feat: hit test permission

This commit is contained in:
zhangzhanwei 2025-07-01 18:05:57 +08:00 committed by zhanweizhang7
parent 8c0361bbc2
commit a4143eed23
6 changed files with 55 additions and 22 deletions

View File

@ -19,6 +19,7 @@ class Group(Enum):
""" """
权限组 一个组一般对应前端一个菜单 权限组 一个组一般对应前端一个菜单
""" """
USER = "USER_MANAGEMENT" USER = "USER_MANAGEMENT"
# 应用 # 应用
APPLICATION = "APPLICATION" APPLICATION = "APPLICATION"
@ -36,7 +37,7 @@ class Group(Enum):
KNOWLEDGE = "KNOWLEDGE" KNOWLEDGE = "KNOWLEDGE"
SYSTEM_KNOWLEDGE = "SYSTEM_KNOWLEDGE" SYSTEM_KNOWLEDGE = "SYSTEM_KNOWLEDGE"
SYSTEM_RES_KNOWLEDGE = "SYSTEM_RESOURCE_KNOWLEDGE" SYSTEM_RES_KNOWLEDGE = "SYSTEM_RESOURCE_KNOWLEDGE"
KNOWLEDGE_HIT_TEST = "KNOWLEDGE_HIT_TEST"
KNOWLEDGE_DOCUMENT = "KNOWLEDGE_DOCUMENT" KNOWLEDGE_DOCUMENT = "KNOWLEDGE_DOCUMENT"
SYSTEM_KNOWLEDGE_DOCUMENT = "SYSTEM_KNOWLEDGE_DOCUMENT" SYSTEM_KNOWLEDGE_DOCUMENT = "SYSTEM_KNOWLEDGE_DOCUMENT"
SYSTEM_RES_KNOWLEDGE_DOCUMENT = "SYSTEM_RESOURCE_KNOWLEDGE_DOCUMENT" SYSTEM_RES_KNOWLEDGE_DOCUMENT = "SYSTEM_RESOURCE_KNOWLEDGE_DOCUMENT"
@ -44,6 +45,8 @@ class Group(Enum):
KNOWLEDGE_PROBLEM = "KNOWLEDGE_PROBLEM" KNOWLEDGE_PROBLEM = "KNOWLEDGE_PROBLEM"
SYSTEM_KNOWLEDGE_PROBLEM = "SYSTEM_KNOWLEDGE_PROBLEM" SYSTEM_KNOWLEDGE_PROBLEM = "SYSTEM_KNOWLEDGE_PROBLEM"
SYSTEM_RES_KNOWLEDGE_PROBLEM = "SYSTEM_RESOURCE_KNOWLEDGE_PROBLEM" SYSTEM_RES_KNOWLEDGE_PROBLEM = "SYSTEM_RESOURCE_KNOWLEDGE_PROBLEM"
SYSTEM_KNOWLEDGE_HIT_TEST = "SYSTEM_KNOWLEDGE_HIT_TEST"
SYSTEM_KNOWLEDGE_CHAT_USER = "SYSTEM_KNOWLEDGE_CHAT_USER" SYSTEM_KNOWLEDGE_CHAT_USER = "SYSTEM_KNOWLEDGE_CHAT_USER"
MODEL = "MODEL" MODEL = "MODEL"
@ -158,7 +161,6 @@ class Operate(Enum):
SETTING = "READ+SETTING" # 管理 SETTING = "READ+SETTING" # 管理
DOWNLOAD = "READ+DOWNLOAD" # 下载 DOWNLOAD = "READ+DOWNLOAD" # 下载
class RoleGroup(Enum): class RoleGroup(Enum):
# 系统用户 # 系统用户
SYSTEM_USER = "SYSTEM_USER" SYSTEM_USER = "SYSTEM_USER"
@ -298,6 +300,7 @@ Permission_Label = {
Group.KNOWLEDGE.value: _("Knowledge"), Group.KNOWLEDGE.value: _("Knowledge"),
Group.KNOWLEDGE_DOCUMENT.value: _("Document"), Group.KNOWLEDGE_DOCUMENT.value: _("Document"),
Group.KNOWLEDGE_PROBLEM.value: _("Problem"), Group.KNOWLEDGE_PROBLEM.value: _("Problem"),
Group.KNOWLEDGE_HIT_TEST.value: _("Hit-Test"),
Operate.IMPORT.value: _("Import"), Operate.IMPORT.value: _("Import"),
Operate.EXPORT.value: _("Export"), Operate.EXPORT.value: _("Export"),
Operate.DEBUG.value: _("Debug"), Operate.DEBUG.value: _("Debug"),
@ -340,6 +343,7 @@ Permission_Label = {
Group.SYSTEM_KNOWLEDGE.value: _("Knowledge"), Group.SYSTEM_KNOWLEDGE.value: _("Knowledge"),
Group.SYSTEM_KNOWLEDGE_DOCUMENT.value: _("Document"), Group.SYSTEM_KNOWLEDGE_DOCUMENT.value: _("Document"),
Group.SYSTEM_KNOWLEDGE_PROBLEM.value: _("Problem"), Group.SYSTEM_KNOWLEDGE_PROBLEM.value: _("Problem"),
Group.SYSTEM_KNOWLEDGE_HIT_TEST.value: _("Hit-test"),
Group.SYSTEM_KNOWLEDGE_CHAT_USER.value: _("Dialogue users"), Group.SYSTEM_KNOWLEDGE_CHAT_USER.value: _("Dialogue users"),
Group.SYSTEM_RES_TOOL.value: _("Tool"), Group.SYSTEM_RES_TOOL.value: _("Tool"),
Group.SYSTEM_RES_MODEL.value: _("Model"), Group.SYSTEM_RES_MODEL.value: _("Model"),
@ -579,7 +583,12 @@ class PermissionConstants(Enum):
resource_permission_group_list=[ResourcePermissionConst.KNOWLEDGE_MANGE], resource_permission_group_list=[ResourcePermissionConst.KNOWLEDGE_MANGE],
parent_group=[WorkspaceGroup.KNOWLEDGE, UserGroup.KNOWLEDGE] parent_group=[WorkspaceGroup.KNOWLEDGE, UserGroup.KNOWLEDGE]
) )
KNOWLEDGE_HIT_TEST = Permission(
group=Group.KNOWLEDGE_HIT_TEST, operate=Operate.READ,
role_list=[RoleConstants.ADMIN, RoleConstants.USER],
resource_permission_group_list=[ResourcePermissionConst.KNOWLEDGE_VIEW],
parent_group=[WorkspaceGroup.KNOWLEDGE, UserGroup.KNOWLEDGE]
)
KNOWLEDGE_PROBLEM_READ = Permission( KNOWLEDGE_PROBLEM_READ = Permission(
group=Group.KNOWLEDGE_PROBLEM, operate=Operate.READ, group=Group.KNOWLEDGE_PROBLEM, operate=Operate.READ,
role_list=[RoleConstants.ADMIN, RoleConstants.USER], role_list=[RoleConstants.ADMIN, RoleConstants.USER],
@ -1146,6 +1155,10 @@ class PermissionConstants(Enum):
group=Group.SYSTEM_KNOWLEDGE_PROBLEM, operate=Operate.DELETE, role_list=[RoleConstants.ADMIN], group=Group.SYSTEM_KNOWLEDGE_PROBLEM, operate=Operate.DELETE, role_list=[RoleConstants.ADMIN],
parent_group=[SystemGroup.SHARED_KNOWLEDGE] parent_group=[SystemGroup.SHARED_KNOWLEDGE]
) )
SHARED_KNOWLEDGE_HIT_TEST = Permission(
group=Group.SYSTEM_KNOWLEDGE_HIT_TEST, operate=Operate.READ, role_list=[RoleConstants.ADMIN],
parent_group=[SystemGroup.SHARED_KNOWLEDGE]
)
SHARED_KNOWLEDGE_CHAT_USER_READ = Permission( SHARED_KNOWLEDGE_CHAT_USER_READ = Permission(
group=Group.SYSTEM_KNOWLEDGE_CHAT_USER, operate=Operate.READ, role_list=[RoleConstants.ADMIN], group=Group.SYSTEM_KNOWLEDGE_CHAT_USER, operate=Operate.READ, role_list=[RoleConstants.ADMIN],
parent_group=[SystemGroup.SHARED_KNOWLEDGE] parent_group=[SystemGroup.SHARED_KNOWLEDGE]

View File

@ -196,8 +196,8 @@ class KnowledgeView(APIView):
tags=[_('Knowledge Base')] # type: ignore tags=[_('Knowledge Base')] # type: ignore
) )
@has_permissions( @has_permissions(
PermissionConstants.KNOWLEDGE_EDIT.get_workspace_knowledge_permission(), PermissionConstants.KNOWLEDGE_HIT_TEST.get_workspace_knowledge_permission(),
PermissionConstants.KNOWLEDGE_EDIT.get_workspace_permission_workspace_manage_role(), PermissionConstants.KNOWLEDGE_HIT_TEST.get_workspace_permission_workspace_manage_role(),
RoleConstants.WORKSPACE_MANAGE.get_workspace_role(), RoleConstants.WORKSPACE_MANAGE.get_workspace_role(),
RoleConstants.USER.get_workspace_role() RoleConstants.USER.get_workspace_role()
) )

View File

@ -85,14 +85,28 @@ const DocumentRouter = {
group: 'KnowledgeDetail', group: 'KnowledgeDetail',
permission: [ permission: [
RoleConst.ADMIN, RoleConst.ADMIN,
RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
() => { () => {
const to: any = get_next_route() const to: any = get_next_route()
return PermissionConst.KNOWLEDGE_CHAT_USER_READ.getKnowledgeWorkspaceResourcePermission( if (to.params.folderId == 'shared') {
to ? to.params.id : '', return RoleConst.ADMIN
) } else {
return RoleConst.WORKSPACE_MANAGE.getWorkspaceRole
}
},
() => {
const to: any = get_next_route()
if (to.params.folderId == 'shared') {
return PermissionConst.SHARED_KNOWLEDGE_CHAT_USER_READ
} else {
return PermissionConst.KNOWLEDGE_CHAT_USER_READ.getKnowledgeWorkspaceResourcePermission(to ? to.params.id : '',)
}
},
() => {
const to: any = get_next_route()
if (to.params.folder_id == 'shared') {
return RoleConst.ADMIN
} else { return PermissionConst.KNOWLEDGE_CHAT_USER_READ.getWorkspacePermissionWorkspaceManageRole }
}, },
PermissionConst.KNOWLEDGE_CHAT_USER_READ.getWorkspacePermissionWorkspaceManageRole,
], ],
}, },
component: () => import('@/views/chat-user/index.vue'), component: () => import('@/views/chat-user/index.vue'),

View File

@ -60,7 +60,7 @@ const systemRouter = {
new ComplexPermission( new ComplexPermission(
[RoleConst.WORKSPACE_MANAGE, RoleConst.ADMIN], [RoleConst.WORKSPACE_MANAGE, RoleConst.ADMIN],
[PermissionConst.WORKSPACE_WORKSPACE_READ, PermissionConst.WORKSPACE_READ], [PermissionConst.WORKSPACE_WORKSPACE_READ, PermissionConst.WORKSPACE_READ],
[EditionConst.IS_EE, EditionConst.IS_PE], [EditionConst.IS_EE],
'OR', 'OR',
), ),
], ],

View File

@ -42,7 +42,7 @@
</span> </span>
</div> </div>
<el-button type="primary" :disabled="current?.is_auth" @click="handleSave" <el-button type="primary" :disabled="current?.is_auth" @click="handleSave"
v-if="hasPermission(permissionObj[(route.meta?.resourceType as string)],'OR')" v-if="hasPermission(permissionObj[route.path.includes('shared')?'SHAREDKNOWLEDGE':(route.meta?.resourceType as string)],'OR')"
> >
{{ t('common.save') }} {{ t('common.save') }}
</el-button> </el-button>
@ -57,7 +57,7 @@
:placeholder="$t('common.inputPlaceholder')" style="width: 220px" clearable /> :placeholder="$t('common.inputPlaceholder')" style="width: 220px" clearable />
</div> </div>
<div class="flex align-center" <div class="flex align-center"
v-if="hasPermission(permissionObj[(route.meta?.resourceType as string)],'OR')" v-if="hasPermission(permissionObj[route.path.includes('shared')?'SHAREDKNOWLEDGE':(route.meta?.resourceType as string)],'OR')"
> >
<div class="color-secondary mr-8">{{ $t('views.chatUser.autoAuthorization') }}</div> <div class="color-secondary mr-8">{{ $t('views.chatUser.autoAuthorization') }}</div>
<el-switch size="small" :model-value="current?.is_auth" @click="changeAuth" <el-switch size="small" :model-value="current?.is_auth" @click="changeAuth"
@ -108,6 +108,7 @@
<script lang="ts" setup> <script lang="ts" setup>
import { onMounted, ref, watch, reactive, computed } from 'vue' import { onMounted, ref, watch, reactive, computed } from 'vue'
import ChatUserApi from '@/api/chat-user/chat-user' import ChatUserApi from '@/api/chat-user/chat-user'
import SharedChatUserApi from "@/api/system-shared/knowledge-chat-user"
import { t } from '@/locales' import { t } from '@/locales'
import type { ChatUserGroupItem, ChatUserGroupUserItem } from '@/api/type/workspaceChatUser' import type { ChatUserGroupItem, ChatUserGroupUserItem } from '@/api/type/workspaceChatUser'
import { useRoute } from 'vue-router' import { useRoute } from 'vue-router'
@ -132,7 +133,7 @@ const permissionPrecise = computed(() => {
const { const {
params: { id }, params: { id },
} = route as any } = route as any
const permissionObj=ref<any>({ const permissionObj=ref<any>({
"APPLICATION": new ComplexPermission([RoleConst.ADMIN, RoleConst.WORKSPACE_MANAGE.getWorkspaceRole], "APPLICATION": new ComplexPermission([RoleConst.ADMIN, RoleConst.WORKSPACE_MANAGE.getWorkspaceRole],
[PermissionConst.APPLICATION_CHAT_USER_EDIT, [PermissionConst.APPLICATION_CHAT_USER_EDIT,
@ -140,6 +141,7 @@ const permissionObj=ref<any>({
"KNOWLEDGE": new ComplexPermission([RoleConst.ADMIN, RoleConst.WORKSPACE_MANAGE.getWorkspaceRole], "KNOWLEDGE": new ComplexPermission([RoleConst.ADMIN, RoleConst.WORKSPACE_MANAGE.getWorkspaceRole],
[PermissionConst.KNOWLEDGE_CHAT_USER_EDIT, [PermissionConst.KNOWLEDGE_CHAT_USER_EDIT,
PermissionConst.KNOWLEDGE_CHAT_USER_EDIT.getKnowledgeWorkspaceResourcePermission(id)],[],'OR'), PermissionConst.KNOWLEDGE_CHAT_USER_EDIT.getKnowledgeWorkspaceResourcePermission(id)],[],'OR'),
"SHAREDKNOWLEDGE": new ComplexPermission([RoleConst.ADMIN],[PermissionConst.SHARED_KNOWLEDGE_CHAT_USER_EDIT],[],'OR')
}) })
const resource = reactive({ resource_id: route.params.id as string, resource_type: route.meta.resourceType as string }) const resource = reactive({ resource_id: route.params.id as string, resource_type: route.meta.resourceType as string })
@ -149,10 +151,17 @@ const loading = ref(false)
const list = ref<ChatUserGroupItem[]>([]) const list = ref<ChatUserGroupItem[]>([])
const filterList = ref<ChatUserGroupItem[]>([]) // const filterList = ref<ChatUserGroupItem[]>([]) //
const current = ref<ChatUserGroupItem>() const current = ref<ChatUserGroupItem>()
const chatUserAuthAPI=computed(()=>{
if(route.path.includes('shared')){
return SharedChatUserApi
}else{
return ChatUserApi
}
})
async function getUserGroupList() { async function getUserGroupList() {
try { try {
const res = await ChatUserApi.getUserGroupList(resource, loading) const res = await chatUserAuthAPI.value.getUserGroupList(resource, loading)
list.value = res.data list.value = res.data
filterList.value = filter(list.value, filterText.value) filterList.value = filter(list.value, filterText.value)
} catch (error) { } catch (error) {
@ -185,7 +194,7 @@ function clickUserGroup(item: ChatUserGroupItem) {
async function changeAuth() { async function changeAuth() {
const params = [{ user_group_id: current.value?.id as string, is_auth: !current.value?.is_auth }] const params = [{ user_group_id: current.value?.id as string, is_auth: !current.value?.is_auth }]
try { try {
await ChatUserApi.editUserGroupList(resource, params, loading) await chatUserAuthAPI.value.editUserGroupList(resource, params, loading)
await getUserGroupList() await getUserGroupList()
current.value = { name: current.value?.name as string, id: current.value?.id as string, is_auth: !current.value?.is_auth } current.value = { name: current.value?.name as string, id: current.value?.id as string, is_auth: !current.value?.is_auth }
getList() getList()
@ -211,7 +220,7 @@ const tableData = ref<ChatUserGroupUserItem[]>([])
async function getList() { async function getList() {
if (!current.value?.id) return if (!current.value?.id) return
try { try {
const res = await ChatUserApi.getUserGroupUserList(resource, current.value?.id, paginationConfig, searchForm.value.name, rightLoading) const res = await chatUserAuthAPI.value.getUserGroupUserList(resource, current.value?.id, paginationConfig, searchForm.value.name, rightLoading)
tableData.value = res.data.records tableData.value = res.data.records
paginationConfig.total = res.data.total paginationConfig.total = res.data.total
} catch (error) { } catch (error) {
@ -249,7 +258,7 @@ const handleRowChange = (value: boolean, row: ChatUserGroupUserItem) => {
async function handleSave() { async function handleSave() {
try { try {
const params = tableData.value.map(item => ({ chat_user_id: item.id, is_auth: item.is_auth })) const params = tableData.value.map(item => ({ chat_user_id: item.id, is_auth: item.is_auth }))
await ChatUserApi.putUserGroupUser(resource, current.value?.id as string, params, rightLoading) await chatUserAuthAPI.value.putUserGroupUser(resource, current.value?.id as string, params, rightLoading)
MsgSuccess(t('common.saveSuccess')) MsgSuccess(t('common.saveSuccess'))
} catch (error) { } catch (error) {
console.error(error) console.error(error)

View File

@ -231,7 +231,7 @@
<template #footer> <template #footer>
<div> <div>
<el-button :loading="loading" @click="visible = false">{{ $t('common.cancel') }}</el-button> <el-button :loading="loading" @click="visible = false">{{ $t('common.cancel') }}</el-button>
<el-button :loading="loading" @click="openDebug" v-if="permissionPrecise.debug(id)">{{ <el-button :loading="loading" @click="openDebug" v-if="permissionPrecise.debug(form?.id||'or')">{{
$t('common.debug') $t('common.debug')
}}</el-button> }}</el-button>
<el-button type="primary" @click="submit(FormRef)" :loading="loading"> <el-button type="primary" @click="submit(FormRef)" :loading="loading">
@ -265,9 +265,6 @@ import permissionMap from '@/permission'
import { loadSharedApi } from '@/utils/dynamics-api/shared-api' import { loadSharedApi } from '@/utils/dynamics-api/shared-api'
const route = useRoute() const route = useRoute()
const {
params: { id, folderId }, // idknowledgeID
} = route as any
const props = defineProps({ const props = defineProps({
title: String, title: String,