AI/dify
1
0
Fork 0
mirror of https://git.mirrors.martin98.com/https://github.com/langgenius/dify.git synced 2025-08-15 15:25:58 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix: update code for access denied error

Browse Source
This commit is contained in:
GareArc 2025-04-11 02:45:46 -04:00
parent 7a4ec9cf23
commit a1dc3cfdec
3 changed files with 7 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
api/controllers/web/error.py
View File

@ -127,8 +127,8 @@ class WebAppAuthRequiredError(BaseHTTPException):
code = 401 code = 401
class WebAppAuthFailedError(BaseHTTPException): class WebAppAuthAccessDeniedError(BaseHTTPException):
error_code = "web_app_auth_failed" error_code = "web_app_access_denied"
description = "You do not have permission to access this web app." description = "You do not have permission to access this web app."
code = 401 code = 401

5
api/controllers/web/wraps.py
View File

@ -4,7 +4,8 @@ from flask import request
from flask_restful import Resource # type: ignore from flask_restful import Resource # type: ignore
from werkzeug.exceptions import BadRequest, NotFound, Unauthorized from werkzeug.exceptions import BadRequest, NotFound, Unauthorized
from controllers.web.error import WebAppAuthFailedError, WebAppAuthRequiredError from controllers.web.error import (WebAppAuthAccessDeniedError,
WebAppAuthRequiredError)
from extensions.ext_database import db from extensions.ext_database import db
from libs.passport import PassportService from libs.passport import PassportService
from models.model import App, EndUser, Site from models.model import App, EndUser, Site
@ -103,7 +104,7 @@ def _validate_user_accessibility(decoded, app_code, app_web_auth_enabled: bool,
raise WebAppAuthRequiredError() raise WebAppAuthRequiredError()
if not EnterpriseService.is_user_allowed_to_access_webapp(user_id, app_code=app_code): if not EnterpriseService.is_user_allowed_to_access_webapp(user_id, app_code=app_code):
raise WebAppAuthFailedError() raise WebAppAuthAccessDeniedError()
class WebApiResource(Resource): class WebApiResource(Resource):

4
api/services/webapp_auth_service.py
View File

@ -5,7 +5,7 @@ from typing import Any, Optional, cast
from werkzeug.exceptions import NotFound, Unauthorized from werkzeug.exceptions import NotFound, Unauthorized
from configs import dify_config from configs import dify_config
from controllers.web.error import WebAppAuthFailedError from controllers.web.error import WebAppAuthAccessDeniedError
from extensions.ext_database import db from extensions.ext_database import db
from libs.helper import TokenManager from libs.helper import TokenManager
from libs.passport import PassportService from libs.passport import PassportService
@ -115,7 +115,7 @@ class WebAppAuthService:
if app_settings.access_mode != "public" and not EnterpriseService.is_user_allowed_to_access_webapp( if app_settings.access_mode != "public" and not EnterpriseService.is_user_allowed_to_access_webapp(
account.id, app_code=app_code account.id, app_code=app_code
): ):
raise WebAppAuthFailedError() raise WebAppAuthAccessDeniedError()
@classmethod @classmethod
def _get_account_jwt_token(cls, account: Account, site: Site, end_user_id: str) -> str: def _get_account_jwt_token(cls, account: Account, site: Site, end_user_id: str) -> str: