opensource/dify - dify - Gitea: Git with a cup of tea

mirror of https://github.com/langgenius/dify.git synced 2026-06-26 23:01:11 +08:00

Author	SHA1	Message	Date
yungle246	a79bc7d074	feat(api): mask secret tokens in api-key list responses (reveal-once) Previously the console api-key list returned every key's full plaintext token, so anyone with console access could retrieve the secret of an already-created key (via the copy button or the raw API response). This is contrary to the reveal-once norm. - List endpoints (app keys, workspace dataset keys, per-dataset keys) now return a masked token (prefix + last 4); the full secret is only ever returned by the create endpoint, at creation time. - Frontend secret-key modal displays the masked token as-is and drops the copy affordance for existing keys (copying a masked value is pointless). Applies to both app and dataset keys since they share the modal and the ApiKeyItem response model.	2026-06-25 14:21:38 +09:00
yungle246	1edffca717	Merge remote-tracking branch 'upstream/main' into feat/dataset-api-key-scope # Conflicts: # web/app/components/datasets/extra-info/api-access/__tests__/card.spec.tsx # web/app/components/datasets/extra-info/api-access/card.tsx # web/app/components/develop/secret-key/secret-key-modal.tsx	2026-06-20 03:16:09 +09:00
Asuka Minato	fae607e2fe	chore: add Type to test (#37191 ) Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>	2026-06-19 16:44:20 +00:00
Asuka Minato	bd15b8e6ce	chore: add more type in test (#37609 ) Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>	2026-06-18 23:07:12 +00:00
Wu Tianwei	33edf97f81	feat: RBAC (#37107 ) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: fatelei <fatelei@gmail.com> Co-authored-by: Copilot <198982749+Copilot@users.noreply.github.com> Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com> Co-authored-by: 盐粒 Yanli <yanli@dify.ai> Co-authored-by: Charles Yao <chongbinyao33@gmail.com> Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com> Co-authored-by: yunlu.wen <yunlu.wen@dify.ai> Co-authored-by: yyh <92089059+lyzno1@users.noreply.github.com> Co-authored-by: Jingyi <jingyi.qi@dify.ai> Co-authored-by: yyh <yuanyouhuilyz@gmail.com> Co-authored-by: Joel <iamjoel007@gmail.com> Co-authored-by: hjlarry <hjlarry@163.com> Co-authored-by: Asuka Minato <i@asukaminato.eu.org> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Xiyuan Chen <52963600+GareArc@users.noreply.github.com> Co-authored-by: gigglewang <gigglewang@dify.ai> Co-authored-by: chariri <w@chariri.moe> Co-authored-by: Evan <2869018789@qq.com> Co-authored-by: zyssyz123 <916125788@qq.com>	2026-06-18 16:35:29 +00:00
YungLe	d2d4e54b11	Merge remote-tracking branch 'upstream/main' into feat/dataset-api-key-scope	2026-06-17 16:45:13 +09:00
yungle246	be6612f454	feat: allow knowledge base API keys to be scoped to a single dataset Reintroduce the nullable api_tokens.dataset_id column (dropped in 2e9819ca5b28) so dataset API keys can opt into per-knowledge-base scoping: - NULL dataset_id keeps today's workspace-wide behavior, so every existing key and the existing /datasets/api-keys create route are unchanged. - validate_dataset_token rejects a bound key for any other dataset, and for endpoints that carry no dataset id (e.g. list-all), with 403. - CachedApiToken carries dataset_id with a None default so cache entries written before deploy keep deserializing. - The per-dataset console routes in apikey.py (previously dead code that 500ed on a missing ApiToken.dataset_id) now create bound keys; their list returns bound keys plus workspace keys so the dataset page shows the full access picture. - Frontend: the knowledge base API access popover gains an API keys entry; the secret key modal accepts datasetId, shows a scope column, and offers a workspace / this-knowledge-base scope choice on create. New strings are localized for all 23 locales.	2026-06-11 11:41:47 +09:00
chariri	2a46a7d91d	refactor(api): migrate remaining console APIs to use injected user/tenant (#37288 )	2026-06-11 01:30:31 +00:00
Novice	4fb3210f9a	fix: validate conversation variable description length to prevent varchar(255) truncation error (#33038 ) Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com> Co-authored-by: 非法操作 <hjlarry@163.com> Co-authored-by: -LAN- <laipz8200@outlook.com>	2026-06-10 07:28:12 +00:00
chariri	d849d60822	refactor(api): migrate tenant/user via DI for several endpoints (#37240 )	2026-06-10 04:11:53 +00:00
Asuka Minato	d11e4eeaf7	chore: DI current_user && use inspect (#37084 ) Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>	2026-06-09 05:06:28 +00:00
chariri	6b12152ce8	refactor(api): migrate tenant/user via DI for several endpoints (#37114 ) Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>	2026-06-05 15:08:11 +00:00
chariri	b67c3a5f76	refactor(api): migrate tenant/user via DI for several endpoints (#37026 )	2026-06-04 05:52:59 +00:00
chariri	d3058d63bd	refactor(api): migrate console.datasets.data_source to BaseModel (#36624 )	2026-06-03 19:38:39 +00:00
chariri	4fc62d3b38	refactor(api): migrate console.datasets.rag_pipeline partially to BaseModel (#36649 )	2026-06-03 17:44:10 +00:00
呆萌闷油瓶	2a8bdc2373	fix: pydantic_core._pydantic_core.ValidationError: 2 validation errors for DatasetDetailResponse (#36753 )	2026-06-03 07:10:55 +00:00
Tianle	0a3005701f	refactor: inject current user into user-only controllers (#36754 ) Co-authored-by: Asuka Minato <i@asukaminato.eu.org>	2026-05-31 15:03:15 +00:00
chariri	599960024d	refactor(api): migrate console/service_api.dataset.document to BaseModel (#36506 ) Co-authored-by: WH-2099 <wh2099@pm.me> Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>	2026-05-30 14:38:27 +00:00
chariri	928f888ef5	refactor(api): migrate console/service_api.dataset.segment to BaseModel (#36522 ) Co-authored-by: WH-2099 <wh2099@pm.me> Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>	2026-05-30 13:54:01 +00:00
wangxiaolei	f5ab5e7eb3	fix: fix cannot extract elements from a scalar (#36769 )	2026-05-28 07:31:36 +00:00
chariri	b034449a0c	refactor(api): migrate console/service_api.dataset.hit_testing to BaseModel (#36533 )	2026-05-27 06:51:42 +00:00
chariri	59e99ee1ae	refactor(api): migrate console tags to tenant/user via DI and improve tests (#36658 ) Co-authored-by: Asuka Minato <i@asukaminato.eu.org> Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>	2026-05-26 08:20:10 +00:00
Asuka Minato	135e01930b	chore: example of current user id dep injection (#36588 ) Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>	2026-05-25 11:31:40 +00:00
非法操作	639e12a306	fix: request /api/datasets raise exception (#36591 ) Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>	2026-05-25 02:27:54 +00:00
chariri	790ca72627	refactor(api): migrate console/service_api.dataset to BaseModel (#36480 )	2026-05-22 17:39:07 +00:00
chariri	ea5e487d3c	fix(api): stop returning 204 with response body and add CI check (#36489 )	2026-05-21 16:20:34 +00:00
chariri	092c8bca81	refactor(api): migrate console.datasets.metadata to BaseModel (#36450 ) Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>	2026-05-21 15:04:42 +00:00
Asuka Minato	76bba64b79	chore: add type to test (#36324 ) Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>	2026-05-18 08:47:47 +00:00
chariri	2eb37caf2e	refactor(api): migrate console.app.workflow to BaseModel (#36216 ) Co-authored-by: WH-2099 <wh2099@pm.me> Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>	2026-05-18 07:31:37 +00:00
FFXN	2afa39cdcb	fix: knowledge hit-testing render failed. (#36106 ) Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>	2026-05-13 07:31:38 +00:00
Asuka Minato	140ad6ba4e	chore: add Type to test (#35942 ) Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>	2026-05-09 03:16:22 +00:00
Asuka Minato	ecd830083a	test: add type to test (#35871 ) Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>	2026-05-08 01:06:25 +00:00
FFXN	38eb04dc98	fix: hit-testing response failed because of Pydantic check. (#35640 ) Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>	2026-04-28 08:37:13 +00:00
dev-miro26	97bb338e7d	fix: prevent double /v1 in MCP server URL causing 404 authorization failure (#34596 ) Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>	2026-04-20 02:42:59 +00:00
NVIDIAN	af21dc7df8	refactor(api): migrate dataset document response schemas to BaseModel (#35298 ) Co-authored-by: ai-hpc <ai-hpc@users.noreply.github.com> Co-authored-by: Asuka Minato <i@asukaminato.eu.org> Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>	2026-04-17 05:02:04 +00:00
Yunlu Wen	3193e8a712	chore: reorg imports (#35308 ) Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>	2026-04-16 08:50:02 +00:00
NVIDIAN	e78558bc06	refactor(api): migrate dataset hit-testing response model to BaseModel (#35192 ) Co-authored-by: ai-hpc <ai-hpc@users.noreply.github.com>	2026-04-14 18:12:40 +00:00
NVIDIAN	e37aaa482d	refactor: migrate apikey from marshal_with/api.model to Pydantic BaseModel (#34932 ) Co-authored-by: ai-hpc <ai-hpc@users.noreply.github.com> Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>	2026-04-13 05:18:42 +00:00
-LAN-	b90fe73c96	fix(api): prevent cross-tenant external API use-check disclosure (#34744 )	2026-04-10 03:23:32 +00:00
YBoy	303f548408	test: migrate rag pipeline datasets controller tests to testcontainers (#34304 )	2026-03-31 04:59:13 +00:00
YBoy	cc68f0e640	test: migrate rag pipeline workflow controller tests to testcontainers (#34306 )	2026-03-31 04:58:14 +00:00
YBoy	9b7b432e08	test: migrate rag pipeline import controller tests to testcontainers (#34305 )	2026-03-31 04:57:53 +00:00
YBoy	88863609e9	test: migrate rag pipeline controller tests to testcontainers (#34303 )	2026-03-31 04:56:53 +00:00
YBoy	dede190be2	test: migrate data source controller tests to testcontainers (#34292 )	2026-03-30 14:57:28 +00:00
GuanMu	8a277da278	feat(api): add delete workflow functionality with error handling (#33657 )	2026-03-30 06:56:04 +00:00
99	40591a7c50	refactor(api): use standalone graphon package (#34209 ) Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>	2026-03-27 21:05:32 +00:00
-LAN-	496baa9335	chore(api): remove backend utcnow usage (#34131 )	2026-03-26 08:51:49 +00:00
99	52e7492cbc	refactor(api): rename dify_graph to graphon (#34095 )	2026-03-25 21:58:56 +08:00
-LAN-	56593f20b0	refactor(api): continue decoupling dify_graph from API concerns (#33580 ) Signed-off-by: -LAN- <laipz8200@outlook.com> Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com> Co-authored-by: WH-2099 <wh2099@pm.me>	2026-03-25 20:32:24 +08:00
Renzo	4c32acf857	refactor: select in console datasets segments and API key controllers (#34027 ) Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>	2026-03-25 12:46:22 +09:00

1 2

61 Commits