chore: adjust

packages/global/support/permission/collaborator.d.ts

@@ -1,4 +1,4 @@
-import { RequireAtLeastOne, RequireOnlyOne } from 'common/type/utils';
+import { RequireAtLeastOne, RequireOnlyOne } from '../../common/type/utils';
 import { Permission } from './controller';
 import { PermissionValueType } from './type';
 
@@ -10,14 +10,11 @@ export type CollaboratorItemType = {
   avatar: string;
 };
 
-export type UpdateClbPermissionProps = RequireAtLeastOne<
-  {
-    members: string[];
-    groups: string[];
-    permission: PermissionValueType;
-  },
-  'members' | 'groups'
->;
+export type UpdateClbPermissionProps = {
+  members?: string[];
+  groups?: string[];
+  permission: PermissionValueType;
+};
 
 export type DeleteClbPermissionProps = RequireOnlyOne<{
   tmbId: string;

packages/global/support/permission/type.d.ts

@@ -1,4 +1,4 @@
-import { RequireOnlyOne } from 'common/type/utils';
+import { RequireOnlyOne } from '../../common/type/utils';
 import { TeamMemberWithUserSchema } from '../user/team/type';
 import {
   AuthUserTypeEnum,
@@ -25,15 +25,15 @@ export type PermissionListType<T = {}> = Record<
   }
 >;
 
-export type ResourcePermissionType<T extends SubjectType = SubjectType> = {
+export type ResourcePermissionType = {
   teamId: string;
-  tmbId: T extends 'tmb' ? string : never;
-  groupId: T extends 'group' ? string : never;
-  subjectType: T;
   resourceType: ResourceType;
   permission: PermissionValueType;
   resourceId: string;
-};
+} & RequireOnlyOne<{
+  tmbId: string;
+  groupId: string;
+}>;
 
 export type ResourcePerWithTmbWithUser = Omit<ResourcePermissionType, 'tmbId'> & {
   tmbId: TeamMemberWithUserSchema;

packages/global/support/user/team/group/api.d.ts

@@ -0,0 +1,12 @@
+export type postCreateGroupData = {
+  name: string;
+  avatar?: string;
+  memberIdList?: string[];
+};
+
+export type putUpdateGroupData = {
+  groupId: string;
+  name?: string;
+  avatar?: string;
+  memberIdList?: string[];
+};

packages/service/support/permission/controller.ts

@@ -3,71 +3,110 @@ import { ERROR_ENUM } from '@fastgpt/global/common/error/errorCode';
 import jwt from 'jsonwebtoken';
 import { NextApiResponse } from 'next';
 import type { AuthModeType, ReqHeaderAuthType } from './type.d';
-import {
-  AuthUserTypeEnum,
-  PerResourceTypeEnum,
-  SubjectTypeEnum
-} from '@fastgpt/global/support/permission/constant';
+import { AuthUserTypeEnum, PerResourceTypeEnum } from '@fastgpt/global/support/permission/constant';
 import { authOpenApiKey } from '../openapi/auth';
 import { FileTokenQuery } from '@fastgpt/global/common/file/type';
 import { MongoResourcePermission } from './schema';
 import { ClientSession } from 'mongoose';
-import { ParentIdType } from '@fastgpt/global/common/parentFolder/type';
-import { ResourcePermissionType } from '@fastgpt/global/support/permission/type';
+import {
+  PermissionValueType,
+  ResourcePermissionType
+} from '@fastgpt/global/support/permission/type';
 import { bucketNameMap } from '@fastgpt/global/common/file/constants';
 import { addMinutes } from 'date-fns';
 import { RequireOnlyOne } from '@fastgpt/global/common/type/utils';
 
-export const getResourcePermission = async <T extends `${PerResourceTypeEnum}`>({
+export const getResourcePermission = async ({
   resourceType,
   teamId,
   tmbId,
   groupId,
   resourceId
 }: {
-  resourceType: T;
   teamId: string;
-} & (T extends 'team' ? { resourceId?: undefined } : { resourceId: string }) &
+} & (
+  | {
+      resourceType: 'team';
+      resourceId?: undefined;
+    }
+  | {
+      resourceType: Omit<PerResourceTypeEnum, 'team'>;
+      resourceId: string;
+    }
+) &
   RequireOnlyOne<{
     tmbId?: string;
     groupId?: string;
   }>) => {
-  const subjectType = (() => {
-    if (tmbId) {
-      return SubjectTypeEnum.tmb;
-    }
-    if (groupId) {
-      return SubjectTypeEnum.group;
-    }
-    return SubjectTypeEnum.tmb;
-  })();
-
   const per = await MongoResourcePermission.findOne({
     tmbId,
     teamId,
     resourceType,
     groupId,
-    resourceId,
-    subjectType
-  });
+    resourceId
+  }).lean();
 
   if (!per) {
     return null;
   }
   return per;
 };
 
-export async function getResourceAllClbs<T extends PerResourceTypeEnum>({
+export const getResourcePermissionByGroupIdList = async ({
+  resourceType,
+  teamId,
+  groupIdList,
+  resourceId
+}: {
+  teamId: string;
+  resourceId?: string | null;
+} & (
+  | {
+      resourceType: 'team';
+      resourceId?: undefined;
+    }
+  | {
+      resourceType: Omit<PerResourceTypeEnum, 'team'>;
+      resourceId: string;
+    }
+) &
+  RequireOnlyOne<{
+    tmbId?: string;
+    groupIdList?: string[];
+  }>) => {
+  const per = await MongoResourcePermission.find({
+    teamId,
+    resourceType,
+    groupIdList,
+    resourceId
+  }).lean();
+
+  if (!per) {
+    return null;
+  }
+  return per;
+};
+
+export async function getResourceAllClbs({
   resourceId,
   teamId,
   resourceType,
   session
 }: {
   teamId: string;
-  resourceType: T;
+  // resourceType: T;
   session?: ClientSession;
-  resourceId?: T extends 'team' ? undefined : string;
-}): Promise<ResourcePermissionType[]> {
+  // resourceId?: T extends 'team' ? undefined : ParentIdType;
+} & (
+  | {
+      resourceType: 'team';
+      resourceId?: undefined;
+    }
+  | {
+      resourceType: Omit<PerResourceTypeEnum, 'team'>;
+      resourceId?: string | null;
+    }
+)): Promise<ResourcePermissionType[]> {
   return MongoResourcePermission.find(
     {
       resourceId,
@@ -323,3 +362,16 @@ export const authFileToken = (token?: string) =>
       });
     });
   });
+
+export const getMaxGroupPer = (groups?: PermissionValueType[]) => {
+  if (!groups || !groups.length) {
+    return undefined;
+  }
+  return groups.reduce((prev, cur) => {
+    if (cur) {
+      return Math.max(prev, cur);
+    } else {
+      return prev;
+    }
+  });
+};

packages/service/support/permission/inheritPermission.ts

@@ -3,8 +3,9 @@ import { MongoResourcePermission } from './schema';
 import { ClientSession, Model } from 'mongoose';
 import { NullPermission, PerResourceTypeEnum } from '@fastgpt/global/support/permission/constant';
 import { PermissionValueType } from '@fastgpt/global/support/permission/type';
-import { ParentIdType } from '@fastgpt/global/common/parentFolder/type';
 import { getResourceAllClbs } from './controller';
+import { RequireOnlyOne } from '@fastgpt/global/common/type/utils';
+import { ParentIdType } from '@fastgpt/global/common/parentFolder/type';
 
 export type SyncChildrenPermissionResourceType = {
   _id: string;
@@ -14,8 +15,10 @@ export type SyncChildrenPermissionResourceType = {
 };
 export type UpdateCollaboratorItem = {
   permission: PermissionValueType;
+} & RequireOnlyOne<{
   tmbId: string;
-};
+  groupId: string;
+}>;
 
 // sync the permission to all children folders.
 export async function syncChildrenPermission({

packages/service/support/permission/memberGroup/controllers.ts

@@ -1,11 +1,9 @@
 import { MemberGroupSchemaType } from '@fastgpt/global/support/permission/memberGroup/type';
 import { MongoGroupMemberModel } from './groupMemberSchema';
 import { TeamMemberSchema } from '@fastgpt/global/support/user/team/type';
-import { getResourcePermission } from '../controller';
 import { PerResourceTypeEnum } from '@fastgpt/global/support/permission/constant';
 import { MongoResourcePermission } from '../schema';
-import { MongoMemberGroupModel } from './memberGroupSchema';
-import { Permission } from '@fastgpt/global/support/permission/controller';
+import { getMaxGroupPer } from '../controller';
 
 export const getGroupsByTmbId = async (tmbId: string) => {
   return (
@@ -56,63 +54,38 @@ export const getGroupMembersWithInfoByGroupId = async (groupId: string) => {
 /**
  * Get tmb's group permission: the maximum permission of the group
  * @param tmbId
- * @returns
+ * @param resourceId
+ * @param resourceType
+ * @returns the maximum permission of the group
  */
 export const getGroupPermission = async ({
   tmbId,
   resourceId,
+  teamId,
   resourceType
 }: {
   tmbId: string;
-  resourceId: string;
-  resourceType: `${PerResourceTypeEnum}`;
-}) => {
+  teamId: string;
+} & (
+  | {
+      resourceId?: undefined;
+      resourceType: 'team';
+    }
+  | {
+      resourceId: string;
+      resourceType: Omit<PerResourceTypeEnum, 'team'>;
+    }
+)) => {
   const groupIds = (await getGroupsByTmbId(tmbId)).map((item) => item._id);
   const groupPermissions = (
     await MongoResourcePermission.find({
       groupId: {
         $in: groupIds
       },
       resourceType,
-      resourceId: resourceType === 'team' ? undefined : resourceId,
-      teamId: resourceType === 'team' ? resourceId : undefined
+      resourceId,
+      teamId
     })
   ).map((item) => item.permission);
-  const maxPermission = groupPermissions.length > 0 ? Math.max(...groupPermissions) : undefined;
-
-  return maxPermission;
-};
-
-export const getGroupsByTeamId = async (teamId: string) => {
-  const groups = await MongoMemberGroupModel.find({
-    teamId
-  }).lean();
-
-  const members = await MongoGroupMemberModel.find({
-    groupId: {
-      $in: groups.map((item) => item._id)
-    }
-  }).lean();
-
-  const permissions = await MongoResourcePermission.find({
-    teamId,
-    resourceType: PerResourceTypeEnum.team,
-    groupId: {
-      $in: groups.map((item) => item._id)
-    }
-  }).lean();
-
-  return groups.map((group) => {
-    const memberInGroup = members
-      .filter((member) => String(member.groupId) === String(group._id))
-      .map((item) => String(item.tmbId));
-    const permission = permissions.find(
-      (permission) => String(permission.groupId) === String(group._id)
-    )?.permission;
-    return {
-      ...group,
-      members: memberInGroup,
-      permission
-    };
-  });
+  return getMaxGroupPer(groupPermissions);
 };

packages/service/support/permission/memberGroup/groupMemberSchema.ts

@@ -4,7 +4,7 @@ import { MemberGroupCollectionName } from './memberGroupSchema';
 import { GroupMemberSchemaType } from '@fastgpt/global/support/permission/memberGroup/type';
 const { Schema } = connectionMongo;
 
-export const GroupMemberCollectionName = 'group_member';
+export const GroupMemberCollectionName = 'group_members';
 
 export const GroupMemberSchema = new Schema({
   groupId: {

packages/service/support/permission/memberGroup/memberGroupSchema.ts

@@ -3,7 +3,7 @@ import { connectionMongo, getMongoModel } from '../../../common/mongo';
 import { MemberGroupSchemaType } from '@fastgpt/global/support/permission/memberGroup/type';
 const { Schema } = connectionMongo;
 
-export const MemberGroupCollectionName = 'member_group';
+export const MemberGroupCollectionName = 'member_groups';
 
 export const MemberGroupSchema = new Schema({
   teamId: {

packages/service/support/permission/schema.ts

@@ -3,12 +3,12 @@ import {
   TeamMemberCollectionName
 } from '@fastgpt/global/support/user/team/constant';
 import { connectionMongo, getMongoModel } from '../../common/mongo';
-import type { ResourcePermissionType, SubjectType } from '@fastgpt/global/support/permission/type';
-import { PerResourceTypeEnum, SubjectTypeEnum } from '@fastgpt/global/support/permission/constant';
-import { MemberGroupSchema, MemberGroupCollectionName } from './memberGroup/memberGroupSchema';
+import type { ResourcePermissionType } from '@fastgpt/global/support/permission/type';
+import { PerResourceTypeEnum } from '@fastgpt/global/support/permission/constant';
+import { MemberGroupCollectionName } from './memberGroup/memberGroupSchema';
 const { Schema } = connectionMongo;
 
-export const ResourcePermissionCollectionName = 'resource_permission';
+export const ResourcePermissionCollectionName = 'resource_permissions';
 
 export const ResourcePermissionSchema = new Schema({
   teamId: {
@@ -62,7 +62,7 @@ try {
   console.log(error);
 }
 
-export const MongoResourcePermission = getMongoModel<ResourcePermissionType<SubjectType>>(
+export const MongoResourcePermission = getMongoModel<ResourcePermissionType>(
   ResourcePermissionCollectionName,
   ResourcePermissionSchema
 );