add authorization code

README.md

@@ -42,9 +42,11 @@ LangChat是Java生态下企业级AIGC项目解决方案，在RBAC权限体系的
 
 ![](docs/imgs/MIK-u8rMXC.png)
 
-## 开源协议
+## 版权和协议
 
-Licensed under the GNU License (GPL) v3. Copyright (c) 2024-present, TyCoding.
+Licensed under the GNU License (GPL) v3. 
+
+Copyright (c) 2024-present, TyCoding.
 
 采用GUN GPL-v3开源协议，可以免费学习使用，个人可以免费是接入使用，商业应用请联系作者授权。
 

README_en.md

@@ -42,10 +42,13 @@ Add WeChat: LangChainChat (remark: sponsorship)
 
 ![](docs/imgs/MIK-u8rMXC.png)
 
-## License
+## Copyright and License
 
-Licensed under the GNU License (GPL) v3. Copyright (c) 2024-present, TyCoding.
+Licensed under the GNU License (GPL) v3. 
 
+Copyright (c) 2024-present, TyCoding.
+
+Support personal free access to learn to use, commercial applications please contact the author authorization
 
 ## Preview
 

langchat-aigc/src/main/java/cn/tycoding/langchat/aigc/controller/AigcConversationController.java

@@ -1,5 +1,6 @@
 package cn.tycoding.langchat.aigc.controller;
 
+import cn.dev33.satoken.annotation.SaCheckPermission;
 import cn.tycoding.langchat.aigc.entity.AigcConversation;
 import cn.tycoding.langchat.aigc.entity.AigcMessage;
 import cn.tycoding.langchat.aigc.service.AigcMessageService;
@@ -7,17 +8,11 @@ import cn.tycoding.langchat.common.utils.MybatisUtil;
 import cn.tycoding.langchat.common.utils.QueryPage;
 import cn.tycoding.langchat.common.utils.R;
 import cn.tycoding.langchat.common.utils.ServletUtil;
-import java.util.List;
 import lombok.AllArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
-import org.springframework.web.bind.annotation.DeleteMapping;
-import org.springframework.web.bind.annotation.GetMapping;
-import org.springframework.web.bind.annotation.PathVariable;
-import org.springframework.web.bind.annotation.PostMapping;
-import org.springframework.web.bind.annotation.PutMapping;
-import org.springframework.web.bind.annotation.RequestBody;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RestController;
+import org.springframework.web.bind.annotation.*;
+
+import java.util.List;
 
 /**
  * @author tycoding
@@ -48,10 +43,13 @@ public class AigcConversationController {
     }
 
     @PostMapping
+    @SaCheckPermission("aigc:conversation:add")
     public R addConversation(@RequestBody AigcConversation conversation) {
         return R.ok(aigcMessageService.addConversation(conversation));
     }
+
     @PutMapping
+    @SaCheckPermission("aigc:conversation:update")
     public R updateConversation(@RequestBody AigcConversation conversation) {
         if (conversation.getId() == null) {
             return R.fail("conversation id is null");
@@ -61,12 +59,14 @@ public class AigcConversationController {
     }
 
     @DeleteMapping("/{conversationId}")
+    @SaCheckPermission("aigc:conversation:delete")
     public R delConversation(@PathVariable String conversationId) {
         aigcMessageService.delConversation(conversationId);
         return R.ok();
     }
 
     @DeleteMapping("/message/{conversationId}")
+    @SaCheckPermission("aigc:conversation:delete")
     public R clearMessage(@PathVariable String conversationId) {
         aigcMessageService.clearMessage(conversationId);
         return R.ok();
@@ -85,6 +85,7 @@ public class AigcConversationController {
      * add message in conversation
      */
     @PostMapping("/message")
+    @SaCheckPermission("aigc:conversation:add")
     public R addMessage(@RequestBody AigcMessage message) {
         message.setIp(ServletUtil.getIpAddr());
         return R.ok(aigcMessageService.addMessage(message));

langchat-aigc/src/main/java/cn/tycoding/langchat/aigc/controller/AigcDocsController.java

@@ -1,5 +1,6 @@
 package cn.tycoding.langchat.aigc.controller;
 
+import cn.dev33.satoken.annotation.SaCheckPermission;
 import cn.tycoding.langchat.aigc.entity.AigcDocs;
 import cn.tycoding.langchat.aigc.mapper.AigcDocsMapper;
 import cn.tycoding.langchat.common.utils.MybatisUtil;
@@ -44,18 +45,21 @@ public class AigcDocsController {
     }
 
     @PostMapping
+    @SaCheckPermission("aigc:docs:add")
     public R add(@RequestBody AigcDocs data) {
         docsMapper.insert(data);
         return R.ok();
     }
 
     @PutMapping
+    @SaCheckPermission("aigc:docs:update")
     public R update(@RequestBody AigcDocs data) {
         docsMapper.updateById(data);
         return R.ok();
     }
 
     @DeleteMapping("/{id}")
+    @SaCheckPermission("aigc:docs:delete")
     public R delete(@PathVariable String id) {
         docsMapper.deleteById(id);
         return R.ok();

langchat-aigc/src/main/java/cn/tycoding/langchat/aigc/controller/AigcDocsSliceController.java

@@ -1,5 +1,6 @@
 package cn.tycoding.langchat.aigc.controller;
 
+import cn.dev33.satoken.annotation.SaCheckPermission;
 import cn.tycoding.langchat.aigc.entity.AigcDocsSlice;
 import cn.tycoding.langchat.aigc.mapper.AigcDocsSliceMapper;
 import cn.tycoding.langchat.common.utils.MybatisUtil;
@@ -45,6 +46,7 @@ public class AigcDocsSliceController {
     }
 
     @PostMapping
+    @SaCheckPermission("aigc:docs:slice:add")
     public R add(@RequestBody AigcDocsSlice data) {
         data.setCreateTime(new Date());
         docsSliceMapper.insert(data);
@@ -52,12 +54,14 @@ public class AigcDocsSliceController {
     }
 
     @PutMapping
+    @SaCheckPermission("aigc:docs:slice:update")
     public R update(@RequestBody AigcDocsSlice data) {
         docsSliceMapper.updateById(data);
         return R.ok();
     }
 
     @DeleteMapping("/{id}")
+    @SaCheckPermission("aigc:docs:slice:delete")
     public R delete(@PathVariable String id) {
         docsSliceMapper.deleteById(id);
         return R.ok();

langchat-aigc/src/main/java/cn/tycoding/langchat/aigc/controller/AigcKnowledgeController.java

@@ -1,5 +1,6 @@
 package cn.tycoding.langchat.aigc.controller;
 
+import cn.dev33.satoken.annotation.SaCheckPermission;
 import cn.hutool.core.util.StrUtil;
 import cn.tycoding.langchat.aigc.entity.AigcDocs;
 import cn.tycoding.langchat.aigc.entity.AigcKnowledge;
@@ -77,6 +78,7 @@ public class AigcKnowledgeController {
     }
 
     @PostMapping
+    @SaCheckPermission("aigc:knowledge:add")
     public R add(@RequestBody AigcKnowledge data) {
         data.setCreateTime(String.valueOf(System.currentTimeMillis()));
         kbService.save(data);
@@ -84,12 +86,14 @@ public class AigcKnowledgeController {
     }
 
     @PutMapping
+    @SaCheckPermission("aigc:knowledge:update")
     public R update(@RequestBody AigcKnowledge data) {
         kbService.updateById(data);
         return R.ok();
     }
 
     @DeleteMapping("/{id}")
+    @SaCheckPermission("aigc:knowledge:delete")
     public R delete(@PathVariable String id) {
         kbService.removeById(id);
         return R.ok();

langchat-aigc/src/main/java/cn/tycoding/langchat/aigc/controller/AigcMessageController.java

@@ -1,5 +1,6 @@
 package cn.tycoding.langchat.aigc.controller;
 
+import cn.dev33.satoken.annotation.SaCheckPermission;
 import cn.hutool.core.util.StrUtil;
 import cn.tycoding.langchat.aigc.entity.AigcMessage;
 import cn.tycoding.langchat.aigc.service.AigcMessageService;
@@ -44,6 +45,7 @@ public class AigcMessageController {
     }
 
     @DeleteMapping("/{id}")
+    @SaCheckPermission("aigc:message:delete")
     public R del(@PathVariable String id) {
         return R.ok(aigcMessageService.removeById(id));
     }

langchat-aigc/src/main/java/cn/tycoding/langchat/aigc/controller/AigcModelController.java

@@ -1,5 +1,6 @@
 package cn.tycoding.langchat.aigc.controller;
 
+import cn.dev33.satoken.annotation.SaCheckPermission;
 import cn.hutool.core.util.StrUtil;
 import cn.tycoding.langchat.aigc.component.ProviderRefreshEvent;
 import cn.tycoding.langchat.aigc.entity.AigcModel;
@@ -73,10 +74,13 @@ public class AigcModelController {
 
     @GetMapping("/{id}")
     public R<AigcModel> findById(@PathVariable String id) {
-        return R.ok(modelService.getById(id));
+        AigcModel model = modelService.getById(id);
+        hide(model);
+        return R.ok(model);
     }
 
     @PostMapping
+    @SaCheckPermission("aigc:model:add")
     public R add(@RequestBody AigcModel data) {
         modelService.save(data);
         SpringContextHolder.publishEvent(new ProviderRefreshEvent(data));
@@ -84,6 +88,7 @@ public class AigcModelController {
     }
 
     @PutMapping
+    @SaCheckPermission("aigc:model:update")
     public R update(@RequestBody AigcModel data) {
         modelService.updateById(data);
         SpringContextHolder.publishEvent(new ProviderRefreshEvent(data));
@@ -91,6 +96,7 @@ public class AigcModelController {
     }
 
     @DeleteMapping("/{id}")
+    @SaCheckPermission("aigc:model:delete")
     public R delete(@PathVariable String id) {
         modelService.removeById(id);
 

langchat-aigc/src/main/java/cn/tycoding/langchat/aigc/controller/AigcOssController.java

@@ -32,17 +32,20 @@ public class AigcOssController {
     }
 
     @PostMapping("/upload")
+//    @SaCheckPermission("aigc:oss:update")
     public R upload(MultipartFile file) {
         return R.ok(aigcOssService.upload(file));
     }
 
     @PutMapping
+//    @SaCheckPermission("aigc:oss:update")
     public R update(@RequestBody AigcOss data) {
         aigcOssService.updateById(data);
         return R.ok();
     }
 
     @DeleteMapping("/{id}")
+//    @SaCheckPermission("aigc:oss:delete")
     public R delete(@PathVariable String id) {
         aigcOssService.removeById(id);
         return R.ok();

langchat-aigc/src/main/java/cn/tycoding/langchat/aigc/controller/AigcPromptController.java

@@ -1,5 +1,6 @@
 package cn.tycoding.langchat.aigc.controller;
 
+import cn.dev33.satoken.annotation.SaCheckPermission;
 import cn.hutool.core.util.StrUtil;
 import cn.tycoding.langchat.aigc.entity.AigcPrompt;
 import cn.tycoding.langchat.aigc.service.AigcPromptService;
@@ -46,19 +47,23 @@ public class AigcPromptController {
         return R.ok(aigcPromptService.getById(id));
     }
 
-    @DeleteMapping("/{id}")
-    public R del(@PathVariable String id) {
-        return R.ok(aigcPromptService.removeById(id));
-    }
-
     @PostMapping
+    @SaCheckPermission("aigc:prompt:add")
     public R add(@RequestBody AigcPrompt data) {
         data.setCreateTime(new Date());
         return R.ok(aigcPromptService.save(data));
     }
 
     @PutMapping
+    @SaCheckPermission("aigc:prompt:update")
     public R update(@RequestBody AigcPrompt data) {
         return R.ok(aigcPromptService.updateById(data));
     }
+
+    @DeleteMapping("/{id}")
+    @SaCheckPermission("aigc:prompt:delete")
+    public R del(@PathVariable String id) {
+        return R.ok(aigcPromptService.removeById(id));
+    }
+
 }

langchat-aigc/src/main/java/cn/tycoding/langchat/aigc/controller/AigcUserController.java

@@ -1,5 +1,6 @@
 package cn.tycoding.langchat.aigc.controller;
 
+import cn.dev33.satoken.annotation.SaCheckPermission;
 import cn.hutool.core.lang.Dict;
 import cn.tycoding.langchat.aigc.entity.AigcUser;
 import cn.tycoding.langchat.aigc.service.AigcUserService;
@@ -54,7 +55,7 @@ public class AigcUserController {
 
     @PostMapping
     @ApiLog("新增用户")
-//    @PreAuthorize("@auth.hasAuth('upms:user:add')")
+    @SaCheckPermission("aigc:user:add")
     public R<AigcUser> add(@RequestBody AigcUser data) {
         userService.save(data);
         return R.ok();
@@ -62,6 +63,7 @@ public class AigcUserController {
 
     @PutMapping
     @ApiLog("修改用户")
+    @SaCheckPermission("aigc:user:update")
     public R update(@RequestBody AigcUser data) {
         userService.updateById(data);
         return R.ok();
@@ -69,6 +71,7 @@ public class AigcUserController {
 
     @DeleteMapping("/{id}")
     @ApiLog("删除用户")
+    @SaCheckPermission("aigc:user:delete")
     public R delete(@PathVariable Long id) {
         AigcUser user = userService.getById(id);
         if (user != null) {

langchat-auth/src/main/java/cn/tycoding/langchat/auth/config/AuthConfiguration.java

@@ -5,15 +5,12 @@ import cn.dev33.satoken.exception.NotPermissionException;
 import cn.dev33.satoken.exception.NotRoleException;
 import cn.dev33.satoken.filter.SaServletFilter;
 import cn.dev33.satoken.router.SaRouter;
-import cn.dev33.satoken.stp.StpUtil;
 import cn.tycoding.langchat.auth.event.LogEvent;
 import cn.tycoding.langchat.auth.utils.SysLogUtil;
 import cn.tycoding.langchat.common.component.SpringContextHolder;
-import cn.tycoding.langchat.common.exception.ServiceException;
 import cn.tycoding.langchat.common.properties.AuthProps;
 import cn.tycoding.langchat.common.utils.R;
 import cn.tycoding.langchat.upms.entity.SysLog;
-import cn.tycoding.langchat.upms.utils.AuthUtil;
 import com.alibaba.fastjson.JSON;
 import lombok.AllArgsConstructor;
 import org.springframework.context.annotation.Bean;
@@ -44,7 +41,6 @@ public class AuthConfiguration {
                     SaRouter.match("/**")
                             .notMatch(skipUrl)
                             .notMatch(authProps.getSkipUrl().toArray(new String[0]))
-                            .check(r -> hasAuth())
                     ;
                 })
                 .setError(this::handleError);
@@ -56,19 +52,9 @@ public class AuthConfiguration {
             SpringContextHolder.publishEvent(new LogEvent(sysLog));
         }
 
-        // 设置响应头
         SaHolder.getResponse()
                 .setStatus(HttpStatus.UNAUTHORIZED.value())
                 .setHeader("Content-Type", "application/json;charset=UTF-8");
         return JSON.toJSONString(R.fail(HttpStatus.UNAUTHORIZED));
     }
-
-    private void hasAuth() {
-        StpUtil.checkLogin();
-
-        // 演示环境禁用操作
-        if (authProps.getIsDemoEnv() && AuthUtil.getRoleNames().contains(AuthUtil.DEMO_ENV)) {
-            throw new ServiceException("演示环境，请勿操作");
-        }
-    }
 }

langchat-auth/src/main/java/cn/tycoding/langchat/auth/endpoint/AuthEndpoint.java

@@ -1,5 +1,6 @@
 package cn.tycoding.langchat.auth.endpoint;
 
+import cn.dev33.satoken.annotation.SaCheckPermission;
 import cn.dev33.satoken.stp.SaTokenInfo;
 import cn.dev33.satoken.stp.StpUtil;
 import cn.hutool.core.date.DatePattern;
@@ -44,28 +45,17 @@ public class AuthEndpoint {
     @PostMapping("/login")
     public R login(@RequestBody UserInfo user) {
         if (StrUtil.isBlank(user.getUsername()) || StrUtil.isBlank(user.getPassword())) {
-            throw new ServiceException("用户名或密码为空");
-        }
-
-        if (user.getUsername().equals(AuthUtil.ADMINISTRATOR)) {
-            String encodePass = AuthUtil.encode(authProps.getSaltKey(), user.getPassword());
-            if (authProps.getAdminPass().equals(encodePass)) {
-                UserInfo userInfo = new UserInfo();
-                userInfo.setId(System.currentTimeMillis());
-                userInfo.setUsername(user.getUsername());
-                userInfo.setPassword(user.getPassword());
-                return onLogin(userInfo);
-            }
+            throw new ServiceException("The user name or password is empty");
         }
 
         UserInfo userInfo = userService.info(user.getUsername());
         if (userInfo == null) {
-            throw new ServiceException("用户名或密码错误");
+            throw new ServiceException("The username or password is error");
         }
 
         String decryptPass = AuthUtil.decrypt(authProps.getSaltKey(), userInfo.getPassword());
         if (!decryptPass.equals(user.getPassword())) {
-            throw new ServiceException("用户名或密码错误");
+            throw new ServiceException("The username or password is error");
         }
 
         return onLogin(userInfo);
@@ -77,7 +67,7 @@ public class AuthEndpoint {
         StpUtil.getSession()
                 .set(CacheConst.AUTH_USER_INFO_KEY, userInfo)
                 .set(CacheConst.AUTH_TOKEN_INFO_KEY, tokenInfo);
-        log.info("====> 登陆成功，token={}", tokenInfo.getTokenValue());
+        log.info("====> login success，token={}", tokenInfo.getTokenValue());
         return R.ok(new TokenInfo().setToken(tokenInfo.tokenValue).setExpiration(tokenInfo.tokenTimeout));
     }
 
@@ -87,7 +77,15 @@ public class AuthEndpoint {
         return R.ok();
     }
 
+    @GetMapping("/info")
+    public R<UserInfo> info() {
+        UserInfo userInfo = userService.info(AuthUtil.getUsername());
+        userInfo.setPassword(null);
+        return R.ok(userInfo);
+    }
+
     @DeleteMapping("/token/{token}")
+    @SaCheckPermission("auth:delete")
     public R tokenDel(@PathVariable String token) {
         StpUtil.kickoutByTokenValue(token);
         return R.ok();

langchat-auth/src/main/java/cn/tycoding/langchat/auth/interceptor/AuthInterceptor.java

@@ -1,5 +1,6 @@
 package cn.tycoding.langchat.auth.interceptor;
 
+import cn.dev33.satoken.interceptor.SaInterceptor;
 import lombok.AllArgsConstructor;
 import org.springframework.data.redis.core.StringRedisTemplate;
 import org.springframework.stereotype.Component;
@@ -19,5 +20,6 @@ public class AuthInterceptor implements WebMvcConfigurer {
     @Override
     public void addInterceptors(InterceptorRegistry registry) {
         registry.addInterceptor(new CaptchaInterceptor(redisTemplate)).addPathPatterns("/auth/login");
+        registry.addInterceptor(new SaInterceptor()).addPathPatterns("/**");
     }
 }

langchat-auth/src/main/java/cn/tycoding/langchat/auth/service/PermissionService.java

@@ -1,10 +1,10 @@
 package cn.tycoding.langchat.auth.service;
 
 import cn.dev33.satoken.stp.StpInterface;
+import cn.tycoding.langchat.upms.utils.AuthUtil;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.stereotype.Component;
 
-import java.util.ArrayList;
 import java.util.List;
 
 /**
@@ -17,17 +17,11 @@ public class PermissionService implements StpInterface {
 
     @Override
     public List<String> getPermissionList(Object o, String s) {
-        log.info("获取权限列表：{}, {}", o, s);
-        List<String> list = new ArrayList<>();
-        list.add("user:add");
-        return list;
+        return AuthUtil.getPermissionNames();
     }
 
     @Override
     public List<String> getRoleList(Object o, String s) {
-        log.info("获取角色列表：{}, {}", o, s);
-        List<String> list = new ArrayList<>();
-        list.add("admin");
-        return list;
+        return AuthUtil.getRoleNames();
     }
 }

langchat-common/src/main/java/cn/tycoding/langchat/common/properties/AuthProps.java

@@ -25,14 +25,4 @@ public class AuthProps {
      * salt
      */
     private String saltKey = "langchat-salt";
-
-    /**
-     * administrator account password: 123456
-     */
-    private String adminPass = "48kQD0O/A69LENSbk/+FxA==";
-
-    /**
-     * 是否开启演示环境
-     */
-    private Boolean isDemoEnv = false;
 }

langchat-flow/src/main/java/cn/tycoding/langchat/flow/controller/AigcFlowController.java

@@ -1,5 +1,6 @@
 package cn.tycoding.langchat.flow.controller;
 
+import cn.dev33.satoken.annotation.SaCheckPermission;
 import cn.tycoding.langchat.common.exception.ServiceException;
 import cn.tycoding.langchat.common.utils.MybatisUtil;
 import cn.tycoding.langchat.common.utils.QueryPage;
@@ -51,6 +52,7 @@ public class AigcFlowController {
     }
 
     @PostMapping
+    @SaCheckPermission("aigc:flow:add")
     public R add(@RequestBody AigcFlow data) {
         data.setCreateTime(new Date());
         flowService.save(data);
@@ -58,6 +60,7 @@ public class AigcFlowController {
     }
 
     @PutMapping
+    @SaCheckPermission("aigc:flow:update")
     public R update(@RequestBody AigcFlow data) {
         data.setUpdateTime(new Date());
         flowService.updateById(data);
@@ -65,12 +68,14 @@ public class AigcFlowController {
     }
 
     @DeleteMapping("/{id}")
+    @SaCheckPermission("aigc:flow:delete")
     public R delete(@PathVariable String id) {
         flowService.removeById(id);
         return R.ok();
     }
 
     @PutMapping("/publish")
+    @SaCheckPermission("aigc:flow:publish")
     public R publish(@RequestBody AigcFlow data) {
         if (data.getId() == null) {
             throw new ServiceException("Flow数据异常");

langchat-server/src/main/java/cn/tycoding/langchat/aigc/endpoint/AigcChatEndpoint.java

@@ -1,5 +1,6 @@
 package cn.tycoding.langchat.aigc.endpoint;
 
+import cn.dev33.satoken.annotation.SaCheckPermission;
 import cn.hutool.core.util.StrUtil;
 import cn.tycoding.langchat.aigc.entity.AigcOss;
 import cn.tycoding.langchat.aigc.service.AigcOssService;
@@ -15,12 +16,7 @@ import cn.tycoding.langchat.common.utils.R;
 import cn.tycoding.langchat.common.utils.StreamEmitter;
 import cn.tycoding.langchat.core.consts.ModelConst;
 import lombok.AllArgsConstructor;
-import org.springframework.web.bind.annotation.DeleteMapping;
-import org.springframework.web.bind.annotation.PathVariable;
-import org.springframework.web.bind.annotation.PostMapping;
-import org.springframework.web.bind.annotation.RequestBody;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RestController;
+import org.springframework.web.bind.annotation.*;
 import org.springframework.web.multipart.MultipartFile;
 import org.springframework.web.servlet.mvc.method.annotation.SseEmitter;
 
@@ -38,6 +34,7 @@ public class AigcChatEndpoint {
     private final EmbeddingService embeddingDocs;
 
     @PostMapping
+    @SaCheckPermission("aigc:client:chat")
     public Object chat(@RequestBody ChatReq req) {
         StreamEmitter emitter = new StreamEmitter();
         req.setEmitter(emitter);
@@ -62,6 +59,7 @@ public class AigcChatEndpoint {
     }
 
     @PostMapping("/docs/{id}")
+    @SaCheckPermission("aigc:client:chat:docs")
     public Object docs(@RequestBody ChatReq req, @PathVariable String id) {
         StreamEmitter emitter = new StreamEmitter();
         req.setEmitter(emitter);
@@ -75,6 +73,7 @@ public class AigcChatEndpoint {
     }
 
     @PostMapping("/docs/upload")
+    @SaCheckPermission("aigc:client:chat:upload")
     public R docs(MultipartFile file) {
         AigcOss oss = aigcOssService.upload(file);
         embeddingDocs.embedDocs(
@@ -86,6 +85,7 @@ public class AigcChatEndpoint {
     }
 
     @DeleteMapping("/docs/{id}")
+    @SaCheckPermission("aigc:client:delete")
     public R docs(@PathVariable String id) {
         aigcOssService.removeById(id);
         // del vector store
@@ -94,6 +94,7 @@ public class AigcChatEndpoint {
     }
 
     @PostMapping("/translate")
+    @SaCheckPermission("aigc:client:translate")
     public SseEmitter translate(@RequestBody ChatReq req) {
         StreamEmitter emitter = new StreamEmitter();
         req.setEmitter(emitter);
@@ -103,6 +104,7 @@ public class AigcChatEndpoint {
     }
 
     @PostMapping("/write")
+    @SaCheckPermission("aigc:client:write")
     public SseEmitter write(@RequestBody ChatReq req) {
         StreamEmitter emitter = new StreamEmitter();
         req.setEmitter(emitter);
@@ -112,12 +114,14 @@ public class AigcChatEndpoint {
     }
 
     @PostMapping("/mindmap")
+    @SaCheckPermission("aigc:client:mindmap")
     public R mindmap(@RequestBody ChatReq req) {
         req.setPrompt(PromptUtil.build(req.getMessage(), PromptConst.MINDMAP));
         return R.ok(new ChatRes(chatService.text(req)));
     }
 
     @PostMapping("/image")
+    @SaCheckPermission("aigc:client:image")
     public R image(@RequestBody ImageR req) {
         req.setPrompt(PromptUtil.build(req.getMessage(), PromptConst.IMAGE));
         return R.ok(chatService.image(req));

langchat-server/src/main/java/cn/tycoding/langchat/aigc/endpoint/EmbeddingEndpoint.java

@@ -1,5 +1,6 @@
 package cn.tycoding.langchat.aigc.endpoint;
 
+import cn.dev33.satoken.annotation.SaCheckPermission;
 import cn.hutool.core.lang.Dict;
 import cn.hutool.core.util.StrUtil;
 import cn.tycoding.langchat.aigc.dto.DocsTypeEnum;
@@ -42,6 +43,7 @@ public class EmbeddingEndpoint {
     private final EmbeddingService embeddingService;
 
     @PostMapping("/text")
+    @SaCheckPermission("aigc:embedding:chat")
     public R text(@RequestBody AigcDocs data) {
         if (StrUtil.isBlankIfStr(data.getContent())) {
             throw new ServiceException("文档内容不能为空");
@@ -67,6 +69,7 @@ public class EmbeddingEndpoint {
     }
 
     @PostMapping("/docs/{knowledgeId}")
+    @SaCheckPermission("aigc:embedding:embed")
     public R docs(MultipartFile file, @PathVariable String knowledgeId) {
         AigcOss oss = aigcOssService.upload(file);
         AigcDocs data = new AigcDocs()
@@ -83,6 +86,7 @@ public class EmbeddingEndpoint {
     }
 
     @PostMapping("/struct/excel/{knowledgeId}")
+    @SaCheckPermission("aigc:embedding:excel")
     public R structExcel(MultipartFile file, @PathVariable String knowledgeId) throws IOException {
         byte[] bytes = file.getBytes();
         AigcOss oss = aigcOssService.upload(file);
@@ -115,6 +119,7 @@ public class EmbeddingEndpoint {
     }
 
     @PostMapping("/search")
+    @SaCheckPermission("aigc:embedding:search")
     public R search(@RequestBody AigcDocs data) {
         return R.ok(embeddingService.search(data));
     }

langchat-server/src/main/java/cn/tycoding/langchat/aigc/endpoint/KnowledgeChatEndpoint.java

@@ -1,5 +1,6 @@
 package cn.tycoding.langchat.aigc.endpoint;
 
+import cn.dev33.satoken.annotation.SaCheckPermission;
 import cn.hutool.core.util.StrUtil;
 import cn.tycoding.langchat.aigc.entity.AigcMessage;
 import cn.tycoding.langchat.aigc.service.AigcMessageService;
@@ -27,6 +28,7 @@ public class KnowledgeChatEndpoint {
     private final AigcMessageService messageService;
 
     @PostMapping
+    @SaCheckPermission("aigc:knowledge:chat")
     public Object chat(@RequestBody ChatReq req) {
         StreamEmitter emitter = new StreamEmitter();
         req.setEmitter(emitter);
@@ -53,6 +55,7 @@ public class KnowledgeChatEndpoint {
     }
 
     @DeleteMapping("/cleanMessage/{conversationId}")
+    @SaCheckPermission("aigc:knowledge:clean")
     public R cleanMessage(@PathVariable String conversationId) {
         messageService.clearMessage(conversationId);
         return R.ok();

langchat-server/src/main/resources/application-dev.yml

@@ -25,8 +25,11 @@ spring:
 
 langchat:
   auth:
-    admin-pass: 48kQD0O/A69LENSbk/+FxA==
-    is-demo-env: true
+    email:
+      host: smtp.qq.com
+      port: 465
+      from: <EMAIL>
+      pass: <PASS>
   vectorstore:
     pgvector:
       host: 127.0.0.1

langchat-ui/src/api/aigc/conversation.ts

@@ -8,30 +8,6 @@ export function page(params: any) {
   });
 }
 
-export function list(params: any) {
-  return http.request({
-    url: '/aigc/conversation/list',
-    method: 'get',
-    params,
-  });
-}
-
-export function add(params: any) {
-  return http.request({
-    url: '/aigc/conversation',
-    method: 'post',
-    params,
-  });
-}
-
-export function update(params: any) {
-  return http.request({
-    url: '/aigc/conversation',
-    method: 'put',
-    params,
-  });
-}
-
 export function del(id: string) {
   return http.request({
     url: `/aigc/conversation/${id}`,

langchat-ui/src/api/aigc/prompt.ts

@@ -1,5 +1,4 @@
 import { http } from '@/utils/http/axios';
-import { AxiosProgressEvent } from 'axios';
 
 export function list(params: any) {
   return http.request({
@@ -53,20 +52,3 @@ export function del(id: string) {
     method: 'delete',
   });
 }
-
-export function chat(
-  params: any,
-  onDownloadProgress?: (progressEvent: AxiosProgressEvent) => void
-) {
-  return http.request(
-    {
-      url: `/aigc/chat/prompt`,
-      method: 'post',
-      params,
-      onDownloadProgress: onDownloadProgress,
-    },
-    {
-      isTransformResponse: false,
-    }
-  );
-}

langchat-ui/src/api/auth.ts

@@ -5,7 +5,7 @@ import { http } from '@/utils/http/axios';
  */
 export function getUserInfo() {
   return http.request({
-    url: '/upms/user/info',
+    url: '/auth/info',
     method: 'get',
   });
 }

langchat-ui/src/layout/components/Header/index.vue

@@ -243,14 +243,12 @@
               message.success('成功退出登录');
               // 移除标签页
               localStorage.removeItem(TABS_ROUTES);
-              router
-                .replace({
-                  name: 'Login',
-                  query: {
-                    redirect: route.fullPath,
-                  },
-                })
-                .finally(() => location.reload());
+              router.replace({
+                name: 'Login',
+                query: {
+                  redirect: route.fullPath,
+                },
+              });
             });
           },
           onNegativeClick: () => {},

langchat-ui/src/store/modules/user.ts

@@ -80,7 +80,8 @@ export const useUserStore = defineStore({
           this.setPermissions(data.perms);
           this.setUserInfo(data);
         } else {
-          throw new Error('getInfo: permissionsList must be a non-null array !');
+          this.setPermissions([]);
+          // throw new Error('getInfo: permissionsList must be a non-null array !');
         }
         this.setUserInfo(data);
         this.setAvatar(data.avatar);

langchat-ui/src/utils/http/axios/checkStatus.ts

@@ -2,6 +2,7 @@ export function checkStatus(status: number, msg: string | undefined): void {
   if (msg === '') {
     msg = undefined;
   }
+  console.log('进入', status, msg);
   const $message = window['$message'];
   switch (status) {
     case 400:

langchat-ui/src/utils/http/axios/index.ts

@@ -188,8 +188,9 @@ const transform: AxiosTransform = {
   responseInterceptorsCatch: (error: any) => {
     const $dialog = window['$dialog'];
     const $message = window['$message'];
+    const $loading = window['$loading'];
     const { response, code, message } = error || {};
-    // TODO 此处要根据后端接口返回格式修改
+    console.log(error);
     const msg: string =
       response && response.data && response.data.message ? response.data.message : '';
     const err: string = error.toString();
@@ -203,11 +204,14 @@ const transform: AxiosTransform = {
         response.data.code === ResultEnum.UnAuthorization
       ) {
         const LoginName = PageEnum.BASE_LOGIN_NAME;
-        const LoginPath = PageEnum.BASE_LOGIN;
+
+        $loading.finish();
         if (router.currentRoute.value?.name === LoginName) return Promise.resolve(response);
+
         // 到登录页
-        storage.clear();
-        window.location.href = LoginPath;
+        // const LoginPath = PageEnum.BASE_LOGIN;
+        // storage.clear();
+        // window.location.href = LoginPath;
       }
       if (err && err.includes('Network Error')) {
         $dialog.info({

langchat-ui/src/views/aigc/statistics/components/List.vue

@@ -50,7 +50,7 @@
   function handleDelete(record: Recordable) {
     dialog.info({
       title: '提示',
-      content: `您想删除 ${record.name}`,
+      content: `您想删除此条记录？`,
       positiveText: '确定',
       negativeText: '取消',
       onPositiveClick: async () => {

langchat-ui/src/views/flow/layout/CardLayout.vue

@@ -31,8 +31,8 @@
           <n-tab-pane name="Node" tab="Node">
             <NodeCard :list="collapses(true)" />
           </n-tab-pane>
-          <n-tab-pane name="Plugins" tab="Plugins"
-            ><PluginCard :list="collapses(false)" />
+          <n-tab-pane name="Plugins" tab="Plugins">
+            <PluginCard :list="collapses(false)" />
           </n-tab-pane>
         </n-tabs>
       </div>

langchat-ui/src/views/flow/layout/GraphLayout.vue

@@ -80,7 +80,7 @@
       type: type,
       position,
       label: type,
-      data: data,
+      data: data ?? {},
     };
     console.log('添加节点', newNode);
 

langchat-ui/src/views/flow/store/get.ts

@@ -72,6 +72,13 @@ const nodePins: Pin[] = [
     isNode: true,
     des: '发送HTTP请求',
   },
+  {
+    type: TypeEnum.Http,
+    component: StartPin,
+    col: ColEnum.Node,
+    isNode: true,
+    des: '发送HTTP请求',
+  },
 
   { type: TypeEnum.End, component: EndPin, col: ColEnum.Base, isNode: true },
   { type: TypeEnum.Start, component: StartPin, col: ColEnum.Base, isNode: true },
@@ -178,6 +185,10 @@ const icons = [
     type: TypeEnum.Assist,
     icon: renderPropsIcon(SparklesOutline, { color: '#8a2be2', size: '15px' }),
   },
+  {
+    type: TypeEnum.Http,
+    icon: renderPropsIcon(SparklesOutline, { color: '#8a2be2', size: '15px' }),
+  },
   {
     type: PluginEnum.Input,
     icon: renderPropsIcon(SparklesOutline, { color: '#8a2be2', size: '15px' }),

langchat-ui/src/views/flow/store/index.ts

@@ -3,10 +3,9 @@ import { defineStore } from 'pinia';
 import { getPin, Pin } from '@/views/flow/store/get';
 import { Component, shallowRef, toRaw } from 'vue';
 import { BlankPin } from '@/views/flow/pin';
-import { Flow } from '@/api/models/flow';
 
 export interface FlowState {
-  data: Flow | undefined; // 当前编辑的流程数据
+  data: any; // 当前编辑的流程数据
   nodeId: string; // 当前激活的NodeId，通过useVueFlow().findNode获取实例对象
   pin: Pin | null; // 当前激活节点的pin component
   pinComponent: Component;

langchat-ui/src/views/login/index.vue

@@ -35,7 +35,6 @@
             (router.currentRoute.value.query?.redirect || '/') as string
           );
           message.destroyAll();
-          message.success('登录成功，即将进入系统');
           if (router.currentRoute.value.name === PageEnum.BASE_LOGIN_NAME) {
             await router.push('/');
           } else {

langchat-ui/src/views/upms/dept/index.vue

@@ -68,7 +68,7 @@
 <template>
   <div class="h-full">
     <div class="n-layout-page-header mb-4">
-      <n-card :bordered="false" title="日志数据管理">
+      <n-card :bordered="false">
         <template #header>
           <div class="flex flex-wrap items-start">
             <n-popover class="custom-popover">

langchat-ui/src/views/upms/menu/edit.vue

@@ -33,10 +33,12 @@
   async function show(id?: string, parentId?: string) {
     openModal();
     await nextTick();
+    let vars: any = {};
     if (id != null) {
-      setFieldsValue(await getById(id));
+      vars = await getById(id);
+      setFieldsValue(vars);
     } else {
-      let vars: any = {
+      vars = {
         isDisabled: false,
         type: 'menu',
         isKeepalive: false,
@@ -54,6 +56,7 @@
       setFieldsValue(vars);
     }
     menuList.value = await getMenuList({});
+    onSelectType(vars.type, vars);
   }
 
   async function handleSubmit(values: any) {
@@ -81,7 +84,7 @@
     setFieldsValue(data);
   }
 
-  function onSelectType(val, model, field) {
+  function onSelectType(val, model) {
     const isHidden = val == 'button';
     const filterSchemas = formSchemas.filter((i) => {
       if (i.field == 'icon' || i.field == 'component') {
@@ -91,6 +94,7 @@
         model['path'] = '';
         i.isHidden = isHidden;
       }
+      clearValidate();
       return true;
     });
     setProps({ schemas: filterSchemas });

langchat-ui/src/views/upms/user/columns.ts

@@ -100,6 +100,15 @@ export const formSchemas: FormSchema[] = [
     },
     rules: [{ required: true, message: '请输入用户名', trigger: ['blur'] }],
   },
+  {
+    field: 'password',
+    label: '密码',
+    component: 'NInput',
+    componentProps: {
+      placeholder: '请输入密码',
+    },
+    rules: [{ required: true, message: '请输入密码', trigger: ['blur'] }],
+  },
   {
     field: 'roleIds',
     label: '角色',

langchat-ui/src/views/upms/user/edit.vue

@@ -23,7 +23,7 @@
     showSubBtn: false,
   });
 
-  const [register, { setFieldsValue }] = useForm({
+  const [register, { setFieldsValue, clearValidate, setProps }] = useForm({
     gridProps: { cols: 2 },
     labelWidth: 120,
     layout: 'horizontal',
@@ -41,6 +41,15 @@
     } else {
       setFieldsValue({ status: true, sex: '男' });
     }
+    // 隐藏密码输入框
+    const filterSchemas = formSchemas.filter((i) => {
+      if (i.field == 'password') {
+        i.isHidden = !isNullOrWhitespace(id);
+      }
+      clearValidate();
+      return true;
+    });
+    await setProps({ schemas: filterSchemas });
     deptList.value = await getDeptList({});
     roleList.value = await getRoleList({});
   }

langchat-upms/src/main/java/cn/tycoding/langchat/upms/controller/SysDeptController.java

@@ -1,5 +1,6 @@
 package cn.tycoding.langchat.upms.controller;
 
+import cn.dev33.satoken.annotation.SaCheckPermission;
 import cn.hutool.core.lang.tree.Tree;
 import cn.tycoding.langchat.common.annotation.ApiLog;
 import cn.tycoding.langchat.common.utils.R;
@@ -40,7 +41,7 @@ public class SysDeptController {
 
     @PostMapping
     @ApiLog("新增部门")
-//    @PreAuthorize("@auth.hasAuth('upms:dept:add')")
+    @SaCheckPermission("upms:dept:add")
     public R add(@RequestBody SysDept sysDept) {
         sysDept.setParentId(sysDept.getParentId() == null ? 0L : sysDept.getParentId());
         sysDeptService.save(sysDept);
@@ -49,7 +50,7 @@ public class SysDeptController {
 
     @PutMapping
     @ApiLog("修改部门")
-//    @PreAuthorize("@auth.hasAuth('upms:dept:update')")
+    @SaCheckPermission("upms:dept:update")
     public R update(@RequestBody SysDept sysDept) {
         sysDept.setParentId(sysDept.getParentId() == null ? 0L : sysDept.getParentId());
         sysDeptService.updateById(sysDept);
@@ -58,7 +59,7 @@ public class SysDeptController {
 
     @DeleteMapping("/{id}")
     @ApiLog("删除部门")
-//    @PreAuthorize("@auth.hasAuth('upms:dept:delete')")
+    @SaCheckPermission("upms:dept:delete")
     public R delete(@PathVariable Long id) {
         sysDeptService.delete(id);
         return R.ok();

langchat-upms/src/main/java/cn/tycoding/langchat/upms/controller/SysLogController.java

@@ -1,5 +1,6 @@
 package cn.tycoding.langchat.upms.controller;
 
+import cn.dev33.satoken.annotation.SaCheckPermission;
 import cn.hutool.core.lang.Dict;
 import cn.tycoding.langchat.common.utils.MybatisUtil;
 import cn.tycoding.langchat.common.utils.QueryPage;
@@ -33,7 +34,7 @@ public class SysLogController {
     }
 
     @DeleteMapping("/{id}")
-//    @PreAuthorize("@auth.hasAuth('system:log:delete')")
+    @SaCheckPermission("upms:log:delete")
     public R delete(@PathVariable Long id) {
         sysLogService.delete(id);
         return R.ok();

langchat-upms/src/main/java/cn/tycoding/langchat/upms/controller/SysMenuController.java

@@ -1,5 +1,6 @@
 package cn.tycoding.langchat.upms.controller;
 
+import cn.dev33.satoken.annotation.SaCheckPermission;
 import cn.tycoding.langchat.common.annotation.ApiLog;
 import cn.tycoding.langchat.common.utils.R;
 import cn.tycoding.langchat.upms.dto.MenuTree;
@@ -46,7 +47,7 @@ public class SysMenuController {
 
     @PostMapping
     @ApiLog("新增菜单")
-//    @PreAuthorize("@auth.hasAuth('upms:menu:add')")
+    @SaCheckPermission("upms:menu:add")
     public R add(@RequestBody SysMenu sysMenu) {
         sysMenuService.add(sysMenu);
         return R.ok();
@@ -54,7 +55,7 @@ public class SysMenuController {
 
     @PutMapping
     @ApiLog("修改菜单")
-//    @PreAuthorize("@auth.hasAuth('upms:menu:update')")
+    @SaCheckPermission("upms:menu:update")
     public R update(@RequestBody SysMenu sysMenu) {
         sysMenuService.update(sysMenu);
         return R.ok();
@@ -62,7 +63,7 @@ public class SysMenuController {
 
     @DeleteMapping("/{id}")
     @ApiLog("删除菜单")
-//    @PreAuthorize("@auth.hasAuth('upms:menu:delete')")
+    @SaCheckPermission("upms:menu:delete")
     public R delete(@PathVariable Long id) {
         sysMenuService.delete(id);
         return R.ok();

langchat-upms/src/main/java/cn/tycoding/langchat/upms/controller/SysRoleController.java

@@ -1,5 +1,6 @@
 package cn.tycoding.langchat.upms.controller;
 
+import cn.dev33.satoken.annotation.SaCheckPermission;
 import cn.hutool.core.lang.Dict;
 import cn.tycoding.langchat.common.annotation.ApiLog;
 import cn.tycoding.langchat.common.utils.MybatisUtil;
@@ -46,7 +47,7 @@ public class SysRoleController {
 
     @PostMapping
     @ApiLog("新增角色")
-//    @PreAuthorize("@auth.hasAuth('upms:role:add')")
+    @SaCheckPermission("upms:role:add")
     public R add(@RequestBody SysRoleDTO sysRole) {
         sysRoleService.add(sysRole);
         return R.ok();
@@ -54,7 +55,7 @@ public class SysRoleController {
 
     @PutMapping
     @ApiLog("修改角色")
-//    @PreAuthorize("@auth.hasAuth('upms:role:update')")
+    @SaCheckPermission("upms:role:update")
     public R update(@RequestBody SysRoleDTO sysRole) {
         sysRoleService.update(sysRole);
         return R.ok();
@@ -62,7 +63,7 @@ public class SysRoleController {
 
     @DeleteMapping("/{id}")
     @ApiLog("删除角色")
-//    @PreAuthorize("@auth.hasAuth('upms:role:delete')")
+    @SaCheckPermission("upms:role:delete")
     public R delete(@PathVariable Long id) {
         sysRoleService.delete(id);
         return R.ok();

langchat-upms/src/main/java/cn/tycoding/langchat/upms/controller/SysUserController.java

@@ -1,5 +1,6 @@
 package cn.tycoding.langchat.upms.controller;
 
+import cn.dev33.satoken.annotation.SaCheckPermission;
 import cn.hutool.core.lang.Dict;
 import cn.tycoding.langchat.common.annotation.ApiLog;
 import cn.tycoding.langchat.common.exception.ServiceException;
@@ -11,16 +12,10 @@ import cn.tycoding.langchat.upms.dto.UserInfo;
 import cn.tycoding.langchat.upms.entity.SysUser;
 import cn.tycoding.langchat.upms.service.SysUserService;
 import cn.tycoding.langchat.upms.utils.AuthUtil;
-import java.util.List;
 import lombok.RequiredArgsConstructor;
-import org.springframework.web.bind.annotation.DeleteMapping;
-import org.springframework.web.bind.annotation.GetMapping;
-import org.springframework.web.bind.annotation.PathVariable;
-import org.springframework.web.bind.annotation.PostMapping;
-import org.springframework.web.bind.annotation.PutMapping;
-import org.springframework.web.bind.annotation.RequestBody;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RestController;
+import org.springframework.web.bind.annotation.*;
+
+import java.util.List;
 
 /**
  * 用户表(User)表控制层
@@ -36,13 +31,6 @@ public class SysUserController {
     private final SysUserService sysUserService;
     private final AuthProps authProps;
 
-    @GetMapping("/info")
-    public R<UserInfo> info() {
-        UserInfo userInfo = sysUserService.info(AuthUtil.getUsername());
-        userInfo.setPassword(null);
-        return R.ok(userInfo);
-    }
-
     @GetMapping("/checkName")
     public R<Boolean> checkName(UserInfo sysUser) {
         return R.ok(sysUserService.checkName(sysUser));
@@ -65,7 +53,7 @@ public class SysUserController {
 
     @PostMapping
     @ApiLog("新增用户")
-//    @PreAuthorize("@auth.hasAuth('upms:user:add')")
+    @SaCheckPermission("upms:user:add")
     public R<SysUser> add(@RequestBody UserInfo user) {
         sysUserService.add(user);
         return R.ok();
@@ -73,7 +61,7 @@ public class SysUserController {
 
     @PutMapping
     @ApiLog("修改用户")
-//    @PreAuthorize("@auth.hasAuth('upms:user:update')")
+    @SaCheckPermission("upms:user:update")
     public R update(@RequestBody UserInfo user) {
         sysUserService.update(user);
         return R.ok();
@@ -81,7 +69,7 @@ public class SysUserController {
 
     @DeleteMapping("/{id}")
     @ApiLog("删除用户")
-//    @PreAuthorize("@auth.hasAuth('upms:user:delete')")
+    @SaCheckPermission("upms:user:delete")
     public R delete(@PathVariable Long id) {
         SysUser user = sysUserService.getById(id);
         if (user != null) {
@@ -92,6 +80,7 @@ public class SysUserController {
 
     @PutMapping("/resetPass")
     @ApiLog("重置密码")
+    @SaCheckPermission("upms:user:reset")
     public R resetPass(@RequestBody UserInfo data) {
         SysUser user = sysUserService.getById(data.getId());
         if (user != null) {
@@ -102,6 +91,7 @@ public class SysUserController {
 
     @PutMapping("/updatePass")
     @ApiLog("修改密码")
+    @SaCheckPermission("upms:user:updatePass")
     public R updatePass(@RequestBody UserInfo data) {
         SysUser user = sysUserService.getById(data.getId());
         if (user == null || !AuthUtil.decrypt(authProps.getSaltKey(), user.getPassword()).equals(data.getPassword())) {

langchat-upms/src/main/java/cn/tycoding/langchat/upms/service/impl/SysUserServiceImpl.java

@@ -7,32 +7,25 @@ import cn.tycoding.langchat.common.properties.AuthProps;
 import cn.tycoding.langchat.common.utils.MybatisUtil;
 import cn.tycoding.langchat.common.utils.QueryPage;
 import cn.tycoding.langchat.upms.dto.UserInfo;
-import cn.tycoding.langchat.upms.entity.SysDept;
-import cn.tycoding.langchat.upms.entity.SysMenu;
-import cn.tycoding.langchat.upms.entity.SysRole;
-import cn.tycoding.langchat.upms.entity.SysUser;
-import cn.tycoding.langchat.upms.entity.SysUserRole;
+import cn.tycoding.langchat.upms.entity.*;
 import cn.tycoding.langchat.upms.mapper.SysUserMapper;
-import cn.tycoding.langchat.upms.service.SysDeptService;
-import cn.tycoding.langchat.upms.service.SysMenuService;
-import cn.tycoding.langchat.upms.service.SysRoleService;
-import cn.tycoding.langchat.upms.service.SysUserRoleService;
-import cn.tycoding.langchat.upms.service.SysUserService;
+import cn.tycoding.langchat.upms.service.*;
 import cn.tycoding.langchat.upms.utils.AuthUtil;
 import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
 import com.baomidou.mybatisplus.core.metadata.IPage;
 import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
-import java.util.ArrayList;
-import java.util.Date;
-import java.util.List;
-import java.util.Set;
-import java.util.stream.Collectors;
 import lombok.RequiredArgsConstructor;
 import org.apache.commons.lang3.StringUtils;
 import org.springframework.cache.annotation.CacheEvict;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
 
+import java.util.ArrayList;
+import java.util.Date;
+import java.util.List;
+import java.util.Set;
+import java.util.stream.Collectors;
+
 /**
  * 用户表(User)表服务实现类
  *
@@ -85,7 +78,7 @@ public class SysUserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impl
         }
         //获取用户角色列表
         List<SysRole> sysRoleList = sysRoleService.findRolesByUserId(userInfo.getId());
-        if (sysRoleList.size() == 0) {
+        if (sysRoleList.isEmpty()) {
             throw new ServiceException(AuthUtil.NOT_ROLE_ERROR);
         }
 

langchat-upms/src/main/java/cn/tycoding/langchat/upms/utils/AuthUtil.java

@@ -4,14 +4,13 @@ import cn.dev33.satoken.secure.SaSecureUtil;
 import cn.dev33.satoken.stp.StpUtil;
 import cn.tycoding.langchat.common.constant.CacheConst;
 import cn.tycoding.langchat.upms.dto.UserInfo;
+import cn.tycoding.langchat.upms.entity.SysRole;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
 import org.springframework.web.context.request.RequestContextHolder;
 import org.springframework.web.context.request.ServletRequestAttributes;
 
-import java.util.ArrayList;
-import java.util.List;
-import java.util.Objects;
+import java.util.*;
 
 /**
  * 权限相关方法
@@ -28,12 +27,6 @@ public class AuthUtil {
      */
     public static final String ADMINISTRATOR = "administrator";
 
-    /**
-     * 系统默认演示环境角色别名
-     * 作用：在 langchat.auth.isDemoEnv 配置开启后，将会对所有按钮级权限拦截并提示前端
-     */
-    public static final String DEMO_ENV = "demo_env";
-
     /**
      * 客户端用户角色
      */
@@ -109,36 +102,33 @@ public class AuthUtil {
      * 获取用户角色Id集合
      */
     public static List<Long> getRoleIds() {
-//        List<Long> roleIds = new ArrayList<>();
-//        Authentication authentication = getAuthentication();
-//        if (authentication == null) {
-//            return roleIds;
-//        }
-//        Collection<? extends GrantedAuthority> authorities = authentication.getAuthorities();
-//        authorities.stream().filter(granted -> StringUtils.startsWith(granted.getAuthority(), AuthConstant.ROLE_PREFIX)).forEach(granted -> {
-//            String id = StringUtils.substringBetween(granted.getAuthority(), AuthConstant.ROLE_PREFIX, AuthConstant.ROLE_SUFFIX);
-//            roleIds.add(Long.parseLong(id));
-//        });
-//        return roleIds;
-        return new ArrayList<>();
+        UserInfo userInfo = getUserInfo();
+        if (userInfo == null || userInfo.getRoleIds() == null) {
+            return new ArrayList<>();
+        }
+        return userInfo.getRoleIds();
     }
 
     /**
      * 获取用户角色Alias集合
      */
     public static List<String> getRoleNames() {
-//        List<String> roleNames = new ArrayList<>();
-//        Authentication authentication = getAuthentication();
-//        if (authentication == null) {
-//            return roleNames;
-//        }
-//        Collection<? extends GrantedAuthority> authorities = authentication.getAuthorities();
-//        authorities.stream().filter(granted -> StringUtils.startsWith(granted.getAuthority(), AuthConstant.ROLE_PREFIX)).forEach(granted -> {
-//            String name = StringUtils.substringAfter(granted.getAuthority(), AuthConstant.ROLE_SUFFIX);
-//            roleNames.add(name);
-//        });
-//        return roleNames;
-        return new ArrayList<>();
+        UserInfo userInfo = getUserInfo();
+        if (userInfo == null || userInfo.getRoles() == null) {
+            return new ArrayList<>();
+        }
+        return userInfo.getRoles().stream().map(SysRole::getAlias).toList();
+    }
+
+    /**
+     * 获取权限集合
+     */
+    public static List<String> getPermissionNames() {
+        UserInfo userInfo = getUserInfo();
+        if (userInfo == null || userInfo.getPerms() == null) {
+            return new ArrayList<>();
+        }
+        return userInfo.getPerms().stream().toList();
     }
 
     /**