From 1011cb2aff8e8485206a632364897bb9ef1548a2 Mon Sep 17 00:00:00 2001 From: shaohuzhang1 Date: Mon, 1 Jun 2026 16:42:07 +0800 Subject: [PATCH] fix: The data in the resource list is incorrect --- apps/application/serializers/application.py | 11 ++++--- apps/knowledge/serializers/knowledge.py | 25 ++++++++------- .../serializers/model_serializer.py | 6 ++-- apps/tools/serializers/tool.py | 32 ++++++++++--------- apps/users/serializers/user.py | 14 +++++++- 5 files changed, 53 insertions(+), 35 deletions(-) diff --git a/apps/application/serializers/application.py b/apps/application/serializers/application.py index 7a501f0e743..57b4d62e249 100644 --- a/apps/application/serializers/application.py +++ b/apps/application/serializers/application.py @@ -61,7 +61,7 @@ from tools.serializers.tool import ToolExportModelSerializer from trigger.models import TriggerTask, Trigger from users.models import User -from users.serializers.user import is_workspace_manage +from users.serializers.user import is_workspace_manage, is_workspace_manage_permission_read def get_base_node_work_flow(work_flow): @@ -417,7 +417,7 @@ def list(self, instance: Dict): user_id = self.data.get("user_id") req_dict = ApplicationQueryRequest(data=instance) req_dict.is_valid(raise_exception=True) - workspace_manage = is_workspace_manage(user_id, workspace_id) + workspace_manage = is_workspace_manage_permission_read(user_id, workspace_id, "APPLICATION:READ") is_x_pack_ee = self.is_x_pack_ee() return native_search(self.get_query_set(req_dict.data, workspace_manage, is_x_pack_ee), select_string=get_file_content( @@ -432,7 +432,7 @@ def page(self, current_page: int, page_size: int, instance: Dict): req_dict.is_valid(raise_exception=True) workspace_id = self.data.get('workspace_id') user_id = self.data.get("user_id") - workspace_manage = is_workspace_manage(user_id, workspace_id) + workspace_manage = is_workspace_manage_permission_read(user_id, workspace_id, "APPLICATION:READ") is_x_pack_ee = self.is_x_pack_ee() result = native_page_search(current_page, page_size, self.get_query_set(req_dict.data, workspace_manage, is_x_pack_ee), @@ -972,7 +972,7 @@ def publish(self, instance, with_valid=True): work_flow_version.save() access_token = hashlib.md5( str(uuid.uuid7()).encode()).hexdigest()[ - 8:24] + 8:24] application_access_token = QuerySet(ApplicationAccessToken).filter( application_id=application.id).first() if application_access_token is None: @@ -1276,7 +1276,8 @@ def update_knowledge_node(self, workflow, available_knowledge_dict): knowledge_list = [available_knowledge_dict.get(knowledge_id) for knowledge_id in knowledge_id_list if available_knowledge_dict.__contains__(knowledge_id)] node_data['all_knowledge_id_list'] = knowledge_id_list - node_data['no_permission_knowledge_id_list'] = [knowledge_id for knowledge_id in knowledge_id_list if not available_knowledge_dict.__contains__(knowledge_id) ] + node_data['no_permission_knowledge_id_list'] = [knowledge_id for knowledge_id in knowledge_id_list if + not available_knowledge_dict.__contains__(knowledge_id)] node_data['knowledge_id_list'] = [knowledge.get('id') for knowledge in knowledge_list] node_data['knowledge_list'] = knowledge_list diff --git a/apps/knowledge/serializers/knowledge.py b/apps/knowledge/serializers/knowledge.py index e462adec105..a8816768190 100644 --- a/apps/knowledge/serializers/knowledge.py +++ b/apps/knowledge/serializers/knowledge.py @@ -44,7 +44,7 @@ from system_manage.models.resource_mapping import ResourceMapping from system_manage.serializers.resource_mapping_serializers import ResourceMappingSerializer from system_manage.serializers.user_resource_permission import UserResourcePermissionSerializer -from users.serializers.user import is_workspace_manage +from users.serializers.user import is_workspace_manage, is_workspace_manage_permission_read from knowledge.models import ( Document, @@ -226,9 +226,9 @@ def get_query_set(self, workspace_manage, is_x_pack_ee): query_set = query_set.filter(**{"temp.workspace_id": self.data.get("workspace_id")}) folder_query_set = folder_query_set.filter(**{"workspace_id": self.data.get("workspace_id")}) if ( - "folder_id" in self.data - and self.data.get("folder_id") is not None - and self.data.get("workspace_id") != self.data.get("folder_id") + "folder_id" in self.data + and self.data.get("folder_id") is not None + and self.data.get("workspace_id") != self.data.get("folder_id") ): query_set = query_set.filter(**{"temp.folder_id": self.data.get("folder_id")}) folder_query_set = folder_query_set.filter(**{"parent_id": self.data.get("folder_id")}) @@ -259,7 +259,8 @@ def page(self, current_page: int, page_size: int): root = KnowledgeFolder.objects.filter(id=folder_id).first() if not root: raise serializers.ValidationError(_("Folder not found")) - workspace_manage = is_workspace_manage(self.data.get("user_id"), self.data.get("workspace_id")) + workspace_manage = is_workspace_manage_permission_read(self.data.get("user_id"), + self.data.get("workspace_id"), "KNOWLEDGE:READ") is_x_pack_ee = self.is_x_pack_ee() result = native_page_search( current_page, @@ -288,7 +289,9 @@ def list(self): root = KnowledgeFolder.objects.filter(id=folder_id).first() if not root: raise serializers.ValidationError(_("Folder not found")) - workspace_manage = is_workspace_manage(self.data.get("user_id"), self.data.get("workspace_id")) + workspace_manage = is_workspace_manage_permission_read(self.data.get("user_id"), + self.data.get("workspace_id"), "KNOWLEDGE:READ") + is_x_pack_ee = self.is_x_pack_ee() return native_search( self.get_query_set(workspace_manage, is_x_pack_ee), @@ -449,10 +452,10 @@ def one(self): [ str(application_knowledge_mapping.source_id) for application_knowledge_mapping in QuerySet(ResourceMapping).filter( - source_type="APPLICATION", - target_type="KNOWLEDGE", - target_id=self.data.get("knowledge_id"), - ) + source_type="APPLICATION", + target_type="KNOWLEDGE", + target_id=self.data.get("knowledge_id"), + ) ], ) ), @@ -687,7 +690,7 @@ def export_knowledge(self, with_valid=True): @staticmethod def _get_knowledge_workbook( - data_dict: dict, document_dict: dict, doc_tag_map: dict, doc_obj_map: dict, paragraph_active_map: dict + data_dict: dict, document_dict: dict, doc_tag_map: dict, doc_obj_map: dict, paragraph_active_map: dict ): import openpyxl from openpyxl.cell.cell import ILLEGAL_CHARACTERS_RE diff --git a/apps/models_provider/serializers/model_serializer.py b/apps/models_provider/serializers/model_serializer.py index be41df50462..391740cb7c6 100644 --- a/apps/models_provider/serializers/model_serializer.py +++ b/apps/models_provider/serializers/model_serializer.py @@ -29,7 +29,7 @@ from system_manage.models.resource_mapping import ResourceMapping from system_manage.serializers.resource_mapping_serializers import ResourceMappingSerializer from system_manage.serializers.user_resource_permission import UserResourcePermissionSerializer -from users.serializers.user import is_workspace_manage +from users.serializers.user import is_workspace_manage_permission_read def get_default_model_params_setting(provider, model_type, model_name): @@ -366,7 +366,7 @@ def list(self, workspace_id, with_valid): if with_valid: self.is_valid(raise_exception=True) user_id = self.data.get("user_id") - workspace_manage = is_workspace_manage(user_id, workspace_id) + workspace_manage = is_workspace_manage_permission_read(user_id, workspace_id, 'MODEL:READ') query_params = self._build_query_params(workspace_id, workspace_manage, user_id) is_x_pack_ee = self.is_x_pack_ee() result = native_search(query_params, @@ -393,7 +393,7 @@ def model_list(self, workspace_id, with_valid=True): if with_valid: self.is_valid(raise_exception=True) user_id = self.data.get("user_id") - workspace_manage = is_workspace_manage(user_id, workspace_id) + workspace_manage = is_workspace_manage_permission_read(user_id, workspace_id, 'MODEL:READ') queryset = self._build_query_params(workspace_id, workspace_manage, user_id) get_authorized_model = DatabaseModelManage.get_model("get_authorized_model") diff --git a/apps/tools/serializers/tool.py b/apps/tools/serializers/tool.py index 9566d47b489..325c3b336ef 100644 --- a/apps/tools/serializers/tool.py +++ b/apps/tools/serializers/tool.py @@ -44,7 +44,7 @@ from system_manage.serializers.resource_mapping_serializers import ResourceMappingSerializer from system_manage.serializers.user_resource_permission import UserResourcePermissionSerializer from trigger.models import Trigger, TriggerTask -from users.serializers.user import is_workspace_manage +from users.serializers.user import is_workspace_manage, is_workspace_manage_permission_read from tools.models import Tool, ToolFolder, ToolRecord, ToolScope, ToolType from tools.models.tool_workflow import ToolWorkflow @@ -869,9 +869,9 @@ def run(self, instance, is_valid=True): { "type": "error" if ( - item.get("code") == "E999" - or str(item.get("code") or "").startswith("E9") - or item.get("code") in ["F821", "F822", "F823"] + item.get("code") == "E999" + or str(item.get("code") or "").startswith("E9") + or item.get("code") in ["F821", "F822", "F823"] ) else "warning", "module": "", @@ -997,7 +997,7 @@ def import_workflow_tools(self, tool, workspace_id, user_id, folder_id, new_chil {**tool, "id": update_tool_map.get(tool.get("id"))} for tool in tool_list if not exits_tool_id_list.__contains__(tool.get("id")) - and not exits_tool_id_list.__contains__( + and not exits_tool_id_list.__contains__( new_uuid.generate_uuid(tool.get("id")) if new_child_policy == 2 else generate_uuid((tool.get("id") + workspace_id or "")) @@ -1600,15 +1600,15 @@ def process(): ) try: for r in model.stream( - [ - # SystemMessage(content=SYSTEM_ROLE), - *[ - HumanMessage(content=m.get("content")) - if m.get("role") == "user" - else AIMessage(content=m.get("content")) - for m in messages + [ + # SystemMessage(content=SYSTEM_ROLE), + *[ + HumanMessage(content=m.get("content")) + if m.get("role") == "user" + else AIMessage(content=m.get("content")) + for m in messages + ] ] - ] ): yield "data: " + json.dumps({"content": r.content}) + "\n\n" except Exception as e: @@ -1772,7 +1772,8 @@ def is_x_pack_ee(): def page_tool_with_folders(self, current_page: int, page_size: int): self.is_valid(raise_exception=True) - workspace_manage = is_workspace_manage(self.data.get("user_id"), self.data.get("workspace_id")) + workspace_manage = is_workspace_manage_permission_read(self.data.get("user_id"), + self.data.get("workspace_id"), 'TOOL:READ') is_x_pack_ee = self.is_x_pack_ee() result = native_page_search( current_page, @@ -1800,7 +1801,8 @@ def page_tool_with_folders(self, current_page: int, page_size: int): def get_tools(self): self.is_valid(raise_exception=True) - workspace_manage = is_workspace_manage(self.data.get("user_id"), self.data.get("workspace_id")) + workspace_manage = is_workspace_manage_permission_read(self.data.get("user_id"), + self.data.get("workspace_id"), 'TOOL:READ') is_x_pack_ee = self.is_x_pack_ee() results = native_search( self.get_query_set(workspace_manage, is_x_pack_ee), diff --git a/apps/users/serializers/user.py b/apps/users/serializers/user.py index 139b4b93640..bfc905fbea3 100644 --- a/apps/users/serializers/user.py +++ b/apps/users/serializers/user.py @@ -81,7 +81,19 @@ def is_workspace_manage(user_id: str, workspace_id: str): role__type=RoleConstants.WORKSPACE_MANAGE.value.__str__()).exists() return QuerySet(User).filter(id=user_id, role=RoleConstants.ADMIN.value.__str__()).exists() - +def is_workspace_manage_permission_read(user_id: str, workspace_id: str, permission_id): + workspace_user_role_mapping_model = DatabaseModelManage.get_model("workspace_user_role_mapping") + role_permission_mapping_model = DatabaseModelManage.get_model("role_permission_mapping_model") + is_x_pack_ee = workspace_user_role_mapping_model is not None and role_permission_mapping_model is not None + if is_x_pack_ee: + has_permission = QuerySet(role_permission_mapping_model).filter( + role__userrolerelation__user_id=user_id, + role__userrolerelation__workspace_id=workspace_id, + permission_id=permission_id, + role__type=RoleConstants.WORKSPACE_MANAGE.value.__str__() + ).exists() + return has_permission + return True def get_workspace_list_by_user(user_id): get_workspace_list = DatabaseModelManage.get_model('get_workspace_list_by_user') license_is_valid = DatabaseModelManage.get_model('license_is_valid') or (lambda: False)