mirror of
https://github.com/langgenius/dify.git
synced 2026-01-14 06:07:33 +08:00
5bbf685035
Signed-off-by: -LAN- <laipz8200@outlook.com> Signed-off-by: kenwoodjw <blackxin55+@gmail.com> Signed-off-by: Yongtao Huang <yongtaoh2022@gmail.com> Signed-off-by: yihong0618 <zouzou0208@gmail.com> Signed-off-by: zhanluxianshen <zhanluxianshen@163.com> Co-authored-by: -LAN- <laipz8200@outlook.com> Co-authored-by: GuanMu <ballmanjq@gmail.com> Co-authored-by: Davide Delbianco <davide.delbianco@outlook.com> Co-authored-by: NeatGuyCoding <15627489+NeatGuyCoding@users.noreply.github.com> Co-authored-by: kenwoodjw <blackxin55+@gmail.com> Co-authored-by: Yongtao Huang <yongtaoh2022@gmail.com> Co-authored-by: Yongtao Huang <99629139+hyongtao-db@users.noreply.github.com> Co-authored-by: Qiang Lee <18018968632@163.com> Co-authored-by: 李强04 <liqiang04@gaotu.cn> Co-authored-by: autofix-ci[bot] <114827586+autofix-ci[bot]@users.noreply.github.com> Co-authored-by: Asuka Minato <i@asukaminato.eu.org> Co-authored-by: Matri Qi <matrixdom@126.com> Co-authored-by: huayaoyue6 <huayaoyue@163.com> Co-authored-by: Bowen Liang <liangbowen@gf.com.cn> Co-authored-by: znn <jubinkumarsoni@gmail.com> Co-authored-by: crazywoola <427733928@qq.com> Co-authored-by: crazywoola <100913391+crazywoola@users.noreply.github.com> Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> Co-authored-by: yihong <zouzou0208@gmail.com> Co-authored-by: Muke Wang <shaodwaaron@gmail.com> Co-authored-by: wangmuke <wangmuke@kingsware.cn> Co-authored-by: Wu Tianwei <30284043+WTW0313@users.noreply.github.com> Co-authored-by: quicksand <quicksandzn@gmail.com> Co-authored-by: 非法操作 <hjlarry@163.com> Co-authored-by: zxhlyh <jasonapring2015@outlook.com> Co-authored-by: Eric Guo <eric.guocz@gmail.com> Co-authored-by: Zhedong Cen <cenzhedong2@126.com> Co-authored-by: jiangbo721 <jiangbo721@163.com> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: hjlarry <25834719+hjlarry@users.noreply.github.com> Co-authored-by: lxsummer <35754229+lxjustdoit@users.noreply.github.com> Co-authored-by: 湛露先生 <zhanluxianshen@163.com> Co-authored-by: Guangdong Liu <liugddx@gmail.com> Co-authored-by: QuantumGhost <obelisk.reg+git@gmail.com> Co-authored-by: Claude <noreply@anthropic.com> Co-authored-by: Yessenia-d <yessenia.contact@gmail.com> Co-authored-by: huangzhuo1949 <167434202+huangzhuo1949@users.noreply.github.com> Co-authored-by: huangzhuo <huangzhuo1@xiaomi.com> Co-authored-by: 17hz <0x149527@gmail.com> Co-authored-by: Amy <1530140574@qq.com> Co-authored-by: Joel <iamjoel007@gmail.com> Co-authored-by: Nite Knite <nkCoding@gmail.com> Co-authored-by: Yeuoly <45712896+Yeuoly@users.noreply.github.com> Co-authored-by: Petrus Han <petrus.hanks@gmail.com> Co-authored-by: iamjoel <2120155+iamjoel@users.noreply.github.com> Co-authored-by: Kalo Chin <frog.beepers.0n@icloud.com> Co-authored-by: Ujjwal Maurya <ujjwalsbx@gmail.com> Co-authored-by: Maries <xh001x@hotmail.com>
183 lines
6.8 KiB
Python
183 lines
6.8 KiB
Python
import logging
|
|
from typing import Any
|
|
|
|
from flask import request
|
|
from flask_login import current_user
|
|
from flask_restx import Resource, inputs, marshal_with, reqparse
|
|
from sqlalchemy import and_
|
|
from werkzeug.exceptions import BadRequest, Forbidden, NotFound
|
|
|
|
from controllers.console import api
|
|
from controllers.console.explore.wraps import InstalledAppResource
|
|
from controllers.console.wraps import account_initialization_required, cloud_edition_billing_resource_check
|
|
from extensions.ext_database import db
|
|
from fields.installed_app_fields import installed_app_list_fields
|
|
from libs.datetime_utils import naive_utc_now
|
|
from libs.login import login_required
|
|
from models import App, InstalledApp, RecommendedApp
|
|
from services.account_service import TenantService
|
|
from services.app_service import AppService
|
|
from services.enterprise.enterprise_service import EnterpriseService
|
|
from services.feature_service import FeatureService
|
|
|
|
logger = logging.getLogger(__name__)
|
|
|
|
|
|
class InstalledAppsListApi(Resource):
|
|
@login_required
|
|
@account_initialization_required
|
|
@marshal_with(installed_app_list_fields)
|
|
def get(self):
|
|
app_id = request.args.get("app_id", default=None, type=str)
|
|
current_tenant_id = current_user.current_tenant_id
|
|
|
|
if app_id:
|
|
installed_apps = (
|
|
db.session.query(InstalledApp)
|
|
.where(and_(InstalledApp.tenant_id == current_tenant_id, InstalledApp.app_id == app_id))
|
|
.all()
|
|
)
|
|
else:
|
|
installed_apps = db.session.query(InstalledApp).where(InstalledApp.tenant_id == current_tenant_id).all()
|
|
|
|
current_user.role = TenantService.get_user_role(current_user, current_user.current_tenant)
|
|
installed_app_list: list[dict[str, Any]] = [
|
|
{
|
|
"id": installed_app.id,
|
|
"app": installed_app.app,
|
|
"app_owner_tenant_id": installed_app.app_owner_tenant_id,
|
|
"is_pinned": installed_app.is_pinned,
|
|
"last_used_at": installed_app.last_used_at,
|
|
"editable": current_user.role in {"owner", "admin"},
|
|
"uninstallable": current_tenant_id == installed_app.app_owner_tenant_id,
|
|
}
|
|
for installed_app in installed_apps
|
|
if installed_app.app is not None
|
|
]
|
|
|
|
# filter out apps that user doesn't have access to
|
|
if FeatureService.get_system_features().webapp_auth.enabled:
|
|
user_id = current_user.id
|
|
app_ids = [installed_app["app"].id for installed_app in installed_app_list]
|
|
webapp_settings = EnterpriseService.WebAppAuth.batch_get_app_access_mode_by_id(app_ids)
|
|
|
|
# Pre-filter out apps without setting or with sso_verified
|
|
filtered_installed_apps = []
|
|
app_id_to_app_code = {}
|
|
|
|
for installed_app in installed_app_list:
|
|
app_id = installed_app["app"].id
|
|
webapp_setting = webapp_settings.get(app_id)
|
|
if not webapp_setting or webapp_setting.access_mode == "sso_verified":
|
|
continue
|
|
app_code = AppService.get_app_code_by_id(str(app_id))
|
|
app_id_to_app_code[app_id] = app_code
|
|
filtered_installed_apps.append(installed_app)
|
|
|
|
app_codes = list(app_id_to_app_code.values())
|
|
|
|
# Batch permission check
|
|
permissions = EnterpriseService.WebAppAuth.batch_is_user_allowed_to_access_webapps(
|
|
user_id=user_id,
|
|
app_codes=app_codes,
|
|
)
|
|
|
|
# Keep only allowed apps
|
|
res = []
|
|
for installed_app in filtered_installed_apps:
|
|
app_id = installed_app["app"].id
|
|
app_code = app_id_to_app_code[app_id]
|
|
if permissions.get(app_code):
|
|
res.append(installed_app)
|
|
|
|
installed_app_list = res
|
|
logger.debug("installed_app_list: %s, user_id: %s", installed_app_list, user_id)
|
|
|
|
installed_app_list.sort(
|
|
key=lambda app: (
|
|
-app["is_pinned"],
|
|
app["last_used_at"] is None,
|
|
-app["last_used_at"].timestamp() if app["last_used_at"] is not None else 0,
|
|
)
|
|
)
|
|
|
|
return {"installed_apps": installed_app_list}
|
|
|
|
@login_required
|
|
@account_initialization_required
|
|
@cloud_edition_billing_resource_check("apps")
|
|
def post(self):
|
|
parser = reqparse.RequestParser()
|
|
parser.add_argument("app_id", type=str, required=True, help="Invalid app_id")
|
|
args = parser.parse_args()
|
|
|
|
recommended_app = db.session.query(RecommendedApp).where(RecommendedApp.app_id == args["app_id"]).first()
|
|
if recommended_app is None:
|
|
raise NotFound("App not found")
|
|
|
|
current_tenant_id = current_user.current_tenant_id
|
|
app = db.session.query(App).where(App.id == args["app_id"]).first()
|
|
|
|
if app is None:
|
|
raise NotFound("App not found")
|
|
|
|
if not app.is_public:
|
|
raise Forbidden("You can't install a non-public app")
|
|
|
|
installed_app = (
|
|
db.session.query(InstalledApp)
|
|
.where(and_(InstalledApp.app_id == args["app_id"], InstalledApp.tenant_id == current_tenant_id))
|
|
.first()
|
|
)
|
|
|
|
if installed_app is None:
|
|
# todo: position
|
|
recommended_app.install_count += 1
|
|
|
|
new_installed_app = InstalledApp(
|
|
app_id=args["app_id"],
|
|
tenant_id=current_tenant_id,
|
|
app_owner_tenant_id=app.tenant_id,
|
|
is_pinned=False,
|
|
last_used_at=naive_utc_now(),
|
|
)
|
|
db.session.add(new_installed_app)
|
|
db.session.commit()
|
|
|
|
return {"message": "App installed successfully"}
|
|
|
|
|
|
class InstalledAppApi(InstalledAppResource):
|
|
"""
|
|
update and delete an installed app
|
|
use InstalledAppResource to apply default decorators and get installed_app
|
|
"""
|
|
|
|
def delete(self, installed_app):
|
|
if installed_app.app_owner_tenant_id == current_user.current_tenant_id:
|
|
raise BadRequest("You can't uninstall an app owned by the current tenant")
|
|
|
|
db.session.delete(installed_app)
|
|
db.session.commit()
|
|
|
|
return {"result": "success", "message": "App uninstalled successfully"}, 204
|
|
|
|
def patch(self, installed_app):
|
|
parser = reqparse.RequestParser()
|
|
parser.add_argument("is_pinned", type=inputs.boolean)
|
|
args = parser.parse_args()
|
|
|
|
commit_args = False
|
|
if "is_pinned" in args:
|
|
installed_app.is_pinned = args["is_pinned"]
|
|
commit_args = True
|
|
|
|
if commit_args:
|
|
db.session.commit()
|
|
|
|
return {"result": "success", "message": "App info updated successfully"}
|
|
|
|
|
|
api.add_resource(InstalledAppsListApi, "/installed-apps")
|
|
api.add_resource(InstalledAppApi, "/installed-apps/<uuid:installed_app_id>")
|