opensource
/
dify
mirror of https://github.com/langgenius/dify.git
2
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
8,867 Commits 287 Branches 160 Tags 490 MiB
Commit Graph

916 Commits

Author SHA1 Message Date
QuantumGhost 51ec835240 fix(api): fix line too long 2025-09-17 23:58:30 +08:00
QuantumGhost 6371cc5028
Apply suggestion from @gemini-code-assist[bot] 
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
 2025-09-17 23:49:27 +08:00
Harry 73e8623f07 fix(api): simplify parameters in get_signed_file_url_for_plugin function 2025-09-17 23:42:32 +08:00
Harry eed82f7ca7 fix(api): update user retrieval logic in get_user function 2025-09-17 23:23:58 +08:00
QuantumGhost 9243fe81de
fix mypy (#25859) 2025-09-17 23:08:14 +08:00
jyong 8cc6927fed fix mypy 2025-09-17 23:04:03 +08:00
QuantumGhost 5077f8b299 fix(api): fix format, replace .filter with .where 2025-09-17 22:55:13 +08:00
QuantumGhost 1631f9438d
fix style check (#25854) 2025-09-17 22:37:17 +08:00
jyong 6166c26ea6 fix style check 2025-09-17 22:36:18 +08:00
QuantumGhost eefcd3ecc4 chore(api): apply autofix manully 2025-09-17 22:34:21 +08:00
jyong efce1b04e0 fix style check 2025-09-17 22:34:11 +08:00
QuantumGhost 73d4bb596a
fix: fix import linting, remove incorrect tests (#25849) 2025-09-17 21:26:35 +08:00
QuantumGhost 6c6f1cf24c fix(api): fix import linting 2025-09-17 21:18:27 +08:00
jyong 055f7644fb Merge branch 'feat/rag-2' into feat/merge-migrations 
# Conflicts:
#	api/services/workflow_service.py
 2025-09-17 20:42:33 +08:00
QuantumGhost 3c9258a02b
fix(plugin): fix EndUser id does not match session_id (#25847) 2025-09-17 20:34:29 +08:00
Harry 8352128a27 fix(plugin): fix EndUser id does not match session_id 2025-09-17 20:18:10 +08:00
jyong 69a402ba99 fix style check 2025-09-17 17:34:05 +08:00
jyong b04d945b3d Merge branch 'main' into feat/rag-2 2025-09-16 19:29:27 +08:00
-LAN- b5a7e64e19
Fix incorrect API endpoint routing from PR #25628 (#25778) 2025-09-16 19:20:26 +08:00
jyong 8cbfaa2c03 dev/reformat 2025-09-16 19:13:22 +08:00
jyong 9ed6679966 dev/reformat 2025-09-16 17:34:22 +08:00
jyong 98db7d365c dev/reformat 2025-09-16 17:33:56 +08:00
jyong 7b9326a411 dev/reformat 2025-09-16 17:08:39 +08:00
jyong 1c6e57d3df dev/reformat 2025-09-16 16:41:50 +08:00
jyong 0ec037b803 dev/reformat 2025-09-16 16:08:04 +08:00
jyong 05aec66424 fix re-chunk document 2025-09-16 16:05:01 +08:00
jyong 610f0414db fix document retry 2025-09-16 15:29:19 +08:00
jyong 2f1c47406c Merge branch 'feat/rag-2' into feat/add-dataset-service-api-enable 
# Conflicts:
#	api/controllers/console/datasets/datasets.py
#	api/controllers/service_api/wraps.py
#	api/services/dataset_service.py
 2025-09-16 15:21:23 +08:00
QuantumGhost dd34002db2 Merge remote-tracking branch 'upstream/main' into feat/rag-2 2025-09-16 14:59:35 +08:00
jyong 8346506978 fix document retry 2025-09-16 14:14:09 +08:00
-LAN- bab4975809
chore: add ast-grep rule to convert Optional[T] to T | None (#25560) 
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
 2025-09-15 13:06:33 +08:00
Guangdong Liu 07d383ffaa
refactor: update API routes and documentation for app and datasets endpoints (#25628) 2025-09-15 10:59:11 +08:00
Ritoban Dutta 67a686cf98
[Chore/Refactor] use __all__ to specify export member. (#25681) 2025-09-15 09:45:35 +08:00
jyong 80c32a130f add dataset service api enable 2025-09-14 20:43:49 +08:00
Asuka Minato 4f868275a9
example for __all__ (#25666) 2025-09-14 18:40:06 +08:00
Yongtao Huang 831548132e
Merge branch 'feat/rag-2' into fix-permission 2025-09-13 23:42:32 +08:00
Yongtao Huang ec87474d45 Fix worng permission logic 2025-09-13 23:40:59 +08:00
Krito. a13d7987e0
chore: adopt StrEnum and auto() for some string-typed enums (#25129) 
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
Co-authored-by: crazywoola <100913391+crazywoola@users.noreply.github.com>
 2025-09-12 21:14:26 +08:00
QuantumGhost 32a1a61d65 security(api): enforce privilege validation for dataset-to-pipeline transformation 
The transformation from classic dataset to knowledge pipeline represents an irreversible
write operation that permanently alters the dataset structure. To prevent unauthorized
modifications, this change implements strict privilege validation in `RagPipelineTransformApi`.

Only users with editor privileges or dataset operator roles are authorized to execute
this transformation, ensuring proper access control for this critical operation.
 2025-09-12 17:07:26 +08:00
jyong ad870de554 add dataset service api enable 2025-09-12 15:35:13 +08:00
Guangdong Liu 285291f545
refactor: update API routes and documentation for console endpoints (#25554) 2025-09-12 11:51:24 +08:00
Yeuoly ec808f3fe8
refactor: centralize default end user session ID constant (#25416) 
This PR refactors the handling of the default end user session ID by centralizing it as an enum in the models module where the `EndUser` model is defined. This improves code organization and makes the relationship between the constant and the model clearer.

Co-authored-by: Claude <noreply@anthropic.com>
Co-authored-by: crazywoola <100913391+crazywoola@users.noreply.github.com>
 2025-09-12 10:27:16 +08:00
zyssyz123 c2fcd2895b
Feat/email register refactor (#25369) 
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
Co-authored-by: crazywoola <100913391+crazywoola@users.noreply.github.com>
Co-authored-by: Joel <iamjoel007@gmail.com>
 2025-09-12 10:24:54 +08:00
Ganondorf bb1514be2d
Force update search method to keyword_search (#25464) 
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
 2025-09-12 10:12:25 +08:00
Yongtao Huang 4511f4f537
Remove redundant parse_args call in WorkflowByIdApi.patch (#25498) 2025-09-12 09:40:41 +08:00
Wu Tianwei 84e3571ec3
fix: delete get upload file endpoint (#25543) 
Co-authored-by: jyong <718720800@qq.com>
 2025-09-12 09:36:53 +08:00
QuantumGhost 874406d934
security(api): fix privilege escalation vulnerability in model config and chat message APIs (#25518) 
The `ChatMessageApi` (`POST /console/api/apps/{app_id}/chat-messages`) and 
`ModelConfigResource` (`POST /console/api/apps/{app_id}/model-config`) 
endpoints do not properly validate user permissions, allowing users without `editor` 
permission to access restricted functionality.

This PR addresses this issue by adding proper permission check.
 2025-09-11 14:53:35 +08:00
Asuka Minato cbc0e639e4
update sql in batch (#24801) 
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
Co-authored-by: -LAN- <laipz8200@outlook.com>
 2025-09-10 13:00:17 +08:00
Guangdong Liu b51c724a94
refactor: Migrate part of the console basic API module to Flask-RESTX (#24732) 
Signed-off-by: -LAN- <laipz8200@outlook.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: crazywoola <100913391+crazywoola@users.noreply.github.com>
Co-authored-by: -LAN- <laipz8200@outlook.com>
 2025-09-10 12:15:47 +08:00
Will fecdb9554d
fix: inner_api get_user_tenant (#25462) 2025-09-10 11:31:16 +08:00