4.6.4-alpha (#569)

packages/service/support/permission/auth/app.ts

@@ -19,6 +19,7 @@ export async function authApp({
   AuthResponseType & {
     teamOwner: boolean;
     app: AppDetailType;
+    role: `${TeamMemberRoleEnum}`;
   }
 > {
   const result = await parseHeaderCert(props);
@@ -65,6 +66,7 @@ export async function authApp({
   return {
     ...result,
     app,
+    role,
     isOwner,
     canWrite,
     teamOwner: role === TeamMemberRoleEnum.owner

packages/service/support/permission/auth/chat.ts

@@ -1,67 +0,0 @@
-import { AuthResponseType } from '@fastgpt/global/support/permission/type';
-import { AuthModeType } from '../type';
-import type { ChatWithAppSchema } from '@fastgpt/global/core/chat/type';
-import { parseHeaderCert } from '../controller';
-import { MongoChat } from '../../../core/chat/chatSchema';
-import { ChatErrEnum } from '@fastgpt/global/common/error/code/chat';
-import { getTeamInfoByTmbId } from '../../user/team/controller';
-import { TeamMemberRoleEnum } from '@fastgpt/global/support/user/team/constant';
-import { PermissionTypeEnum } from '@fastgpt/global/support/permission/constant';
-
-export async function authChat({
-  chatId,
-  per = 'owner',
-  ...props
-}: AuthModeType & {
-  chatId: string;
-}): Promise<
-  AuthResponseType & {
-    chat: ChatWithAppSchema;
-  }
-> {
-  const { userId, teamId, tmbId } = await parseHeaderCert(props);
-  const { role } = await getTeamInfoByTmbId({ tmbId });
-
-  const { chat, isOwner, canWrite } = await (async () => {
-    // get chat
-    const chat = (await MongoChat.findOne({ chatId, teamId })
-      .populate('appId')
-      .lean()) as ChatWithAppSchema;
-
-    if (!chat) {
-      return Promise.reject('Chat is not exists');
-    }
-
-    const isOwner = role === TeamMemberRoleEnum.owner || String(chat.tmbId) === tmbId;
-    const canWrite = isOwner;
-
-    if (
-      per === 'r' &&
-      role !== TeamMemberRoleEnum.owner &&
-      chat.appId.permission !== PermissionTypeEnum.public
-    ) {
-      return Promise.reject(ChatErrEnum.unAuthChat);
-    }
-    if (per === 'w' && !canWrite) {
-      return Promise.reject(ChatErrEnum.unAuthChat);
-    }
-    if (per === 'owner' && !isOwner) {
-      return Promise.reject(ChatErrEnum.unAuthChat);
-    }
-
-    return {
-      chat,
-      isOwner,
-      canWrite
-    };
-  })();
-
-  return {
-    userId,
-    teamId,
-    tmbId,
-    chat,
-    isOwner,
-    canWrite
-  };
-}

packages/service/support/permission/auth/common.ts

@@ -20,11 +20,11 @@ export async function authCertAndShareId({
     return authCert(props);
   }
 
-  const { app } = await authOutLinkValid({ shareId });
+  const { shareChat } = await authOutLinkValid({ shareId });
 
   return {
-    teamId: String(app.teamId),
-    tmbId: String(app.tmbId),
+    teamId: String(shareChat.teamId),
+    tmbId: String(shareChat.tmbId),
     authType: AuthUserTypeEnum.outLink,
     apikey: '',
     isOwner: false,

packages/service/support/permission/auth/outLink.ts

@@ -78,21 +78,19 @@ export async function authOutLinkCrud({
   };
 }
 
+/* outLink exist and it app exist */
 export async function authOutLinkValid({ shareId }: { shareId?: string }) {
+  if (!shareId) {
+    return Promise.reject(OutLinkErrEnum.linkUnInvalid);
+  }
   const shareChat = await MongoOutLink.findOne({ shareId });
 
   if (!shareChat) {
     return Promise.reject(OutLinkErrEnum.linkUnInvalid);
   }
 
-  const app = await MongoApp.findById(shareChat.appId);
-
-  if (!app) {
-    return Promise.reject(AppErrEnum.unExist);
-  }
-
   return {
-    app,
+    appId: shareChat.appId,
     shareChat
   };
 }