vertoryao/dify-proxy-backend
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor(auth): 移除控制器方法中的权限注解

Browse Source 
移除了多个控制器类中方法的 @PreAuthorize 注解,包括:
- PPTController
- Spider2Controller
- SpiderController
- V1ChatController
- V1DatasetController
- V1ServerController
- V1WorkflowController
- WordController

这些权限控制将通过其他方式进行实现。
This commit is contained in:
Kven 2025-05-28 19:44:20 +08:00
parent 241aeeeffb
commit 087591fc20
8 changed files with 0 additions and 38 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
src/main/java/com/zsc/edu/dify/modules/dify/controller/PPTController.java
View File

@ -24,7 +24,6 @@ public class PPTController {
* @return
*/
@PostMapping("/run")
@PreAuthorize("hasAuthority('dify:ppt:run')")
@OperationLogAnnotation(content = "'dify工作流'", operationType = "运行")
public WorkflowRunResponse runWorkflow(@RequestBody WorkflowRunRequest request) {
request.setUserId(SecurityUtil.getUserInfo().id.toString());

1
src/main/java/com/zsc/edu/dify/modules/dify/controller/Spider2Controller.java
View File

@ -26,7 +26,6 @@ public class Spider2Controller {
* @return
*/
@PostMapping("/run")
@PreAuthorize("hasAuthority('dify:spider2:run')")
@OperationLogAnnotation(content = "'dify工作流'", operationType = "运行")
public WorkflowRunResponse runWorkflow(@RequestBody WorkflowRunRequest request) {
request.setUserId(SecurityUtil.getUserInfo().id.toString());

4
src/main/java/com/zsc/edu/dify/modules/dify/controller/SpiderController.java
View File

@ -25,7 +25,6 @@ public class SpiderController {
private static final String API_KEY = "77c068fd-d5b6-4c33-97d8-db5511a09b26";
@PostMapping("/run")
@PreAuthorize("hasAuthority('dify:spider:run')")
public JSONObject run(@RequestBody SpiderDto dto) throws JsonProcessingException {
dto.setLlm_api_key(API_KEY);
String body = objectMapper.writeValueAsString(dto);
@ -38,7 +37,6 @@ public class SpiderController {
}
@PostMapping("/status")
@PreAuthorize("hasAuthority('dify:spider:status')")
public JSONObject status() {
return WebClient.create(SPIDER_URL).post().uri("/crawl_status")
.retrieve()
@ -47,7 +45,6 @@ public class SpiderController {
}
@PostMapping("/logs")
@PreAuthorize("hasAuthority('dify:spider:log')")
public JSONObject logs() {
return WebClient.create(SPIDER_URL).post().uri("/logs")
.retrieve()
@ -56,7 +53,6 @@ public class SpiderController {
}
@PostMapping("/stop")
@PreAuthorize("hasAuthority('dify:spider:stop')")
public JSONObject stop() {
return WebClient.create(SPIDER_URL).post().uri("/stop_crawl")
.retrieve()

7
src/main/java/com/zsc/edu/dify/modules/dify/controller/V1ChatController.java
View File

@ -45,7 +45,6 @@ public class V1ChatController {
* apikey 建议在数据库进行存储前端调用时传智能体 id从数据库查询
*/
@PostMapping("/completions/{appId}")
@PreAuthorize("hasAnyAuthority('dify:chat:send','dify:word:send')")
@OperationLogAnnotation(content = "'dify对话'", operationType = "发送")
public ChatMessageSendResponse sendChatMessage(
@RequestBody ChatMessageSendRequest sendRequest,
@ -81,7 +80,6 @@ public class V1ChatController {
* @return 会话列表
*/
@PostMapping("/conversations/{appId}")
@PreAuthorize("hasAnyAuthority('dify:chat:query','dify:word:query')")
public DifyPageResult<MessageConversationsResponse> conversations(
@RequestBody MessageConversationsRequest request,
@PathVariable String appId
@ -98,7 +96,6 @@ public class V1ChatController {
* @return 消息列表
*/
@PostMapping("/messages/{appid}")
@PreAuthorize("hasAnyAuthority('dify:chat:query','dify:word:query')")
public DifyPageResult<MessagesResponseVO> messages(
@RequestBody MessagesRequest request,
@PathVariable String appid
@ -115,7 +112,6 @@ public class V1ChatController {
* @param taskId 任务id
*/
@PatchMapping("/stream/stop")
@PreAuthorize("hasAnyAuthority('dify:chat:stop','dify:word:stop')")
public void stopMessagesStream(@RequestParam String taskId, @RequestParam String appId) {
String apiKey = appEntityService.getApikey(appId);
String userId = SecurityUtil.getUserInfo().id.toString();
@ -128,7 +124,6 @@ public class V1ChatController {
* @param conversationId 会话id
*/
@DeleteMapping("/conversation")
@PreAuthorize("hasAnyAuthority('dify:chat:delete','dify:word:delete')")
@OperationLogAnnotation(content = "'dify对话'", operationType = "删除")
public void deleteConversation(@RequestParam String conversationId, @RequestParam String appId) {
String apiKey = appEntityService.getApikey(appId);
@ -147,7 +142,6 @@ public class V1ChatController {
* @return
*/
@GetMapping("/messages/suggested")
@PreAuthorize("hasAnyAuthority('dify:chat:query','dify:word:query')")
public List<String> messagesSuggested(String messageId,String appId){
String apiKey = appEntityService.getApikey(appId);
String userId = SecurityUtil.getUserInfo().id.toString();
@ -160,7 +154,6 @@ public class V1ChatController {
* @return
*/
@GetMapping("/parameters/{appid}")
@PreAuthorize("hasAnyAuthority('dify:chat:query','dify:word:query')")
public AppParametersResponseVO parameters(@PathVariable String appid){
String apiKey = appEntityService.getApikey(appid);
return ExceptionUtil.difyException(()->difyChat.parameters(apiKey));

8
src/main/java/com/zsc/edu/dify/modules/dify/controller/V1DatasetController.java
View File

@ -28,7 +28,6 @@ public class V1DatasetController {
* @return
*/
@PostMapping("/page")
@PreAuthorize("hasAuthority('dify:dataset:query')")
public DifyPageResult<DatasetResponse> page(@RequestBody DatasetPageRequest request){
request.setApiKey(apiKey);
return difyDataset.page(request);
@ -41,7 +40,6 @@ public class V1DatasetController {
* @return
*/
@PostMapping("/createDocumentByFile")
@PreAuthorize("hasAuthority('dify:dataset:create')")
@OperationLogAnnotation(content = "'dify知识库文档'", operationType = "新建")
public DocumentCreateResponse createDocumentByFile(DocumentCreateByFileRequest request){
return ExceptionUtil.difyException(() -> difyDataset.createDocumentByFile(request));
@ -54,7 +52,6 @@ public class V1DatasetController {
* @return
*/
@GetMapping("/pageDocument")
@PreAuthorize("hasAuthority('dify:dataset:query')")
public DifyPageResult<DocumentInfo> pageDocument(@RequestBody DatasetPageDocumentRequest request){
request.setApiKey(apiKey);
return difyDataset.pageDocument(request);
@ -68,7 +65,6 @@ public class V1DatasetController {
* @return
*/
@PostMapping("/uploadFileInfo")
@PreAuthorize("hasAuthority('dify:dataset:query')")
public UploadFileInfoResponse uploadFileInfo(String datasetId, String documentId){
return difyDataset.uploadFileInfo(datasetId, documentId,apiKey);
}
@ -81,7 +77,6 @@ public class V1DatasetController {
* @return
*/
@DeleteMapping("/deleteDocument")
@PreAuthorize("hasAuthority('dify:dataset:delete')")
@OperationLogAnnotation(content = "'dify知识库文档'", operationType = "删除")
public void deleteDocument(String datasetId, String documentId){
difyDataset.deleteDocument(datasetId, documentId, apiKey);
@ -94,7 +89,6 @@ public class V1DatasetController {
* @return
*/
@PostMapping("/createSegment")
@PreAuthorize("hasAuthority('dify:dataset:create')")
@OperationLogAnnotation(content = "'dify知识库文档分段'", operationType = "新建")
public SegmentResponse createSegment(@RequestBody SegmentCreateRequest request){
return difyDataset.createSegment(request);
@ -107,7 +101,6 @@ public class V1DatasetController {
* @return
*/
@PostMapping("/createSegmentChildChunk")
@PreAuthorize("hasAuthority('dify:dataset:create')")
@OperationLogAnnotation(content = "'dify知识库文档子分段'", operationType = "新建")
public SegmentChildChunkCreateResponse createSegmentChildChunk(@RequestBody SegmentChildChunkCreateRequest request){
return difyDataset.createSegmentChildChunk(request);
@ -120,7 +113,6 @@ public class V1DatasetController {
* @return
*/
@GetMapping("/retrieve")
@PreAuthorize("hasAuthority('dify:dataset:retrieve')")
public RetrieveResponse retrieve(@RequestBody RetrieveRequest request){
return difyDataset.retrieve(request);
}

9
src/main/java/com/zsc/edu/dify/modules/dify/controller/V1ServerController.java
View File

@ -31,7 +31,6 @@ public class V1ServerController {
* @return
*/
@GetMapping("/apps")
@PreAuthorize("hasAuthority('dify:server:query')")
@DataPermission
public List<AppsResponseVO> getApps(String mode, String name) {
return appEntityService.getApps(mode, name);
@ -43,7 +42,6 @@ public class V1ServerController {
* @return
*/
@GetMapping("/{id}")
@PreAuthorize("hasAuthority('dify:server:query')")
public AppsResponseVO getApp(@PathVariable("id") String id) {
return difyServer.app(id);
}
@ -54,7 +52,6 @@ public class V1ServerController {
* @return
*/
@GetMapping("/api-key/{id}")
@PreAuthorize("hasAuthority('dify:server:query')")
public List<ApiKeyResponseVO> getAppApiKey(@PathVariable("id") String id) {
return difyServer.getAppApiKey(id);
}
@ -65,7 +62,6 @@ public class V1ServerController {
* @return
*/
@PostMapping("/api-key/init/{id}")
@PreAuthorize("hasAuthority('dify:server:init')")
public List<ApiKeyResponseVO> initAppApiKey(@PathVariable("id") String id) {
return difyServer.initAppApiKey(id);
}
@ -75,7 +71,6 @@ public class V1ServerController {
* @return
*/
@GetMapping("/api-key/dataset")
@PreAuthorize("hasAuthority('dify:server:query')")
public List<DatasetApiKeyResponseVO> getDatasetApiKey() {
return difyServer.getDatasetApiKey();
}
@ -85,7 +80,6 @@ public class V1ServerController {
* @return
*/
@PostMapping("/api-key/dataset/init")
@PreAuthorize("hasAuthority('dify:server:init')")
public List<DatasetApiKeyResponseVO> initDatasetApiKey() {
return difyServer.initDatasetApiKey();
}
@ -97,7 +91,6 @@ public class V1ServerController {
* @return
*/
@PostMapping("/app/{id}/toggle")
@PreAuthorize("hasAuthority('dify:server:update')")
@OperationLogAnnotation(content = "'dify服务启用状态'", operationType = "更新")
public boolean enabledApp(@PathVariable String id) {
return appEntityService.enabledApp(id);
@ -108,7 +101,6 @@ public class V1ServerController {
* @return
*/
@GetMapping("/apps/enabled")
@PreAuthorize("hasAuthority('dify:server:query')")
@DataPermission
public List<AppEntity> getEnableApps() {
LambdaQueryWrapper<AppEntity> queryWrapper = new LambdaQueryWrapper<>();
@ -122,7 +114,6 @@ public class V1ServerController {
* @return
*/
@GetMapping("/apps/type")
@PreAuthorize("hasAuthority('dify:server:query')")
@DataPermission
public List<AppEntity> getAppsByAppType(Integer appType){
return appEntityService.selectByAppType(appType);

7
src/main/java/com/zsc/edu/dify/modules/dify/controller/V1WorkflowController.java
View File

@ -41,7 +41,6 @@ public class V1WorkflowController {
* @return
*/
@PostMapping("/run/{appId}")
@PreAuthorize("hasAnyAuthority('dify:workflow:run','dify:ppt:run','dify:spider2:run')")
@OperationLogAnnotation(content = "'dify工作流'", operationType = "运行")
public WorkflowRunResponse runWorkflow(@RequestBody WorkflowRunRequest request, @PathVariable String appId) {
request.setUserId(SecurityUtil.getUserInfo().id.toString());
@ -79,7 +78,6 @@ public class V1WorkflowController {
* @return
*/
@GetMapping("/info/{appId}")
@PreAuthorize("hasAnyAuthority('dify:workflow:info','dify:ppt:info','dify:spider2:info')")
public WorkflowInfoResponse info(String workflowRunId, @PathVariable String appId) {
String apiKey =appEntityService.getApikey(appId);
return ExceptionUtil.difyException(() -> difyWorkflow.info(workflowRunId, apiKey));
@ -92,7 +90,6 @@ public class V1WorkflowController {
* @return
*/
@PostMapping("/logs/{appId}")
@PreAuthorize("hasAnyAuthority('dify:workflow:log','dify:ppt:log','dify:spider2:log')")
public DifyPageResult<WorkflowLogs> logs(@RequestBody WorkflowLogsRequest request, @PathVariable String appId) {
String apiKey = appEntityService.getApikey(appId);
request.setApiKey(apiKey);
@ -107,7 +104,6 @@ public class V1WorkflowController {
* @return
*/
@GetMapping("/list/{appId}")
@PreAuthorize("hasAnyAuthority('dify:workflow:query','dify:ppt:query','dify:spider2:query')")
@DataPermission
public List<WorkflowData> list(@PathVariable String appId){
return difyWorkflowService.list(new QueryWrapper<WorkflowData>().eq("app_id",appId));
@ -120,7 +116,6 @@ public class V1WorkflowController {
* @return
*/
@GetMapping("/detail/{id}")
@PreAuthorize("hasAnyAuthority('dify:workflow:query','dify:ppt:query','dify:spider2:query')")
@DataPermission
public WorkflowData detail(@PathVariable Long id){
return difyWorkflowService.detail(id);
@ -133,7 +128,6 @@ public class V1WorkflowController {
* @return
*/
@DeleteMapping("/delete/{id}")
@PreAuthorize("hasAuthority('dify:workflow:delete')")
@OperationLogAnnotation(content = "'dify工作流日志'", operationType = "删除")
public boolean delete(@PathVariable Long id){
return difyWorkflowService.delete(id);
@ -146,7 +140,6 @@ public class V1WorkflowController {
* @return
*/
@GetMapping("/query")
@PreAuthorize("hasAuthority('dify:workflow:query')")
@DataPermission
public Page<WorkflowData> query(Page<WorkflowData> page){
return difyWorkflowService.query(page);

1
src/main/java/com/zsc/edu/dify/modules/dify/controller/WordController.java
View File

@ -28,7 +28,6 @@ public class WordController {
* apikey 建议在数据库进行存储前端调用时传智能体 id从数据库查询
*/
@PostMapping("/completions")
@PreAuthorize("hasAuthority('dify:word:send')")
@OperationLogAnnotation(content = "'dify对话'", operationType = "发送")
public ChatMessageSendResponse sendChatMessage(@RequestBody ChatMessageSendRequest sendRequest){
sendRequest.setApiKey(appEntityService.getApikey("baca08c1-e92b-4dc9-a445-3584803f54d4"));