From 93d585c0d57a294d70dac8e554385971ccef2967 Mon Sep 17 00:00:00 2001
From: jerryjzhang <jerryjzhang@tencent.com>
Date: Mon, 10 Mar 2025 23:58:19 +0800
Subject: [PATCH] [feature][common]Add permission management to chat model.

---
 .../supersonic/common/config/ChatModel.java   | 10 +++++++-
 .../persistence/dataobject/ChatModelDO.java   |  2 ++
 .../common/service/ChatModelService.java      |  2 +-
 .../service/impl/ChatModelServiceImpl.java    | 23 +++++++++++++++----
 .../api/pojo/request/DatabaseReq.java         |  3 +++
 .../api/pojo/response/DatabaseResp.java       |  6 +++++
 .../persistence/dataobject/DatabaseDO.java    |  2 ++
 .../server/rest/ChatModelController.java      |  6 +++--
 .../service/impl/DatabaseServiceImpl.java     |  6 +++--
 .../tencent/supersonic/demo/S2BaseDemo.java   |  2 +-
 .../config.update/sql-update-mysql.sql        |  6 ++++-
 .../src/main/resources/db/schema-h2.sql       |  4 +++-
 .../src/main/resources/db/schema-mysql.sql    |  2 ++
 .../src/main/resources/db/schema-postgres.sql |  6 +++--
 14 files changed, 65 insertions(+), 15 deletions(-)

diff --git a/common/src/main/java/com/tencent/supersonic/common/config/ChatModel.java b/common/src/main/java/com/tencent/supersonic/common/config/ChatModel.java
index edbcbde01..412c43205 100644
--- a/common/src/main/java/com/tencent/supersonic/common/config/ChatModel.java
+++ b/common/src/main/java/com/tencent/supersonic/common/config/ChatModel.java
@@ -1,9 +1,11 @@
 package com.tencent.supersonic.common.config;
 
+import com.google.common.collect.Lists;
 import com.tencent.supersonic.common.pojo.ChatModelConfig;
 import lombok.Data;
 
 import java.util.Date;
+import java.util.List;
 
 @Data
 public class ChatModel {
@@ -25,5 +27,11 @@ public class ChatModel {
 
     private String admin;
 
-    private String viewer;
+    private List<String> viewers = Lists.newArrayList();
+
+    private Integer isOpen = 0;
+
+    public boolean isPublic() {
+        return isOpen != null && isOpen == 1;
+    }
 }
diff --git a/common/src/main/java/com/tencent/supersonic/common/persistence/dataobject/ChatModelDO.java b/common/src/main/java/com/tencent/supersonic/common/persistence/dataobject/ChatModelDO.java
index 8c2d60abb..c3b3b87b5 100644
--- a/common/src/main/java/com/tencent/supersonic/common/persistence/dataobject/ChatModelDO.java
+++ b/common/src/main/java/com/tencent/supersonic/common/persistence/dataobject/ChatModelDO.java
@@ -30,4 +30,6 @@ public class ChatModelDO {
     private String admin;
 
     private String viewer;
+
+    private Integer isOpen;
 }
diff --git a/common/src/main/java/com/tencent/supersonic/common/service/ChatModelService.java b/common/src/main/java/com/tencent/supersonic/common/service/ChatModelService.java
index 90a778776..d90525ebe 100644
--- a/common/src/main/java/com/tencent/supersonic/common/service/ChatModelService.java
+++ b/common/src/main/java/com/tencent/supersonic/common/service/ChatModelService.java
@@ -7,7 +7,7 @@ import com.tencent.supersonic.common.pojo.User;
 import java.util.List;
 
 public interface ChatModelService {
-    List<ChatModel> getChatModels();
+    List<ChatModel> getChatModels(User user);
 
     ChatModel getChatModel(Integer id);
 
diff --git a/common/src/main/java/com/tencent/supersonic/common/service/impl/ChatModelServiceImpl.java b/common/src/main/java/com/tencent/supersonic/common/service/impl/ChatModelServiceImpl.java
index a3e0131ad..7cea5dae3 100644
--- a/common/src/main/java/com/tencent/supersonic/common/service/impl/ChatModelServiceImpl.java
+++ b/common/src/main/java/com/tencent/supersonic/common/service/impl/ChatModelServiceImpl.java
@@ -23,8 +23,15 @@ import java.util.stream.Collectors;
 public class ChatModelServiceImpl extends ServiceImpl<ChatModelMapper, ChatModelDO>
         implements ChatModelService {
     @Override
-    public List<ChatModel> getChatModels() {
-        return list().stream().map(this::convert).collect(Collectors.toList());
+    public List<ChatModel> getChatModels(User user) {
+        return list().stream().map(this::convert).filter(chatModel -> {
+           if (chatModel.isPublic() || user.isSuperAdmin()
+                   || chatModel.getCreatedBy().equals(user.getName())
+                   || chatModel.getViewers().contains(user.getName())) {
+               return true;
+           }
+           return false;
+        }).collect(Collectors.toList());
     }
 
     @Override
@@ -41,12 +48,15 @@ public class ChatModelServiceImpl extends ServiceImpl<ChatModelMapper, ChatModel
         chatModelDO.setCreatedBy(user.getName());
         chatModelDO.setCreatedAt(new Date());
         chatModelDO.setUpdatedBy(user.getName());
-        chatModelDO.setUpdatedAt(new Date());
+        chatModelDO.setUpdatedAt(chatModelDO.getCreatedAt());
+        chatModelDO.setIsOpen(chatModel.getIsOpen());
         if (StringUtils.isBlank(chatModel.getAdmin())) {
             chatModelDO.setAdmin(user.getName());
         }
+        if (!chatModel.getViewers().isEmpty()) {
+            chatModelDO.setViewer(JsonUtil.toString(chatModel.getViewers()));
+        }
         save(chatModelDO);
-        chatModel.setId(chatModelDO.getId());
         return chatModel;
     }
 
@@ -55,9 +65,13 @@ public class ChatModelServiceImpl extends ServiceImpl<ChatModelMapper, ChatModel
         ChatModelDO chatModelDO = convert(chatModel);
         chatModelDO.setUpdatedBy(user.getName());
         chatModelDO.setUpdatedAt(new Date());
+        chatModelDO.setIsOpen(chatModel.getIsOpen());
         if (StringUtils.isBlank(chatModel.getAdmin())) {
             chatModel.setAdmin(user.getName());
         }
+        if (!chatModel.getViewers().isEmpty()) {
+            chatModelDO.setViewer(JsonUtil.toString(chatModel.getViewers()));
+        }
         updateById(chatModelDO);
         return chatModel;
     }
@@ -74,6 +88,7 @@ public class ChatModelServiceImpl extends ServiceImpl<ChatModelMapper, ChatModel
         ChatModel chatModel = new ChatModel();
         BeanUtils.copyProperties(chatModelDO, chatModel);
         chatModel.setConfig(JsonUtil.toObject(chatModelDO.getConfig(), ChatModelConfig.class));
+        chatModel.setViewers(JsonUtil.toList(chatModelDO.getViewer(), String.class));
         return chatModel;
     }
 
diff --git a/headless/api/src/main/java/com/tencent/supersonic/headless/api/pojo/request/DatabaseReq.java b/headless/api/src/main/java/com/tencent/supersonic/headless/api/pojo/request/DatabaseReq.java
index 4856ab35a..fc014842f 100644
--- a/headless/api/src/main/java/com/tencent/supersonic/headless/api/pojo/request/DatabaseReq.java
+++ b/headless/api/src/main/java/com/tencent/supersonic/headless/api/pojo/request/DatabaseReq.java
@@ -32,9 +32,12 @@ public class DatabaseReq extends RecordInfo {
     private String description;
 
     private String schema;
+
     private String url;
 
     private List<String> admins = Lists.newArrayList();
 
     private List<String> viewers = Lists.newArrayList();
+
+    private Integer isOpen = 0;
 }
diff --git a/headless/api/src/main/java/com/tencent/supersonic/headless/api/pojo/response/DatabaseResp.java b/headless/api/src/main/java/com/tencent/supersonic/headless/api/pojo/response/DatabaseResp.java
index d64419f40..2d7526e3c 100644
--- a/headless/api/src/main/java/com/tencent/supersonic/headless/api/pojo/response/DatabaseResp.java
+++ b/headless/api/src/main/java/com/tencent/supersonic/headless/api/pojo/response/DatabaseResp.java
@@ -28,6 +28,8 @@ public class DatabaseResp extends RecordInfo {
 
     private List<String> viewers = Lists.newArrayList();
 
+    private Integer isOpen = 0;
+
     private String type;
 
     private String url;
@@ -48,6 +50,10 @@ public class DatabaseResp extends RecordInfo {
 
     private boolean hasEditPermission = false;
 
+    public boolean isPublic() {
+        return isOpen != null && isOpen == 1;
+    }
+
     public String getHost() {
         Pattern p = Pattern.compile("jdbc:(?<db>\\w+):.*((//)|@)(?<host>.+):(?<port>\\d+).*");
         Matcher m = p.matcher(url);
diff --git a/headless/server/src/main/java/com/tencent/supersonic/headless/server/persistence/dataobject/DatabaseDO.java b/headless/server/src/main/java/com/tencent/supersonic/headless/server/persistence/dataobject/DatabaseDO.java
index a48955f90..94233df85 100644
--- a/headless/server/src/main/java/com/tencent/supersonic/headless/server/persistence/dataobject/DatabaseDO.java
+++ b/headless/server/src/main/java/com/tencent/supersonic/headless/server/persistence/dataobject/DatabaseDO.java
@@ -44,6 +44,8 @@ public class DatabaseDO {
     /** */
     private String viewer;
 
+    private Integer isOpen = 0;
+
     /** 配置信息 */
     private String config;
 
diff --git a/headless/server/src/main/java/com/tencent/supersonic/headless/server/rest/ChatModelController.java b/headless/server/src/main/java/com/tencent/supersonic/headless/server/rest/ChatModelController.java
index 1da2eca33..3c08d5356 100644
--- a/headless/server/src/main/java/com/tencent/supersonic/headless/server/rest/ChatModelController.java
+++ b/headless/server/src/main/java/com/tencent/supersonic/headless/server/rest/ChatModelController.java
@@ -52,8 +52,10 @@ public class ChatModelController {
     }
 
     @RequestMapping("/getModelList")
-    public List<ChatModel> getModelList() {
-        return chatModelService.getChatModels();
+    public List<ChatModel> getModelList(HttpServletRequest httpServletRequest,
+                                        HttpServletResponse httpServletResponse) {
+        User user = UserHolder.findUser(httpServletRequest, httpServletResponse);
+        return chatModelService.getChatModels(user);
     }
 
     @RequestMapping("/getModelAppList")
diff --git a/headless/server/src/main/java/com/tencent/supersonic/headless/server/service/impl/DatabaseServiceImpl.java b/headless/server/src/main/java/com/tencent/supersonic/headless/server/service/impl/DatabaseServiceImpl.java
index 89b84f30c..4397f2280 100644
--- a/headless/server/src/main/java/com/tencent/supersonic/headless/server/service/impl/DatabaseServiceImpl.java
+++ b/headless/server/src/main/java/com/tencent/supersonic/headless/server/service/impl/DatabaseServiceImpl.java
@@ -96,14 +96,16 @@ public class DatabaseServiceImpl extends ServiceImpl<DatabaseDOMapper, DatabaseD
                 databaseResp.setHasEditPermission(true);
                 databaseResp.setHasUsePermission(true);
             }
-            if (databaseResp.getViewers().contains(user.getName())) {
+            if (databaseResp.getViewers().contains(user.getName())
+                    || databaseResp.isPublic()) {
                 databaseResp.setHasUsePermission(true);
             }
         });
     }
 
     private boolean filterByAuth(DatabaseResp database, User user, AuthType authType) {
-        if (user.isSuperAdmin() || user.getName().equals(database.getCreatedBy())) {
+        if (database.isPublic() || user.isSuperAdmin()
+                || user.getName().equals(database.getCreatedBy())) {
             return true;
         }
         authType = authType == null ? AuthType.VIEWER : authType;
diff --git a/launchers/standalone/src/main/java/com/tencent/supersonic/demo/S2BaseDemo.java b/launchers/standalone/src/main/java/com/tencent/supersonic/demo/S2BaseDemo.java
index 3b88aeed1..dac1478c3 100644
--- a/launchers/standalone/src/main/java/com/tencent/supersonic/demo/S2BaseDemo.java
+++ b/launchers/standalone/src/main/java/com/tencent/supersonic/demo/S2BaseDemo.java
@@ -140,7 +140,7 @@ public abstract class S2BaseDemo implements CommandLineRunner {
     }
 
     protected ChatModel addChatModelIfNotExist() {
-        List<ChatModel> chatModels = chatModelService.getChatModels();
+        List<ChatModel> chatModels = chatModelService.getChatModels(defaultUser);
         if (!chatModels.isEmpty()) {
             return chatModels.get(0);
         } else {
diff --git a/launchers/standalone/src/main/resources/config.update/sql-update-mysql.sql b/launchers/standalone/src/main/resources/config.update/sql-update-mysql.sql
index 24f9bb30f..8c4b195bb 100644
--- a/launchers/standalone/src/main/resources/config.update/sql-update-mysql.sql
+++ b/launchers/standalone/src/main/resources/config.update/sql-update-mysql.sql
@@ -413,4 +413,8 @@ ALTER TABLE s2_agent add column `view_org` varchar(3000) DEFAULT NULL COMMENT '
 ALTER TABLE s2_agent add column `is_open` tinyint DEFAULT NULL COMMENT '是否公开';
 
 --20250309
-ALTER TABLE s2_model_rela alter column join_condition type text;
\ No newline at end of file
+ALTER TABLE s2_model_rela alter column join_condition type text;
+
+--20250310
+ALTER TABLE s2_chat_model add column is_open tinyint DEFAULT NULL COMMENT '是否公开';
+ALTER TABLE s2_database add column is_open tinyint DEFAULT NULL COMMENT '是否公开';
\ No newline at end of file
diff --git a/launchers/standalone/src/main/resources/db/schema-h2.sql b/launchers/standalone/src/main/resources/db/schema-h2.sql
index 3629d8796..d5fc98c5e 100644
--- a/launchers/standalone/src/main/resources/db/schema-h2.sql
+++ b/launchers/standalone/src/main/resources/db/schema-h2.sql
@@ -116,6 +116,7 @@ CREATE TABLE IF NOT EXISTS `s2_chat_model`
    `updated_by` varchar(100) NOT  NULL,
    `admin` varchar(500) NOT  NULL,
    `viewer` varchar(500) DEFAULT  NULL,
+   `is_open` TINYINT DEFAULT NULL  , -- whether public
     PRIMARY KEY (`id`)
 ); COMMENT ON TABLE s2_chat_model IS 'chat model table';
 
@@ -197,6 +198,7 @@ CREATE TABLE IF NOT EXISTS `s2_database` (
    `updated_by` varchar(100) NOT  NULL,
    `admin` varchar(500) NOT  NULL,
    `viewer` varchar(500) DEFAULT  NULL,
+   `is_open` TINYINT DEFAULT NULL  , -- whether public
    PRIMARY KEY (`id`)
 );
 COMMENT ON TABLE s2_database IS 'database instance table';
@@ -379,7 +381,7 @@ CREATE TABLE IF NOT EXISTS s2_agent
     enable_feedback int null,
     `admin` varchar(3000) DEFAULT NULL  , -- administrator
     `admin_org` varchar(3000) DEFAULT NULL  , -- administrators organization
-    `is_open` TINYINT DEFAULT NULL  , -- whether the public
+    `is_open` TINYINT DEFAULT NULL  , -- whether public
     `viewer` varchar(3000) DEFAULT NULL  , -- available users
     `view_org` varchar(3000) DEFAULT NULL  , -- available organization
     PRIMARY KEY (`id`)
diff --git a/launchers/standalone/src/main/resources/db/schema-mysql.sql b/launchers/standalone/src/main/resources/db/schema-mysql.sql
index 93cc72660..1e40d493f 100644
--- a/launchers/standalone/src/main/resources/db/schema-mysql.sql
+++ b/launchers/standalone/src/main/resources/db/schema-mysql.sql
@@ -161,6 +161,7 @@ CREATE TABLE IF NOT EXISTS `s2_chat_model` (
    `updated_by` varchar(100) NOT NULL COMMENT '更新人',
    `admin` varchar(500) DEFAULT NULL,
    `viewer` varchar(500) DEFAULT NULL,
+   `is_open` tinyint DEFAULT NULL COMMENT '是否公开',
    PRIMARY KEY (`id`)
 ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COMMENT='对话大模型实例表';
 
@@ -177,6 +178,7 @@ CREATE TABLE IF NOT EXISTS `s2_database` (
    `updated_by` varchar(100) NOT NULL COMMENT '更新人',
    `admin` varchar(500) DEFAULT NULL,
    `viewer` varchar(500) DEFAULT NULL,
+   `is_open` tinyint DEFAULT NULL COMMENT '是否公开',
    PRIMARY KEY (`id`)
 ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COMMENT='数据库实例表';
 
diff --git a/launchers/standalone/src/main/resources/db/schema-postgres.sql b/launchers/standalone/src/main/resources/db/schema-postgres.sql
index 349b99999..aac79316e 100644
--- a/launchers/standalone/src/main/resources/db/schema-postgres.sql
+++ b/launchers/standalone/src/main/resources/db/schema-postgres.sql
@@ -147,7 +147,8 @@ CREATE TABLE IF NOT EXISTS s2_chat_model (
     updated_at timestamp NOT NULL,
     updated_by varchar(100) NOT NULL,
     admin varchar(500) DEFAULT NULL,
-    viewer varchar(500) DEFAULT NULL
+    viewer varchar(500) DEFAULT NULL,
+    is_open smallint DEFAULT NULL
 );
 
 CREATE TABLE IF NOT EXISTS s2_database (
@@ -162,7 +163,8 @@ CREATE TABLE IF NOT EXISTS s2_database (
     updated_at timestamp NOT NULL,
     updated_by varchar(100) NOT NULL,
     admin varchar(500) DEFAULT NULL,
-    viewer varchar(500) DEFAULT NULL
+    viewer varchar(500) DEFAULT NULL,
+    is_open smallint DEFAULT NULL
 );