opensource/dify
2
0
Fork 0
mirror of https://github.com/langgenius/dify.git synced 2026-06-23 12:31:13 +08:00
Code Issues Packages Projects Releases Wiki Activity
c3f56fcc9a
dify/web/contract/console/access-control.ts
Wu Tianwei 33edf97f81
feat: RBAC (#37107) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: fatelei <fatelei@gmail.com>
Co-authored-by: Copilot <198982749+Copilot@users.noreply.github.com>
Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com>
Co-authored-by: 盐粒 Yanli <yanli@dify.ai>
Co-authored-by: Charles Yao <chongbinyao33@gmail.com>
Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
Co-authored-by: yunlu.wen <yunlu.wen@dify.ai>
Co-authored-by: yyh <92089059+lyzno1@users.noreply.github.com>
Co-authored-by: Jingyi <jingyi.qi@dify.ai>
Co-authored-by: yyh <yuanyouhuilyz@gmail.com>
Co-authored-by: Joel <iamjoel007@gmail.com>
Co-authored-by: hjlarry <hjlarry@163.com>
Co-authored-by: Asuka Minato <i@asukaminato.eu.org>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Xiyuan Chen <52963600+GareArc@users.noreply.github.com>
Co-authored-by: gigglewang <gigglewang@dify.ai>
Co-authored-by: chariri <w@chariri.moe>
Co-authored-by: Evan <2869018789@qq.com>
Co-authored-by: zyssyz123 <916125788@qq.com>
2026-06-18 16:35:29 +00:00

183 lines
4.3 KiB
TypeScript
Raw Blame History

import type { AccessControlTemplateLanguage } from '@/i18n-config/language'
import type {
GetAccessPolicyDetailResponse,
GetAppAccessPolicyByAppIdResponse,
GetAppUserAccessSettingsResponse,
GetDatasetAccessPolicyByDatasetIdResponse,
GetDatasetUserAccessSettingsResponse,
ResourceOpenScope,
} from '@/models/access-control'
import { type } from '@orpc/contract'
import { base } from '../base'
const appAccessRulesContract = base
.route({
path: '/workspaces/current/rbac/apps/{appId}/access-policy',
method: 'GET',
})
.input(type<{
params: {
appId: string
}
query: {
language: AccessControlTemplateLanguage
}
}>())
.output(type<GetAppAccessPolicyByAppIdResponse>())
const appUserAccessSettingsContract = base
.route({
path: '/workspaces/current/rbac/apps/{appId}/user-access-policies',
method: 'GET',
})
.input(type<{
params: {
appId: string
}
query: {
language: AccessControlTemplateLanguage
}
}>())
.output(type<GetAppUserAccessSettingsResponse>())
const updateAppUserAccessSettingsContract = base
.route({
path: '/workspaces/current/rbac/apps/{appId}/users/{accountId}/access-policies',
method: 'PUT',
})
.input(type<{
params: {
appId: string
accountId: string
}
body: {
access_policy_ids: string[]
}
}>())
.output(type<GetAccessPolicyDetailResponse>())
const removeAppAccessPolicyMemberBindingsContract = base
.route({
path: '/workspaces/current/rbac/apps/{appId}/access-policies/{policyId}/member-bindings',
method: 'DELETE',
})
.input(type<{
params: {
appId: string
policyId: string
}
body: {
account_ids: string[]
}
}>())
.output(type<unknown>())
const updateAppOpenScopeContract = base
.route({
path: '/workspaces/current/rbac/apps/{appId}/whitelist',
method: 'PUT',
})
.input(type<{
params: {
appId: string
}
body: {
scope: ResourceOpenScope
}
}>())
.output(type<unknown>())
const datasetAccessRulesContract = base
.route({
path: '/workspaces/current/rbac/datasets/{datasetId}/access-policy',
method: 'GET',
})
.input(type<{
params: {
datasetId: string
}
query: {
language: AccessControlTemplateLanguage
}
}>())
.output(type<GetDatasetAccessPolicyByDatasetIdResponse>())
const datasetUserAccessSettingsContract = base
.route({
path: '/workspaces/current/rbac/datasets/{datasetId}/user-access-policies',
method: 'GET',
})
.input(type<{
params: {
datasetId: string
}
query: {
language: AccessControlTemplateLanguage
}
}>())
.output(type<GetDatasetUserAccessSettingsResponse>())
const updateDatasetUserAccessSettingsContract = base
.route({
path: '/workspaces/current/rbac/datasets/{datasetId}/users/{accountId}/access-policies',
method: 'PUT',
})
.input(type<{
params: {
datasetId: string
accountId: string
}
body: {
access_policy_ids: string[]
}
}>())
.output(type<GetAccessPolicyDetailResponse>())
const removeDatasetAccessPolicyMemberBindingsContract = base
.route({
path: '/workspaces/current/rbac/datasets/{datasetId}/access-policies/{policyId}/member-bindings',
method: 'DELETE',
})
.input(type<{
params: {
datasetId: string
policyId: string
}
body: {
account_ids: string[]
}
}>())
.output(type<unknown>())
const updateDatasetOpenScopeContract = base
.route({
path: '/workspaces/current/rbac/datasets/{datasetId}/whitelist',
method: 'PUT',
})
.input(type<{
params: {
datasetId: string
}
body: {
scope: ResourceOpenScope
}
}>())
.output(type<unknown>())
export const rbacAccessConfigContract = {
apps: {
accessRules: appAccessRulesContract,
userAccessSettings: appUserAccessSettingsContract,
updateUserAccessSettings: updateAppUserAccessSettingsContract,
removeMemberBindings: removeAppAccessPolicyMemberBindingsContract,
updateOpenScope: updateAppOpenScopeContract,
},
datasets: {
accessRules: datasetAccessRulesContract,
userAccessSettings: datasetUserAccessSettingsContract,
updateUserAccessSettings: updateDatasetUserAccessSettingsContract,
removeMemberBindings: removeDatasetAccessPolicyMemberBindingsContract,
updateOpenScope: updateDatasetOpenScopeContract,
},
}
Reference in New Issue View Git Blame Copy Permalink