feat: add system settings with model connectivity and encrypted storage

This commit is contained in:
2026-05-08 08:56:52 +08:00
parent e8f3d97d6a
commit adda87a01d
21 changed files with 1888 additions and 291 deletions

View File

@@ -4,6 +4,8 @@ from app.models.employee import Employee
from app.models.organization import OrganizationUnit
from app.models.reimbursement import ReimbursementRequest
from app.models.role import Role
from app.models.system_setting import SystemSetting
from app.models.system_setting_secret import SystemSettingSecret
__all__ = [
"ApprovalRecord",
@@ -12,4 +14,6 @@ __all__ = [
"OrganizationUnit",
"ReimbursementRequest",
"Role",
"SystemSetting",
"SystemSettingSecret",
]

View File

@@ -0,0 +1,68 @@
from __future__ import annotations
from datetime import datetime
from sqlalchemy import Boolean, DateTime, Integer, String, func
from sqlalchemy.orm import Mapped, mapped_column
from app.db.base_class import Base
class SystemSetting(Base):
__tablename__ = "system_settings"
id: Mapped[str] = mapped_column(String(32), primary_key=True, default="default")
company_name: Mapped[str] = mapped_column(String(120), default="X-Financial")
display_name: Mapped[str] = mapped_column(String(120), default="X-Financial")
company_code: Mapped[str] = mapped_column(String(64), default="XF-001")
record_number: Mapped[str] = mapped_column(String(120), default="")
copyright_text: Mapped[str] = mapped_column(String(255), default="")
admin_account: Mapped[str] = mapped_column(String(120), default="superadmin")
admin_email: Mapped[str] = mapped_column(String(255), default="")
session_timeout: Mapped[int] = mapped_column(Integer, default=30)
notice_email: Mapped[str] = mapped_column(String(255), default="")
mfa_enabled: Mapped[bool] = mapped_column(Boolean, default=True)
strong_password: Mapped[bool] = mapped_column(Boolean, default=True)
login_alert_enabled: Mapped[bool] = mapped_column(Boolean, default=True)
main_provider: Mapped[str] = mapped_column(String(64), default="Codex")
main_model: Mapped[str] = mapped_column(String(255), default="codex-mini-latest")
main_endpoint: Mapped[str] = mapped_column(String(512), default="https://api.openai.com/v1")
backup_provider: Mapped[str] = mapped_column(String(64), default="GLM")
backup_model: Mapped[str] = mapped_column(String(255), default="glm-5.1")
backup_endpoint: Mapped[str] = mapped_column(String(512), default="https://open.bigmodel.cn/api/paas/v4/")
vlm_provider: Mapped[str] = mapped_column(String(64), default="Gemini")
vlm_model: Mapped[str] = mapped_column(String(255), default="gemini-2.5-flash")
vlm_endpoint: Mapped[str] = mapped_column(String(512), default="https://generativelanguage.googleapis.com/v1beta/openai/")
embedding_provider: Mapped[str] = mapped_column(String(64), default="GLM")
embedding_model: Mapped[str] = mapped_column(String(255), default="Embedding-3")
embedding_endpoint: Mapped[str] = mapped_column(String(512), default="https://open.bigmodel.cn/api/paas/v4/")
log_level: Mapped[str] = mapped_column(String(16), default="INFO")
retention_days: Mapped[int] = mapped_column(Integer, default=180)
archive_cycle: Mapped[str] = mapped_column(String(32), default="weekly")
log_path: Mapped[str] = mapped_column(String(255), default="server/logs/app.log")
alert_email: Mapped[str] = mapped_column(String(255), default="")
operation_audit: Mapped[bool] = mapped_column(Boolean, default=True)
login_audit: Mapped[bool] = mapped_column(Boolean, default=True)
mask_sensitive: Mapped[bool] = mapped_column(Boolean, default=True)
smtp_host: Mapped[str] = mapped_column(String(255), default="smtp.exmail.qq.com")
smtp_port: Mapped[int] = mapped_column(Integer, default=465)
smtp_encryption: Mapped[str] = mapped_column(String(32), default="SSL/TLS")
sender_name: Mapped[str] = mapped_column(String(120), default="X-Financial")
sender_address: Mapped[str] = mapped_column(String(255), default="")
smtp_username: Mapped[str] = mapped_column(String(255), default="")
alert_enabled: Mapped[bool] = mapped_column(Boolean, default=True)
digest_enabled: Mapped[bool] = mapped_column(Boolean, default=False)
digest_time: Mapped[str] = mapped_column(String(16), default="09:00")
default_receiver: Mapped[str] = mapped_column(String(255), default="")
created_at: Mapped[datetime] = mapped_column(DateTime(timezone=True), server_default=func.now())
updated_at: Mapped[datetime] = mapped_column(
DateTime(timezone=True),
server_default=func.now(),
onupdate=func.now(),
)

View File

@@ -0,0 +1,28 @@
from __future__ import annotations
from datetime import datetime
from sqlalchemy import DateTime, String, Text, func
from sqlalchemy.orm import Mapped, mapped_column
from app.db.base_class import Base
class SystemSettingSecret(Base):
__tablename__ = "system_setting_secrets"
id: Mapped[str] = mapped_column(String(32), primary_key=True, default="default")
admin_password_hash: Mapped[str] = mapped_column(Text, default="")
main_api_key_encrypted: Mapped[str] = mapped_column(Text, default="")
backup_api_key_encrypted: Mapped[str] = mapped_column(Text, default="")
vlm_api_key_encrypted: Mapped[str] = mapped_column(Text, default="")
embedding_api_key_encrypted: Mapped[str] = mapped_column(Text, default="")
smtp_password_encrypted: Mapped[str] = mapped_column(Text, default="")
created_at: Mapped[datetime] = mapped_column(DateTime(timezone=True), server_default=func.now())
updated_at: Mapped[datetime] = mapped_column(
DateTime(timezone=True),
server_default=func.now(),
onupdate=func.now(),
)