feat: add customer role RBAC permissions for v1 API endpoints
Grant customer.admin and customer.user roles access to llmage v1 API: - /v1/chat/completions - /v1/video/generations - /v1/image/generations - /v1/models - /v1/tasks Updated both load_path.py and setup_llmage_perms.sh
This commit is contained in:
parent
022269040f
commit
ce5cfc4463
@ -77,7 +77,7 @@ PATHS_LOGINED = [
|
|||||||
f"/{MOD}/llmusage_history/%",
|
f"/{MOD}/llmusage_history/%",
|
||||||
f"/{MOD}/llm_api_map/%",
|
f"/{MOD}/llm_api_map/%",
|
||||||
|
|
||||||
# v1 API 目录
|
# v1 API 目录(管理员通过 logined 访问)
|
||||||
f"/{MOD}/v1/%",
|
f"/{MOD}/v1/%",
|
||||||
|
|
||||||
# 其他子目录
|
# 其他子目录
|
||||||
@ -90,6 +90,18 @@ PATHS_LOGINED = [
|
|||||||
f"/{MOD}/video/%",
|
f"/{MOD}/video/%",
|
||||||
]
|
]
|
||||||
|
|
||||||
|
# ============================================================
|
||||||
|
# 客户角色 — v1 API 调用权限
|
||||||
|
# ============================================================
|
||||||
|
|
||||||
|
PATHS_V1_CUSTOMER = [
|
||||||
|
f"/{MOD}/v1/chat/completions/index.dspy",
|
||||||
|
f"/{MOD}/v1/video/generations/index.dspy",
|
||||||
|
f"/{MOD}/v1/image/generations/index.dspy",
|
||||||
|
f"/{MOD}/v1/models/index.dspy",
|
||||||
|
f"/{MOD}/v1/tasks/index.dspy",
|
||||||
|
]
|
||||||
|
|
||||||
# ============================================================
|
# ============================================================
|
||||||
# 执行注册
|
# 执行注册
|
||||||
# ============================================================
|
# ============================================================
|
||||||
@ -115,6 +127,9 @@ def main():
|
|||||||
total = 0
|
total = 0
|
||||||
total += register_role_paths("any", PATHS_ANY)
|
total += register_role_paths("any", PATHS_ANY)
|
||||||
total += register_role_paths("logined", PATHS_LOGINED)
|
total += register_role_paths("logined", PATHS_LOGINED)
|
||||||
|
# 客户角色 — v1 API 调用权限
|
||||||
|
for role in ["customer.admin", "customer.user"]:
|
||||||
|
total += register_role_paths(role, PATHS_V1_CUSTOMER)
|
||||||
print(f"\nDone. Total {total} permission entries registered.")
|
print(f"\nDone. Total {total} permission entries registered.")
|
||||||
print("NOTE: Restart Sage after permission changes to reload RBAC cache.")
|
print("NOTE: Restart Sage after permission changes to reload RBAC cache.")
|
||||||
|
|
||||||
|
|||||||
@ -96,6 +96,27 @@ for p in "${LLMUSAGE_PATHS[@]}"; do
|
|||||||
done
|
done
|
||||||
done
|
done
|
||||||
|
|
||||||
|
echo ""
|
||||||
|
echo "============================================"
|
||||||
|
echo " llmage: 客户 v1 API 调用权限"
|
||||||
|
echo "============================================"
|
||||||
|
|
||||||
|
CUSTOMER_ROLES=("customer.admin" "customer.user")
|
||||||
|
|
||||||
|
V1_API_PATHS=(
|
||||||
|
"/llmage/v1/chat/completions/index.dspy"
|
||||||
|
"/llmage/v1/video/generations/index.dspy"
|
||||||
|
"/llmage/v1/image/generations/index.dspy"
|
||||||
|
"/llmage/v1/models/index.dspy"
|
||||||
|
"/llmage/v1/tasks/index.dspy"
|
||||||
|
)
|
||||||
|
|
||||||
|
for p in "${V1_API_PATHS[@]}"; do
|
||||||
|
for role in "${CUSTOMER_ROLES[@]}"; do
|
||||||
|
set_perm "${role}" "${p}"
|
||||||
|
done
|
||||||
|
done
|
||||||
|
|
||||||
echo ""
|
echo ""
|
||||||
echo "============================================"
|
echo "============================================"
|
||||||
echo " 权限配置完成,共设置 ${COUNT} 条权限"
|
echo " 权限配置完成,共设置 ${COUNT} 条权限"
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user