diff --git a/user_management/urls.py b/user_management/urls.py index 4a44b82..124b149 100644 --- a/user_management/urls.py +++ b/user_management/urls.py @@ -21,6 +21,7 @@ router = DefaultRouter() # 注册视图集 router.register(r'knowledge-bases', KnowledgeBaseViewSet, basename='knowledge-base') +router.register(r'knowledge-bases', KnowledgeBaseViewSet, basename='knowledge-bases') router.register(r'permissions', PermissionViewSet, basename='permission') router.register(r'notifications', NotificationViewSet, basename='notification') router.register(r'chat-history', ChatHistoryViewSet, basename='chat-history') diff --git a/user_management/views.py b/user_management/views.py index a7a33cd..3de07ca 100644 --- a/user_management/views.py +++ b/user_management/views.py @@ -622,6 +622,8 @@ class KnowledgeBaseViewSet(viewsets.ModelViewSet): 'message': '只有管理员可以创建保密级知识库', 'data': None }, status=status.HTTP_403_FORBIDDEN) + department = None + group = None elif type == 'leader': if user.role != 'admin': @@ -660,6 +662,10 @@ class KnowledgeBaseViewSet(viewsets.ModelViewSet): 'message': '创建成员知识库时必须指定组', 'data': None }, status=status.HTTP_400_BAD_REQUEST) + elif type == 'private': + # 对于private类型,不保存department和group + department = None + group = None # 3. 验证请求数据 data = request.data.copy() @@ -1518,6 +1524,147 @@ class KnowledgeBaseViewSet(viewsets.ModelViewSet): "data": None }, status=status.HTTP_500_INTERNAL_SERVER_ERROR) + @action(detail=True, methods=['post']) + def change_type(self, request, pk=None): + """修改知识库类型""" + try: + instance = self.get_object() + user = request.user + + # 判断角色和权限 + is_creator = str(user.id) == str(instance.user_id) + is_admin = user.role == 'admin' + is_leader = user.role == 'leader' + is_member = user.role == 'member' or user.role == 'user' # 组员或普通用户 + + # 组员无权修改知识库类型 + if is_member and not (is_admin or is_leader): + return Response({ + "code": 403, + "message": "组员无权修改知识库类型,只能使用private类型", + "data": None + }, status=status.HTTP_403_FORBIDDEN) + + # 权限检查 + if not is_creator: + # 非创建者无法修改知识库类型 + return Response({ + "code": 403, + "message": "只有知识库创建者可以修改知识库类型", + "data": None + }, status=status.HTTP_403_FORBIDDEN) + + # 获取新类型 + new_type = request.data.get('type') + if not new_type: + return Response({ + "code": 400, + "message": "新类型不能为空", + "data": None + }, status=status.HTTP_400_BAD_REQUEST) + + # 验证类型是否有效 + valid_types = ['private', 'admin', 'secret', 'leader', 'member'] + if new_type not in valid_types: + return Response({ + "code": 400, + "message": f"无效的知识库类型,可选值: {', '.join(valid_types)}", + "data": None + }, status=status.HTTP_400_BAD_REQUEST) + + # 角色特定的类型限制 + if is_leader and not is_admin: # 组长且不是管理员 + # 组长只能在private和member类型之间切换 + if new_type not in ['private', 'member']: + return Response({ + "code": 403, + "message": "组长只能将知识库设置为private或member类型", + "data": None + }, status=status.HTTP_403_FORBIDDEN) + + # 处理department和group字段 + department = request.data.get('department') + group = request.data.get('group') + + # 组长只能设置自己部门 + if is_leader and not is_admin and new_type == 'member': + if department and department != user.department: + return Response({ + "code": 403, + "message": "组长只能为本部门设置知识库", + "data": None + }, status=status.HTTP_403_FORBIDDEN) + # 如果未指定部门,强制设置为组长的部门 + department = user.department + + # 根据类型验证必填字段 + if new_type == 'leader': + if not department: + return Response({ + "code": 400, + "message": "组长级知识库必须指定部门", + "data": None + }, status=status.HTTP_400_BAD_REQUEST) + + if new_type == 'member': + if not department: + return Response({ + "code": 400, + "message": "成员级知识库必须指定部门", + "data": None + }, status=status.HTTP_400_BAD_REQUEST) + if not group: + return Response({ + "code": 400, + "message": "成员级知识库必须指定组", + "data": None + }, status=status.HTTP_400_BAD_REQUEST) + + # 如果是admin或secret类型,清除department和group + if new_type in ['admin', 'secret']: + department = None + group = None + + # 如果是private类型但未指定department和group,使用原值 + if new_type == 'private': + if department is None: + department = instance.department + if group is None: + group = instance.group + + # 更新知识库类型和相关字段 + instance.type = new_type + instance.department = department + instance.group = group + instance.save() + + return Response({ + "code": 200, + "message": f"知识库类型已更新为{new_type}", + "data": { + "id": instance.id, + "name": instance.name, + "type": instance.type, + "department": instance.department, + "group": instance.group + } + }) + + except Http404: + return Response({ + "code": 404, + "message": "知识库不存在", + "data": None + }, status=status.HTTP_404_NOT_FOUND) + except Exception as e: + logger.error(f"修改知识库类型失败: {str(e)}") + logger.error(traceback.format_exc()) + return Response({ + "code": 500, + "message": f"修改知识库类型失败: {str(e)}", + "data": None + }, status=status.HTTP_500_INTERNAL_SERVER_ERROR) + class PermissionViewSet(viewsets.ModelViewSet): serializer_class = PermissionSerializer