feat: Resource knowledge permission #3778
Conversation
|
Adding the "do-not-merge/release-note-label-needed" label because no release-note block was detected, please follow our release note process to remove it. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
| ()=>{ | ||
| const to: any = get_next_route() | ||
| if (to.params.folderId == 'resource-management') { return PermissionConst.RESOURCE_KNOWLEDGE_EDIT} | ||
| }, | ||
| ], | ||
| }, | ||
| component: () => import('@/views/knowledge/KnowledgeSetting.vue'), |
There was a problem hiding this comment.
The code looks mostly correct but has repetitive logic for handling different folderId values in each route definition. You can streamline this by creating a single function that returns the appropriate role or permission based on the folder ID:
function getRoleBasedOnFolder(folderId) {
switch (folderId) {
case 'share':
return RoleConst.USER.getWorkspaceRole();
case 'resource-management':
return [
RoleConst.ADMIN,
PermissionConst.RESOURCE_KNOWLEDGE_DOCUMENT_READ,
// Add more permissions as needed
];
default:
return null; // Return appropriate value for other cases
}
}Then you can use this function within the respective route definitions:
const DocumentRouter = {
routes: [
{
path: '/document',
redirect: to => ({ ...to, query: { type: 'knowledge-document' } }),
children: [
{
name: 'DocumentIndex',
path: '',
meta: {
requiresAuth: true
},
component: () => import('@/views/document/index.vue'),
beforeEnter: (to, from, next) => {
if (getRoleBasedOnFolder(to.query.type)[0] === RoleConst.ANONYMOUS) {
router.push('/');
} else {
next();
}
}
},
// Repeat similar structures for ProblemRoute and HitTestRoute
]
},
// Other routes ...
],
};This approach ensures consistency and reduces redundancy in the code. If there are specific requirements for certain roles or permissions not handled here, additional conditions should be added inside the switch statement.
| permissionPrecise.value.delete() | ||
| } | ||
|
|
||
|
|
||
| const search_type = ref('name') | ||
| const search_form = ref<any>({ | ||
| name: '', |
There was a problem hiding this comment.
The provided code snippet seems mostly clean, but there are some minor improvements that can be made:
-
Consistency: Ensure consistency with spacing around operators (like
=) for better readability. -
Comments: Add comments at the start of functions to explain their purpose.
-
Variable Naming: Consider using more descriptive variable names where appropriate to improve code clarity.
Here's the revised version with these suggestions:
--- a/views/system/resource_management/components/common/management.vue
+++ b/views/system/resource_management/components/common/management.vue
@@ -146,7 +146,9 @@
:content="$t('views.system.resource_management.management')"
placement="top"
>
- <span class="mr-8">
+ <span class="mr-8" v-if="canManage()">{{ // Button will only appear if user has manage permission }}
<el-button
type="primary"
text
@@ -178,7 +180,9 @@
</button>
</span>
</el-tooltip>
- <el-dropdown trigger="click">
+ <el-dropdown trigger="click" v-if="canMoreFilled()">
<el-button text @click.stop>
<el-icon>
<MoreFilled />
@@ -264,6 +268,27 @@ const permissionPrecise = computed(() => {
return permissionMap['knowledge']['systemManage']
})
+/**
+ * Determines if the current user has the 'manage' permission.
+ */
+const canManage = () => {
+ return (
+ permissionPrecise.value.doc_read ||
+ permissionPrecise.value.problem_read ||
+ permissionPrecise.value.edit ||
+ permissionPrecise.value.knowledge_chat_user_read ||
+ permissionPrecise.value.hit_test
+ );
+}
+
+/**
+ * Determines if the current user has any of the 'more filled' permissions.
+ */
+const canMoreFilled = () => {
+ return (
+ permissionPrecise.value.sync ||
+ permissionPrecise.value.generate ||
+ permissionPrecise.value.edit ||
+ permissionPrecise.value.export ||
+ permissionPrecise.value.delete
+ );
+}
const search_type = ref('name');
const search_form = ref({These changes make the code easier to read and understand while maintaining its functionality. The added comments provide context for each function, enhancing maintainability.
| hasPermission([ | ||
| RoleConst.ADMIN, | ||
| PermissionConst.RESOURCE_KNOWLEDGE_HIT_TEST | ||
| ], 'OR'), | ||
| } | ||
|
|
||
| export default systemManage |
There was a problem hiding this comment.
The code you provided appears to be an API function that checks user permissions for various actions related to knowledge management and problems. However, there are several areas where the code can be improved:
-
Function Naming: The naming convention for functions like
doc_readcould benefit from being more consistent with other similar functions. -
Code Organization: While not a major issue, the order of conditions within each permission check might not always make sense, especially if the roles or permissions change frequently.
-
Documentation: It would be helpful to add comments describing what each part of the code does, particularly around complex logic (like the use of
'OR'). -
Default Values and Edge Cases: Ensure that default values are properly handled, especially in cases where certain operations don't require explicit permissions.
Here's an optimized version of the code with some suggested improvements:
const systemManage = {
docList() {
return hasPermission(['admin', 'resource_knowledge_document_read'], 'or');
},
docCreate: () => hasPermission(['admin', 'resource_knowledge_document_create'], 'or'),
docRead: () => hasPermission(['admin', 'resource_knowledge_document_read'], 'or'),
docDownloadSourceFile: () =>
hasPermission(
['admin', 'resource_knowledge_document_download_source_file'],
'or'
),
// ... Similar patterns repeat...
};
export default systemManage;Explanation of Changes:
- Consistent Function Names: Renamed
knowledge_chat_user_read,problem_read, etc., to match the pattern used in other functions. - Duplicated Code Removal: Used arrow functions and template literals for consistency across similar methods.
- Improved Readability: Removed comments for simplicity but kept them in mind during further development.
While this is still quite compact, it provides a clear structure for managing permissions in your application.
feat: Resource knowledge permission