ChatGPT/FastGPT
1
0
Fork 0
mirror of https://github.com/labring/FastGPT.git synced 2025-07-23 05:12:39 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
f89452acdd3d0e209a4416ac0d3b701af2a14e1b
FastGPT/packages/service/support/permission/memberGroup/controllers.ts
Archer f89452acdd Group role (#2993) 
* feat: app/dataset support group (#2898)

* pref: member-group (#2862)

* feat: group list ordered by updateTime

* fix: transfer ownership of group when deleting member

* fix: i18n fix

* feat: can not set member as admin/owner when user is not active

* fix: GroupInfoModal hover input do not change color

* fix(fe): searchinput do not scroll

* feat: app collaborator with group, remove default permission

* feat: dataset collaborator with group, remove default permission

* chore(test): pref mock

* chore: remove useless code

* chore: adjust

* fix: add self as collaborator when creating folder

* fix(fe): folder manage menu do not show when user has write permission
only

* fix: dataset folder create

* feat: Add code comment

* Pref: app move (#2952)

* perf: app schema

* doc

---------

Co-authored-by: Finley Ge <32237950+FinleyGe@users.noreply.github.com>
2024-10-25 19:39:11 +08:00

184 lines
4.5 KiB
TypeScript
Raw Blame History

import { MemberGroupSchemaType } from '@fastgpt/global/support/permission/memberGroup/type';
import { MongoGroupMemberModel } from './groupMemberSchema';
import { TeamMemberSchema } from '@fastgpt/global/support/user/team/type';
import { PerResourceTypeEnum } from '@fastgpt/global/support/permission/constant';
import { MongoResourcePermission } from '../schema';
import { getGroupPer, parseHeaderCert } from '../controller';
import { MongoMemberGroupModel } from './memberGroupSchema';
import { DefaultGroupName } from '@fastgpt/global/support/user/team/group/constant';
import { ClientSession } from 'mongoose';
import { GroupMemberRole } from '@fastgpt/global/support/permission/memberGroup/constant';
import { AuthModeType, AuthResponseType } from '../type';
import { TeamErrEnum } from '@fastgpt/global/common/error/code/team';
import { TeamPermission } from '@fastgpt/global/support/permission/user/controller';
import { getTmbInfoByTmbId } from '../../user/team/controller';
/**
* Get the default group of a team
* @param{Object} obj
* @param{string} obj.teamId
* @param{ClientSession} obj.session
*/
export const getTeamDefaultGroup = async ({
teamId,
session
}: {
teamId: string;
session?: ClientSession;
}) => {
const group = await MongoMemberGroupModel.findOne({ teamId, name: DefaultGroupName }, undefined, {
session
}).lean();
// Create the default group if it does not exist
if (!group) {
const [group] = await MongoMemberGroupModel.create(
[
{
teamId,
name: DefaultGroupName
}
],
{ session }
);
return group;
}
return group;
};
export const getGroupsByTmbId = async ({
tmbId,
teamId,
role
}: {
tmbId: string;
teamId: string;
role?: `${GroupMemberRole}`[];
}) =>
(
await Promise.all([
(
await MongoGroupMemberModel.find({
tmbId,
groupId: {
$exists: true
},
...(role ? { role: { $in: role } } : {})
})
.populate('groupId')
.lean()
).map((item) => {
return {
...(item.groupId as any as MemberGroupSchemaType)
};
}),
role ? [] : getTeamDefaultGroup({ teamId })
])
).flat();
export const getTmbByGroupId = async (groupId: string) => {
return (
await MongoGroupMemberModel.find({
groupId
})
.populate('tmbId')
.lean()
).map((item) => {
return {
...(item.tmbId as any as MemberGroupSchemaType)
};
});
};
export const getGroupMembersByGroupId = async (groupId: string) => {
return await MongoGroupMemberModel.find({
groupId
}).lean();
};
export const getGroupMembersWithInfoByGroupId = async (groupId: string) => {
return (
await MongoGroupMemberModel.find({
groupId
})
.populate('tmbId')
.lean()
).map((item) => item.tmbId) as any as TeamMemberSchema[]; // HACK: type casting
};
/**
* Get tmb's group permission: the maximum permission of the group
* @param tmbId
* @param resourceId
* @param resourceType
* @returns the maximum permission of the group
*/
export const getGroupPermission = async ({
tmbId,
resourceId,
teamId,
resourceType
}: {
tmbId: string;
teamId: string;
} & (
| {
resourceId?: undefined;
resourceType: 'team';
}
| {
resourceId: string;
resourceType: Omit<PerResourceTypeEnum, 'team'>;
}
)) => {
const groupIds = (await getGroupsByTmbId({ tmbId, teamId })).map((item) => item._id);
const groupPermissions = (
await MongoResourcePermission.find({
groupId: {
$in: groupIds
},
resourceType,
resourceId,
teamId
})
).map((item) => item.permission);
return getGroupPer(groupPermissions);
};
// auth group member role
export const authGroupMemberRole = async ({
groupId,
role,
...props
}: {
groupId: string;
role: `${GroupMemberRole}`[];
} & AuthModeType): Promise<AuthResponseType> => {
const result = await parseHeaderCert(props);
const { teamId, tmbId, isRoot } = result;
if (isRoot) {
return {
...result,
permission: new TeamPermission({
isOwner: true
}),
teamId,
tmbId
};
}
const groupMember = await MongoGroupMemberModel.findOne({ groupId, tmbId });
const tmb = await getTmbInfoByTmbId({ tmbId });
if (tmb.permission.hasManagePer || (groupMember && role.includes(groupMember.role))) {
return {
...result,
permission: tmb.permission,
teamId,
tmbId
};
}
return Promise.reject(TeamErrEnum.unAuthTeam);
};
Reference in New Issue View Git Blame Copy Permalink