CHAI
/
chtech-anythingllm
4
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
18 Commits
1 Branch
0 Tags
235 MiB
Tree: 81058b27ef
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '81058b27ef'
${ noResults }
chtech-anythingllm/server/endpoints/admin.js

669 lines
21 KiB
Raw Normal View History

first commit
1 year ago
用户新增接口
1 year ago
first commit
1 year ago
用户新增接口
1 year ago
first commit
1 year ago
部门管理页面显示,其他功能暂未打通
1 year ago
first commit
1 year ago
用户新增接口
1 year ago
user新增时绑定机构的事务问题
1 year ago
用户新增接口
1 year ago
user新增时绑定机构的事务问题
1 year ago
用户新增接口
1 year ago
user新增时绑定机构的事务问题
1 year ago
用户新增接口
1 year ago
user新增时绑定机构的事务问题
1 year ago
用户新增接口
1 year ago
user新增时绑定机构的事务问题
1 year ago
用户新增接口
1 year ago
user新增时绑定机构的事务问题
1 year ago
用户新增接口
1 year ago
user新增时绑定机构的事务问题
1 year ago
用户新增接口
1 year ago
user新增时绑定机构的事务问题
1 year ago
用户新增接口
1 year ago
坐痛了文档上传解析后还要保存真是文档,还要在数据库保存和部门关系
1 year ago
部门
1 year ago
坐痛了文档上传解析后还要保存真是文档,还要在数据库保存和部门关系
1 year ago
first commit
1 year ago
  1. const { ApiKey } = require("../models/apiKeys");
  2. const { Document } = require("../models/documents");
  3. const { EventLogs } = require("../models/eventLogs");
  4. const { Invite } = require("../models/invite");
  5. const { SystemSettings } = require("../models/systemSettings");
  6. const { Telemetry } = require("../models/telemetry");
  7. const { User } = require("../models/user");
  8. const { DeptUsers } = require("../models/deptUsers");
  9. const { DocumentVectors } = require("../models/vectors");
  10. const { Workspace } = require("../models/workspace");
  11. const { WorkspaceChats } = require("../models/workspaceChats");
  12. const prisma = require("../utils/prisma");
  13. const {
  14. getVectorDbClass,
  15. getEmbeddingEngineSelection,
  16. } = require("../utils/helpers");
  17. const {
  18. validRoleSelection,
  19. canModifyAdmin,
  20. validCanModify,
  21. } = require("../utils/helpers/admin");
  22. const { reqBody, userFromSession, safeJsonParse } = require("../utils/http");
  23. const {
  24. strictMultiUserRoleValid,
  25. flexUserRoleValid,
  26. ROLES,
  27. } = require("../utils/middleware/multiUserProtected");
  28. const { validatedRequest } = require("../utils/middleware/validatedRequest");
  29. const ImportedPlugin = require("../utils/agents/imported");
  31. function adminEndpoints(app) {
  32. if (!app) return;
  34. app.get(
  35. "/admin/users",
  36. [validatedRequest, strictMultiUserRoleValid([ROLES.admin, ROLES.manager])],
  37. async (_request, response) => {
  38. try {
  39. console.log("调用了调用了admin/users");
  40. const users = await User.where();
  41. response.status(200).json({ users });
  42. } catch (e) {
  43. console.error(e);
  44. response.sendStatus(500).end();
  45. }
  46. }
  47. );
  49. app.post(
  50. "/admin/users/new",
  51. [validatedRequest, strictMultiUserRoleValid([ROLES.admin, ROLES.manager])],
  52. async (request, response) => {
  53. try {
  54. const currUser = await userFromSession(request, response);
  55. const newUserParams = reqBody(request);
  56. const roleValidation = validRoleSelection(currUser, newUserParams);
  58. if (!roleValidation.valid) {
  59. response
  60. .status(200)
  61. .json({ user: null, error: roleValidation.error });
  62. return;
  63. }
  65. const { user: newUser, error } = await User.create(newUserParams);
  66. if (!!newUser) {
  67. await EventLogs.logEvent(
  68. "user_created",
  69. {
  70. userName: newUser.username,
  71. createdBy: currUser.username,
  72. },
  73. currUser.id
  74. );
  75. }
  77. response.status(200).json({ user: newUser, error });
  78. } catch (e) {
  79. console.error(e);
  80. response.sendStatus(500).end();
  81. }
  82. }
  83. );
  85. app.post(
  86. "/admin/users/add/:deptId",
  87. [validatedRequest, strictMultiUserRoleValid([ROLES.admin, ROLES.manager])],
  88. async (request, response) => {
  89. try {
  90. const currUser = await userFromSession(request, response);
  91. const { deptId } = request.params;
  92. const newUserParams = reqBody(request);
  93. const roleValidation = validRoleSelection(currUser, newUserParams);
  95. if (!roleValidation.valid) {
  96. return response.status(400).json({ error: roleValidation.error });
  97. }
  99. await prisma.$transaction(async (prisma) => {
  100. try {
  101. // 创建新用户(使用事务中的 prisma 实例)
  102. const { user: newUser, error } = await User.createNew(newUserParams, prisma);
  103. console.log("newUser", newUser);
  104. console.log("error", error);
  105. if (error) {
  106. throw new Error(`用户创建失败: ${error}`);
  107. }
  108. console.log("newUser===================", newUser);
  110. // 创建部门用户关联(使用事务中的 prisma 实例)
  111. const deptUser = await DeptUsers.createNew({
  112. data: { userId: newUser.id, deptId: deptId },
  113. }, prisma);
  114. console.log("deptUser:================", deptUser);
  115. // 记录事件日志(使用事务中的 prisma 实例)
  116. await EventLogs.logEventNew(
  117. "user_created",
  118. { userName: newUser.username, createdBy: currUser.username },
  119. currUser.id,
  120. prisma
  121. );
  123. // 返回成功响应
  124. response.status(200).json({ user: newUser, error: null });
  125. } catch (error) {
  126. console.error("事务内部错误:", error.message);
  127. throw error; // 重新抛出错误,确保事务回滚
  128. }
  129. });
  130. } catch (e) {
  131. console.error("Error creating user and dept user association:", e);
  132. response.status(500).json({ error: "Internal Server Error" });
  133. }
  134. }
  135. );
  137. // app.post(
  138. // "/admin/users/new",
  139. // [validatedRequest, strictMultiUserRoleValid([ROLES.admin, ROLES.manager])],
  140. // async (request, response) => {
  141. // try {
  142. // const currUser = await userFromSession(request, response);
  143. // const newUserParams = reqBody(request);
  144. // const roleValidation = validRoleSelection(currUser, newUserParams);
  145. //
  146. // // 验证角色权限
  147. // if (!roleValidation.valid) {
  148. // response
  149. // .status(200)
  150. // .json({ user: null, error: roleValidation.error });
  151. // return;
  152. // }
  153. //
  154. // // 使用事务确保原子性
  155. // const result = await prisma.$transaction(async (prisma) => {
  156. // // 1. 创建用户
  157. // const newUser = await prisma.users.create({
  158. // data: newUserParams,
  159. // });
  160. //
  161. // // 2. 将用户和组织机构关联到 dept_users 表
  162. // if (newUserParams.deptId) {
  163. // await prisma.dept_users.create({
  164. // data: {
  165. // deptId: newUserParams.deptId,
  166. // userId: newUser.id,
  167. // createdAt: new Date(),
  168. // updatedAt: new Date(),
  169. // },
  170. // });
  171. // }
  172. //
  173. // // 3. 记录事件日志
  174. // await EventLogs.logEvent(
  175. // "user_created",
  176. // {
  177. // userName: newUser.username,
  178. // createdBy: currUser.username,
  179. // },
  180. // currUser.id
  181. // );
  182. //
  183. // return { user: newUser, error: null };
  184. // });
  185. //
  186. // // 返回成功响应
  187. // response.status(200).json(result);
  188. // } catch (e) {
  189. // console.error(e);
  190. // response.status(500).json({ user: null, error: e.message });
  191. // }
  192. // }
  193. // );
  195. app.post(
  196. "/admin/user/:id",
  197. [validatedRequest, strictMultiUserRoleValid([ROLES.admin, ROLES.manager])],
  198. async (request, response) => {
  199. try {
  200. const currUser = await userFromSession(request, response);
  201. const { id } = request.params;
  202. const updates = reqBody(request);
  203. const user = await User.get({ id: Number(id) });
  205. const canModify = validCanModify(currUser, user);
  206. if (!canModify.valid) {
  207. response.status(200).json({ success: false, error: canModify.error });
  208. return;
  209. }
  211. const roleValidation = validRoleSelection(currUser, updates);
  212. if (!roleValidation.valid) {
  213. response
  214. .status(200)
  215. .json({ success: false, error: roleValidation.error });
  216. return;
  217. }
  219. const validAdminRoleModification = await canModifyAdmin(user, updates);
  220. if (!validAdminRoleModification.valid) {
  221. response
  222. .status(200)
  223. .json({ success: false, error: validAdminRoleModification.error });
  224. return;
  225. }
  227. const { success, error } = await User.update(id, updates);
  228. response.status(200).json({ success, error });
  229. } catch (e) {
  230. console.error(e);
  231. response.sendStatus(500).end();
  232. }
  233. }
  234. );
  236. app.delete(
  237. "/admin/user/:id",
  238. [validatedRequest, strictMultiUserRoleValid([ROLES.admin, ROLES.manager])],
  239. async (request, response) => {
  240. try {
  241. const currUser = await userFromSession(request, response);
  242. const { id } = request.params;
  243. const user = await User.get({ id: Number(id) });
  245. const canModify = validCanModify(currUser, user);
  246. if (!canModify.valid) {
  247. response.status(200).json({ success: false, error: canModify.error });
  248. return;
  249. }
  251. await User.delete({ id: Number(id) });
  252. await EventLogs.logEvent(
  253. "user_deleted",
  254. {
  255. userName: user.username,
  256. deletedBy: currUser.username,
  257. },
  258. currUser.id
  259. );
  260. response.status(200).json({ success: true, error: null });
  261. } catch (e) {
  262. console.error(e);
  263. response.sendStatus(500).end();
  264. }
  265. }
  266. );
  268. app.get(
  269. "/admin/invites",
  270. [validatedRequest, strictMultiUserRoleValid([ROLES.admin, ROLES.manager])],
  271. async (_request, response) => {
  272. try {
  273. const invites = await Invite.whereWithUsers();
  274. response.status(200).json({ invites });
  275. } catch (e) {
  276. console.error(e);
  277. response.sendStatus(500).end();
  278. }
  279. }
  280. );
  282. app.post(
  283. "/admin/invite/new",
  284. [validatedRequest, strictMultiUserRoleValid([ROLES.admin, ROLES.manager])],
  285. async (request, response) => {
  286. try {
  287. const user = await userFromSession(request, response);
  288. const body = reqBody(request);
  289. const { invite, error } = await Invite.create({
  290. createdByUserId: user.id,
  291. workspaceIds: body?.workspaceIds || [],
  292. });
  294. await EventLogs.logEvent(
  295. "invite_created",
  296. {
  297. inviteCode: invite.code,
  298. createdBy: response.locals?.user?.username,
  299. },
  300. response.locals?.user?.id
  301. );
  302. response.status(200).json({ invite, error });
  303. } catch (e) {
  304. console.error(e);
  305. response.sendStatus(500).end();
  306. }
  307. }
  308. );
  310. app.delete(
  311. "/admin/invite/:id",
  312. [validatedRequest, strictMultiUserRoleValid([ROLES.admin, ROLES.manager])],
  313. async (request, response) => {
  314. try {
  315. const { id } = request.params;
  316. const { success, error } = await Invite.deactivate(id);
  317. await EventLogs.logEvent(
  318. "invite_deleted",
  319. { deletedBy: response.locals?.user?.username },
  320. response.locals?.user?.id
  321. );
  322. response.status(200).json({ success, error });
  323. } catch (e) {
  324. console.error(e);
  325. response.sendStatus(500).end();
  326. }
  327. }
  328. );
  330. app.get(
  331. "/admin/workspaces",
  332. [validatedRequest, strictMultiUserRoleValid([ROLES.admin, ROLES.manager])],
  333. async (_request, response) => {
  334. try {
  335. const workspaces = await Workspace.whereWithUsers();
  336. response.status(200).json({ workspaces });
  337. } catch (e) {
  338. console.error(e);
  339. response.sendStatus(500).end();
  340. }
  341. }
  342. );
  344. app.get(
  345. "/admin/workspaces/:workspaceId/users",
  346. [validatedRequest, strictMultiUserRoleValid([ROLES.admin, ROLES.manager])],
  347. async (request, response) => {
  348. try {
  349. const { workspaceId } = request.params;
  350. const users = await Workspace.workspaceUsers(workspaceId);
  351. response.status(200).json({ users });
  352. } catch (e) {
  353. console.error(e);
  354. response.sendStatus(500).end();
  355. }
  356. }
  357. );
  359. app.post(
  360. "/admin/workspaces/new",
  361. [validatedRequest, strictMultiUserRoleValid([ROLES.admin, ROLES.manager])],
  362. async (request, response) => {
  363. try {
  364. const user = await userFromSession(request, response);
  365. const { name } = reqBody(request);
  366. const { workspace, message: error } = await Workspace.new(
  367. name,
  368. user.id
  369. );
  370. response.status(200).json({ workspace, error });
  371. } catch (e) {
  372. console.error(e);
  373. response.sendStatus(500).end();
  374. }
  375. }
  376. );
  378. app.post(
  379. "/admin/workspaces/:workspaceId/update-users",
  380. [validatedRequest, strictMultiUserRoleValid([ROLES.admin, ROLES.manager])],
  381. async (request, response) => {
  382. try {
  383. const { workspaceId } = request.params;
  384. const { userIds } = reqBody(request);
  385. const { success, error } = await Workspace.updateUsers(
  386. workspaceId,
  387. userIds
  388. );
  389. response.status(200).json({ success, error });
  390. } catch (e) {
  391. console.error(e);
  392. response.sendStatus(500).end();
  393. }
  394. }
  395. );
  397. app.delete(
  398. "/admin/workspaces/:id",
  399. [validatedRequest, strictMultiUserRoleValid([ROLES.admin, ROLES.manager])],
  400. async (request, response) => {
  401. try {
  402. const { id } = request.params;
  403. const VectorDb = getVectorDbClass();
  404. const workspace = await Workspace.get({ id: Number(id) });
  405. if (!workspace) {
  406. response.sendStatus(404).end();
  407. return;
  408. }
  410. await WorkspaceChats.delete({ workspaceId: Number(workspace.id) });
  411. await DocumentVectors.deleteForWorkspace(Number(workspace.id));
  412. await Document.delete({ workspaceId: Number(workspace.id) });
  413. await Workspace.delete({ id: Number(workspace.id) });
  414. try {
  415. await VectorDb["delete-namespace"]({ namespace: workspace.slug });
  416. } catch (e) {
  417. console.error(e.message);
  418. }
  420. response.status(200).json({ success: true, error: null });
  421. } catch (e) {
  422. console.error(e);
  423. response.sendStatus(500).end();
  424. }
  425. }
  426. );
  428. // System preferences but only by array of labels
  429. app.get(
  430. "/admin/system-preferences-for",
  431. [validatedRequest, flexUserRoleValid([ROLES.admin, ROLES.manager])],
  432. async (request, response) => {
  433. try {
  434. const requestedSettings = {};
  435. const labels = request.query.labels?.split(",") || [];
  436. const needEmbedder = [
  437. "text_splitter_chunk_size",
  438. "max_embed_chunk_size",
  439. ];
  440. const noRecord = [
  441. "max_embed_chunk_size",
  442. "agent_sql_connections",
  443. "imported_agent_skills",
  444. "feature_flags",
  445. "meta_page_title",
  446. "meta_page_favicon",
  447. ];
  449. for (const label of labels) {
  450. // Skip any settings that are not explicitly defined as public
  451. if (!SystemSettings.publicFields.includes(label)) continue;
  453. // Only get the embedder if the setting actually needs it
  454. let embedder = needEmbedder.includes(label)
  455. ? getEmbeddingEngineSelection()
  456. : null;
  457. // Only get the record from db if the setting actually needs it
  458. let setting = noRecord.includes(label)
  459. ? null
  460. : await SystemSettings.get({ label });
  462. switch (label) {
  463. case "footer_data":
  464. requestedSettings[label] = setting?.value ?? JSON.stringify([]);
  465. break;
  466. case "support_email":
  467. requestedSettings[label] = setting?.value || null;
  468. break;
  469. case "text_splitter_chunk_size":
  470. requestedSettings[label] =
  471. setting?.value || embedder?.embeddingMaxChunkLength || null;
  472. break;
  473. case "text_splitter_chunk_overlap":
  474. requestedSettings[label] = setting?.value || null;
  475. break;
  476. case "max_embed_chunk_size":
  477. requestedSettings[label] =
  478. embedder?.embeddingMaxChunkLength || 1000;
  479. break;
  480. case "agent_search_provider":
  481. requestedSettings[label] = setting?.value || null;
  482. break;
  483. case "agent_sql_connections":
  484. requestedSettings[label] =
  485. await SystemSettings.brief.agent_sql_connections();
  486. break;
  487. case "default_agent_skills":
  488. requestedSettings[label] = safeJsonParse(setting?.value, []);
  489. break;
  490. case "disabled_agent_skills":
  491. requestedSettings[label] = safeJsonParse(setting?.value, []);
  492. break;
  493. case "imported_agent_skills":
  494. requestedSettings[label] = ImportedPlugin.listImportedPlugins();
  495. break;
  496. case "custom_app_name":
  497. requestedSettings[label] = setting?.value || null;
  498. break;
  499. case "feature_flags":
  500. requestedSettings[label] =
  501. (await SystemSettings.getFeatureFlags()) || {};
  502. break;
  503. case "meta_page_title":
  504. requestedSettings[label] =
  505. await SystemSettings.getValueOrFallback({ label }, null);
  506. break;
  507. case "meta_page_favicon":
  508. requestedSettings[label] =
  509. await SystemSettings.getValueOrFallback({ label }, null);
  510. break;
  511. default:
  512. break;
  513. }
  514. }
  516. response.status(200).json({ settings: requestedSettings });
  517. } catch (e) {
  518. console.error(e);
  519. response.sendStatus(500).end();
  520. }
  521. }
  522. );
  524. // TODO: Delete this endpoint
  525. // DEPRECATED - use /admin/system-preferences-for instead with ?labels=... comma separated string of labels
  526. app.get(
  527. "/admin/system-preferences",
  528. [validatedRequest, flexUserRoleValid([ROLES.admin, ROLES.manager])],
  529. async (_, response) => {
  530. try {
  531. const embedder = getEmbeddingEngineSelection();
  532. const settings = {
  533. footer_data:
  534. (await SystemSettings.get({ label: "footer_data" }))?.value ||
  535. JSON.stringify([]),
  536. support_email:
  537. (await SystemSettings.get({ label: "support_email" }))?.value ||
  538. null,
  539. text_splitter_chunk_size:
  540. (await SystemSettings.get({ label: "text_splitter_chunk_size" }))
  541. ?.value ||
  542. embedder?.embeddingMaxChunkLength ||
  543. null,
  544. text_splitter_chunk_overlap:
  545. (await SystemSettings.get({ label: "text_splitter_chunk_overlap" }))
  546. ?.value || null,
  547. max_embed_chunk_size: embedder?.embeddingMaxChunkLength || 1000,
  548. agent_search_provider:
  549. (await SystemSettings.get({ label: "agent_search_provider" }))
  550. ?.value || null,
  551. agent_sql_connections:
  552. await SystemSettings.brief.agent_sql_connections(),
  553. default_agent_skills:
  554. safeJsonParse(
  555. (await SystemSettings.get({ label: "default_agent_skills" }))
  556. ?.value,
  557. []
  558. ) || [],
  559. disabled_agent_skills:
  560. safeJsonParse(
  561. (await SystemSettings.get({ label: "disabled_agent_skills" }))
  562. ?.value,
  563. []
  564. ) || [],
  565. imported_agent_skills: ImportedPlugin.listImportedPlugins(),
  566. custom_app_name:
  567. (await SystemSettings.get({ label: "custom_app_name" }))?.value ||
  568. null,
  569. feature_flags: (await SystemSettings.getFeatureFlags()) || {},
  570. meta_page_title: await SystemSettings.getValueOrFallback(
  571. { label: "meta_page_title" },
  572. null
  573. ),
  574. meta_page_favicon: await SystemSettings.getValueOrFallback(
  575. { label: "meta_page_favicon" },
  576. null
  577. ),
  578. };
  579. response.status(200).json({ settings });
  580. } catch (e) {
  581. console.error(e);
  582. response.sendStatus(500).end();
  583. }
  584. }
  585. );
  587. app.post(
  588. "/admin/system-preferences",
  589. [validatedRequest, flexUserRoleValid([ROLES.admin, ROLES.manager])],
  590. async (request, response) => {
  591. try {
  592. const updates = reqBody(request);
  593. await SystemSettings.updateSettings(updates);
  594. response.status(200).json({ success: true, error: null });
  595. } catch (e) {
  596. console.error(e);
  597. response.sendStatus(500).end();
  598. }
  599. }
  600. );
  602. app.get(
  603. "/admin/api-keys",
  604. [validatedRequest, strictMultiUserRoleValid([ROLES.admin])],
  605. async (_request, response) => {
  606. try {
  607. const apiKeys = await ApiKey.whereWithUser({});
  608. return response.status(200).json({
  609. apiKeys,
  610. error: null,
  611. });
  612. } catch (error) {
  613. console.error(error);
  614. response.status(500).json({
  615. apiKey: null,
  616. error: "Could not find an API Keys.",
  617. });
  618. }
  619. }
  620. );
  622. app.post(
  623. "/admin/generate-api-key",
  624. [validatedRequest, strictMultiUserRoleValid([ROLES.admin])],
  625. async (request, response) => {
  626. try {
  627. const user = await userFromSession(request, response);
  628. const { apiKey, error } = await ApiKey.create(user.id);
  630. await Telemetry.sendTelemetry("api_key_created");
  631. await EventLogs.logEvent(
  632. "api_key_created",
  633. { createdBy: user?.username },
  634. user?.id
  635. );
  636. return response.status(200).json({
  637. apiKey,
  638. error,
  639. });
  640. } catch (e) {
  641. console.error(e);
  642. response.sendStatus(500).end();
  643. }
  644. }
  645. );
  647. app.delete(
  648. "/admin/delete-api-key/:id",
  649. [validatedRequest, strictMultiUserRoleValid([ROLES.admin])],
  650. async (request, response) => {
  651. try {
  652. const { id } = request.params;
  653. await ApiKey.delete({ id: Number(id) });
  655. await EventLogs.logEvent(
  656. "api_key_deleted",
  657. { deletedBy: response.locals?.user?.username },
  658. response?.locals?.user?.id
  659. );
  660. return response.status(200).end();
  661. } catch (e) {
  662. console.error(e);
  663. response.sendStatus(500).end();
  664. }
  665. }
  666. );
  667. }
  669. module.exports = { adminEndpoints };