gitea/FastGPT
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

perf: org permission check (#3500)

Browse Source
This commit is contained in:
Archer
2024-12-30 21:44:51 +08:00
committed by archer
parent fd9600c6f8
commit 5d1d4ff64f
6 changed files with 132 additions and 267 deletions
Download Patch File Download Diff File Expand all files Collapse all files

47
projects/app/src/pages/api/core/app/list.ts
View File

@@ -15,9 +15,9 @@ import { AppDefaultPermissionVal } from '@fastgpt/global/support/permission/app/
import { authApp } from '@fastgpt/service/support/permission/app/auth';
import { authUserPer } from '@fastgpt/service/support/permission/user/auth';
import { replaceRegChars } from '@fastgpt/global/common/string/tools';
import { getGroupPer } from '@fastgpt/service/support/permission/controller';
import { concatPer } from '@fastgpt/service/support/permission/controller';
import { getGroupsByTmbId } from '@fastgpt/service/support/permission/memberGroup/controllers';
import { getOrgsWithParentByTmbId } from '@fastgpt/service/support/permission/org/controllers';
import { getOrgIdSetWithParentByTmbId } from '@fastgpt/service/support/permission/org/controllers';
export type ListAppBody = {
parentId?: ParentIdType;
@@ -49,14 +49,14 @@ async function handler(req: ApiRequestProps<ListAppBody>): Promise<AppListItemTy
}),
...(parentId
? [
authApp({
req,
authToken: true,
authApiKey: true,
appId: parentId,
per: ReadPermissionVal
})
]
authApp({
req,
authToken: true,
authApiKey: true,
appId: parentId,
per: ReadPermissionVal
})
]
: [])
]);
@@ -79,14 +79,17 @@ async function handler(req: ApiRequestProps<ListAppBody>): Promise<AppListItemTy
});
return map;
}),
getOrgsWithParentByTmbId({
getOrgIdSetWithParentByTmbId({
teamId,
tmbId
})
]);
// Get my permissions
const myPerList = perList.filter(
(item) => String(item.tmbId) === String(tmbId) || myGroupMap.has(String(item.groupId)) || myOrgSet.has(String(item.orgId))
(item) =>
String(item.tmbId) === String(tmbId) ||
myGroupMap.has(String(item.groupId)) ||
myOrgSet.has(String(item.orgId))
);
const findAppsQuery = (() => {
@@ -104,17 +107,17 @@ async function handler(req: ApiRequestProps<ListAppBody>): Promise<AppListItemTy
? {}
: parentId
? {
$or: [idList, parseParentIdInMongo(parentId)]
}
$or: [idList, parseParentIdInMongo(parentId)]
}
: { $or: [idList, { parentId: null }] };
const searchMatch = searchKey
? {
$or: [
{ name: { $regex: new RegExp(`${replaceRegChars(searchKey)}`, 'i') } },
{ intro: { $regex: new RegExp(`${replaceRegChars(searchKey)}`, 'i') } }
]
}
$or: [
{ name: { $regex: new RegExp(`${replaceRegChars(searchKey)}`, 'i') } },
{ intro: { $regex: new RegExp(`${replaceRegChars(searchKey)}`, 'i') } }
]
}
: {};
if (searchKey) {
@@ -156,9 +159,11 @@ async function handler(req: ApiRequestProps<ListAppBody>): Promise<AppListItemTy
const tmbPer = myPerList.find(
(item) => String(item.resourceId) === appId && !!item.tmbId
)?.permission;
const groupPer = getGroupPer(
const groupPer = concatPer(
myPerList
.filter((item) => String(item.resourceId) === appId && (!!item.groupId || !!item.orgId))
.filter(
(item) => String(item.resourceId) === appId && (!!item.groupId || !!item.orgId)
)
.map((item) => item.permission)
);

47
projects/app/src/pages/api/core/dataset/list.ts
View File

@@ -17,8 +17,8 @@ import { ApiRequestProps } from '@fastgpt/service/type/next';
import { authDataset } from '@fastgpt/service/support/permission/dataset/auth';
import { replaceRegChars } from '@fastgpt/global/common/string/tools';
import { getGroupsByTmbId } from '@fastgpt/service/support/permission/memberGroup/controllers';
import { getGroupPer } from '@fastgpt/service/support/permission/controller';
import { getOrgsWithParentByTmbId } from '@fastgpt/service/support/permission/org/controllers';
import { concatPer } from '@fastgpt/service/support/permission/controller';
import { getOrgIdSetWithParentByTmbId } from '@fastgpt/service/support/permission/org/controllers';
export type GetDatasetListBody = {
parentId: ParentIdType;
@@ -39,14 +39,14 @@ async function handler(req: ApiRequestProps<GetDatasetListBody>) {
}),
...(parentId
? [
authDataset({
req,
authToken: true,
authApiKey: true,
per: ReadPermissionVal,
datasetId: parentId
})
]
authDataset({
req,
authToken: true,
authApiKey: true,
per: ReadPermissionVal,
datasetId: parentId
})
]
: [])
]);
@@ -69,13 +69,16 @@ async function handler(req: ApiRequestProps<GetDatasetListBody>) {
});
return map;
}),
getOrgsWithParentByTmbId({
getOrgIdSetWithParentByTmbId({
teamId,
tmbId
})
]);
const myPerList = perList.filter(
(item) => String(item.tmbId) === String(tmbId) || myGroupMap.has(String(item.groupId)) || myOrgSet.has(String(item.orgId))
(item) =>
String(item.tmbId) === String(tmbId) ||
myGroupMap.has(String(item.groupId)) ||
myOrgSet.has(String(item.orgId))
);
const findDatasetQuery = (() => {
@@ -85,17 +88,17 @@ async function handler(req: ApiRequestProps<GetDatasetListBody>) {
? {}
: parentId
? {
$or: [idList, parseParentIdInMongo(parentId)]
}
$or: [idList, parseParentIdInMongo(parentId)]
}
: { $or: [idList, { parentId: null }] };
const searchMatch = searchKey
? {
$or: [
{ name: { $regex: new RegExp(`${replaceRegChars(searchKey)}`, 'i') } },
{ intro: { $regex: new RegExp(`${replaceRegChars(searchKey)}`, 'i') } }
]
}
$or: [
{ name: { $regex: new RegExp(`${replaceRegChars(searchKey)}`, 'i') } },
{ intro: { $regex: new RegExp(`${replaceRegChars(searchKey)}`, 'i') } }
]
}
: {};
if (searchKey) {
@@ -127,9 +130,11 @@ async function handler(req: ApiRequestProps<GetDatasetListBody>) {
const tmbPer = myPerList.find(
(item) => String(item.resourceId) === datasetId && !!item.tmbId
)?.permission;
const groupPer = getGroupPer(
const groupPer = concatPer(
myPerList
.filter((item) => String(item.resourceId) === datasetId && (!!item.groupId || !!item.orgId))
.filter(
(item) => String(item.resourceId) === datasetId && (!!item.groupId || !!item.orgId)
)
.map((item) => item.permission)
);
return new DatasetPermission({