mirror of
https://github.com/langgenius/dify.git
synced 2025-12-02 05:46:43 +00:00
9a5f214623
Signed-off-by: NeatGuyCoding <15627489+NeatGuyCoding@users.noreply.github.com> Signed-off-by: lyzno1 <yuanyouhuilyz@gmail.com> Signed-off-by: kenwoodjw <blackxin55+@gmail.com> Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com> Co-authored-by: Yunlu Wen <wylswz@163.com> Co-authored-by: Joel <iamjoel007@gmail.com> Co-authored-by: GareArc <chen4851@purdue.edu> Co-authored-by: NFish <douxc512@gmail.com> Co-authored-by: Davide Delbianco <davide.delbianco@outlook.com> Co-authored-by: minglu7 <1347866672@qq.com> Co-authored-by: Ponder <ruan.lj@foxmail.com> Co-authored-by: crazywoola <100913391+crazywoola@users.noreply.github.com> Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Co-authored-by: heyszt <270985384@qq.com> Co-authored-by: Asuka Minato <i@asukaminato.eu.org> Co-authored-by: Guangdong Liu <liugddx@gmail.com> Co-authored-by: Eric Guo <eric.guocz@gmail.com> Co-authored-by: NeatGuyCoding <15627489+NeatGuyCoding@users.noreply.github.com> Co-authored-by: XlKsyt <caixuesen@outlook.com> Co-authored-by: Dhruv Gorasiya <80987415+DhruvGorasiya@users.noreply.github.com> Co-authored-by: crazywoola <427733928@qq.com> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: lyzno1 <92089059+lyzno1@users.noreply.github.com> Co-authored-by: hj24 <mambahj24@gmail.com> Co-authored-by: GuanMu <ballmanjq@gmail.com> Co-authored-by: 非法操作 <hjlarry@163.com> Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> Co-authored-by: Tonlo <123lzs123@gmail.com> Co-authored-by: Yusuke Yamada <yamachu.dev@gmail.com> Co-authored-by: Novice <novice12185727@gmail.com> Co-authored-by: kenwoodjw <blackxin55+@gmail.com> Co-authored-by: Ademílson Tonato <ademilsonft@outlook.com> Co-authored-by: znn <jubinkumarsoni@gmail.com> Co-authored-by: yangzheli <43645580+yangzheli@users.noreply.github.com>
83 lines
2.7 KiB
Python
83 lines
2.7 KiB
Python
from collections.abc import Callable
|
|
from functools import wraps
|
|
from typing import Concatenate, ParamSpec, TypeVar
|
|
|
|
from flask_restx import Resource
|
|
from werkzeug.exceptions import NotFound
|
|
|
|
from controllers.console.explore.error import AppAccessDeniedError
|
|
from controllers.console.wraps import account_initialization_required
|
|
from extensions.ext_database import db
|
|
from libs.login import current_account_with_tenant, login_required
|
|
from models import InstalledApp
|
|
from services.enterprise.enterprise_service import EnterpriseService
|
|
from services.feature_service import FeatureService
|
|
|
|
P = ParamSpec("P")
|
|
R = TypeVar("R")
|
|
T = TypeVar("T")
|
|
|
|
|
|
def installed_app_required(view: Callable[Concatenate[InstalledApp, P], R] | None = None):
|
|
def decorator(view: Callable[Concatenate[InstalledApp, P], R]):
|
|
@wraps(view)
|
|
def decorated(installed_app_id: str, *args: P.args, **kwargs: P.kwargs):
|
|
_, current_tenant_id = current_account_with_tenant()
|
|
installed_app = (
|
|
db.session.query(InstalledApp)
|
|
.where(InstalledApp.id == str(installed_app_id), InstalledApp.tenant_id == current_tenant_id)
|
|
.first()
|
|
)
|
|
|
|
if installed_app is None:
|
|
raise NotFound("Installed app not found")
|
|
|
|
if not installed_app.app:
|
|
db.session.delete(installed_app)
|
|
db.session.commit()
|
|
|
|
raise NotFound("Installed app not found")
|
|
|
|
return view(installed_app, *args, **kwargs)
|
|
|
|
return decorated
|
|
|
|
if view:
|
|
return decorator(view)
|
|
return decorator
|
|
|
|
|
|
def user_allowed_to_access_app(view: Callable[Concatenate[InstalledApp, P], R] | None = None):
|
|
def decorator(view: Callable[Concatenate[InstalledApp, P], R]):
|
|
@wraps(view)
|
|
def decorated(installed_app: InstalledApp, *args: P.args, **kwargs: P.kwargs):
|
|
current_user, _ = current_account_with_tenant()
|
|
feature = FeatureService.get_system_features()
|
|
if feature.webapp_auth.enabled:
|
|
app_id = installed_app.app_id
|
|
res = EnterpriseService.WebAppAuth.is_user_allowed_to_access_webapp(
|
|
user_id=str(current_user.id),
|
|
app_id=app_id,
|
|
)
|
|
if not res:
|
|
raise AppAccessDeniedError()
|
|
|
|
return view(installed_app, *args, **kwargs)
|
|
|
|
return decorated
|
|
|
|
if view:
|
|
return decorator(view)
|
|
return decorator
|
|
|
|
|
|
class InstalledAppResource(Resource):
|
|
# must be reversed if there are multiple decorators
|
|
|
|
method_decorators = [
|
|
user_allowed_to_access_app,
|
|
installed_app_required,
|
|
account_initialization_required,
|
|
login_required,
|
|
]
|