feat: team permission refine (#4494) (#4498)

* feat: team permission refine (#4402)

* chore: team permission extend

* feat: manage team permission

* chore: api auth

* fix: i18n

* feat: add initv493

* fix: test, org auth manager

* test: app test for refined permission

* update init sh

* fix: add/remove manage permission (#4427)

* fix: add/remove manage permission

* fix: github action fastgpt-test

* fix: mock create model

* fix: team write permission

* fix: ts

* account permission

---------

Co-authored-by: Finley Ge <32237950+FinleyGe@users.noreply.github.com>

test/datas/users.ts

@@ -1,4 +1,12 @@
-import { AuthUserTypeEnum } from '@fastgpt/global/support/permission/constant';
+import { AuthUserTypeEnum, PerResourceTypeEnum } from '@fastgpt/global/support/permission/constant';
+import { MemberGroupSchemaType } from '@fastgpt/global/support/permission/memberGroup/type';
+import { PermissionValueType } from '@fastgpt/global/support/permission/type';
+import { TeamManagePermissionVal } from '@fastgpt/global/support/permission/user/constant';
+import { DefaultGroupName } from '@fastgpt/global/support/user/team/group/constant';
+import { OrgSchemaType, OrgType } from '@fastgpt/global/support/user/team/org/type';
+import { MongoMemberGroupModel } from '@fastgpt/service/support/permission/memberGroup/memberGroupSchema';
+import { MongoOrgModel } from '@fastgpt/service/support/permission/org/orgSchema';
+import { MongoResourcePermission } from '@fastgpt/service/support/permission/schema';
 import { MongoUser } from '@fastgpt/service/support/user/schema';
 import { MongoTeamMember } from '@fastgpt/service/support/user/team/teamMemberSchema';
 import { MongoTeam } from '@fastgpt/service/support/user/team/teamSchema';
@@ -33,22 +41,40 @@ export async function getRootUser(): Promise<parseHeaderCertRet> {
   };
 }
 
-export async function getUser(username: string): Promise<parseHeaderCertRet> {
+export async function getUser(username: string, teamId?: string): Promise<parseHeaderCertRet> {
   const user = await MongoUser.create({
     username,
     password: '123456'
   });
 
-  const team = await MongoTeam.create({
-    name: 'test team',
-    ownerId: user._id
-  });
+  const tmb = await (async () => {
+    if (!teamId) {
+      const team = await MongoTeam.create({
+        name: username,
+        ownerId: user._id
+      });
+      const tmb = await MongoTeamMember.create({
+        name: username,
+        teamId: team._id,
+        userId: user._id,
+        status: 'active',
+        role: 'owner'
+      });
 
-  const tmb = await MongoTeamMember.create({
-    teamId: team._id,
-    userId: user._id,
-    status: 'active'
-  });
+      await MongoMemberGroupModel.create({
+        teamId: team._id,
+        name: DefaultGroupName,
+        avatar: team.avatar
+      });
+
+      return tmb;
+    }
+    return MongoTeamMember.create({
+      teamId,
+      userId: user._id,
+      status: 'active'
+    });
+  })();
 
   return {
     userId: user._id,
@@ -61,3 +87,90 @@ export async function getUser(username: string): Promise<parseHeaderCertRet> {
     tmbId: tmb?._id
   };
 }
+
+let fakeUsers: Record<string, parseHeaderCertRet> = {};
+
+async function getFakeUser(username: string) {
+  if (username === 'Owner') {
+    if (!fakeUsers[username]) {
+      fakeUsers[username] = await getUser(username);
+    }
+    return fakeUsers[username];
+  }
+  const owner = await getFakeUser('Owner');
+  const ownerTeamId = owner.teamId;
+  if (!fakeUsers[username]) {
+    fakeUsers[username] = await getUser(username, ownerTeamId);
+  }
+  return fakeUsers[username];
+}
+
+async function addPermission({
+  user,
+  permission
+}: {
+  user: parseHeaderCertRet;
+  permission: PermissionValueType;
+}) {
+  const { teamId, tmbId } = user;
+  await MongoResourcePermission.updateOne({
+    resourceType: PerResourceTypeEnum.team,
+    teamId,
+    resourceId: null,
+    tmbId,
+    permission
+  });
+}
+
+export async function getFakeUsers(num: number = 10) {
+  const owner = await getFakeUser('Owner');
+  const manager = await getFakeUser('Manager');
+  await MongoResourcePermission.create({
+    resourceType: PerResourceTypeEnum.team,
+    teamId: owner.teamId,
+    resourceId: null,
+    tmbId: manager.tmbId,
+    permission: TeamManagePermissionVal
+  });
+  const members = (await Promise.all(
+    Array.from({ length: num }, (_, i) => `member${i + 1}`) // 团队 member1, member2, ..., member10
+      .map((username) => getFakeUser(username))
+  )) as parseHeaderCertRet[];
+  return {
+    owner,
+    manager,
+    members
+  };
+}
+
+export async function getFakeGroups(num: number = 5) {
+  // create 5 groups
+  const teamId = (await getFakeUser('Owner')).teamId;
+  return MongoMemberGroupModel.create([
+    ...Array(num)
+      .keys()
+      .map((i) => ({
+        name: `group${i + 1}`,
+        teamId
+      }))
+  ]) as Promise<MemberGroupSchemaType[]>;
+}
+
+export async function getFakeOrgs() {
+  // create 5 orgs
+  const pathIds = ['root', 'org1', 'org2', 'org3', 'org4', 'org5'];
+  const paths = ['', '/root', '/root', '/root', '/root/org1', '/root/org1/org4'];
+  const teamId = (await getFakeUser('Owner')).teamId;
+  return MongoOrgModel.create(
+    pathIds.map((pathId, i) => ({
+      pathId,
+      name: pathId,
+      path: paths[i],
+      teamId
+    }))
+  ) as Promise<OrgSchemaType[]>;
+}
+
+export async function clean() {
+  fakeUsers = {};
+}