#!/usr/bin/env python3 """ rag 模块 RBAC 权限管理脚本 使用方法: cd ~/repos/sage ./py3/bin/python ~/repos/rag/scripts/load_path.py """ import subprocess import os import sys def find_sage_root(): candidates = [ os.path.expanduser("~/repos/sage"), os.path.expanduser("~/sage"), os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__)))), ] for c in candidates: if os.path.isdir(os.path.join(c, "py3")) and os.path.isdir(os.path.join(c, "wwwroot")): return c return None SAGE_ROOT = find_sage_root() if not SAGE_ROOT: print("ERROR: Cannot find Sage root directory") sys.exit(1) PYTHON = os.path.join(SAGE_ROOT, "py3", "bin", "python") SET_PERM_SCRIPT = os.path.join(SAGE_ROOT, "set_role_perm.py") MOD = "rag" # ============================================================ # 权限路径定义 # ============================================================ # any — 无需登录 PATHS_ANY = [ f"/{MOD}/menu.ui", ] # logined — 所有已登录用户 PATHS_LOGINED = [ # 模块入口 f"/{MOD}", f"/{MOD}/index.ui", # 顶层 .ui 页面 f"/{MOD}/add.ui", f"/{MOD}/query.ui", # 顶层 .dspy f"/{MOD}/conformed_delete.dspy", f"/{MOD}/delete_folder_or_file.dspy", f"/{MOD}/get_folder_subs.dspy", f"/{MOD}/get_my_kdbs.dspy", f"/{MOD}/get_user_kdb.dspy", f"/{MOD}/getallfiles.dspy", f"/{MOD}/program_selected.dspy", f"/{MOD}/ragllminference.dspy", f"/{MOD}/test_fusesearch.dspy", f"/{MOD}/test_query.dspy", f"/{MOD}/test_textinsert.dspy", f"/{MOD}/upload_file.dspy", # api/ f"/{MOD}/api/add/index.dspy", f"/{MOD}/api/delete/index.dspy", f"/{MOD}/api/query/index.dspy", # kdb/ f"/{MOD}/kdb/index.ui", f"/{MOD}/kdb/get_kdb.dspy", f"/{MOD}/kdb/add_kdb.dspy", f"/{MOD}/kdb/update_kdb.dspy", f"/{MOD}/kdb/delete_kdb.dspy", # folder/ f"/{MOD}/folder/index.ui", f"/{MOD}/folder/get_folder.dspy", f"/{MOD}/folder/add_folder.dspy", f"/{MOD}/folder/update_folder.dspy", f"/{MOD}/folder/delete_folder.dspy", # ragprogram/ f"/{MOD}/ragprogram/index.ui", f"/{MOD}/ragprogram/get_ragprogram.dspy", f"/{MOD}/ragprogram/add_ragprogram.dspy", f"/{MOD}/ragprogram/update_ragprogram.dspy", f"/{MOD}/ragprogram/delete_ragprogram.dspy", # ragquota/ f"/{MOD}/ragquota/index.ui", f"/{MOD}/ragquota/get_ragquota.dspy", f"/{MOD}/ragquota/add_ragquota.dspy", f"/{MOD}/ragquota/update_ragquota.dspy", f"/{MOD}/ragquota/delete_ragquota.dspy", # ragservices/ f"/{MOD}/ragservices/index.ui", f"/{MOD}/ragservices/get_ragservices.dspy", f"/{MOD}/ragservices/add_ragservices.dspy", f"/{MOD}/ragservices/update_ragservices.dspy", f"/{MOD}/ragservices/delete_ragservices.dspy", # service_opts/ f"/{MOD}/service_opts/index.ui", f"/{MOD}/service_opts/get_service_opts.dspy", f"/{MOD}/service_opts/add_service_opts.dspy", f"/{MOD}/service_opts/update_service_opts.dspy", f"/{MOD}/service_opts/delete_service_opts.dspy", ] # ============================================================ # 执行注册 # ============================================================ def run_set_perm(role, path): cmd = [PYTHON, SET_PERM_SCRIPT, role, path] result = subprocess.run(cmd, capture_output=True, text=True) return result.returncode == 0 def register_role_paths(role, paths): count = 0 for p in paths: if run_set_perm(role, p): count += 1 print(f" {role}: {count}/{len(paths)} paths registered") return count def main(): print(f"Sage root: {SAGE_ROOT}") total = 0 total += register_role_paths("any", PATHS_ANY) total += register_role_paths("logined", PATHS_LOGINED) print(f"\nDone. Total {total} permission entries registered.") print("NOTE: Restart Sage after permission changes to reload RBAC cache.") if __name__ == "__main__": main()