dify/api/controllers/console/app/site.py

from typing import Literal

from flask_restx import Resource, marshal_with
from pydantic import BaseModel, Field, field_validator
from werkzeug.exceptions import NotFound

from constants.languages import supported_language
from controllers.console import console_ns
from controllers.console.app.wraps import get_app_model
from controllers.console.wraps import (
    account_initialization_required,
    edit_permission_required,
    is_admin_or_owner_required,
    setup_required,
)
from extensions.ext_database import db
from fields.app_fields import app_site_fields
from libs.datetime_utils import naive_utc_now
from libs.login import current_account_with_tenant, login_required
from models import Site

DEFAULT_REF_TEMPLATE_SWAGGER_2_0 = "#/definitions/{model}"


class AppSiteUpdatePayload(BaseModel):
    title: str | None = Field(default=None)
    icon_type: str | None = Field(default=None)
    icon: str | None = Field(default=None)
    icon_background: str | None = Field(default=None)
    description: str | None = Field(default=None)
    default_language: str | None = Field(default=None)
    chat_color_theme: str | None = Field(default=None)
    chat_color_theme_inverted: bool | None = Field(default=None)
    customize_domain: str | None = Field(default=None)
    copyright: str | None = Field(default=None)
    privacy_policy: str | None = Field(default=None)
    custom_disclaimer: str | None = Field(default=None)
    customize_token_strategy: Literal["must", "allow", "not_allow"] | None = Field(default=None)
    prompt_public: bool | None = Field(default=None)
    show_workflow_steps: bool | None = Field(default=None)
    use_icon_as_answer_icon: bool | None = Field(default=None)

    @field_validator("default_language")
    @classmethod
    def validate_language(cls, value: str | None) -> str | None:
        if value is None:
            return value
        return supported_language(value)


console_ns.schema_model(
    AppSiteUpdatePayload.__name__,
    AppSiteUpdatePayload.model_json_schema(ref_template=DEFAULT_REF_TEMPLATE_SWAGGER_2_0),
)

# Register model for flask_restx to avoid dict type issues in Swagger
app_site_model = console_ns.model("AppSite", app_site_fields)


@console_ns.route("/apps/<uuid:app_id>/site")
class AppSite(Resource):
    @console_ns.doc("update_app_site")
    @console_ns.doc(description="Update application site configuration")
    @console_ns.doc(params={"app_id": "Application ID"})
    @console_ns.expect(console_ns.models[AppSiteUpdatePayload.__name__])
    @console_ns.response(200, "Site configuration updated successfully", app_site_model)
    @console_ns.response(403, "Insufficient permissions")
    @console_ns.response(404, "App not found")
    @setup_required
    @login_required
    @edit_permission_required
    @account_initialization_required
    @get_app_model
    @marshal_with(app_site_model)
    def post(self, app_model):
        args = AppSiteUpdatePayload.model_validate(console_ns.payload or {})
        current_user, _ = current_account_with_tenant()
        site = db.session.query(Site).where(Site.app_id == app_model.id).first()
        if not site:
            raise NotFound

        for attr_name in [
            "title",
            "icon_type",
            "icon",
            "icon_background",
            "description",
            "default_language",
            "chat_color_theme",
            "chat_color_theme_inverted",
            "customize_domain",
            "copyright",
            "privacy_policy",
            "custom_disclaimer",
            "customize_token_strategy",
            "prompt_public",
            "show_workflow_steps",
            "use_icon_as_answer_icon",
        ]:
            value = getattr(args, attr_name)
            if value is not None:
                setattr(site, attr_name, value)

        site.updated_by = current_user.id
        site.updated_at = naive_utc_now()
        db.session.commit()

        return site


@console_ns.route("/apps/<uuid:app_id>/site/access-token-reset")
class AppSiteAccessTokenReset(Resource):
    @console_ns.doc("reset_app_site_access_token")
    @console_ns.doc(description="Reset access token for application site")
    @console_ns.doc(params={"app_id": "Application ID"})
    @console_ns.response(200, "Access token reset successfully", app_site_model)
    @console_ns.response(403, "Insufficient permissions (admin/owner required)")
    @console_ns.response(404, "App or site not found")
    @setup_required
    @login_required
    @is_admin_or_owner_required
    @account_initialization_required
    @get_app_model
    @marshal_with(app_site_model)
    def post(self, app_model):
        current_user, _ = current_account_with_tenant()
        site = db.session.query(Site).where(Site.app_id == app_model.id).first()

        if not site:
            raise NotFound

        site.code = Site.generate_code(16)
        site.updated_by = current_user.id
        site.updated_at = naive_utc_now()
        db.session.commit()

        return site
refactor: port reqparse to Pydantic model (#28949) Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com> Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> 2025-12-05 13:05:53 +09:00			`from typing import Literal`

			`from flask_restx import Resource, marshal_with`
			`from pydantic import BaseModel, Field, field_validator`
use deco (#28153) Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> 2025-11-21 15:25:53 +09:00			`from werkzeug.exceptions import NotFound`
enhancement: introduce Ruff for Python linter for reordering and removing unused imports with automated pre-commit and sytle check (#2366) 2024-02-06 13:21:13 +08:00
bump version to 0.5.3 (#2306) 2024-02-01 18:11:57 +08:00			`from constants.languages import supported_language`
api -> console_ns (#28246) Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com> 2025-11-24 11:04:11 +09:00			`from controllers.console import console_ns`
FEAT: NEW WORKFLOW ENGINE (#3160) Co-authored-by: Joel <iamjoel007@gmail.com> Co-authored-by: Yeuoly <admin@srmxy.cn> Co-authored-by: JzoNg <jzongcode@gmail.com> Co-authored-by: StyleZhang <jasonapring2015@outlook.com> Co-authored-by: jyong <jyong@dify.ai> Co-authored-by: nite-knite <nkCoding@gmail.com> Co-authored-by: jyong <718720800@qq.com> 2024-04-08 18:51:46 +08:00			`from controllers.console.app.wraps import get_app_model`
use deco (#28153) Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> 2025-11-21 15:25:53 +09:00			`from controllers.console.wraps import (`
			`account_initialization_required,`
			`edit_permission_required,`
			`is_admin_or_owner_required,`
			`setup_required,`
			`)`
improve: introduce isort for linting Python imports (#1983) 2024-01-12 12:34:01 +08:00			`from extensions.ext_database import db`
Feat/dataset service api (#1245) Co-authored-by: jyong <jyong@dify.ai> Co-authored-by: StyleZhang <jasonapring2015@outlook.com> 2023-09-27 16:06:32 +08:00			`from fields.app_fields import app_site_fields`
Fix/replace datetime patterns with naive utc now (#22654) 2025-07-20 08:35:53 +05:30			`from libs.datetime_utils import naive_utc_now`
Use hook to get userid (#26839) Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> 2025-10-14 10:20:37 +09:00			`from libs.login import current_account_with_tenant, login_required`
use deco to avoid current_user (#26077) Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com> Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> 2025-10-16 15:45:51 +09:00			`from models import Site`
Initial commit 2023-05-15 08:51:32 +08:00
refactor: port reqparse to Pydantic model (#28949) Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com> Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> 2025-12-05 13:05:53 +09:00			`DEFAULT_REF_TEMPLATE_SWAGGER_2_0 = "#/definitions/{model}"`
fix: Failed to load API definition (#28509) Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com> Co-authored-by: Asuka Minato <i@asukaminato.eu.org> 2025-11-24 20:44:09 +08:00
Initial commit 2023-05-15 08:51:32 +08:00
refactor: port reqparse to Pydantic model (#28949) Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com> Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> 2025-12-05 13:05:53 +09:00			`class AppSiteUpdatePayload(BaseModel):`
			`title: str \| None = Field(default=None)`
			`icon_type: str \| None = Field(default=None)`
			`icon: str \| None = Field(default=None)`
			`icon_background: str \| None = Field(default=None)`
			`description: str \| None = Field(default=None)`
			`default_language: str \| None = Field(default=None)`
			`chat_color_theme: str \| None = Field(default=None)`
			`chat_color_theme_inverted: bool \| None = Field(default=None)`
			`customize_domain: str \| None = Field(default=None)`
			`copyright: str \| None = Field(default=None)`
			`privacy_policy: str \| None = Field(default=None)`
			`custom_disclaimer: str \| None = Field(default=None)`
			`customize_token_strategy: Literal["must", "allow", "not_allow"] \| None = Field(default=None)`
			`prompt_public: bool \| None = Field(default=None)`
			`show_workflow_steps: bool \| None = Field(default=None)`
			`use_icon_as_answer_icon: bool \| None = Field(default=None)`

			`@field_validator("default_language")`
			`@classmethod`
			`def validate_language(cls, value: str \| None) -> str \| None:`
			`if value is None:`
			`return value`
			`return supported_language(value)`


			`console_ns.schema_model(`
			`AppSiteUpdatePayload.__name__,`
			`AppSiteUpdatePayload.model_json_schema(ref_template=DEFAULT_REF_TEMPLATE_SWAGGER_2_0),`
			`)`

			`# Register model for flask_restx to avoid dict type issues in Swagger`
			`app_site_model = console_ns.model("AppSite", app_site_fields)`
Initial commit 2023-05-15 08:51:32 +08:00

refactor: update API routes and documentation for console endpoints (#25554) 2025-09-12 11:51:24 +08:00			`@console_ns.route("/apps/<uuid:app_id>/site")`
Initial commit 2023-05-15 08:51:32 +08:00			`class AppSite(Resource):`
api -> console_ns (#28246) Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com> 2025-11-24 11:04:11 +09:00			`@console_ns.doc("update_app_site")`
			`@console_ns.doc(description="Update application site configuration")`
			`@console_ns.doc(params={"app_id": "Application ID"})`
refactor: port reqparse to Pydantic model (#28949) Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com> Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> 2025-12-05 13:05:53 +09:00			`@console_ns.expect(console_ns.models[AppSiteUpdatePayload.__name__])`
fix: Failed to load API definition (#28509) Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com> Co-authored-by: Asuka Minato <i@asukaminato.eu.org> 2025-11-24 20:44:09 +08:00			`@console_ns.response(200, "Site configuration updated successfully", app_site_model)`
api -> console_ns (#28246) Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com> 2025-11-24 11:04:11 +09:00			`@console_ns.response(403, "Insufficient permissions")`
			`@console_ns.response(404, "App not found")`
Initial commit 2023-05-15 08:51:32 +08:00			`@setup_required`
			`@login_required`
use deco (#28153) Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> 2025-11-21 15:25:53 +09:00			`@edit_permission_required`
Initial commit 2023-05-15 08:51:32 +08:00			`@account_initialization_required`
FEAT: NEW WORKFLOW ENGINE (#3160) Co-authored-by: Joel <iamjoel007@gmail.com> Co-authored-by: Yeuoly <admin@srmxy.cn> Co-authored-by: JzoNg <jzongcode@gmail.com> Co-authored-by: StyleZhang <jasonapring2015@outlook.com> Co-authored-by: jyong <jyong@dify.ai> Co-authored-by: nite-knite <nkCoding@gmail.com> Co-authored-by: jyong <718720800@qq.com> 2024-04-08 18:51:46 +08:00			`@get_app_model`
fix: Failed to load API definition (#28509) Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com> Co-authored-by: Asuka Minato <i@asukaminato.eu.org> 2025-11-24 20:44:09 +08:00			`@marshal_with(app_site_model)`
FEAT: NEW WORKFLOW ENGINE (#3160) Co-authored-by: Joel <iamjoel007@gmail.com> Co-authored-by: Yeuoly <admin@srmxy.cn> Co-authored-by: JzoNg <jzongcode@gmail.com> Co-authored-by: StyleZhang <jasonapring2015@outlook.com> Co-authored-by: jyong <jyong@dify.ai> Co-authored-by: nite-knite <nkCoding@gmail.com> Co-authored-by: jyong <718720800@qq.com> 2024-04-08 18:51:46 +08:00			`def post(self, app_model):`
refactor: port reqparse to Pydantic model (#28949) Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com> Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> 2025-12-05 13:05:53 +09:00			`args = AppSiteUpdatePayload.model_validate(console_ns.payload or {})`
Use hook to get userid (#26839) Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> 2025-10-14 10:20:37 +09:00			`current_user, _ = current_account_with_tenant()`
orm filter -> where (#22801) Signed-off-by: -LAN- <laipz8200@outlook.com> Co-authored-by: -LAN- <laipz8200@outlook.com> Co-authored-by: Claude <noreply@anthropic.com> 2025-07-24 01:57:45 +09:00			`site = db.session.query(Site).where(Site.app_id == app_model.id).first()`
fix: save site setting not work (#14700) 2025-03-03 10:32:20 +08:00			`if not site:`
			`raise NotFound`

			`for attr_name in [`
			`"title",`
			`"icon_type",`
			`"icon",`
			`"icon_background",`
			`"description",`
			`"default_language",`
			`"chat_color_theme",`
			`"chat_color_theme_inverted",`
			`"customize_domain",`
			`"copyright",`
			`"privacy_policy",`
			`"custom_disclaimer",`
			`"customize_token_strategy",`
			`"prompt_public",`
			`"show_workflow_steps",`
			`"use_icon_as_answer_icon",`
			`]:`
refactor: port reqparse to Pydantic model (#28949) Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com> Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> 2025-12-05 13:05:53 +09:00			`value = getattr(args, attr_name)`
fix: save site setting not work (#14700) 2025-03-03 10:32:20 +08:00			`if value is not None:`
			`setattr(site, attr_name, value)`

			`site.updated_by = current_user.id`
Fix/replace datetime patterns with naive utc now (#22654) 2025-07-20 08:35:53 +05:30			`site.updated_at = naive_utc_now()`
fix: save site setting not work (#14700) 2025-03-03 10:32:20 +08:00			`db.session.commit()`
Initial commit 2023-05-15 08:51:32 +08:00
			`return site`


refactor: update API routes and documentation for console endpoints (#25554) 2025-09-12 11:51:24 +08:00			`@console_ns.route("/apps/<uuid:app_id>/site/access-token-reset")`
Initial commit 2023-05-15 08:51:32 +08:00			`class AppSiteAccessTokenReset(Resource):`
api -> console_ns (#28246) Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com> 2025-11-24 11:04:11 +09:00			`@console_ns.doc("reset_app_site_access_token")`
			`@console_ns.doc(description="Reset access token for application site")`
			`@console_ns.doc(params={"app_id": "Application ID"})`
fix: Failed to load API definition (#28509) Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com> Co-authored-by: Asuka Minato <i@asukaminato.eu.org> 2025-11-24 20:44:09 +08:00			`@console_ns.response(200, "Access token reset successfully", app_site_model)`
api -> console_ns (#28246) Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com> 2025-11-24 11:04:11 +09:00			`@console_ns.response(403, "Insufficient permissions (admin/owner required)")`
			`@console_ns.response(404, "App or site not found")`
Initial commit 2023-05-15 08:51:32 +08:00			`@setup_required`
			`@login_required`
use deco (#28153) Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> 2025-11-21 15:25:53 +09:00			`@is_admin_or_owner_required`
Initial commit 2023-05-15 08:51:32 +08:00			`@account_initialization_required`
FEAT: NEW WORKFLOW ENGINE (#3160) Co-authored-by: Joel <iamjoel007@gmail.com> Co-authored-by: Yeuoly <admin@srmxy.cn> Co-authored-by: JzoNg <jzongcode@gmail.com> Co-authored-by: StyleZhang <jasonapring2015@outlook.com> Co-authored-by: jyong <jyong@dify.ai> Co-authored-by: nite-knite <nkCoding@gmail.com> Co-authored-by: jyong <718720800@qq.com> 2024-04-08 18:51:46 +08:00			`@get_app_model`
fix: Failed to load API definition (#28509) Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com> Co-authored-by: Asuka Minato <i@asukaminato.eu.org> 2025-11-24 20:44:09 +08:00			`@marshal_with(app_site_model)`
FEAT: NEW WORKFLOW ENGINE (#3160) Co-authored-by: Joel <iamjoel007@gmail.com> Co-authored-by: Yeuoly <admin@srmxy.cn> Co-authored-by: JzoNg <jzongcode@gmail.com> Co-authored-by: StyleZhang <jasonapring2015@outlook.com> Co-authored-by: jyong <jyong@dify.ai> Co-authored-by: nite-knite <nkCoding@gmail.com> Co-authored-by: jyong <718720800@qq.com> 2024-04-08 18:51:46 +08:00			`def post(self, app_model):`
Use hook to get userid (#26839) Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> 2025-10-14 10:20:37 +09:00			`current_user, _ = current_account_with_tenant()`
orm filter -> where (#22801) Signed-off-by: -LAN- <laipz8200@outlook.com> Co-authored-by: -LAN- <laipz8200@outlook.com> Co-authored-by: Claude <noreply@anthropic.com> 2025-07-24 01:57:45 +09:00			`site = db.session.query(Site).where(Site.app_id == app_model.id).first()`
Initial commit 2023-05-15 08:51:32 +08:00
			`if not site:`
			`raise NotFound`

			`site.code = Site.generate_code(16)`
feat: store created_by and updated_by for apps, modelconfigs, and sites (#7613) 2024-08-28 09:47:30 +09:00			`site.updated_by = current_user.id`
Fix/replace datetime patterns with naive utc now (#22654) 2025-07-20 08:35:53 +05:30			`site.updated_at = naive_utc_now()`
Initial commit 2023-05-15 08:51:32 +08:00			`db.session.commit()`

			`return site`