From 83fabb13838fa18bc683e3df56b024d25c952320 Mon Sep 17 00:00:00 2001 From: vertoryao <673441990@qq.com> Date: Sun, 13 Jul 2025 23:50:22 +0800 Subject: [PATCH] =?UTF-8?q?feat(security):=20=E4=B8=BA=20Dify=20=E7=9B=B8?= =?UTF-8?q?=E5=85=B3=E6=93=8D=E4=BD=9C=E6=B7=BB=E5=8A=A0=E6=9D=83=E9=99=90?= =?UTF-8?q?=E6=8E=A7=E5=88=B6-=20=E5=9C=A8=20V1ChatController=E3=80=81V1Se?= =?UTF-8?q?rverController=20=E5=92=8C=20V1WorkflowController=20=E4=B8=AD?= =?UTF-8?q?=E6=B7=BB=E5=8A=A0=E4=BA=86=20@PreAuthorize=20=E6=B3=A8?= =?UTF-8?q?=E8=A7=A3=20-=20=E4=B8=BA=E4=B8=8D=E5=90=8C=E6=93=8D=E4=BD=9C?= =?UTF-8?q?=E5=AE=9A=E4=B9=89=E4=BA=86=E7=9B=B8=E5=BA=94=E7=9A=84=E6=9D=83?= =?UTF-8?q?=E9=99=90=E6=A0=87=E8=AF=86=EF=BC=8C=E5=A6=82=20dify:chat:conve?= =?UTF-8?q?rsations=E3=80=81dify:app:list=20=E7=AD=89=20-=E9=80=9A?= =?UTF-8?q?=E8=BF=87=20Spring=20Security=20=E7=9A=84=E6=9D=83=E9=99=90?= =?UTF-8?q?=E7=AE=A1=E7=90=86=E5=8A=9F=E8=83=BD=EF=BC=8C=E5=AE=9E=E7=8E=B0?= =?UTF-8?q?=E4=BA=86=E5=AF=B9=20Dify=20=E7=9B=B8=E5=85=B3=E6=93=8D?= =?UTF-8?q?=E4=BD=9C=E7=9A=84=E7=BB=86=E7=B2=92=E5=BA=A6=E6=9D=83=E9=99=90?= =?UTF-8?q?=E6=8E=A7=E5=88=B6?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../modules/dify/controller/V1ChatController.java | 6 ++++++ .../dify/controller/V1ServerController.java | 11 +++++++++++ .../dify/controller/V1WorkflowController.java | 14 +++++++++++--- 3 files changed, 28 insertions(+), 3 deletions(-) diff --git a/src/main/java/com/zsc/edu/dify/modules/dify/controller/V1ChatController.java b/src/main/java/com/zsc/edu/dify/modules/dify/controller/V1ChatController.java index e57baf7..d2de8ab 100644 --- a/src/main/java/com/zsc/edu/dify/modules/dify/controller/V1ChatController.java +++ b/src/main/java/com/zsc/edu/dify/modules/dify/controller/V1ChatController.java @@ -80,6 +80,7 @@ public class V1ChatController { * @return 会话列表 */ @PostMapping("/conversations/{appId}") + @PreAuthorize("hasAuthority('dify:chat:conversations')") public DifyPageResult conversations( @RequestBody MessageConversationsRequest request, @PathVariable String appId @@ -96,6 +97,7 @@ public class V1ChatController { * @return 消息列表 */ @PostMapping("/messages/{appid}") + @PreAuthorize("hasAuthority('dify:chat:messages')") public DifyPageResult messages( @RequestBody MessagesRequest request, @PathVariable String appid @@ -112,6 +114,7 @@ public class V1ChatController { * @param taskId 任务id */ @PatchMapping("/stream/stop") + @PreAuthorize("hasAuthority('dify:chat:stop')") public void stopMessagesStream(@RequestParam String taskId, @RequestParam String appId) { String apiKey = appEntityService.getApikey(appId); String userId = SecurityUtil.getUserInfo().id.toString(); @@ -124,6 +127,7 @@ public class V1ChatController { * @param conversationId 会话id */ @DeleteMapping("/conversation") + @PreAuthorize("hasAuthority('dify:chat:delete')") @OperationLogAnnotation(content = "'dify对话'", operationType = "删除") public Map deleteConversation(@RequestParam String conversationId, @RequestParam String appId) { String apiKey = appEntityService.getApikey(appId); @@ -143,6 +147,7 @@ public class V1ChatController { * @return */ @GetMapping("/messages/suggested") + @PreAuthorize("hasAuthority('dify:chat:suggested')") public List messagesSuggested(String messageId,String appId){ String apiKey = appEntityService.getApikey(appId); String userId = SecurityUtil.getUserInfo().id.toString(); @@ -155,6 +160,7 @@ public class V1ChatController { * @return */ @GetMapping("/parameters/{appid}") + @PreAuthorize("hasAuthority('dify:chat:parameters')") public AppParametersResponseVO parameters(@PathVariable String appid){ String apiKey = appEntityService.getApikey(appid); return ExceptionUtil.difyException(()->difyChat.parameters(apiKey)); diff --git a/src/main/java/com/zsc/edu/dify/modules/dify/controller/V1ServerController.java b/src/main/java/com/zsc/edu/dify/modules/dify/controller/V1ServerController.java index 9da505e..1d4dde4 100644 --- a/src/main/java/com/zsc/edu/dify/modules/dify/controller/V1ServerController.java +++ b/src/main/java/com/zsc/edu/dify/modules/dify/controller/V1ServerController.java @@ -40,6 +40,7 @@ public class V1ServerController { * @return */ @GetMapping("/apps") + @PreAuthorize("hasAuthority('dify:app:list')") public List getApps(String mode, String name, Integer type) { return appEntityService.getApps(mode, name, type); } @@ -50,6 +51,7 @@ public class V1ServerController { * @return */ @GetMapping("/{id}") + @PreAuthorize("hasAuthority('dify:app:detail')") public AppsResponse getApp(@PathVariable("id") String id) { return difyServer.app(id); } @@ -60,6 +62,7 @@ public class V1ServerController { * @return */ @GetMapping("/api-key/{id}") + @PreAuthorize("hasAuthority('dify:app:api-key')") public List getAppApiKey(@PathVariable("id") String id) { return difyServer.getAppApiKey(id); } @@ -70,6 +73,7 @@ public class V1ServerController { * @return */ @PostMapping("/api-key/init/{id}") + @PreAuthorize("hasAuthority('dify:app:api-key')") public List initAppApiKey(@PathVariable("id") String id) { return difyServer.initAppApiKey(id); } @@ -79,6 +83,7 @@ public class V1ServerController { * @return */ @GetMapping("/api-key/dataset") + @PreAuthorize("hasAuthority('dify:app:api-key')") public List getDatasetApiKey() { return difyServer.getDatasetApiKey(); } @@ -88,6 +93,7 @@ public class V1ServerController { * @return */ @PostMapping("/api-key/dataset/init") + @PreAuthorize("hasAuthority('dify:dataset:api-key')") public List initDatasetApiKey() { return difyServer.initDatasetApiKey(); } @@ -99,6 +105,7 @@ public class V1ServerController { * @return */ @PostMapping("/app/{id}/toggle") + @PreAuthorize("hasAuthority('dify:dataset:api-key')") @OperationLogAnnotation(content = "'dify服务启用状态'", operationType = "更新") public boolean enabledApp(@PathVariable String id) { return appEntityService.enabledApp(id); @@ -109,6 +116,7 @@ public class V1ServerController { * @return */ @GetMapping("/apps/enabled") + @PreAuthorize("hasAuthority('dify:app:list')") @DataPermission public List getEnableApps() { LambdaQueryWrapper queryWrapper = new LambdaQueryWrapper<>(); @@ -122,12 +130,14 @@ public class V1ServerController { * @return */ @GetMapping("/apps/type") + @PreAuthorize("hasAuthority('dify:app:list')") // @DataPermission public List getAppsByAppType(Integer appType){ return appEntityService.selectByAppType(appType); } @PostMapping("/link") + @PreAuthorize("hasAuthority('dify:app:link')") public ResponseEntity link(@RequestBody WorkflowDeptDto workflowDeptDto) { List workflowDepts = new ArrayList<>(); for (Long deptId: workflowDeptDto.getDeptIds()) { @@ -141,6 +151,7 @@ public class V1ServerController { } @GetMapping("/link/{workflowId}") + @PreAuthorize("hasAuthority('dify:app:link')") public List linked(@PathVariable String workflowId) { return workflowDeptService.lambdaQuery().eq(WorkflowDept::getWorkflowId, workflowId).list(); } diff --git a/src/main/java/com/zsc/edu/dify/modules/dify/controller/V1WorkflowController.java b/src/main/java/com/zsc/edu/dify/modules/dify/controller/V1WorkflowController.java index 4aabe7e..c4ba306 100644 --- a/src/main/java/com/zsc/edu/dify/modules/dify/controller/V1WorkflowController.java +++ b/src/main/java/com/zsc/edu/dify/modules/dify/controller/V1WorkflowController.java @@ -42,6 +42,7 @@ public class V1WorkflowController { * @return */ @PostMapping("/run/{appId}") + @PreAuthorize("hasAuthority('dify:workflow:run')") @OperationLogAnnotation(content = "'dify工作流'", operationType = "运行") public WorkflowRunResponse runWorkflow(@RequestBody WorkflowRunRequest request, @PathVariable String appId) { request.setUserId(SecurityUtil.getUserInfo().id.toString()); @@ -55,6 +56,7 @@ public class V1WorkflowController { * @return */ @PostMapping(value = "/run/stream/{appId}", produces= MediaType.TEXT_EVENT_STREAM_VALUE) + @PreAuthorize("hasAuthority('dify:workflow:run')") @OperationLogAnnotation(content = "'dify工作流'", operationType = "运行") public Flux runWorkflowStream(@RequestBody WorkflowRunRequest request, @PathVariable String appId) { String apiKey =appEntityService.getApikey(appId); @@ -70,6 +72,7 @@ public class V1WorkflowController { * @return */ @PatchMapping("/stop/{appId}") + @PreAuthorize("hasAuthority('dify:workflow:stop')") @OperationLogAnnotation(content = "'dify工作流'", operationType = "运行") public WorkflowStopResponse stopWorkflowStream(String taskId, @PathVariable String appId) { String apiKey =appEntityService.getApikey(appId); @@ -78,12 +81,13 @@ public class V1WorkflowController { } /** - * 获取工作流信息 + * 获取工作流运行详情 * * @param workflowRunId * @return */ @GetMapping("/info/{appId}") + @PreAuthorize("hasAuthority('dify:workflow:info')") public WorkflowInfoResponse info(String workflowRunId, @PathVariable String appId) { String apiKey =appEntityService.getApikey(appId); return ExceptionUtil.difyException(() -> difyWorkflow.info(workflowRunId, apiKey)); @@ -96,11 +100,11 @@ public class V1WorkflowController { * @return */ @PostMapping("/logs/{appId}") + @PreAuthorize("hasAuthority('dify:workflow:logs')") public DifyPageResult logs(@RequestBody WorkflowLogsRequest request, @PathVariable String appId) { String apiKey = appEntityService.getApikey(appId); request.setApiKey(apiKey); - final DifyPageResult logs = difyWorkflow.logs(request); - return logs; + return difyWorkflow.logs(request); } /** @@ -110,6 +114,7 @@ public class V1WorkflowController { * @return */ @GetMapping("/list/{appId}") + @PreAuthorize("hasAuthority('dify:workflow:logs')") @DataPermission public List list(@PathVariable String appId){ return difyWorkflowService.list(new QueryWrapper().eq("app_id",appId)); @@ -122,6 +127,7 @@ public class V1WorkflowController { * @return */ @GetMapping("/detail/{id}") + @PreAuthorize("hasAuthority('dify:workflow:detail')") @DataPermission public WorkflowData detail(@PathVariable Long id){ return difyWorkflowService.detail(id); @@ -134,6 +140,7 @@ public class V1WorkflowController { * @return */ @DeleteMapping("/delete/{id}") + @PreAuthorize("hasAuthority('dify:workflow:delete')") @OperationLogAnnotation(content = "'dify工作流日志'", operationType = "删除") public boolean delete(@PathVariable Long id){ return difyWorkflowService.delete(id); @@ -146,6 +153,7 @@ public class V1WorkflowController { * @return */ @GetMapping("/query") + @PreAuthorize("hasAuthority('dify:workflow:list')") @DataPermission public Page query(Page page){ return difyWorkflowService.query(page);