opensource/dify
2
0
Fork 0
mirror of https://github.com/langgenius/dify.git synced 2026-03-10 11:10:19 +08:00
Code Issues Packages Projects Releases Wiki Activity
8,867 Commits 399 Branches 166 Tags 760 MiB
feat/end_user
Commit Graph

916 Commits

Author SHA1 Message Date
QuantumGhost
51ec835240 fix(api): fix line too long 2025-09-17 23:58:30 +08:00
QuantumGhost
6371cc5028
Apply suggestion from @gemini-code-assist[bot] 
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
 2025-09-17 23:49:27 +08:00
Harry
73e8623f07 fix(api): simplify parameters in get_signed_file_url_for_plugin function 2025-09-17 23:42:32 +08:00
Harry
eed82f7ca7 fix(api): update user retrieval logic in get_user function 2025-09-17 23:23:58 +08:00
QuantumGhost
9243fe81de
fix mypy (#25859) 2025-09-17 23:08:14 +08:00
jyong
8cc6927fed fix mypy 2025-09-17 23:04:03 +08:00
QuantumGhost
5077f8b299 fix(api): fix format, replace .filter with .where 2025-09-17 22:55:13 +08:00
QuantumGhost
1631f9438d
fix style check (#25854) 2025-09-17 22:37:17 +08:00
jyong
6166c26ea6 fix style check 2025-09-17 22:36:18 +08:00
QuantumGhost
eefcd3ecc4 chore(api): apply autofix manully 2025-09-17 22:34:21 +08:00
jyong
efce1b04e0 fix style check 2025-09-17 22:34:11 +08:00
QuantumGhost
73d4bb596a
fix: fix import linting, remove incorrect tests (#25849) 2025-09-17 21:26:35 +08:00
QuantumGhost
6c6f1cf24c fix(api): fix import linting 2025-09-17 21:18:27 +08:00
jyong
055f7644fb Merge branch 'feat/rag-2' into feat/merge-migrations 
# Conflicts:
#	api/services/workflow_service.py
 2025-09-17 20:42:33 +08:00
QuantumGhost
3c9258a02b
fix(plugin): fix EndUser id does not match session_id (#25847) 2025-09-17 20:34:29 +08:00
Harry
8352128a27 fix(plugin): fix EndUser id does not match session_id 2025-09-17 20:18:10 +08:00
jyong
69a402ba99 fix style check 2025-09-17 17:34:05 +08:00
jyong
b04d945b3d Merge branch 'main' into feat/rag-2 2025-09-16 19:29:27 +08:00
-LAN-
b5a7e64e19
Fix incorrect API endpoint routing from PR #25628 (#25778) 2025-09-16 19:20:26 +08:00
jyong
8cbfaa2c03 dev/reformat 2025-09-16 19:13:22 +08:00
jyong
9ed6679966 dev/reformat 2025-09-16 17:34:22 +08:00
jyong
98db7d365c dev/reformat 2025-09-16 17:33:56 +08:00
jyong
7b9326a411 dev/reformat 2025-09-16 17:08:39 +08:00
jyong
1c6e57d3df dev/reformat 2025-09-16 16:41:50 +08:00
jyong
0ec037b803 dev/reformat 2025-09-16 16:08:04 +08:00
jyong
05aec66424 fix re-chunk document 2025-09-16 16:05:01 +08:00
jyong
610f0414db fix document retry 2025-09-16 15:29:19 +08:00
jyong
2f1c47406c Merge branch 'feat/rag-2' into feat/add-dataset-service-api-enable 
# Conflicts:
#	api/controllers/console/datasets/datasets.py
#	api/controllers/service_api/wraps.py
#	api/services/dataset_service.py
 2025-09-16 15:21:23 +08:00
QuantumGhost
dd34002db2 Merge remote-tracking branch 'upstream/main' into feat/rag-2 2025-09-16 14:59:35 +08:00
jyong
8346506978 fix document retry 2025-09-16 14:14:09 +08:00
-LAN-
bab4975809
chore: add ast-grep rule to convert Optional[T] to T | None (#25560) 
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
 2025-09-15 13:06:33 +08:00
Guangdong Liu
07d383ffaa
refactor: update API routes and documentation for app and datasets endpoints (#25628) 2025-09-15 10:59:11 +08:00
Ritoban Dutta
67a686cf98
[Chore/Refactor] use __all__ to specify export member. (#25681) 2025-09-15 09:45:35 +08:00
jyong
80c32a130f add dataset service api enable 2025-09-14 20:43:49 +08:00
Asuka Minato
4f868275a9
example for __all__ (#25666) 2025-09-14 18:40:06 +08:00
Yongtao Huang
831548132e
Merge branch 'feat/rag-2' into fix-permission 2025-09-13 23:42:32 +08:00
Yongtao Huang
ec87474d45 Fix worng permission logic 2025-09-13 23:40:59 +08:00
Krito.
a13d7987e0
chore: adopt StrEnum and auto() for some string-typed enums (#25129) 
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
Co-authored-by: crazywoola <100913391+crazywoola@users.noreply.github.com>
 2025-09-12 21:14:26 +08:00
QuantumGhost
32a1a61d65 security(api): enforce privilege validation for dataset-to-pipeline transformation 
The transformation from classic dataset to knowledge pipeline represents an irreversible
write operation that permanently alters the dataset structure. To prevent unauthorized
modifications, this change implements strict privilege validation in `RagPipelineTransformApi`.

Only users with editor privileges or dataset operator roles are authorized to execute
this transformation, ensuring proper access control for this critical operation.
 2025-09-12 17:07:26 +08:00
jyong
ad870de554 add dataset service api enable 2025-09-12 15:35:13 +08:00
Guangdong Liu
285291f545
refactor: update API routes and documentation for console endpoints (#25554) 2025-09-12 11:51:24 +08:00
Yeuoly
ec808f3fe8
refactor: centralize default end user session ID constant (#25416) 
This PR refactors the handling of the default end user session ID by centralizing it as an enum in the models module where the `EndUser` model is defined. This improves code organization and makes the relationship between the constant and the model clearer.

Co-authored-by: Claude <noreply@anthropic.com>
Co-authored-by: crazywoola <100913391+crazywoola@users.noreply.github.com>
 2025-09-12 10:27:16 +08:00
zyssyz123
c2fcd2895b
Feat/email register refactor (#25369) 
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
Co-authored-by: crazywoola <100913391+crazywoola@users.noreply.github.com>
Co-authored-by: Joel <iamjoel007@gmail.com>
 2025-09-12 10:24:54 +08:00
Ganondorf
bb1514be2d
Force update search method to keyword_search (#25464) 
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
 2025-09-12 10:12:25 +08:00
Yongtao Huang
4511f4f537
Remove redundant parse_args call in WorkflowByIdApi.patch (#25498) 2025-09-12 09:40:41 +08:00
Wu Tianwei
84e3571ec3
fix: delete get upload file endpoint (#25543) 
Co-authored-by: jyong <718720800@qq.com>
 2025-09-12 09:36:53 +08:00
QuantumGhost
874406d934
security(api): fix privilege escalation vulnerability in model config and chat message APIs (#25518) 
The `ChatMessageApi` (`POST /console/api/apps/{app_id}/chat-messages`) and 
`ModelConfigResource` (`POST /console/api/apps/{app_id}/model-config`) 
endpoints do not properly validate user permissions, allowing users without `editor` 
permission to access restricted functionality.

This PR addresses this issue by adding proper permission check.
 2025-09-11 14:53:35 +08:00
Asuka Minato
cbc0e639e4
update sql in batch (#24801) 
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
Co-authored-by: -LAN- <laipz8200@outlook.com>
 2025-09-10 13:00:17 +08:00
Guangdong Liu
b51c724a94
refactor: Migrate part of the console basic API module to Flask-RESTX (#24732) 
Signed-off-by: -LAN- <laipz8200@outlook.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: crazywoola <100913391+crazywoola@users.noreply.github.com>
Co-authored-by: -LAN- <laipz8200@outlook.com>
 2025-09-10 12:15:47 +08:00
Will
fecdb9554d
fix: inner_api get_user_tenant (#25462) 2025-09-10 11:31:16 +08:00