rag-gateway.git

			@@ -4,8 +4,9 @@
			from app.api import pwd_context
			from app.api.dialog import dialog_list
			from app.config.config import settings
			from app.config.const import RAGFLOW, BISHENG, DIFY, USER_STATSU_DELETE
			from app.models import RoleModel, GroupModel, AgentType, role_resource_table, DialogModel, OrganizationModel
			from app.config.const import RAGFLOW, BISHENG, DIFY, USER_STATSU_DELETE, ROLE_STATUS_ON, DEPT_STATUS_ON
			from app.models import RoleModel, GroupModel, AgentType, role_resource_table, DialogModel, OrganizationModel, \
			ResourceModel
			from app.models.menu_model import WebMenuModel, MenuCapacityModel
			from app.models.user_model import UserModel, UserAppModel
			from Log import logger
			@@ -168,6 +169,8 @@
			user = db.query(UserModel).filter(UserModel.id==user_id,UserModel.status !=USER_STATSU_DELETE).first()
			await role_resource(role_set, roles, permissions, user.roles)
			for ogt in user.organizations:
			if ogt.status != DEPT_STATUS_ON:
			continue
			dept.append(ogt.to_json())
			if ogt.roles:
			await role_resource(role_set, roles, permissions, user.roles)
			@@ -185,11 +188,11 @@

			async def role_resource(role_set, role_list, permissions, roles):
			for role in roles:
			if role.id not in role_set:
			if role.id not in role_set and role.status == ROLE_STATUS_ON:
			role_set.add(role.id)
			role_list.append(role.to_dict())
			for r in role.resources:
			if r.resource_type_id == "1":
			if r.resource_type_id == "1" and r.status==DEPT_STATUS_ON:
			permissions.add(r.perms)


			@@ -199,33 +202,43 @@
			dept_set = set()
			user = db.query(UserModel).filter_by(id=user_id).first()
			parent_id = ""

			async def role_resource(role_set, permissions, roles):
			nonlocal parent_id
			for role in roles:
			if role.id not in role_set:
			role_set.add(role.id)

			for r in role.resources:
			if r.resource_type_id != "1":
			if not r.resource_id:
			parent_id = r.id
			continue
			permissions[r.id] = r.to_router_dict()

			await role_resource(role_set, permissions, user.roles)
			for ogt in user.organizations:
			if ogt.roles:
			await role_resource(role_set, permissions, user.roles)
			parent_ogt = ogt.parent
			while parent_ogt:
			if parent_ogt.id not in dept_set:
			await role_resource(role_set, permissions, parent_ogt.roles)
			dept_set.add(parent_ogt.id)
			parent_ogt = parent_ogt.parent
			else:
			break
			tmp_dit = {}
			if user.permission == "admin":
			dept_list = db.query(ResourceModel).filter(ResourceModel.status==DEPT_STATUS_ON, ResourceModel.resource_type_id != "1").all()
			for dept in dept_list:
			if not dept.resource_id:
			parent_id = dept.id
			continue
			permissions[dept.id] = dept.to_router_dict()
			else:
			async def role_resource(role_set, permissions, roles):
			nonlocal parent_id
			for role in roles:
			if role.id not in role_set and role.status == ROLE_STATUS_ON:
			role_set.add(role.id)

			for r in role.resources:
			if r.resource_type_id != "1" and r.status==DEPT_STATUS_ON:
			if not r.resource_id:
			parent_id = r.id
			continue
			permissions[r.id] = r.to_router_dict()

			await role_resource(role_set, permissions, user.roles)
			for ogt in user.organizations:
			if ogt.status != DEPT_STATUS_ON:
			continue
			if ogt.roles:
			await role_resource(role_set, permissions, user.roles)
			parent_ogt = ogt.parent
			while parent_ogt:
			if parent_ogt.id not in dept_set:
			await role_resource(role_set, permissions, parent_ogt.roles)
			dept_set.add(parent_ogt.id)
			parent_ogt = parent_ogt.parent
			else:
			break

			for permission in permissions.values():
			tmp_dit[permission["parentId"]] = tmp_dit.get(permission["parentId"], []) + [permission]