id': application_id,
@@ -73,7 +75,8 @@ class ApplicationChat(APIView):
             responses=ApplicationChatExportAPI.get_response(),
             tags=[_("Application/Conversation Log")]  # type: ignore
         )
-        @has_permissions(PermissionConstants.APPLICATION_CHAT_LOG_EXPORT.get_workspace_application_permission())
+        @has_permissions(PermissionConstants.APPLICATION_CHAT_LOG_EXPORT.get_workspace_application_permission(),
+                         RoleConstants.WORKSPACE_MANAGE.get_workspace_role())
         def post(self, request: Request, workspace_id: str, application_id: str):
             return ApplicationChatQuerySerializers(
                 data={**query_params_to_single_dict(request.query_params), 'application_id': application_id,

apps/application/views/application_chat_record.py

@@ -56,7 +56,8 @@ class ApplicationChatRecord(APIView):
             responses=ApplicationChatRecordQueryAPI.get_response(),
             tags=[_("Application/Conversation Log")]  # type: ignore
         )
-        @has_permissions(PermissionConstants.APPLICATION_CHAT_LOG.get_workspace_application_permission())
+        @has_permissions(PermissionConstants.APPLICATION_CHAT_LOG.get_workspace_application_permission(),
+                         RoleConstants.WORKSPACE_MANAGE.get_workspace_role())
         def get(self, request: Request, workspace_id: str, application_id: str, chat_id: str, current_page: int,
                 page_size: int):
             return result.success(ApplicationChatRecordQuerySerializers(
@@ -79,7 +80,8 @@ class ApplicationChatRecordAddKnowledge(APIView):
         responses=ApplicationChatRecordAddKnowledgeAPI.get_response(),
         tags=[_("Application/Conversation Log")]  # type: ignore
     )
-    @has_permissions(PermissionConstants.APPLICATION_CHAT_LOG.get_workspace_application_permission())
+    @has_permissions(PermissionConstants.APPLICATION_CHAT_LOG.get_workspace_application_permission(),
+                     RoleConstants.WORKSPACE_MANAGE.get_workspace_role())
     def post(self, request: Request, workspace_id: str, application_id: str):
         return result.success(ApplicationChatRecordAddKnowledgeSerializer().post_improve(request.data))
 
@@ -97,7 +99,8 @@ class ApplicationChatRecordImprove(APIView):
         responses=ApplicationChatRecordQueryAPI.get_response(),
         tags=[_("Application/Conversation Log")]  # type: ignore
     )
-    @has_permissions(PermissionConstants.APPLICATION_CHAT_LOG.get_workspace_application_permission())
+    @has_permissions(PermissionConstants.APPLICATION_CHAT_LOG.get_workspace_application_permission(),
+                     RoleConstants.WORKSPACE_MANAGE.get_workspace_role())
     def get(self, request: Request, workspace_id: str, application_id: str, chat_id: str, chat_record_id: str):
         return result.success(ChatRecordImproveSerializer(
             data={'chat_id': chat_id, 'chat_record_id': chat_record_id}).get())
@@ -116,7 +119,8 @@ class ApplicationChatRecordImproveParagraph(APIView):
         responses=ApplicationChatRecordImproveParagraphAPI.get_response(),
         tags=[_("Application/Conversation Log")]  # type: ignore
     )
-    @has_permissions(PermissionConstants.APPLICATION_CHAT_LOG_ANNOTATION.get_workspace_application_permission())
+    @has_permissions(PermissionConstants.APPLICATION_CHAT_LOG_ANNOTATION.get_workspace_application_permission(),
+                     RoleConstants.WORKSPACE_MANAGE.get_workspace_role())
     def put(self, request: Request,
             workspace_id: str,
             application_id: str,
@@ -141,7 +145,8 @@ class ApplicationChatRecordImproveParagraph(APIView):
             responses=ApplicationChatRecordImproveParagraphAPI.Operate.get_response(),
             tags=[_("Application/Conversation Log")]  # type: ignore
         )
-        @has_permissions(PermissionConstants.APPLICATION_CHAT_LOG_ANNOTATION.get_workspace_application_permission())
+        @has_permissions(PermissionConstants.APPLICATION_CHAT_LOG_ANNOTATION.get_workspace_application_permission(),
+                         RoleConstants.WORKSPACE_MANAGE.get_workspace_role())
         def delete(self, request: Request, workspace_id: str, application_id: str, chat_id: str, chat_record_id: str,
                    knowledge_id: str,
                    document_id: str, paragraph_id: str):

apps/application/views/application_stats.py

@@ -16,6 +16,9 @@ from common import result
 from common.auth import TokenAuth
 from django.utils.translation import gettext_lazy as _
 
+from common.auth.authentication import has_permissions
+from common.constants.permission_constants import PermissionConstants, RoleConstants
+
 
 class ApplicationStats(APIView):
     authentication_classes = [TokenAuth]
@@ -29,6 +32,8 @@ class ApplicationStats(APIView):
         responses=ApplicationStatsAPI.get_response(),
         tags=[_('Application')]  # type: ignore
     )
+    @has_permissions(PermissionConstants.APPLICATION_READ.get_workspace_application_permission(),
+                     RoleConstants.WORKSPACE_MANAGE.get_workspace_role())
     def get(self, request: Request, workspace_id: str, application_id: str):
         return result.success(
             ApplicationStatisticsSerializer(data={'application_id': application_id,

apps/application/views/application_version.py

@@ -18,7 +18,7 @@ from application.views import get_application_operation_object
 from common import result
 from common.auth import TokenAuth
 from common.auth.authentication import has_permissions
-from common.constants.permission_constants import PermissionConstants
+from common.constants.permission_constants import PermissionConstants, RoleConstants
 from common.log.log import log
 
 
@@ -34,7 +34,8 @@ class ApplicationVersionView(APIView):
         responses=ApplicationVersionListAPI.get_response(),
         tags=[_('Application/Version')]  # type: ignore
     )
-    @has_permissions(PermissionConstants.APPLICATION_READ.get_workspace_application_permission())
+    @has_permissions(PermissionConstants.APPLICATION_READ.get_workspace_application_permission(),
+                     RoleConstants.WORKSPACE_MANAGE.get_workspace_role())
     def get(self, request: Request, workspace_id, application_id: str):
         return result.success(
             ApplicationVersionSerializer.Query(
@@ -53,7 +54,8 @@ class ApplicationVersionView(APIView):
             responses=ApplicationVersionPageAPI.get_response(),
             tags=[_('Application/Version')]  # type: ignore
         )
-        @has_permissions(PermissionConstants.APPLICATION_READ.get_workspace_application_permission())
+        @has_permissions(PermissionConstants.APPLICATION_READ.get_workspace_application_permission(),
+                         RoleConstants.WORKSPACE_MANAGE.get_workspace_role())
         def get(self, request: Request, workspace_id: str, application_id: str, current_page: int, page_size: int):
             return result.success(
                 ApplicationVersionSerializer.Query(
@@ -73,7 +75,8 @@ class ApplicationVersionView(APIView):
             responses=ApplicationVersionOperateAPI.get_response(),
             tags=[_('Application/Version')]  # type: ignore
         )
-        @has_permissions(PermissionConstants.APPLICATION_EDIT.get_workspace_application_permission())
+        @has_permissions(PermissionConstants.APPLICATION_EDIT.get_workspace_application_permission(),
+                         RoleConstants.WORKSPACE_MANAGE.get_workspace_role())
         def get(self, request: Request, workspace_id: str, application_id: str, work_flow_version_id: str):
             return result.success(
                 ApplicationVersionSerializer.Operate(
@@ -90,7 +93,8 @@ class ApplicationVersionView(APIView):
             responses=ApplicationVersionOperateAPI.get_response(),
             tags=[_('Application/Version')]  # type: ignore
         )
-        @has_permissions(PermissionConstants.APPLICATION_EDIT.get_workspace_application_permission())
+        @has_permissions(PermissionConstants.APPLICATION_EDIT.get_workspace_application_permission(),
+                         RoleConstants.WORKSPACE_MANAGE.get_workspace_role())
         @log(menu='Application', operate="Modify application version information",
              get_operation_object=lambda r, k: get_application_operation_object(k.get('application_id')),
              workspace_id=lambda r, k: k.get('workspace_id'))

apps/common/auth/authentication.py

@@ -11,7 +11,7 @@ from typing import List
 from django.utils.translation import gettext_lazy as _
 
 from common.constants.permission_constants import PermissionConstants, RoleConstants, ViewPermission, CompareConstants, \
-    Permission
+    Permission, Role
 from common.exception.app_exception import AppUnauthorizedFailed
 
 
@@ -67,6 +67,8 @@ def exist_permissions(user_role: List[RoleConstants], user_permission: List[Perm
         return exist_permissions_by_permission_constants(user_permission, [permission])
     if isinstance(permission, Permission):
         return user_permission.__contains__(permission)
+    if isinstance(permission, Role):
+        return user_role.__contains__(permission.__str__())
     return False
 
 

apps/common/auth/handle/impl/user_token.py

@@ -224,8 +224,9 @@ def get_role_list(user,
                        workspace_user_role_mapping in
                        workspace_user_role_mapping_list] + [user.role], version=version)
         else:
-            cache.set(key, [user.role], version=version)
+            role_list = [user.role, get_role_permission(RoleConstants.WORKSPACE_MANAGE, 'default')]
-            return [user.role, get_role_permission(RoleConstants.WORKSPACE_MANAGE, 'default')]
+            cache.set(key, role_list, version=version)
+            return role_list
     return workspace_list
 
 

ui/src/api/user/resource-authorization.ts

@@ -49,9 +49,12 @@ const putResourceAuthorization: (
 ) => Promise<Result<any>> = (user_id, body, loading) => {
   return put(`${prefix}/user_resource_permission/user/${user_id}`, body, loading)
 }
-
+const getUserMember: (loading?: Ref<boolean>) => Promise<Result<any>> = (loading) => {
+  return get(`${prefix}/user_member`, undefined, loading)
+}
 export default {
   getResourceAuthorization,
   putResourceAuthorization,
   getUserList,
+  getUserMember,
 }

ui/src/views/resource-authorization/index.vue

@@ -139,7 +139,7 @@ function clickMemberHandle(item: any) {
 }
 
 function getMember(id?: string) {
-  AuthorizationApi.getUserList(loading).then((res) => {
+  AuthorizationApi.getUserMember(loading).then((res) => {
     memberList.value = res.data
     filterMember.value = res.data