ChatGPT/FastGPT
1
0
Fork 0
mirror of https://github.com/labring/FastGPT.git synced 2025-10-13 14:29:40 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: team permission refine (#4494) (#4498)

Browse Source 
* feat: team permission refine (#4402)

* chore: team permission extend

* feat: manage team permission

* chore: api auth

* fix: i18n

* feat: add initv493

* fix: test, org auth manager

* test: app test for refined permission

* update init sh

* fix: add/remove manage permission (#4427)

* fix: add/remove manage permission

* fix: github action fastgpt-test

* fix: mock create model

* fix: team write permission

* fix: ts

* account permission

---------

Co-authored-by: Finley Ge <32237950+FinleyGe@users.noreply.github.com>
This commit is contained in:
Archer
2025-04-10 11:11:54 +08:00
committed by GitHub
parent 80f41dd2a9
commit 199f454b6b
51 changed files with 1116 additions and 460 deletions
Download Patch File Download Diff File Expand all files Collapse all files

38
test/cases/api/core/app/version/list.test.ts
View File

@@ -1,38 +0,0 @@
import { MongoApp } from '@fastgpt/service/core/app/schema';
import { MongoAppVersion } from '@fastgpt/service/core/app/version/schema';
import { getRootUser } from '@test/datas/users';
import { Call } from '@test/utils/request';
import { describe, expect, it } from 'vitest';
import handler, {
type versionListBody,
type versionListResponse
} from '@/pages/api/core/app/version/list';
describe('app version list test', () => {
it('should return app version list', async () => {
const root = await getRootUser();
const app = await MongoApp.create({
name: 'test',
tmbId: root.tmbId,
teamId: root.teamId
});
await MongoAppVersion.create(
[...Array(10).keys()].map((i) => ({
tmbId: root.tmbId,
appId: app._id,
versionName: `v${i}`
}))
);
const res = await Call<versionListBody, {}, versionListResponse>(handler, {
auth: root,
body: {
pageSize: 10,
offset: 0,
appId: app._id
}
});
expect(res.code).toBe(200);
expect(res.data.total).toBe(10);
expect(res.data.list.length).toBe(10);
});
});

87
test/cases/pages/api/core/dataset/collection/paths.test.ts
View File

@@ -1,87 +0,0 @@
import { describe, it, expect, vi, beforeEach } from 'vitest';
import { getDatasetCollectionPaths } from '@/pages/api/core/dataset/collection/paths';
import { MongoDatasetCollection } from '@fastgpt/service/core/dataset/collection/schema';
vi.mock('@fastgpt/service/core/dataset/collection/schema', () => ({
MongoDatasetCollection: {
findOne: vi.fn()
},
DatasetColCollectionName: 'dataset_collections'
}));
describe('getDatasetCollectionPaths', () => {
beforeEach(() => {
vi.clearAllMocks();
});
it('should return empty array for empty parentId', async () => {
const result = await getDatasetCollectionPaths({});
expect(result).toEqual([]);
});
it('should return empty array if collection not found', async () => {
vi.mocked(MongoDatasetCollection.findOne).mockResolvedValueOnce(null);
const result = await getDatasetCollectionPaths({ parentId: 'nonexistent-id' });
expect(result).toEqual([]);
});
it('should return single path for collection without parent', async () => {
vi.mocked(MongoDatasetCollection.findOne).mockResolvedValueOnce({
_id: 'col1',
name: 'Collection 1',
parentId: ''
});
const result = await getDatasetCollectionPaths({ parentId: 'col1' });
expect(result).toEqual([{ parentId: 'col1', parentName: 'Collection 1' }]);
});
it('should return full path for nested collections', async () => {
vi.mocked(MongoDatasetCollection.findOne)
.mockResolvedValueOnce({
_id: 'col3',
name: 'Collection 3',
parentId: 'col2'
})
.mockResolvedValueOnce({
_id: 'col2',
name: 'Collection 2',
parentId: 'col1'
})
.mockResolvedValueOnce({
_id: 'col1',
name: 'Collection 1',
parentId: ''
});
const result = await getDatasetCollectionPaths({ parentId: 'col3' });
expect(result).toEqual([
{ parentId: 'col1', parentName: 'Collection 1' },
{ parentId: 'col2', parentName: 'Collection 2' },
{ parentId: 'col3', parentName: 'Collection 3' }
]);
});
it('should handle circular references gracefully', async () => {
vi.mocked(MongoDatasetCollection.findOne)
.mockResolvedValueOnce({
_id: 'col1',
name: 'Collection 1',
parentId: 'col2'
})
.mockResolvedValueOnce({
_id: 'col2',
name: 'Collection 2',
parentId: 'col1'
});
const result = await getDatasetCollectionPaths({ parentId: 'col1' });
expect(result).toEqual([
{ parentId: 'col2', parentName: 'Collection 2' },
{ parentId: 'col1', parentName: 'Collection 1' }
]);
});
});

83
test/cases/pages/api/core/dataset/paths.test.ts
View File

@@ -1,83 +0,0 @@
import { describe, it, expect, vi, beforeEach } from 'vitest';
import { getParents } from '@/pages/api/core/dataset/paths';
import { MongoDataset } from '@fastgpt/service/core/dataset/schema';
vi.mock('@fastgpt/service/core/dataset/schema', () => ({
MongoDataset: {
findById: vi.fn()
},
ChunkSettings: {},
DatasetCollectionName: 'datasets'
}));
describe('getParents', () => {
beforeEach(() => {
vi.clearAllMocks();
});
it('should return empty array if parentId is undefined', async () => {
const result = await getParents(undefined);
expect(result).toEqual([]);
});
it('should return empty array if parent not found', async () => {
vi.mocked(MongoDataset.findById).mockResolvedValueOnce(null);
const result = await getParents('non-existent-id');
expect(result).toEqual([]);
});
it('should return single parent path if no further parents', async () => {
vi.mocked(MongoDataset.findById).mockResolvedValueOnce({
name: 'Parent1',
parentId: undefined
});
const result = await getParents('parent1-id');
expect(result).toEqual([{ parentId: 'parent1-id', parentName: 'Parent1' }]);
});
it('should return full parent path for nested parents', async () => {
vi.mocked(MongoDataset.findById)
.mockResolvedValueOnce({
name: 'Child',
parentId: 'parent1-id'
})
.mockResolvedValueOnce({
name: 'Parent1',
parentId: 'parent2-id'
})
.mockResolvedValueOnce({
name: 'Parent2',
parentId: undefined
});
const result = await getParents('child-id');
expect(result).toEqual([
{ parentId: 'parent2-id', parentName: 'Parent2' },
{ parentId: 'parent1-id', parentName: 'Parent1' },
{ parentId: 'child-id', parentName: 'Child' }
]);
});
it('should handle circular references gracefully', async () => {
vi.mocked(MongoDataset.findById)
.mockResolvedValueOnce({
name: 'Node1',
parentId: 'node2-id'
})
.mockResolvedValueOnce({
name: 'Node2',
parentId: 'node1-id' // Circular reference
});
const result = await getParents('node1-id');
expect(result).toEqual([
{ parentId: 'node2-id', parentName: 'Node2' },
{ parentId: 'node1-id', parentName: 'Node1' }
]);
});
});

0
test/cases/spec/workflow/loopTest.json → test/cases/service/core/app/workflow/loopTest.json
View File

0
test/cases/spec/workflow/simple.json → test/cases/service/core/app/workflow/simple.json
View File

11
test/cases/spec/workflow/workflow.test.ts → test/cases/service/core/app/workflow/workflowDispatch.test.ts
View File

@@ -1,6 +1,6 @@
import { readFileSync } from 'fs';
import { resolve } from 'path';
import { describe, it, expect, beforeEach, vi } from 'vitest';
import { it, expect, vi } from 'vitest';
import { dispatchWorkFlow } from '@fastgpt/service/core/workflow/dispatch';
import {
getWorkflowEntryNodeIds,
@@ -29,8 +29,9 @@ vi.mock(import('@fastgpt/service/support/wallet/usage/utils'), async (importOrig
});
const testWorkflow = async (path: string) => {
const workflowStr = readFileSync(resolve(path), 'utf-8');
const workflow = JSON.parse(workflowStr);
const fileContent = readFileSync(resolve(process.cwd(), path), 'utf-8');
const workflow = JSON.parse(fileContent);
console.log(workflow, 111);
const { nodes, edges, chatConfig } = workflow;
let runtimeNodes = storeNodes2RuntimeNodes(nodes, getWorkflowEntryNodeIds(nodes));
const variables = {};
@@ -74,9 +75,9 @@ const testWorkflow = async (path: string) => {
it('Workflow test: simple workflow', async () => {
// create a simple app
await testWorkflow('test/cases/workflow/simple.json');
// await testWorkflow('test/cases/service/core/app/workflow/loopTest.json');
});
it('Workflow test: output test', async () => {
console.log(await testWorkflow('test/cases/workflow/loopTest.json'));
// console.log(await testWorkflow('@/test/cases/workflow/loopTest.json'));
});

135
test/datas/users.ts
View File

@@ -1,4 +1,12 @@
import { AuthUserTypeEnum } from '@fastgpt/global/support/permission/constant';
import { AuthUserTypeEnum, PerResourceTypeEnum } from '@fastgpt/global/support/permission/constant';
import { MemberGroupSchemaType } from '@fastgpt/global/support/permission/memberGroup/type';
import { PermissionValueType } from '@fastgpt/global/support/permission/type';
import { TeamManagePermissionVal } from '@fastgpt/global/support/permission/user/constant';
import { DefaultGroupName } from '@fastgpt/global/support/user/team/group/constant';
import { OrgSchemaType, OrgType } from '@fastgpt/global/support/user/team/org/type';
import { MongoMemberGroupModel } from '@fastgpt/service/support/permission/memberGroup/memberGroupSchema';
import { MongoOrgModel } from '@fastgpt/service/support/permission/org/orgSchema';
import { MongoResourcePermission } from '@fastgpt/service/support/permission/schema';
import { MongoUser } from '@fastgpt/service/support/user/schema';
import { MongoTeamMember } from '@fastgpt/service/support/user/team/teamMemberSchema';
import { MongoTeam } from '@fastgpt/service/support/user/team/teamSchema';
@@ -33,22 +41,40 @@ export async function getRootUser(): Promise<parseHeaderCertRet> {
};
}
export async function getUser(username: string): Promise<parseHeaderCertRet> {
export async function getUser(username: string, teamId?: string): Promise<parseHeaderCertRet> {
const user = await MongoUser.create({
username,
password: '123456'
});
const team = await MongoTeam.create({
name: 'test team',
ownerId: user._id
});
const tmb = await (async () => {
if (!teamId) {
const team = await MongoTeam.create({
name: username,
ownerId: user._id
});
const tmb = await MongoTeamMember.create({
name: username,
teamId: team._id,
userId: user._id,
status: 'active',
role: 'owner'
});
const tmb = await MongoTeamMember.create({
teamId: team._id,
userId: user._id,
status: 'active'
});
await MongoMemberGroupModel.create({
teamId: team._id,
name: DefaultGroupName,
avatar: team.avatar
});
return tmb;
}
return MongoTeamMember.create({
teamId,
userId: user._id,
status: 'active'
});
})();
return {
userId: user._id,
@@ -61,3 +87,90 @@ export async function getUser(username: string): Promise<parseHeaderCertRet> {
tmbId: tmb?._id
};
}
let fakeUsers: Record<string, parseHeaderCertRet> = {};
async function getFakeUser(username: string) {
if (username === 'Owner') {
if (!fakeUsers[username]) {
fakeUsers[username] = await getUser(username);
}
return fakeUsers[username];
}
const owner = await getFakeUser('Owner');
const ownerTeamId = owner.teamId;
if (!fakeUsers[username]) {
fakeUsers[username] = await getUser(username, ownerTeamId);
}
return fakeUsers[username];
}
async function addPermission({
user,
permission
}: {
user: parseHeaderCertRet;
permission: PermissionValueType;
}) {
const { teamId, tmbId } = user;
await MongoResourcePermission.updateOne({
resourceType: PerResourceTypeEnum.team,
teamId,
resourceId: null,
tmbId,
permission
});
}
export async function getFakeUsers(num: number = 10) {
const owner = await getFakeUser('Owner');
const manager = await getFakeUser('Manager');
await MongoResourcePermission.create({
resourceType: PerResourceTypeEnum.team,
teamId: owner.teamId,
resourceId: null,
tmbId: manager.tmbId,
permission: TeamManagePermissionVal
});
const members = (await Promise.all(
Array.from({ length: num }, (_, i) => `member${i + 1}`) // 团队 member1, member2, ..., member10
.map((username) => getFakeUser(username))
)) as parseHeaderCertRet[];
return {
owner,
manager,
members
};
}
export async function getFakeGroups(num: number = 5) {
// create 5 groups
const teamId = (await getFakeUser('Owner')).teamId;
return MongoMemberGroupModel.create([
...Array(num)
.keys()
.map((i) => ({
name: `group${i + 1}`,
teamId
}))
]) as Promise<MemberGroupSchemaType[]>;
}
export async function getFakeOrgs() {
// create 5 orgs
const pathIds = ['root', 'org1', 'org2', 'org3', 'org4', 'org5'];
const paths = ['', '/root', '/root', '/root', '/root/org1', '/root/org1/org4'];
const teamId = (await getFakeUser('Owner')).teamId;
return MongoOrgModel.create(
pathIds.map((pathId, i) => ({
pathId,
name: pathId,
path: paths[i],
teamId
}))
) as Promise<OrgSchemaType[]>;
}
export async function clean() {
fakeUsers = {};
}

18
test/globalSetup.ts Normal file
View File

@@ -0,0 +1,18 @@
import { MongoMemoryReplSet } from 'mongodb-memory-server';
import type { TestProject } from 'vitest/node';
export default async function setup(project: TestProject) {
const replset = await MongoMemoryReplSet.create({ replSet: { count: 1 } });
const uri = replset.getUri();
project.provide('MONGODB_URI', uri);
return async () => {
await replset.stop();
};
}
declare module 'vitest' {
export interface ProvidedContext {
MONGODB_URI: string;
}
}

63
test/mocks/request.ts
View File

@@ -1,4 +1,8 @@
import { TeamErrEnum } from '@fastgpt/global/common/error/code/team';
import { AuthUserTypeEnum } from '@fastgpt/global/support/permission/constant';
import { TeamPermission } from '@fastgpt/global/support/permission/user/controller';
import { MongoGroupMemberModel } from '@fastgpt/service/support/permission/memberGroup/groupMemberSchema';
import { getTmbInfoByTmbId } from '@fastgpt/service/support/user/team/controller';
import { vi } from 'vitest';
// vi.mock(import('@/service/middleware/entry'), async () => {
@@ -87,3 +91,62 @@ vi.mock(import('@fastgpt/service/support/permission/controller'), async (importO
parseHeaderCert
};
});
vi.mock(
import('@fastgpt/service/support/permission/memberGroup/controllers'),
async (importOriginal) => {
const mod = await importOriginal();
const parseHeaderCert = vi.fn(
({
req,
authToken = false,
authRoot = false,
authApiKey = false
}: {
req: MockReqType;
authToken?: boolean;
authRoot?: boolean;
authApiKey?: boolean;
}) => {
const { auth } = req;
if (!auth) {
return Promise.reject(Error('unAuthorization(mock)'));
}
return Promise.resolve(auth);
}
);
const authGroupMemberRole = vi.fn(async ({ groupId, role, ...props }: any) => {
const result = await parseHeaderCert(props);
const { teamId, tmbId, isRoot } = result;
if (isRoot) {
return {
...result,
permission: new TeamPermission({
isOwner: true
}),
teamId,
tmbId
};
}
const [groupMember, tmb] = await Promise.all([
MongoGroupMemberModel.findOne({ groupId, tmbId }),
getTmbInfoByTmbId({ tmbId })
]);
// Team admin or role check
if (tmb.permission.hasManagePer || (groupMember && role.includes(groupMember.role))) {
return {
...result,
permission: tmb.permission,
teamId,
tmbId
};
}
return Promise.reject(TeamErrEnum.unAuthTeam);
});
return {
...mod,
authGroupMemberRole
};
}
);

71
test/setup.ts
View File

@@ -1,31 +1,22 @@
import { existsSync, readFileSync } from 'fs';
import mongoose from '@fastgpt/service/common/mongo';
import { connectMongo } from '@fastgpt/service/common/mongo/init';
import {
connectionMongo,
connectionLogMongo,
MONGO_URL,
MONGO_LOG_URL
} from '@fastgpt/service/common/mongo';
import { initGlobalVariables } from '@/service/common/system';
import { afterAll, beforeAll, vi } from 'vitest';
import { setup, teardown } from 'vitest-mongodb';
import setupModels from './setupModels';
import './mocks';
import { existsSync, readFileSync } from 'fs';
import { connectMongo } from '@fastgpt/service/common/mongo/init';
import { initGlobalVariables } from '@/service/common/system';
import { afterAll, beforeAll, beforeEach, inject, vi } from 'vitest';
import setupModels from './setupModels';
import { clean } from './datas/users';
import { connectionLogMongo, connectionMongo, Mongoose } from '@fastgpt/service/common/mongo';
import { randomUUID } from 'crypto';
vi.stubEnv('NODE_ENV', 'test');
vi.mock(import('@fastgpt/service/common/mongo'), async (importOriginal) => {
vi.mock(import('@fastgpt/service/common/mongo/init'), async (importOriginal: any) => {
const mod = await importOriginal();
return {
...mod,
connectionMongo: await (async () => {
if (!global.mongodb) {
global.mongodb = mongoose;
await global.mongodb.connect((globalThis as any).__MONGO_URI__ as string);
}
return global.mongodb;
})()
connectMongo: async (db: Mongoose, url: string) => {
(await db.connect(url)).connection.useDb(randomUUID());
}
};
});
@@ -59,18 +50,12 @@ vi.mock(import('@/service/common/system'), async (importOriginal) => {
});
beforeAll(async () => {
await setup({
type: 'replSet',
serverOptions: {
replSet: {
count: 1
}
}
});
vi.stubEnv('MONGODB_URI', (globalThis as any).__MONGO_URI__);
vi.stubEnv('MONGODB_URI', inject('MONGODB_URI'));
await connectMongo(connectionMongo, inject('MONGODB_URI'));
await connectMongo(connectionLogMongo, inject('MONGODB_URI'));
initGlobalVariables();
await connectMongo(connectionMongo, MONGO_URL);
await connectMongo(connectionLogMongo, MONGO_LOG_URL);
global.systemEnv = {} as any;
// await getInitConfig();
if (existsSync('projects/app/.env.local')) {
@@ -83,13 +68,27 @@ beforeAll(async () => {
systemEnv[key] = value;
}
}
global.systemEnv = {} as any;
global.systemEnv.oneapiUrl = systemEnv['OPENAI_BASE_URL'];
global.systemEnv.chatApiKey = systemEnv['CHAT_API_KEY'];
await setupModels();
}
global.feConfigs = {
isPlus: false
} as any;
await setupModels();
});
afterAll(async () => {
await teardown();
if (connectionMongo?.connection) connectionMongo?.connection.close();
if (connectionLogMongo?.connection) connectionLogMongo?.connection.close();
});
beforeEach(async () => {
await connectMongo(connectionMongo, inject('MONGODB_URI'));
await connectMongo(connectionLogMongo, inject('MONGODB_URI'));
return async () => {
clean();
await connectionMongo?.connection.db?.dropDatabase();
await connectionLogMongo?.connection.db?.dropDatabase();
};
});

17
test/setupModels.ts
View File

@@ -3,6 +3,7 @@ import { ModelProviderIdType } from 'packages/global/core/ai/provider';
export default async function setupModels() {
global.llmModelMap = new Map<string, any>();
global.embeddingModelMap = new Map<string, any>();
global.llmModelMap.set('gpt-4o-mini', {
type: ModelTypeEnum.llm,
model: 'gpt-4o-mini',
@@ -47,6 +48,22 @@ export default async function setupModels() {
maxContext: 4096,
maxResponse: 4096,
quoteMaxToken: 2048
},
embedding: {
type: ModelTypeEnum.embedding,
model: 'text-embedding-ada-002',
name: 'text-embedding-ada-002',
avatar: 'text-embedding-ada-002',
isActive: true,
isDefault: true,
isCustom: false,
requestUrl: undefined,
requestAuth: undefined,
defaultConfig: undefined,
defaultToken: 1,
maxToken: 100,
provider: 'OpenAI',
weight: 1
}
};
}

26
test/utils/request.ts
View File

@@ -1,21 +1,35 @@
import { NextApiHandler } from '@fastgpt/service/common/middle/entry';
import { MockReqType } from '../mocks/request';
import { vi } from 'vitest';
export async function Call<B = any, Q = any, R = any>(
handler: NextApiHandler<R>,
props?: MockReqType<B, Q>
) {
const { body = {}, query = {}, ...rest } = props || {};
return (await handler(
let raw;
const res: any = {
setHeader: vi.fn(),
write: vi.fn((data: any) => {
raw = data;
}),
end: vi.fn()
};
const response = (await handler(
{
body: body,
query: query,
body: JSON.parse(JSON.stringify(body)),
query: JSON.parse(JSON.stringify(query)),
...(rest as any)
},
{} as any
)) as Promise<{
res
)) as any;
return {
...response,
raw
} as {
code: number;
data: R;
error?: any;
}>;
raw?: any;
};
}