zhuchaowe/maxkb
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: add workspace validation for knowledge id across serializers

Browse Source
This commit is contained in:
CaptainB 2025-07-08 12:35:16 +08:00
parent 337461b683
commit 8aa2c1437c
5 changed files with 171 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

50
apps/knowledge/serializers/document.py
View File

@ -259,6 +259,20 @@ class DocumentSerializers(serializers.Serializer):
document_id_list = serializers.ListField(required=True, label=_('document list'), document_id_list = serializers.ListField(required=True, label=_('document list'),
child=serializers.UUIDField(required=True, label=_('document id'))) child=serializers.UUIDField(required=True, label=_('document id')))
def is_valid(self, *, raise_exception=False):
super().is_valid(raise_exception=True)
workspace_id = self.data.get('workspace_id')
query_set = QuerySet(Knowledge).filter(id=self.data.get('knowledge_id'))
if workspace_id:
query_set = query_set.filter(workspace_id=workspace_id)
if not query_set.exists():
raise AppApiException(500, _('Knowledge id does not exist'))
query_set = QuerySet(Knowledge).filter(id=self.data.get('target_knowledge_id'))
if workspace_id:
query_set = query_set.filter(workspace_id=workspace_id)
if not query_set.exists():
raise AppApiException(500, _('Knowledge id does not exist'))
@transaction.atomic @transaction.atomic
def migrate(self, with_valid=True): def migrate(self, with_valid=True):
if with_valid: if with_valid:
@ -416,6 +430,12 @@ class DocumentSerializers(serializers.Serializer):
def is_valid(self, *, raise_exception=False): def is_valid(self, *, raise_exception=False):
super().is_valid(raise_exception=True) super().is_valid(raise_exception=True)
workspace_id = self.data.get('workspace_id')
query_set = QuerySet(Knowledge).filter(id=self.data.get('knowledge_id'))
if workspace_id:
query_set = query_set.filter(workspace_id=workspace_id)
if not query_set.exists():
raise AppApiException(500, _('Knowledge id does not exist'))
document_id = self.data.get('document_id') document_id = self.data.get('document_id')
first = QuerySet(Document).filter(id=document_id).first() first = QuerySet(Document).filter(id=document_id).first()
if first is None: if first is None:
@ -510,6 +530,12 @@ class DocumentSerializers(serializers.Serializer):
def is_valid(self, *, raise_exception=False): def is_valid(self, *, raise_exception=False):
super().is_valid(raise_exception=True) super().is_valid(raise_exception=True)
workspace_id = self.data.get('workspace_id')
query_set = QuerySet(Knowledge).filter(id=self.data.get('knowledge_id'))
if workspace_id:
query_set = query_set.filter(workspace_id=workspace_id)
if not query_set.exists():
raise AppApiException(500, _('Knowledge id does not exist'))
document_id = self.data.get('document_id') document_id = self.data.get('document_id')
if not QuerySet(Document).filter(id=document_id).exists(): if not QuerySet(Document).filter(id=document_id).exists():
raise AppApiException(500, _('document id not exist')) raise AppApiException(500, _('document id not exist'))
@ -930,6 +956,12 @@ class DocumentSerializers(serializers.Serializer):
def is_valid(self, *, instance=None, raise_exception=True): def is_valid(self, *, instance=None, raise_exception=True):
super().is_valid(raise_exception=True) super().is_valid(raise_exception=True)
workspace_id = self.data.get('workspace_id')
query_set = QuerySet(Knowledge).filter(id=self.data.get('knowledge_id'))
if workspace_id:
query_set = query_set.filter(workspace_id=workspace_id)
if not query_set.exists():
raise AppApiException(500, _('Knowledge id does not exist'))
files = instance.get('file') files = instance.get('file')
knowledge = Knowledge.objects.filter(id=self.data.get('knowledge_id')).first() knowledge = Knowledge.objects.filter(id=self.data.get('knowledge_id')).first()
for f in files: for f in files:
@ -1023,6 +1055,15 @@ class DocumentSerializers(serializers.Serializer):
workspace_id = serializers.CharField(required=True, label=_('workspace id')) workspace_id = serializers.CharField(required=True, label=_('workspace id'))
knowledge_id = serializers.UUIDField(required=True, label=_('knowledge id')) knowledge_id = serializers.UUIDField(required=True, label=_('knowledge id'))
def is_valid(self, *, raise_exception=False):
super().is_valid(raise_exception=True)
workspace_id = self.data.get('workspace_id')
query_set = QuerySet(Knowledge).filter(id=self.data.get('knowledge_id'))
if workspace_id:
query_set = query_set.filter(workspace_id=workspace_id)
if not query_set.exists():
raise AppApiException(500, _('Knowledge id does not exist'))
@staticmethod @staticmethod
def link_file(source_file_id, document_id): def link_file(source_file_id, document_id):
if source_file_id is None: if source_file_id is None:
@ -1206,6 +1247,15 @@ class DocumentSerializers(serializers.Serializer):
workspace_id = serializers.CharField(required=True, label=_('workspace id')) workspace_id = serializers.CharField(required=True, label=_('workspace id'))
knowledge_id = serializers.UUIDField(required=True, label=_('knowledge id')) knowledge_id = serializers.UUIDField(required=True, label=_('knowledge id'))
def is_valid(self, *, raise_exception=False):
super().is_valid(raise_exception=True)
workspace_id = self.data.get('workspace_id')
query_set = QuerySet(Knowledge).filter(id=self.data.get('knowledge_id'))
if workspace_id:
query_set = query_set.filter(workspace_id=workspace_id)
if not query_set.exists():
raise AppApiException(500, _('Knowledge id does not exist'))
def batch_generate_related(self, instance: Dict, with_valid=True): def batch_generate_related(self, instance: Dict, with_valid=True):
if with_valid: if with_valid:
self.is_valid(raise_exception=True) self.is_valid(raise_exception=True)

24
apps/knowledge/serializers/knowledge.py
View File

@ -10,7 +10,6 @@ from typing import Dict, List
import uuid_utils.compat as uuid import uuid_utils.compat as uuid
from celery_once import AlreadyQueued from celery_once import AlreadyQueued
from django.core import validators from django.core import validators
from django.core.cache import cache
from django.db import transaction, models from django.db import transaction, models
from django.db.models import QuerySet from django.db.models import QuerySet
from django.db.models.functions import Reverse, Substr from django.db.models.functions import Reverse, Substr
@ -20,8 +19,6 @@ from rest_framework import serializers
from application.models import ApplicationKnowledgeMapping from application.models import ApplicationKnowledgeMapping
from common.config.embedding_config import VectorStore from common.config.embedding_config import VectorStore
from common.constants.cache_version import Cache_Version
from common.constants.permission_constants import ResourceAuthType, ResourcePermission, ResourcePermissionRole
from common.database_model_manage.database_model_manage import DatabaseModelManage from common.database_model_manage.database_model_manage import DatabaseModelManage
from common.db.search import native_search, get_dynamics_model, native_page_search from common.db.search import native_search, get_dynamics_model, native_page_search
from common.db.sql_execute import select_list from common.db.sql_execute import select_list
@ -227,6 +224,15 @@ class KnowledgeSerializer(serializers.Serializer):
workspace_id = serializers.CharField(required=True, label=_('workspace id')) workspace_id = serializers.CharField(required=True, label=_('workspace id'))
knowledge_id = serializers.UUIDField(required=True, label=_('knowledge id')) knowledge_id = serializers.UUIDField(required=True, label=_('knowledge id'))
def is_valid(self, *, raise_exception=False):
super().is_valid(raise_exception=True)
workspace_id = self.data.get('workspace_id')
query_set = QuerySet(Knowledge).filter(id=self.data.get('knowledge_id'))
if workspace_id:
query_set = query_set.filter(workspace_id=workspace_id)
if not query_set.exists():
raise AppApiException(500, _('Knowledge id does not exist'))
@transaction.atomic @transaction.atomic
def embedding(self, with_valid=True): def embedding(self, with_valid=True):
if with_valid: if with_valid:
@ -618,6 +624,12 @@ class KnowledgeSerializer(serializers.Serializer):
def is_valid(self, *, raise_exception=False): def is_valid(self, *, raise_exception=False):
super().is_valid(raise_exception=True) super().is_valid(raise_exception=True)
workspace_id = self.data.get('workspace_id')
query_set = QuerySet(Knowledge).filter(id=self.data.get('knowledge_id'))
if workspace_id:
query_set = query_set.filter(workspace_id=workspace_id)
if not query_set.exists():
raise AppApiException(500, _('Knowledge id does not exist'))
first = QuerySet(Knowledge).filter(id=self.data.get("knowledge_id")).first() first = QuerySet(Knowledge).filter(id=self.data.get("knowledge_id")).first()
if first is None: if first is None:
raise AppApiException(300, _('id does not exist')) raise AppApiException(300, _('id does not exist'))
@ -700,6 +712,12 @@ class KnowledgeSerializer(serializers.Serializer):
def is_valid(self, *, raise_exception=True): def is_valid(self, *, raise_exception=True):
super().is_valid(raise_exception=True) super().is_valid(raise_exception=True)
workspace_id = self.data.get('workspace_id')
query_set = QuerySet(Knowledge).filter(id=self.data.get('knowledge_id'))
if workspace_id:
query_set = query_set.filter(workspace_id=workspace_id)
if not query_set.exists():
raise AppApiException(500, _('Knowledge id does not exist'))
if not QuerySet(Knowledge).filter(id=self.data.get("knowledge_id")).exists(): if not QuerySet(Knowledge).filter(id=self.data.get("knowledge_id")).exists():
raise AppApiException(300, _('id does not exist')) raise AppApiException(300, _('id does not exist'))

61
apps/knowledge/serializers/paragraph.py
View File

@ -6,7 +6,6 @@ import uuid_utils.compat as uuid
from celery_once import AlreadyQueued from celery_once import AlreadyQueued
from django.db import transaction from django.db import transaction
from django.db.models import QuerySet, Count, F from django.db.models import QuerySet, Count, F
from django.db.models.aggregates import Max
from django.utils.translation import gettext_lazy as _ from django.utils.translation import gettext_lazy as _
from rest_framework import serializers from rest_framework import serializers
@ -67,12 +66,19 @@ class ParagraphSerializers(serializers.Serializer):
content = serializers.CharField(required=True, max_length=102400, label=_('section title')) content = serializers.CharField(required=True, max_length=102400, label=_('section title'))
class Problem(serializers.Serializer): class Problem(serializers.Serializer):
workspace_id = serializers.CharField(required=True, label=_('workspace id'))
knowledge_id = serializers.UUIDField(required=True, label=_('knowledge id')) knowledge_id = serializers.UUIDField(required=True, label=_('knowledge id'))
document_id = serializers.UUIDField(required=True, label=_('document id')) document_id = serializers.UUIDField(required=True, label=_('document id'))
paragraph_id = serializers.UUIDField(required=True, label=_('paragraph id')) paragraph_id = serializers.UUIDField(required=True, label=_('paragraph id'))
def is_valid(self, *, raise_exception=False): def is_valid(self, *, raise_exception=False):
super().is_valid(raise_exception=True) super().is_valid(raise_exception=True)
workspace_id = self.data.get('workspace_id')
query_set = QuerySet(Knowledge).filter(id=self.data.get('knowledge_id'))
if workspace_id:
query_set = query_set.filter(workspace_id=workspace_id)
if not query_set.exists():
raise AppApiException(500, _('Knowledge id does not exist'))
if not QuerySet(Paragraph).filter(id=self.data.get('paragraph_id')).exists(): if not QuerySet(Paragraph).filter(id=self.data.get('paragraph_id')).exists():
raise AppApiException(500, _('Paragraph id does not exist')) raise AppApiException(500, _('Paragraph id does not exist'))
@ -127,7 +133,11 @@ class ParagraphSerializers(serializers.Serializer):
}, model_id) }, model_id)
return ProblemSerializers.Operate( return ProblemSerializers.Operate(
data={'knowledge_id': self.data.get('knowledge_id'), 'problem_id': problem.id} data={
'workspace_id': self.data.get('workspace_id'),
'knowledge_id': self.data.get('knowledge_id'),
'problem_id': problem.id
}
).one(with_valid=True) ).one(with_valid=True)
class Operate(serializers.Serializer): class Operate(serializers.Serializer):
@ -141,6 +151,12 @@ class ParagraphSerializers(serializers.Serializer):
def is_valid(self, *, raise_exception=True): def is_valid(self, *, raise_exception=True):
super().is_valid(raise_exception=True) super().is_valid(raise_exception=True)
workspace_id = self.data.get('workspace_id')
query_set = QuerySet(Knowledge).filter(id=self.data.get('knowledge_id'))
if workspace_id:
query_set = query_set.filter(workspace_id=workspace_id)
if not query_set.exists():
raise AppApiException(500, _('Knowledge id does not exist'))
if not QuerySet(Paragraph).filter(id=self.data.get('paragraph_id')).exists(): if not QuerySet(Paragraph).filter(id=self.data.get('paragraph_id')).exists():
raise AppApiException(500, _('Paragraph id does not exist')) raise AppApiException(500, _('Paragraph id does not exist'))
@ -321,11 +337,21 @@ class ParagraphSerializers(serializers.Serializer):
return Problem(id=uuid.uuid7(), content=content, knowledge_id=knowledge_id) return Problem(id=uuid.uuid7(), content=content, knowledge_id=knowledge_id)
class Query(serializers.Serializer): class Query(serializers.Serializer):
workspace_id = serializers.CharField(required=True, label=_('workspace id'))
knowledge_id = serializers.UUIDField(required=True, label=_('knowledge id')) knowledge_id = serializers.UUIDField(required=True, label=_('knowledge id'))
document_id = serializers.UUIDField(required=True, label=_('document id')) document_id = serializers.UUIDField(required=True, label=_('document id'))
title = serializers.CharField(required=False, label=_('section title')) title = serializers.CharField(required=False, label=_('section title'))
content = serializers.CharField(required=False) content = serializers.CharField(required=False)
def is_valid(self, *, raise_exception=False):
super().is_valid(raise_exception=True)
workspace_id = self.data.get('workspace_id')
query_set = QuerySet(Knowledge).filter(id=self.data.get('knowledge_id'))
if workspace_id:
query_set = query_set.filter(workspace_id=workspace_id)
if not query_set.exists():
raise AppApiException(500, _('Knowledge id does not exist'))
def get_query_set(self): def get_query_set(self):
query_set = QuerySet(model=Paragraph) query_set = QuerySet(model=Paragraph)
query_set = query_set.filter( query_set = query_set.filter(
@ -357,6 +383,12 @@ class ParagraphSerializers(serializers.Serializer):
knowledge_id = self.data.get('knowledge_id') knowledge_id = self.data.get('knowledge_id')
paragraph_id = self.data.get('paragraph_id') paragraph_id = self.data.get('paragraph_id')
problem_id = self.data.get("problem_id") problem_id = self.data.get("problem_id")
workspace_id = self.data.get('workspace_id')
query_set = QuerySet(Knowledge).filter(id=self.data.get('knowledge_id'))
if workspace_id:
query_set = query_set.filter(workspace_id=workspace_id)
if not query_set.exists():
raise AppApiException(500, _('Knowledge id does not exist'))
if not QuerySet(Paragraph).filter(knowledge_id=knowledge_id, id=paragraph_id).exists(): if not QuerySet(Paragraph).filter(knowledge_id=knowledge_id, id=paragraph_id).exists():
raise AppApiException(500, _('Paragraph does not exist')) raise AppApiException(500, _('Paragraph does not exist'))
if not QuerySet(Problem).filter(knowledge_id=knowledge_id, id=problem_id).exists(): if not QuerySet(Problem).filter(knowledge_id=knowledge_id, id=problem_id).exists():
@ -398,9 +430,19 @@ class ParagraphSerializers(serializers.Serializer):
return True return True
class Batch(serializers.Serializer): class Batch(serializers.Serializer):
workspace_id = serializers.CharField(required=False, label=_('workspace id'))
knowledge_id = serializers.UUIDField(required=True, label=_('knowledge id')) knowledge_id = serializers.UUIDField(required=True, label=_('knowledge id'))
document_id = serializers.UUIDField(required=True, label=_('document id')) document_id = serializers.UUIDField(required=True, label=_('document id'))
def is_valid(self, *, raise_exception=False):
super().is_valid(raise_exception=True)
workspace_id = self.data.get('workspace_id')
query_set = QuerySet(Knowledge).filter(id=self.data.get('knowledge_id'))
if workspace_id:
query_set = query_set.filter(workspace_id=workspace_id)
if not query_set.exists():
raise AppApiException(500, _('Knowledge id does not exist'))
@transaction.atomic @transaction.atomic
def batch_delete(self, instance: Dict, with_valid=True): def batch_delete(self, instance: Dict, with_valid=True):
if with_valid: if with_valid:
@ -448,6 +490,12 @@ class ParagraphSerializers(serializers.Serializer):
def is_valid(self, *, raise_exception=False): def is_valid(self, *, raise_exception=False):
super().is_valid(raise_exception=True) super().is_valid(raise_exception=True)
workspace_id = self.data.get('workspace_id')
query_set = QuerySet(Knowledge).filter(id=self.data.get('knowledge_id'))
if workspace_id:
query_set = query_set.filter(workspace_id=workspace_id)
if not query_set.exists():
raise AppApiException(500, _('Knowledge id does not exist'))
document_list = QuerySet(Document).filter( document_list = QuerySet(Document).filter(
id__in=[self.data.get('document_id'), self.data.get('target_document_id')]) id__in=[self.data.get('document_id'), self.data.get('target_document_id')])
document_id = self.data.get('document_id') document_id = self.data.get('document_id')
@ -589,6 +637,15 @@ class ParagraphSerializers(serializers.Serializer):
document_id = serializers.UUIDField(required=True, label=_('document id')) document_id = serializers.UUIDField(required=True, label=_('document id'))
paragraph_id = serializers.UUIDField(required=True, label=_('paragraph id')) paragraph_id = serializers.UUIDField(required=True, label=_('paragraph id'))
def is_valid(self, *, raise_exception=False):
super().is_valid(raise_exception=True)
workspace_id = self.data.get('workspace_id')
query_set = QuerySet(Knowledge).filter(id=self.data.get('knowledge_id'))
if workspace_id:
query_set = query_set.filter(workspace_id=workspace_id)
if not query_set.exists():
raise AppApiException(500, _('Knowledge id does not exist'))
@transaction.atomic @transaction.atomic
def adjust_position(self, new_position): def adjust_position(self, new_position):
""" """

39
apps/knowledge/serializers/problem.py
View File

@ -9,6 +9,7 @@ from django.utils.translation import gettext_lazy as _
from rest_framework import serializers from rest_framework import serializers
from common.db.search import native_search, native_page_search from common.db.search import native_search, native_page_search
from common.exception.app_exception import AppApiException
from common.utils.common import get_file_content from common.utils.common import get_file_content
from knowledge.models import Problem, ProblemParagraphMapping, Paragraph, Knowledge, SourceType from knowledge.models import Problem, ProblemParagraphMapping, Paragraph, Knowledge, SourceType
from knowledge.serializers.common import get_embedding_model_id_by_knowledge_id from knowledge.serializers.common import get_embedding_model_id_by_knowledge_id
@ -59,8 +60,18 @@ class BatchAssociation(serializers.Serializer):
class ProblemSerializers(serializers.Serializer): class ProblemSerializers(serializers.Serializer):
class BatchOperate(serializers.Serializer): class BatchOperate(serializers.Serializer):
workspace_id = serializers.CharField(required=True, label=_('workspace id'))
knowledge_id = serializers.UUIDField(required=True, label=_('knowledge id')) knowledge_id = serializers.UUIDField(required=True, label=_('knowledge id'))
def is_valid(self, *, raise_exception=False):
super().is_valid(raise_exception=True)
workspace_id = self.data.get('workspace_id')
query_set = QuerySet(Knowledge).filter(id=self.data.get('knowledge_id'))
if workspace_id:
query_set = query_set.filter(workspace_id=workspace_id)
if not query_set.exists():
raise AppApiException(500, _('Knowledge id does not exist'))
def delete(self, problem_id_list: List, with_valid=True): def delete(self, problem_id_list: List, with_valid=True):
if with_valid: if with_valid:
self.is_valid(raise_exception=True) self.is_valid(raise_exception=True)
@ -123,9 +134,19 @@ class ProblemSerializers(serializers.Serializer):
embedding_by_data_list(data_list, model_id=model_id) embedding_by_data_list(data_list, model_id=model_id)
class Operate(serializers.Serializer): class Operate(serializers.Serializer):
workspace_id = serializers.CharField(required=True, label=_('workspace id'))
knowledge_id = serializers.UUIDField(required=True, label=_('knowledge id')) knowledge_id = serializers.UUIDField(required=True, label=_('knowledge id'))
problem_id = serializers.UUIDField(required=True, label=_('problem id')) problem_id = serializers.UUIDField(required=True, label=_('problem id'))
def is_valid(self, *, raise_exception=False):
super().is_valid(raise_exception=True)
workspace_id = self.data.get('workspace_id')
query_set = QuerySet(Knowledge).filter(id=self.data.get('knowledge_id'))
if workspace_id:
query_set = query_set.filter(workspace_id=workspace_id)
if not query_set.exists():
raise AppApiException(500, _('Knowledge id does not exist'))
def list_paragraph(self, with_valid=True): def list_paragraph(self, with_valid=True):
if with_valid: if with_valid:
self.is_valid(raise_exception=True) self.is_valid(raise_exception=True)
@ -176,6 +197,15 @@ class ProblemSerializers(serializers.Serializer):
workspace_id = serializers.CharField(required=True, label=_('workspace id')) workspace_id = serializers.CharField(required=True, label=_('workspace id'))
knowledge_id = serializers.UUIDField(required=True, label=_('knowledge id')) knowledge_id = serializers.UUIDField(required=True, label=_('knowledge id'))
def is_valid(self, *, raise_exception=False):
super().is_valid(raise_exception=True)
workspace_id = self.data.get('workspace_id')
query_set = QuerySet(Knowledge).filter(id=self.data.get('knowledge_id'))
if workspace_id:
query_set = query_set.filter(workspace_id=workspace_id)
if not query_set.exists():
raise AppApiException(500, _('Knowledge id does not exist'))
def batch(self, problem_list, with_valid=True): def batch(self, problem_list, with_valid=True):
if with_valid: if with_valid:
self.is_valid(raise_exception=True) self.is_valid(raise_exception=True)
@ -205,6 +235,15 @@ class ProblemSerializers(serializers.Serializer):
knowledge_id = serializers.UUIDField(required=True, label=_('knowledge id')) knowledge_id = serializers.UUIDField(required=True, label=_('knowledge id'))
content = serializers.CharField(required=False, label=_('content')) content = serializers.CharField(required=False, label=_('content'))
def is_valid(self, *, raise_exception=False):
super().is_valid(raise_exception=True)
workspace_id = self.data.get('workspace_id')
query_set = QuerySet(Knowledge).filter(id=self.data.get('knowledge_id'))
if workspace_id:
query_set = query_set.filter(workspace_id=workspace_id)
if not query_set.exists():
raise AppApiException(500, _('Knowledge id does not exist'))
def get_query_set(self): def get_query_set(self):
query_set = QuerySet(model=Problem) query_set = QuerySet(model=Problem)
query_set = query_set.filter( query_set = query_set.filter(

2
apps/knowledge/task/handler.py
View File

@ -108,8 +108,10 @@ def save_problem(knowledge_id, document_id, paragraph_id, problem):
if problem is None or len(problem) == 0: if problem is None or len(problem) == 0:
return return
try: try:
workspace_id = QuerySet(Knowledge).filter(id=knowledge_id).first().workspace_id
ParagraphSerializers.Problem( ParagraphSerializers.Problem(
data={ data={
'workspace_id': workspace_id,
"knowledge_id": knowledge_id, "knowledge_id": knowledge_id,
'document_id': document_id, 'document_id': document_id,
'paragraph_id': paragraph_id 'paragraph_id': paragraph_id