diff --git a/src/main/java/com/zsc/edu/dify/modules/dify/controller/V1ChatController.java b/src/main/java/com/zsc/edu/dify/modules/dify/controller/V1ChatController.java index e57baf7..d2de8ab 100644 --- a/src/main/java/com/zsc/edu/dify/modules/dify/controller/V1ChatController.java +++ b/src/main/java/com/zsc/edu/dify/modules/dify/controller/V1ChatController.java @@ -80,6 +80,7 @@ public class V1ChatController { * @return 会话列表 */ @PostMapping("/conversations/{appId}") + @PreAuthorize("hasAuthority('dify:chat:conversations')") public DifyPageResult conversations( @RequestBody MessageConversationsRequest request, @PathVariable String appId @@ -96,6 +97,7 @@ public class V1ChatController { * @return 消息列表 */ @PostMapping("/messages/{appid}") + @PreAuthorize("hasAuthority('dify:chat:messages')") public DifyPageResult messages( @RequestBody MessagesRequest request, @PathVariable String appid @@ -112,6 +114,7 @@ public class V1ChatController { * @param taskId 任务id */ @PatchMapping("/stream/stop") + @PreAuthorize("hasAuthority('dify:chat:stop')") public void stopMessagesStream(@RequestParam String taskId, @RequestParam String appId) { String apiKey = appEntityService.getApikey(appId); String userId = SecurityUtil.getUserInfo().id.toString(); @@ -124,6 +127,7 @@ public class V1ChatController { * @param conversationId 会话id */ @DeleteMapping("/conversation") + @PreAuthorize("hasAuthority('dify:chat:delete')") @OperationLogAnnotation(content = "'dify对话'", operationType = "删除") public Map deleteConversation(@RequestParam String conversationId, @RequestParam String appId) { String apiKey = appEntityService.getApikey(appId); @@ -143,6 +147,7 @@ public class V1ChatController { * @return */ @GetMapping("/messages/suggested") + @PreAuthorize("hasAuthority('dify:chat:suggested')") public List messagesSuggested(String messageId,String appId){ String apiKey = appEntityService.getApikey(appId); String userId = SecurityUtil.getUserInfo().id.toString(); @@ -155,6 +160,7 @@ public class V1ChatController { * @return */ @GetMapping("/parameters/{appid}") + @PreAuthorize("hasAuthority('dify:chat:parameters')") public AppParametersResponseVO parameters(@PathVariable String appid){ String apiKey = appEntityService.getApikey(appid); return ExceptionUtil.difyException(()->difyChat.parameters(apiKey)); diff --git a/src/main/java/com/zsc/edu/dify/modules/dify/controller/V1ServerController.java b/src/main/java/com/zsc/edu/dify/modules/dify/controller/V1ServerController.java index 9da505e..1d4dde4 100644 --- a/src/main/java/com/zsc/edu/dify/modules/dify/controller/V1ServerController.java +++ b/src/main/java/com/zsc/edu/dify/modules/dify/controller/V1ServerController.java @@ -40,6 +40,7 @@ public class V1ServerController { * @return */ @GetMapping("/apps") + @PreAuthorize("hasAuthority('dify:app:list')") public List getApps(String mode, String name, Integer type) { return appEntityService.getApps(mode, name, type); } @@ -50,6 +51,7 @@ public class V1ServerController { * @return */ @GetMapping("/{id}") + @PreAuthorize("hasAuthority('dify:app:detail')") public AppsResponse getApp(@PathVariable("id") String id) { return difyServer.app(id); } @@ -60,6 +62,7 @@ public class V1ServerController { * @return */ @GetMapping("/api-key/{id}") + @PreAuthorize("hasAuthority('dify:app:api-key')") public List getAppApiKey(@PathVariable("id") String id) { return difyServer.getAppApiKey(id); } @@ -70,6 +73,7 @@ public class V1ServerController { * @return */ @PostMapping("/api-key/init/{id}") + @PreAuthorize("hasAuthority('dify:app:api-key')") public List initAppApiKey(@PathVariable("id") String id) { return difyServer.initAppApiKey(id); } @@ -79,6 +83,7 @@ public class V1ServerController { * @return */ @GetMapping("/api-key/dataset") + @PreAuthorize("hasAuthority('dify:app:api-key')") public List getDatasetApiKey() { return difyServer.getDatasetApiKey(); } @@ -88,6 +93,7 @@ public class V1ServerController { * @return */ @PostMapping("/api-key/dataset/init") + @PreAuthorize("hasAuthority('dify:dataset:api-key')") public List initDatasetApiKey() { return difyServer.initDatasetApiKey(); } @@ -99,6 +105,7 @@ public class V1ServerController { * @return */ @PostMapping("/app/{id}/toggle") + @PreAuthorize("hasAuthority('dify:dataset:api-key')") @OperationLogAnnotation(content = "'dify服务启用状态'", operationType = "更新") public boolean enabledApp(@PathVariable String id) { return appEntityService.enabledApp(id); @@ -109,6 +116,7 @@ public class V1ServerController { * @return */ @GetMapping("/apps/enabled") + @PreAuthorize("hasAuthority('dify:app:list')") @DataPermission public List getEnableApps() { LambdaQueryWrapper queryWrapper = new LambdaQueryWrapper<>(); @@ -122,12 +130,14 @@ public class V1ServerController { * @return */ @GetMapping("/apps/type") + @PreAuthorize("hasAuthority('dify:app:list')") // @DataPermission public List getAppsByAppType(Integer appType){ return appEntityService.selectByAppType(appType); } @PostMapping("/link") + @PreAuthorize("hasAuthority('dify:app:link')") public ResponseEntity link(@RequestBody WorkflowDeptDto workflowDeptDto) { List workflowDepts = new ArrayList<>(); for (Long deptId: workflowDeptDto.getDeptIds()) { @@ -141,6 +151,7 @@ public class V1ServerController { } @GetMapping("/link/{workflowId}") + @PreAuthorize("hasAuthority('dify:app:link')") public List linked(@PathVariable String workflowId) { return workflowDeptService.lambdaQuery().eq(WorkflowDept::getWorkflowId, workflowId).list(); } diff --git a/src/main/java/com/zsc/edu/dify/modules/dify/controller/V1WorkflowController.java b/src/main/java/com/zsc/edu/dify/modules/dify/controller/V1WorkflowController.java index 4aabe7e..c4ba306 100644 --- a/src/main/java/com/zsc/edu/dify/modules/dify/controller/V1WorkflowController.java +++ b/src/main/java/com/zsc/edu/dify/modules/dify/controller/V1WorkflowController.java @@ -42,6 +42,7 @@ public class V1WorkflowController { * @return */ @PostMapping("/run/{appId}") + @PreAuthorize("hasAuthority('dify:workflow:run')") @OperationLogAnnotation(content = "'dify工作流'", operationType = "运行") public WorkflowRunResponse runWorkflow(@RequestBody WorkflowRunRequest request, @PathVariable String appId) { request.setUserId(SecurityUtil.getUserInfo().id.toString()); @@ -55,6 +56,7 @@ public class V1WorkflowController { * @return */ @PostMapping(value = "/run/stream/{appId}", produces= MediaType.TEXT_EVENT_STREAM_VALUE) + @PreAuthorize("hasAuthority('dify:workflow:run')") @OperationLogAnnotation(content = "'dify工作流'", operationType = "运行") public Flux runWorkflowStream(@RequestBody WorkflowRunRequest request, @PathVariable String appId) { String apiKey =appEntityService.getApikey(appId); @@ -70,6 +72,7 @@ public class V1WorkflowController { * @return */ @PatchMapping("/stop/{appId}") + @PreAuthorize("hasAuthority('dify:workflow:stop')") @OperationLogAnnotation(content = "'dify工作流'", operationType = "运行") public WorkflowStopResponse stopWorkflowStream(String taskId, @PathVariable String appId) { String apiKey =appEntityService.getApikey(appId); @@ -78,12 +81,13 @@ public class V1WorkflowController { } /** - * 获取工作流信息 + * 获取工作流运行详情 * * @param workflowRunId * @return */ @GetMapping("/info/{appId}") + @PreAuthorize("hasAuthority('dify:workflow:info')") public WorkflowInfoResponse info(String workflowRunId, @PathVariable String appId) { String apiKey =appEntityService.getApikey(appId); return ExceptionUtil.difyException(() -> difyWorkflow.info(workflowRunId, apiKey)); @@ -96,11 +100,11 @@ public class V1WorkflowController { * @return */ @PostMapping("/logs/{appId}") + @PreAuthorize("hasAuthority('dify:workflow:logs')") public DifyPageResult logs(@RequestBody WorkflowLogsRequest request, @PathVariable String appId) { String apiKey = appEntityService.getApikey(appId); request.setApiKey(apiKey); - final DifyPageResult logs = difyWorkflow.logs(request); - return logs; + return difyWorkflow.logs(request); } /** @@ -110,6 +114,7 @@ public class V1WorkflowController { * @return */ @GetMapping("/list/{appId}") + @PreAuthorize("hasAuthority('dify:workflow:logs')") @DataPermission public List list(@PathVariable String appId){ return difyWorkflowService.list(new QueryWrapper().eq("app_id",appId)); @@ -122,6 +127,7 @@ public class V1WorkflowController { * @return */ @GetMapping("/detail/{id}") + @PreAuthorize("hasAuthority('dify:workflow:detail')") @DataPermission public WorkflowData detail(@PathVariable Long id){ return difyWorkflowService.detail(id); @@ -134,6 +140,7 @@ public class V1WorkflowController { * @return */ @DeleteMapping("/delete/{id}") + @PreAuthorize("hasAuthority('dify:workflow:delete')") @OperationLogAnnotation(content = "'dify工作流日志'", operationType = "删除") public boolean delete(@PathVariable Long id){ return difyWorkflowService.delete(id); @@ -146,6 +153,7 @@ public class V1WorkflowController { * @return */ @GetMapping("/query") + @PreAuthorize("hasAuthority('dify:workflow:list')") @DataPermission public Page query(Page page){ return difyWorkflowService.query(page);