YG-Soft/X-Financial
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: 支持 ONLYOFFICE 持久化配置管理

Browse Source 
- 添加 SettingsRenderForm schema 和 renderForm 字段
- 实现数据库 schema 自动迁移(onlyoffice_enabled, onlyoffice_public_url, onlyoffice_jwt_secret_encrypted)
- 新增 resolve_onlyoffice_settings() 函数支持运行时配置解析
- 知识库服务改用数据库配置替代运行时配置
- 前端添加文件渲染配置页面,支持 JWT 密钥管理
- 完善相关测试覆盖
This commit is contained in:
caoxiaozhu
2026-05-09 08:02:01 +00:00
parent 94122fd34b
commit 4fbd313f35
14 changed files with 735 additions and 314 deletions
Download Patch File Download Diff File Expand all files Collapse all files

55
web/src/views/SettingsView.vue
View File

@@ -401,10 +401,57 @@
</div>
</section>
</div>
</template>
<template v-else-if="activeSection === 'logs'">
<section class="settings-card">
</template>
<template v-else-if="activeSection === 'rendering'">
<section class="settings-card">
<div class="card-head">
<div>
<h4>ONLYOFFICE 服务配置</h4>
<p>维护文件渲染开关文档服务对外地址和 JWT 密钥后端回调地址继续由部署配置管理</p>
</div>
</div>
<div class="switch-group">
<button class="switch-row" type="button" @click="toggleBoolean('renderForm', 'enabled')">
<span class="switch-copy">
<strong>启用 ONLYOFFICE 文件渲染</strong>
<small>启用后知识库中的 Office 文件将优先走 ONLYOFFICE 在线预览</small>
</span>
<span class="switch" :class="{ active: pageState.renderForm.enabled }"><i></i></span>
</button>
</div>
<div class="form-grid">
<label class="field field-full">
<span><em>*</em> ONLYOFFICE 服务地址</span>
<input
v-model="pageState.renderForm.publicUrl"
type="text"
placeholder="例如 http://10.10.10.122:8082"
/>
</label>
<label class="field field-full">
<span><em>*</em> JWT 密钥</span>
<input
v-model="pageState.renderForm.jwtSecret"
type="password"
autocomplete="off"
@focus="clearRenderSecretMask"
:placeholder="pageState.renderForm.jwtSecretConfigured ? '已配置,如需修改请重新输入' : '保存后不会保留在草稿中'"
/>
<small v-if="pageState.renderForm.jwtSecretConfigured" class="secret-bound-state">
<i class="mdi mdi-database-lock"></i>
<span>已从数据库加密加载预览签名会使用已保存密钥</span>
</small>
</label>
</div>
</section>
</template>
<template v-else-if="activeSection === 'logs'">
<section class="settings-card">
<div class="card-head">
<div>
<h4>日志级别与留存</h4>

8
web/src/views/scripts/PoliciesView.js
View File

@@ -24,6 +24,7 @@ import {
shouldRenderOnlyOfficePreview
} from './knowledgePreviewMode.js'
import { resolveKnowledgePreviewLayoutState } from './knowledgePreviewLayout.js'
import { resolveInitialKnowledgeFolder } from './knowledgeFolderSelection.js'
import { buildOnlyOfficePreviewConfig } from './onlyOfficePreviewConfig.js'
function triggerFileDownload(blob, filename) {
@@ -80,7 +81,7 @@ export default {
const { toast } = useToast()
const documentSearch = ref('')
const activeFolder = ref('差旅规范')
const activeFolder = ref('')
const folders = ref([])
const documents = ref([])
const selectedDocument = ref(null)
@@ -260,10 +261,7 @@ export default {
documents.value = payload.documents || []
emit('summary-change', { totalDocuments: documents.value.length })
const activeExists = folders.value.some((folder) => folder.name === activeFolder.value)
if (!activeExists) {
activeFolder.value = folders.value[0]?.name || ''
}
activeFolder.value = resolveInitialKnowledgeFolder(folders.value, activeFolder.value)
if (options.preserveSelection && selectedDocument.value?.id) {
const exists = documents.value.some((doc) => doc.id === selectedDocument.value.id)

347
web/src/views/scripts/SettingsView.js
View File

@@ -4,10 +4,11 @@ import { useSystemState } from '../../composables/useSystemState.js'
import { fetchSettings, saveSettings, testModelConnectivity } from '../../services/settings.js'
import { useToast } from '../../composables/useToast.js'
const SETTINGS_STORAGE_KEY = 'x-financial-settings-draft'
const CURRENT_YEAR = new Date().getFullYear()
const CUSTOM_OPENAI_PROVIDER = 'Custom OpenAI Compatible'
const MODEL_SECRET_MASK = '********'
const SETTINGS_STORAGE_KEY = 'x-financial-settings-draft'
const CURRENT_YEAR = new Date().getFullYear()
const CUSTOM_OPENAI_PROVIDER = 'Custom OpenAI Compatible'
const MODEL_SECRET_MASK = '********'
const RENDER_SECRET_MASK = '********'
const SECTION_DEFINITIONS = [
{
@@ -26,17 +27,25 @@ const SECTION_DEFINITIONS = [
longDesc: '集中管理管理员账号、邮箱和登录安全策略。密码仅在当前输入时可见,不会写入浏览器草稿。',
actionLabel: '保存安全设置'
},
{
id: 'llm',
label: '大语言模型',
title: '模型接入配置',
desc: '主模型、备份模型与多模态模型',
longDesc: '集中维护主模型、备份模型、VLM 模型和 Embedding 模型的接入参数,供 AI 助手和识别链路调用。',
actionLabel: '保存模型配置'
},
{
id: 'logs',
label: '日志策略',
{
id: 'llm',
label: '大语言模型',
title: '模型接入配置',
desc: '主模型、备份模型与多模态模型',
longDesc: '集中维护主模型、备份模型、VLM 模型和 Embedding 模型的接入参数,供 AI 助手和识别链路调用。',
actionLabel: '保存模型配置'
},
{
id: 'rendering',
label: '文件渲染',
title: 'ONLYOFFICE 文件渲染配置',
desc: '文档预览服务与访问密钥',
longDesc: '集中管理 ONLYOFFICE 文件渲染开关、文档服务地址和 JWT 密钥。服务端内部回调地址继续由部署配置维护。',
actionLabel: '保存文件渲染配置'
},
{
id: 'logs',
label: '日志策略',
title: '日志与审计策略',
desc: '日志级别、留存与脱敏',
longDesc: '定义系统日志级别、留存周期和审计策略,保证问题排查和合规审计可追溯。',
@@ -171,8 +180,8 @@ function buildDefaultState(companyProfile, currentUser) {
loginAlertEnabled: true,
adminPasswordConfigured: false
},
llmForm: {
mainProvider: 'Codex',
llmForm: {
mainProvider: 'Codex',
mainModel: 'codex-mini-latest',
mainEndpoint: getProviderEndpoint('Codex'),
mainApiKey: '',
@@ -189,12 +198,18 @@ function buildDefaultState(companyProfile, currentUser) {
vlmApiKeyConfigured: false,
embeddingProvider: 'GLM',
embeddingModel: 'Embedding-3',
embeddingEndpoint: getProviderEndpoint('GLM'),
embeddingApiKey: '',
embeddingApiKeyConfigured: false
},
logForm: {
level: 'INFO',
embeddingEndpoint: getProviderEndpoint('GLM'),
embeddingApiKey: '',
embeddingApiKeyConfigured: false
},
renderForm: {
enabled: false,
publicUrl: '',
jwtSecret: '',
jwtSecretConfigured: false
},
logForm: {
level: 'INFO',
retentionDays: 180,
archiveCycle: 'weekly',
logPath: 'server/logs/app.log',
@@ -248,14 +263,15 @@ function mergeState(baseState, overrideState) {
baseState.llmForm.embeddingProvider
)
return {
companyForm: { ...baseState.companyForm, ...(overrideState?.companyForm || {}) },
adminForm: { ...baseState.adminForm, ...(overrideState?.adminForm || {}) },
llmForm: mergedLlmForm,
logForm: { ...baseState.logForm, ...(overrideState?.logForm || {}) },
mailForm: { ...baseState.mailForm, ...(overrideState?.mailForm || {}) }
}
}
return {
companyForm: { ...baseState.companyForm, ...(overrideState?.companyForm || {}) },
adminForm: { ...baseState.adminForm, ...(overrideState?.adminForm || {}) },
llmForm: mergedLlmForm,
renderForm: { ...baseState.renderForm, ...(overrideState?.renderForm || {}) },
logForm: { ...baseState.logForm, ...(overrideState?.logForm || {}) },
mailForm: { ...baseState.mailForm, ...(overrideState?.mailForm || {}) }
}
}
function sanitizeForStorage(state) {
return {
@@ -265,16 +281,20 @@ function sanitizeForStorage(state) {
newPassword: '',
confirmPassword: ''
},
llmForm: {
...state.llmForm,
mainApiKey: '',
backupApiKey: '',
vlmApiKey: '',
embeddingApiKey: ''
},
logForm: { ...state.logForm },
mailForm: {
...state.mailForm,
llmForm: {
...state.llmForm,
mainApiKey: '',
backupApiKey: '',
vlmApiKey: '',
embeddingApiKey: ''
},
renderForm: {
...state.renderForm,
jwtSecret: ''
},
logForm: { ...state.logForm },
mailForm: {
...state.mailForm,
password: ''
}
}
@@ -300,7 +320,7 @@ function maskConfiguredModelSecrets(state) {
return state
}
function buildLlmPayload(llmForm) {
function buildLlmPayload(llmForm) {
const payload = { ...llmForm }
for (const config of MODEL_API_KEY_CONFIGS) {
@@ -309,8 +329,30 @@ function buildLlmPayload(llmForm) {
}
}
return payload
}
return payload
}
function isRenderSecretMask(value) {
return value === RENDER_SECRET_MASK
}
function maskConfiguredRenderSecret(state) {
if (state.renderForm.jwtSecretConfigured && !normalizeValue(state.renderForm.jwtSecret)) {
state.renderForm.jwtSecret = RENDER_SECRET_MASK
}
return state
}
function buildRenderPayload(renderForm) {
const payload = { ...renderForm }
if (isRenderSecretMask(payload.jwtSecret)) {
payload.jwtSecret = ''
}
return payload
}
function persistSettings(state) {
if (typeof window === 'undefined') {
@@ -336,19 +378,24 @@ function computeSectionStatus(state) {
normalizeValue(state.adminForm.adminEmail) &&
Number(state.adminForm.sessionTimeout) >= 5
),
llm: Boolean(
isModelConfigReady(state.llmForm.mainProvider, state.llmForm.mainModel, state.llmForm.mainEndpoint) &&
isModelConfigReady(state.llmForm.backupProvider, state.llmForm.backupModel, state.llmForm.backupEndpoint) &&
isModelConfigReady(state.llmForm.vlmProvider, state.llmForm.vlmModel, state.llmForm.vlmEndpoint) &&
isModelConfigReady(
state.llmForm.embeddingProvider,
state.llmForm.embeddingModel,
state.llmForm.embeddingEndpoint
)
),
logs: Boolean(
normalizeValue(state.logForm.level) &&
Number(state.logForm.retentionDays) > 0 &&
llm: Boolean(
isModelConfigReady(state.llmForm.mainProvider, state.llmForm.mainModel, state.llmForm.mainEndpoint) &&
isModelConfigReady(state.llmForm.backupProvider, state.llmForm.backupModel, state.llmForm.backupEndpoint) &&
isModelConfigReady(state.llmForm.vlmProvider, state.llmForm.vlmModel, state.llmForm.vlmEndpoint) &&
isModelConfigReady(
state.llmForm.embeddingProvider,
state.llmForm.embeddingModel,
state.llmForm.embeddingEndpoint
)
),
rendering: Boolean(
!state.renderForm.enabled ||
(normalizeValue(state.renderForm.publicUrl) &&
(normalizeValue(state.renderForm.jwtSecret) || state.renderForm.jwtSecretConfigured))
),
logs: Boolean(
normalizeValue(state.logForm.level) &&
Number(state.logForm.retentionDays) > 0 &&
normalizeValue(state.logForm.logPath)
),
mail: Boolean(
@@ -396,11 +443,12 @@ export default {
function applyLoadedSnapshot(snapshot, options = {}) {
const {
mergeDraft = false,
preserveModelApiKeys = false,
preserveAdminPasswords = false,
preserveMailPassword = false
} = options
mergeDraft = false,
preserveModelApiKeys = false,
preserveAdminPasswords = false,
preserveRenderSecret = false,
preserveMailPassword = false
} = options
const currentState = pageState.value
let nextState = mergeState(buildResolvedDefaults(), snapshot)
@@ -409,26 +457,30 @@ export default {
nextState = mergeState(nextState, readStoredSettings())
}
if (preserveModelApiKeys) {
nextState.llmForm.mainApiKey = currentState.llmForm.mainApiKey
nextState.llmForm.backupApiKey = currentState.llmForm.backupApiKey
nextState.llmForm.vlmApiKey = currentState.llmForm.vlmApiKey
nextState.llmForm.embeddingApiKey = currentState.llmForm.embeddingApiKey
}
if (preserveAdminPasswords) {
nextState.adminForm.newPassword = currentState.adminForm.newPassword
nextState.adminForm.confirmPassword = currentState.adminForm.confirmPassword
}
if (preserveMailPassword) {
nextState.mailForm.password = currentState.mailForm.password
}
pageState.value = maskConfiguredModelSecrets(nextState)
persistSettings(pageState.value)
updateBrandPreviewFromState(pageState.value)
}
if (preserveModelApiKeys) {
nextState.llmForm.mainApiKey = currentState.llmForm.mainApiKey
nextState.llmForm.backupApiKey = currentState.llmForm.backupApiKey
nextState.llmForm.vlmApiKey = currentState.llmForm.vlmApiKey
nextState.llmForm.embeddingApiKey = currentState.llmForm.embeddingApiKey
}
if (preserveAdminPasswords) {
nextState.adminForm.newPassword = currentState.adminForm.newPassword
nextState.adminForm.confirmPassword = currentState.adminForm.confirmPassword
}
if (preserveRenderSecret) {
nextState.renderForm.jwtSecret = currentState.renderForm.jwtSecret
}
if (preserveMailPassword) {
nextState.mailForm.password = currentState.mailForm.password
}
pageState.value = maskConfiguredRenderSecret(maskConfiguredModelSecrets(nextState))
persistSettings(pageState.value)
updateBrandPreviewFromState(pageState.value)
}
async function loadSettingsSnapshot() {
try {
@@ -442,13 +494,14 @@ export default {
}
function buildSettingsPayload() {
return {
companyForm: { ...pageState.value.companyForm },
adminForm: { ...pageState.value.adminForm },
llmForm: buildLlmPayload(pageState.value.llmForm),
logForm: { ...pageState.value.logForm },
mailForm: { ...pageState.value.mailForm }
}
return {
companyForm: { ...pageState.value.companyForm },
adminForm: { ...pageState.value.adminForm },
llmForm: buildLlmPayload(pageState.value.llmForm),
renderForm: buildRenderPayload(pageState.value.renderForm),
logForm: { ...pageState.value.logForm },
mailForm: { ...pageState.value.mailForm }
}
}
async function persistRemoteSettings(successMessage, options = {}) {
@@ -503,13 +556,19 @@ export default {
}
}
function clearModelSecretMask(testKey) {
function clearModelSecretMask(testKey) {
const config = MODEL_TEST_CONFIGS[testKey]
if (isModelSecretMask(pageState.value.llmForm[config.apiKeyKey])) {
pageState.value.llmForm[config.apiKeyKey] = ''
}
}
}
}
function clearRenderSecretMask() {
if (isRenderSecretMask(pageState.value.renderForm.jwtSecret)) {
pageState.value.renderForm.jwtSecret = ''
}
}
async function testModelConnection(testKey) {
const config = MODEL_TEST_CONFIGS[testKey]
@@ -559,11 +618,12 @@ export default {
}
pageState.value.mailForm.senderName = normalizeValue(companyForm.displayName)
await persistRemoteSettings('企业信息已保存并应用到当前系统。', {
preserveModelApiKeys: true,
preserveAdminPasswords: true,
preserveMailPassword: true
})
await persistRemoteSettings('企业信息已保存并应用到当前系统。', {
preserveModelApiKeys: true,
preserveAdminPasswords: true,
preserveRenderSecret: true,
preserveMailPassword: true
})
}
async function saveAdminSection() {
@@ -596,11 +656,12 @@ export default {
}
}
await persistRemoteSettings('管理员安全设置已保存。', {
preserveModelApiKeys: true,
preserveAdminPasswords: false,
preserveMailPassword: true
})
await persistRemoteSettings('管理员安全设置已保存。', {
preserveModelApiKeys: true,
preserveAdminPasswords: false,
preserveRenderSecret: true,
preserveMailPassword: true
})
}
async function saveLlmSection() {
@@ -619,14 +680,36 @@ export default {
}
}
await persistRemoteSettings('模型配置已保存。', {
preserveModelApiKeys: true,
preserveAdminPasswords: true,
preserveMailPassword: true
})
}
async function saveLogsSection() {
await persistRemoteSettings('模型配置已保存。', {
preserveModelApiKeys: true,
preserveAdminPasswords: true,
preserveRenderSecret: true,
preserveMailPassword: true
})
}
async function saveRenderingSection() {
const renderForm = pageState.value.renderForm
if (renderForm.enabled && !normalizeValue(renderForm.publicUrl)) {
toast('启用 ONLYOFFICE 时请输入服务地址。')
return
}
if (renderForm.enabled && !normalizeValue(renderForm.jwtSecret) && !renderForm.jwtSecretConfigured) {
toast('启用 ONLYOFFICE 时请输入 JWT 密钥。')
return
}
await persistRemoteSettings('文件渲染配置已保存。', {
preserveModelApiKeys: true,
preserveAdminPasswords: true,
preserveRenderSecret: false,
preserveMailPassword: true
})
}
async function saveLogsSection() {
const logForm = pageState.value.logForm
if (!normalizeValue(logForm.level) || Number(logForm.retentionDays) <= 0) {
@@ -639,11 +722,12 @@ export default {
return
}
await persistRemoteSettings('日志策略已保存。', {
preserveModelApiKeys: true,
preserveAdminPasswords: true,
preserveMailPassword: true
})
await persistRemoteSettings('日志策略已保存。', {
preserveModelApiKeys: true,
preserveAdminPasswords: true,
preserveRenderSecret: true,
preserveMailPassword: true
})
}
async function saveMailSection() {
@@ -659,11 +743,12 @@ export default {
return
}
await persistRemoteSettings('邮箱配置已保存。', {
preserveModelApiKeys: true,
preserveAdminPasswords: true,
preserveMailPassword: false
})
await persistRemoteSettings('邮箱配置已保存。', {
preserveModelApiKeys: true,
preserveAdminPasswords: true,
preserveRenderSecret: true,
preserveMailPassword: false
})
}
async function saveActiveSection() {
@@ -682,12 +767,17 @@ export default {
return
}
if (activeSection.value === 'logs') {
await saveLogsSection()
return
}
await saveMailSection()
if (activeSection.value === 'logs') {
await saveLogsSection()
return
}
if (activeSection.value === 'rendering') {
await saveRenderingSection()
return
}
await saveMailSection()
}
onMounted(() => {
@@ -698,8 +788,9 @@ export default {
activeSection,
activeSectionConfig,
activateSection,
applyProviderPreset,
clearModelSecretMask,
applyProviderPreset,
clearRenderSecretMask,
clearModelSecretMask,
completedSectionCount,
getModelTestState,
isModelTesting,

10
web/src/views/scripts/knowledgeFolderSelection.js Normal file
View File

@@ -0,0 +1,10 @@
export function resolveInitialKnowledgeFolder(folders, currentFolder = '') {
const normalizedCurrentFolder = String(currentFolder || '').trim()
const normalizedFolders = Array.isArray(folders) ? folders : []
if (normalizedCurrentFolder && normalizedFolders.some((folder) => folder?.name === normalizedCurrentFolder)) {
return normalizedCurrentFolder
}
return normalizedFolders[0]?.name || ''
}

28
web/tests/knowledge-folder-selection.test.mjs Normal file
View File

@@ -0,0 +1,28 @@
import assert from 'node:assert/strict'
import { resolveInitialKnowledgeFolder } from '../src/views/scripts/knowledgeFolderSelection.js'
function testFallsBackToFirstFolderWhenCurrentFolderDoesNotExist() {
const folders = [{ name: '财务知识库' }, { name: '制度政策' }, { name: '差旅规范' }]
assert.equal(resolveInitialKnowledgeFolder(folders, '差旅规范(旧值)'), '财务知识库')
}
function testKeepsCurrentFolderWhenItStillExists() {
const folders = [{ name: '财务知识库' }, { name: '制度政策' }, { name: '差旅规范' }]
assert.equal(resolveInitialKnowledgeFolder(folders, '制度政策'), '制度政策')
}
function testReturnsEmptyStringWhenFoldersAreEmpty() {
assert.equal(resolveInitialKnowledgeFolder([], '差旅规范'), '')
}
function run() {
testFallsBackToFirstFolderWhenCurrentFolderDoesNotExist()
testKeepsCurrentFolderWhenItStillExists()
testReturnsEmptyStringWhenFoldersAreEmpty()
console.log('knowledge folder selection tests passed')
}
run()