refactor(dify): 优化代码结构和安全性

- 为 AppEntity 类添加全参数构造器和无参构造器
- 移除 DataScopeAspect 类中的未使用代码
- 在 JpaUserDetailsServiceImpl 中增加用户不存在时的异常处理
- 更新 pom.xml，调整依赖项
- 删除未使用的 RedisUtils 类
- 更新 V1ChatController 和 V1WorkflowController 中的权限控制注解

pom.xml

@@ -44,11 +44,6 @@
 			<artifactId>dify-spring-boot-starter</artifactId>
 			<version>0.11.0</version>
 		</dependency>
-
-		<dependency>
-			<groupId>org.springframework.boot</groupId>
-			<artifactId>spring-boot-starter-aop</artifactId>
-		</dependency>
 		<dependency>
 			<groupId>org.springframework.boot</groupId>
 			<artifactId>spring-boot-starter-data-redis</artifactId>
@@ -61,6 +56,10 @@
 			<groupId>org.springframework.boot</groupId>
 			<artifactId>spring-boot-starter-integration</artifactId>
 		</dependency>
+		<dependency>
+			<groupId>org.springframework.boot</groupId>
+			<artifactId>spring-boot-starter-aop</artifactId>
+		</dependency>
 		<dependency>
 			<groupId>org.springframework.boot</groupId>
 			<artifactId>spring-boot-starter-mail</artifactId>

src/main/java/com/zsc/edu/dify/framework/mybatisplus/DataScopeAspect.java

@@ -1,5 +1,4 @@
 package com.zsc.edu.dify.framework.mybatisplus;
-
 import org.aspectj.lang.ProceedingJoinPoint;
 import org.aspectj.lang.annotation.Around;
 import org.aspectj.lang.annotation.Aspect;

src/main/java/com/zsc/edu/dify/framework/redis/RedisUtils.java

@@ -1,72 +0,0 @@
-package com.zsc.edu.dify.framework.redis;
-
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.data.redis.core.StringRedisTemplate;
-import org.springframework.data.redis.core.ValueOperations;
-import org.springframework.stereotype.Component;
-
-import java.util.concurrent.TimeUnit;
-
-/**
- * @author zhuang
- */
-@Component
-public class RedisUtils {
-
-    @Autowired
-    private StringRedisTemplate stringRedisTemplate;
-
-    /**
-     * 设置键值对
-     *
-     * @param key   键
-     * @param value 值
-     */
-    public void set(String key, String value) {
-        ValueOperations<String, String> ops = stringRedisTemplate.opsForValue();
-        ops.set(key, value);
-    }
-
-    /**
-     * 设置键值对并设置过期时间
-     *
-     * @param key     键
-     * @param value   值
-     * @param timeout 过期时间
-     * @param unit    时间单位
-     */
-    public void set(String key, String value, long timeout, TimeUnit unit) {
-        ValueOperations<String, String> ops = stringRedisTemplate.opsForValue();
-        ops.set(key, value, timeout, unit);
-    }
-
-    /**
-     * 获取键值对
-     *
-     * @param key 键
-     * @return 值
-     */
-    public String get(String key) {
-        ValueOperations<String, String> ops = stringRedisTemplate.opsForValue();
-        return ops.get(key);
-    }
-
-    /**
-     * 检查键是否存在
-     *
-     * @param key 键
-     * @return 是否存在
-     */
-    public boolean hasKey(String key) {
-        return Boolean.TRUE.equals(stringRedisTemplate.hasKey(key));
-    }
-
-    /**
-     * 删除键
-     *
-     * @param key 键
-     */
-    public void delete(String key) {
-        stringRedisTemplate.delete(key);
-    }
-}

src/main/java/com/zsc/edu/dify/framework/security/JpaUserDetailsServiceImpl.java

@@ -38,6 +38,9 @@ public class JpaUserDetailsServiceImpl implements UserDetailsService {
     @Transactional(rollbackFor = Exception.class)
     public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
         User user = userRepo.selectByUsername(username);
+        if (user == null) {
+            throw new UsernameNotFoundException("用户不存在");
+        }
         if (!user.getEnableState()) {
             throw new StateException("用户 '" + username + "' 已被禁用！请联系管理员");
         }

src/main/java/com/zsc/edu/dify/modules/dify/controller/V1ChatController.java

@@ -46,7 +46,7 @@ public class V1ChatController {
      *                    apikey 建议在数据库进行存储，前端调用时传智能体 id，从数据库查询
      */
     @PostMapping("/completions/{appId}")
-    @PreAuthorize("hasAuthority('difyChat:query')")
+    @PreAuthorize("hasAuthority('dify:chat:send')")
     @OperationLogAnnotation(content = "'dify对话'", operationType = "发送")
     public ChatMessageSendResponse sendChatMessage(
             @RequestBody ChatMessageSendRequest sendRequest,
@@ -56,8 +56,6 @@ public class V1ChatController {
         sendRequest.setUserId(SecurityUtil.getUserInfo().id.toString());
         return ExceptionUtil.difyException(()->difyChat.send(sendRequest));
     }
-
-
     /**
      * 发送消息（流式）
      *
@@ -66,7 +64,7 @@ public class V1ChatController {
      *                    apikey 建议在数据库进行存储，前端调用时传智能体 id，从数据库查询
      */
     @PostMapping(value = "/completions/stream/{appid}", produces = MediaType.TEXT_EVENT_STREAM_VALUE)
-//    @PreAuthorize("hasAuthority('difyChat:query')")
+    @PreAuthorize("hasAuthority('dify:chat:send')")
     public Flux<ChatMessageSendCompletionResponse> sendChatMessageStream(
             @RequestBody ChatMessageSendRequest sendRequest,
             @PathVariable String appid

src/main/java/com/zsc/edu/dify/modules/dify/controller/V1WorkflowController.java

@@ -15,6 +15,7 @@ import io.github.guoshiqiufeng.dify.workflow.dto.request.WorkflowLogsRequest;
 import io.github.guoshiqiufeng.dify.workflow.dto.request.WorkflowRunRequest;
 import io.github.guoshiqiufeng.dify.workflow.dto.response.*;
 import jakarta.annotation.Resource;
+import org.springframework.http.MediaType;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.web.bind.annotation.*;
 import reactor.core.publisher.Flux;
@@ -53,8 +54,12 @@ public class V1WorkflowController {
      * @param request
      * @return
      */
-    @PostMapping("/run/stream")
-    public Flux<WorkflowRunStreamResponse> runWorkflowStream(@RequestBody WorkflowRunRequest request) {
+    @PostMapping(value = "/run/stream/{appId}", produces= MediaType.TEXT_EVENT_STREAM_VALUE)
+    @OperationLogAnnotation(content = "'dify工作流'", operationType = "运行")
+    public Flux<WorkflowRunStreamResponse> runWorkflowStream(@RequestBody WorkflowRunRequest request, @PathVariable String appId) {
+        String apiKey =appEntityService.getApikey(appId);
+        request.setUserId(SecurityUtil.getUserInfo().id.toString());
+        request.setApiKey(apiKey);
         return difyWorkflow.runWorkflowStream(request);
     }
 
@@ -65,6 +70,7 @@ public class V1WorkflowController {
      * @return
      */
     @PatchMapping("/stop/{appId}")
+    @OperationLogAnnotation(content = "'dify工作流'", operationType = "运行")
     public WorkflowStopResponse stopWorkflowStream(String taskId, @PathVariable String appId) {
         String apiKey =appEntityService.getApikey(appId);
         String userId = SecurityUtil.getUserInfo().id.toString();

src/main/java/com/zsc/edu/dify/modules/dify/entity/AppEntity.java

@@ -19,6 +19,8 @@ import java.util.Map;
 @EqualsAndHashCode(callSuper = true)
 @Getter
 @Setter
+@AllArgsConstructor
+@NoArgsConstructor
 @TableName("apps_entity")
 public class AppEntity extends AppsResponseVO {