From 79497489518a08a81a52bb21b4b3106e03efbb63 Mon Sep 17 00:00:00 2001 From: Liujian <824010343@qq.com> Date: Mon, 28 Oct 2024 18:27:37 +0800 Subject: [PATCH 1/4] update permission --- module/ai/iml.go | 35 ++- resources/access/access.yaml | 387 ++++++++++++------------------- resources/access/role.yaml | 212 +++++++++-------- resources/locale/i18n/zh-CN.json | 38 +-- 4 files changed, 292 insertions(+), 380 deletions(-) diff --git a/module/ai/iml.go b/module/ai/iml.go index a6a0c8a2..58710ff2 100644 --- a/module/ai/iml.go +++ b/module/ai/iml.go @@ -85,10 +85,7 @@ func (i *imlProviderModule) Providers(ctx context.Context) ([]*ai_dto.ProviderIt }) items := make([]*ai_dto.ProviderItem, 0, len(providers)) for _, v := range providers { - defaultLLM, has := v.DefaultModel(model_runtime.ModelTypeLLM) - if !has { - continue - } + item := &ai_dto.ProviderItem{ Id: v.ID(), Name: v.Name(), @@ -97,6 +94,10 @@ func (i *imlProviderModule) Providers(ctx context.Context) ([]*ai_dto.ProviderIt Sort: v.Sort(), } if info, has := providerMap[v.ID()]; has { + defaultLLM, has := v.GetModel(info.DefaultLLM) + if !has { + continue + } item.Configured = true item.DefaultLLM = defaultLLM.ID() item.DefaultLLMLogo = defaultLLM.Logo() @@ -279,10 +280,13 @@ func (i *imlProviderModule) UpdateProviderConfig(ctx context.Context, id string, if !errors.Is(err, gorm.ErrRecordNotFound) { return err } - //defaultLLm, ok := p.DefaultModel(model_runtime.ModelTypeLLM) - //if !ok { - // return fmt.Errorf("ai provider default llm not found") - //} + if input.DefaultLLM == "" { + defaultLLM, has := p.DefaultModel(model_runtime.ModelTypeLLM) + if !has { + return fmt.Errorf("ai provider default llm not found") + } + input.DefaultLLM = defaultLLM.ID() + } info = &ai.Provider{ Id: id, Name: p.Name(), @@ -344,20 +348,13 @@ func (i *imlProviderModule) UpdateProviderDefaultLLM(ctx context.Context, id str }) } -func (i *imlProviderModule) getAiProviders(ctx context.Context, clusterId string) ([]*gateway.DynamicRelease, error) { - list, err := i.providerService.List(ctx, clusterId) - if err != nil { - return nil, err - } +func (i *imlProviderModule) getAiProviders(ctx context.Context) ([]*gateway.DynamicRelease, error) { + list, err := i.providerService.List(ctx) if err != nil { return nil, err } providers := make([]*gateway.DynamicRelease, 0, len(list)) for _, p := range list { - if !p.Status { - // 关闭 - continue - } cfg := make(map[string]interface{}) err = json.Unmarshal([]byte(p.Config), &cfg) if err != nil { @@ -380,7 +377,7 @@ func (i *imlProviderModule) getAiProviders(ctx context.Context, clusterId string return providers, nil } func (i *imlProviderModule) initGateway(ctx context.Context, clusterId string, clientDriver gateway.IClientDriver) error { - providers, err := i.getAiProviders(ctx, clusterId) + providers, err := i.getAiProviders(ctx) if err != nil { return err } @@ -397,7 +394,7 @@ func (i *imlProviderModule) initGateway(ctx context.Context, clusterId string, c if err != nil { return err } - err = client.Online(ctx, providers...) + err = client.Online(ctx, p) if err != nil { return err } diff --git a/resources/access/access.yaml b/resources/access/access.yaml index 76d3d327..4008e5e1 100644 --- a/resources/access/access.yaml +++ b/resources/access/access.yaml @@ -1,21 +1,75 @@ system: - - name: organization -# cname: '组织管理' - value: 'organization' + - name: workspace + value: 'workspace' children: - - name: member -# cname: '成员' - value: 'member' + - name: consumer + value: 'application' + children: + - name: view all consumer + value: 'view_all' + guest_allow: true + - name: manager all consumer + value: "manager_all" + dependents: + - system.workspace.consumer.view_all + - name: service + value: 'service' + children: + - name: view all service + value: 'view_all' + guest_allow: true + - name: manager all consumer + value: "manager_all" + dependents: + - system.workspace.service.view_all + - name: team + value: 'team' + children: + - name: view all team + value: 'view_all' + guest_allow: true + - name: create + value: 'create' + - name: manager + value: 'manager' + dependents: + - system.workspace.team.view_all + - name: api portal + value: 'api_portal' + children: + - name: api portal + value: 'api_portal' + children: + - name: view + value: 'view' + guest_allow: true + - name: analysis + value: 'analysis' + children: + - name: run view + value: 'run_view' + children: + - name: view + value: 'view' + guest_allow: true + - name: system settings + value: 'settings' + children: + - name: general + value: 'general' + children: + - name: view + value: 'view' + guest_allow: true + - name: manager + value: 'manager' + - name: account + value: 'account' children: - name: view -# cname: '查看' value: 'view' guest_allow: true - apis: - - "GET:/api/v1/user/accounts" - - "GET:/api/v1/user/departments" - name: manager -# cname: '管理' value: 'manager' apis: - "POST:/api/v1/user/account" @@ -31,93 +85,20 @@ system: - "POST:/api/v1/user/department/member/remove" - "POST:/api/v1/account/role" dependents: - - system.organization.member.view - - name: team - cname: '团队' - value: 'team' - children: - - name: view -# cname: '查看' - value: 'view' - guest_allow: true - apis: - - "GET:/api/v1/manager/teams" - - "GET:/api/v1/manager/team" - - name: manager -# cname: '管理' - value: 'manager' - apis: - - "POST:/api/v1/manager/team" - - "PUT:/api/v1/manager/team" - - "DELETE:/api/v1/manager/team" - dependents: - - system.organization.team.view + - system.settings.account.view - name: role -# cname: '角色' value: 'role' children: - - name: view system role - cname: '查看系统角色' + - name: view guest_allow: true - value: 'view_system_role' + value: 'view' apis: - "GET:/api/v1/system/roles" - "GET:/api/v1/system/role" - - name: view team role - cname: '查看团队角色' - guest_allow: true - value: 'view_team_role' - apis: - "GET:/api/v1/team/roles" - "GET:/api/v1/team/role" - - name: System Settings -# cname: '系统设置' - value: 'settings' - children: - - name: service classification -# cname: '服务分类' - value: 'service_classification' - children: - - name: view -# cname: '查看' - value: 'view' - guest_allow: true -# apis: -# - "GET:/api/v1/catalogues" - - name: manager -# cname: '管理' - value: 'manager' - apis: - - "POST:/api/v1/catalogue" - - "PUT:/api/v1/catalogue" - - "DELETE:/api/v1/catalogue" - - "PUT:/api/v1/catalogue/sort" - dependents: - - system.settings.service_classification.view - - name: General -# cname: 常规设置 - value: 'general' - children: - - name: view -# cname: 查看 - value: 'view' - guest_allow: true - apis: -# - "GET:/api/v1/setting" - - name: manager -# cname: 管理 - value: 'manager' - apis: -# - "PUT:/api/v1/setting" - dependents: - - system.settings.general.view - - name: Devops -# cname: 运维 - value: 'devops' - children: - - name: cluster - cname: 集群 - value: 'cluster' + - name: api gateway + value: 'api_gateway' children: - name: view cname: 查看 @@ -126,53 +107,63 @@ system: apis: - "GET:/api/v1/cluster/nodes" - name: manager -# cname: 管理 value: 'manager' apis: - "PUT:/api/v1/cluster/reset" - "POST:/api/v1/cluster/check" + - name: ai provider + value: 'ai_provider' + children: + - name: view + value: 'view' + guest_allow: true + apis: + - "GET:/api/v1/ai/providers" + - "GET:/api/v1/ai/provider/config" + - name: manager + value: 'manager' + apis: + - "PUT:/api/v1/ai/provider/config" + - "PUT:/api/v1/ai/provider/default-llm" + dependents: + - system.settings.ai_provider.view - name: ssl certificate cname: 证书 value: 'ssl_certificate' children: - name: view -# cname: 查看 value: 'view' guest_allow: true apis: - "GET:/api/v1/certificates" - "GET:/api/v1/certificate" - name: manager -# cname: 管理 value: 'manager' apis: - "POST:/api/v1/certificate" - "PUT:/api/v1/certificate" - "DELETE:/api/v1/certificate" dependents: - - system.devops.ssl_certificate.view - - name: Data Source -# cname: '数据源' + - system.settings.ssl_certificate.view + - name: data source value: 'data_source' children: - name: view -# cname: '查看' value: 'view' guest_allow: true apis: - "GET:/api/v1/monitor/config" - name: manager -# cname: '管理' value: 'manager' apis: - "POST:/api/v1/monitor/config" - "PUT:/api/v1/monitor/config" + dependents: + - system.settings.data_source.view - name: log configuration -# cname: 日志 value: 'log_configuration' children: - name: view -# cname: 查看 value: 'view' guest_allow: true apis: @@ -180,7 +171,6 @@ system: - "GET:/api/v1/dynamic/{name}/list" - "GET:/api/v1/dynamic/{name}/render" - name: manager -# cname: 管理 value: 'manager' apis: - "POST:/api/v1/dynamic/{name}" @@ -189,93 +179,13 @@ system: - "PUT:/api/v1/dynamic/{name}/online" - "PUT:/api/v1/dynamic/{name}/offline" dependents: - - system.devops.log_configuration.view - - name: ai provider -# cname: AI 模型供应商 - value: 'ai_provider' - children: - - name: view -# cname: 查看 - value: 'view' - guest_allow: true - apis: - - "GET:/api/v1/ai/providers" - - "GET:/api/v1/ai/provider/config" - - name: manager -# cname: 管理 - value: 'manager' - apis: - - "PUT:/api/v1/ai/provider/config" - - "PUT:/api/v1/ai/provider/default-llm" - dependents: - - system.devops.ai_provider.view - - - name: dashboard -# cname: 仪表盘 - value: 'dashboard' - children: - - name: run view -# cname: 运行视图 - value: 'run_view' - children: - - name: view -# cname: 查看 - value: 'view' - guest_allow: true - apis: - - "GET:/api/v1/monitor/overview/invoke" - - "GET:/api/v1/monitor/overview/message" - - "GET:/api/v1/monitor/overview/top10" - - "GET:/api/v1/monitor/overview/summary" - - name: workspace -# cname: 工作空间 - value: 'workspace' - children: - - name: application -# cname: 应用 - value: 'application' - children: - - name: view all application -# cname: 查看所有应用 - value: 'view_all' - guest_allow: true - apis: - - "GET:/api/v1/apps" - - name: service -# cname: 服务 - value: 'service' - children: - - name: view all service -# cname: 查看所有服务 - value: 'view_all' - guest_allow: true - apis: - - "GET:/api/v1/services" - - name: team -# cname: 团队 - value: 'team' - children: - - name: view all team -# cname: 查看所有团队 - value: 'view_all' - guest_allow: true - apis: - - "GET:/api/v1/manager/teams" - - name: api market - value: 'api_market' - children: - - name: view - value: 'view' - guest_allow: true - apis: - - "GET:/api/v1/catalogue/services" - - "GET:/api/v1/catalogue/service" + - system.settings.log_configuration.view team: - name: service value: 'service' children: - - name: router - value: 'router' + - name: api + value: 'api' children: - name: view value: 'view' @@ -291,43 +201,53 @@ team: - "POST:/api/v1/service/router" - "PUT:/api/v1/service/router" - "DELETE:/api/v1/service/router" + dependents: + - team.service.api.view - name: api doc cname: API文档 value: 'api_doc' children: - name: view -# cname: 查看 value: 'view' guest_allow: true apis: - "GET:/api/v1/service/api_doc" - name: manager -# cname: 管理 value: 'manager' apis: - "PUT:/api/v1/service/api_doc" - "POST:/api/v1/service/api_doc/upload" + dependents: + - team.service.api_doc.view + - name: service intro + value: 'service_intro' + children: + - name: view + value: 'view' + guest_allow: true + - name: manager + value: 'manager' + dependents: + - team.service.service_intro.view - name: upstream cname: 上游 value: 'upstream' children: - name: view -# cname: 查看 value: 'view' guest_allow: true apis: - "GET:/api/v1/service/upstream" - name: manager -# cname: 管理 value: 'manager' apis: - "PUT:/api/v1/service/upstream" + dependents: + - team.service.upstream.view - name: release -# cname: 发布 value: 'release' children: - name: view -# cname: 查看 value: 'view' guest_allow: true apis: @@ -338,18 +258,16 @@ team: - "GET:/api/v1/service/release/preview" - "GET:/api/v1/service/publish/status" - name: manager -# cname: 管理 value: 'manager' apis: - "POST:/api/v1/service/publish/release/do" -# - "PUT:/api/v1/service/publish/execute" - "DELETE:/api/v1/service/release" - - name: subscription management -# cname: 订阅方管理 + dependents: + - team.service.release.view + - name: subscription review value: 'subscription' children: - name: view -# cname: 查看 value: 'view' guest_allow: true apis: @@ -357,50 +275,48 @@ team: - "GET:/api/v1/service/approval/subscribe" - "GET:/api/v1/service/subscribers" - name: manager -# cname: 管理 value: 'manager' apis: - "POST:/api/v1/service/approval/subscribe" - "POST:/api/v1/service/subscriber" - "DELETE:/api/v1/service/subscriber" + dependents: + - team.service.subscription.view - name: service -# cname: 服务管理 value: 'service' children: - name: manager -# cname: 管理 value: 'manager' apis: - "PUT:/api/v1/service/info" - "POST:/api/v1/team/service" - "DELETE:/api/v1/team/service" - - name: application - cname: 应用 - value: 'application' + dependents: + - team.service.service.manager + - name: consumer + value: 'consumer' children: - - name: subscription Service + - name: subscription service cname: 订阅服务 value: 'subscription' children: - - name: view -# cname: 查看 - value: 'view' + - name: allow subscribe service + value: 'subscribe' + - name: view subscribed services + value: 'view_subscribed_service' guest_allow: true apis: - - "GET:/api/v1/application/subscriptions" - - name: manager -# cname: 管理 - value: 'manager' + - "GET:/api/v1/application/subscription" + - name: manager subscribed services + value: 'manager_subscribed_services' apis: - "POST:/api/v1/catalogue/service/subscribe" - "POST:/api/v1/application/subscription/cancel" - "POST:/api/v1/application/subscription/cancel_apply" - name: authorization -# cname: 访问授权 value: 'authorization' children: - name: view -# cname: 查看 value: 'view' guest_allow: true apis: @@ -408,60 +324,61 @@ team: - "GET:/api/v1/app/authorizations" - "GET:/api/v1/app/authorization/details" - name: manager -# cname: 管理 value: 'manager' apis: - "POST:/api/v1/app/authorization" - "PUT:/api/v1/app/authorization" - "DELETE:/api/v1/app/authorization" - - name: application -# cname: 应用 + - name: consumer value: 'application' children: - name: manager -# cname: 管理 value: 'manager' apis: - "PUT:/api/v1/app/info" - "POST:/api/v1/team/app" - - "DELETE:/api/v1/app" - name: team -# cname: 团队 value: 'team' children: + - name: service + value: 'service' + children: + - name: view + value: 'view' + guest_allow: true + - name: manager + value: 'manager' + dependents: + - team.team.service.view + - name: consumer + value: 'consumer' + children: + - name: view + value: 'view' + guest_allow: true + - name: manager + value: 'manager' + dependents: + - team.team.consumer.view - name: member -# cname: 成员 value: 'member' children: - name: view -# cname: 查看 value: 'view' guest_allow: true - apis: - - "GET:/api/v1/team/members" - - "GET:/api/v1/team/members/toadd" - name: manager -# cname: 管理 value: 'manager' - apis: - - "POST:/api/v1/team/member" - - "DELETE:/api/v1/team/member" - - "PUT:/api/v1/team/member/role" - - name: team -# cname: 团队管理 + dependents: + - team.team.member.view + - name: team settings value: 'team' children: - name: view -# cname: '查看' value: 'view' guest_allow: true apis: - - "GET:/api/v1/manager/teams" - - "GET:/api/v1/manager/team" - name: manager -# cname: '管理' value: 'manager' apis: - - "POST:/api/v1/manager/team" - - "PUT:/api/v1/manager/team" - - "DELETE:/api/v1/manager/team" \ No newline at end of file + dependents: + - team.team.team.view \ No newline at end of file diff --git a/resources/access/role.yaml b/resources/access/role.yaml index 5b752025..19772f90 100644 --- a/resources/access/role.yaml +++ b/resources/access/role.yaml @@ -2,163 +2,159 @@ system: - name: super admin value: super_admin permits: - - system.dashboard.run_view.view - - system.devops.ai_provider.manager - - system.devops.ai_provider.view - - system.devops.cluster.manager - - system.devops.cluster.view - - system.devops.data_source.manager - - system.devops.data_source.view - - system.devops.log_configuration.manager - - system.devops.log_configuration.view - - system.devops.ssl_certificate.manager - - system.devops.ssl_certificate.view - - system.organization.member.manager - - system.organization.member.view - - system.organization.role.view_system_role - - system.organization.role.view_team_role - - system.organization.team.manager - - system.organization.team.view + - system.analysis.run_view.view + - system.api_portal.api_portal.view + - system.settings.account.manager + - system.settings.account.view + - system.settings.ai_provider.manager + - system.settings.ai_provider.view + - system.settings.api_gateway.manager + - system.settings.api_gateway.view + - system.settings.data_source.manager + - system.settings.data_source.view - system.settings.general.manager - system.settings.general.view - - system.settings.service_classification.manager - - system.settings.service_classification.view - - system.workspace.api_market.view + - system.settings.log_configuration.manager + - system.settings.log_configuration.view + - system.settings.role.view + - system.settings.ssl_certificate.manager + - system.settings.ssl_certificate.view + - system.workspace.application.manager_all - system.workspace.application.view_all + - system.workspace.service.manager_all - system.workspace.service.view_all + - system.workspace.team.create + - system.workspace.team.manager - system.workspace.team.view_all supper: true - name: team admin value: team_admin permits: - - system.organization.role.view_team_role - - system.organization.team.manager - - system.organization.team.view - - system.workspace.api_market.view - - system.workspace.application.view_all - - system.workspace.service.view_all - - system.workspace.team.view_all + - system.api_portal.api_portal.view + - system.workspace.team.create - name: devops admin value: devops_admin permits: - - system.dashboard.run_view.view - - system.devops.ai_provider.manager - - system.devops.ai_provider.view - - system.devops.cluster.manager - - system.devops.cluster.view - - system.devops.data_source.manager - - system.devops.data_source.view - - system.devops.log_configuration.manager - - system.devops.log_configuration.view - - system.devops.ssl_certificate.manager - - system.devops.ssl_certificate.view - - system.workspace.api_market.view + - system.analysis.run_view.view + - system.api_portal.api_portal.view + - system.settings.ai_provider.manager + - system.settings.ai_provider.view + - system.settings.api_gateway.manager + - system.settings.api_gateway.view + - system.settings.data_source.manager + - system.settings.data_source.view + - system.settings.general.manager + - system.settings.general.view + - system.settings.log_configuration.manager + - system.settings.log_configuration.view + - system.settings.ssl_certificate.manager + - system.settings.ssl_certificate.view - system.workspace.application.view_all - system.workspace.service.view_all - system.workspace.team.view_all - - system.settings.general.manager - - system.settings.general.view - - system.settings.service_classification.manager - - system.settings.service_classification.view - name: general member value: member permits: - - system.workspace.api_market.view + - system.api_portal.api_portal.view default: true - - name: guest - value: guest - permits: - - system.settings.service_classification.view - - system.devops.cluster.view - - system.devops.log_configuration.view - - system.devops.ssl_certificate.view - - system.devops.monitor.view - - system.organization.member.view - - system.organization.role.view_system_role - - system.organization.role.view_team_role - - system.organization.team.view - - system.workspace.api_market.view - - system.workspace.application.view_all - - system.workspace.service.view_all - - system.workspace.team.view_all - - system.dashboard.run_view.view + team: - name: team admin value: team_admin permits: - - team.application.application.manager - - team.application.authorization.manager - - team.application.authorization.view - - team.application.subscription.manager - - team.application.subscription.view - - team.service.api_doc.view + - team.consumer.application.manager + - team.consumer.authorization.manager + - team.consumer.authorization.view + - team.consumer.subscription.manager_subscribed_services + - team.consumer.subscription.subscribe + - team.consumer.subscription.view_subscribed_service + - team.service.api.manager + - team.service.api.view - team.service.api_doc.manager - - team.service.router.manager - - team.service.router.view + - team.service.api_doc.view - team.service.release.manager - team.service.release.view - team.service.service.manager + - team.service.service_intro.manager + - team.service.service_intro.view - team.service.subscription.manager - team.service.subscription.view - team.service.upstream.manager - team.service.upstream.view + - team.team.consumer.manager + - team.team.consumer.view - team.team.member.manager - team.team.member.view + - team.team.service.manager + - team.team.service.view - team.team.team.manager - team.team.team.view supper: true - name: service admin value: service_admin permits: - - team.service.service.manager - - team.service.upstream.manager - - team.service.upstream.view - - team.service.api_doc.view + - team.service.api.manager + - team.service.api.view - team.service.api_doc.manager - - team.service.router.manager - - team.service.router.view - - team.service.subscription.manager - - team.service.subscription.view + - team.service.api_doc.view - team.service.release.manager - team.service.release.view + - team.service.service.manager + - team.service.service_intro.manager + - team.service.service_intro.view + - team.service.subscription.manager + - team.service.subscription.view + - team.service.upstream.manager + - team.service.upstream.view + - team.team.consumer.view - team.team.member.view + - team.team.service.manager + - team.team.service.view + - team.team.team.view - name: service developer value: service_developer permits: - - team.service.upstream.manager - - team.service.upstream.view - - team.service.api_doc.view + - team.service.api.manager + - team.service.api.view - team.service.api_doc.manager - - team.service.router.manager - - team.service.router.view + - team.service.api_doc.view - team.service.release.manager - team.service.release.view - - team.team.member.view - - name: application admin - value: application_admin - permits: - - team.application.application.manager - - team.application.authorization.manager - - team.application.authorization.view - - team.application.subscription.manager - - team.application.subscription.view - - team.team.member.view - - name: application developer - value: application_developer - permits: - - team.application.authorization.view - - team.application.subscription.manager - - team.application.subscription.view - - team.team.member.view - default: true - - name: guest - value: guest - permits: - - team.application.authorization.view - - team.application.subscription.view - - team.service.router.view - - team.service.release.view + - team.service.service.manager + - team.service.service_intro.manager + - team.service.service_intro.view + - team.service.subscription.manager - team.service.subscription.view + - team.service.upstream.manager - team.service.upstream.view + - team.team.consumer.view - team.team.member.view - - team.team.team.view \ No newline at end of file + - team.team.service.view + - team.team.team.view + - name: consumer admin + value: consumer_admin + permits: + - team.consumer.application.manager + - team.consumer.authorization.manager + - team.consumer.authorization.view + - team.consumer.subscription.manager_subscribed_services + - team.consumer.subscription.subscribe + - team.consumer.subscription.view_subscribed_service + - team.team.consumer.manager + - team.team.consumer.view + - team.team.member.view + - team.team.service.view + - team.team.team.view + - name: consumer developer + value: consumer_developer + permits: + - team.consumer.application.manager + - team.consumer.authorization.manager + - team.consumer.authorization.view + - team.consumer.subscription.subscribe + - team.consumer.subscription.view_subscribed_service + - team.team.consumer.view + - team.team.member.view + - team.team.service.view + - team.team.team.view + default: true diff --git a/resources/locale/i18n/zh-CN.json b/resources/locale/i18n/zh-CN.json index 3882a74f..e9b000f4 100644 --- a/resources/locale/i18n/zh-CN.json +++ b/resources/locale/i18n/zh-CN.json @@ -1,44 +1,46 @@ { - "ai provider": "AI供应商", - "api market": "API门户", + "account": "账号", + "ai provider": "AI模型供应商", + "analysis": "分析报告", + "api": "API", "api doc": "API文档", - "application": "应用", - "application admin": "应用管理员", - "application developer": "应用开发者", - "authorization": "鉴权", - "cluster": "集群", - "dashboard": "仪表盘", + "api gateway": "API网关", + "api portal": "API门户", + "authorization": "访问授权", + "consumer": "消费者", + "consumer admin": "消费者管理员", + "consumer developer": "消费者开发者", + "create": "创建", "data source": "数据源", - "devops": "运维", "devops admin": "运维管理员", "general": "常规设置", "general member": "普通成员", - "guest": "访客", "log configuration": "日志配置", "manager": "管理", + "manager all consumer": "管理所有消费者", + "manager subscribed services": "管理已订阅的服务", "member": "成员", - "organization": "组织管理", "release": "发布", "role": "角色", - "router": "路由", "run view": "运行视图", "service": "服务", "service admin": "服务管理员", - "service classification": "服务目录", "service developer": "服务开发者", + "service intro": "服务文档", "ssl certificate": "SSL证书", - "subscription management": "订阅方管理", + "allow subscribe service": "允许订阅服务", + "subscription review": "订阅审核", "subscription service": "订阅服务", "super admin": "超级管理员", "system settings": "系统设置", "team": "团队", + "team settings": "团队设置", "team admin": "团队管理员", "upstream": "上游", "view": "查看", - "view all application": "查看所有应用", + "view all consumer": "查看所有消费者", "view all service": "查看所有服务", "view all team": "查看所有团队", - "view system role": "查看系统角色", - "view team role": "查看团队角色", + "view subscribed services": "查看已经订阅的服务", "workspace": "工作空间" -} \ No newline at end of file +} From 087e598be0dc725d5e4accaf50317674ec6d4df7 Mon Sep 17 00:00:00 2001 From: Liujian <824010343@qq.com> Date: Mon, 28 Oct 2024 18:39:55 +0800 Subject: [PATCH 2/4] update remark --- .gitignore | 1 - init.go | 1 + initialization-none.go | 1 - initialization.go | 28 ++++++++++++++-------------- main.go | 6 +++--- middleware/permit/permit.go | 15 +++++---------- model/plugin_model/type.go | 1 + scripts/Dockerfile | 2 +- scripts/prefix.sh | 1 + 9 files changed, 26 insertions(+), 30 deletions(-) mode change 100755 => 100644 scripts/prefix.sh diff --git a/.gitignore b/.gitignore index 9b16619e..17943495 100644 --- a/.gitignore +++ b/.gitignore @@ -3,4 +3,3 @@ /config.yml /build/ /apipark -/aoplatform diff --git a/init.go b/init.go index f0edbabf..3e398f85 100644 --- a/init.go +++ b/init.go @@ -1,5 +1,6 @@ package main +// init module import ( _ "github.com/APIParkLab/APIPark/frontend" _ "github.com/APIParkLab/APIPark/gateway/apinto" diff --git a/initialization-none.go b/initialization-none.go index f4c82193..c241316f 100644 --- a/initialization-none.go +++ b/initialization-none.go @@ -9,5 +9,4 @@ import ( ) func doCheck() { - } diff --git a/initialization.go b/initialization.go index ae49f334..297741be 100644 --- a/initialization.go +++ b/initialization.go @@ -6,6 +6,11 @@ import ( "bytes" "encoding/csv" "fmt" + "os" + "sort" + "strings" + "time" + _ "github.com/APIParkLab/APIPark/resources/access" _ "github.com/APIParkLab/APIPark/resources/permit" _ "github.com/APIParkLab/APIPark/resources/plugin" @@ -14,19 +19,15 @@ import ( "github.com/eolinker/go-common/permit" "github.com/eolinker/go-common/pm3" "github.com/eolinker/go-common/utils" - "os" - "sort" - "strings" - "time" ) const unsetValue = "-" func doCheck() { accessConf, unset := loadAccess() - + drivers := pm3.List() - + newAccess := 0 for _, p := range drivers { if ac, ok := p.(pm3.AccessConfig); ok { @@ -39,9 +40,9 @@ func doCheck() { } } } - + } - + } for asKey := range permit.All() { key := strings.ToLower(asKey) @@ -53,12 +54,11 @@ func doCheck() { if newAccess > 0 || unset > 0 { f := accessFile() fmt.Printf("%d access need set, see : %s and %s", newAccess+unset, saveTemplate(accessConf, f), saveCsv(accessConf, f)) - } os.Exit(0) } func accessFile() string { - + if version == "" { return time.Now().Format("20060102-150405") } @@ -84,7 +84,7 @@ func saveCsv(as map[string]*Access, key string) string { err = os.WriteFile(filePath, buf.Bytes(), 0666) if err != nil { log.Fatal(err) - + } return filePath } @@ -111,9 +111,9 @@ func (ls AccessListSort) Swap(i, j int) { func saveTemplate(as map[string]*Access, key string) string { out := make(map[string][]access.Access) - + for _, a := range as { - + out[a.Group] = append(out[a.Group], access.Access{ Name: a.Name, CName: a.Cname, @@ -130,7 +130,7 @@ func saveTemplate(as map[string]*Access, key string) string { err = os.WriteFile(filePath, buf.Bytes(), 0666) if err != nil { log.Fatal(err) - + } return filePath } diff --git a/main.go b/main.go index 872a3616..52097fbc 100644 --- a/main.go +++ b/main.go @@ -3,13 +3,14 @@ package main import ( "flag" "fmt" + "net" + "net/http" + "github.com/eolinker/eosc/log" "github.com/eolinker/go-common/autowire" "github.com/eolinker/go-common/cftool" "github.com/eolinker/go-common/permit" "github.com/eolinker/go-common/server" - "net" - "net/http" ) var ( @@ -54,7 +55,6 @@ func main() { for access, paths := range srv.Permits() { permit.AddPermitRule(access, paths...) } - err = http.Serve(ln, srv) if err != nil { log.Fatal(err) diff --git a/middleware/permit/permit.go b/middleware/permit/permit.go index 41880740..428350b6 100644 --- a/middleware/permit/permit.go +++ b/middleware/permit/permit.go @@ -3,7 +3,7 @@ package permit_middleware import ( "net/http" "reflect" - + permit_identity "github.com/APIParkLab/APIPark/middleware/permit/identity" "github.com/eolinker/eosc/log" "github.com/eolinker/go-common/autowire" @@ -42,11 +42,11 @@ func (p *PermitMiddleware) Sort() int { func (p *PermitMiddleware) Check(method string, path string) (bool, []gin.HandlerFunc) { // 当前路径是否有配置权限 accessRules, has := permit.GetPathRule(method, path) - + if !has || len(accessRules) == 0 { return false, nil } - + return true, []gin.HandlerFunc{ func(ginCtx *gin.Context) { userId := utils.UserId(ginCtx) @@ -56,19 +56,14 @@ func (p *PermitMiddleware) Check(method string, path string) (bool, []gin.Handle ginCtx.Abort() return } - - //if userId == "admin" { - // // 超级管理员不校验 - // return - //} - + for _, group := range checkSort { accessList, has := accessRules[group] if !has { // 当前分组没有配置权限 continue } - + domainHandler, has := permit.SelectDomain(group) if !has { // 当前分组没有配置身份handler diff --git a/model/plugin_model/type.go b/model/plugin_model/type.go index a95cce28..b7fea1f6 100644 --- a/model/plugin_model/type.go +++ b/model/plugin_model/type.go @@ -9,6 +9,7 @@ type Kind int func (k *Kind) UnmarshalJSON(bytes []byte) error { str := "" + err := json.Unmarshal(bytes, &str) if err != nil { return err diff --git a/scripts/Dockerfile b/scripts/Dockerfile index cd08cc73..f78900c8 100755 --- a/scripts/Dockerfile +++ b/scripts/Dockerfile @@ -1,4 +1,4 @@ -# 名称:apinto通用镜像 +# 名称:apipark通用镜像 # 创建时间:2022-10-25 FROM centos:7.9.2009 MAINTAINER liujian diff --git a/scripts/prefix.sh b/scripts/prefix.sh old mode 100755 new mode 100644 index 800e9117..0ce4577f --- a/scripts/prefix.sh +++ b/scripts/prefix.sh @@ -25,6 +25,7 @@ cd "./eosc" && git pull # ========================================================================= echo "更新 aoaccount" cd "${BASEPATH}/" + if [ ! -d "./aoaccount" ]; then git clone http://gitlab.eolink.com/apinto/aoaccount.git fi From 85971447e160beabe66e79f815258474e26db4ac Mon Sep 17 00:00:00 2001 From: Liujian <824010343@qq.com> Date: Tue, 29 Oct 2024 14:19:36 +0800 Subject: [PATCH 3/4] update i18n --- resources/locale/i18n/en-US.json | 42 +++++++++++++++++--------------- resources/locale/i18n/ja-JP.json | 36 ++++++++++++++------------- resources/locale/i18n/zh-TW.json | 36 ++++++++++++++------------- 3 files changed, 60 insertions(+), 54 deletions(-) diff --git a/resources/locale/i18n/en-US.json b/resources/locale/i18n/en-US.json index 12c793a1..c9f6adff 100644 --- a/resources/locale/i18n/en-US.json +++ b/resources/locale/i18n/en-US.json @@ -1,44 +1,46 @@ { + "account": "Account", "ai provider": "AI Provider", - "api market": "API Portal", + "analysis": "Analysis Report", + "api": "API", "api doc": "API Documentation", - "application": "Application", - "application admin": "Application Administrator", - "application developer": "Application Developer", - "authorization": "Authorization", - "cluster": "Cluster", - "dashboard": "Dashboard", + "api gateway": "API Gateway", + "api portal": "API Portal", + "authorization": "Access Authorization", + "consumer": "Consumer", + "consumer admin": "Consumer Admin", + "consumer developer": "Consumer Developer", + "create": "Create", "data source": "Data Source", - "devops": "DevOps", - "devops admin": "DevOps Administrator", + "devops admin": "DevOps Admin", "general": "General Settings", "general member": "General Member", - "guest": "Guest", "log configuration": "Log Configuration", "manager": "Manager", + "manager all consumer": "Manage All Consumers", + "manager subscribed services": "Manage Subscribed Services", "member": "Member", - "organization": "Organization Management", "release": "Release", "role": "Role", - "router": "Router", "run view": "Run View", "service": "Service", - "service admin": "Service Administrator", - "service classification": "Service Directory", + "service admin": "Service Admin", "service developer": "Service Developer", + "service intro": "Service Documentation", "ssl certificate": "SSL Certificate", - "subscription management": "Subscription Management", + "allow subscribe service": "Allow Subscribe Service", + "subscription review": "Subscription Review", "subscription service": "Subscription Service", - "super admin": "Super Administrator", + "super admin": "Super Admin", "system settings": "System Settings", "team": "Team", - "team admin": "Team Administrator", + "team settings": "Team Settings", + "team admin": "Team Admin", "upstream": "Upstream", "view": "View", - "view all application": "View All Applications", + "view all consumer": "View All Consumers", "view all service": "View All Services", "view all team": "View All Teams", - "view system role": "View System Roles", - "view team role": "View Team Roles", + "view subscribed services": "View Subscribed Services", "workspace": "Workspace" } diff --git a/resources/locale/i18n/ja-JP.json b/resources/locale/i18n/ja-JP.json index a6c81be1..a7f00ec6 100644 --- a/resources/locale/i18n/ja-JP.json +++ b/resources/locale/i18n/ja-JP.json @@ -1,44 +1,46 @@ { + "account": "アカウント", "ai provider": "AIプロバイダー", - "api market": "APIマーケット", + "analysis": "分析レポート", + "api": "API", "api doc": "APIドキュメント", - "application": "アプリケーション", - "application admin": "アプリケーション管理者", - "application developer": "アプリケーション開発者", - "authorization": "認証", - "cluster": "クラスター", - "dashboard": "ダッシュボード", + "api gateway": "APIゲートウェイ", + "api portal": "APIポータル", + "authorization": "アクセス許可", + "consumer": "消費者", + "consumer admin": "消費者管理者", + "consumer developer": "消費者開発者", + "create": "作成", "data source": "データソース", - "devops": "DevOps", "devops admin": "DevOps管理者", "general": "一般設定", "general member": "一般メンバー", - "guest": "ゲスト", "log configuration": "ログ設定", "manager": "管理者", + "manager all consumer": "すべての消費者を管理", + "manager subscribed services": "購読したサービスを管理", "member": "メンバー", - "organization": "組織管理", "release": "リリース", "role": "役割", - "router": "ルーター", "run view": "実行ビュー", "service": "サービス", "service admin": "サービス管理者", - "service classification": "サービスディレクトリ", "service developer": "サービス開発者", + "service intro": "サービスドキュメント", "ssl certificate": "SSL証明書", - "subscription management": "サブスクリプション管理", - "subscription service": "サブスクリプションサービス", + "allow subscribe service": "サービスの購読を許可", + "subscription review": "購読レビュー", + "subscription service": "購読サービス", "super admin": "スーパ管理者", "system settings": "システム設定", "team": "チーム", + "team settings": "チーム設定", "team admin": "チーム管理者", "upstream": "アップストリーム", "view": "表示", - "view all application": "すべてのアプリケーションを表示", + "view all consumer": "すべての消費者を表示", "view all service": "すべてのサービスを表示", "view all team": "すべてのチームを表示", - "view system role": "システム役割を表示", - "view team role": "チーム役割を表示", + "view subscribed services": "購読したサービスを表示", "workspace": "ワークスペース" } diff --git a/resources/locale/i18n/zh-TW.json b/resources/locale/i18n/zh-TW.json index 5b35ad94..fc537d7f 100644 --- a/resources/locale/i18n/zh-TW.json +++ b/resources/locale/i18n/zh-TW.json @@ -1,44 +1,46 @@ { - "ai provider": "AI供應商", - "api market": "API市場", + "account": "帳號", + "ai provider": "AI模型供應商", + "analysis": "分析報告", + "api": "API", "api doc": "API文檔", - "application": "應用", - "application admin": "應用管理員", - "application developer": "應用開發者", - "authorization": "授權", - "cluster": "集群", - "dashboard": "儀表盤", + "api gateway": "API網關", + "api portal": "API門戶", + "authorization": "訪問授權", + "consumer": "消費者", + "consumer admin": "消費者管理員", + "consumer developer": "消費者開發者", + "create": "創建", "data source": "數據源", - "devops": "運維", "devops admin": "運維管理員", "general": "常規設置", "general member": "普通成員", - "guest": "訪客", "log configuration": "日誌配置", "manager": "管理", + "manager all consumer": "管理所有消費者", + "manager subscribed services": "管理已訂閱的服務", "member": "成員", - "organization": "組織管理", "release": "發布", "role": "角色", - "router": "路由", "run view": "運行視圖", "service": "服務", "service admin": "服務管理員", - "service classification": "服務目錄", "service developer": "服務開發者", + "service intro": "服務文檔", "ssl certificate": "SSL證書", - "subscription management": "訂閱方管理", + "allow subscribe service": "允許訂閱服務", + "subscription review": "訂閱審核", "subscription service": "訂閱服務", "super admin": "超級管理員", "system settings": "系統設置", "team": "團隊", + "team settings": "團隊設置", "team admin": "團隊管理員", "upstream": "上游", "view": "查看", - "view all application": "查看所有應用", + "view all consumer": "查看所有消費者", "view all service": "查看所有服務", "view all team": "查看所有團隊", - "view system role": "查看系統角色", - "view team role": "查看團隊角色", + "view subscribed services": "查看已訂閱的服務", "workspace": "工作空間" } From f9e6bc92d75b4ec31f5e8008d703dfee3c8219f7 Mon Sep 17 00:00:00 2001 From: HaoZhen Liu Date: Tue, 29 Oct 2024 17:28:41 +0800 Subject: [PATCH 4/4] update v1.2 translation --- .../common/src/locales/scan/en-US.json | 18 +++++++++--------- .../common/src/locales/scan/zh-CN.json | 4 +++- 2 files changed, 12 insertions(+), 10 deletions(-) diff --git a/frontend/packages/common/src/locales/scan/en-US.json b/frontend/packages/common/src/locales/scan/en-US.json index 7f32cdda..56257210 100644 --- a/frontend/packages/common/src/locales/scan/en-US.json +++ b/frontend/packages/common/src/locales/scan/en-US.json @@ -319,7 +319,7 @@ "Ka46b9b24": "Data Source Type", "Kbb0cdcd0": "Data Source Address", "Kd9dfb884": "Organization", - "K3e770a75": "Authentication Token", + "K3e770a75": "Credentials Token", "K8ef69ee2": "Key", "Kba3507d6": "Upload Key", "K93ac0f23": "Key file suffix is usually .key", @@ -365,7 +365,7 @@ "Kcef64f4d": "Default AI Provider", "Kcab588a9": "No AI model provider set,", "Kb9b56111": "Set Now", - "Kcf756b7a": "API Call Prefix", + "Kcf756b7a": "API Request Prefix", "K13edc043": "As a prefix for all APIs in the service, e.g., host/{service_name}/{api_path}, cannot be modified once saved.", "Kf52a584d": "Service Category", "K72b21be5": "Set the category in which the service will be displayed in the service marketplace", @@ -391,8 +391,8 @@ "K813e1c0a": "Team Name", "K692f5aa6": "Team ID", "K5de0bc2": "Team ID can be used to retrieve the team, cannot be modified once saved.", - "Ka63dd985": "Team Leader", - "Ka6bcd272": "The leader has management authority over the team, services, and members within the team", + "Ka63dd985": "Team Administrator", + "Ka6bcd272": "The Administrator has management authority over the team, services, and members within the team", "Ka2012bdd": "Delete Team", "Kbde1f3d": "Service data must be cleared before deletion", "K395acc14": "Remove", @@ -463,7 +463,7 @@ "Kd59290a2": "Search Category or Tag", "K6b75bdbc": "No API Data", "K4b15d6f5": "Application Reason", - "Kb71b5a13": "Authentication Type", + "Kb71b5a13": "Credentials Type", "K4d1465ee": "ISS", "K5dcd7ed8": "Signature Algorithm", "K5b0eedd3": "Secret", @@ -475,10 +475,10 @@ "K31418470": "SK", "Kbfeb5297": "API Key", "K1a78e6f0": "Expiration Time", - "Ke64e43a": "Hide Authentication Info", - "K217cb125": "Authentication Details", - "K2bb63eca": "Add Authentication", - "Kd74d69b7": "Edit Authentication", + "Ke64e43a": "Hide Credentials Info", + "K217cb125": "Credentials Details", + "K2bb63eca": "Add Credentials", + "Kd74d69b7": "Edit Credentials", "K9cbe1e0": "Modify", "Kb6e9328f": "Authorization", "Kd23d1716": "Add Authorization", diff --git a/frontend/packages/common/src/locales/scan/zh-CN.json b/frontend/packages/common/src/locales/scan/zh-CN.json index 9c33895e..52fc73e6 100644 --- a/frontend/packages/common/src/locales/scan/zh-CN.json +++ b/frontend/packages/common/src/locales/scan/zh-CN.json @@ -676,5 +676,7 @@ "K6e32a344": "订阅服务数量", "Ka701316": "鉴权数量", "K9eaa2eb6": "列表", - "Kfaec39e9": "块" + "Kfaec39e9": "块", + "Kc3b7bfa8": "暂无消费者描述", + "K3a6f905d": "输入名称、ID 查找消费者" } \ No newline at end of file