diff --git a/apps/application/views/application.py b/apps/application/views/application.py
index ecfa1ae6b4e..c7dc29956d9 100644
--- a/apps/application/views/application.py
+++ b/apps/application/views/application.py
@@ -277,8 +277,8 @@ class Publish(APIView):
responses=result.DefaultResultSerializer,
tags=[_('Application')] # type: ignore
)
- @has_permissions(PermissionConstants.APPLICATION_EDIT.get_workspace_application_permission(),
- PermissionConstants.APPLICATION_EDIT.get_workspace_permission_workspace_manage_role(),
+ @has_permissions(PermissionConstants.APPLICATION_PUBLISH.get_workspace_application_permission(),
+ PermissionConstants.APPLICATION_PUBLISH.get_workspace_permission_workspace_manage_role(),
ViewPermission([RoleConstants.USER.get_workspace_role()],
[PermissionConstants.APPLICATION.get_workspace_application_permission()],
CompareConstants.AND),
diff --git a/apps/common/constants/permission_constants.py b/apps/common/constants/permission_constants.py
index 3add59e0b12..31dbbf66a42 100644
--- a/apps/common/constants/permission_constants.py
+++ b/apps/common/constants/permission_constants.py
@@ -157,6 +157,7 @@ class Operate(Enum):
USE = "USE"
IMPORT = "READ+IMPORT"
EXPORT = "READ+EXPORT" # 导入导出
+ PUBLISH = "READ+PUBLISH" # 发布
SYNC = "READ+SYNC" # 同步
GENERATE = "READ+GENERATE" # 生成
ADD_MEMBER = "READ+ADD_MEMBER" # 添加成员
@@ -616,6 +617,11 @@ class PermissionConstants(Enum):
parent_group=[WorkspaceGroup.TOOL, UserGroup.TOOL],
resource_permission_group_list=[ResourcePermissionConst.TOOL_MANGE]
)
+ TOOL_PUBLISH = Permission(
+ group=Group.TOOL, operate=Operate.PUBLISH, role_list=[RoleConstants.ADMIN, RoleConstants.USER],
+ parent_group=[WorkspaceGroup.TOOL, UserGroup.TOOL],
+ resource_permission_group_list=[ResourcePermissionConst.TOOL_MANGE]
+ )
TOOL_EXECUTE_RECORD = Permission(
group=Group.TOOL, operate=Operate.RECORD, role_list=[RoleConstants.ADMIN, RoleConstants.USER],
parent_group=[WorkspaceGroup.TOOL, UserGroup.TOOL],
@@ -767,6 +773,11 @@ class PermissionConstants(Enum):
resource_permission_group_list=[ResourcePermissionConst.KNOWLEDGE_MANGE],
parent_group=[WorkspaceGroup.KNOWLEDGE, UserGroup.KNOWLEDGE]
)
+ KNOWLEDGE_WORKFLOW_PUBLISH = Permission(
+ group=Group.KNOWLEDGE_WORKFLOW, operate=Operate.PUBLISH, role_list=[RoleConstants.ADMIN, RoleConstants.USER],
+ resource_permission_group_list=[ResourcePermissionConst.KNOWLEDGE_MANGE],
+ parent_group=[WorkspaceGroup.KNOWLEDGE, UserGroup.KNOWLEDGE]
+ )
KNOWLEDGE_DOCUMENT_READ = Permission(
group=Group.KNOWLEDGE_DOCUMENT, operate=Operate.READ,
role_list=[RoleConstants.ADMIN, RoleConstants.USER],
@@ -1054,6 +1065,11 @@ class PermissionConstants(Enum):
resource_permission_group_list=[ResourcePermissionConst.APPLICATION_MANGE],
parent_group=[WorkspaceGroup.APPLICATION, UserGroup.APPLICATION],
)
+ APPLICATION_PUBLISH = Permission(group=Group.APPLICATION, operate=Operate.PUBLISH,
+ role_list=[RoleConstants.ADMIN, RoleConstants.USER],
+ resource_permission_group_list=[ResourcePermissionConst.APPLICATION_MANGE],
+ parent_group=[WorkspaceGroup.APPLICATION, UserGroup.APPLICATION],
+ )
APPLICATION_BATCH_DELETE = Permission(group=Group.APPLICATION, operate=Operate.BATCH_DELETE,
role_list=[RoleConstants.ADMIN, RoleConstants.USER],
resource_permission_group_list=[ResourcePermissionConst.APPLICATION_MANGE],
@@ -1388,6 +1404,10 @@ class PermissionConstants(Enum):
group=Group.SYSTEM_TOOL, operate=Operate.EXPORT, role_list=[RoleConstants.ADMIN],
parent_group=[SystemGroup.SHARED_TOOL], is_ee=settings.edition == "EE"
)
+ SHARED_TOOL_PUBLISH = Permission(
+ group=Group.SYSTEM_TOOL, operate=Operate.PUBLISH, role_list=[RoleConstants.ADMIN],
+ parent_group=[SystemGroup.SHARED_TOOL], is_ee=settings.edition == "EE"
+ )
SHARED_TOOL_RELATE_RESOURCE_VIEW = Permission(
group=Group.SYSTEM_TOOL, operate=Operate.RELATE_VIEW, role_list=[RoleConstants.ADMIN],
parent_group=[SystemGroup.SHARED_TOOL], is_ee=settings.edition == "EE"
@@ -1444,6 +1464,10 @@ class PermissionConstants(Enum):
group=Group.SYSTEM_KNOWLEDGE_WORKFLOW, operate=Operate.EXPORT, role_list=[RoleConstants.ADMIN],
parent_group=[SystemGroup.SHARED_KNOWLEDGE], is_ee=settings.edition == "EE"
)
+ SHARED_KNOWLEDGE_WORKFLOW_PUBLISH = Permission(
+ group=Group.SYSTEM_KNOWLEDGE_WORKFLOW, operate=Operate.PUBLISH, role_list=[RoleConstants.ADMIN],
+ parent_group=[SystemGroup.SHARED_KNOWLEDGE], is_ee=settings.edition == "EE"
+ )
SHARED_KNOWLEDGE_DOCUMENT_READ = Permission(
group=Group.SYSTEM_KNOWLEDGE_DOCUMENT, operate=Operate.READ, role_list=[RoleConstants.ADMIN],
parent_group=[SystemGroup.SHARED_KNOWLEDGE], is_ee=settings.edition == "EE"
@@ -1581,6 +1605,10 @@ class PermissionConstants(Enum):
group=Group.SYSTEM_RES_APPLICATION, operate=Operate.AUTH, role_list=[RoleConstants.ADMIN],
parent_group=[SystemGroup.RESOURCE_APPLICATION], is_ee=settings.edition == "EE"
)
+ RESOURCE_APPLICATION_PUBLISH = Permission(
+ group=Group.SYSTEM_RES_APPLICATION, operate=Operate.PUBLISH, role_list=[RoleConstants.ADMIN],
+ parent_group=[SystemGroup.RESOURCE_APPLICATION], is_ee=settings.edition == "EE"
+ )
RESOURCE_APPLICATION_TRIGGER_READ = Permission(
group=Group.SYSTEM_RES_APPLICATION, operate=Operate.TRIGGER_READ, role_list=[RoleConstants.ADMIN],
parent_group=[SystemGroup.RESOURCE_APPLICATION], is_ee=settings.edition == "EE"
@@ -1683,6 +1711,10 @@ class PermissionConstants(Enum):
group=Group.SYSTEM_RES_KNOWLEDGE, operate=Operate.EXPORT, role_list=[RoleConstants.ADMIN],
parent_group=[SystemGroup.RESOURCE_KNOWLEDGE], is_ee=settings.edition == "EE"
)
+ RESOURCE_KNOWLEDGE_PUBLISH = Permission(
+ group=Group.SYSTEM_RES_KNOWLEDGE, operate=Operate.PUBLISH, role_list=[RoleConstants.ADMIN],
+ parent_group=[SystemGroup.RESOURCE_KNOWLEDGE], is_ee=settings.edition == "EE"
+ )
RESOURCE_KNOWLEDGE_VECTOR = Permission(
group=Group.SYSTEM_RES_KNOWLEDGE, operate=Operate.VECTOR, role_list=[RoleConstants.ADMIN],
parent_group=[SystemGroup.RESOURCE_KNOWLEDGE], is_ee=settings.edition == "EE"
@@ -1712,6 +1744,10 @@ class PermissionConstants(Enum):
group=Group.SYSTEM_RES_KNOWLEDGE_WORKFLOW, operate=Operate.EXPORT, role_list=[RoleConstants.ADMIN],
parent_group=[SystemGroup.RESOURCE_KNOWLEDGE], is_ee=settings.edition == "EE"
)
+ RESOURCE_KNOWLEDGE_WORKFLOW_PUBLISH = Permission(
+ group=Group.SYSTEM_RES_KNOWLEDGE_WORKFLOW, operate=Operate.PUBLISH, role_list=[RoleConstants.ADMIN],
+ parent_group=[SystemGroup.RESOURCE_KNOWLEDGE], is_ee=settings.edition == "EE"
+ )
RESOURCE_KNOWLEDGE_DOCUMENT_READ = Permission(
group=Group.SYSTEM_RES_KNOWLEDGE_DOCUMENT, operate=Operate.READ, role_list=[RoleConstants.ADMIN],
parent_group=[SystemGroup.RESOURCE_KNOWLEDGE], is_ee=settings.edition == "EE"
@@ -1824,6 +1860,10 @@ class PermissionConstants(Enum):
group=Group.SYSTEM_RES_TOOL, operate=Operate.EXPORT, role_list=[RoleConstants.ADMIN],
parent_group=[SystemGroup.RESOURCE_TOOL], is_ee=settings.edition == "EE"
)
+ RESOURCE_TOOL_PUBLISH = Permission(
+ group=Group.SYSTEM_RES_TOOL, operate=Operate.PUBLISH, role_list=[RoleConstants.ADMIN],
+ parent_group=[SystemGroup.RESOURCE_TOOL], is_ee=settings.edition == "EE"
+ )
RESOURCE_TOOL_AUTH = Permission(
group=Group.SYSTEM_RES_TOOL, operate=Operate.AUTH, role_list=[RoleConstants.ADMIN],
parent_group=[SystemGroup.RESOURCE_TOOL], is_ee=settings.edition == "EE"
diff --git a/apps/knowledge/views/knowledge_workflow.py b/apps/knowledge/views/knowledge_workflow.py
index 0a38693d692..0284b9ffef5 100644
--- a/apps/knowledge/views/knowledge_workflow.py
+++ b/apps/knowledge/views/knowledge_workflow.py
@@ -230,8 +230,8 @@ class Publish(APIView):
responses=DefaultResultSerializer,
tags=[_('Knowledge')] # type: ignore
)
- @has_permissions(PermissionConstants.KNOWLEDGE_WORKFLOW_EDIT.get_workspace_knowledge_permission(),
- PermissionConstants.KNOWLEDGE_WORKFLOW_EDIT.get_workspace_permission_workspace_manage_role(),
+ @has_permissions(PermissionConstants.KNOWLEDGE_WORKFLOW_PUBLISH.get_workspace_knowledge_permission(),
+ PermissionConstants.KNOWLEDGE_WORKFLOW_PUBLISH.get_workspace_permission_workspace_manage_role(),
ViewPermission([RoleConstants.USER.get_workspace_role()],
[PermissionConstants.KNOWLEDGE.get_workspace_knowledge_permission()],
CompareConstants.AND),
diff --git a/apps/tools/views/tool_workflow.py b/apps/tools/views/tool_workflow.py
index 357fb92bb70..6f0046c43e6 100644
--- a/apps/tools/views/tool_workflow.py
+++ b/apps/tools/views/tool_workflow.py
@@ -34,8 +34,8 @@ class Publish(APIView):
responses=DefaultResultSerializer,
tags=[_('Tool')] # type: ignore
)
- @has_permissions(PermissionConstants.TOOL_EDIT.get_workspace_tool_permission(),
- PermissionConstants.TOOL_EDIT.get_workspace_permission_workspace_manage_role(),
+ @has_permissions(PermissionConstants.TOOL_PUBLISH.get_workspace_tool_permission(),
+ PermissionConstants.TOOL_PUBLISH.get_workspace_permission_workspace_manage_role(),
ViewPermission([RoleConstants.USER.get_workspace_role()],
[PermissionConstants.TOOL.get_workspace_tool_permission()],
CompareConstants.AND),
diff --git a/ui/src/permission/application/system-manage.ts b/ui/src/permission/application/system-manage.ts
index 68aa896931b..94ac6c44b03 100644
--- a/ui/src/permission/application/system-manage.ts
+++ b/ui/src/permission/application/system-manage.ts
@@ -7,6 +7,8 @@ const systemManage = {
batchMove: () => false,
folderCreate: () => false,
edit: () => hasPermission([RoleConst.ADMIN, PermissionConst.RESOURCE_APPLICATION_EDIT], 'OR'),
+ publish: () =>
+ hasPermission([RoleConst.ADMIN, PermissionConst.RESOURCE_APPLICATION_PUBLISH], 'OR'),
folderEdit: () => false,
folderRead: () => false,
folderManage: () => false,
diff --git a/ui/src/permission/application/workspace.ts b/ui/src/permission/application/workspace.ts
index 463c3a4783a..d4082ed2b65 100644
--- a/ui/src/permission/application/workspace.ts
+++ b/ui/src/permission/application/workspace.ts
@@ -50,6 +50,21 @@ const workspace = {
],
'OR',
),
+ publish: (source_id: string) =>
+ hasPermission(
+ [
+ new ComplexPermission(
+ [RoleConst.USER],
+ [PermissionConst.APPLICATION.getKnowledgeWorkspaceResourcePermission(source_id)],
+ [],
+ 'AND',
+ ),
+ RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
+ PermissionConst.APPLICATION_PUBLISH.getKnowledgeWorkspaceResourcePermission(source_id),
+ PermissionConst.APPLICATION_PUBLISH.getWorkspacePermissionWorkspaceManageRole,
+ ],
+ 'OR',
+ ),
folderCreate: (folder_id: string) =>
hasPermission(
[
diff --git a/ui/src/permission/knowledge/system-manage.ts b/ui/src/permission/knowledge/system-manage.ts
index 22fd7dbe8cf..0bbdbe50384 100644
--- a/ui/src/permission/knowledge/system-manage.ts
+++ b/ui/src/permission/knowledge/system-manage.ts
@@ -15,228 +15,93 @@ const systemManage = {
create: () => false,
batchDelete: () => false,
batchMove: () => false,
- sync: () => hasPermission(
- [
- RoleConst.ADMIN,
- PermissionConst.RESOURCE_KNOWLEDGE_SYNC
- ],'OR'
- ),
- vector: () => hasPermission(
- [
- RoleConst.ADMIN,
- PermissionConst.RESOURCE_KNOWLEDGE_VECTOR
- ],'OR'
- ),
- generate: () => hasPermission(
- [
- RoleConst.ADMIN,
- PermissionConst.RESOURCE_KNOWLEDGE_GENERATE
- ],'OR'
- ),
- edit: () => hasPermission(
- [
- RoleConst.ADMIN,
- PermissionConst.RESOURCE_KNOWLEDGE_EDIT
- ],'OR'
- ),
- export: () => hasPermission(
- [
- RoleConst.ADMIN,
- PermissionConst.RESOURCE_KNOWLEDGE_EXPORT
- ],'OR'
- ),
- delete: () => hasPermission(
- [
- RoleConst.ADMIN,
- PermissionConst.RESOURCE_KNOWLEDGE_DELETE
- ],'OR'
- ),
+ sync: () => hasPermission([RoleConst.ADMIN, PermissionConst.RESOURCE_KNOWLEDGE_SYNC], 'OR'),
+ vector: () => hasPermission([RoleConst.ADMIN, PermissionConst.RESOURCE_KNOWLEDGE_VECTOR], 'OR'),
+ generate: () =>
+ hasPermission([RoleConst.ADMIN, PermissionConst.RESOURCE_KNOWLEDGE_GENERATE], 'OR'),
+ edit: () => hasPermission([RoleConst.ADMIN, PermissionConst.RESOURCE_KNOWLEDGE_EDIT], 'OR'),
+ export: () => hasPermission([RoleConst.ADMIN, PermissionConst.RESOURCE_KNOWLEDGE_EXPORT], 'OR'),
+ publish: () => hasPermission([RoleConst.ADMIN, PermissionConst.RESOURCE_KNOWLEDGE_PUBLISH], 'OR'),
+ delete: () => hasPermission([RoleConst.ADMIN, PermissionConst.RESOURCE_KNOWLEDGE_DELETE], 'OR'),
// 文档
- doc_read: () =>
- hasPermission([
- RoleConst.ADMIN,
- PermissionConst.RESOURCE_KNOWLEDGE_DOCUMENT_READ,
- PermissionConst.RESOURCE_KNOWLEDGE_WORKFLOW_READ,
- ], 'OR'),
- jump_read: () =>
- hasPermission([
- RoleConst.ADMIN,
- PermissionConst.RESOURCE_KNOWLEDGE_DOCUMENT_READ
- ],'OR'),
- doc_create: () => hasPermission(
- [
- RoleConst.ADMIN,
- PermissionConst.RESOURCE_KNOWLEDGE_DOCUMENT_CREATE
- ],'OR'
- ),
- doc_vector: () => hasPermission(
- [
- RoleConst.ADMIN,
- PermissionConst.RESOURCE_KNOWLEDGE_DOCUMENT_VECTOR
- ],'OR'
- ),
- doc_generate: () => hasPermission(
- [
- RoleConst.ADMIN,
- PermissionConst.RESOURCE_KNOWLEDGE_DOCUMENT_GENERATE
- ],'OR'
- ),
- doc_migrate: () => hasPermission(
- [
- RoleConst.ADMIN,
- PermissionConst.RESOURCE_KNOWLEDGE_DOCUMENT_MIGRATE
- ],'OR'
- ),
- doc_edit: () => hasPermission(
- [
- RoleConst.ADMIN,
- PermissionConst.RESOURCE_KNOWLEDGE_DOCUMENT_EDIT
- ],'OR'
- ),
- doc_sync: () => hasPermission(
- [
- RoleConst.ADMIN,
- PermissionConst.RESOURCE_KNOWLEDGE_DOCUMENT_SYNC
- ],'OR'
- ),
- doc_delete: () => hasPermission(
- [
- RoleConst.ADMIN,
- PermissionConst.RESOURCE_KNOWLEDGE_DOCUMENT_DELETE
- ],'OR'
- ),
- doc_export: () => hasPermission(
- [
- RoleConst.ADMIN,
- PermissionConst.RESOURCE_KNOWLEDGE_DOCUMENT_EXPORT
- ],'OR'
- ),
- doc_download: () => hasPermission(
- [
- RoleConst.ADMIN,
- PermissionConst.RESOURCE_KNOWLEDGE_DOCUMENT_DOWNLOAD_SOURCE_FILE
- ],'OR'
- ),
- doc_tag: () => hasPermission(
- [
- RoleConst.ADMIN,
- PermissionConst.RESOURCE_KNOWLEDGE_DOCUMENT_TAG
- ],'OR'
- ),
- doc_replace: () => hasPermission(
- [
- RoleConst.ADMIN,
- PermissionConst.RESOURCE_KNOWLEDGE_DOCUMENT_REPLACE
- ],'OR'
- ),
- knowledge_chat_user_read: () =>
- hasPermission([
- RoleConst.ADMIN,
- PermissionConst.RESOURCE_KNOWLEDGE_CHAT_USER_READ
- ],'OR'),
- knowledge_chat_user_edit: () =>
- hasPermission([
- RoleConst.ADMIN,
- PermissionConst.RESOURCE_KNOWLEDGE_CHAT_USER_EDIT
- ],'OR'),
-
- problem_read: () =>
- hasPermission([
- RoleConst.ADMIN,
- PermissionConst.RESOURCE_KNOWLEDGE_PROBLEM_READ
- ],'OR'),
- problem_create: () =>
- hasPermission([
- RoleConst.ADMIN,
- PermissionConst.RESOURCE_KNOWLEDGE_PROBLEM_CREATE
- ],'OR'
- ),
- problem_relate: () =>
- hasPermission([
- RoleConst.ADMIN,
- PermissionConst.RESOURCE_KNOWLEDGE_PROBLEM_RELATE
- ],'OR'
- ),
- problem_delete: () =>
- hasPermission([
- RoleConst.ADMIN,
- PermissionConst.RESOURCE_KNOWLEDGE_PROBLEM_DELETE
- ],'OR'
- ),
- problem_edit: () =>
- hasPermission([
- RoleConst.ADMIN,
- PermissionConst.RESOURCE_KNOWLEDGE_PROBLEM_EDIT
- ],'OR'
+ doc_read: () =>
+ hasPermission(
+ [
+ RoleConst.ADMIN,
+ PermissionConst.RESOURCE_KNOWLEDGE_DOCUMENT_READ,
+ PermissionConst.RESOURCE_KNOWLEDGE_WORKFLOW_READ,
+ ],
+ 'OR',
),
- tag_read: () =>
- hasPermission([
- RoleConst.ADMIN,
- PermissionConst.RESOURCE_KNOWLEDGE_TAG_READ
- ],'OR'
+ jump_read: () =>
+ hasPermission([RoleConst.ADMIN, PermissionConst.RESOURCE_KNOWLEDGE_DOCUMENT_READ], 'OR'),
+ doc_create: () =>
+ hasPermission([RoleConst.ADMIN, PermissionConst.RESOURCE_KNOWLEDGE_DOCUMENT_CREATE], 'OR'),
+ doc_vector: () =>
+ hasPermission([RoleConst.ADMIN, PermissionConst.RESOURCE_KNOWLEDGE_DOCUMENT_VECTOR], 'OR'),
+ doc_generate: () =>
+ hasPermission([RoleConst.ADMIN, PermissionConst.RESOURCE_KNOWLEDGE_DOCUMENT_GENERATE], 'OR'),
+ doc_migrate: () =>
+ hasPermission([RoleConst.ADMIN, PermissionConst.RESOURCE_KNOWLEDGE_DOCUMENT_MIGRATE], 'OR'),
+ doc_edit: () =>
+ hasPermission([RoleConst.ADMIN, PermissionConst.RESOURCE_KNOWLEDGE_DOCUMENT_EDIT], 'OR'),
+ doc_sync: () =>
+ hasPermission([RoleConst.ADMIN, PermissionConst.RESOURCE_KNOWLEDGE_DOCUMENT_SYNC], 'OR'),
+ doc_delete: () =>
+ hasPermission([RoleConst.ADMIN, PermissionConst.RESOURCE_KNOWLEDGE_DOCUMENT_DELETE], 'OR'),
+ doc_export: () =>
+ hasPermission([RoleConst.ADMIN, PermissionConst.RESOURCE_KNOWLEDGE_DOCUMENT_EXPORT], 'OR'),
+ doc_download: () =>
+ hasPermission(
+ [RoleConst.ADMIN, PermissionConst.RESOURCE_KNOWLEDGE_DOCUMENT_DOWNLOAD_SOURCE_FILE],
+ 'OR',
),
- tag_create: () =>
- hasPermission([
- RoleConst.ADMIN,
- PermissionConst.RESOURCE_KNOWLEDGE_TAG_CREATE
- ],'OR'
- ),
- tag_edit: () =>
- hasPermission([
- RoleConst.ADMIN,
- PermissionConst.RESOURCE_KNOWLEDGE_TAG_EDIT
- ],'OR'
- ),
- tag_delete: () =>
- hasPermission([
- RoleConst.ADMIN,
- PermissionConst.RESOURCE_KNOWLEDGE_TAG_DELETE
- ],'OR'
- ),
- debug: () =>
- hasPermission([
- RoleConst.ADMIN,
- PermissionConst.RESOURCE_KNOWLEDGE_WORKFLOW_READ
- ],'OR'
- ),
- workflow_edit: () =>
- hasPermission([
- RoleConst.ADMIN,
- PermissionConst.RESOURCE_KNOWLEDGE_WORKFLOW_EDIT
- ],'OR'
- ),
- workflow_export: () =>
- hasPermission([
- RoleConst.ADMIN,
- PermissionConst.RESOURCE_KNOWLEDGE_WORKFLOW_EXPORT
- ],'OR'
- ),
- chat_user_edit: () =>false,
+ doc_tag: () =>
+ hasPermission([RoleConst.ADMIN, PermissionConst.RESOURCE_KNOWLEDGE_DOCUMENT_TAG], 'OR'),
+ doc_replace: () =>
+ hasPermission([RoleConst.ADMIN, PermissionConst.RESOURCE_KNOWLEDGE_DOCUMENT_REPLACE], 'OR'),
+ knowledge_chat_user_read: () =>
+ hasPermission([RoleConst.ADMIN, PermissionConst.RESOURCE_KNOWLEDGE_CHAT_USER_READ], 'OR'),
+ knowledge_chat_user_edit: () =>
+ hasPermission([RoleConst.ADMIN, PermissionConst.RESOURCE_KNOWLEDGE_CHAT_USER_EDIT], 'OR'),
-
- auth: () =>
- hasPermission([
- RoleConst.ADMIN,
- PermissionConst.RESOURCE_KNOWLEDGE_AUTH
- ],'OR'
- ),
- relate_map: () =>
- hasPermission([
- RoleConst.ADMIN,
- PermissionConst.RESOURCE_KNOWLEDGE_RELATE_RESOURCE_VIEW
- ],'OR'
- ),
+ problem_read: () =>
+ hasPermission([RoleConst.ADMIN, PermissionConst.RESOURCE_KNOWLEDGE_PROBLEM_READ], 'OR'),
+ problem_create: () =>
+ hasPermission([RoleConst.ADMIN, PermissionConst.RESOURCE_KNOWLEDGE_PROBLEM_CREATE], 'OR'),
+ problem_relate: () =>
+ hasPermission([RoleConst.ADMIN, PermissionConst.RESOURCE_KNOWLEDGE_PROBLEM_RELATE], 'OR'),
+ problem_delete: () =>
+ hasPermission([RoleConst.ADMIN, PermissionConst.RESOURCE_KNOWLEDGE_PROBLEM_DELETE], 'OR'),
+ problem_edit: () =>
+ hasPermission([RoleConst.ADMIN, PermissionConst.RESOURCE_KNOWLEDGE_PROBLEM_EDIT], 'OR'),
+ tag_read: () =>
+ hasPermission([RoleConst.ADMIN, PermissionConst.RESOURCE_KNOWLEDGE_TAG_READ], 'OR'),
+ tag_create: () =>
+ hasPermission([RoleConst.ADMIN, PermissionConst.RESOURCE_KNOWLEDGE_TAG_CREATE], 'OR'),
+ tag_edit: () =>
+ hasPermission([RoleConst.ADMIN, PermissionConst.RESOURCE_KNOWLEDGE_TAG_EDIT], 'OR'),
+ tag_delete: () =>
+ hasPermission([RoleConst.ADMIN, PermissionConst.RESOURCE_KNOWLEDGE_TAG_DELETE], 'OR'),
+ debug: () =>
+ hasPermission([RoleConst.ADMIN, PermissionConst.RESOURCE_KNOWLEDGE_WORKFLOW_READ], 'OR'),
+ workflow_edit: () =>
+ hasPermission([RoleConst.ADMIN, PermissionConst.RESOURCE_KNOWLEDGE_WORKFLOW_EDIT], 'OR'),
+ workflow_export: () =>
+ hasPermission([RoleConst.ADMIN, PermissionConst.RESOURCE_KNOWLEDGE_WORKFLOW_EXPORT], 'OR'),
+ chat_user_edit: () => false,
+
+ auth: () => hasPermission([RoleConst.ADMIN, PermissionConst.RESOURCE_KNOWLEDGE_AUTH], 'OR'),
+ relate_map: () =>
+ hasPermission([RoleConst.ADMIN, PermissionConst.RESOURCE_KNOWLEDGE_RELATE_RESOURCE_VIEW], 'OR'),
folderRead: () => false,
folderManage: () => false,
folderCreate: () => false,
folderEdit: () => false,
folderAuth: () => false,
folderDelete: () => false,
- hit_test: () =>
- hasPermission([
- RoleConst.ADMIN,
- PermissionConst.RESOURCE_KNOWLEDGE_HIT_TEST
- ], 'OR'),
+ hit_test: () =>
+ hasPermission([RoleConst.ADMIN, PermissionConst.RESOURCE_KNOWLEDGE_HIT_TEST], 'OR'),
}
export default systemManage
diff --git a/ui/src/permission/knowledge/system-share.ts b/ui/src/permission/knowledge/system-share.ts
index c1301f6b766..60ad0f16302 100644
--- a/ui/src/permission/knowledge/system-share.ts
+++ b/ui/src/permission/knowledge/system-share.ts
@@ -4,18 +4,26 @@ import { EditionConst, PermissionConst, RoleConst } from '@/utils/permission/dat
const share = {
is_share: () => false,
create: () => hasPermission([RoleConst.ADMIN, PermissionConst.SHARED_KNOWLEDGE_CREATE], 'OR'),
- batchDelete: () => false,
+ batchDelete: () => false,
batchMove: () => false,
sync: () => hasPermission([RoleConst.ADMIN, PermissionConst.SHARED_KNOWLEDGE_SYNC], 'OR'),
vector: () => hasPermission([RoleConst.ADMIN, PermissionConst.SHARED_KNOWLEDGE_VECTOR], 'OR'),
generate: () => hasPermission([RoleConst.ADMIN, PermissionConst.SHARED_KNOWLEDGE_GENERATE], 'OR'),
edit: () => hasPermission([RoleConst.ADMIN, PermissionConst.SHARED_KNOWLEDGE_EDIT], 'OR'),
+ publish: () => hasPermission([RoleConst.ADMIN, PermissionConst.SHARED_KNOWLEDGE_PUBLISH], 'OR'),
export: () => hasPermission([RoleConst.ADMIN, PermissionConst.SHARED_KNOWLEDGE_EXPORT], 'OR'),
delete: () => hasPermission([RoleConst.ADMIN, PermissionConst.SHARED_KNOWLEDGE_DELETE], 'OR'),
doc_read: () => false,
jump_read: () =>
- hasPermission([RoleConst.ADMIN, PermissionConst.SHARED_KNOWLEDGE_DOCUMENT_READ, PermissionConst.SHARED_KNOWLEDGE_WORKFLOW_READ], 'OR'),
+ hasPermission(
+ [
+ RoleConst.ADMIN,
+ PermissionConst.SHARED_KNOWLEDGE_DOCUMENT_READ,
+ PermissionConst.SHARED_KNOWLEDGE_WORKFLOW_READ,
+ ],
+ 'OR',
+ ),
doc_create: () =>
hasPermission([RoleConst.ADMIN, PermissionConst.SHARED_KNOWLEDGE_DOCUMENT_CREATE], 'OR'),
doc_vector: () =>
@@ -65,11 +73,12 @@ const share = {
workflow_edit: () =>
hasPermission([RoleConst.ADMIN, PermissionConst.SHARED_KNOWLEDGE_WORKFLOW_EDIT], 'OR'),
workflow_export: () =>
- hasPermission([RoleConst.ADMIN, PermissionConst.SHARED_KNOWLEDGE_WORKFLOW_EXPORT], 'OR'),
+ hasPermission([RoleConst.ADMIN, PermissionConst.SHARED_KNOWLEDGE_WORKFLOW_EXPORT], 'OR'),
chat_user_edit: () => false,
auth: () => false,
- relate_map: () => hasPermission([RoleConst.ADMIN, PermissionConst.SHARED_KNOWLEDGE_RELATE_RESOURCE_VIEW], 'OR'),
+ relate_map: () =>
+ hasPermission([RoleConst.ADMIN, PermissionConst.SHARED_KNOWLEDGE_RELATE_RESOURCE_VIEW], 'OR'),
folderRead: () => false,
folderManage: () => false,
folderCreate: () => false,
@@ -77,6 +86,5 @@ const share = {
folderAuth: () => false,
folderDelete: () => false,
hit_test: () => false,
-
}
export default share
diff --git a/ui/src/permission/knowledge/workspace-share.ts b/ui/src/permission/knowledge/workspace-share.ts
index 96d85a5f427..12f3f557a54 100644
--- a/ui/src/permission/knowledge/workspace-share.ts
+++ b/ui/src/permission/knowledge/workspace-share.ts
@@ -11,10 +11,11 @@ const workspaceShare = {
generate: () => false,
edit: () => false,
export: () => false,
+ publish: () => false,
delete: () => false,
auth: () => false,
relate_map: () => false,
-
+
doc_read: () => false,
jump_read: () => false,
doc_create: () => false,
diff --git a/ui/src/permission/knowledge/workspace.ts b/ui/src/permission/knowledge/workspace.ts
index e95fa85ae12..0b4cdd70342 100644
--- a/ui/src/permission/knowledge/workspace.ts
+++ b/ui/src/permission/knowledge/workspace.ts
@@ -198,7 +198,7 @@ const workspace = {
],
'OR',
),
- relate_map: (source_id: string) =>
+ relate_map: (source_id: string) =>
hasPermission(
[
new ComplexPermission(
@@ -230,6 +230,21 @@ const workspace = {
],
'OR',
),
+ publish: (source_id: string) =>
+ hasPermission(
+ [
+ new ComplexPermission(
+ [RoleConst.USER],
+ [PermissionConst.KNOWLEDGE.getKnowledgeWorkspaceResourcePermission(source_id)],
+ [],
+ 'AND',
+ ),
+ RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
+ PermissionConst.KNOWLEDGE_PUBLISH.getKnowledgeWorkspaceResourcePermission(source_id),
+ PermissionConst.KNOWLEDGE_PUBLISH.getWorkspacePermissionWorkspaceManageRole,
+ ],
+ 'OR',
+ ),
delete: (source_id: string) =>
hasPermission(
[
@@ -256,12 +271,8 @@ const workspace = {
'AND',
),
RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
- PermissionConst.KNOWLEDGE_DOCUMENT_READ.getKnowledgeWorkspaceResourcePermission(
- source_id,
- ),
- PermissionConst.KNOWLEDGE_WORKFLOW_READ.getKnowledgeWorkspaceResourcePermission(
- source_id,
- ),
+ PermissionConst.KNOWLEDGE_DOCUMENT_READ.getKnowledgeWorkspaceResourcePermission(source_id),
+ PermissionConst.KNOWLEDGE_WORKFLOW_READ.getKnowledgeWorkspaceResourcePermission(source_id),
PermissionConst.KNOWLEDGE_DOCUMENT_READ.getWorkspacePermissionWorkspaceManageRole,
PermissionConst.KNOWLEDGE_WORKFLOW_READ.getWorkspacePermissionWorkspaceManageRole,
],
@@ -655,7 +666,9 @@ const workspace = {
'AND',
),
RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
- PermissionConst.KNOWLEDGE_WORKFLOW_EXPORT.getKnowledgeWorkspaceResourcePermission(source_id),
+ PermissionConst.KNOWLEDGE_WORKFLOW_EXPORT.getKnowledgeWorkspaceResourcePermission(
+ source_id,
+ ),
PermissionConst.KNOWLEDGE_WORKFLOW_EXPORT.getWorkspacePermissionWorkspaceManageRole,
],
'OR',
diff --git a/ui/src/permission/tool/system-manage.ts b/ui/src/permission/tool/system-manage.ts
index 51e75e7c3ab..304dbc48d39 100644
--- a/ui/src/permission/tool/system-manage.ts
+++ b/ui/src/permission/tool/system-manage.ts
@@ -1,16 +1,9 @@
-import {hasPermission} from '@/utils/permission/index'
-import {ComplexPermission} from '@/utils/permission/type'
-import {EditionConst, PermissionConst, RoleConst} from '@/utils/permission/data'
+import { hasPermission } from '@/utils/permission/index'
+import { ComplexPermission } from '@/utils/permission/type'
+import { EditionConst, PermissionConst, RoleConst } from '@/utils/permission/data'
const systemManage = {
- read: () =>
- hasPermission(
- [
- RoleConst.ADMIN,
- PermissionConst.RESOURCE_TOOL_READ,
- ],
- 'OR',
- ),
+ read: () => hasPermission([RoleConst.ADMIN, PermissionConst.RESOURCE_TOOL_READ], 'OR'),
jump_read: () => false,
is_share: () =>
hasPermission(
@@ -22,115 +15,37 @@ const systemManage = {
),
'OR',
),
- delete: () =>
- hasPermission(
- [
- RoleConst.ADMIN,
- PermissionConst.RESOURCE_TOOL_DELETE,
- ],
- 'OR',
- ),
+ delete: () => hasPermission([RoleConst.ADMIN, PermissionConst.RESOURCE_TOOL_DELETE], 'OR'),
trigger_read: () =>
- hasPermission(
- [
- RoleConst.ADMIN,
- PermissionConst.RESOURCE_TOOL_TRIGGER_READ
- ],
- 'OR'
- ),
+ hasPermission([RoleConst.ADMIN, PermissionConst.RESOURCE_TOOL_TRIGGER_READ], 'OR'),
trigger_create: () =>
- hasPermission(
- [
- RoleConst.ADMIN,
- PermissionConst.RESOURCE_TOOL_TRIGGER_CREATE
- ],
- 'OR'
- ),
+ hasPermission([RoleConst.ADMIN, PermissionConst.RESOURCE_TOOL_TRIGGER_CREATE], 'OR'),
trigger_edit: () =>
- hasPermission(
- [
- RoleConst.ADMIN,
- PermissionConst.RESOURCE_TOOL_TRIGGER_EDIT
- ],
- 'OR'
- ),
+ hasPermission([RoleConst.ADMIN, PermissionConst.RESOURCE_TOOL_TRIGGER_EDIT], 'OR'),
trigger_delete: () =>
- hasPermission(
- [
- RoleConst.ADMIN,
- PermissionConst.RESOURCE_TOOL_TRIGGER_DELETE
- ],
- 'OR'
- ),
+ hasPermission([RoleConst.ADMIN, PermissionConst.RESOURCE_TOOL_TRIGGER_DELETE], 'OR'),
create: () => false,
batchDelete: () => false,
batchMove: () => false,
import: () => false,
- switch: () =>
- hasPermission(
- [
- RoleConst.ADMIN,
- PermissionConst.RESOURCE_TOOL_EDIT,
- ],
- 'OR',
- ),
- edit: () =>
- hasPermission(
- [
- RoleConst.ADMIN,
- PermissionConst.RESOURCE_TOOL_EDIT,
- ],
- 'OR',
- ),
+ switch: () => hasPermission([RoleConst.ADMIN, PermissionConst.RESOURCE_TOOL_EDIT], 'OR'),
+ edit: () => hasPermission([RoleConst.ADMIN, PermissionConst.RESOURCE_TOOL_EDIT], 'OR'),
+ publish: () => hasPermission([RoleConst.ADMIN, PermissionConst.RESOURCE_TOOL_PUBLISH], 'OR'),
copy: () => false,
- export: () =>
- hasPermission(
- [
- RoleConst.ADMIN,
- PermissionConst.RESOURCE_TOOL_EXPORT,
- ],
- 'OR',
- ),
- debug: () =>
- hasPermission(
- [
- RoleConst.ADMIN,
- PermissionConst.RESOURCE_TOOL_EDIT,
- ],
- 'OR',
- ),
+ export: () => hasPermission([RoleConst.ADMIN, PermissionConst.RESOURCE_TOOL_EXPORT], 'OR'),
+ debug: () => hasPermission([RoleConst.ADMIN, PermissionConst.RESOURCE_TOOL_EDIT], 'OR'),
- auth: () =>
- hasPermission(
- [
- RoleConst.ADMIN,
- PermissionConst.RESOURCE_TOOL_AUTH,
- ],
- 'OR',
- ),
+ auth: () => hasPermission([RoleConst.ADMIN, PermissionConst.RESOURCE_TOOL_AUTH], 'OR'),
relate_map: () =>
- hasPermission(
- [
- RoleConst.ADMIN,
- PermissionConst.RESOURCE_TOOL_RELATE_RESOURCE_VIEW
- ],
- 'OR'
- ),
+ hasPermission([RoleConst.ADMIN, PermissionConst.RESOURCE_TOOL_RELATE_RESOURCE_VIEW], 'OR'),
record: () =>
- hasPermission(
- [
- RoleConst.ADMIN,
- PermissionConst.RESOURCE_TOOL_EXECUTE_RECORD
- ],
- 'OR'
- ),
+ hasPermission([RoleConst.ADMIN, PermissionConst.RESOURCE_TOOL_EXECUTE_RECORD], 'OR'),
folderRead: () => false,
folderManage: () => false,
folderCreate: () => false,
folderEdit: () => false,
folderAuth: () => false,
folderDelete: () => false,
-
}
export default systemManage
diff --git a/ui/src/permission/tool/system-share.ts b/ui/src/permission/tool/system-share.ts
index 683150ccd57..229033128c0 100644
--- a/ui/src/permission/tool/system-share.ts
+++ b/ui/src/permission/tool/system-share.ts
@@ -1,106 +1,31 @@
-import {hasPermission} from '@/utils/permission/index'
-import {ComplexPermission} from '@/utils/permission/type'
-import {EditionConst, PermissionConst, RoleConst} from '@/utils/permission/data'
+import { hasPermission } from '@/utils/permission/index'
+import { ComplexPermission } from '@/utils/permission/type'
+import { EditionConst, PermissionConst, RoleConst } from '@/utils/permission/data'
const share = {
- read: () =>
- hasPermission(
- [
- RoleConst.ADMIN,
- PermissionConst.SHARED_TOOL_READ,
- ],
- 'OR',
- ),
- jump_read: () => false,
+ read: () => hasPermission([RoleConst.ADMIN, PermissionConst.SHARED_TOOL_READ], 'OR'),
+ jump_read: () => false,
is_share: () => false,
- create: () =>
- hasPermission(
- [
- RoleConst.ADMIN,
- PermissionConst.SHARED_TOOL_CREATE,
- ],
- 'OR',
- ),
+ create: () => hasPermission([RoleConst.ADMIN, PermissionConst.SHARED_TOOL_CREATE], 'OR'),
batchDelete: () => false,
batchMove: () => false,
- import: () =>
- hasPermission(
- [
- RoleConst.ADMIN,
- PermissionConst.SHARED_TOOL_IMPORT,
- ],
- 'OR',
- ),
- delete: () =>
- hasPermission(
- [
- RoleConst.ADMIN,
- PermissionConst.SHARED_TOOL_DELETE,
- ],
- 'OR',
- ),
- trigger_read: ()=> false,
- trigger_create: ()=> false,
- trigger_edit: ()=> false,
- trigger_delete: ()=> false,
- switch: () =>
- hasPermission(
- [
- RoleConst.ADMIN,
- PermissionConst.SHARED_TOOL_EDIT,
- ],
- 'OR',
- ),
- edit: () =>
- hasPermission(
- [
- RoleConst.ADMIN,
- PermissionConst.SHARED_TOOL_EDIT,
- ],
- 'OR',
- ),
- copy: () =>
- hasPermission(
- [
- RoleConst.ADMIN,
- PermissionConst.SHARED_TOOL_CREATE,
- ],
- 'OR',
- ),
- export: () =>
- hasPermission(
- [
- RoleConst.ADMIN,
- PermissionConst.SHARED_TOOL_EXPORT,
- ],
- 'OR',
- ),
- debug: () =>
- hasPermission(
- [
- RoleConst.ADMIN,
- PermissionConst.SHARED_TOOL_EDIT,
- ],
- 'OR',
- ),
+ import: () => hasPermission([RoleConst.ADMIN, PermissionConst.SHARED_TOOL_IMPORT], 'OR'),
+ publish: () => hasPermission([RoleConst.ADMIN, PermissionConst.SHARED_TOOL_PUBLISH], 'OR'),
+ delete: () => hasPermission([RoleConst.ADMIN, PermissionConst.SHARED_TOOL_DELETE], 'OR'),
+ trigger_read: () => false,
+ trigger_create: () => false,
+ trigger_edit: () => false,
+ trigger_delete: () => false,
+ switch: () => hasPermission([RoleConst.ADMIN, PermissionConst.SHARED_TOOL_EDIT], 'OR'),
+ edit: () => hasPermission([RoleConst.ADMIN, PermissionConst.SHARED_TOOL_EDIT], 'OR'),
+ copy: () => hasPermission([RoleConst.ADMIN, PermissionConst.SHARED_TOOL_CREATE], 'OR'),
+ export: () => hasPermission([RoleConst.ADMIN, PermissionConst.SHARED_TOOL_EXPORT], 'OR'),
+ debug: () => hasPermission([RoleConst.ADMIN, PermissionConst.SHARED_TOOL_EDIT], 'OR'),
auth: () => false,
relate_map: () =>
- hasPermission(
- [
- RoleConst.ADMIN,
- PermissionConst.SHARED_TOOL_RELATE_RESOURCE_VIEW,
- ],
- 'OR',
- ),
- record: () =>
- hasPermission(
- [
- RoleConst.ADMIN,
- PermissionConst.SHARED_TOOL_EXECUTE_RECORD,
- ],
- 'OR',
- ),
+ hasPermission([RoleConst.ADMIN, PermissionConst.SHARED_TOOL_RELATE_RESOURCE_VIEW], 'OR'),
+ record: () => hasPermission([RoleConst.ADMIN, PermissionConst.SHARED_TOOL_EXECUTE_RECORD], 'OR'),
folderRead: () => false,
folderManage: () => false,
folderCreate: () => false,
diff --git a/ui/src/permission/tool/workspace.ts b/ui/src/permission/tool/workspace.ts
index 1193f1429d6..f81617af2ab 100644
--- a/ui/src/permission/tool/workspace.ts
+++ b/ui/src/permission/tool/workspace.ts
@@ -8,17 +8,26 @@ const workspace = {
RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
RoleConst.USER.getWorkspaceRole,
PermissionConst.TOOL_READ.getWorkspacePermission,
- PermissionConst.TOOL_READ.getWorkspacePermissionWorkspaceManageRole
+ PermissionConst.TOOL_READ.getWorkspacePermissionWorkspaceManageRole,
],
- 'OR'
+ 'OR',
),
jump_read: () => false,
is_share: () =>
hasPermission(
new ComplexPermission(
- [RoleConst.ADMIN,RoleConst.USER.getWorkspaceRole,RoleConst.WORKSPACE_MANAGE.getWorkspaceRole],
- [PermissionConst.TOOL_READ.getWorkspacePermission,PermissionConst.TOOL_READ.getWorkspacePermissionWorkspaceManageRole],
- [EditionConst.IS_EE],'OR'),
+ [
+ RoleConst.ADMIN,
+ RoleConst.USER.getWorkspaceRole,
+ RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
+ ],
+ [
+ PermissionConst.TOOL_READ.getWorkspacePermission,
+ PermissionConst.TOOL_READ.getWorkspacePermissionWorkspaceManageRole,
+ ],
+ [EditionConst.IS_EE],
+ 'OR',
+ ),
'OR',
),
create: () =>
@@ -27,9 +36,9 @@ const workspace = {
RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
RoleConst.USER.getWorkspaceRole,
PermissionConst.TOOL_CREATE.getWorkspacePermission,
- PermissionConst.TOOL_CREATE.getWorkspacePermissionWorkspaceManageRole
+ PermissionConst.TOOL_CREATE.getWorkspacePermissionWorkspaceManageRole,
],
- 'OR'
+ 'OR',
),
batchDelete: () =>
hasPermission(
@@ -57,180 +66,280 @@ const workspace = {
RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
RoleConst.USER.getWorkspaceRole,
PermissionConst.TOOL_IMPORT.getWorkspacePermission,
- PermissionConst.TOOL_IMPORT.getWorkspacePermissionWorkspaceManageRole
- ],
- 'OR'
- ),
- folderCreate: (folder_id: string) =>
- hasPermission(
- [
- new ComplexPermission([RoleConst.USER],[PermissionConst.TOOL.getToolWorkspaceResourcePermission(folder_id)],[],'AND'),
- RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
- PermissionConst.TOOL_FOLDER_CREATE.getToolWorkspaceResourcePermission(folder_id),
- PermissionConst.TOOL_FOLDER_CREATE.getWorkspacePermissionWorkspaceManageRole,
- ],
- 'OR'
- ),
- folderRead: (folder_id: string) =>
- hasPermission(
- [
- new ComplexPermission([RoleConst.USER],[PermissionConst.TOOL.getToolWorkspaceResourcePermission(folder_id)],[],'AND'),
- RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
- PermissionConst.TOOL_FOLDER_READ.getToolWorkspaceResourcePermission(folder_id),
- PermissionConst.TOOL_FOLDER_READ.getWorkspacePermissionWorkspaceManageRole,
- ],
- 'OR'
- ),
- folderEdit: (folder_id: string) =>
- hasPermission(
- [
- new ComplexPermission([RoleConst.USER],[PermissionConst.TOOL.getToolWorkspaceResourcePermission(folder_id)],[],'AND'),
- RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
- PermissionConst.TOOL_FOLDER_EDIT.getToolWorkspaceResourcePermission(folder_id),
- PermissionConst.TOOL_FOLDER_EDIT.getWorkspacePermissionWorkspaceManageRole,
- ],
- 'OR'
- ),
- folderAuth: (folder_id: string) =>
- hasPermission(
- [
- new ComplexPermission([RoleConst.USER],[PermissionConst.TOOL.getToolWorkspaceResourcePermission(folder_id)],[],'AND'),
- RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
- PermissionConst.TOOL_FOLDER_AUTH.getToolWorkspaceResourcePermission(folder_id),
- PermissionConst.TOOL_FOLDER_AUTH.getWorkspacePermissionWorkspaceManageRole,
- ],
- 'OR'
- ),
- folderDelete: (folder_id: string) =>
- hasPermission(
- [
- new ComplexPermission([RoleConst.USER],[PermissionConst.TOOL.getToolWorkspaceResourcePermission(folder_id)],[],'AND'),
- RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
- PermissionConst.TOOL_FOLDER_DELETE.getToolWorkspaceResourcePermission(folder_id),
- PermissionConst.TOOL_FOLDER_DELETE.getWorkspacePermissionWorkspaceManageRole,
- ],
- 'OR'
+ PermissionConst.TOOL_IMPORT.getWorkspacePermissionWorkspaceManageRole,
+ ],
+ 'OR',
+ ),
+ folderCreate: (folder_id: string) =>
+ hasPermission(
+ [
+ new ComplexPermission(
+ [RoleConst.USER],
+ [PermissionConst.TOOL.getToolWorkspaceResourcePermission(folder_id)],
+ [],
+ 'AND',
+ ),
+ RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
+ PermissionConst.TOOL_FOLDER_CREATE.getToolWorkspaceResourcePermission(folder_id),
+ PermissionConst.TOOL_FOLDER_CREATE.getWorkspacePermissionWorkspaceManageRole,
+ ],
+ 'OR',
+ ),
+ folderRead: (folder_id: string) =>
+ hasPermission(
+ [
+ new ComplexPermission(
+ [RoleConst.USER],
+ [PermissionConst.TOOL.getToolWorkspaceResourcePermission(folder_id)],
+ [],
+ 'AND',
+ ),
+ RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
+ PermissionConst.TOOL_FOLDER_READ.getToolWorkspaceResourcePermission(folder_id),
+ PermissionConst.TOOL_FOLDER_READ.getWorkspacePermissionWorkspaceManageRole,
+ ],
+ 'OR',
+ ),
+ folderEdit: (folder_id: string) =>
+ hasPermission(
+ [
+ new ComplexPermission(
+ [RoleConst.USER],
+ [PermissionConst.TOOL.getToolWorkspaceResourcePermission(folder_id)],
+ [],
+ 'AND',
+ ),
+ RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
+ PermissionConst.TOOL_FOLDER_EDIT.getToolWorkspaceResourcePermission(folder_id),
+ PermissionConst.TOOL_FOLDER_EDIT.getWorkspacePermissionWorkspaceManageRole,
+ ],
+ 'OR',
+ ),
+ folderAuth: (folder_id: string) =>
+ hasPermission(
+ [
+ new ComplexPermission(
+ [RoleConst.USER],
+ [PermissionConst.TOOL.getToolWorkspaceResourcePermission(folder_id)],
+ [],
+ 'AND',
+ ),
+ RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
+ PermissionConst.TOOL_FOLDER_AUTH.getToolWorkspaceResourcePermission(folder_id),
+ PermissionConst.TOOL_FOLDER_AUTH.getWorkspacePermissionWorkspaceManageRole,
+ ],
+ 'OR',
+ ),
+ folderDelete: (folder_id: string) =>
+ hasPermission(
+ [
+ new ComplexPermission(
+ [RoleConst.USER],
+ [PermissionConst.TOOL.getToolWorkspaceResourcePermission(folder_id)],
+ [],
+ 'AND',
+ ),
+ RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
+ PermissionConst.TOOL_FOLDER_DELETE.getToolWorkspaceResourcePermission(folder_id),
+ PermissionConst.TOOL_FOLDER_DELETE.getWorkspacePermissionWorkspaceManageRole,
+ ],
+ 'OR',
),
folderManage: () => true,
- delete: (source_id:string) =>
+ delete: (source_id: string) =>
hasPermission(
[
- new ComplexPermission([RoleConst.USER],[PermissionConst.TOOL.getToolWorkspaceResourcePermission(source_id)],[],'AND'),
+ new ComplexPermission(
+ [RoleConst.USER],
+ [PermissionConst.TOOL.getToolWorkspaceResourcePermission(source_id)],
+ [],
+ 'AND',
+ ),
RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
PermissionConst.TOOL_DELETE.getToolWorkspaceResourcePermission(source_id),
- PermissionConst.TOOL_DELETE.getWorkspacePermissionWorkspaceManageRole
+ PermissionConst.TOOL_DELETE.getWorkspacePermissionWorkspaceManageRole,
],
'OR',
),
- record: (source_id:string) =>
+ record: (source_id: string) =>
hasPermission(
[
- new ComplexPermission([RoleConst.USER],[PermissionConst.TOOL.getToolWorkspaceResourcePermission(source_id)],[],'AND'),
+ new ComplexPermission(
+ [RoleConst.USER],
+ [PermissionConst.TOOL.getToolWorkspaceResourcePermission(source_id)],
+ [],
+ 'AND',
+ ),
RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
PermissionConst.TOOL_EXECUTE_RECORD.getToolWorkspaceResourcePermission(source_id),
- PermissionConst.TOOL_EXECUTE_RECORD.getWorkspacePermissionWorkspaceManageRole
+ PermissionConst.TOOL_EXECUTE_RECORD.getWorkspacePermissionWorkspaceManageRole,
],
'OR',
),
- trigger_read: (source_id:string) =>
- hasPermission(
- [
- new ComplexPermission([RoleConst.USER],[PermissionConst.TOOL.getToolWorkspaceResourcePermission(source_id)],[],'AND'),
- RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
- PermissionConst.TOOL_TRIGGER_READ.getWorkspacePermissionWorkspaceManageRole,
- PermissionConst.TOOL_TRIGGER_READ.getToolWorkspaceResourcePermission(source_id)
- ],
- 'OR'
+ trigger_read: (source_id: string) =>
+ hasPermission(
+ [
+ new ComplexPermission(
+ [RoleConst.USER],
+ [PermissionConst.TOOL.getToolWorkspaceResourcePermission(source_id)],
+ [],
+ 'AND',
+ ),
+ RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
+ PermissionConst.TOOL_TRIGGER_READ.getWorkspacePermissionWorkspaceManageRole,
+ PermissionConst.TOOL_TRIGGER_READ.getToolWorkspaceResourcePermission(source_id),
+ ],
+ 'OR',
),
- trigger_create: (source_id:string) =>
+ trigger_create: (source_id: string) =>
hasPermission(
- [
- new ComplexPermission([RoleConst.USER],[PermissionConst.TOOL.getToolWorkspaceResourcePermission(source_id)],[],'AND'),
- RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
- PermissionConst.TOOL_TRIGGER_CREATE.getWorkspacePermissionWorkspaceManageRole,
- PermissionConst.TOOL_TRIGGER_CREATE.getToolWorkspaceResourcePermission(source_id)
- ],
- 'OR'
+ [
+ new ComplexPermission(
+ [RoleConst.USER],
+ [PermissionConst.TOOL.getToolWorkspaceResourcePermission(source_id)],
+ [],
+ 'AND',
+ ),
+ RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
+ PermissionConst.TOOL_TRIGGER_CREATE.getWorkspacePermissionWorkspaceManageRole,
+ PermissionConst.TOOL_TRIGGER_CREATE.getToolWorkspaceResourcePermission(source_id),
+ ],
+ 'OR',
),
- trigger_edit: (source_id: string) =>
+ trigger_edit: (source_id: string) =>
hasPermission(
- [
- new ComplexPermission([RoleConst.USER],[PermissionConst.TOOL.getToolWorkspaceResourcePermission(source_id)],[],'AND'),
- RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
- PermissionConst.TOOL_TRIGGER_EDIT.getWorkspacePermissionWorkspaceManageRole,
- PermissionConst.TOOL_TRIGGER_EDIT.getToolWorkspaceResourcePermission(source_id)
- ],
- 'OR'
+ [
+ new ComplexPermission(
+ [RoleConst.USER],
+ [PermissionConst.TOOL.getToolWorkspaceResourcePermission(source_id)],
+ [],
+ 'AND',
+ ),
+ RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
+ PermissionConst.TOOL_TRIGGER_EDIT.getWorkspacePermissionWorkspaceManageRole,
+ PermissionConst.TOOL_TRIGGER_EDIT.getToolWorkspaceResourcePermission(source_id),
+ ],
+ 'OR',
),
- trigger_delete: (source_id:string) =>
+ trigger_delete: (source_id: string) =>
hasPermission(
- [
- new ComplexPermission([RoleConst.USER],[PermissionConst.TOOL.getToolWorkspaceResourcePermission(source_id)],[],'AND'),
- RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
- PermissionConst.TOOL_TRIGGER_DELETE.getWorkspacePermissionWorkspaceManageRole,
- PermissionConst.TOOL_TRIGGER_DELETE.getToolWorkspaceResourcePermission(source_id)
- ],
- 'OR'
+ [
+ new ComplexPermission(
+ [RoleConst.USER],
+ [PermissionConst.TOOL.getToolWorkspaceResourcePermission(source_id)],
+ [],
+ 'AND',
+ ),
+ RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
+ PermissionConst.TOOL_TRIGGER_DELETE.getWorkspacePermissionWorkspaceManageRole,
+ PermissionConst.TOOL_TRIGGER_DELETE.getToolWorkspaceResourcePermission(source_id),
+ ],
+ 'OR',
),
- switch: (source_id:string) =>
+ switch: (source_id: string) =>
hasPermission(
[
- new ComplexPermission([RoleConst.USER],[PermissionConst.TOOL.getToolWorkspaceResourcePermission(source_id)],[],'AND'),
+ new ComplexPermission(
+ [RoleConst.USER],
+ [PermissionConst.TOOL.getToolWorkspaceResourcePermission(source_id)],
+ [],
+ 'AND',
+ ),
RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
PermissionConst.TOOL_EDIT.getToolWorkspaceResourcePermission(source_id),
- PermissionConst.TOOL_EDIT.getWorkspacePermissionWorkspaceManageRole
+ PermissionConst.TOOL_EDIT.getWorkspacePermissionWorkspaceManageRole,
],
- 'OR'
+ 'OR',
),
- edit: (source_id:string) =>
+ edit: (source_id: string) =>
hasPermission(
[
- new ComplexPermission([RoleConst.USER],[PermissionConst.TOOL.getToolWorkspaceResourcePermission(source_id)],[],'AND'),
+ new ComplexPermission(
+ [RoleConst.USER],
+ [PermissionConst.TOOL.getToolWorkspaceResourcePermission(source_id)],
+ [],
+ 'AND',
+ ),
RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
PermissionConst.TOOL_EDIT.getToolWorkspaceResourcePermission(source_id),
- PermissionConst.TOOL_EDIT.getWorkspacePermissionWorkspaceManageRole
+ PermissionConst.TOOL_EDIT.getWorkspacePermissionWorkspaceManageRole,
],
- 'OR'
+ 'OR',
),
- copy: (source_id:string) =>
+ copy: (source_id: string) =>
hasPermission(
[
- new ComplexPermission([RoleConst.USER],[PermissionConst.TOOL.getToolWorkspaceResourcePermission(source_id)],[],'AND'),
+ new ComplexPermission(
+ [RoleConst.USER],
+ [PermissionConst.TOOL.getToolWorkspaceResourcePermission(source_id)],
+ [],
+ 'AND',
+ ),
RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
PermissionConst.TOOL_EDIT.getToolWorkspaceResourcePermission(source_id),
- PermissionConst.TOOL_EDIT.getWorkspacePermissionWorkspaceManageRole
+ PermissionConst.TOOL_EDIT.getWorkspacePermissionWorkspaceManageRole,
+ ],
+ 'OR',
+ ),
+ publish: (source_id: string) =>
+ hasPermission(
+ [
+ new ComplexPermission(
+ [RoleConst.USER],
+ [PermissionConst.TOOL.getToolWorkspaceResourcePermission(source_id)],
+ [],
+ 'AND',
+ ),
+ RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
+ PermissionConst.TOOL_PUBLISH.getToolWorkspaceResourcePermission(source_id),
+ PermissionConst.TOOL_PUBLISH.getWorkspacePermissionWorkspaceManageRole,
],
- 'OR'
+ 'OR',
),
- export: (source_id:string) =>
+ export: (source_id: string) =>
hasPermission(
[
- new ComplexPermission([RoleConst.USER],[PermissionConst.TOOL.getToolWorkspaceResourcePermission(source_id)],[],'AND'),
+ new ComplexPermission(
+ [RoleConst.USER],
+ [PermissionConst.TOOL.getToolWorkspaceResourcePermission(source_id)],
+ [],
+ 'AND',
+ ),
RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
PermissionConst.TOOL_EXPORT.getToolWorkspaceResourcePermission(source_id),
- PermissionConst.TOOL_EXPORT.getWorkspacePermissionWorkspaceManageRole
+ PermissionConst.TOOL_EXPORT.getWorkspacePermissionWorkspaceManageRole,
],
- 'OR'
+ 'OR',
),
- auth: (source_id:string) =>
+ auth: (source_id: string) =>
hasPermission(
[
- new ComplexPermission([RoleConst.USER],[PermissionConst.TOOL.getToolWorkspaceResourcePermission(source_id)],[],'AND'),
+ new ComplexPermission(
+ [RoleConst.USER],
+ [PermissionConst.TOOL.getToolWorkspaceResourcePermission(source_id)],
+ [],
+ 'AND',
+ ),
RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
PermissionConst.TOOL_RESOURCE_AUTHORIZATION.getToolWorkspaceResourcePermission(source_id),
- PermissionConst.TOOL_RESOURCE_AUTHORIZATION.getWorkspacePermissionWorkspaceManageRole
+ PermissionConst.TOOL_RESOURCE_AUTHORIZATION.getWorkspacePermissionWorkspaceManageRole,
],
- 'OR'
+ 'OR',
),
- relate_map: (source_id:string) =>
+ relate_map: (source_id: string) =>
hasPermission(
[
- new ComplexPermission([RoleConst.USER],[PermissionConst.TOOL.getToolWorkspaceResourcePermission(source_id)],[],'AND'),
+ new ComplexPermission(
+ [RoleConst.USER],
+ [PermissionConst.TOOL.getToolWorkspaceResourcePermission(source_id)],
+ [],
+ 'AND',
+ ),
RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
PermissionConst.TOOL_RELATE_RESOURCE_VIEW.getToolWorkspaceResourcePermission(source_id),
- PermissionConst.TOOL_RELATE_RESOURCE_VIEW.getWorkspacePermissionWorkspaceManageRole
+ PermissionConst.TOOL_RELATE_RESOURCE_VIEW.getWorkspacePermissionWorkspaceManageRole,
],
- 'OR'
+ 'OR',
),
debug: () =>
hasPermission(
@@ -238,11 +347,10 @@ const workspace = {
RoleConst.USER.getWorkspaceRole,
RoleConst.WORKSPACE_MANAGE.getWorkspaceRole,
PermissionConst.TOOL_EDIT.getWorkspacePermission,
- PermissionConst.TOOL_EDIT.getWorkspacePermissionWorkspaceManageRole
+ PermissionConst.TOOL_EDIT.getWorkspacePermissionWorkspaceManageRole,
],
- 'OR'
+ 'OR',
),
-
}
export default workspace
diff --git a/ui/src/utils/permission/data.ts b/ui/src/utils/permission/data.ts
index f9758fb7173..f41403bb460 100644
--- a/ui/src/utils/permission/data.ts
+++ b/ui/src/utils/permission/data.ts
@@ -184,7 +184,6 @@ const PermissionConst = {
APPLICATION_TRIGGER_EDIT: new Permission('APPLICATION:READ+TRIGGER_EDIT'),
APPLICATION_TRIGGER_DELETE: new Permission('APPLICATION:READ+TRIGGER_DELETE'),
-
APPLICATION_OVERVIEW_READ: new Permission('APPLICATION_OVERVIEW:READ'),
APPLICATION_OVERVIEW_EMBEDDED: new Permission('APPLICATION_OVERVIEW:READ+EMBED'),
APPLICATION_OVERVIEW_ACCESS: new Permission('APPLICATION_OVERVIEW:READ+ACCESS'),
@@ -458,6 +457,17 @@ const PermissionConst = {
TOOL_RESOURCE_AUTHORIZATION: new Permission('TOOL:READ+AUTH'),
MODEL_RESOURCE_AUTHORIZATION: new Permission('MODEL:READ+AUTH'),
+ APPLICATION_PUBLISH: new Permission('APPLICATION:READ+PUBLISH'),
+ KNOWLEDGE_PUBLISH: new Permission('KNOWLEDGE_WORKFLOW:READ+PUBLISH'),
+ TOOL_PUBLISH: new Permission('TOOL:READ+PUBLISH'),
+
+ RESOURCE_APPLICATION_PUBLISH: new Permission('SYSTEM_RESOURCE_APPLICATION:READ+PUBLISH'),
+ RESOURCE_KNOWLEDGE_PUBLISH: new Permission('SYSTEM_RESOURCE_KNOWLEDGE_WORKFLOW:READ+PUBLISH'),
+ RESOURCE_TOOL_PUBLISH: new Permission('SYSTEM_RESOURCE_TOOL:READ+PUBLISH'),
+
+ SHARED_KNOWLEDGE_PUBLISH: new Permission('SYSTEM_KNOWLEDGE_WORKFLOW:READ+PUBLISH'),
+ SHARED_TOOL_PUBLISH: new Permission('SYSTEM_TOOL:READ+PUBLISH'),
+
APPLICATION_WORKSPACE_USER_RESOURCE_PERMISSION_READ: new Permission(
'APPLICATION_WORKSPACE_USER_RESOURCE_PERMISSION:READ',
),
diff --git a/ui/src/views/application-workflow/index.vue b/ui/src/views/application-workflow/index.vue
index d178f32f71a..7705e1a53cf 100644
--- a/ui/src/views/application-workflow/index.vue
+++ b/ui/src/views/application-workflow/index.vue
@@ -46,7 +46,7 @@
{{ $t('common.save') }}
-
+
{{ $t('common.publish') }}
@@ -145,7 +145,7 @@
v-click-outside="clickoutsideHistory"
@refreshVersion="refreshVersion"
/>
- detail)
provide('workflowMode', WorkflowMode.Application)
provide('loopWorkflowMode', WorkflowMode.ApplicationLoop)
diff --git a/ui/src/views/knowledge-workflow/index.vue b/ui/src/views/knowledge-workflow/index.vue
index 6a1073e5c04..4976e9398d2 100644
--- a/ui/src/views/knowledge-workflow/index.vue
+++ b/ui/src/views/knowledge-workflow/index.vue
@@ -46,7 +46,7 @@
{{ $t('common.save') }}
-
+
{{ $t('common.publish') }}
diff --git a/ui/src/views/tool-workflow/index.vue b/ui/src/views/tool-workflow/index.vue
index 0d1496a661f..8093b0debd8 100644
--- a/ui/src/views/tool-workflow/index.vue
+++ b/ui/src/views/tool-workflow/index.vue
@@ -46,7 +46,7 @@
{{ $t('common.save') }}
-
+
{{ $t('common.publish') }}