youngkingdom/dify
1
0
Fork 0
mirror of https://github.com/langgenius/dify.git synced 2026-05-20 08:46:57 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
cf5ebe9430e9f14f92dc3a7c3db6541ef4e823cf
dify/api/controllers/openapi/app_info.py
GareArc cf5ebe9430 feat(openapi): app-run endpoints with auth pipeline 
Ports service_api/app/{completion,workflow}.py to bearer-authed
/openapi/v1/apps/<app_id>/{info,chat-messages,completion-messages,workflows/run}.

Architecture:
- New controllers/openapi/auth/ package: Pipeline + Step protocol over
  one mutable Context. Endpoints attach via @APP_PIPELINE.guard(scope=...)
  — single attachment point; forgetting auth is structurally impossible.
- Pipeline order: BearerCheck -> ScopeCheck -> AppResolver -> AppAuthzCheck
  -> CallerMount.
- Strategies vary along independent axes: AclStrategy (EE webapp-auth inner
  API) vs MembershipStrategy (CE TenantAccountJoin); AccountMounter vs
  EndUserMounter dispatched by SubjectType.
- App is in URL path (not header). Each non-GET has typed Pydantic Request;
  each non-SSE response has typed Pydantic Response. Bearer-as-identity:
  body 'user' field stripped, ignored if present.

Adds InvokeFrom.OPENAPI enum variant. Emits app.run.openapi audit log
on successful invocation via standard logger extra={"audit": True, ...}
convention.
2026-04-27 17:25:17 -07:00

37 lines
1002 B
Python
Raw Blame History

"""GET /openapi/v1/apps/<app_id>/info — port of service_api/app/app.py:AppInfoApi."""
from __future__ import annotations
from flask_restx import Resource
from pydantic import BaseModel
from controllers.openapi import openapi_ns
from controllers.openapi.auth.composition import APP_PIPELINE
class AppInfoResponse(BaseModel):
id: str
name: str
description: str | None = None
mode: str
author_name: str | None = None
tags: list[str] = []
def _unpack_app(app_model):
return app_model
@openapi_ns.route("/apps/<string:app_id>/info")
class AppInfoApi(Resource):
@APP_PIPELINE.guard(scope="apps:run")
def get(self, app_id, app_model, caller, caller_kind):
app = _unpack_app(app_model)
return AppInfoResponse(
id=app.id,
name=app.name,
description=app.description,
mode=app.mode,
author_name=app.author_name,
tags=[t.name for t in app.tags],
).model_dump(mode="json")
Reference in New Issue View Git Blame Copy Permalink