Fix: HTTP API Updates Read-Only Dataset Fields During Modification #5923 (#5937)

### What problem does this PR solve?

Fixes #5923 

Fixes the readonly variables from payload at
 /datasets/<dataset_id> 

_Briefly describe what this PR aims to solve. Include background context
that will help reviewers understand the purpose of the PR._

Now if user tries to modify readonly values then it will show " The
input parameters are invalid. "

invalid_keys = {"id", "embd_id", "chunk_num", "doc_num", "parser_id",
"create_date", "create_time", "created_by",
"status","token_num","update_date","update_time"}
    if any(key in req for key in invalid_keys):
return get_error_data_result(message="The input parameters are
invalid.")
i have include those readonly keys in invalid_keys

### Type of change

- [ ] Bug Fix (non-breaking change which fixes an issue)

---------

Co-authored-by: Raghav <2020csb1115@iitrpr.ac.in>

api/apps/document_app.py

 @manager.route('/run', methods=['POST'])  # noqa: F821
 @login_required
 @validate_request("doc_ids", "run")
-def run():
+def run(): 
     req = request.json
     for doc_id in req["doc_ids"]:
         if not DocumentService.accessible(doc_id, current_user.id):

api/apps/sdk/dataset.py

     return get_result(code=settings.RetCode.SUCCESS)
 
 
-@manager.route("/datasets/<dataset_id>", methods=["PUT"])  # noqa: F821
+@manager.route("/datasets/<dataset_id>", methods=["PUT"])  # noqa: F821  
 @token_required
 def update(tenant_id, dataset_id):
     """
         return get_error_data_result(message="You don't own the dataset")
     req = request.json
     e, t = TenantService.get_by_id(tenant_id)
-    invalid_keys = {"id", "embd_id", "chunk_num", "doc_num", "parser_id"}
+    invalid_keys = {"id", "embd_id", "chunk_num", "doc_num", "parser_id", "create_date", "create_time", "created_by", "status","token_num","update_date","update_time"}
     if any(key in req for key in invalid_keys):
         return get_error_data_result(message="The input parameters are invalid.")
     permission = req.get("permission")

sdk/python/test/test_frontend_api/common.py

 
 def list_document(auth, dataset_id):
     authorization = {"Authorization": auth}
-    url = f"{HOST_ADDRESS}/v1/document/list?kb_id={dataset_id}"
+    url = f"{HOST_ADDRESS}/v1/document/list?kb_id={dataset_id}" 
     res = requests.get(url=url, headers=authorization)
     return res.json()
 
     authorization = {"Authorization": auth}
     json_req = {
         "doc_ids": doc_ids,
-        "run": 1
+        "run": 1 
     }
     url = f"{HOST_ADDRESS}/v1/document/run"
     res = requests.post(url=url, headers=authorization, json=json_req)

sdk/python/test/test_http_api/test_dataset_mangement/common.py

 
 def update_dataset(auth, dataset_id, payload):
     res = requests.put(
-        url=f"{API_URL}/{dataset_id}", headers=HEADERS, auth=auth, json=payload
+        url=f"{API_URL}/{dataset_id}", headers=HEADERS, auth=auth, json=payload 
     )
     return res.json()