feat: 完善知识库预览功能与配置管理优化

This commit is contained in:
caoxiaozhu
2026-05-09 07:29:49 +00:00
parent d9133193e8
commit 94122fd34b
26 changed files with 20232 additions and 300 deletions

View File

@@ -94,6 +94,13 @@ ENV_OVERRIDE_ONLYOFFICE_ENABLED_SET=false
ENV_OVERRIDE_ONLYOFFICE_PUBLIC_URL_SET=false
ENV_OVERRIDE_ONLYOFFICE_BACKEND_URL_SET=false
ENV_OVERRIDE_ONLYOFFICE_JWT_SECRET_SET=false
PREFER_ENV_FILE_FOR_ONLYOFFICE=false
case "${X_FINANCIAL_PREFER_ENV_FILE:-false}" in
1|true|TRUE|yes|YES|on|ON)
PREFER_ENV_FILE_FOR_ONLYOFFICE=true
;;
esac
if [ "${SERVER_HOST+x}" = x ]; then
ENV_OVERRIDE_SERVER_HOST_SET=true
@@ -110,22 +117,22 @@ if [ "${DATABASE_URL+x}" = x ]; then
ENV_OVERRIDE_DATABASE_URL="$DATABASE_URL"
fi
if [ "${ONLYOFFICE_ENABLED+x}" = x ]; then
if [ "$PREFER_ENV_FILE_FOR_ONLYOFFICE" != true ] && [ "${ONLYOFFICE_ENABLED+x}" = x ]; then
ENV_OVERRIDE_ONLYOFFICE_ENABLED_SET=true
ENV_OVERRIDE_ONLYOFFICE_ENABLED="$ONLYOFFICE_ENABLED"
fi
if [ "${ONLYOFFICE_PUBLIC_URL+x}" = x ]; then
if [ "$PREFER_ENV_FILE_FOR_ONLYOFFICE" != true ] && [ "${ONLYOFFICE_PUBLIC_URL+x}" = x ]; then
ENV_OVERRIDE_ONLYOFFICE_PUBLIC_URL_SET=true
ENV_OVERRIDE_ONLYOFFICE_PUBLIC_URL="$ONLYOFFICE_PUBLIC_URL"
fi
if [ "${ONLYOFFICE_BACKEND_URL+x}" = x ]; then
if [ "$PREFER_ENV_FILE_FOR_ONLYOFFICE" != true ] && [ "${ONLYOFFICE_BACKEND_URL+x}" = x ]; then
ENV_OVERRIDE_ONLYOFFICE_BACKEND_URL_SET=true
ENV_OVERRIDE_ONLYOFFICE_BACKEND_URL="$ONLYOFFICE_BACKEND_URL"
fi
if [ "${ONLYOFFICE_JWT_SECRET+x}" = x ]; then
if [ "$PREFER_ENV_FILE_FOR_ONLYOFFICE" != true ] && [ "${ONLYOFFICE_JWT_SECRET+x}" = x ]; then
ENV_OVERRIDE_ONLYOFFICE_JWT_SECRET_SET=true
ENV_OVERRIDE_ONLYOFFICE_JWT_SECRET="$ONLYOFFICE_JWT_SECRET"
fi

View File

@@ -1,22 +1,32 @@
from __future__ import annotations
from functools import lru_cache
from os import environ
from pathlib import Path
from pydantic import Field
from pydantic_settings import BaseSettings, SettingsConfigDict
SERVER_DIR = Path(__file__).resolve().parents[3]
ROOT_DIR = SERVER_DIR.parent
from __future__ import annotations
from os import environ
from pathlib import Path
from dotenv import dotenv_values
from pydantic import Field
from pydantic_settings import BaseSettings, SettingsConfigDict
SERVER_DIR = Path(__file__).resolve().parents[3]
ROOT_DIR = SERVER_DIR.parent
DEFAULT_ENV_FILES = (ROOT_DIR / ".env", SERVER_DIR / ".env")
ONLYOFFICE_FIELD_NAMES = {
"ONLYOFFICE_ENABLED": "onlyoffice_enabled",
"ONLYOFFICE_PUBLIC_URL": "onlyoffice_public_url",
"ONLYOFFICE_BACKEND_URL": "onlyoffice_backend_url",
"ONLYOFFICE_JWT_SECRET": "onlyoffice_jwt_secret",
}
_settings_cache: Settings | None = None
_settings_cache_signature: tuple[tuple[str, bool, int | None, int | None], ...] | None = None
class Settings(BaseSettings):
model_config = SettingsConfigDict(
env_file=(ROOT_DIR / ".env", SERVER_DIR / ".env"),
env_file_encoding="utf-8",
extra="ignore",
)
class Settings(BaseSettings):
model_config = SettingsConfigDict(
env_file=DEFAULT_ENV_FILES,
env_file_encoding="utf-8",
extra="ignore",
)
app_name: str = Field(default="X-Financial Server", alias="APP_NAME")
app_env: str = Field(default="local", alias="APP_ENV")
@@ -73,16 +83,80 @@ class Settings(BaseSettings):
if not path.is_absolute():
path = SERVER_DIR / path
return path.resolve()
@lru_cache
def get_settings() -> Settings:
return Settings()
def refresh_settings(updated_values: dict[str, str]) -> Settings:
for key, value in updated_values.items():
environ[key] = value
get_settings.cache_clear()
return get_settings()
def _resolve_env_files() -> tuple[Path, ...]:
env_files = Settings.model_config.get("env_file") or ()
return tuple(Path(item) for item in env_files)
def _build_settings_signature() -> tuple[tuple[str, bool, int | None, int | None], ...]:
signature: list[tuple[str, bool, int | None, int | None]] = []
for env_file in _resolve_env_files():
if not env_file.exists():
signature.append((str(env_file), False, None, None))
continue
stat = env_file.stat()
signature.append((str(env_file), True, stat.st_mtime_ns, stat.st_size))
return tuple(signature)
def _parse_onlyoffice_enabled(value: object) -> bool:
return str(value).strip().lower() in {"1", "true", "yes", "on"}
def _load_onlyoffice_env_file_overrides() -> dict[str, object]:
overrides: dict[str, object] = {}
for env_file in _resolve_env_files():
if not env_file.exists():
continue
values = dotenv_values(env_file)
for alias, field_name in ONLYOFFICE_FIELD_NAMES.items():
if alias not in values:
continue
value = values[alias]
if field_name == "onlyoffice_enabled":
overrides[field_name] = _parse_onlyoffice_enabled(value)
else:
overrides[field_name] = "" if value is None else str(value)
return overrides
def _clear_settings_cache() -> None:
global _settings_cache, _settings_cache_signature
_settings_cache = None
_settings_cache_signature = None
def get_settings() -> Settings:
global _settings_cache, _settings_cache_signature
signature = _build_settings_signature()
if _settings_cache is None or _settings_cache_signature != signature:
settings = Settings()
onlyoffice_overrides = _load_onlyoffice_env_file_overrides()
if onlyoffice_overrides:
settings = settings.model_copy(update=onlyoffice_overrides)
_settings_cache = settings
_settings_cache_signature = signature
return _settings_cache
get_settings.cache_clear = _clear_settings_cache # type: ignore[attr-defined]
def refresh_settings(updated_values: dict[str, str]) -> Settings:
for key, value in updated_values.items():
environ[key] = value
get_settings.cache_clear()
return get_settings()

View File

@@ -232,19 +232,43 @@ class KnowledgeService:
return file_path, entry["mime_type"], entry["original_name"]
def build_onlyoffice_config(
self,
document_id: str,
current_user: CurrentUserContext,
) -> KnowledgeOnlyOfficeConfigRead:
self.ensure_library_ready()
settings = get_settings()
if not settings.onlyoffice_enabled:
raise ValueError("ONLYOFFICE 预览未启用。")
if not settings.onlyoffice_public_url or not settings.onlyoffice_backend_url:
raise ValueError("ONLYOFFICE 地址配置不完整。")
if not settings.onlyoffice_jwt_secret:
raise ValueError("ONLYOFFICE JWT 密钥未配置。")
def build_onlyoffice_config(
self,
document_id: str,
current_user: CurrentUserContext,
) -> KnowledgeOnlyOfficeConfigRead:
self.ensure_library_ready()
settings = get_settings()
if not settings.onlyoffice_enabled:
logger.warning(
"ONLYOFFICE disabled in runtime config doc=%s enabled=%s public_url=%s backend_url=%s jwt_set=%s",
document_id,
settings.onlyoffice_enabled,
settings.onlyoffice_public_url,
settings.onlyoffice_backend_url,
bool(settings.onlyoffice_jwt_secret),
)
raise ValueError("ONLYOFFICE 预览未启用。")
if not settings.onlyoffice_public_url or not settings.onlyoffice_backend_url:
logger.warning(
"ONLYOFFICE config incomplete doc=%s enabled=%s public_url=%s backend_url=%s jwt_set=%s",
document_id,
settings.onlyoffice_enabled,
settings.onlyoffice_public_url,
settings.onlyoffice_backend_url,
bool(settings.onlyoffice_jwt_secret),
)
raise ValueError("ONLYOFFICE 地址配置不完整。")
if not settings.onlyoffice_jwt_secret:
logger.warning(
"ONLYOFFICE JWT missing doc=%s enabled=%s public_url=%s backend_url=%s jwt_set=%s",
document_id,
settings.onlyoffice_enabled,
settings.onlyoffice_public_url,
settings.onlyoffice_backend_url,
bool(settings.onlyoffice_jwt_secret),
)
raise ValueError("ONLYOFFICE JWT 密钥未配置。")
index = self._load_index()
entry = self._require_entry(index, document_id)
@@ -263,42 +287,41 @@ class KnowledgeService:
callback_url = (
f"{backend_base_url}{settings.api_v1_prefix}/knowledge/documents/{document_id}/onlyoffice/callback"
)
can_edit = current_user.is_admin or "manager" in current_user.role_codes
document_key = self._build_onlyoffice_document_key(entry)
config: dict[str, Any] = {
"documentType": document_type,
"document": {
document_key = self._build_onlyoffice_document_key(entry)
config: dict[str, Any] = {
"documentType": document_type,
"document": {
"fileType": extension,
"key": document_key,
"title": entry["original_name"],
"url": document_url,
"permissions": {
"download": True,
"edit": can_edit,
"print": True,
"copy": True,
"title": entry["original_name"],
"url": document_url,
"permissions": {
"download": True,
"edit": False,
"print": True,
"copy": True,
},
},
"editorConfig": {
"mode": "view",
"lang": "zh-CN",
"callbackUrl": callback_url,
"user": {
"id": current_user.username,
"name": current_user.name,
},
},
"editorConfig": {
"mode": "edit" if can_edit else "view",
"lang": "zh-CN",
"callbackUrl": callback_url,
"user": {
"id": current_user.username,
"name": current_user.name,
},
"customization": {
"compactHeader": True,
"compactToolbar": True,
"toolbarNoTabs": False,
"autosave": can_edit,
"forcesave": can_edit,
},
},
"width": "100%",
"height": "100%",
}
"customization": {
"compactHeader": True,
"compactToolbar": True,
"toolbarNoTabs": False,
"autosave": False,
"forcesave": False,
},
},
"width": "100%",
"height": "100%",
}
config["token"] = jwt.encode(config, settings.onlyoffice_jwt_secret, algorithm="HS256")
return KnowledgeOnlyOfficeConfigRead(

View File

@@ -9,6 +9,7 @@ Requires-Dist: uvicorn[standard]<1.0.0,>=0.30.0
Requires-Dist: sqlalchemy<3.0.0,>=2.0.36
Requires-Dist: alembic<2.0.0,>=1.14.0
Requires-Dist: psycopg[binary]<4.0.0,>=3.2.0
Requires-Dist: PyJWT<3.0.0,>=2.9.0
Requires-Dist: pydantic-settings<3.0.0,>=2.6.0
Requires-Dist: python-dotenv<2.0.0,>=1.0.1
Requires-Dist: email-validator<3.0.0,>=2.2.0

View File

@@ -12,6 +12,7 @@ src/app/api/v1/endpoints/auth.py
src/app/api/v1/endpoints/bootstrap.py
src/app/api/v1/endpoints/employees.py
src/app/api/v1/endpoints/health.py
src/app/api/v1/endpoints/knowledge.py
src/app/api/v1/endpoints/reimbursements.py
src/app/api/v1/endpoints/settings.py
src/app/core/__init__.py
@@ -45,12 +46,14 @@ src/app/schemas/__init__.py
src/app/schemas/auth.py
src/app/schemas/bootstrap.py
src/app/schemas/employee.py
src/app/schemas/knowledge.py
src/app/schemas/reimbursement.py
src/app/schemas/settings.py
src/app/services/__init__.py
src/app/services/auth.py
src/app/services/employee.py
src/app/services/employee_seed.py
src/app/services/knowledge.py
src/app/services/model_connectivity.py
src/app/services/reimbursement.py
src/app/services/settings.py
@@ -62,5 +65,6 @@ src/x_financial_server.egg-info/top_level.txt
tests/test_auth_service.py
tests/test_employee_service.py
tests/test_imports.py
tests/test_server_start_dependencies.py
tests/test_settings_persistence.py
tests/test_settings_service.py

View File

@@ -3,6 +3,7 @@ uvicorn[standard]<1.0.0,>=0.30.0
sqlalchemy<3.0.0,>=2.0.36
alembic<2.0.0,>=1.14.0
psycopg[binary]<4.0.0,>=3.2.0
PyJWT<3.0.0,>=2.9.0
pydantic-settings<3.0.0,>=2.6.0
python-dotenv<2.0.0,>=1.0.1
email-validator<3.0.0,>=2.2.0

View File

@@ -14,6 +14,34 @@
"updated_at": "2026-05-09T05:46:24.699125+00:00",
"uploaded_by": "admin",
"version_number": 1
},
{
"id": "6cad2936d57242d29d26f6fbb6314767",
"folder": "财务知识库",
"original_name": "2508.19855v3.pdf",
"stored_name": "6cad2936d57242d29d26f6fbb6314767__2508.19855v3.pdf",
"mime_type": "application/pdf",
"extension": "pdf",
"size_bytes": 4097809,
"sha256": "9061363b164aaba132454e239ecc107076c81f61ecab1eb39cb43405d481e46a",
"created_at": "2026-05-09T06:06:51.631071+00:00",
"updated_at": "2026-05-09T06:06:51.631071+00:00",
"uploaded_by": "admin",
"version_number": 1
},
{
"id": "b01fe587d3d941f0a25d500751b27094",
"folder": "财务知识库",
"original_name": "面向财务领域的大语言模型 Fin-R1 研究内容与实施计划 (1).docx",
"stored_name": "b01fe587d3d941f0a25d500751b27094__面向财务领域的大语言模型 Fin-R1 研究内容与实施计划 (1).docx",
"mime_type": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"extension": "docx",
"size_bytes": 35521,
"sha256": "b300ba9c4c5bb03f4cbb27b52eea1932d1594398ae7b0f0c51c6c250deaceab4",
"created_at": "2026-05-09T06:07:10.525556+00:00",
"updated_at": "2026-05-09T07:17:28.581707+00:00",
"uploaded_by": "admin",
"version_number": 3
}
]
}

File diff suppressed because one or more lines are too long

View File

@@ -0,0 +1,60 @@
from __future__ import annotations
import os
from app.core.config import Settings, get_settings
def test_get_settings_refreshes_when_env_file_changes(tmp_path, monkeypatch) -> None:
env_file = tmp_path / ".env"
env_file.write_text("ONLYOFFICE_ENABLED=false\n", encoding="utf-8")
original_env_file = Settings.model_config.get("env_file")
monkeypatch.setitem(Settings.model_config, "env_file", (env_file,))
get_settings.cache_clear()
try:
first = get_settings()
assert first.onlyoffice_enabled is False
env_file.write_text("ONLYOFFICE_ENABLED=true\n", encoding="utf-8")
os.utime(env_file, None)
second = get_settings()
assert second.onlyoffice_enabled is True
finally:
monkeypatch.setitem(Settings.model_config, "env_file", original_env_file)
get_settings.cache_clear()
def test_onlyoffice_values_prefer_env_file_over_inherited_environment(tmp_path, monkeypatch) -> None:
env_file = tmp_path / ".env"
env_file.write_text(
"\n".join(
[
"ONLYOFFICE_ENABLED=true",
"ONLYOFFICE_PUBLIC_URL=http://10.10.10.122:8082",
"ONLYOFFICE_BACKEND_URL=http://main:8000",
"ONLYOFFICE_JWT_SECRET=change-me-onlyoffice",
]
)
+ "\n",
encoding="utf-8",
)
original_env_file = Settings.model_config.get("env_file")
monkeypatch.setitem(Settings.model_config, "env_file", (env_file,))
monkeypatch.setenv("ONLYOFFICE_ENABLED", "false")
monkeypatch.setenv("ONLYOFFICE_PUBLIC_URL", "http://127.0.0.1:8082")
get_settings.cache_clear()
try:
settings = get_settings()
assert settings.onlyoffice_enabled is True
assert settings.onlyoffice_public_url == "http://10.10.10.122:8082"
assert settings.onlyoffice_backend_url == "http://main:8000"
assert settings.onlyoffice_jwt_secret == "change-me-onlyoffice"
finally:
monkeypatch.setitem(Settings.model_config, "env_file", original_env_file)
get_settings.cache_clear()

View File

@@ -0,0 +1,81 @@
from __future__ import annotations
from pathlib import Path
import os
import subprocess
def _run_script_prefix(
tmp_path: Path,
relative_script_path: str,
env_file_content: str,
env: dict[str, str],
output_vars: list[str],
) -> subprocess.CompletedProcess[str]:
project_dir = tmp_path / "project"
script_source = Path(__file__).resolve().parents[2] / relative_script_path
script_copy = project_dir / relative_script_path
script_copy.parent.mkdir(parents=True, exist_ok=True)
script_copy.write_text(script_source.read_text(encoding="utf-8"), encoding="utf-8")
(project_dir / ".env").write_text(env_file_content, encoding="utf-8")
script_prefix = script_copy.read_text(encoding="utf-8").split('case "$MODE" in', 1)[0]
print_lines = "\n".join(f'printf "{name}=%s\\n" "${{{name}:-}}"' for name in output_vars)
command = f"""{script_prefix}
{print_lines}
"""
return subprocess.run(
["bash", "-c", command, str(script_copy)],
capture_output=True,
text=True,
env={**os.environ, **env, "MODE": "test"},
cwd=script_copy.parent,
check=False,
)
def test_server_start_can_prefer_env_file_over_inherited_onlyoffice_values(tmp_path: Path) -> None:
result = _run_script_prefix(
tmp_path,
"server/server_start.sh",
env_file_content=(
"ONLYOFFICE_ENABLED=true\n"
"ONLYOFFICE_PUBLIC_URL=http://10.10.10.122:8082\n"
"ONLYOFFICE_BACKEND_URL=http://main:8000\n"
"ONLYOFFICE_JWT_SECRET=change-me-onlyoffice\n"
),
env={
"ONLYOFFICE_ENABLED": "false",
"ONLYOFFICE_PUBLIC_URL": "http://127.0.0.1:8082",
"X_FINANCIAL_PREFER_ENV_FILE": "true",
},
output_vars=["ONLYOFFICE_ENABLED", "ONLYOFFICE_PUBLIC_URL"],
)
assert result.returncode == 0, result.stderr
assert "ONLYOFFICE_ENABLED=true" in result.stdout
assert "ONLYOFFICE_PUBLIC_URL=http://10.10.10.122:8082" in result.stdout
def test_root_start_can_prefer_env_file_over_inherited_onlyoffice_values(tmp_path: Path) -> None:
result = _run_script_prefix(
tmp_path,
"start.sh",
env_file_content=(
"ONLYOFFICE_ENABLED=true\n"
"ONLYOFFICE_PUBLIC_URL=http://10.10.10.122:8082\n"
"ONLYOFFICE_BACKEND_URL=http://main:8000\n"
"ONLYOFFICE_JWT_SECRET=change-me-onlyoffice\n"
),
env={
"ONLYOFFICE_ENABLED": "false",
"ONLYOFFICE_PUBLIC_URL": "http://127.0.0.1:8082",
"X_FINANCIAL_PREFER_ENV_FILE": "true",
},
output_vars=["ONLYOFFICE_ENABLED", "ONLYOFFICE_PUBLIC_URL"],
)
assert result.returncode == 0, result.stderr
assert "ONLYOFFICE_ENABLED=true" in result.stdout
assert "ONLYOFFICE_PUBLIC_URL=http://10.10.10.122:8082" in result.stdout

View File

@@ -0,0 +1,55 @@
from __future__ import annotations
from app.api.deps import CurrentUserContext
from app.core.config import Settings, get_settings
from app.services.knowledge import KnowledgeService
def test_onlyoffice_config_is_read_only_for_admin_users(tmp_path, monkeypatch) -> None:
env_file = tmp_path / ".env"
env_file.write_text(
"\n".join(
[
"ONLYOFFICE_ENABLED=true",
"ONLYOFFICE_PUBLIC_URL=http://10.10.10.122:8082",
"ONLYOFFICE_BACKEND_URL=http://main:8000",
"ONLYOFFICE_JWT_SECRET=change-me-onlyoffice",
]
)
+ "\n",
encoding="utf-8",
)
original_env_file = Settings.model_config.get("env_file")
monkeypatch.setitem(Settings.model_config, "env_file", (env_file,))
get_settings.cache_clear()
try:
service = KnowledgeService(storage_root=tmp_path)
service.ensure_library_ready()
document_id = "readonly-docx"
folder = "制度政策"
stored_name = f"{document_id}__制度预览.docx"
target_path = tmp_path / "knowledge" / folder / stored_name
target_path.write_bytes(b"fake-docx-content")
current_user = CurrentUserContext(
username="admin",
name="管理员",
role_codes=["manager"],
is_admin=True,
)
config = service.build_onlyoffice_config(document_id, current_user)
permissions = config.config["document"]["permissions"]
customization = config.config["editorConfig"]["customization"]
assert config.documentServerUrl == "http://10.10.10.122:8082"
assert config.config["editorConfig"]["mode"] == "view"
assert permissions["edit"] is False
assert permissions["download"] is True
assert customization["autosave"] is False
assert customization["forcesave"] is False
finally:
monkeypatch.setitem(Settings.model_config, "env_file", original_env_file)
get_settings.cache_clear()