diff --git a/scripts/clean_permission_nodes.py b/scripts/clean_permission_nodes.py new file mode 100644 index 000000000..ece37c8d5 --- /dev/null +++ b/scripts/clean_permission_nodes.py @@ -0,0 +1,44 @@ +""" +清理权限节点数据库 + +删除所有旧的权限节点记录,让系统重新注册 +""" +import asyncio +import sys +from pathlib import Path + +# 添加项目根目录到 Python 路径 +project_root = Path(__file__).parent.parent +sys.path.insert(0, str(project_root)) + +from src.common.database.compatibility import get_db_session +from src.common.database.core.models import PermissionNodes +from src.common.logger import get_logger + +logger = get_logger("CleanPermissionNodes") + + +async def clean_permission_nodes(): + """清理所有权限节点""" + try: + from sqlalchemy import delete + + async with get_db_session() as session: + # 删除所有权限节点 + stmt = delete(PermissionNodes) + result = await session.execute(stmt) + await session.commit() + + deleted_count = result.rowcount if hasattr(result, "rowcount") else 0 + logger.info(f"✅ 已清理 {deleted_count} 个权限节点记录") + print(f"✅ 已清理 {deleted_count} 个权限节点记录") + print("请重启应用以重新注册权限节点") + + except Exception as e: + logger.error(f"❌ 清理权限节点失败: {e}") + print(f"❌ 清理权限节点失败: {e}") + raise + + +if __name__ == "__main__": + asyncio.run(clean_permission_nodes()) diff --git a/src/plugin_system/apis/permission_api.py b/src/plugin_system/apis/permission_api.py index ab8452b82..ff482deab 100644 --- a/src/plugin_system/apis/permission_api.py +++ b/src/plugin_system/apis/permission_api.py @@ -91,17 +91,7 @@ class PermissionAPI: allow_relative: bool = True, ) -> bool: self._ensure_manager() - if plugin_name != "__system__": - expected_prefix = f"plugins.{plugin_name}." - if allow_relative and not node_name.startswith("plugins."): - node_name = f"{expected_prefix}{node_name}" - elif not node_name.startswith(expected_prefix): - logger.error( - "权限节点名称不符合规范,期望以 %s 开头: %s", - expected_prefix, - node_name, - ) - return False + original_name = node_name node = PermissionNode(node_name, description, plugin_name, default_granted) if not self._permission_manager: diff --git a/src/plugin_system/core/permission_manager.py b/src/plugin_system/core/permission_manager.py index 6b4c5e88a..3132c48c8 100644 --- a/src/plugin_system/core/permission_manager.py +++ b/src/plugin_system/core/permission_manager.py @@ -131,20 +131,12 @@ class PermissionManager(IPermissionManager): bool: 注册是否成功 """ try: - expected_prefix = f"plugins.{node.plugin_name}." - if node.plugin_name != "__system__" and not node.node_name.startswith(expected_prefix): - logger.error( - "权限节点名称不符合规范,期望以 %s 开头: %s", - expected_prefix, - node.node_name, - ) - return False - async with self.SessionLocal() as session: - # 检查节点是否已存在(仅支持规范化后的名称) + # 检查节点是否已存在 result = await session.execute(select(PermissionNodes).filter_by(node_name=node.node_name)) existing_node = result.scalar_one_or_none() if existing_node: + # 更新现有节点的信息 existing_node.description = node.description existing_node.plugin_name = node.plugin_name existing_node.default_granted = node.default_granted @@ -344,12 +336,6 @@ class PermissionManager(IPermissionManager): """ try: async with self.SessionLocal() as session: - # 移除未规范化的旧权限节点 - await session.execute( - delete(PermissionNodes).where(~PermissionNodes.node_name.like("plugins.%")) - ) - await session.commit() - result = await session.execute(select(PermissionNodes)) nodes = result.scalars().all() return [ @@ -381,14 +367,6 @@ class PermissionManager(IPermissionManager): """ try: async with self.SessionLocal() as session: - # 返回前清理未规范化的旧节点 - await session.execute( - delete(PermissionNodes) - .where(PermissionNodes.plugin_name == plugin_name) - .where(~PermissionNodes.node_name.like("plugins.%")) - ) - await session.commit() - result = await session.execute(select(PermissionNodes).filter_by(plugin_name=plugin_name)) nodes = result.scalars().all() return [ diff --git a/src/plugin_system/utils/permission_decorators.py b/src/plugin_system/utils/permission_decorators.py index 646b8c3d6..ad0528bc8 100644 --- a/src/plugin_system/utils/permission_decorators.py +++ b/src/plugin_system/utils/permission_decorators.py @@ -16,7 +16,7 @@ from src.plugin_system.apis.send_api import text_to_stream logger = get_logger(__name__) -def require_permission(permission_node: str, deny_message: str | None = None, *, use_full_name: bool = True): +def require_permission(permission_node: str, deny_message: str | None = None, *, use_full_name: bool = False): """ 权限检查装饰器 @@ -96,7 +96,7 @@ def require_permission(permission_node: str, deny_message: str | None = None, *, return None full_permission_node = f"plugins.{plugin_name}.{permission_node}" - logger.debug(f"自动构建权限节点: {permission_node} -> {full_permission_node}") + logger.info(f"自动构建权限节点: {permission_node} -> {full_permission_node} (插件: {plugin_name})") # 检查权限 if not chat_stream.user_info or not chat_stream.user_info.user_id: diff --git a/template/bot_config_template.toml b/template/bot_config_template.toml index 54ce4508b..88588e4a8 100644 --- a/template/bot_config_template.toml +++ b/template/bot_config_template.toml @@ -383,7 +383,7 @@ console_log_level = "INFO" # 控制台日志级别,可选: DEBUG, INFO, WARNIN file_log_level = "DEBUG" # 文件日志级别,可选: DEBUG, INFO, WARNING, ERROR, CRITICAL # 第三方库日志控制 -suppress_libraries = ["faiss","httpx", "urllib3", "asyncio", "websockets", "httpcore", "requests", "peewee", "openai","uvicorn","rjieba","maim_message"] # 完全屏蔽的库 +suppress_libraries = ["faiss","httpx", "urllib3", "asyncio", "websockets", "httpcore", "requests", "aiosqlite", "openai","uvicorn","rjieba","maim_message"] # 完全屏蔽的库 library_log_levels = { "aiohttp" = "WARNING"} # 设置特定库的日志级别 [dependency_management] # 插件Python依赖管理配置