修复机构相关权限问题

agent/libs/auth.py

@@ -1,13 +1,18 @@
-from fastapi import Depends, HTTPException, Request, status
 from agent.db.database import SessionLocal
+from agent.libs.sys import SysUserRoleOrganBusiness
 from agent.libs.user import SessionBusiness, UserBusiness
+from fastapi import Depends, HTTPException, Request, status
 
 class SessionValues:
-    def __init__(self, session_id: str, user_id: str, username: str, full_name: str):
+    def __init__(self, session_id: str, user_id: str, username: str, full_name: str, suro_id:int,suro_type:int,suro_role:int,suro_organ:int):
         self.session_id = session_id
         self.user_id = user_id
         self.username = username
         self.full_name = full_name
+        self.suro_id = suro_id
+        self.suro_type = suro_type
+        self.suro_role = suro_role
+        self.suro_organ = suro_organ
         
         
 def verify_session_id(request: Request)-> SessionValues:
@@ -38,7 +43,8 @@ def verify_session_id(request: Request)-> SessionValues:
         # return SessionValues(session_id, '', session_user_id, '')
         # 在这里添加你的 session_id 校验逻辑
         # 例如，检查 session_id 是否在数据库中存在
-        if not session_business.validate_session(session_user_id, session_id):
+        sessionData = session_business.validate_session(session_user_id, session_id)
+        if not sessionData:
             print("Invalid session_id", session_user_id, session_id)
             raise HTTPException(
                 status_code=status.HTTP_401_UNAUTHORIZED,
@@ -54,6 +60,10 @@ def verify_session_id(request: Request)-> SessionValues:
                 detail="Invalid username",
                 headers={"WWW-Authenticate": "Beaver"}
             )
-        return SessionValues(session_id, user.id, user.username, user.full_name)
+        if sessionData.user_role_organ_id is not None:
+            biz = SysUserRoleOrganBusiness(db)
+            SURO_data = biz.getSUROById(sessionData.user_role_organ_id);
+            return SessionValues(session_id, user.id, user.username, user.full_name,SURO_data.id,SURO_data.data_type,SURO_data.role_id,SURO_data.organ_id)
+        return SessionValues(session_id, user.id, user.username, user.full_name,None,None,None,None,)
     # 如果校验通过，返回 session_id 或其他需要的信息
     return None

agent/libs/sys.py

@@ -0,0 +1,103 @@
+
+import logging
+logger = logging.getLogger(__name__)
+
+from agent.models.db.sys import SysOrgan,SysUserRoleOrgan
+from datetime import datetime
+
+class SysOrganBusiness:
+    def __init__(self, db):
+        self.db = db
+
+    def insert_data(self, name, manager="", phone="", parent_id=0):
+        sysOrgan = SysOrgan(
+            name=name, 
+            manager=manager,
+            phone=phone,
+            parent_id=parent_id
+        )
+        self.db.add(sysOrgan)
+        self.db.commit()
+        self.db.refresh(sysOrgan)
+        return sysOrgan
+
+    def update_data(self,id, name, manager="", phone="", parent_id=0):
+        self.db.query(SysOrgan).filter(SysOrgan.id == id).update({
+            SysOrgan.name : name, 
+            SysOrgan.manager : manager,
+            SysOrgan.phone : phone,
+            SysOrgan.parent_id : parent_id
+        })
+        self.db.commit()
+
+    def get_data_by_name(self, name):
+        return self.db.query(SysOrgan).filter(SysOrgan.name == name).first()
+    
+    def get_data_by_nameAndParent(self, name,parentId):
+        return self.db.query(SysOrgan).filter(SysOrgan.parent_id == parentId,SysOrgan.name == name).first()
+    
+    def get_data(self, data_id):
+        return self.db.query(SysOrgan).filter(SysOrgan.id == data_id).first()
+
+    def get_all_data(self):
+        return self.db.query(SysOrgan).all()
+    
+    def get_all_data_by_parentId(self,parentId):
+        return self.db.query(SysOrgan).filter(SysOrgan.parent_id == parentId).all()
+
+    def delete_data(self, data_id):
+        sysOrgan = self.get_data(data_id)
+        if sysOrgan:
+            self.db.delete(sysOrgan)
+            self.db.commit()
+
+class SysUserRoleOrganBusiness:
+    def __init__(self, db):
+        self.db = db
+
+    def get_last_use_SURO(self,userId):
+        return self.db.query(SysUserRoleOrgan).filter(SysUserRoleOrgan.user_id == userId).order_by(SysUserRoleOrgan.last_use_time.desc()).first()
+    
+    def getSUROById(self,id):
+        return self.db.query(SysUserRoleOrgan).filter(SysUserRoleOrgan.id == id).first()
+    
+
+    def get_SURO(self,user_id, organ_id):
+        return self.db.query(SysUserRoleOrgan).filter(SysUserRoleOrgan.user_id == user_id,SysUserRoleOrgan.organ_id == organ_id).first()
+    
+    def insert_data(self, user_id, role_id, organ_id, data_type,create_by):
+        sysUserRoleOrgan = SysUserRoleOrgan(
+            user_id=user_id, 
+            role_id=role_id,
+            organ_id=organ_id,
+            data_type=data_type,
+            create_time=datetime.now(),
+            create_by=create_by
+        )
+        self.db.add(sysUserRoleOrgan)
+        self.db.commit()
+        self.db.refresh(sysUserRoleOrgan)
+        return sysUserRoleOrgan
+    
+    def update_data(self,id, user_id, role_id, organ_id, data_type,update_by):
+        self.db.query(SysUserRoleOrgan).filter(SysUserRoleOrgan.id == id).update({
+            SysUserRoleOrgan.user_id : user_id, 
+            SysUserRoleOrgan.role_id : role_id,
+            SysUserRoleOrgan.organ_id : organ_id,
+            SysUserRoleOrgan.data_type : data_type,
+            SysUserRoleOrgan.update_time : datetime.now(),
+            SysUserRoleOrgan.update_by : update_by
+        })
+        self.db.commit()
+
+    def updateLastUseTime(self,id):
+        self.db.query(SysUserRoleOrgan).filter(SysUserRoleOrgan.id == id).update({
+            SysUserRoleOrgan.last_use_time : datetime.now()
+        })
+        self.db.commit()
+
+    def delete_data(self, data_id):
+        sysUserRoleOrgan = self.getSUROById(data_id)
+        if sysUserRoleOrgan:
+            self.db.delete(sysUserRoleOrgan)
+            self.db.commit()

agent/libs/user.py

@@ -10,6 +10,7 @@ logger = logging.getLogger(__name__)
 from datetime import datetime,timedelta
 
 from agent.models.db.user import User,Session,Role,Permission, user_roles, role_permissions
+from agent.models.db.sys import SysUserRoleOrgan
 
 
 class UserBusiness:
@@ -63,28 +64,39 @@ class UserBusiness:
     
 class SessionBusiness:
     def __init__(self, db):
-        self.db = db
-    def create_session(self, user:User):
+        self.db = db 
+
+    def create_session(self, user:User,sysUserRoleOrgan:SysUserRoleOrgan):
         session_id = str(uuid.uuid4())
-        session = Session(session_id=session_id, user_id=user.id, username=user.username, full_name=user.full_name, created=datetime.now(), updated=datetime.now())
+        session = Session(session_id=session_id,user_role_organ_id=sysUserRoleOrgan.id, user_id=user.id, username=user.username, full_name=user.full_name, created=datetime.now(), updated=datetime.now())
         self.db.add(session)
         self.db.commit()
         self.db.refresh(session)
         return session
+    
     def get_session(self, session_id):
         return self.db.query(Session).filter(Session.session_id == session_id).first()
+    
     def delete_session(self, session_id):
         session = self.get_session(session_id)
         if session:
             self.db.delete(session)
             self.db.commit()
         return True
+    
     def update_session(self, session_id):
         session = self.get_session(session_id)
         if session:
             session.updated = datetime.now()
             self.db.commit()
             self.db.refresh(session)
+            
+    def update_session_SURO(self, sess:Session):
+        self.db.query(Session).filter(Session.id == sess.id).update({
+            Session.user_role_organ_id : sess.user_role_organ_id, 
+            Session.updated : datetime.now()
+        })
+        
     def get_session_by_user_id(self, user_id):
         return self.db.query(Session).filter(Session.user_id == user_id).first()
     
@@ -253,6 +265,12 @@ class UserRoleBusiness:
         menu_permissions = [p for p in user_permissions if p.menu_name is not None]
         # You might want to structure this hierarchically if you have parent_id relationships
         return menu_permissions
-
+    
+    def get_role_menu_permissions(self, role_id):
+        permissions = self.role_biz.get_role_permissions(role_id)
+        menu_permissions = [p for p in permissions if p.menu_name is not None]
+        # You might want to structure this hierarchically if you have parent_id relationships
+        return menu_permissions
+  
 if __name__ == "__main__":
     print("hello world")

agent/models/db/sys.py

@@ -0,0 +1,25 @@
+from sqlalchemy import Column, Integer, String, DateTime,ForeignKey
+from agent.db.database import Base
+from datetime import datetime
+
+
+class SysOrgan(Base):
+    __tablename__ = 'sys_organ'
+    id = Column(Integer, primary_key=True, index=True)
+    name = Column(String(50), unique=True, index=True, nullable=False) # e.g., "view_dashboard", "edit_settings"
+    manager = Column(String(50))
+    phone = Column(String(50)) # Display name for the menu
+    parent_id = Column(Integer, ForeignKey('sys_organ.id'), nullable=True)
+
+class SysUserRoleOrgan(Base):
+    __tablename__ = 'sys_user_role_organ'
+    id = Column(Integer, primary_key=True, index=True)
+    user_id = Column(Integer)
+    role_id = Column(Integer)
+    organ_id = Column(Integer)
+    data_type = Column(Integer)
+    last_use_time = Column(Integer)
+    create_time = Column(DateTime, default=datetime.now())
+    create_by = Column(String(50))
+    update_time = Column(DateTime, default=datetime.now())
+    update_by = Column(String(50))

agent/models/db/user.py

@@ -26,6 +26,7 @@ class User(Base):
 class Session(Base):
     __tablename__ = 'sessions'
     id = Column(Integer, primary_key=True)
+    user_role_organ_id = Column(Integer, ForeignKey('sys_user_role_organ.id'))
     user_id = Column(Integer, ForeignKey('users.id'))
     session_id = Column(String(64), nullable=False)
     username = Column(String(32), nullable=False)
@@ -63,4 +64,4 @@ class Permission(Base):
     parent_id = Column(Integer, ForeignKey('permissions.id'), nullable=True) # For hierarchical menus
 
     roles = relationship("Role", secondary=role_permissions, back_populates="permissions")
-    parent = relationship("Permission", remote_side=[id]) # Self-referential relationship for parent menu
+    parent = relationship("Permission", remote_side=[id]) # Self-referential relationship for parent menu

agent/router/sys.py

@@ -0,0 +1,104 @@
+import sys,os
+current_path = os.getcwd()
+sys.path.append(current_path)
+
+from sqlalchemy import text
+from db.database import get_db
+from sqlalchemy.orm import Session
+from fastapi import APIRouter, Depends
+from agent.libs.response import resp_200
+from agent.libs.sys import SysUserRoleOrganBusiness
+from agent.libs.auth import verify_session_id, SessionValues
+from agent.models.web.response import StandardResponse,FAILED,SUCCESS
+from agent.libs.user import SessionBusiness, UserRoleBusiness
+from agent.libs.user import SessionBusiness
+
+router = APIRouter(prefix="/sys", tags=["系统接口"])
+
+@router.get("/currSURO", response_model=StandardResponse)
+def currSURO(sess:SessionValues = Depends(verify_session_id)):
+    return resp_200(data=sess.suro_id)
+
+@router.get("/loadSURO", response_model=StandardResponse)
+def loadSURO(db: Session = Depends(get_db), sess:SessionValues = Depends(verify_session_id)):
+    DATA_SQL = f"select a.*,b.username user_name,c.name role_name,d.name organ_name from sys_user_role_organ a,users b,roles c,sys_organ d where a.user_id =b.id and a.role_id=c.id and a.organ_id=d.id and a.user_id="+str(sess.user_id)
+
+    results = db.execute(text(DATA_SQL))
+    datList = []
+    for row in results:
+        datList.append({
+            "id":row.id, 
+            'user_id':row.user_id,
+            'role_id':row.role_id, 
+            'organ_id':row.organ_id,            
+            'data_type':row.data_type,
+            'last_use_time':row.last_use_time,
+            'create_time':row.create_time,
+            'create_by':row.create_by,
+            'update_time':row.update_time,
+            'update_by':row.update_by,
+            'user_name':row.user_name,            
+            'role_name':row.role_name,
+            'organ_name':row.organ_name
+        })
+    return StandardResponse(code=SUCCESS, message="机构&科室获取成功", records=datList)
+
+@router.post("/changeSURO/{id}", response_model=StandardResponse)
+def changeSURO(id:int, db: Session = Depends(get_db), sess:SessionValues = Depends(verify_session_id)):
+    biz = SysUserRoleOrganBusiness(db)
+
+    sysUserRoleOrgan = biz.getSUROById(id)
+    if sysUserRoleOrgan is None:
+        return StandardResponse(code=FAILED, message="用户角色机构不存在")
+    sess.suro_id = sysUserRoleOrgan.id
+    sess.suro_type = sysUserRoleOrgan.data_type
+    sess.suro_role = sysUserRoleOrgan.role_id
+    sess.suro_organ = sysUserRoleOrgan.organ_id
+    #更新session信息
+    sessbiz = SessionBusiness(db)
+    session = sessbiz.get_session(sess.session_id)
+    session.user_role_organ_id = id
+    sessbiz.update_session_SURO(session)
+
+    biz.updateLastUseTime(sysUserRoleOrgan.id)
+
+    # Get user roles and permissions
+    user_role_biz = UserRoleBusiness(db)
+    user_roles = user_role_biz.get_user_roles(sysUserRoleOrgan.role_id)
+    user_menu_permissions = user_role_biz.get_role_menu_permissions(sysUserRoleOrgan.role_id)
+
+    # Prepare roles and permissions for response
+    roles_data = [{
+        "id": role.id,
+        "name": role.name,
+        "description": role.description
+    } for role in user_roles]
+
+    # 构建权限字典，方便通过ID查找
+    permission_map = {p.id: {
+        "id": p.id, "name": p.name, "description": p.description,
+        "menu_name": p.menu_name, "menu_route": p.menu_route,
+        "menu_icon": p.menu_icon, "parent_id": p.parent_id,
+        "children": []
+    } for p in user_menu_permissions}
+
+    # 构建树形结构
+    tree = []
+    for p_id, p_data in permission_map.items():
+        parent_id = p_data["parent_id"]
+        if parent_id and parent_id in permission_map:
+            permission_map[parent_id]["children"].append(p_data)
+        else:
+            tree.append(p_data)
+    print(tree)
+    
+    session_data = {
+        "session_id": sess.session_id,
+        "user_id": sess.user_id,
+        "username": sess.username,
+        "full_name": sess.full_name
+    }
+
+    return StandardResponse(code=SUCCESS, message="用户角色机构切换成功", records=[{"session": session_data, "roles": roles_data, "menu_permissions": tree}])
+
+sys = router

agent/router/sys_organ.py

@@ -0,0 +1,106 @@
+import sys,os
+current_path = os.getcwd()
+sys.path.append(current_path)
+
+from typing import Optional
+from pydantic import BaseModel
+from db.database import get_db
+from sqlalchemy.orm import Session
+from fastapi import APIRouter, Depends
+from agent.libs.sys import SysOrganBusiness
+from agent.models.web.response import StandardResponse,FAILED,SUCCESS
+
+class SysOrganRequest(BaseModel):
+    id: Optional[int] = None
+    name: str
+    manager: Optional[str] = None
+    phone: Optional[str] = None
+    parent_id: Optional[int] = None
+
+router = APIRouter(prefix="/organ", tags=["机构&科室管理接口"])
+
+@router.get("/loadData", response_model=StandardResponse)
+def loadData(db: Session = Depends(get_db)):
+    datas = SysOrganBusiness(db).get_all_data()
+
+    sysOrgan_map = {p.id: {
+        "id": p.id, 
+        "name": p.name, 
+        "manager": p.manager,
+        "phone": p.phone,  
+        "parent_id": p.parent_id,
+        "children": []
+    } for p in datas}
+
+    tree = []
+    for p_id, p_data in sysOrgan_map.items():
+        parent_id = p_data["parent_id"]
+        if parent_id != 0 and parent_id in sysOrgan_map:
+            sysOrgan_map[parent_id]["children"].append(p_data)
+        else:
+            tree.append(p_data)
+
+    return StandardResponse(code=SUCCESS, message="机构&科室获取成功", records=tree)
+
+@router.get("/loadDataById/{id}", response_model=StandardResponse)
+def loadDataByParentId(id:int,db: Session = Depends(get_db)):
+    datas = SysOrganBusiness(db).get_all_data()
+    sysOrgan_map = {p.id: {
+        "id": p.id, 
+        "name": p.name, 
+        "manager": p.manager,
+        "phone": p.phone,  
+        "parent_id": p.parent_id,
+        "children": []
+    } for p in datas}
+
+    tree = []
+    for p_id, p_data in sysOrgan_map.items():
+        parent_id1 = p_data["parent_id"]
+        if parent_id1 != 0 and parent_id1 in sysOrgan_map:
+            sysOrgan_map[parent_id1]["children"].append(p_data)
+        else:
+            tree.append(p_data)
+    tree2 = []
+    tree2.append(sysOrgan_map[id])
+    return StandardResponse(code=SUCCESS, message="机构&科室获取成功", records=tree2)
+
+@router.post("/insert", response_model=StandardResponse)
+def insertData(request: SysOrganRequest, db: Session = Depends(get_db)):
+    biz = SysOrganBusiness(db)
+    request_name = request.name
+    request_manager = request.manager
+    request_phone = request.phone
+    request_parentId = request.parent_id
+    if request_name is None or request_name.strip() == '':
+        return StandardResponse(code=FAILED, message="机构&科室名称不能为空")
+    data = biz.get_data_by_nameAndParent(request_name,request_parentId)
+    if data is not None:
+        return StandardResponse(code=FAILED, message="机构&科室名称已经存在")
+    user = biz.insert_data(request_name, request_manager,request_phone,request_parentId)
+    if user is None:
+        return StandardResponse(code=FAILED, message="创建机构&科室失败")
+    return StandardResponse(code=SUCCESS, message="创建机构&科室成功")
+
+@router.post("/update", response_model=StandardResponse)
+def updateData(request: SysOrganRequest, db: Session = Depends(get_db)):
+    biz = SysOrganBusiness(db)
+    if request.name is None or request.name.strip() == '':
+        return StandardResponse(code=FAILED, message="机构&科室名称不能为空")
+    data = biz.get_data_by_nameAndParent(request.name,request.parent_id)
+    if data is not None and data.id != request.id:
+        return StandardResponse(code=FAILED, message="机构&科室名称已经存在")
+    biz.update_data(request.id,request.name, request.manager,request.phone,request.parent_id)
+    return StandardResponse(code=SUCCESS, message="更新机构&科室成功")
+        
+@router.post("/delete/{id}", response_model=StandardResponse)
+def deleteData(id:int, db: Session = Depends(get_db)):
+    biz = SysOrganBusiness(db)
+    data = biz.get_all_data_by_parentId(id)
+    
+    if data is not None and len(data) > 0:
+        return StandardResponse(code=FAILED, message="含有子机构&科室,请先删除后再操作")
+    biz.delete_data(id)
+    return StandardResponse(code=SUCCESS, message="删除机构&科室成功")
+
+sys_organ = router

agent/router/sys_user_role_organ.py

@@ -0,0 +1,126 @@
+import sys,os
+current_path = os.getcwd()
+sys.path.append(current_path)
+
+from math import ceil
+from sqlalchemy import text
+from typing import Optional
+from pydantic import BaseModel
+from db.database import get_db
+from sqlalchemy.orm import Session
+from fastapi import APIRouter, Depends
+from agent.libs.response import resp_200
+from agent.libs.sys import SysUserRoleOrganBusiness
+from agent.libs.auth import verify_session_id, SessionValues
+from agent.models.web.response import StandardResponse,FAILED,SUCCESS
+
+class SysUserRoleOrganRequest(BaseModel):
+    id: Optional[int] = None
+    user_id: Optional[int] = None
+    role_id: Optional[int] = None
+    organ_id: Optional[int] = None
+    data_type: Optional[int] = None
+    user_name: Optional[str] = None
+    role_name: Optional[str] = None
+    page: Optional[int] = None
+    page_size: Optional[int] = None
+
+router = APIRouter(prefix="/userRoleOrgan", tags=["用户权限管理接口"])
+
+@router.post("/data-list")
+def dataList(request: SysUserRoleOrganRequest, db: Session = Depends(get_db)):
+    if request.page is None :
+        return StandardResponse(code=FAILED, message="页码不能为空")
+    if request.page_size is None :
+        return StandardResponse(code=FAILED, message="一页记录数不能为空")
+
+    COUNT_SQL = f"select count(1) from sys_user_role_organ a,users b,roles c,sys_organ d where a.user_id =b.id and a.role_id=c.id and a.organ_id=d.id"
+    DATA_SQL = f"select a.*,b.username user_name,c.name role_name,d.name organ_name from sys_user_role_organ a,users b,roles c,sys_organ d where a.user_id =b.id and a.role_id=c.id and a.organ_id=d.id"
+
+    if request.role_name is not None:   #模糊查询角色名称
+        COUNT_SQL = COUNT_SQL + f" and c.name like '%" + request.role_name + f"%'"
+        DATA_SQL = DATA_SQL + f" and c.name like '%" + request.role_name + f"%'"
+    if request.user_name is not None:   #模糊查询用户名称
+        COUNT_SQL = COUNT_SQL + f" and b.username like '%" + request.user_name + f"%'"
+        DATA_SQL = DATA_SQL + f" and b.username like '%" + request.user_name + f"%'"
+    if request.user_id is not None:   #查询用户编号
+        COUNT_SQL = COUNT_SQL + f" and a.user_id = " + str(request.user_id)
+        DATA_SQL = DATA_SQL + f" and a.user_id = " + str(request.user_id)
+    if request.organ_id is not None:    #模糊机构名称
+        COUNT_SQL = COUNT_SQL + f" and a.organ_id =" + str(request.organ_id)
+        DATA_SQL = DATA_SQL + f" and a.organ_id =" + str(request.organ_id)
+
+    result = db.execute(text(COUNT_SQL))
+    count = result.scalar()
+    total_page = ceil(count / request.page_size)
+    start = 1
+    if request.page <= total_page:
+        start = (request.page - 1) * request.page_size
+
+    DATA_SQL = DATA_SQL + f" order by id limit "+ str(request.page_size) + f" OFFSET " + str(start)
+
+    results = db.execute(text(DATA_SQL))
+    datList = []
+    for row in results:
+        datList.append({
+            "id":row.id, 
+            'user_id':row.user_id,
+            'role_id':row.role_id, 
+            'organ_id':row.organ_id,            
+            'data_type':row.data_type,
+            'last_use_time':row.last_use_time,
+            'create_time':row.create_time,
+            'create_by':row.create_by,
+            'update_time':row.update_time,
+            'update_by':row.update_by,
+            'user_name':row.user_name,            
+            'role_name':row.role_name,
+            'organ_name':row.organ_name
+        })
+
+    return resp_200(data={"total": count, "pages": request.page, "size": request.page_size, "records": datList})
+
+@router.post("/insert", response_model=StandardResponse)
+def insertData(request: SysUserRoleOrganRequest, db: Session = Depends(get_db), sess:SessionValues = Depends(verify_session_id)):
+    biz = SysUserRoleOrganBusiness(db)
+    if request.user_id is None:
+        return StandardResponse(code=FAILED, message="用户编号不能为空")
+    if request.role_id is None:
+        return StandardResponse(code=FAILED, message="角色编号不能为空")
+    if request.organ_id is None:
+        return StandardResponse(code=FAILED, message="机构编号不能为空")
+    if request.data_type is None:
+        return StandardResponse(code=FAILED, message="数据权限类型不能为空")
+   
+    data = biz.get_SURO(request.user_id,request.organ_id)
+    if data is not None:
+        return StandardResponse(code=FAILED, message="用户角色机构已经存在")
+
+    data = biz.insert_data(request.user_id, request.role_id,request.organ_id,request.data_type,sess.full_name)
+    if data is None:
+        return StandardResponse(code=FAILED, message="创建用户角色机构失败")
+    return StandardResponse(code=SUCCESS, message="创建用户角色机构成功")
+
+@router.post("/update", response_model=StandardResponse)
+def updateData(request: SysUserRoleOrganRequest, db: Session = Depends(get_db), sess:SessionValues = Depends(verify_session_id)):
+    biz = SysUserRoleOrganBusiness(db)
+
+    if request.id is None:
+        return StandardResponse(code=FAILED, message="编号不能为空")
+    if request.user_id is None:
+        return StandardResponse(code=FAILED, message="用户编号不能为空")
+    if request.role_id is None:
+        return StandardResponse(code=FAILED, message="角色编号不能为空")
+    if request.data_type is None:
+        return StandardResponse(code=FAILED, message="数据权限类型不能为空")
+    
+    biz.update_data(request.id,request.user_id, request.role_id,request.organ_id,request.data_type,sess.full_name)
+    return StandardResponse(code=SUCCESS, message="更新用户角色机构成功")
+        
+@router.post("/delete/{id}", response_model=StandardResponse)
+def deleteData(id:int, db: Session = Depends(get_db)):
+    biz = SysUserRoleOrganBusiness(db)
+    biz.delete_data(id)
+    return StandardResponse(code=SUCCESS, message="删除用户角色机构成功")
+
+sys_user_role_organ = router

agent/router/user_router.py

@@ -10,6 +10,8 @@ from sqlalchemy.orm import Session
 from agent.models.web.response import StandardResponse,FAILED,SUCCESS
 from agent.models.web.request import BasicRequest
 from agent.libs.user import UserBusiness,SessionBusiness, UserRoleBusiness, RoleBusiness, PermissionBusiness
+from agent.libs.sys import SysUserRoleOrganBusiness
+
 import logging
 from pydantic import BaseModel
 from typing import Optional
@@ -66,13 +68,18 @@ def register(request: BasicRequest, db: Session = Depends(get_db)):
             logger.info("delete old session")
             session.delete_session(old_session.session_id)
             
+        sysUserRoleOrganBusiness = SysUserRoleOrganBusiness(db);
+        sysUserRoleOrgan = sysUserRoleOrganBusiness.get_last_use_SURO(user.id)
+        if sysUserRoleOrgan is None:
+            return StandardResponse(code=FAILED, message="请先设置权限后再登录")
+        
         logger.info("create new session")
-        new_session = session.create_session(user)
+        new_session = session.create_session(user,sysUserRoleOrgan)
 
         # Get user roles and permissions
         user_role_biz = UserRoleBusiness(db)
-        user_roles = user_role_biz.get_user_roles(user.id)
-        user_menu_permissions = user_role_biz.get_user_menu_permissions(user.id)
+        user_roles = user_role_biz.get_user_roles(sysUserRoleOrgan.role_id)
+        user_menu_permissions = user_role_biz.get_role_menu_permissions(sysUserRoleOrgan.role_id)
 
         # Prepare roles and permissions for response
         roles_data = [{

agent/server.py

@@ -59,6 +59,16 @@ app.add_middleware(
 from router.task_router import task_router
 app.include_router(task_router)
 
+
+from router.sys_organ import sys_organ
+app.include_router(sys_organ)
+
+from router.sys_user_role_organ import sys_user_role_organ
+app.include_router(sys_user_role_organ)
+
+from router.sys import sys
+app.include_router(sys)
+
 from router.file_router import file_router
 app.include_router(file_router)
 

config/site.py

@@ -37,10 +37,16 @@ class SiteConfig:
             'DOC_ABSTRACT_OUTPUT_PATH': os.getenv("DOC_ABSTRACT_OUTPUT_PATH"),
             'JIEBA_USER_DICT': os.getenv("JIEBA_USER_DICT"),
             'JIEBA_STOP_DICT': os.getenv("JIEBA_STOP_DICT"),
-            'POSTGRESQL_HOST':  os.getenv("POSTGRESQL_HOST","localhost"),
+            #'POSTGRESQL_HOST':  os.getenv("POSTGRESQL_HOST","localhost"),
+            #'POSTGRESQL_DATABASE':  os.getenv("POSTGRESQL_DATABASE","kg"),
+            #'POSTGRESQL_USER':  os.getenv("POSTGRESQL_USER","dify"),
+            #'POSTGRESQL_PASSWORD':  os.getenv("POSTGRESQL_PASSWORD",quote("difyai123456")),
+
+            'POSTGRESQL_HOST':  os.getenv("POSTGRESQL_HOST","173.18.12.203"),
             'POSTGRESQL_DATABASE':  os.getenv("POSTGRESQL_DATABASE","kg"),
-            'POSTGRESQL_USER':  os.getenv("POSTGRESQL_USER","dify"),
-            'POSTGRESQL_PASSWORD':  os.getenv("POSTGRESQL_PASSWORD",quote("difyai123456")),
+            'POSTGRESQL_USER':  os.getenv("POSTGRESQL_USER","knowledge"),
+            'POSTGRESQL_PASSWORD':  os.getenv("POSTGRESQL_PASSWORD",quote("qwer1234.")),
+
             'JOB_PATH': os.getenv("JOB_PATH","/app/agent/jobs"),
         }
     def get_config(self, config_name, default=None): 

openapi.yaml

@@ -53,6 +53,273 @@ paths:
             application/json:
               schema:
                 $ref: '#/components/schemas/HTTPValidationError'
+  /organ/loadData:
+    get:
+      tags:
+      - "\u673A\u6784&\u79D1\u5BA4\u7BA1\u7406\u63A5\u53E3"
+      summary: Loaddata
+      operationId: loadData_organ_loadData_get
+      responses:
+        '200':
+          description: Successful Response
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/StandardResponse'
+  /organ/loadDataById/{id}:
+    get:
+      tags:
+      - "\u673A\u6784&\u79D1\u5BA4\u7BA1\u7406\u63A5\u53E3"
+      summary: Loaddatabyparentid
+      operationId: loadDataByParentId_organ_loadDataById__id__get
+      parameters:
+      - name: id
+        in: path
+        required: true
+        schema:
+          type: integer
+          title: Id
+      responses:
+        '200':
+          description: Successful Response
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/StandardResponse'
+        '422':
+          description: Validation Error
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/HTTPValidationError'
+  /organ/insert:
+    post:
+      tags:
+      - "\u673A\u6784&\u79D1\u5BA4\u7BA1\u7406\u63A5\u53E3"
+      summary: Insertdata
+      operationId: insertData_organ_insert_post
+      requestBody:
+        content:
+          application/json:
+            schema:
+              $ref: '#/components/schemas/SysOrganRequest'
+        required: true
+      responses:
+        '200':
+          description: Successful Response
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/StandardResponse'
+        '422':
+          description: Validation Error
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/HTTPValidationError'
+  /organ/update:
+    post:
+      tags:
+      - "\u673A\u6784&\u79D1\u5BA4\u7BA1\u7406\u63A5\u53E3"
+      summary: Updatedata
+      operationId: updateData_organ_update_post
+      requestBody:
+        content:
+          application/json:
+            schema:
+              $ref: '#/components/schemas/SysOrganRequest'
+        required: true
+      responses:
+        '200':
+          description: Successful Response
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/StandardResponse'
+        '422':
+          description: Validation Error
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/HTTPValidationError'
+  /organ/delete/{id}:
+    post:
+      tags:
+      - "\u673A\u6784&\u79D1\u5BA4\u7BA1\u7406\u63A5\u53E3"
+      summary: Deletedata
+      operationId: deleteData_organ_delete__id__post
+      parameters:
+      - name: id
+        in: path
+        required: true
+        schema:
+          type: integer
+          title: Id
+      responses:
+        '200':
+          description: Successful Response
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/StandardResponse'
+        '422':
+          description: Validation Error
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/HTTPValidationError'
+  /userRoleOrgan/data-list:
+    post:
+      tags:
+      - "\u7528\u6237\u6743\u9650\u7BA1\u7406\u63A5\u53E3"
+      summary: Datalist
+      operationId: dataList_userRoleOrgan_data_list_post
+      requestBody:
+        content:
+          application/json:
+            schema:
+              $ref: '#/components/schemas/SysUserRoleOrganRequest'
+        required: true
+      responses:
+        '200':
+          description: Successful Response
+          content:
+            application/json:
+              schema: {}
+        '422':
+          description: Validation Error
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/HTTPValidationError'
+  /userRoleOrgan/insert:
+    post:
+      tags:
+      - "\u7528\u6237\u6743\u9650\u7BA1\u7406\u63A5\u53E3"
+      summary: Insertdata
+      operationId: insertData_userRoleOrgan_insert_post
+      requestBody:
+        content:
+          application/json:
+            schema:
+              $ref: '#/components/schemas/SysUserRoleOrganRequest'
+        required: true
+      responses:
+        '200':
+          description: Successful Response
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/StandardResponse'
+        '422':
+          description: Validation Error
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/HTTPValidationError'
+  /userRoleOrgan/update:
+    post:
+      tags:
+      - "\u7528\u6237\u6743\u9650\u7BA1\u7406\u63A5\u53E3"
+      summary: Updatedata
+      operationId: updateData_userRoleOrgan_update_post
+      requestBody:
+        content:
+          application/json:
+            schema:
+              $ref: '#/components/schemas/SysUserRoleOrganRequest'
+        required: true
+      responses:
+        '200':
+          description: Successful Response
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/StandardResponse'
+        '422':
+          description: Validation Error
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/HTTPValidationError'
+  /userRoleOrgan/delete/{id}:
+    post:
+      tags:
+      - "\u7528\u6237\u6743\u9650\u7BA1\u7406\u63A5\u53E3"
+      summary: Deletedata
+      operationId: deleteData_userRoleOrgan_delete__id__post
+      parameters:
+      - name: id
+        in: path
+        required: true
+        schema:
+          type: integer
+          title: Id
+      responses:
+        '200':
+          description: Successful Response
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/StandardResponse'
+        '422':
+          description: Validation Error
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/HTTPValidationError'
+  /sys/currSURO:
+    get:
+      tags:
+      - "\u7CFB\u7EDF\u63A5\u53E3"
+      summary: Currsuro
+      operationId: currSURO_sys_currSURO_get
+      responses:
+        '200':
+          description: Successful Response
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/StandardResponse'
+  /sys/loadSURO:
+    get:
+      tags:
+      - "\u7CFB\u7EDF\u63A5\u53E3"
+      summary: Loadsuro
+      operationId: loadSURO_sys_loadSURO_get
+      responses:
+        '200':
+          description: Successful Response
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/StandardResponse'
+  /sys/changeSURO/{id}:
+    post:
+      tags:
+      - "\u7CFB\u7EDF\u63A5\u53E3"
+      summary: Changesuro
+      operationId: changeSURO_sys_changeSURO__id__post
+      parameters:
+      - name: id
+        in: path
+        required: true
+        schema:
+          type: integer
+          title: Id
+      responses:
+        '200':
+          description: Successful Response
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/StandardResponse'
+        '422':
+          description: Validation Error
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/HTTPValidationError'
   /file/upload/{file_type}/{job_id}:
     post:
       tags:
@@ -1006,7 +1273,6 @@ paths:
             application/json:
               schema:
                 type: object
-                additionalProperties: true
                 title: Response Delete File Files  File Id  Delete
         '422':
           description: Validation Error
@@ -1040,7 +1306,6 @@ paths:
             application/json:
               schema:
                 type: object
-                additionalProperties: true
                 title: Response Change File Status Files  File Id  Changestatus Get
         '422':
           description: Validation Error
@@ -1468,8 +1733,7 @@ components:
           title: Name
         properties:
           anyOf:
-          - additionalProperties: true
-            type: object
+          - type: object
           - type: 'null'
           title: Properties
       type: object
@@ -1511,7 +1775,6 @@ components:
           type: integer
           title: Node Id
         properties:
-          additionalProperties: true
           type: object
           title: Properties
       type: object
@@ -1710,8 +1973,7 @@ components:
           title: Relationship Type
         property:
           anyOf:
-          - additionalProperties: true
-            type: object
+          - type: object
           - type: 'null'
           title: Property
       type: object
@@ -1734,8 +1996,7 @@ components:
           title: Message
         data:
           anyOf:
-          - additionalProperties: true
-            type: object
+          - type: object
           - items: {}
             type: array
           - type: boolean
@@ -1804,7 +2065,6 @@ components:
           title: Message
           default: success
         meta:
-          additionalProperties: true
           type: object
           title: Meta
           default: {}
@@ -1820,6 +2080,84 @@ components:
           title: Total
       type: object
       title: StandardResponse
+    SysOrganRequest:
+      properties:
+        id:
+          anyOf:
+          - type: integer
+          - type: 'null'
+          title: Id
+        name:
+          type: string
+          title: Name
+        manager:
+          anyOf:
+          - type: string
+          - type: 'null'
+          title: Manager
+        phone:
+          anyOf:
+          - type: string
+          - type: 'null'
+          title: Phone
+        parent_id:
+          anyOf:
+          - type: integer
+          - type: 'null'
+          title: Parent Id
+      type: object
+      required:
+      - name
+      title: SysOrganRequest
+    SysUserRoleOrganRequest:
+      properties:
+        id:
+          anyOf:
+          - type: integer
+          - type: 'null'
+          title: Id
+        user_id:
+          anyOf:
+          - type: integer
+          - type: 'null'
+          title: User Id
+        role_id:
+          anyOf:
+          - type: integer
+          - type: 'null'
+          title: Role Id
+        organ_id:
+          anyOf:
+          - type: integer
+          - type: 'null'
+          title: Organ Id
+        data_type:
+          anyOf:
+          - type: integer
+          - type: 'null'
+          title: Data Type
+        user_name:
+          anyOf:
+          - type: string
+          - type: 'null'
+          title: User Name
+        role_name:
+          anyOf:
+          - type: string
+          - type: 'null'
+          title: Role Name
+        page:
+          anyOf:
+          - type: integer
+          - type: 'null'
+          title: Page
+        page_size:
+          anyOf:
+          - type: integer
+          - type: 'null'
+          title: Page Size
+      type: object
+      title: SysUserRoleOrganRequest
     UpdateEntity:
       properties:
         user_id: