[opt](headless)Deletion of chat model and database should record user.

Author: jerryjzhang

common/src/main/java/com/tencent/supersonic/common/service/ChatModelService.java

@@ -15,5 +15,5 @@ public interface ChatModelService {
 
     ChatModel updateChatModel(ChatModel chatModel, User user);
 
-    void deleteChatModel(Integer id);
+    void deleteChatModel(Integer id, User user);
 }

common/src/main/java/com/tencent/supersonic/common/service/impl/ChatModelServiceImpl.java

@@ -79,7 +79,12 @@ public ChatModel updateChatModel(ChatModel chatModel, User user) {
     }
 
     @Override
-    public void deleteChatModel(Integer id) {
+    public void deleteChatModel(Integer id, User user) {
+        ChatModel chatModel = getChatModel(id);
+        if (!checkAdminPermission(user, chatModel)) {
+            throw new RuntimeException("没有权限删除该大模型");
+        }
+
         removeById(id);
     }
 
@@ -103,4 +108,13 @@ private ChatModelDO convert(ChatModel chatModel) {
         chatModelDO.setConfig(JsonUtil.toString(chatModel.getConfig()));
         return chatModelDO;
     }
+
+    private boolean checkAdminPermission(User user, ChatModel chatModel) {
+        String admin = chatModel.getAdmin();
+        if (user.isSuperAdmin()) {
+            return true;
+        }
+        return admin != null && admin.equals(user.getName())
+                || chatModel.getCreatedBy().equals(user.getName());
+    }
 }

headless/server/src/main/java/com/tencent/supersonic/headless/server/rest/ChatModelController.java

@@ -46,8 +46,10 @@ public ChatModel updateModel(@RequestBody ChatModel model,
     }
 
     @DeleteMapping("/{id}")
-    public boolean deleteModel(@PathVariable("id") Integer id) {
-        chatModelService.deleteChatModel(id);
+    public boolean deleteModel(@PathVariable("id") Integer id,
+            HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
+        User user = UserHolder.findUser(httpServletRequest, httpServletResponse);
+        chatModelService.deleteChatModel(id, user);
         return true;
     }
 

headless/server/src/main/java/com/tencent/supersonic/headless/server/rest/DatabaseController.java

@@ -64,8 +64,10 @@ public List<DatabaseResp> getDatabaseList(HttpServletRequest request,
     }
 
     @DeleteMapping("/{id}")
-    public boolean deleteDatabase(@PathVariable("id") Long id) {
-        databaseService.deleteDatabase(id);
+    public boolean deleteDatabase(@PathVariable("id") Long id, HttpServletRequest request,
+            HttpServletResponse response) {
+        User user = UserHolder.findUser(request, response);
+        databaseService.deleteDatabase(id, user);
         return true;
     }
 

headless/server/src/main/java/com/tencent/supersonic/headless/server/service/DatabaseService.java

@@ -34,7 +34,7 @@ public interface DatabaseService {
 
     List<DatabaseResp> getDatabaseList(User user);
 
-    void deleteDatabase(Long databaseId);
+    void deleteDatabase(Long databaseId, User user);
 
     List<String> getCatalogs(Long id) throws SQLException;
 

headless/server/src/main/java/com/tencent/supersonic/headless/server/service/impl/DatabaseServiceImpl.java

@@ -138,7 +138,12 @@ private boolean checkViewPermission(User user, DatabaseResp database) {
     }
 
     @Override
-    public void deleteDatabase(Long databaseId) {
+    public void deleteDatabase(Long databaseId, User user) {
+        DatabaseResp databaseResp = getDatabase(databaseId);
+        if (!checkAdminPermission(user, databaseResp)) {
+            throw new RuntimeException("没有权限删除该数据库");
+        }
+
         ModelFilter modelFilter = new ModelFilter();
         modelFilter.setDatabaseId(databaseId);
         modelFilter.setIncludesDetail(false);