fix: model-data endpoint unauthentication and improve error handling for authentication and model operations (opentiny#294)

Author: msslulu

base/src/main/java/com/tinyengine/it/common/exception/ExceptionEnum.java

@@ -336,7 +336,23 @@ public enum ExceptionEnum implements IBaseError {
     /**
      * Cm 342 exception enum.
      */
-    CM342("CM342", "数字格式异常");
+    CM342("CM342", "数字格式异常"),
+
+
+    /**
+     * Cm 343 exception enum.
+     */
+    CM343("CM343", "该用户名已被注册，请尝试其他名称"),
+
+    /**
+     * Cm 344 exception enum.
+     */
+    CM344("CM344", "账户恢复代码无效"),
+
+    /**
+     * Cm 345 exception enum.
+     */
+    CM345("CM345", "用户名不存在,请重新输入"),;
     /**
      * 错误码
      */

base/src/main/java/com/tinyengine/it/dynamic/service/DynamicModelService.java

@@ -44,6 +44,10 @@ public class DynamicModelService {
 	 */
 	@Transactional
 	public void createDynamicTable(Model modelMetadata)  {
+		if(modelMetadata.getParameters()==null || modelMetadata.getParameters().isEmpty()){
+			throw new ServiceException(ExceptionEnum.CM001.getResultCode(), "Model parameters cannot be null or empty");
+
+		}
 		String tableName = getTableName(modelMetadata.getNameEn());
 		String sql = generateCreateTableSQL(tableName, modelMetadata);
 
@@ -314,7 +318,9 @@ private Object convertValueByType(Object value, String fieldType, String columnN
 	public void modifyTableStructure(Model model) {
 		String tableName = getTableName(model.getNameEn());
 		List<ParametersDto> parameters = model.getParameters();
-
+		if(parameters == null || parameters.isEmpty()){
+			throw new IllegalArgumentException("Model parameters cannot be null or empty");
+		}
 
 		// Fetch existing table structure
 		String fetchColumnsSql = "SELECT COLUMN_NAME, DATA_TYPE FROM INFORMATION_SCHEMA.COLUMNS WHERE TABLE_NAME = ?";
@@ -393,7 +399,7 @@ private static String mapJavaTypeToSQL(String javaType) {
 			return "VARCHAR(255)"; // 默认处理
 		}
 		switch (javaType) {
-			case "String":
+			case "String", "ModelRef":
 				return "VARCHAR";
 			case "Number":
 				return "INT";
@@ -442,6 +448,9 @@ private String generateColumnDefinition(ParametersDto field,String type) {
 			case "Enum":
 				sb.append("ENUM").append("(").append(getEnumOptions(field.getOptions())).append(")");
 				break;
+			case "ModelRef":
+				sb.append("VARCHAR(255)"); // 存储JSON字符串，长度可根据实际需求调整
+				break;
 			default:
 				sb.append("TEXT");
 		}
@@ -462,9 +471,17 @@ private String generateColumnDefinition(ParametersDto field,String type) {
 
 	private String getEnumOptions(String optionStr) {
 		List<String> options= new ArrayList<>();
-		JSONArray jsonlist = JSON.parseArray(optionStr);
-		for (int i = 0; i < jsonlist.size(); i++) {
-			String value = jsonlist.getJSONObject(i).getString("value");
+		if(optionStr == null || optionStr.trim().isEmpty()){
+			throw new IllegalArgumentException("Enum options cannot be null or empty");
+		}
+		JSONArray jsonList;
+		try {
+			 jsonList = JSON.parseArray(optionStr);
+		} catch (Exception e) {
+			throw new IllegalArgumentException("Invalid enum options format, expected JSON array string", e);
+		}
+		for (int i = 0; i < jsonList.size(); i++) {
+			String value = jsonList.getJSONObject(i).getString("value");
 			options.add(value);
 		}
 

base/src/main/java/com/tinyengine/it/dynamic/service/DynamicService.java

@@ -4,6 +4,7 @@
 import com.tinyengine.it.common.context.LoginUserContext;
 import com.tinyengine.it.dynamic.dao.ModelDataDao;
 import com.tinyengine.it.dynamic.dto.*;
+import com.tinyengine.it.model.entity.Model;
 import com.tinyengine.it.service.material.ModelService;
 import jakarta.transaction.Transactional;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -112,7 +113,18 @@ public Map<String, Object> insert(DynamicInsert dto) {
 		Map<String, Object> params = new HashMap<>();
 		params.put("tableName", tableName);
 		params.put("data", dto.getParams());
+
+
 		String userId = loginUserContext.getLoginUserId();
+		if( userId == null || userId.trim().isEmpty()) {
+			List<Model> modelList = modelService.getModelByEnName(dto.getNameEn());
+			if( modelList.isEmpty()) {
+				throw new IllegalArgumentException("模型不存在: " + dto.getNameEn());
+			}else {
+				userId=modelList.get(0).getCreatedBy();
+			}
+		}
+
 		// 添加系统字段
 		dto.getParams().put("created_by", userId);
 		dto.getParams().put("updated_by", userId);

base/src/main/java/com/tinyengine/it/login/config/LoginConfig.java

@@ -44,7 +44,9 @@ public void addInterceptors(InterceptorRegistry registry) {
                 "/app-center/api/ai/chat",
                 "/app-center/api/chat/completions",
                 // 图片文件资源下载
-                "/material-center/api/resource/download/*"
+                "/material-center/api/resource/download/*",
+                //模型驱动
+                "/platform-center/api/model-data/**"
             );
     }
 }

base/src/main/java/com/tinyengine/it/login/service/impl/LoginServiceImpl.java

@@ -58,8 +58,8 @@ public User createUser(User user) throws Exception {
         userParam.setUsername(user.getUsername());
         List<User> users = baseMapper.queryUserByCondition(userParam);
         if (!users.isEmpty()) {
-            throw new ServiceException(ExceptionEnum.CM003.getResultCode(),
-                ExceptionEnum.CM003.getResultMsg());
+            throw new ServiceException(ExceptionEnum.CM343.getResultCode(),
+                ExceptionEnum.CM343.getResultMsg());
         }
         KeyPair keyPair = generateSM2KeyPair();
         PublicKey publicKey = keyPair.getPublic();
@@ -98,14 +98,19 @@ public Result forgotPassword(User user) throws Exception {
         userParam.setUsername(user.getUsername());
         List<User> users = baseMapper.queryUserByCondition(userParam);
         if (users.isEmpty()) {
-            return Result.failed(ExceptionEnum.CM002);
+            return Result.failed(ExceptionEnum.CM345);
         }
         User userResult = users.get(0);
-        PublicKey publicKey = getPublicKeyFromBase64(user.getPublicKey());
+        PublicKey publicKey;
+        try {
+            publicKey = getPublicKeyFromBase64(user.getPublicKey());
+        } catch (Exception e) {
+            return Result.failed(ExceptionEnum.CM344);
+        }
         PrivateKey privateKey = getPrivateKeyFromBase64(userResult.getPrivateKey());
         // 验证publickey
         if (!validatorPublicKey(userResult.getSalt(), publicKey, privateKey)) {
-            return Result.failed(ExceptionEnum.CM335);
+            return Result.failed(ExceptionEnum.CM344);
         }
         String cipherText = encrypt(user.getSalt(), publicKey);
         user.setSalt(cipherText);

base/src/main/java/com/tinyengine/it/mapper/AppMapper.java

@@ -48,6 +48,18 @@ public interface AppMapper extends BaseMapper<App> {
     List<App> queryAllAppByPage(Integer pageSize, Integer offset, String name, Integer industryId,
         Integer sceneId, String framework, String orderBy, String createdBy, String tenantId);
 
+    /**
+     * 根据条件查询表t_app数据总数
+     * @param name
+     * @param industryId
+     * @param sceneId
+     * @param framework
+     * @param createdBy
+     * @param tenantId
+     * @return
+     */
+    Long queryAppCount(String name, Integer industryId, Integer sceneId, String framework, String createdBy, String tenantId);
+
     /**
      * 查询表t_app 应用总数
      *

base/src/main/java/com/tinyengine/it/service/app/impl/AppServiceImpl.java

@@ -12,6 +12,7 @@
 
 package com.tinyengine.it.service.app.impl;
 
+import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
 import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
 import com.tinyengine.it.common.base.Result;
 import com.tinyengine.it.common.context.LoginUserContext;
@@ -112,10 +113,14 @@ public AppDto queryAllAppByPage(Integer currentPage, Integer pageSize, String or
         List<App> apps = this.baseMapper.queryAllAppByPage(pageSize, offset, app.getName(),
             app.getIndustryId(), app.getSceneId(), app.getFramework(), orderBy, app.getCreatedBy(),
             tenantId);
-        Integer total = this.baseMapper.queryAppTotal(tenantId);
+        // Query total count directly
+        Long totalCount = this.baseMapper.queryAppCount(app.getName(), app.getIndustryId(),
+            app.getSceneId(), app.getFramework(), app.getCreatedBy(), tenantId);
+
+       // Integer total = this.baseMapper.queryAppTotal(tenantId);
         AppDto appDto = new AppDto();
         appDto.setApps(apps);
-        appDto.setTotal(total);
+        appDto.setTotal(Math.toIntExact(totalCount));
         return appDto;
     }
 
@@ -180,11 +185,20 @@ public Result<App> updateAppById(App app) {
             appExtendConfig.remove("route");
             app.getExtendConfig().putAll(appExtendConfig);
         }
+        String tenantId = app.getTenantId();
+        if(tenantId == null) {
+            tenantId = loginUserContext.getTenantId();
+            app.setTenantId(tenantId);
+        }
+        App appselect = baseMapper.queryAppById(app.getId(), tenantId);
+        if(appselect == null) {
+            return Result.failed(ExceptionEnum.CM009);
+        }
         int result = baseMapper.updateAppById(app);
         if (result < 1) {
             return Result.failed(ExceptionEnum.CM001);
         }
-        App selectedApp = baseMapper.queryAppById(app.getId(), loginUserContext.getTenantId());
+        App selectedApp = baseMapper.queryAppById(app.getId(), tenantId);
         return Result.success(selectedApp);
     }
 

base/src/main/java/com/tinyengine/it/service/app/impl/PageServiceImpl.java

@@ -438,7 +438,7 @@ public boolean setAppHomePage(int appId, int pageId) {
         App app = new App();
         app.setId(appId);
         app.setHomePage(pageId);
-
+        app.setTenantId(loginUserContext.getTenantId());
         int result = appMapper.updateAppById(app);
         return result >= 1;
     }

base/src/main/java/com/tinyengine/it/service/material/ModelService.java

@@ -34,6 +34,13 @@ public interface ModelService extends IService<Model>{
      */
     List<Model> getModelByName(String nameCn);
 
+    /**
+     * 根据name查询表t_model信息
+     *
+     * @return the model list
+     */
+    List<Model> getModelByEnName(String nameEn);
+
     /**
      * 分页查询表t_model
      *

base/src/main/java/com/tinyengine/it/service/material/impl/ModelServiceImpl.java

@@ -15,6 +15,7 @@
 import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
 import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
 import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
+import com.tinyengine.it.common.context.LoginUserContext;
 import com.tinyengine.it.common.enums.Enums;
 import com.tinyengine.it.common.exception.ExceptionEnum;
 import com.tinyengine.it.common.exception.ServiceException;
@@ -44,6 +45,9 @@ public class ModelServiceImpl extends ServiceImpl<ModelMapper, Model> implements
 
     @Autowired
     private DynamicModelService dynamicModelService;
+
+    @Autowired
+    private LoginUserContext loginUserContext;
     /**
      * 查询表t_model信息
      *
@@ -70,6 +74,19 @@ public List<Model> getModelByName(String nameCn) {
         return this.baseMapper.selectList(queryWrapper);
     }
 
+    /**
+     * 根据name查询表t_model信息
+     *
+     * @param nameEn
+     * @return the model list
+     */
+    @Override
+    @SystemServiceLog(description = "根据名称查询model实现方法")
+    public List<Model> getModelByEnName(String nameEn) {
+        QueryWrapper<Model> queryWrapper = new QueryWrapper<>();
+        queryWrapper.eq("name_en", nameEn);
+        return this.baseMapper.selectList(queryWrapper);    }
+
     /**
      * 分页查询表t_model信息
      *
@@ -94,7 +111,8 @@ public Page<Model> pageQuery(int currentPage, int pageSize, String nameCn, Strin
                 queryWrapper.like("name_en", nameEn);
             }
         }
-
+        queryWrapper.eq("created_by", loginUserContext.getLoginUserId());
+        queryWrapper.eq("tenant_id", loginUserContext.getTenantId());
         page(page, queryWrapper);
         return page;
     }
@@ -112,9 +130,7 @@ public Page<Model> pageQuery(int currentPage, int pageSize, String nameCn, Strin
     public Model createModel(Model model) {
         // 验证模型唯一性
         QueryWrapper<Model> queryWrapper = new QueryWrapper<>();
-        queryWrapper.eq("name_cn", model.getNameCn())
-            .or()
-            .eq("name_en", model.getNameEn());
+        queryWrapper.eq("name_en", model.getNameEn());
         if (this.baseMapper.selectCount(queryWrapper) > 0) {
             throw new ServiceException(ExceptionEnum.CM003.getResultCode(), "Model with the same name already exists");
         }
@@ -124,6 +140,7 @@ public Model createModel(Model model) {
         methodDtos.add(getMethodDto(Enums.methodName.QUERY.getValue(), Enums.methodName.QUERYAPI.getValue(), model));
         methodDtos.add(getMethodDto(Enums.methodName.DELETE.getValue(), Enums.methodName.DELETEAPI.getValue(), model));
         model.setMethod(methodDtos);
+        model.setTenantId(loginUserContext.getTenantId());
         int result = this.baseMapper.createModel(model);
         if (result != 1) {
             throw new ServiceException(ExceptionEnum.CM001.getResultCode(), ExceptionEnum.CM001.getResultCode());