diff --git a/apps/application/serializers/application.py b/apps/application/serializers/application.py index dfa5f897c..26bc1a6e8 100644 --- a/apps/application/serializers/application.py +++ b/apps/application/serializers/application.py @@ -115,6 +115,7 @@ class KnowledgeSettingSerializer(serializers.Serializer): class ModelKnowledgeAssociation(serializers.Serializer): user_id = serializers.UUIDField(required=True, label=_("User ID")) + workspace_id = serializers.CharField(required=False, allow_null=True, allow_blank=True, label=_('workspace id')) model_id = serializers.CharField(required=False, allow_null=True, allow_blank=True, label=_("Model id")) knowledge_id_list = serializers.ListSerializer(required=False, child=serializers.UUIDField(required=True, @@ -126,15 +127,24 @@ class ModelKnowledgeAssociation(serializers.Serializer): super().is_valid(raise_exception=True) model_id = self.data.get('model_id') user_id = self.data.get('user_id') + workspace_id = self.data.get('workspace_id') if model_id is not None and len(model_id) > 0: if not QuerySet(Model).filter(id=model_id).exists(): raise AppApiException(500, f'{_("Model does not exist")}【{model_id}】') knowledge_id_list = list(set(self.data.get('knowledge_id_list', []))) - exist_knowledge_id_list = [str(knowledge.id) for knowledge in - QuerySet(Knowledge).filter(id__in=knowledge_id_list, user_id=user_id)] + if workspace_id is not None and len(workspace_id) > 0: + exist_knowledge_id_list = [ + str(knowledge.get('id')) for knowledge in KnowledgeSerializer.Query(data={ + 'workspace_id': workspace_id, + 'user_id': user_id + }).list() if knowledge.get('resource_type') == 'knowledge' + ] + else: + exist_knowledge_id_list = [str(knowledge.id) for knowledge in + QuerySet(Knowledge).filter(id__in=knowledge_id_list, user_id=user_id)] for knowledge_id in knowledge_id_list: if not exist_knowledge_id_list.__contains__(knowledge_id): - raise AppApiException(500, f'{_("The knowledge base id does not exist")}【{knowledge_id}】') + raise AppApiException(500, f'知识库不存在或当前用户无权限访问【{knowledge_id}】') class ModelSettingSerializer(serializers.Serializer): @@ -257,9 +267,10 @@ class ApplicationCreateSerializer(serializers.Serializer): stt_autosend = serializers.BooleanField(required=False, label=_('Voice recognition automatic transmission')) - def is_valid(self, *, user_id=None, raise_exception=False): + def is_valid(self, *, user_id=None, workspace_id=None, raise_exception=False): super().is_valid(raise_exception=True) - ModelKnowledgeAssociation(data={'user_id': user_id, 'model_id': self.data.get('model_id'), + ModelKnowledgeAssociation(data={'user_id': user_id, 'workspace_id': workspace_id, + 'model_id': self.data.get('model_id'), 'knowledge_id_list': self.data.get('knowledge_id_list')}).is_valid() @staticmethod @@ -492,7 +503,8 @@ class ApplicationSerializer(serializers.Serializer): self.is_valid(raise_exception=True) user_id = self.data.get('user_id') workspace_id = self.data.get("workspace_id") - ApplicationCreateSerializer.SimplateRequest(data=instance).is_valid(user_id=user_id, raise_exception=True) + ApplicationCreateSerializer.SimplateRequest(data=instance).is_valid(user_id=user_id, workspace_id=workspace_id, + raise_exception=True) application_model = ApplicationCreateSerializer.SimplateRequest.to_application_model(user_id, workspace_id, instance) knowledge_id_list = instance.get('knowledge_id_list', []) diff --git a/apps/application/serializers/application_chat_record.py b/apps/application/serializers/application_chat_record.py index 5da29bbc2..f3064968c 100644 --- a/apps/application/serializers/application_chat_record.py +++ b/apps/application/serializers/application_chat_record.py @@ -327,7 +327,7 @@ class ApplicationChatRecordAddKnowledgeSerializer(serializers.Serializer): PermissionConstants.RESOURCE_KNOWLEDGE_DOCUMENT_EDIT, RoleConstants.ADMIN ) if not is_permission: - raise AppUnauthorizedFailed(403, gettext('No permission to access')) + raise AppUnauthorizedFailed(403, '当前用户暂无权限访问,请联系管理员') chat_ids = instance['chat_ids'] document_id = instance['document_id'] @@ -463,7 +463,7 @@ class ApplicationChatRecordImproveSerializer(serializers.Serializer): PermissionConstants.RESOURCE_KNOWLEDGE_DOCUMENT_EDIT, RoleConstants.ADMIN ) if not is_permission: - raise AppUnauthorizedFailed(403, gettext('No permission to access')) + raise AppUnauthorizedFailed(403, '当前用户暂无权限访问,请联系管理员') ApplicationChatRecordImproveInstanceSerializer(data=instance).is_valid(raise_exception=True) chat_record_id = self.data.get('chat_record_id') chat_id = self.data.get('chat_id') @@ -536,7 +536,7 @@ class ApplicationChatRecordImproveSerializer(serializers.Serializer): ) if not is_permission: - raise AppUnauthorizedFailed(403, gettext('No permission to access')) + raise AppUnauthorizedFailed(403, '当前用户暂无权限访问,请联系管理员') workspace_id = self.data.get('workspace_id') chat_record_id = self.data.get('chat_record_id') diff --git a/apps/common/auth/authentication.py b/apps/common/auth/authentication.py index b1c45092f..64fd457a5 100644 --- a/apps/common/auth/authentication.py +++ b/apps/common/auth/authentication.py @@ -109,7 +109,7 @@ def has_permissions(*permission, compare=CompareConstants.OR): # 判断是否有权限 if any(exit_list) if compare == CompareConstants.OR else all(exit_list): return func(view, request, **kwargs) - raise AppUnauthorizedFailed(403, _('No permission to access')) + raise AppUnauthorizedFailed(403, '当前用户暂无权限访问,请联系管理员') return run diff --git a/apps/common/init/init_doc.py b/apps/common/init/init_doc.py index 156275e4a..2d8ae5781 100644 --- a/apps/common/init/init_doc.py +++ b/apps/common/init/init_doc.py @@ -36,13 +36,14 @@ class ChatSpectacularSwaggerView(SpectacularSwaggerView): def init_chat_doc(system_urlpatterns, chat_urlpatterns): + chat_doc_names = ['chat', 'open', 'profile', 'application/chat_completions'] system_urlpatterns += [ path(f'{CONFIG.get_chat_path()[1:]}/api-doc/schema/', SpectacularAPIView.as_view(patterns=[ URLPattern(pattern=f'{chat_api_prefix}{str(url.pattern)}', callback=url.callback, default_args=url.default_args, name=url.name) for url in chat_urlpatterns if - ['chat', 'open', 'profile'].__contains__(url.name)]), + chat_doc_names.__contains__(url.name)]), name='chat_schema'), # schema的配置文件的路由,下面两个ui也是根据这个配置文件来生成的 path(f'{CONFIG.get_chat_path()[1:]}/api-doc/', ChatSpectacularSwaggerView.as_view(url_name='chat_schema'), name='swagger-ui'), # swagger-ui的路由 diff --git a/ui/src/request/index.ts b/ui/src/request/index.ts index 4bb6744c3..35daf47df 100644 --- a/ui/src/request/index.ts +++ b/ui/src/request/index.ts @@ -82,7 +82,7 @@ instance.interceptors.response.use( MsgError( err.response.data && err.response.data.message ? err.response.data.message - : 'No permission to access', + : '当前用户暂无权限访问,请联系管理员', ) } return Promise.reject(err)