mirror of
https://github.com/labring/FastGPT.git
synced 2025-07-24 22:03:54 +00:00
10d8c56e23
* feat: org CRUD (#3380) * feat: add org schema * feat: org manage UI * feat: OrgInfoModal * feat: org tree view * feat: org management * fix: init root org * feat: org permission for app * feat: org support for dataset * fix: disable org role control * styles: opt type signatures * fix: remove unused permission * feat: delete org collaborator * perf: Team org ui (#3499) * perf: org ui * perf: org ui * feat: org auth for app & dataset (#3498) * feat: auth org resource permission * feat: org auth support for app & dataset * perf: org permission check (#3500) * i18n (#3501) * name * i18n * feat: support dataset changeOwner (#3483) * feat: support dataset changeOwner * chore: update dataset change owner api * feat: permission manage UI for org (#3503) * perf: password check;perf: image upload check;perf: sso login check (#3509) * perf: password check * perf: image upload check * perf: sso login check * force show update notification modal & fix login page text (#3512) * fix login page English text * update notification modal * perf: notify account (#3515) * perf(plugin): improve searXNG empty result handling and documentation (#3507) * perf(plugin): improve searXNG empty result handling and documentation * 修改了文档和代码部分无搜索的结果的反馈 * refactor: org pathId (#3516) * optimize payment process (#3517) * feat: support wecom sso (#3518) * feat: support wecom sso * chore: remove unused wecom js-sdk dependency * fix qrcode script (#3520) * fix qrcode script * i18n * perf: full text collection and search code;perf: rename function (#3519) * perf: full text collection and search code * perf: rename function * perf: notify modal * remove invalid code * perf: sso login * perf: pay process * 4.8.18 test (#3524) * perf: remove local token * perf: index * perf: file encoding;perf: leave team code;@c121914yu perf: full text search code (#3528) * perf: text encoding * perf: leave team code * perf: full text search code * fix: http status * perf: embedding search and vector avatar * perf: async read file (#3531) * refactor: team permission manager (#3535) * perf: classify org, group and member * refactor: team per manager * fix: missing functions * 4.8.18 test (#3543) * perf: login check * doc * perf: llm model config * perf: team clb config * fix: MemberModal UI (#3553) * fix: adapt MemberModal title and icon * fix: adapt member modal * fix: search input placeholder * fix: add button text * perf: org permission (#3556) * docs:用户答疑的官方文档补充 (#3540) * docs:用户答疑的官方文档补充 * 问题回答的内容修补 * share link random avatar (#3541) * share link random avatar * fix * delete unused code * share page avatar (#3558) * feat: init 4818 * share page avatar * feat: tmp upgrade code (#3559) * feat: tmp upgrade code * fulltext search test * update action * full text tmp code (#3561) * full text tmp code * fix: init * fix: init * remove tmp code * remove tmp code * 4818-alpha * 4.8.18 test (#3562) * full text tmp code * fix: init * upgrade code * account log * account log * perf: dockerfile * upgrade code * chore: update docs app template submission (#3564) --------- Co-authored-by: a.e. <49438478+I-Info@users.noreply.github.com> Co-authored-by: Finley Ge <32237950+FinleyGe@users.noreply.github.com> Co-authored-by: heheer <heheer@sealos.io> Co-authored-by: Jiangween <145003935+Jiangween@users.noreply.github.com>
122 lines
3.0 KiB
TypeScript
122 lines
3.0 KiB
TypeScript
import { MemberGroupSchemaType } from '@fastgpt/global/support/permission/memberGroup/type';
|
|
import { MongoGroupMemberModel } from './groupMemberSchema';
|
|
import { parseHeaderCert } from '../controller';
|
|
import { MongoMemberGroupModel } from './memberGroupSchema';
|
|
import { DefaultGroupName } from '@fastgpt/global/support/user/team/group/constant';
|
|
import { ClientSession } from 'mongoose';
|
|
import { GroupMemberRole } from '@fastgpt/global/support/permission/memberGroup/constant';
|
|
import { AuthModeType, AuthResponseType } from '../type';
|
|
import { TeamErrEnum } from '@fastgpt/global/common/error/code/team';
|
|
import { TeamPermission } from '@fastgpt/global/support/permission/user/controller';
|
|
import { getTmbInfoByTmbId } from '../../user/team/controller';
|
|
|
|
/**
|
|
* Get the default group of a team
|
|
* @param{Object} obj
|
|
* @param{string} obj.teamId
|
|
* @param{ClientSession} obj.session
|
|
*/
|
|
export const getTeamDefaultGroup = async ({
|
|
teamId,
|
|
session
|
|
}: {
|
|
teamId: string;
|
|
session?: ClientSession;
|
|
}) => {
|
|
const group = await MongoMemberGroupModel.findOne({ teamId, name: DefaultGroupName }, undefined, {
|
|
session
|
|
}).lean();
|
|
|
|
// Create the default group if it does not exist
|
|
if (!group) {
|
|
const [group] = await MongoMemberGroupModel.create(
|
|
[
|
|
{
|
|
teamId,
|
|
name: DefaultGroupName
|
|
}
|
|
],
|
|
{ session }
|
|
);
|
|
|
|
return group;
|
|
}
|
|
return group;
|
|
};
|
|
|
|
export const getGroupsByTmbId = async ({
|
|
tmbId,
|
|
teamId,
|
|
role,
|
|
session
|
|
}: {
|
|
tmbId: string;
|
|
teamId: string;
|
|
role?: `${GroupMemberRole}`[];
|
|
session?: ClientSession;
|
|
}) =>
|
|
(
|
|
await Promise.all([
|
|
(
|
|
await MongoGroupMemberModel.find(
|
|
{
|
|
tmbId,
|
|
groupId: {
|
|
$exists: true
|
|
},
|
|
...(role ? { role: { $in: role } } : {})
|
|
},
|
|
undefined,
|
|
{ session }
|
|
)
|
|
.populate<{ group: MemberGroupSchemaType }>('group')
|
|
.lean()
|
|
).map((item) => item.group),
|
|
role ? [] : getTeamDefaultGroup({ teamId, session })
|
|
])
|
|
).flat();
|
|
|
|
export const getGroupMembersByGroupId = async (groupId: string) => {
|
|
return await MongoGroupMemberModel.find({
|
|
groupId
|
|
}).lean();
|
|
};
|
|
|
|
// auth group member role
|
|
export const authGroupMemberRole = async ({
|
|
groupId,
|
|
role,
|
|
...props
|
|
}: {
|
|
groupId: string;
|
|
role: `${GroupMemberRole}`[];
|
|
} & AuthModeType): Promise<AuthResponseType> => {
|
|
const result = await parseHeaderCert(props);
|
|
const { teamId, tmbId, isRoot } = result;
|
|
if (isRoot) {
|
|
return {
|
|
...result,
|
|
permission: new TeamPermission({
|
|
isOwner: true
|
|
}),
|
|
teamId,
|
|
tmbId
|
|
};
|
|
}
|
|
const [groupMember, tmb] = await Promise.all([
|
|
MongoGroupMemberModel.findOne({ groupId, tmbId }),
|
|
getTmbInfoByTmbId({ tmbId })
|
|
]);
|
|
|
|
// Team admin or role check
|
|
if (tmb.permission.hasManagePer || (groupMember && role.includes(groupMember.role))) {
|
|
return {
|
|
...result,
|
|
permission: tmb.permission,
|
|
teamId,
|
|
tmbId
|
|
};
|
|
}
|
|
return Promise.reject(TeamErrEnum.unAuthTeam);
|
|
};
|