From bc171db945e97be481cf0a2c2f32ab57e03d4a3f Mon Sep 17 00:00:00 2001 From: Finley Ge <32237950+FinleyGe@users.noreply.github.com> Date: Thu, 31 Oct 2024 17:06:56 +0800 Subject: [PATCH] fix: alldataset get dataset without folders. omit the permission check (#3047) --- .../src/pages/api/core/dataset/allDataset.ts | 95 +++---------------- 1 file changed, 13 insertions(+), 82 deletions(-) diff --git a/projects/app/src/pages/api/core/dataset/allDataset.ts b/projects/app/src/pages/api/core/dataset/allDataset.ts index 2cfde85f077..f963c62aebc 100644 --- a/projects/app/src/pages/api/core/dataset/allDataset.ts +++ b/projects/app/src/pages/api/core/dataset/allDataset.ts @@ -3,100 +3,31 @@ import { MongoDataset } from '@fastgpt/service/core/dataset/schema'; import { getVectorModel } from '@fastgpt/service/core/ai/model'; import type { DatasetSimpleItemType } from '@fastgpt/global/core/dataset/type.d'; import { NextAPI } from '@/service/middleware/entry'; -import { - PerResourceTypeEnum, - ReadPermissionVal -} from '@fastgpt/global/support/permission/constant'; -import { MongoResourcePermission } from '@fastgpt/service/support/permission/schema'; -import { DatasetPermission } from '@fastgpt/global/support/permission/dataset/controller'; +import { ReadPermissionVal } from '@fastgpt/global/support/permission/constant'; import { authUserPer } from '@fastgpt/service/support/permission/user/auth'; -import { DatasetDefaultPermissionVal } from '@fastgpt/global/support/permission/dataset/constant'; -import { getGroupsByTmbId } from '@fastgpt/service/support/permission/memberGroup/controllers'; -import { getGroupPer } from '@fastgpt/service/support/permission/controller'; +import { DatasetTypeEnum } from '@fastgpt/global/core/dataset/constants'; /* get all dataset by teamId or tmbId */ async function handler(req: NextApiRequest): Promise { - const { - teamId, - tmbId, - permission: myPer - } = await authUserPer({ + const { teamId } = await authUserPer({ req, authToken: true, authApiKey: true, per: ReadPermissionVal }); - const myGroupIds = ( - await getGroupsByTmbId({ - tmbId, - teamId - }) - ).map((item) => String(item._id)); - - const [myDatasets, perList] = await Promise.all([ - MongoDataset.find({ - teamId - }) - .sort({ - updateTime: -1 - }) - .lean(), - MongoResourcePermission.find({ - resourceType: PerResourceTypeEnum.dataset, - teamId, - resourceId: { - $exists: true - } - }).lean() - ]); - - const filterDatasets = myDatasets - .map((dataset) => { - const per = (() => { - const myPerList = perList.filter( - (item) => - String(item.tmbId) === String(tmbId) || myGroupIds.includes(String(item.groupId)) - ); - - const getPer = (id: string) => { - const tmbPer = myPerList.find( - (item) => String(item.resourceId) === id && !!item.tmbId - )?.permission; - const groupPer = getGroupPer( - myPerList - .filter( - (item) => - String(item.resourceId) === id && myGroupIds.includes(String(item.groupId)) - ) - .map((item) => item.permission) - ); - - return new DatasetPermission({ - per: tmbPer ?? groupPer ?? DatasetDefaultPermissionVal, - isOwner: String(dataset.tmbId) === String(tmbId) || myPer.isOwner - }); - }; - - const parentDataset = myDatasets.find( - (item) => String(item._id) === String(dataset.parentId) - ); - - if (dataset.inheritPermission && dataset.parentId && parentDataset) { - return getPer(parentDataset._id); - } else { - return getPer(dataset._id); - } - })(); - - return { - ...dataset, - permission: per - }; + const myDatasets = await MongoDataset.find({ + teamId, + type: { + $ne: DatasetTypeEnum.folder + } + }) + .sort({ + updateTime: -1 }) - .filter((app) => app.permission.hasReadPer); + .lean(); - return filterDatasets.map((item) => ({ + return myDatasets.map((item) => ({ _id: item._id, avatar: item.avatar, name: item.name,