mirror of
https://github.com/labring/FastGPT.git
synced 2025-10-19 18:14:38 +00:00
v4.6.9-alpha (#918)
Co-authored-by: Mufei <327958099@qq.com> Co-authored-by: heheer <71265218+newfish-cmyk@users.noreply.github.com>
This commit is contained in:
Archer
@@ -1,11 +1,16 @@
|
||||
import { ChatSchema } from '@fastgpt/global/core/chat/type';
|
||||
import { MongoChat } from '@fastgpt/service/core/chat/chatSchema';
|
||||
import { AuthModeType } from '@fastgpt/service/support/permission/type';
|
||||
import { authOutLink } from './outLink';
|
||||
import { authOutLink, authOutLinkInit } from './outLink';
|
||||
import { ChatErrEnum } from '@fastgpt/global/common/error/code/chat';
|
||||
import { authUserRole } from '@fastgpt/service/support/permission/auth/user';
|
||||
import { TeamMemberRoleEnum } from '@fastgpt/global/support/user/team/constant';
|
||||
import { AuthResponseType } from '@fastgpt/global/support/permission/type';
|
||||
import { authTeamSpaceToken } from './team';
|
||||
import { authCert } from '@fastgpt/service/support/permission/auth/common';
|
||||
import { authOutLinkValid } from '@fastgpt/service/support/permission/auth/outLink';
|
||||
import { AuthUserTypeEnum } from '@fastgpt/global/support/permission/constant';
|
||||
import { MongoTeamMember } from '@fastgpt/service/support/user/team/teamMemberSchema';
|
||||
import { OutLinkChatAuthProps } from '@fastgpt/global/support/permission/chat';
|
||||
/*
|
||||
outLink: Must be the owner
|
||||
token: team owner and chat owner have all permissions
|
||||
@@ -14,46 +19,51 @@ export async function autChatCrud({
|
||||
appId,
|
||||
chatId,
|
||||
shareId,
|
||||
shareTeamId,
|
||||
outLinkUid,
|
||||
|
||||
teamId: spaceTeamId,
|
||||
teamToken,
|
||||
per = 'owner',
|
||||
...props
|
||||
}: AuthModeType & {
|
||||
appId: string;
|
||||
chatId?: string;
|
||||
shareTeamId?: string;
|
||||
shareId?: string;
|
||||
outLinkUid?: string;
|
||||
|
||||
teamId?: string;
|
||||
teamToken?: string;
|
||||
}): Promise<{
|
||||
chat?: ChatSchema;
|
||||
isOutLink: boolean;
|
||||
uid?: string;
|
||||
}> {
|
||||
const isOutLink = Boolean((shareId || shareTeamId) && outLinkUid);
|
||||
const isOutLink = Boolean((shareId || spaceTeamId) && outLinkUid);
|
||||
if (!chatId) return { isOutLink, uid: outLinkUid };
|
||||
|
||||
const chat = await MongoChat.findOne({ appId, chatId }).lean();
|
||||
|
||||
if (!chat) return { isOutLink, uid: outLinkUid };
|
||||
|
||||
const { uid } = await (async () => {
|
||||
// outLink Auth
|
||||
if (shareId && outLinkUid) {
|
||||
const { uid } = await authOutLink({ shareId, outLinkUid });
|
||||
|
||||
// auth outLinkUid
|
||||
if (chat.shareId === shareId && chat.outLinkUid === uid) {
|
||||
if (!chat || (chat.shareId === shareId && chat.outLinkUid === uid)) {
|
||||
return { uid };
|
||||
}
|
||||
return Promise.reject(ChatErrEnum.unAuthChat);
|
||||
}
|
||||
if (shareTeamId && outLinkUid) {
|
||||
if (chat.teamId == shareTeamId && chat.outLinkUid === outLinkUid) {
|
||||
return { uid: outLinkUid };
|
||||
// auth team space chat
|
||||
if (spaceTeamId && teamToken) {
|
||||
const { uid } = await authTeamSpaceToken({ teamId: spaceTeamId, teamToken });
|
||||
if (!chat || (String(chat.teamId) === String(spaceTeamId) && chat.outLinkUid === uid)) {
|
||||
return { uid };
|
||||
}
|
||||
return Promise.reject(ChatErrEnum.unAuthChat);
|
||||
}
|
||||
|
||||
// req auth
|
||||
if (!chat) return { id: outLinkUid };
|
||||
|
||||
// auth req
|
||||
const { teamId, tmbId, role } = await authUserRole(props);
|
||||
|
||||
if (String(teamId) !== String(chat.teamId)) return Promise.reject(ChatErrEnum.unAuthChat);
|
||||
@@ -67,9 +77,61 @@ export async function autChatCrud({
|
||||
return Promise.reject(ChatErrEnum.unAuthChat);
|
||||
})();
|
||||
|
||||
if (!chat) return { isOutLink, uid };
|
||||
|
||||
return {
|
||||
chat,
|
||||
isOutLink,
|
||||
uid
|
||||
};
|
||||
}
|
||||
|
||||
/*
|
||||
Different chat source
|
||||
1. token (header)
|
||||
2. apikey (header)
|
||||
3. share page (body: shareId outLinkUid)
|
||||
4. team chat page (body: teamId teamToken)
|
||||
*/
|
||||
export async function authChatCert(props: AuthModeType) {
|
||||
const { teamId, teamToken, shareId, outLinkUid } = props.req.body as OutLinkChatAuthProps;
|
||||
|
||||
if (shareId && outLinkUid) {
|
||||
const { shareChat } = await authOutLinkValid({ shareId });
|
||||
const { uid } = await authOutLinkInit({
|
||||
outLinkUid,
|
||||
tokenUrl: shareChat.limit?.hookUrl
|
||||
});
|
||||
|
||||
return {
|
||||
teamId: String(shareChat.teamId),
|
||||
tmbId: String(shareChat.tmbId),
|
||||
authType: AuthUserTypeEnum.outLink,
|
||||
apikey: '',
|
||||
isOwner: false,
|
||||
canWrite: false,
|
||||
outLinkUid: uid
|
||||
};
|
||||
}
|
||||
if (teamId && teamToken) {
|
||||
const { uid } = await authTeamSpaceToken({ teamId, teamToken });
|
||||
const tmb = await MongoTeamMember.findOne(
|
||||
{ teamId, role: TeamMemberRoleEnum.owner },
|
||||
'tmbId'
|
||||
).lean();
|
||||
|
||||
if (!tmb) return Promise.reject(ChatErrEnum.unAuthChat);
|
||||
|
||||
return {
|
||||
teamId,
|
||||
tmbId: String(tmb._id),
|
||||
authType: AuthUserTypeEnum.teamDomain,
|
||||
apikey: '',
|
||||
isOwner: false,
|
||||
canWrite: false,
|
||||
outLinkUid: uid
|
||||
};
|
||||
}
|
||||
|
||||
return authCert(props);
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user