diff --git a/options/locale/locale_en-US.ini b/options/locale/locale_en-US.ini index f2f1d29d8..f52a7dae3 100644 --- a/options/locale/locale_en-US.ini +++ b/options/locale/locale_en-US.ini @@ -884,7 +884,7 @@ modelarts.train_job_para.edit=train_job_para.edit modelarts.train_job_para.connfirm=train_job_para.connfirm model.manage.create_error=Equal Name and Version has existed. - +model_noright=No right operation. template.items = Template Items template.git_content = Git Content (Default Branch) template.git_hooks = Git Hooks diff --git a/options/locale/locale_zh-CN.ini b/options/locale/locale_zh-CN.ini index c5beedf33..f54325293 100755 --- a/options/locale/locale_zh-CN.ini +++ b/options/locale/locale_zh-CN.ini @@ -783,7 +783,7 @@ datasets.desc=数据集功能 cloudbrain_helper=使用GPU/NPU资源,开启Notebook、模型训练任务等 model_manager = 模型管理 - +model_noright=无权限操作 debug=调试 stop=停止 diff --git a/routers/repo/ai_model_manage.go b/routers/repo/ai_model_manage.go index 1bb21e01c..c7a0891a6 100644 --- a/routers/repo/ai_model_manage.go +++ b/routers/repo/ai_model_manage.go @@ -118,6 +118,11 @@ func SaveModel(ctx *context.Context) { label := ctx.Query("Label") description := ctx.Query("Description") + if !ctx.Repo.CanWrite(models.UnitTypeCloudBrain) { + ctx.ServerError("No right.", errors.New(ctx.Tr("repo.model_noright"))) + return + } + if JobId == "" || VersionName == "" { ctx.Error(500, fmt.Sprintf("JobId or VersionName is null.")) return @@ -164,7 +169,7 @@ func downloadModelFromCloudBrainTwo(modelUUID string, jobName string, parentDir func DeleteModel(ctx *context.Context) { log.Info("delete model start.") id := ctx.Query("ID") - err := DeleteModelByID(id) + err := deleteModelByID(ctx, id) if err != nil { ctx.JSON(500, err.Error()) } else { @@ -173,11 +178,22 @@ func DeleteModel(ctx *context.Context) { }) } } +func isCanDeleteOrDownload(ctx *context.Context, model *models.AiModelManage) bool { + if ctx.User.IsAdmin || ctx.User.ID == model.UserId { + return true + } + if ctx.Repo.IsOwner() { + return true + } + return false +} -func DeleteModelByID(id string) error { +func deleteModelByID(ctx *context.Context, id string) error { log.Info("delete model start. id=" + id) - model, err := models.QueryModelById(id) + if !isCanDeleteOrDownload(ctx, model) { + return errors.New(ctx.Tr("repo.model_noright")) + } if err == nil { log.Info("bucket=" + setting.Bucket + " path=" + model.Path) if strings.HasPrefix(model.Path, setting.Bucket+"/"+Model_prefix) { @@ -224,6 +240,11 @@ func DownloadMultiModelFile(ctx *context.Context) { ctx.ServerError("no such model:", err) return } + if !isCanDeleteOrDownload(ctx, task) { + ctx.ServerError("no right.", errors.New(ctx.Tr("repo.model_noright"))) + return + } + path := Model_prefix + models.AttachmentRelativePath(id) + "/" allFile, err := storage.GetAllObjectByBucketAndPrefix(setting.Bucket, path) @@ -381,9 +402,23 @@ func ShowModelTemplate(ctx *context.Context) { ctx.HTML(200, tplModelManageIndex) } +func isQueryRight(ctx *context.Context) bool { + if ctx.Repo.Repository.IsPrivate { + if ctx.User.IsAdmin || ctx.Repo.IsAdmin() || ctx.Repo.IsOwner() { + return true + } + return false + } else { + return true + } +} + func ShowModelPageInfo(ctx *context.Context) { log.Info("ShowModelInfo start.") - + if !isQueryRight(ctx) { + ctx.ServerError("no right.", errors.New(ctx.Tr("repo.model_noright"))) + return + } page := ctx.QueryInt("page") if page <= 0 { page = 1