fix(auth): harden confidential knowledge access checks and sensitivity filtering

2026-02-09 17:09:34 +08:00
parent 71f8f7d1c3
commit 2f8645a011
19 changed files with 383 additions and 80 deletions
--- a/frontend/src/pages/KnowledgeManagement/knowledge-management.const.tsx
+++ b/frontend/src/pages/KnowledgeManagement/knowledge-management.const.tsx
@@ -11,6 +11,7 @@ import {
  KnowledgeContentType,
  KnowledgeItem,
  KnowledgeSet,
+  KnowledgeSensitivityType,
  KnowledgeSourceType,
  KnowledgeStatusType,
 } from "./knowledge-management.model";
@@ -66,10 +67,22 @@ export const knowledgeSourceTypeOptions = [
  { label: "文件上传", value: KnowledgeSourceType.FILE_UPLOAD },
 ];

-// export const sensitivityOptions = [
-//   { label: "敏感", value: "敏感" },
-//   { label: "不敏感", value: "不敏感" },
-// ];
+export const sensitivityOptions = [
+  { label: "公开", value: KnowledgeSensitivityType.PUBLIC },
+  { label: "内部", value: KnowledgeSensitivityType.INTERNAL },
+  { label: "保密", value: KnowledgeSensitivityType.CONFIDENTIAL },
+];
+
+export type SensitivityMeta = {
+  label: string;
+  color: string;
+};
+
+export const sensitivityMap: Record<string, SensitivityMeta> = {
+  [KnowledgeSensitivityType.PUBLIC]: { label: "公开", color: "#52c41a" },
+  [KnowledgeSensitivityType.INTERNAL]: { label: "内部", color: "#1677ff" },
+  [KnowledgeSensitivityType.CONFIDENTIAL]: { label: "保密", color: "#f5222d" },
+};

 export type KnowledgeSetView = {
  id: string;
@@ -118,6 +131,7 @@ export type KnowledgeItemView = {
 };

 export function mapKnowledgeSet(data: KnowledgeSet): KnowledgeSetView {
+  const normalizedSensitivity = data.sensitivity?.toUpperCase();
  return {
    id: data.id,
    name: data.name,
@@ -131,7 +145,7 @@ export function mapKnowledgeSet(data: KnowledgeSet): KnowledgeSetView {
    validFrom: data.validFrom,
    validTo: data.validTo,
    sourceType: data.sourceType,
-    sensitivity: data.sensitivity,
+    sensitivity: normalizedSensitivity,
    metadata: data.metadata,
    createdAt: data.createdAt ? formatDateTime(data.createdAt) : "",
    updatedAt: data.updatedAt ? formatDateTime(data.updatedAt) : "",
@@ -142,6 +156,7 @@ export function mapKnowledgeSet(data: KnowledgeSet): KnowledgeSetView {
 }

 export function mapKnowledgeItem(data: KnowledgeItem): KnowledgeItemView {
+  const normalizedSensitivity = data.sensitivity?.toUpperCase();
  return {
    id: data.id,
    setId: data.setId,
@@ -156,7 +171,7 @@ export function mapKnowledgeItem(data: KnowledgeItem): KnowledgeItemView {
    validFrom: data.validFrom,
    validTo: data.validTo,
    sourceType: data.sourceType,
-    sensitivity: data.sensitivity,
+    sensitivity: normalizedSensitivity,
    sourceDatasetId: data.sourceDatasetId,
    sourceFileId: data.sourceFileId,
    relativePath: data.relativePath,