OpenSource
/
dify
Volgen 4
Ster 0
Vork 0
Code Kwesties 0 Pull-aanvragen 0 Publicaties 152 Wiki Activiteit
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
6910 Commits
4 Branches
Tree: fa753239ad
Branches Labels
${ item.name }
Maak branch ${ searchTerm }
van 'fa753239ad'
${ noResults }
dify/api/controllers/web/app.py

app.py 4.3KB
Ruw Blame Geschiedenis

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121 
  1. import logging

  2. 

  3. from flask import request

  4. from flask_restx import Resource, marshal_with, reqparse

  5. from werkzeug.exceptions import Unauthorized

  6. 

  7. from controllers.common import fields

  8. from controllers.web import api

  9. from controllers.web.error import AppUnavailableError

  10. from controllers.web.wraps import WebApiResource

  11. from core.app.app_config.common.parameters_mapping import get_parameters_from_feature_dict

  12. from libs.passport import PassportService

  13. from models.model import App, AppMode

  14. from services.app_service import AppService

  15. from services.enterprise.enterprise_service import EnterpriseService

  16. from services.feature_service import FeatureService

  17. from services.webapp_auth_service import WebAppAuthService

  18. 

  19. logger = logging.getLogger(__name__)

  20. 

  21. 

  22. class AppParameterApi(WebApiResource):

  23.     """Resource for app variables."""

  24. 

  25.     @marshal_with(fields.parameters_fields)

  26.     def get(self, app_model: App, end_user):

  27.         """Retrieve app parameters."""

  28.         if app_model.mode in {AppMode.ADVANCED_CHAT.value, AppMode.WORKFLOW.value}:

  29.             workflow = app_model.workflow

  30.             if workflow is None:

  31.                 raise AppUnavailableError()

  32. 

  33.             features_dict = workflow.features_dict

  34.             user_input_form = workflow.user_input_form(to_old_structure=True)

  35.         else:

  36.             app_model_config = app_model.app_model_config

  37.             if app_model_config is None:

  38.                 raise AppUnavailableError()

  39. 

  40.             features_dict = app_model_config.to_dict()

  41. 

  42.             user_input_form = features_dict.get("user_input_form", [])

  43. 

  44.         return get_parameters_from_feature_dict(features_dict=features_dict, user_input_form=user_input_form)

  45. 

  46. 

  47. class AppMeta(WebApiResource):

  48.     def get(self, app_model: App, end_user):

  49.         """Get app meta"""

  50.         return AppService().get_app_meta(app_model)

  51. 

  52. 

  53. class AppAccessMode(Resource):

  54.     def get(self):

  55.         parser = reqparse.RequestParser()

  56.         parser.add_argument("appId", type=str, required=False, location="args")

  57.         parser.add_argument("appCode", type=str, required=False, location="args")

  58.         args = parser.parse_args()

  59. 

  60.         features = FeatureService.get_system_features()

  61.         if not features.webapp_auth.enabled:

  62.             return {"accessMode": "public"}

  63. 

  64.         app_id = args.get("appId")

  65.         if args.get("appCode"):

  66.             app_code = args["appCode"]

  67.             app_id = AppService.get_app_id_by_code(app_code)

  68. 

  69.         if not app_id:

  70.             raise ValueError("appId or appCode must be provided")

  71. 

  72.         res = EnterpriseService.WebAppAuth.get_app_access_mode_by_id(app_id)

  73. 

  74.         return {"accessMode": res.access_mode}

  75. 

  76. 

  77. class AppWebAuthPermission(Resource):

  78.     def get(self):

  79.         user_id = "visitor"

  80.         try:

  81.             auth_header = request.headers.get("Authorization")

  82.             if auth_header is None:

  83.                 raise Unauthorized("Authorization header is missing.")

  84.             if " " not in auth_header:

  85.                 raise Unauthorized("Invalid Authorization header format. Expected 'Bearer <api-key>' format.")

  86. 

  87.             auth_scheme, tk = auth_header.split(None, 1)

  88.             auth_scheme = auth_scheme.lower()

  89.             if auth_scheme != "bearer":

  90.                 raise Unauthorized("Authorization scheme must be 'Bearer'")

  91. 

  92.             decoded = PassportService().verify(tk)

  93.             user_id = decoded.get("user_id", "visitor")

  94.         except Unauthorized:

  95.             raise

  96.         except Exception:

  97.             logger.exception("Unexpected error during auth verification")

  98.             raise

  99. 

  100.         features = FeatureService.get_system_features()

  101.         if not features.webapp_auth.enabled:

  102.             return {"result": True}

  103. 

  104.         parser = reqparse.RequestParser()

  105.         parser.add_argument("appId", type=str, required=True, location="args")

  106.         args = parser.parse_args()

  107. 

  108.         app_id = args["appId"]

  109.         app_code = AppService.get_app_code_by_id(app_id)

  110. 

  111.         res = True

  112.         if WebAppAuthService.is_app_require_permission_check(app_id=app_id):

  113.             res = EnterpriseService.WebAppAuth.is_user_allowed_to_access_webapp(str(user_id), app_code)

  114.         return {"result": res}

  115. 

  116. 

  117. api.add_resource(AppParameterApi, "/parameters")

  118. api.add_resource(AppMeta, "/meta")

  119. # webapp auth apis

  120. api.add_resource(AppAccessMode, "/webapp/access-mode")

  121. api.add_resource(AppWebAuthPermission, "/webapp/permission")