From ee718750e255286366b7a071fd510e85ac1acaf2 Mon Sep 17 00:00:00 2001
From: Archer <545436317@qq.com>
Date: Tue, 29 Oct 2024 15:44:46 +0800
Subject: [PATCH] perf: dataset data auth (#3015)

---
 packages/global/core/dataset/type.d.ts        |  4 +-
 .../support/permission/dataset/auth.ts        | 94 ++++++++++---------
 .../src/pages/api/core/dataset/data/update.ts |  1 -
 3 files changed, 51 insertions(+), 48 deletions(-)

diff --git a/packages/global/core/dataset/type.d.ts b/packages/global/core/dataset/type.d.ts
index 25c1fd56cc53..ada60a1e16b5 100644
--- a/packages/global/core/dataset/type.d.ts
+++ b/packages/global/core/dataset/type.d.ts
@@ -191,7 +191,7 @@ export type DatasetDataItemType = {
   chunkIndex: number;
   indexes: DatasetDataIndexItemType[];
   isOwner: boolean;
-  canWrite: boolean;
+  // permission: DatasetPermission;
 };
 
 /* --------------- file ---------------------- */
@@ -212,7 +212,7 @@ export type DatasetFileSchema = {
 /* ============= search =============== */
 export type SearchDataResponseItemType = Omit<
   DatasetDataItemType,
-  'teamId' | 'indexes' | 'isOwner' | 'canWrite'
+  'teamId' | 'indexes' | 'isOwner'
 > & {
   score: { type: `${SearchScoreTypeEnum}`; value: number; index: number }[];
   // score: number;
diff --git a/packages/service/support/permission/dataset/auth.ts b/packages/service/support/permission/dataset/auth.ts
index eeb8d27c15ad..da58c7c9b7af 100644
--- a/packages/service/support/permission/dataset/auth.ts
+++ b/packages/service/support/permission/dataset/auth.ts
@@ -157,6 +157,7 @@ export const authDataset = async ({
     dataset
   };
 };
+
 // the temporary solution for authDatasetCollection is getting the
 export async function authDatasetCollection({
   collectionId,
@@ -194,55 +195,58 @@ export async function authDatasetCollection({
   };
 }
 
-export async function authDatasetFile({
-  fileId,
-  per,
-  ...props
-}: AuthModeType & {
-  fileId: string;
-}): Promise<
-  AuthResponseType<DatasetPermission> & {
-    file: DatasetFileSchema;
-  }
-> {
-  const { teamId, tmbId, isRoot } = await parseHeaderCert(props);
+// export async function authDatasetFile({
+//   fileId,
+//   per,
+//   ...props
+// }: AuthModeType & {
+//   fileId: string;
+// }): Promise<
+//   AuthResponseType<DatasetPermission> & {
+//     file: DatasetFileSchema;
+//   }
+// > {
+//   const { teamId, tmbId, isRoot } = await parseHeaderCert(props);
 
-  const [file, collection] = await Promise.all([
-    getFileById({ bucketName: BucketNameEnum.dataset, fileId }),
-    MongoDatasetCollection.findOne({
-      teamId,
-      fileId
-    })
-  ]);
+//   const [file, collection] = await Promise.all([
+//     getFileById({ bucketName: BucketNameEnum.dataset, fileId }),
+//     MongoDatasetCollection.findOne({
+//       teamId,
+//       fileId
+//     })
+//   ]);
 
-  if (!file) {
-    return Promise.reject(CommonErrEnum.fileNotFound);
-  }
+//   if (!file) {
+//     return Promise.reject(CommonErrEnum.fileNotFound);
+//   }
 
-  if (!collection) {
-    return Promise.reject(DatasetErrEnum.unAuthDatasetFile);
-  }
+//   if (!collection) {
+//     return Promise.reject(DatasetErrEnum.unAuthDatasetFile);
+//   }
 
-  try {
-    const { permission } = await authDatasetCollection({
-      ...props,
-      collectionId: collection._id,
-      per,
-      isRoot
-    });
+//   try {
+//     const { permission } = await authDatasetCollection({
+//       ...props,
+//       collectionId: collection._id,
+//       per,
+//       isRoot
+//     });
 
-    return {
-      teamId,
-      tmbId,
-      file,
-      permission,
-      isRoot
-    };
-  } catch (error) {
-    return Promise.reject(DatasetErrEnum.unAuthDatasetFile);
-  }
-}
+//     return {
+//       teamId,
+//       tmbId,
+//       file,
+//       permission,
+//       isRoot
+//     };
+//   } catch (error) {
+//     return Promise.reject(DatasetErrEnum.unAuthDatasetFile);
+//   }
+// }
 
+/* 
+  DatasetData permission is inherited from collection.
+*/
 export async function authDatasetData({
   dataId,
   ...props
@@ -273,8 +277,8 @@ export async function authDatasetData({
     collectionId: String(datasetData.collectionId),
     sourceName: result.collection.name || '',
     sourceId: result.collection?.fileId || result.collection?.rawLink,
-    isOwner: String(datasetData.tmbId) === String(result.tmbId),
-    canWrite: result.permission.hasWritePer
+    isOwner: String(datasetData.tmbId) === String(result.tmbId)
+    // permission: result.permission
   };
 
   return {
diff --git a/projects/app/src/pages/api/core/dataset/data/update.ts b/projects/app/src/pages/api/core/dataset/data/update.ts
index 4dad160c9897..535c002aa3c1 100644
--- a/projects/app/src/pages/api/core/dataset/data/update.ts
+++ b/projects/app/src/pages/api/core/dataset/data/update.ts
@@ -5,7 +5,6 @@ import { NextAPI } from '@/service/middleware/entry';
 import { WritePermissionVal } from '@fastgpt/global/support/permission/constant';
 import { authDatasetData } from '@fastgpt/service/support/permission/dataset/auth';
 import { ApiRequestProps } from '@fastgpt/service/type/next';
-import { MongoDatasetData } from '@fastgpt/service/core/dataset/data/schema';
 
 async function handler(req: ApiRequestProps<UpdateDatasetDataProps>) {
   const { dataId, q, a, indexes = [] } = req.body;