Skip to content

Commit 9903ccb

Browse files
shaohuzhang1shaohuzhang1
committed
fix: Complete application permissions
1 parent 687fd6c commit 9903ccb

File tree

9 files changed

+230
-56
lines changed

9 files changed

+230
-56
lines changed

apps/application/views/application.py

Lines changed: 22 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -46,7 +46,8 @@ class ApplicationAPI(APIView):
4646
responses=ApplicationCreateAPI.get_response(),
4747
tags=[_('Application')] # type: ignore
4848
)
49-
@has_permissions(PermissionConstants.APPLICATION_READ.get_workspace_permission(),
49+
@has_permissions(PermissionConstants.APPLICATION_CREATE.get_workspace_permission(),
50+
RoleConstants.USER.get_workspace_role(),
5051
RoleConstants.WORKSPACE_MANAGE.get_workspace_role())
5152
@log(menu='Application', operate='Create an application',
5253
get_operation_object=lambda r, k: {'name': r.data.get('name')},
@@ -65,6 +66,7 @@ def post(self, request: Request, workspace_id: str):
6566
tags=[_('Application')] # type: ignore
6667
)
6768
@has_permissions(PermissionConstants.APPLICATION_READ.get_workspace_permission(),
69+
RoleConstants.USER.get_workspace_role(),
6870
RoleConstants.WORKSPACE_MANAGE.get_workspace_role())
6971
def get(self, request: Request, workspace_id: str):
7072
return result.success(Query(data={'workspace_id': workspace_id, 'user_id': request.user.id}).list(request.data))
@@ -82,6 +84,7 @@ class Page(APIView):
8284
tags=[_('Application')] # type: ignore
8385
)
8486
@has_permissions(PermissionConstants.APPLICATION_READ.get_workspace_permission(),
87+
RoleConstants.USER.get_workspace_role(),
8588
RoleConstants.WORKSPACE_MANAGE.get_workspace_role())
8689
def get(self, request: Request, workspace_id: str, current_page: int, page_size: int):
8790
return result.success(
@@ -102,7 +105,9 @@ class Import(APIView):
102105
responses=result.DefaultResultSerializer,
103106
tags=[_('Application')] # type: ignore
104107
)
105-
@has_permissions(PermissionConstants.APPLICATION_READ, RoleConstants.WORKSPACE_MANAGE.get_workspace_role())
108+
@has_permissions(PermissionConstants.APPLICATION_IMPORT.get_workspace_permission(),
109+
RoleConstants.USER.get_workspace_role(),
110+
RoleConstants.WORKSPACE_MANAGE.get_workspace_role())
106111
@log(menu='Application', operate="Import Application", )
107112
def post(self, request: Request, workspace_id: str):
108113
return result.success(ApplicationSerializer(
@@ -123,6 +128,8 @@ class Export(APIView):
123128
tags=[_('Application')] # type: ignore
124129
)
125130
@has_permissions(PermissionConstants.APPLICATION_EXPORT.get_workspace_application_permission(),
131+
PermissionConstants.APPLICATION_EXPORT.get_workspace_permission_workspace_manage_role(),
132+
RoleConstants.USER.get_workspace_role(),
126133
RoleConstants.WORKSPACE_MANAGE.get_workspace_role())
127134
@log(menu='Application', operate="Export Application",
128135
get_operation_object=lambda r, k: get_application_operation_object(k.get('application_id')),
@@ -146,6 +153,8 @@ class Operate(APIView):
146153
tags=[_('Application')] # type: ignore
147154
)
148155
@has_permissions(PermissionConstants.APPLICATION_DELETE.get_workspace_application_permission(),
156+
PermissionConstants.APPLICATION_DELETE.get_workspace_permission_workspace_manage_role(),
157+
RoleConstants.USER.get_workspace_role(),
149158
RoleConstants.WORKSPACE_MANAGE.get_workspace_role())
150159
@log(menu='Application', operate='Deleting application',
151160
get_operation_object=lambda r, k: get_application_operation_object(k.get('application_id')),
@@ -168,6 +177,8 @@ def delete(self, request: Request, workspace_id: str, application_id: str):
168177
tags=[_('Application')] # type: ignore
169178
)
170179
@has_permissions(PermissionConstants.APPLICATION_EDIT.get_workspace_application_permission(),
180+
PermissionConstants.APPLICATION_EDIT.get_workspace_permission_workspace_manage_role(),
181+
RoleConstants.USER.get_workspace_role(),
171182
RoleConstants.WORKSPACE_MANAGE.get_workspace_role())
172183
@log(menu='Application', operate="Modify the application",
173184
get_operation_object=lambda r, k: get_application_operation_object(k.get('application_id')),
@@ -189,8 +200,10 @@ def put(self, request: Request, workspace_id: str, application_id: str):
189200
responses=result.DefaultResultSerializer,
190201
tags=[_('Application')] # type: ignore
191202
)
192-
@has_permissions(PermissionConstants.WORKSPACE_READ.get_workspace_application_permission(),
193-
RoleConstants.WORKSPACE_MANAGE.get_workspace_role(), RoleConstants.ADMIN)
203+
@has_permissions(PermissionConstants.APPLICATION_READ.get_workspace_application_permission(),
204+
PermissionConstants.APPLICATION_READ.get_workspace_permission_workspace_manage_role(),
205+
RoleConstants.USER.get_workspace_role(),
206+
RoleConstants.WORKSPACE_MANAGE.get_workspace_role())
194207
def get(self, request: Request, workspace_id: str, application_id: str):
195208
return result.success(ApplicationOperateSerializer(
196209
data={'application_id': application_id, 'user_id': request.user.id,
@@ -209,10 +222,12 @@ class Publish(APIView):
209222
responses=result.DefaultResultSerializer,
210223
tags=[_('Application')] # type: ignore
211224
)
225+
@has_permissions(PermissionConstants.APPLICATION_EDIT.get_workspace_application_permission(),
226+
PermissionConstants.APPLICATION_EDIT.get_workspace_permission_workspace_manage_role(),
227+
RoleConstants.USER.get_workspace_role(),
228+
RoleConstants.WORKSPACE_MANAGE.get_workspace_role())
212229
@log(menu='Application', operate='Publishing an application',
213-
get_operation_object=lambda r, k: get_application_operation_object(k.get('application_id')),
214-
215-
)
230+
get_operation_object=lambda r, k: get_application_operation_object(k.get('application_id')))
216231
def put(self, request: Request, workspace_id: str, application_id: str):
217232
return result.success(
218233
ApplicationOperateSerializer(

apps/application/views/application_access_token.py

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -32,6 +32,8 @@ class AccessToken(APIView):
3232
tags=[_('Application')] # type: ignore
3333
)
3434
@has_permissions(PermissionConstants.APPLICATION_OVERVIEW_ACCESS.get_workspace_application_permission(),
35+
PermissionConstants.APPLICATION_OVERVIEW_ACCESS.get_workspace_permission_workspace_manage_role(),
36+
RoleConstants.USER.get_workspace_role(),
3537
RoleConstants.WORKSPACE_MANAGE.get_workspace_role())
3638
def put(self, request: Request, workspace_id: str, application_id: str):
3739
return result.success(
@@ -46,7 +48,9 @@ def put(self, request: Request, workspace_id: str, application_id: str):
4648
parameters=ApplicationAccessTokenAPI.get_parameters(),
4749
tags=[_('Application')] # type: ignore
4850
)
49-
@has_permissions(PermissionConstants.APPLICATION_READ.get_workspace_application_permission(),
51+
@has_permissions(PermissionConstants.APPLICATION_OVERVIEW_ACCESS.get_workspace_application_permission(),
52+
PermissionConstants.APPLICATION_OVERVIEW_ACCESS.get_workspace_permission_workspace_manage_role(),
53+
RoleConstants.USER.get_workspace_role(),
5054
RoleConstants.WORKSPACE_MANAGE.get_workspace_role()
5155
)
5256
def get(self, request: Request, workspace_id: str, application_id: str):

apps/application/views/application_api_key.py

Lines changed: 10 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -5,13 +5,13 @@
55
from rest_framework.views import APIView
66

77
from application.api.application_api_key import ApplicationKeyAPI
8-
from application.models import ApplicationApiKey, Application
8+
from application.models import Application
99
from application.serializers.application_api_key import ApplicationKeySerializer
1010
from common.auth import TokenAuth
1111
from common.auth.authentication import has_permissions
1212
from common.constants.permission_constants import PermissionConstants, RoleConstants
1313
from common.log.log import log
14-
from common.result import result, success, DefaultResultSerializer
14+
from common.result import result, DefaultResultSerializer
1515

1616

1717
def get_application_operation_object(application_id):
@@ -40,6 +40,8 @@ class ApplicationKey(APIView):
4040
get_operation_object=lambda r, k: get_application_operation_object(k.get('application_id')),
4141
)
4242
@has_permissions(PermissionConstants.APPLICATION_OVERVIEW_API_KEY.get_workspace_application_permission(),
43+
PermissionConstants.APPLICATION_READ.get_workspace_permission_workspace_manage_role(),
44+
RoleConstants.USER.get_workspace_role(),
4345
RoleConstants.WORKSPACE_MANAGE.get_workspace_role()
4446
)
4547
def post(self, request: Request, workspace_id: str, application_id: str):
@@ -57,6 +59,8 @@ def post(self, request: Request, workspace_id: str, application_id: str):
5759
tags=[_('Application Api Key')] # type: ignore
5860
)
5961
@has_permissions(PermissionConstants.APPLICATION_OVERVIEW_API_KEY.get_workspace_application_permission(),
62+
PermissionConstants.APPLICATION_OVERVIEW_API_KEY.get_workspace_permission_workspace_manage_role(),
63+
RoleConstants.USER.get_workspace_role(),
6064
RoleConstants.WORKSPACE_MANAGE.get_workspace_role())
6165
def get(self, request: Request, workspace_id: str, application_id: str):
6266
return result.success(ApplicationKeySerializer(
@@ -77,6 +81,8 @@ class Operate(APIView):
7781
tags=[_('Application Api Key')] # type: ignore
7882
)
7983
@has_permissions(PermissionConstants.APPLICATION_OVERVIEW_API_KEY.get_workspace_application_permission(),
84+
PermissionConstants.APPLICATION_OVERVIEW_API_KEY.get_workspace_permission_workspace_manage_role(),
85+
RoleConstants.USER.get_workspace_role(),
8086
RoleConstants.WORKSPACE_MANAGE.get_workspace_role())
8187
@log(menu='Application', operate="Modify application API_KEY",
8288
get_operation_object=lambda r, k: get_application_operation_object(k.get('application_id')),
@@ -99,6 +105,8 @@ def put(self, request: Request, workspace_id: str, application_id: str, api_key_
99105
tags=[_('Application Api Key')] # type: ignore
100106
)
101107
@has_permissions(PermissionConstants.APPLICATION_OVERVIEW_API_KEY.get_workspace_application_permission(),
108+
PermissionConstants.APPLICATION_OVERVIEW_API_KEY.get_workspace_permission_workspace_manage_role(),
109+
RoleConstants.USER.get_workspace_role(),
102110
RoleConstants.WORKSPACE_MANAGE.get_workspace_role())
103111
@log(menu='Application', operate="Delete application API_KEY",
104112
get_operation_object=lambda r, k: get_application_operation_object(k.get('application_id')),

apps/application/views/application_chat.py

Lines changed: 16 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -40,7 +40,9 @@ class ApplicationChat(APIView):
4040
responses=ApplicationChatQueryAPI.get_response(),
4141
tags=[_("Application/Conversation Log")] # type: ignore
4242
)
43-
@has_permissions(PermissionConstants.APPLICATION_CHAT_LOG.get_workspace_application_permission(),
43+
@has_permissions(PermissionConstants.APPLICATION_CHAT_LOG_READ.get_workspace_application_permission(),
44+
PermissionConstants.APPLICATION_CHAT_LOG_READ.get_workspace_permission_workspace_manage_role(),
45+
RoleConstants.USER.get_workspace_role(),
4446
RoleConstants.WORKSPACE_MANAGE.get_workspace_role())
4547
def get(self, request: Request, workspace_id: str, application_id: str):
4648
return result.success(ApplicationChatQuerySerializers(
@@ -60,7 +62,9 @@ class Page(APIView):
6062
responses=ApplicationChatQueryPageAPI.get_response(),
6163
tags=[_("Application/Conversation Log")] # type: ignore
6264
)
63-
@has_permissions(PermissionConstants.APPLICATION_CHAT_LOG.get_workspace_application_permission(),
65+
@has_permissions(PermissionConstants.APPLICATION_CHAT_LOG_READ.get_workspace_application_permission(),
66+
PermissionConstants.APPLICATION_CHAT_LOG_READ.get_workspace_permission_workspace_manage_role(),
67+
RoleConstants.USER.get_workspace_role(),
6468
RoleConstants.WORKSPACE_MANAGE.get_workspace_role())
6569
def get(self, request: Request, workspace_id: str, application_id: str, current_page: int, page_size: int):
6670
return result.success(ApplicationChatQuerySerializers(
@@ -82,6 +86,8 @@ class Export(APIView):
8286
tags=[_("Application/Conversation Log")] # type: ignore
8387
)
8488
@has_permissions(PermissionConstants.APPLICATION_CHAT_LOG_EXPORT.get_workspace_application_permission(),
89+
PermissionConstants.APPLICATION_CHAT_LOG_EXPORT.get_workspace_permission_workspace_manage_role(),
90+
RoleConstants.USER.get_workspace_role(),
8591
RoleConstants.WORKSPACE_MANAGE.get_workspace_role())
8692
def post(self, request: Request, workspace_id: str, application_id: str):
8793
return ApplicationChatQuerySerializers(
@@ -101,6 +107,10 @@ class OpenView(APIView):
101107
responses=None,
102108
tags=[_('Application')] # type: ignore
103109
)
110+
@has_permissions(PermissionConstants.APPLICATION_DEBUG.get_workspace_application_permission(),
111+
PermissionConstants.APPLICATION_DEBUG.get_workspace_permission_workspace_manage_role(),
112+
RoleConstants.USER.get_workspace_role(),
113+
RoleConstants.WORKSPACE_MANAGE.get_workspace_role())
104114
def get(self, request: Request, workspace_id: str, application_id: str):
105115
return result.success(OpenChatSerializers(
106116
data={'workspace_id': workspace_id, 'application_id': application_id,
@@ -121,5 +131,9 @@ class ChatView(APIView):
121131
responses=None,
122132
tags=[_('Application')] # type: ignore
123133
)
134+
@has_permissions(
135+
PermissionConstants.APPLICATION_DEBUG,
136+
RoleConstants.USER.get_workspace_role(),
137+
RoleConstants.WORKSPACE_MANAGE.get_workspace_role())
124138
def post(self, request: Request, chat_id: str):
125139
return DebugChatSerializers(data={'chat_id': chat_id}).chat(request.data)

apps/application/views/application_chat_record.py

Lines changed: 19 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -36,7 +36,9 @@ class ApplicationChatRecord(APIView):
3636
responses=ApplicationChatRecordQueryAPI.get_response(),
3737
tags=[_("Application/Conversation Log")] # type: ignore
3838
)
39-
@has_permissions(PermissionConstants.APPLICATION_CHAT_LOG.get_workspace_application_permission(),
39+
@has_permissions(PermissionConstants.APPLICATION_CHAT_LOG_READ.get_workspace_application_permission(),
40+
PermissionConstants.APPLICATION_CHAT_LOG_READ.get_workspace_permission_workspace_manage_role(),
41+
RoleConstants.USER.get_workspace_role(),
4042
RoleConstants.WORKSPACE_MANAGE.get_workspace_role())
4143
def get(self, request: Request, workspace_id: str, application_id: str, chat_id: str):
4244
return result.success(ApplicationChatRecordQuerySerializers(
@@ -57,7 +59,9 @@ class Page(APIView):
5759
responses=ApplicationChatRecordQueryAPI.get_response(),
5860
tags=[_("Application/Conversation Log")] # type: ignore
5961
)
60-
@has_permissions(PermissionConstants.APPLICATION_CHAT_LOG.get_workspace_application_permission(),
62+
@has_permissions(PermissionConstants.APPLICATION_CHAT_LOG_READ.get_workspace_application_permission(),
63+
PermissionConstants.APPLICATION_CHAT_LOG_READ.get_workspace_permission_workspace_manage_role(),
64+
RoleConstants.USER.get_workspace_role(),
6165
RoleConstants.WORKSPACE_MANAGE.get_workspace_role())
6266
def get(self, request: Request, workspace_id: str, application_id: str, chat_id: str, current_page: int,
6367
page_size: int):
@@ -81,7 +85,9 @@ class ApplicationChatRecordOperateAPI(APIView):
8185
responses=ApplicationChatRecordQueryAPI.get_response(),
8286
tags=[_("Application/Conversation Log")] # type: ignore
8387
)
84-
@has_permissions(PermissionConstants.APPLICATION_CHAT_LOG.get_workspace_application_permission(),
88+
@has_permissions(PermissionConstants.APPLICATION_CHAT_LOG_READ.get_workspace_application_permission(),
89+
PermissionConstants.APPLICATION_CHAT_LOG_READ.get_workspace_permission_workspace_manage_role(),
90+
RoleConstants.USER.get_workspace_role(),
8591
RoleConstants.WORKSPACE_MANAGE.get_workspace_role())
8692
def get(self, request: Request, workspace_id: str, application_id: str, chat_id: str, chat_record_id: str):
8793
return result.success(ChatRecordOperateSerializer(
@@ -105,7 +111,9 @@ class ApplicationChatRecordAddKnowledge(APIView):
105111
responses=ApplicationChatRecordAddKnowledgeAPI.get_response(),
106112
tags=[_("Application/Conversation Log")] # type: ignore
107113
)
108-
@has_permissions(PermissionConstants.APPLICATION_CHAT_LOG.get_workspace_application_permission(),
114+
@has_permissions(PermissionConstants.APPLICATION_CHAT_LOG_ADD_KNOWLEDGE.get_workspace_application_permission(),
115+
PermissionConstants.APPLICATION_CHAT_LOG_ADD_KNOWLEDGE.get_workspace_permission_workspace_manage_role(),
116+
RoleConstants.USER.get_workspace_role(),
109117
RoleConstants.WORKSPACE_MANAGE.get_workspace_role())
110118
def post(self, request: Request, workspace_id: str, application_id: str):
111119
return result.success(ApplicationChatRecordAddKnowledgeSerializer().post_improve(request.data))
@@ -124,7 +132,9 @@ class ApplicationChatRecordImprove(APIView):
124132
responses=ApplicationChatRecordQueryAPI.get_response(),
125133
tags=[_("Application/Conversation Log")] # type: ignore
126134
)
127-
@has_permissions(PermissionConstants.APPLICATION_CHAT_LOG.get_workspace_application_permission(),
135+
@has_permissions(PermissionConstants.APPLICATION_CHAT_LOG_ANNOTATION.get_workspace_application_permission(),
136+
PermissionConstants.APPLICATION_CHAT_LOG_ANNOTATION.get_workspace_permission_workspace_manage_role(),
137+
RoleConstants.USER.get_workspace_role(),
128138
RoleConstants.WORKSPACE_MANAGE.get_workspace_role())
129139
def get(self, request: Request, workspace_id: str, application_id: str, chat_id: str, chat_record_id: str):
130140
return result.success(ChatRecordImproveSerializer(
@@ -145,6 +155,8 @@ class ApplicationChatRecordImproveParagraph(APIView):
145155
tags=[_("Application/Conversation Log")] # type: ignore
146156
)
147157
@has_permissions(PermissionConstants.APPLICATION_CHAT_LOG_ANNOTATION.get_workspace_application_permission(),
158+
PermissionConstants.APPLICATION_CHAT_LOG_ANNOTATION.get_workspace_permission_workspace_manage_role(),
159+
RoleConstants.USER.get_workspace_role(),
148160
RoleConstants.WORKSPACE_MANAGE.get_workspace_role())
149161
def put(self, request: Request,
150162
workspace_id: str,
@@ -171,6 +183,8 @@ class Operate(APIView):
171183
tags=[_("Application/Conversation Log")] # type: ignore
172184
)
173185
@has_permissions(PermissionConstants.APPLICATION_CHAT_LOG_ANNOTATION.get_workspace_application_permission(),
186+
PermissionConstants.APPLICATION_CHAT_LOG_ANNOTATION.get_workspace_permission_workspace_manage_role(),
187+
RoleConstants.USER.get_workspace_role(),
174188
RoleConstants.WORKSPACE_MANAGE.get_workspace_role())
175189
def delete(self, request: Request, workspace_id: str, application_id: str, chat_id: str, chat_record_id: str,
176190
knowledge_id: str,

0 commit comments

Comments
 (0)