From ce5cfc44630f0e56131612438e5f7c1dd0bcc55f Mon Sep 17 00:00:00 2001 From: yumoqing Date: Sun, 31 May 2026 09:05:07 +0800 Subject: [PATCH] feat: add customer role RBAC permissions for v1 API endpoints Grant customer.admin and customer.user roles access to llmage v1 API: - /v1/chat/completions - /v1/video/generations - /v1/image/generations - /v1/models - /v1/tasks Updated both load_path.py and setup_llmage_perms.sh --- scripts/load_path.py | 17 ++++++++++++++++- scripts/setup_llmage_perms.sh | 21 +++++++++++++++++++++ 2 files changed, 37 insertions(+), 1 deletion(-) diff --git a/scripts/load_path.py b/scripts/load_path.py index 3477c07..5bb7e60 100644 --- a/scripts/load_path.py +++ b/scripts/load_path.py @@ -77,7 +77,7 @@ PATHS_LOGINED = [ f"/{MOD}/llmusage_history/%", f"/{MOD}/llm_api_map/%", - # v1 API 目录 + # v1 API 目录(管理员通过 logined 访问) f"/{MOD}/v1/%", # 其他子目录 @@ -90,6 +90,18 @@ PATHS_LOGINED = [ f"/{MOD}/video/%", ] +# ============================================================ +# 客户角色 — v1 API 调用权限 +# ============================================================ + +PATHS_V1_CUSTOMER = [ + f"/{MOD}/v1/chat/completions/index.dspy", + f"/{MOD}/v1/video/generations/index.dspy", + f"/{MOD}/v1/image/generations/index.dspy", + f"/{MOD}/v1/models/index.dspy", + f"/{MOD}/v1/tasks/index.dspy", +] + # ============================================================ # 执行注册 # ============================================================ @@ -115,6 +127,9 @@ def main(): total = 0 total += register_role_paths("any", PATHS_ANY) total += register_role_paths("logined", PATHS_LOGINED) + # 客户角色 — v1 API 调用权限 + for role in ["customer.admin", "customer.user"]: + total += register_role_paths(role, PATHS_V1_CUSTOMER) print(f"\nDone. Total {total} permission entries registered.") print("NOTE: Restart Sage after permission changes to reload RBAC cache.") diff --git a/scripts/setup_llmage_perms.sh b/scripts/setup_llmage_perms.sh index 20b7329..f5d706b 100644 --- a/scripts/setup_llmage_perms.sh +++ b/scripts/setup_llmage_perms.sh @@ -96,6 +96,27 @@ for p in "${LLMUSAGE_PATHS[@]}"; do done done +echo "" +echo "============================================" +echo " llmage: 客户 v1 API 调用权限" +echo "============================================" + +CUSTOMER_ROLES=("customer.admin" "customer.user") + +V1_API_PATHS=( + "/llmage/v1/chat/completions/index.dspy" + "/llmage/v1/video/generations/index.dspy" + "/llmage/v1/image/generations/index.dspy" + "/llmage/v1/models/index.dspy" + "/llmage/v1/tasks/index.dspy" +) + +for p in "${V1_API_PATHS[@]}"; do + for role in "${CUSTOMER_ROLES[@]}"; do + set_perm "${role}" "${p}" + done +done + echo "" echo "============================================" echo " 权限配置完成,共设置 ${COUNT} 条权限"