2025-05-20 12:07:50 +08:00
|
|
|
from flask import request
|
|
|
|
|
from flask_restful import Resource, marshal_with, reqparse
|
2024-02-06 13:21:13 +08:00
|
|
|
|
2024-11-04 15:55:34 +08:00
|
|
|
from controllers.common import fields
|
2023-05-15 08:51:32 +08:00
|
|
|
from controllers.web import api
|
2024-04-08 18:51:46 +08:00
|
|
|
from controllers.web.error import AppUnavailableError
|
2023-05-15 08:51:32 +08:00
|
|
|
from controllers.web.wraps import WebApiResource
|
2025-04-16 20:27:29 +08:00
|
|
|
from core.app.app_config.common.parameters_mapping import get_parameters_from_feature_dict
|
2025-05-20 12:07:50 +08:00
|
|
|
from libs.passport import PassportService
|
2024-05-15 16:14:49 +08:00
|
|
|
from models.model import App, AppMode
|
2024-04-08 18:51:46 +08:00
|
|
|
from services.app_service import AppService
|
2025-05-20 12:07:50 +08:00
|
|
|
from services.enterprise.enterprise_service import EnterpriseService
|
2025-06-09 17:19:53 +09:00
|
|
|
from services.feature_service import FeatureService
|
|
|
|
|
from services.webapp_auth_service import WebAppAuthService
|
2024-01-23 19:58:23 +08:00
|
|
|
|
2023-05-15 08:51:32 +08:00
|
|
|
|
|
|
|
|
class AppParameterApi(WebApiResource):
|
|
|
|
|
"""Resource for app variables."""
|
2024-08-26 15:29:10 +08:00
|
|
|
|
2024-11-04 15:55:34 +08:00
|
|
|
@marshal_with(fields.parameters_fields)
|
2023-07-27 13:08:57 +08:00
|
|
|
def get(self, app_model: App, end_user):
|
2023-05-15 08:51:32 +08:00
|
|
|
"""Retrieve app parameters."""
|
2024-09-13 22:42:08 +08:00
|
|
|
if app_model.mode in {AppMode.ADVANCED_CHAT.value, AppMode.WORKFLOW.value}:
|
2024-04-08 18:51:46 +08:00
|
|
|
workflow = app_model.workflow
|
|
|
|
|
if workflow is None:
|
|
|
|
|
raise AppUnavailableError()
|
|
|
|
|
|
|
|
|
|
features_dict = workflow.features_dict
|
|
|
|
|
user_input_form = workflow.user_input_form(to_old_structure=True)
|
|
|
|
|
else:
|
|
|
|
|
app_model_config = app_model.app_model_config
|
2024-11-04 15:55:34 +08:00
|
|
|
if app_model_config is None:
|
|
|
|
|
raise AppUnavailableError()
|
|
|
|
|
|
2024-04-08 18:51:46 +08:00
|
|
|
features_dict = app_model_config.to_dict()
|
|
|
|
|
|
2024-08-26 15:29:10 +08:00
|
|
|
user_input_form = features_dict.get("user_input_form", [])
|
2023-05-15 08:51:32 +08:00
|
|
|
|
2025-04-16 20:27:29 +08:00
|
|
|
return get_parameters_from_feature_dict(features_dict=features_dict, user_input_form=user_input_form)
|
2023-05-15 08:51:32 +08:00
|
|
|
|
2024-04-08 18:51:46 +08:00
|
|
|
|
2024-01-23 19:58:23 +08:00
|
|
|
class AppMeta(WebApiResource):
|
|
|
|
|
def get(self, app_model: App, end_user):
|
|
|
|
|
"""Get app meta"""
|
2024-04-08 18:51:46 +08:00
|
|
|
return AppService().get_app_meta(app_model)
|
2024-01-23 19:58:23 +08:00
|
|
|
|
2023-05-15 08:51:32 +08:00
|
|
|
|
2025-05-20 12:07:50 +08:00
|
|
|
class AppAccessMode(Resource):
|
|
|
|
|
def get(self):
|
|
|
|
|
parser = reqparse.RequestParser()
|
2025-06-09 17:19:53 +09:00
|
|
|
parser.add_argument("appId", type=str, required=False, location="args")
|
|
|
|
|
parser.add_argument("appCode", type=str, required=False, location="args")
|
2025-05-20 12:07:50 +08:00
|
|
|
args = parser.parse_args()
|
|
|
|
|
|
2025-06-09 17:19:53 +09:00
|
|
|
features = FeatureService.get_system_features()
|
|
|
|
|
if not features.webapp_auth.enabled:
|
|
|
|
|
return {"accessMode": "public"}
|
|
|
|
|
|
|
|
|
|
app_id = args.get("appId")
|
|
|
|
|
if args.get("appCode"):
|
|
|
|
|
app_code = args["appCode"]
|
|
|
|
|
app_id = AppService.get_app_id_by_code(app_code)
|
|
|
|
|
|
|
|
|
|
if not app_id:
|
|
|
|
|
raise ValueError("appId or appCode must be provided")
|
|
|
|
|
|
2025-05-20 12:07:50 +08:00
|
|
|
res = EnterpriseService.WebAppAuth.get_app_access_mode_by_id(app_id)
|
|
|
|
|
|
|
|
|
|
return {"accessMode": res.access_mode}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
class AppWebAuthPermission(Resource):
|
|
|
|
|
def get(self):
|
|
|
|
|
user_id = "visitor"
|
|
|
|
|
try:
|
|
|
|
|
auth_header = request.headers.get("Authorization")
|
|
|
|
|
if auth_header is None:
|
|
|
|
|
raise
|
|
|
|
|
if " " not in auth_header:
|
|
|
|
|
raise
|
|
|
|
|
|
|
|
|
|
auth_scheme, tk = auth_header.split(None, 1)
|
|
|
|
|
auth_scheme = auth_scheme.lower()
|
|
|
|
|
if auth_scheme != "bearer":
|
|
|
|
|
raise
|
|
|
|
|
|
|
|
|
|
decoded = PassportService().verify(tk)
|
|
|
|
|
user_id = decoded.get("user_id", "visitor")
|
|
|
|
|
except Exception as e:
|
|
|
|
|
pass
|
|
|
|
|
|
2025-06-09 17:19:53 +09:00
|
|
|
features = FeatureService.get_system_features()
|
|
|
|
|
if not features.webapp_auth.enabled:
|
|
|
|
|
return {"result": True}
|
|
|
|
|
|
2025-05-20 12:07:50 +08:00
|
|
|
parser = reqparse.RequestParser()
|
|
|
|
|
parser.add_argument("appId", type=str, required=True, location="args")
|
|
|
|
|
args = parser.parse_args()
|
|
|
|
|
|
|
|
|
|
app_id = args["appId"]
|
|
|
|
|
app_code = AppService.get_app_code_by_id(app_id)
|
|
|
|
|
|
2025-06-09 17:19:53 +09:00
|
|
|
res = True
|
|
|
|
|
if WebAppAuthService.is_app_require_permission_check(app_id=app_id):
|
|
|
|
|
res = EnterpriseService.WebAppAuth.is_user_allowed_to_access_webapp(str(user_id), app_code)
|
2025-05-20 12:07:50 +08:00
|
|
|
return {"result": res}
|
|
|
|
|
|
|
|
|
|
|
2024-08-26 15:29:10 +08:00
|
|
|
api.add_resource(AppParameterApi, "/parameters")
|
|
|
|
|
api.add_resource(AppMeta, "/meta")
|
2025-05-20 12:07:50 +08:00
|
|
|
# webapp auth apis
|
|
|
|
|
api.add_resource(AppAccessMode, "/webapp/access-mode")
|
|
|
|
|
api.add_resource(AppWebAuthPermission, "/webapp/permission")
|
