chore(release): v0.6.0

Tenant RBAC headline release: 4-tier role matrix (Owner/Admin/
Contributor/Viewer), per-KB resource ownership, per-tenant audit
log, tenant member management, self-service workspaces.

Also: CLI v0.3/v0.4 GA, KB retrieval fan-out across vector stores,
AES-256-GCM credential at-rest, docreader gRPC TLS+Token, Zhipu
embedding, Huawei OBS, vLLM URL for MinerU, Apache Doris compat
modes, server-side user preferences, Go 1.26.0.

See CHANGELOG.md for the full list.

docs(rbac): wire RBAC screenshots into READMEs and RBAC guide

- README.md / README_CN.md / README_JA.md / README_KO.md: replace the
  single member-management thumbnail under the v0.6.0 RBAC highlight
  with a 2×2 showcase (member management, workspace switcher,
  self-service workspace creation, pending invitations).
- docs/RBAC说明.md: add the member-management screenshot to the
  existing 前端实际界面 showcase so the guide is self-contained
  and no longer cross-references README for it.

feat(rbac-ui): link tenant member page to RBAC guide

Add an inline doc-link in the Tenant Members settings page that
opens docs/RBAC说明.md on GitHub in a new tab, complementing the
existing in-app role-matrix popover. New i18n key
tenantMember.learnRbacGuide covered for zh-CN / en-US / ko-KR /
ru-RU.

.github/ISSUE_TEMPLATE/bug_report.yml

@@ -71,7 +71,7 @@ body:
         Please provide the concrete version number you are running, **not** `latest`, `main` or `master`.
         You can find it on the **Settings → System Info** page (both "App Version" and "UI Version" — if they differ, please report both).
         If you built from source, include the commit SHA instead.
-      placeholder: "e.g., App Version: v0.5.2, UI Version: v0.5.2 (or commit abc1234)"
+      placeholder: "e.g., App Version: v0.6.0, UI Version: v0.6.0 (or commit abc1234)"
     validations:
       required: true
 

.github/ISSUE_TEMPLATE/question.yml

@@ -57,8 +57,8 @@ body:
       label: Other Environment Info
       description: Please provide other relevant environment information
       placeholder: |
-        - WeKnora App Version: [concrete version from Settings → System Info, e.g., v0.5.2 — NOT "latest"]
-        - WeKnora UI Version: [concrete version from Settings → System Info, e.g., v0.5.2]
+        - WeKnora App Version: [concrete version from Settings → System Info, e.g., v0.6.0 — NOT "latest"]
+        - WeKnora UI Version: [concrete version from Settings → System Info, e.g., v0.6.0]
         - Deployment: [e.g., Docker, build from source]
         - Other relevant info...
 

CHANGELOG.md

@@ -2,6 +2,115 @@
 
 All notable changes to this project will be documented in this file.
 
+## [0.6.0] - 2026-05-21
+
+### New Features
+
+- **NEW**: **Tenant RBAC (Role-Based Access Control)** — the headline of this release (#1303). WeKnora now enforces a per-tenant role matrix on every mutating route, with per-KB resource ownership. Highlights:
+  - **4-tier role matrix**: `Owner` (one per tenant; can additionally delete the tenant) ⊃ `Admin` ⊃ `Contributor` (full owner of own resources, read-only on others) ⊃ `Viewer` (read-only). Two exceptions: cross-tenant superuser (`User.CanAccessAllTenants=true`) is implicit Admin in any tenant they switch into; API-Key-synthesized virtual users are pinned Admin in their owning tenant.
+  - **Per-KB resource ownership**: `chunk → knowledge → kb → creator_id`; same chain applies to FAQ entries, generated questions, KB tags and wiki pages. `custom_agents.creator_id` + `custom_agents.runnable_by_viewer` (default true) control agent ownership and viewer-callability.
+  - **Two guard families**: role guards (`Viewer()` / `Contributor()` / `Admin()` / `Owner()`) for tenant-level infra (models, vector stores, IM channels, …) and ownership guards (`OwnedKBOrAdmin()`, `OwnedAgentOrAdmin()`, `OwnedChunkKBOrAdmin()`, …) for resource writes. KB-access guard wired at the route layer for chunk / knowledge / knowledgebase routes (no per-handler helpers).
+  - **Tenant members**: invite / remove / role-change endpoints; new `/leave` endpoint; per-tenant audit log with daily retention sweep (default 90 days, `audit_logs.created_at` indexed); `tenant_members` table now drives membership (lifted from per-user to per-tenant in Plan 3); cross-tenant share managed by source-tenant Admin+.
+  - **Configurable**: `tenant.enable_rbac` (default `true`); `false` enters an "audit-only" grace window. New env knobs `WEKNORA_TENANT_ENABLE_RBAC`, `WEKNORA_TENANT_MAX_PER_USER`. RBAC state logged at startup. See [`docs/RBAC说明.md`](./docs/RBAC说明.md).
+- **NEW**: **Tenant Member Management & Multi-Workspace UX** — invite-only gate, member listing UI with role chips, tenant identity surfaces reworked; tenant switcher in the user menu; tenant switch always redirects to KB list and clears tenant-scoped client state; last-active workspace persisted across logins; pending invitations dialog with polling + global invitation bell; rich workspace-aware notifications on login / tenant switch (raw-message handling, styled chips, survives page reload); QuickNav entry for members; "leave workspace" surfaced in i18n.
+- **NEW**: **Self-Service Workspaces** — any user can create their own tenant (capped per user via env knob); creation dialog with i18n; tenant name + description editable inline; cross-tenant superuser mirrored as Admin role chip in the UI.
+- **NEW**: **`weknora` CLI v0.3 / v0.4 (GA)** — graduates from preview to GA with comprehensive verb-noun subtree coverage:
+  - `agent` subtree: list / view / invoke / check / status / edit / delete / create (full agent CRUD with config rendering).
+  - `chunk` subtree: list / view / delete (with curation rationale).
+  - `session` subtree: list / view / delete.
+  - `search` subtree: chunks / kb / docs / sessions (replaces flat `search`).
+  - `kb`: new `edit`, `pin`, `empty`, `check`, `status` verbs; `delete` and other commands harmonized.
+  - `doc`: new `download`, `view`, `wait` (multi-target wait-all), `unlink`, `upload --recursive`; `upload` flag expansion; `delete` accepts multiple IDs.
+  - `auth`: new `refresh` and `token` verbs; transparent 401 retry transport.
+  - `context` CRUD: add / list / remove / use.
+  - `link` / `unlink` for project-level KB binding.
+  - `mcp serve` — curated stdio MCP server so AI clients (Claude Code, Cursor, …) can drive WeKnora directly; includes MCP `chunk_list` tool.
+  - **Globals**: `--format`, `--json` field-select, `--jq`, `--paginate`, `--all-pages` (canonical catch-up), `--input`, `--log-level`, `--from-url`, NDJSON output, bare-JSON output path, signal-aware contexts.
+  - **Removed**: envelope infrastructure (errors → stderr); `--dry-run`; `internal/agent` aiclient package; v0.0 scaffolding.
+- **NEW**: **KB Retrieval Fan-out Across Vector Stores** — a single KB can now bind to multiple vector stores; retrieval engine fans out queries across all bound stores and merges results. KB editor validates bindings on create / copy / delete. Retriever resolution introduces a factory pattern for KB-scoped engine selection.
+- **NEW**: **AES-256-GCM At-Rest Encryption** for MCP and Data Source credentials with graceful key-rotation handling. Sensitive fields redacted in API responses; new `/credentials` subresource pattern prevents credential loss on edit.
+- **NEW**: **Docreader gRPC TLS + Token Auth** (#1359) — app → docreader connection can be hardened with TLS + bearer-token authentication; docreader gRPC port is no longer published to the host by default; `grpcio` floor bumped to 1.78.0 to match generated proto.
+- **NEW**: **Zhipu AI Embedder** — first-class Zhipu embedding provider.
+- **NEW**: **Huawei Cloud OBS** object storage joins Local / MinIO / AWS S3 / Volcengine TOS / Alibaba Cloud OSS / Kingsoft Cloud KS3 / Huawei OBS.
+- **NEW**: **vLLM URL configuration for MinerU** doc parser.
+- **NEW**: **Apache Doris compatibility modes** — configurable Doris compat modes with mode-switch guards.
+- **NEW**: **Docreader image URL whitelist** — trusted URLs can be served as-is without re-uploading into WeKnora storage.
+- **NEW**: **Server-Side User Preferences** — per-user font / theme / memory-feature toggle persisted on the server; per-user KB pinning replaces tenant-wide pin model; "Shared by me" label across surfaces.
+- **NEW**: **User favorites & recents** under the user menu.
+- **NEW**: **`creator_name` on agents and knowledge bases** for visibility across surfaces.
+- **NEW**: **Per-session last-request state persistence** for UI restoration after reload.
+- **NEW**: **Knowledge document tag selector redesign**.
+- **NEW**: `vue-i18n` notification templates support raw message handling with styled chips.
+- **NEW**: Custom agent service supports KB sharing.
+
+### Improvements
+
+- **IMPROVED**: Frontend offline + legacy browser support hardened.
+- **IMPROVED**: Chat history rendering stability — pagination preserves message order; menu no longer refreshes the session list when opening an existing chat; session titles no longer truncate when extra horizontal space is available; session list density tightened in sidebar.
+- **IMPROVED**: Session — wiki fixer now scoped to shared KB tenant; session access scoped by user (security hardening); `agent-chat` rejects requests early when `agent_id` is missing.
+- **IMPROVED**: KB — indexed documents complete immediately instead of waiting for an extra sweep; vector store bindings validated on create / copy / delete; `ErrKnowledgeBaseNotFound` mapped to HTTP 404 across all handlers; `ErrSessionNotFound` mapped to HTTP 404 across all handlers.
+- **IMPROVED**: `audit_log.Stop()` no longer deadlocks when `Start()` is never called.
+- **IMPROVED**: Organization searchable join no longer bypasses invite code expiry.
+- **IMPROVED**: Chunker no longer merges top-level heading chunks.
+- **IMPROVED**: Moonshot models — `moonshot-v1-*` / `kimi-k2.5` / `k2.6` now pin `temperature=1` automatically (they return HTTP 400 for any other value); `kimi-k2` / `k2-turbo` / `k2-thinking` left untouched.
+- **IMPROVED**: MinerU markdown image syntax unescape — `\!\[\]\(\)` is restored to `![]()` so downstream image extraction works.
+- **IMPROVED**: Test-connection — surfaces upstream and SSRF errors verbatim; falls back to stored apiKey when test-connecting an existing model.
+- **IMPROVED**: Test infrastructure — vector store tests now use a fake Elasticsearch server; knowledge base repository gains user pinning methods.
+- **IMPROVED**: Embedding pipeline — Zhipu AI embedder lands; broken comment in Zhipu embedder repaired.
+- **IMPROVED**: Sqlite test DDL augmented with `wiki_config` + `indexing_strategy`.
+- **IMPROVED**: `agent` exclude processing docs from prompt.
+- **IMPROVED**: LLM response — guard against empty `choices` and `message=None`.
+- **IMPROVED**: Configurable API proxy target for frontend dev environment.
+- **IMPROVED**: `DISABLE_REGISTRATION` now drives `registration_mode` too; removed redundant `WEKNORA_AUTH_REGISTRATION_MODE` env override.
+- **IMPROVED**: Tenant RBAC + per-user tenant cap exposed as env knobs.
+- **IMPROVED**: Auth — JWT `tenant_id` claim honored in middleware; tenant-scoped client state cleared on tenant change.
+- **IMPROVED**: gin per-route logs silenced; env config banner emitted at startup.
+- **IMPROVED**: Frontend — hide UI mutation surfaces for Viewer / non-creator; tenant switcher mirrors cross-tenant superuser Admin role in UI gates; role-aware UI gates no longer leak write affordances after tenant switch; agent editor `rerank` model now optional; Ollama tip hidden for remote models.
+- **IMPROVED**: System Info page surfaces UI build version, DB migration errors with troubleshooting links.
+- **IMPROVED**: Logger — `logger.CloneContext` propagates `TenantRole`.
+- **IMPROVED**: SSE / fetch paths — dropped insecure `X-Tenant-ID` short-circuit.
+- **IMPROVED**: Settings sidebar nav items grouped into labeled sections.
+
+### Bug Fixes
+
+- **FIXED**: API — `agent-chat` early reject when `agent_id` missing; deprecated tenant `ConversationConfig` field and KV write path removed.
+- **FIXED**: RBAC — chunk-id ownership chain for generated-question delete; sharing routes gated, tenant-disable shared agent → Admin+; ungated mutating routes plugged; FAQ + tag mutating routes aligned with KB ownership matrix; org-tenant gate gaps from Plan 3 closed; cross-tenant superuser organization owner pinned in DB instead of derived at runtime; remaining organization mutating routes gated with Admin+; dedup pending join/upgrade requests per (org, tenant, type); allow source-tenant Admin+ to manage cross-tenant shares; rbac-ui org owner row identified by `tenant_id` (not `user_id`).
+- **FIXED**: Client — `UpdateAgent` request types aligned with internal API.
+- **FIXED**: Frontend — input field agent selection logic improved for shared agents; permissions enhanced across KB and agent views; security — command-palette recent searches namespaced per (user, tenant); tenant switch away from tenant-scoped routes; tenant-members inline editing input attributes; `chat`/`enableMemoryOverride` simplified.
+- **FIXED**: i18n — `@` escaped in invite email placeholder; "Shared by me" label added; chat titles and "leave workspace" updates across multiple languages; RBAC messages for tenant admin requirements.
+- **FIXED**: Docparser — MinerU markdown image syntax unescaped.
+- **FIXED**: Migrations — `pg_trgm` created before trigram index in 000041.
+- **FIXED**: Compose — docreader gRPC port no longer published to the host.
+- **FIXED**: Credentials — redact sensitive fields and prevent credential loss on edit.
+- **FIXED**: Auth — connection to docreader supports auth; gRPC TLS/Token rollout from #1359 hardened.
+
+### Refactoring
+
+- **REFACTOR**: `knowledgebase` — removed `TogglePinKnowledgeBase` from `KnowledgeBaseRepository` interface (replaced by per-user pinning).
+- **REFACTOR**: Tenant switch navigation unified to always redirect to KB list.
+- **REFACTOR**: Tenant member — tenant ID resolution simplified in handlers; tenant-access guards centralized in middleware.
+- **REFACTOR**: Custom-agent — KB sharing support split out.
+- **REFACTOR**: Organization — tenant-based access control; tenant-level membership transitions.
+- **REFACTOR**: Retriever — factory pattern for KB-scoped engine resolution.
+- **REFACTOR**: Agent — `grep_chunks` tool simplified to a single regex query.
+- **REFACTOR**: Frontend — `GlobalCommandPalette`, `InputField`, sidebar, menu, `UserMenu` templates streamlined for readability.
+- **REFACTOR**: CLI — comprehensive v0.3 / v0.4 cleanup: dropped `--dry-run`, dropped envelope infrastructure (errors to stderr), introduced bare-JSON output path, dropped `internal/agent` aiclient package (Go 1.26), `--limit` / `--all-pages` canonical pagination, auth security audit (gh CLI parity hardening), pre-PR audit fixes.
+- **REFACTOR**: Credentials — `/credentials` subresource pattern introduced.
+
+### Infrastructure & Build
+
+- **BUILD**: Go bumped to **1.26.0** in `go.mod`.
+- **BUILD**: `grpcio` floor bumped to 1.78.0 to match generated proto.
+- **BUILD**: Migrations — `audit_logs.created_at` index added; daily retention sweep job.
+- **BUILD**: Frontend — skill registration directory updated.
+
+### Documentation
+
+- **DOC**: New `docs/RBAC说明.md` (Chinese RBAC guide) and `docs/wiki/安全认证/RBAC说明.md`, linked with shared space docs.
+- **DOC**: `docs/RBAC` documents Contributor vs `OwnedXxxOrAdmin` selection rule.
+- **DOC**: Issue templates require concrete app/UI versions (not "latest").
+- **DOC**: CLI — `cli/README.md`, `cli/AGENTS.md` + `cli/CHANGELOG.md` brought in sync with v0.3 / v0.4 surface; stale e2e refs cleared; CI parity test added.
+
 ## [0.5.2] - 2026-05-13
 
 ### 🚀 New Features

README.md

@@ -28,7 +28,7 @@
         <img src="https://img.shields.io/badge/License-MIT-ffffff?labelColor=d4eaf7&color=2e6cc4" alt="License">
     </a>
     <a href="./CHANGELOG.md">
-        <img alt="Version" src="https://img.shields.io/badge/version-0.5.2-2e6cc4?labelColor=d4eaf7">
+        <img alt="Version" src="https://img.shields.io/badge/version-0.6.0-2e6cc4?labelColor=d4eaf7">
     </a>
 </p>
 
@@ -50,13 +50,43 @@
 
 [**WeKnora**](https://weknora.weixin.qq.com) is an open-source, LLM-powered knowledge framework built for enterprise-grade document understanding, semantic retrieval, and autonomous reasoning.
 
-It is organized around three core capabilities: **RAG-based Quick Q&A** for everyday lookups, a **ReAct Agent** that autonomously orchestrates retrieval, MCP tools and web search to handle complex multi-step tasks, and a brand-new **Wiki Mode** in which agents distill raw documents into a self-maintaining, interlinked markdown knowledge base with an interactive knowledge graph. Combined with multi-source ingestion (Feishu / Notion / Yuque, and growing), 20+ LLM provider integrations, full Langfuse observability, and a fully self-hostable modular architecture, WeKnora turns scattered documents into a queryable, reasoning-capable, continuously evolving knowledge asset.
+It is organized around three core capabilities: **RAG-based Quick Q&A** for everyday lookups, a **ReAct Agent** that autonomously orchestrates retrieval, MCP tools and web search to handle complex multi-step tasks, and a brand-new **Wiki Mode** in which agents distill raw documents into a self-maintaining, interlinked markdown knowledge base with an interactive knowledge graph. Combined with multi-source ingestion (Feishu / Notion / Yuque, and growing), 20+ LLM provider integrations, full Langfuse observability, **enterprise-ready multi-tenant RBAC** (4-tier role matrix + per-resource ownership + per-tenant audit log), and a fully self-hostable modular architecture, WeKnora turns scattered documents into a queryable, reasoning-capable, continuously evolving knowledge asset.
 
 The framework supports auto-syncing knowledge from Feishu, Notion, and Yuque (more data sources coming soon), handles 10+ document formats including PDF, Word, images, and Excel, and can serve Q&A directly through IM channels like WeCom, Feishu, Slack, and Telegram. It is compatible with major LLM providers including OpenAI, DeepSeek, Qwen (Alibaba Cloud), Zhipu, Hunyuan, Gemini, MiniMax, NVIDIA, and Ollama. Its fully modular design allows swapping LLMs, vector databases, and storage backends, with support for local and private cloud deployment ensuring complete data sovereignty. WeKnora also integrates with **Langfuse** for comprehensive observability into agent reasoning, token usage, and pipeline tracing.
 
 
 ## ✨ Latest Updates
 
+**v0.6.0 Highlights:**
+
+- **Tenant RBAC (Role-Based Access Control)** — the headline of this release. WeKnora now enforces a 4-tier per-tenant role matrix (`Owner` / `Admin` / `Contributor` / `Viewer`) on every mutating route, with per-KB resource ownership: `chunk → knowledge → kb → creator_id`. Contributors are full owners of resources they create and read-only on other people's resources; Admins manage the whole tenant; Owners can additionally delete the tenant. See [`docs/RBAC说明.md`](./docs/RBAC说明.md).
+
+  <table>
+    <tr>
+      <td width="50%" align="center"><b>Tenant Member Management</b><br/><img src="./docs/images/rbac-member-management.png" alt="Tenant Member Management" width="100%"></td>
+      <td width="50%" align="center"><b>Workspace Switcher</b><br/><img src="./docs/images/rbac-workspace-switcher.png" alt="Workspace Switcher" width="100%"></td>
+    </tr>
+    <tr>
+      <td width="50%" align="center"><b>Self-Service Workspace Creation</b><br/><img src="./docs/images/rbac-create-workspace.png" alt="Create Workspace" width="100%"></td>
+      <td width="50%" align="center"><b>Pending Invitations</b><br/><img src="./docs/images/rbac-pending-invitation.png" alt="Pending Invitations" width="100%"></td>
+    </tr>
+  </table>
+
+- **Tenant Member Management & Multi-Workspace UX** — invite / remove members, role updates, `/leave` endpoint, invite-only gate; pending-invitations dialog + global invitation bell; tenant switcher in the user menu with role-aware UI gates; last-active workspace persisted across logins; rich workspace-aware notifications on login / tenant switch.
+- **Self-Service Workspaces** — any user can create their own tenant (capped via env knob); cross-tenant superusers see an Admin role chip in the UI when switched.
+- **Per-Tenant RBAC Audit Log** — every RBAC-relevant event is recorded with a daily retention sweep (default 90 days, indexed on `created_at`); cross-tenant superuser actions are pinned to the source tenant.
+- **`weknora` CLI v0.3 / v0.4 (GA)** — graduates from preview to GA with verb-noun subtrees across every major resource: `agent` (CRUD + invoke / check / status), `chunk`, `session`, `search` (chunks / kb / docs / sessions), `kb` (edit / pin / empty / check / status), `doc` (download / upload --recursive / view / wait), `auth` (refresh / token), `context`, `link` / `unlink`. New `weknora mcp serve` ships a curated stdio MCP server so AI clients (Claude Code, Cursor, …) can drive WeKnora directly. Globals: `--format`, `--json` field-select, `--jq`, `--paginate`, `--all-pages`, `--input`, `--log-level`, `--from-url`, NDJSON output, transparent 401 retry, signal-aware contexts.
+- **KB Retrieval Fan-out Across Vector Stores** — a single KB can now bind to multiple vector stores; the retrieval engine fans out queries across all bound stores and merges results. KB editor validates bindings on create / copy / delete to prevent inconsistent state.
+- **AES-256-GCM At-Rest for MCP & Data Source Credentials** — graceful key-rotation handling; sensitive fields redacted in API responses; new `/credentials` subresource pattern prevents credential loss on edit.
+- **Docreader gRPC Hardening** — docreader connection supports TLS + Token auth; gRPC port no longer published to the host by default; `grpcio` floor bumped to 1.78.0 to match the generated proto.
+- **More Backends**: Zhipu AI embedder; Huawei Cloud OBS object storage; configurable vLLM URL for the MinerU doc parser; Apache Doris compatibility modes with mode-switch guards; whitelist that lets docreader skip re-uploading trusted image URLs.
+- **User Preferences (Server-Side)** — per-user font / theme / memory-feature toggle persisted on the server; per-user KB pinning replaces the previous tenant-wide pin model; "Shared by me" label and creator name surfaced across knowledge bases and agents.
+- **Other Improvements**: User favorites + recents; member quick-nav entry; refreshed sidebar density; inline-editable tenant info with description; knowledge document tag selector redesign; UI build version on the System Info page; Moonshot models pin `temperature=1` for `moonshot-v1-*` / `kimi-k2.5` / `k2.6` (which reject other values with HTTP 400); MinerU markdown image syntax unescape so downstream image extraction works; `ErrSessionNotFound` / `ErrKnowledgeBaseNotFound` map to HTTP 404 across all handlers; session access scoped by user; Go bumped to 1.26.0.
+- **Bug Fixes**: `audit_log.Stop()` deadlock when `Start()` is never called; organization searchable join no longer bypasses invite code expiry; chunker no longer merges top-level heading chunks; infinite-scroll race condition causing missing documents fixed; indexed documents complete immediately instead of waiting for an extra sweep; offline + legacy browser support on the frontend; chat history rendering / pagination stability; test-connection falls back to the stored API key when test-connecting an existing model.
+
+<details>
+<summary><b>Earlier Releases</b></summary>
+
 **v0.5.2 Highlights:**
 
 - **Wiki Mode at Scale**: Wiki ingest now handles tens-of-thousands-document KBs via a generic task queue with dead-letter handling; the page-link graph gains a subgraph API + interactive exploration UI.
@@ -70,9 +100,6 @@ The framework supports auto-syncing knowledge from Feishu, Notion, and Yuque (mo
 - **Other Improvements**: Per-tenant RRF tuning, a dedicated query-understanding model, batch KB management, user-scoped session pinning, a tenant-wide IM channels overview, per-user font / theme preferences, a new OpenMaiC Classroom agent skill, and a full API-docs / Swagger / Client-SDK overhaul.
 - **Bug Fixes**: Embedder `(nil, nil)` SIGSEGV fixed; Mimo / DeepSeek `reasoning_content` round-trip restored; multi-turn agent history rebuilt from DB (with attachment replay); OIDC login fixed; many Wiki ingest reliability fixes; FAQ no longer hallucinates summaries from filenames on empty PDFs.
 
-<details>
-<summary><b>Earlier Releases</b></summary>
-
 **v0.4.0 Highlights:**
 
 - **[Knowledge Assistant](https://weknora.weixin.qq.com/platform)**: Cloud-hosted knowledge assistant service for quick onboarding without local deployment
@@ -234,9 +261,9 @@ Fully modular pipeline from document parsing, vectorization, and retrieval to LL
 | Capability | Details |
 |------------|---------|
 | LLMs | OpenAI / Azure OpenAI / Anthropic (Claude) / DeepSeek / Qwen (Alibaba Cloud) / Zhipu / Hunyuan / Doubao (Volcengine) / Gemini / MiniMax / NVIDIA / Novita AI / SiliconFlow / OpenRouter / Ollama |
-| Embeddings | Ollama / BGE / GTE / OpenAI-compatible APIs |
+| Embeddings | Ollama / BGE / GTE / Zhipu / OpenAI-compatible APIs |
 | Vector DBs | PostgreSQL (pgvector) / Elasticsearch / Milvus / Weaviate / Qdrant / Apache Doris / Tencent VectorDB |
-| Object Storage | Local / MinIO / AWS S3 / Volcengine TOS / Alibaba Cloud OSS / Kingsoft Cloud KS3 |
+| Object Storage | Local / MinIO / AWS S3 / Volcengine TOS / Alibaba Cloud OSS / Kingsoft Cloud KS3 / Huawei Cloud OBS |
 | IM Channels | WeCom / Feishu / Slack / Telegram / DingTalk / Mattermost / WeChat |
 | Web Search | DuckDuckGo / Bing / Google / Tavily / Baidu / Ollama / SearXNG |
 
@@ -246,6 +273,8 @@ Fully modular pipeline from document parsing, vectorization, and retrieval to LL
 |------------|---------|
 | Deployment | Local / Docker / Kubernetes (Helm) with private and offline support |
 | UI | Web UI / RESTful API / CLI (`weknora`) / Chrome Extension / WeChat Mini Program |
+| Access Control | Tenant RBAC with 4-tier role matrix (Owner / Admin / Contributor / Viewer), per-KB resource ownership, per-tenant audit log, invite-only workspaces, self-service tenant creation, cross-tenant superuser |
+| Security | AES-256-GCM at-rest encryption for API keys and MCP / data-source credentials with graceful key rotation; gRPC TLS + Token between app and docreader; SSRF-safe HTTP client; sandbox isolation for agent skills |
 | Observability | Integrated Langfuse for ReAct loops, token tracking, tool calls, and pipeline tracing |
 | Task Management | MQ async tasks, automatic database migration on version upgrade |
 | Model Management | Centralized config, per-knowledge-base model selection, multi-tenant built-in model sharing, WeKnora Cloud hosted models and parsing |

README_CN.md

@@ -28,7 +28,7 @@
         <img src="https://img.shields.io/badge/License-MIT-ffffff?labelColor=d4eaf7&color=2e6cc4" alt="License">
     </a>
     <a href="./CHANGELOG.md">
-        <img alt="版本" src="https://img.shields.io/badge/version-0.5.2-2e6cc4?labelColor=d4eaf7">
+        <img alt="版本" src="https://img.shields.io/badge/version-0.6.0-2e6cc4?labelColor=d4eaf7">
     </a>
 </p>
 
@@ -50,12 +50,42 @@
 
 **[WeKnora（维娜拉）](https://weknora.weixin.qq.com)** 是一款开源的、基于大语言模型（LLM）的知识管理框架，专为企业级文档理解、语义检索与智能推理场景打造。
 
-框架围绕三大核心能力构建：**RAG 快速问答**适合日常知识查询，**ReAct Agent 智能推理**自主编排知识检索、MCP 工具与网络搜索完成复杂多步任务，全新的 **Wiki 模式**则让 Agent 从原始文档中自治生成相互链接的 Markdown 知识库与可视化知识图谱。结合多源数据接入（飞书 / Notion / 语雀，更多持续接入中）、二十余家主流模型厂商集成、Langfuse 全链路可观测性，以及完全可私有化部署的模块化架构，WeKnora 帮助团队把分散文档沉淀为可查询、可推理、可持续演进的专属知识资产。
+框架围绕三大核心能力构建：**RAG 快速问答**适合日常知识查询，**ReAct Agent 智能推理**自主编排知识检索、MCP 工具与网络搜索完成复杂多步任务，全新的 **Wiki 模式**则让 Agent 从原始文档中自治生成相互链接的 Markdown 知识库与可视化知识图谱。结合多源数据接入（飞书 / Notion / 语雀，更多持续接入中）、二十余家主流模型厂商集成、Langfuse 全链路可观测性、**企业级多租户 RBAC（四级角色矩阵 + 资源归属 + 租户审计日志）**，以及完全可私有化部署的模块化架构，WeKnora 帮助团队把分散文档沉淀为可查询、可推理、可持续演进的专属知识资产。
 
 框架支持从飞书、Notion 及语雀等外部平台自动同步知识（更多数据源持续接入中），覆盖 PDF、Word、图片、Excel 等十余种文档格式，并可通过企业微信、飞书、Slack、Telegram 等 IM 频道直接提供问答服务。模型层面兼容 OpenAI、DeepSeek、Qwen（阿里云）、智谱、混元、Gemini、MiniMax、NVIDIA、Ollama 等主流厂商。全流程模块化设计，大模型、向量数据库、存储等组件均可灵活替换，支持本地与私有云部署，数据完全自主可控。WeKnora 还无缝集成了 **Langfuse**，为 Agent 运行、Token 使用及任务流水线提供了全面的可观测性追踪。
 
 ## ✨ 最新更新
 
+**v0.6.0 版本亮点：**
+
+- **租户 RBAC（多租户角色权限体系）** —— 本版本的核心特性。WeKnora 现已在所有写入路由上强制执行四级租户内角色矩阵（`Owner` / `Admin` / `Contributor` / `Viewer`），并通过 `chunk → knowledge → kb → creator_id` 的归属链实现按知识库的资源所有权。Contributor 对自己创建的资源完全自治，对他人资源只读；Admin 管理整个租户；Owner 额外拥有删除租户的权限。详见 [`docs/RBAC说明.md`](./docs/RBAC说明.md)。
+
+  <table>
+    <tr>
+      <td width="50%" align="center"><b>成员管理</b><br/><img src="./docs/images/rbac-member-management.png" alt="成员管理" width="100%"></td>
+      <td width="50%" align="center"><b>工作区切换器</b><br/><img src="./docs/images/rbac-workspace-switcher.png" alt="工作区切换器" width="100%"></td>
+    </tr>
+    <tr>
+      <td width="50%" align="center"><b>自助创建工作区</b><br/><img src="./docs/images/rbac-create-workspace.png" alt="创建新空间" width="100%"></td>
+      <td width="50%" align="center"><b>待处理邀请</b><br/><img src="./docs/images/rbac-pending-invitation.png" alt="待处理邀请" width="100%"></td>
+    </tr>
+  </table>
+
+- **租户成员管理 + 多工作区 UX**：邀请 / 移除成员、修改角色、`/leave` 退出端点、可选的 invite-only 准入开关；待处理邀请弹窗 + 全局邀请铃铛；用户菜单内的租户切换器与按角色显隐的 UI 守卫；登录后自动恢复到上次活跃工作区；登录 / 切换工作区时展示富文本工作区通知。
+- **自助创建工作区**：任何用户都可以自助创建租户（通过环境变量限制每用户上限）；跨租户超级管理员在 UI 内会展示 Admin 角色徽章。
+- **每租户 RBAC 审计日志**：所有 RBAC 相关事件均会记录，默认 90 天滚动清理（`created_at` 列建索引）；跨租户超管的操作会固定记录到目标租户。
+- **`weknora` CLI v0.3 / v0.4（正式版）**：从 Preview 升级为正式版，按 verb-noun 模式覆盖所有主资源：`agent`（CRUD + invoke / check / status）、`chunk`、`session`、`search`（chunks / kb / docs / sessions）、`kb`（edit / pin / empty / check / status）、`doc`（download / upload --recursive / view / wait）、`auth`（refresh / token）、`context`、`link / unlink`。新增 `weknora mcp serve` 提供策划式 stdio MCP 服务，方便 Claude Code / Cursor 等 AI 客户端直接驱动 WeKnora。全局参数：`--format`、`--json` 字段选择、`--jq`、`--paginate`、`--all-pages`、`--input`、`--log-level`、`--from-url`，NDJSON 输出，透明的 401 重试，信号感知 context。
+- **多向量库扇出检索**：单个知识库可绑定多个向量库，检索引擎自动 fan-out 到所有绑定的向量库并合并结果。知识库创建 / 复制 / 删除时会校验向量库绑定关系，避免不一致状态。
+- **MCP 与数据源凭据 AES-256-GCM 静态加密**：支持平滑的密钥轮换；接口响应自动脱敏；新增 `/credentials` 子资源模式，避免编辑时凭据丢失。
+- **Docreader gRPC 加固**：app → docreader 连接支持 TLS + Token 鉴权；默认不再把 docreader gRPC 端口暴露到宿主机；`grpcio` 最低版本提升到 1.78.0 以匹配生成的 proto。
+- **更多后端集成**：智谱 AI Embedding；华为云 OBS 对象存储；MinerU 文档解析支持自定义 vLLM URL；Apache Doris 新增兼容模式开关与守卫；docreader 支持 URL 白名单（白名单内的图片不再重新上传）。
+- **服务端用户偏好**：字体 / 主题 / 记忆功能开关持久化到服务端；知识库置顶改为用户维度（替换原租户维度）；知识库与 Agent 列表显示创建人名称与「我分享的」标识。
+- **其他改进**：用户收藏与最近访问；成员快捷导航入口；侧边栏密度精修；租户信息支持行内编辑（含描述字段）；知识文档标签选择器重设计；系统信息页展示 UI 构建版本；Moonshot 模型自动对 `moonshot-v1-*` / `kimi-k2.5` / `k2.6` 强制 `temperature=1`（这些模型拒绝其它取值，会返回 HTTP 400）；修复 MinerU markdown 图片语法过度转义导致下游图片提取失败；`ErrSessionNotFound` / `ErrKnowledgeBaseNotFound` 全部正确映射为 HTTP 404；会话访问按用户隔离（安全加固）；Go 升级至 1.26.0。
+- **重要修复**：`audit_log.Stop()` 在 `Start()` 未调用时不再死锁；组织可搜索加入不再绕过邀请码过期校验；分块器不再合并顶层标题块；修复无限滚动加载丢失文档的竞态；建索引完成的文档立即标记完成；前端离线 / 旧浏览器兼容；对话历史渲染与分页稳定性提升；模型测试连接在编辑既有模型时会回退到已存储的 API Key。
+
+<details>
+<summary><b>更早版本</b></summary>
+
 **v0.5.2 版本亮点：**
 
 - **Wiki 模式规模化**：Wiki 入库通过通用任务队列 + 死信队列支撑万级文档知识库；页面链接图新增子图 API + 交互式探索 UI。
@@ -69,9 +99,6 @@
 - **其他改进**：租户级 RRF 调参；查询理解专用模型；知识库批量管理与置顶分组；用户维度的会话置顶与关键词搜索；租户级 IM 频道总览；按用户保存的字体 / 主题偏好；新增 OpenMaiC 微课堂 Agent 技能；API 文档 / Swagger / Client SDK 全量整改。
 - **重要修复**：修复 Embedder 在连接失败时返回 `(nil, nil)` 导致 SIGSEGV 的问题；Mimo / DeepSeek 类提供商 `reasoning_content` 正确回传；Agent 多轮历史改为从 DB 重建并修复附件跨轮丢失；修复 OIDC 登录；多个 Wiki 入库可靠性问题；空 PDF 不再凭文件名编造摘要。
 
-<details>
-<summary><b>更早版本</b></summary>
-
 **v0.4.0 版本亮点：**
 
 - **[知识助理](https://weknora.weixin.qq.com/platform)**：云端托管的知识助理服务，无需本地部署即可快速体验
@@ -233,7 +260,8 @@
 |------|------|
 | 模型厂商 | OpenAI / Azure OpenAI / Anthropic（Claude）/ DeepSeek / Qwen（阿里云）/ 智谱 / 混元 / 豆包（火山引擎）/ Gemini / MiniMax / NVIDIA / Novita AI / SiliconFlow / OpenRouter / Ollama |
 | 向量数据库 | PostgreSQL (pgvector) / Elasticsearch / Milvus / Weaviate / Qdrant / Apache Doris / 腾讯云 VectorDB |
-| 对象存储 | 本地 / 腾讯云COS / 火山引擎 TOS / MinIO / AWS S3 / 阿里云 OSS / 金山云 KS3 |
+| Embedding | Ollama / BGE / GTE / 智谱 / OpenAI 兼容接口 |
+| 对象存储 | 本地 / 腾讯云COS / 火山引擎 TOS / MinIO / AWS S3 / 阿里云 OSS / 金山云 KS3 / 华为云 OBS |
 | IM 集成 | 企业微信 / 飞书 / Slack / Telegram / 钉钉 / Mattermost / 微信 |
 | 网络搜索 | DuckDuckGo / Bing / Google / Tavily / Baidu / Ollama / SearXNG |
 
@@ -244,6 +272,8 @@
 |------|------|
 | 部署 | 本地 / Docker / Kubernetes (Helm)，支持私有化离线部署 |
 | 界面 | Web UI / RESTful API / 命令行（`weknora`）/ Chrome Extension / 微信小程序 |
+| 权限控制 | 租户 RBAC 四级角色矩阵（Owner / Admin / Contributor / Viewer），按知识库的资源归属，每租户审计日志，invite-only 准入，自助创建工作区，跨租户超级管理员 |
+| 安全 | API Key 与 MCP / 数据源凭据 AES-256-GCM 静态加密、支持平滑密钥轮换；app ↔ docreader gRPC TLS + Token；防 SSRF HTTP 客户端；Agent 技能沙箱隔离 |
 | 可观测性 | 集成 Langfuse 以追踪 ReAct 循环、Token 消耗、工具调用和任务流水线 |
 | 任务管理 | MQ 异步任务，版本升级自动数据库迁移 |
 | 模型管理 | 集中配置，知识库级别模型选择，多租户共享内置模型，WeKnora Cloud 托管模型与文档解析 |

README_JA.md

@@ -28,7 +28,7 @@
         <img src="https://img.shields.io/badge/License-MIT-ffffff?labelColor=d4eaf7&color=2e6cc4" alt="License">
     </a>
     <a href="./CHANGELOG.md">
-        <img alt="バージョン" src="https://img.shields.io/badge/version-0.5.2-2e6cc4?labelColor=d4eaf7">
+        <img alt="バージョン" src="https://img.shields.io/badge/version-0.6.0-2e6cc4?labelColor=d4eaf7">
     </a>
 </p>
 
@@ -50,12 +50,42 @@
 
 [**WeKnora（ウィーノラ）**](https://weknora.weixin.qq.com) は、大規模言語モデル（LLM）をベースとしたオープンソースのナレッジフレームワークで、エンタープライズ級の文書理解、セマンティック検索、自律推論シナリオ向けに設計されています。
 
-本フレームワークは **3 つのコア能力** を中心に構築されています：日常的な検索に最適な **RAG ベースのクイック Q&A**、ナレッジ検索・MCP ツール・Web 検索を自律的にオーケストレーションし複雑なマルチステップタスクを処理する **ReAct Agent 推論**、そして Agent が生のドキュメントから相互リンクされた Markdown ナレッジベースとインタラクティブなナレッジグラフを自律生成・維持する全く新しい **Wiki モード**。さらに、多様なデータソース連携（Feishu / Notion / Yuque、随時拡充中）、20 以上の LLM プロバイダー統合、Langfuse による全体可観測性、完全セルフホスト可能なモジュラーアーキテクチャと組み合わせることで、WeKnora は散在する文書を「検索可能・推論可能・継続的に進化する」専用ナレッジ資産へと昇華させます。
+本フレームワークは **3 つのコア能力** を中心に構築されています：日常的な検索に最適な **RAG ベースのクイック Q&A**、ナレッジ検索・MCP ツール・Web 検索を自律的にオーケストレーションし複雑なマルチステップタスクを処理する **ReAct Agent 推論**、そして Agent が生のドキュメントから相互リンクされた Markdown ナレッジベースとインタラクティブなナレッジグラフを自律生成・維持する全く新しい **Wiki モード**。さらに、多様なデータソース連携（Feishu / Notion / Yuque、随時拡充中）、20 以上の LLM プロバイダー統合、Langfuse による全体可観測性、**エンタープライズ向けマルチテナント RBAC（4 階層ロールマトリクス + リソース所有権 + テナント監査ログ）**、完全セルフホスト可能なモジュラーアーキテクチャと組み合わせることで、WeKnora は散在する文書を「検索可能・推論可能・継続的に進化する」専用ナレッジ資産へと昇華させます。
 
 Feishu、Notion、Yuqueなどの外部プラットフォームからのナレッジ自動同期（他のデータソースも順次対応中）に対応し、PDF、Word、画像、Excelなど10以上の文書フォーマットをサポート。WeChat Work、Feishu、Slack、TelegramなどのIMチャネルから直接Q&Aサービスを提供できます。モデル層ではOpenAI、DeepSeek、Qwen（Alibaba Cloud）、Zhipu、Hunyuan、Gemini、MiniMax、NVIDIA、Ollamaなど主要プロバイダーに対応。全プロセスをモジュラー設計し、大規模モデル、ベクトルデータベース、ストレージなどのコンポーネントを柔軟に差し替え可能。ローカルおよびプライベートクラウドデプロイに対応し、データは完全に自己管理可能です。さらにWeKnoraは **Langfuse** とシームレスに統合され、Agentの推論、トークン消費、パイプラインに対する包括的な可観測性（オブザーバビリティ）を提供します。
 
 ## ✨ 最新アップデート
 
+**v0.6.0 バージョンのハイライト:**
+
+- **テナント RBAC（ロールベースアクセス制御）** — 本リリースの目玉機能。WeKnora は全ての書き込み系ルートに対し、テナント単位で 4 階層のロールマトリクス（`Owner` / `Admin` / `Contributor` / `Viewer`）を強制します。`chunk → knowledge → kb → creator_id` の所有権チェーンにより、KB 単位のリソース所有権を実現。Contributor は自分が作ったリソースには完全な権限を持ち、他人のリソースには読み取り専用。Admin はテナント全体を管理、Owner はさらにテナント削除権限を持ちます。詳細は [`docs/RBAC说明.md`](./docs/RBAC说明.md) を参照。
+
+  <table>
+    <tr>
+      <td width="50%" align="center"><b>テナントメンバー管理</b><br/><img src="./docs/images/rbac-member-management.png" alt="テナントメンバー管理" width="100%"></td>
+      <td width="50%" align="center"><b>ワークスペース切替</b><br/><img src="./docs/images/rbac-workspace-switcher.png" alt="ワークスペース切替" width="100%"></td>
+    </tr>
+    <tr>
+      <td width="50%" align="center"><b>セルフサービスでのワークスペース作成</b><br/><img src="./docs/images/rbac-create-workspace.png" alt="ワークスペース作成" width="100%"></td>
+      <td width="50%" align="center"><b>保留中の招待</b><br/><img src="./docs/images/rbac-pending-invitation.png" alt="保留中の招待" width="100%"></td>
+    </tr>
+  </table>
+
+- **テナントメンバー管理 + マルチワークスペース UX**：メンバー招待 / 削除 / ロール変更、`/leave` エンドポイント、招待制（invite-only）ゲート；保留中招待ダイアログ + グローバル招待ベル；ユーザーメニュー内のテナント切替とロール認識型 UI ガード；最後にアクティブだったワークスペースをログイン間で復元；ログイン / テナント切替時のリッチなワークスペース通知。
+- **セルフサービスでのワークスペース作成**：任意のユーザーが自身のテナントを作成可能（環境変数で上限制御）；クロステナント・スーパー管理者には UI 上で Admin ロールチップを表示。
+- **テナントごとの RBAC 監査ログ**：全 RBAC 関連イベントを記録、毎日のリテンションスイープでデフォルト 90 日保持（`created_at` にインデックス）；クロステナント・スーパー管理者のアクションは発行元テナントにピン留め。
+- **`weknora` CLI v0.3 / v0.4（GA）**：プレビューから GA へ昇格。主要リソースを verb-noun サブツリーで網羅：`agent`（CRUD + invoke / check / status）、`chunk`、`session`、`search`（chunks / kb / docs / sessions）、`kb`（edit / pin / empty / check / status）、`doc`（download / upload --recursive / view / wait）、`auth`（refresh / token）、`context`、`link / unlink`。新規 `weknora mcp serve` がキュレーション済み stdio MCP サーバーを提供し、Claude Code / Cursor などの AI クライアントから WeKnora を直接操作可能。グローバルオプション：`--format`、`--json` フィールド選択、`--jq`、`--paginate`、`--all-pages`、`--input`、`--log-level`、`--from-url`、NDJSON 出力、透過的 401 リトライ、シグナル対応コンテキスト。
+- **複数ベクター DB を横断する KB 検索ファンアウト**：1 つの KB を複数のベクター DB にバインド可能。検索エンジンは全バインド先に対しクエリをファンアウトし結果をマージ。KB エディタは create / copy / delete 時にバインディングを検証し不整合を防止。
+- **MCP / データソース資格情報の AES-256-GCM 静的暗号化**：スムーズなキーローテーションをサポート；API レスポンスで機密フィールドを自動マスク；新しい `/credentials` サブリソースパターンで編集時の資格情報喪失を防止。
+- **Docreader gRPC ハードニング**：app → docreader 接続が TLS + Token 認証をサポート；docreader gRPC ポートをデフォルトでホストに公開しない；生成プロト互換のため `grpcio` 最低バージョンを 1.78.0 に。
+- **新規バックエンド統合**：Zhipu AI Embedder；華為雲 OBS オブジェクトストレージ；MinerU ドキュメントパーサーで vLLM URL を設定可能；Apache Doris に互換モードと切替ガード；docreader URL ホワイトリスト（ホワイトリスト内画像は再アップロードしない）。
+- **サーバーサイドユーザー設定**：フォント / テーマ / メモリ機能トグルをサーバーに永続化；KB ピン留めをユーザー単位に変更（従来はテナント全体共有）；KB / Agent 一覧に作成者名と「自分が共有」ラベルを表示。
+- **その他の改善**：ユーザーお気に入り + 最近使用；メンバー向けクイックナビ；サイドバー密度のリフレッシュ；テナント情報のインライン編集（description フィールド付き）；ナレッジドキュメントタグセレクタ再設計；System Info ページに UI ビルドバージョン表示；Moonshot 系モデル（`moonshot-v1-*` / `kimi-k2.5` / `k2.6` — 他の値で HTTP 400 を返す）に対し `temperature=1` を強制；MinerU markdown 画像構文の過剰エスケープ修正で下流の画像抽出が機能；`ErrSessionNotFound` / `ErrKnowledgeBaseNotFound` を全ハンドラで HTTP 404 にマッピング；セッションアクセスをユーザー単位にスコープ；Go を 1.26.0 にアップグレード。
+- **バグ修正**：`Start()` 未呼び出し時の `audit_log.Stop()` デッドロック；検索可能な組織参加が招待コード期限切れをバイパスしていた問題；チャンカーの最上位見出しチャンク統合バグ；無限スクロール競合でドキュメントが欠落する問題；インデックス完了済みドキュメントの即時完了；フロントエンドオフライン / レガシーブラウザ対応；チャット履歴レンダリング / ページネーション安定性向上；既存モデルのテスト接続時に保存済み API キーへフォールバック。
+
+<details>
+<summary><b>過去のリリース</b></summary>
+
 **v0.5.2 バージョンのハイライト:**
 
 - **Wiki モードのスケール強化**：Wiki インジェストが汎用タスクキュー + デッドレターキューにより万件規模の KB に対応。ページリンクグラフはサブグラフ API + インタラクティブ探索 UI を追加。
@@ -69,9 +99,6 @@ Feishu、Notion、Yuqueなどの外部プラットフォームからのナレッ
 - **その他の改善**：テナント単位の RRF 調整；クエリ理解用の専用モデル；KB の一括管理；ユーザー単位のセッションピン留めとキーワード検索；テナント全体の IM チャネル概観；ユーザー単位で保存されるフォント / テーマ設定；OpenMaiC マイクロクラスルームの新規 Agent スキル；API ドキュメント / Swagger / Client SDK の全面リフレッシュ。
 - **バグ修正**：Embedder が接続失敗時に `(nil, nil)` を返して SIGSEGV に至る問題を修正；Mimo / DeepSeek 系プロバイダーの `reasoning_content` ラウンドトリップ復元；Agent 多ターン履歴を DB から再構築（添付ファイル replay 含む）；OIDC ログイン修正；Wiki インジェストの信頼性向上多数；空 PDF でファイル名から要約を捏造しないよう修正。
 
-<details>
-<summary><b>過去のリリース</b></summary>
-
 **v0.4.0 バージョンのハイライト:**
 
 - **[知識アシスタント](https://weknora.weixin.qq.com/platform)**：クラウドホスティング型知識アシスタントサービス、ローカルデプロイ不要で即座に利用可能

README_KO.md

@@ -28,7 +28,7 @@
         <img src="https://img.shields.io/badge/License-MIT-ffffff?labelColor=d4eaf7&color=2e6cc4" alt="License">
     </a>
     <a href="./CHANGELOG.md">
-        <img alt="버전" src="https://img.shields.io/badge/version-0.5.2-2e6cc4?labelColor=d4eaf7">
+        <img alt="버전" src="https://img.shields.io/badge/version-0.6.0-2e6cc4?labelColor=d4eaf7">
     </a>
 </p>
 
@@ -50,12 +50,42 @@
 
 [**WeKnora**](https://weknora.weixin.qq.com)는 엔터프라이즈급 문서 이해, 시맨틱 검색, 자율 추론 시나리오를 위해 설계된 오픈소스 LLM 기반 지식 프레임워크입니다.
 
-본 프레임워크는 **세 가지 핵심 역량**을 중심으로 구성됩니다. 일상 검색에 최적화된 **RAG 기반 빠른 Q&A**, 지식 검색·MCP 도구·웹 검색을 자율적으로 오케스트레이션하여 복잡한 다단계 작업을 처리하는 **ReAct Agent 추론**, 그리고 Agent가 원본 문서에서 상호 연결된 마크다운 지식베이스와 인터랙티브 지식 그래프를 스스로 생성·유지하는 완전히 새로운 **Wiki 모드**입니다. 다양한 데이터 소스 연동(Feishu / Notion / Yuque, 지속 확장 중), 20개 이상의 LLM 프로바이더 통합, Langfuse 기반 풀스택 관측 가능성, 완전 셀프호스팅이 가능한 모듈형 아키텍처를 결합하여, WeKnora는 흩어진 문서를 검색·추론 가능하며 지속적으로 진화하는 전용 지식 자산으로 탈바꿈시킵니다.
+본 프레임워크는 **세 가지 핵심 역량**을 중심으로 구성됩니다. 일상 검색에 최적화된 **RAG 기반 빠른 Q&A**, 지식 검색·MCP 도구·웹 검색을 자율적으로 오케스트레이션하여 복잡한 다단계 작업을 처리하는 **ReAct Agent 추론**, 그리고 Agent가 원본 문서에서 상호 연결된 마크다운 지식베이스와 인터랙티브 지식 그래프를 스스로 생성·유지하는 완전히 새로운 **Wiki 모드**입니다. 다양한 데이터 소스 연동(Feishu / Notion / Yuque, 지속 확장 중), 20개 이상의 LLM 프로바이더 통합, Langfuse 기반 풀스택 관측 가능성, **엔터프라이즈 멀티 테넌트 RBAC(4단계 역할 매트릭스 + 리소스 소유권 + 테넌트 감사 로그)**, 완전 셀프호스팅이 가능한 모듈형 아키텍처를 결합하여, WeKnora는 흩어진 문서를 검색·추론 가능하며 지속적으로 진화하는 전용 지식 자산으로 탈바꿈시킵니다.
 
 Feishu, Notion, Yuque 등 외부 플랫폼에서 지식 자동 동기화를 지원하며(추가 데이터 소스 개발 중), PDF, Word, 이미지, Excel 등 10가지 이상의 문서 포맷을 처리합니다. WeChat Work, Feishu, Slack, Telegram 등의 IM 채널을 통해 Q&A 서비스를 직접 제공할 수 있습니다. 모델 레이어에서 OpenAI, DeepSeek, Qwen(Alibaba Cloud), Zhipu, Hunyuan, Gemini, MiniMax, NVIDIA, Ollama 등 주요 프로바이더를 지원합니다. 전체 프로세스가 모듈화 설계되어 LLM, 벡터 DB, 스토리지 등 구성 요소를 유연하게 교체 가능하며, 로컬 및 프라이빗 클라우드 배포를 지원하여 데이터 완전 자체 관리가 가능합니다. 또한 WeKnora는 **Langfuse**와 원활하게 통합되어 Agent 추론, 토큰 사용량 및 파이프라인에 대한 포괄적인 관측 가능성(Observability)을 제공합니다.
 
 ## ✨ 최신 업데이트
 
+**v0.6.0 하이라이트:**
+
+- **테넌트 RBAC(역할 기반 접근 제어)** — 이번 릴리스의 핵심 기능. WeKnora는 이제 모든 변경 라우트에 대해 4단계 테넌트 역할 매트릭스(`Owner` / `Admin` / `Contributor` / `Viewer`)를 강제하며, `chunk → knowledge → kb → creator_id` 체인으로 KB 단위 리소스 소유권을 구현합니다. Contributor는 자신이 만든 리소스에 대해 완전한 권한, 다른 사람의 리소스는 읽기 전용. Admin은 테넌트 전체를 관리, Owner는 추가로 테넌트 삭제 권한을 가집니다. 자세한 내용은 [`docs/RBAC说明.md`](./docs/RBAC说明.md).
+
+  <table>
+    <tr>
+      <td width="50%" align="center"><b>테넌트 멤버 관리</b><br/><img src="./docs/images/rbac-member-management.png" alt="테넌트 멤버 관리" width="100%"></td>
+      <td width="50%" align="center"><b>워크스페이스 전환기</b><br/><img src="./docs/images/rbac-workspace-switcher.png" alt="워크스페이스 전환기" width="100%"></td>
+    </tr>
+    <tr>
+      <td width="50%" align="center"><b>셀프 서비스 워크스페이스 생성</b><br/><img src="./docs/images/rbac-create-workspace.png" alt="워크스페이스 생성" width="100%"></td>
+      <td width="50%" align="center"><b>보류 중 초대</b><br/><img src="./docs/images/rbac-pending-invitation.png" alt="보류 중 초대" width="100%"></td>
+    </tr>
+  </table>
+
+- **테넌트 멤버 관리 및 멀티 워크스페이스 UX**: 멤버 초대 / 삭제 / 역할 변경, `/leave` 엔드포인트, 초대 전용(invite-only) 게이트; 보류 중 초대 다이얼로그 + 글로벌 초대 알림 벨; 사용자 메뉴 내 테넌트 전환기와 역할 인식 UI 가드; 로그인 시 마지막 활성 워크스페이스 자동 복원; 로그인 / 테넌트 전환 시 워크스페이스 컨텍스트가 담긴 풍부한 알림.
+- **셀프 서비스 워크스페이스 생성**: 모든 사용자가 자신의 테넌트를 만들 수 있음(환경 변수로 사용자별 상한 제어); 크로스 테넌트 슈퍼 관리자에게는 UI에서 Admin 역할 칩 표시.
+- **테넌트별 RBAC 감사 로그**: 모든 RBAC 관련 이벤트를 기록, 일일 리텐션 스윕으로 기본 90일 보관(`created_at` 인덱싱); 크로스 테넌트 슈퍼 관리자 작업은 원본 테넌트에 고정.
+- **`weknora` CLI v0.3 / v0.4(GA)**: 프리뷰에서 정식 버전으로 승격, 모든 주요 리소스에 대해 verb-noun 서브트리 커버리지: `agent`(CRUD + invoke / check / status), `chunk`, `session`, `search`(chunks / kb / docs / sessions), `kb`(edit / pin / empty / check / status), `doc`(download / upload --recursive / view / wait), `auth`(refresh / token), `context`, `link / unlink`. 새 `weknora mcp serve`로 큐레이팅된 stdio MCP 서버 제공, Claude Code / Cursor 같은 AI 클라이언트가 WeKnora를 직접 구동 가능. 글로벌 옵션: `--format`, `--json` 필드 선택, `--jq`, `--paginate`, `--all-pages`, `--input`, `--log-level`, `--from-url`, NDJSON 출력, 투명 401 재시도, 시그널 인식 컨텍스트.
+- **여러 벡터 저장소에 걸친 KB 검색 팬아웃**: 단일 KB가 여러 벡터 저장소에 바인딩 가능; 검색 엔진이 모든 바인딩된 저장소에 쿼리를 팬아웃하고 결과를 병합. KB 에디터는 create / copy / delete 시 바인딩을 검증해 불일치 상태를 방지.
+- **MCP 및 데이터 소스 자격 증명 AES-256-GCM 정적 암호화**: 매끄러운 키 로테이션 지원; API 응답에서 민감 필드 자동 마스킹; 편집 시 자격 증명 손실을 방지하는 새로운 `/credentials` 서브리소스 패턴.
+- **Docreader gRPC 하드닝**: app → docreader 연결이 TLS + Token 인증 지원; 기본적으로 docreader gRPC 포트를 호스트에 노출하지 않음; 생성된 proto와 일치시키기 위해 `grpcio` 최소 버전을 1.78.0으로 상향.
+- **신규 백엔드 통합**: Zhipu AI 임베더; 화웨이 클라우드 OBS 오브젝트 스토리지; MinerU 문서 파서용 vLLM URL 설정 가능; Apache Doris 호환성 모드 + 모드 전환 가드; docreader URL 화이트리스트(화이트리스트 내 이미지는 재업로드하지 않음).
+- **서버 사이드 사용자 환경설정**: 폰트 / 테마 / 메모리 기능 토글을 서버에 영속화; KB 핀 고정을 사용자 단위로(기존 테넌트 전체 공유 모델 대체); KB / Agent 목록에 생성자 이름과 "내가 공유" 라벨 표시.
+- **기타 개선**: 사용자 즐겨찾기 + 최근 사용; 멤버용 빠른 탐색 진입점; 사이드바 밀도 리프레시; 테넌트 정보 인라인 편집(description 필드 포함); 지식 문서 태그 선택기 재설계; System Info 페이지에 UI 빌드 버전 표시; Moonshot 모델(`moonshot-v1-*` / `kimi-k2.5` / `k2.6` — 다른 값은 HTTP 400 반환)에 대해 `temperature=1` 강제; MinerU markdown 이미지 구문 과도 이스케이프 수정으로 하류 이미지 추출 정상화; `ErrSessionNotFound` / `ErrKnowledgeBaseNotFound`를 모든 핸들러에서 HTTP 404로 매핑; 세션 액세스를 사용자 단위로 스코프; Go 1.26.0으로 업그레이드.
+- **버그 수정**: `Start()` 미호출 시 `audit_log.Stop()` 데드락; 검색 가능한 조직 가입이 초대 코드 만료를 우회하던 문제; 청커가 최상위 헤딩 청크를 병합하던 버그; 무한 스크롤 경쟁으로 문서가 누락되던 문제; 인덱싱 완료된 문서가 즉시 완료되도록; 프론트엔드 오프라인 / 레거시 브라우저 지원; 채팅 히스토리 렌더링 / 페이지네이션 안정성 향상; 기존 모델 테스트 연결 시 저장된 API 키로 폴백.
+
+<details>
+<summary><b>이전 릴리스</b></summary>
+
 **v0.5.2 하이라이트:**
 
 - **Wiki 모드 대규모 확장**: Wiki 인제스트가 일반 작업 큐 + 데드레터 큐로 만 건 규모 KB까지 확장; 페이지 링크 그래프에 서브그래프 API + 인터랙티브 탐색 UI 추가.
@@ -69,9 +99,6 @@ Feishu, Notion, Yuque 등 외부 플랫폼에서 지식 자동 동기화를 지
 - **기타 개선**: 테넌트별 RRF 튜닝; 쿼리 이해 전용 모델; KB 일괄 관리; 사용자 단위 세션 고정과 키워드 검색; 테넌트 전체 IM 채널 개요; 사용자별 저장되는 글꼴 / 테마 설정; 새로운 OpenMaiC 마이크로 클래스룸 Agent 스킬; API 문서 / Swagger / Client SDK 전면 정비.
 - **버그 수정**: Embedder가 연결 실패 시 `(nil, nil)` 을 반환해 SIGSEGV를 유발하던 문제 수정; Mimo / DeepSeek 계열 `reasoning_content` 라운드트립 복원; Agent 다중 턴 히스토리를 DB에서 재구성(첨부 replay 포함); OIDC 로그인 수정; Wiki 인제스트 신뢰성 다수 개선; 빈 PDF에서 파일명으로 요약을 환각하지 않도록 수정.
 
-<details>
-<summary><b>이전 릴리스</b></summary>
-
 **v0.4.0 하이라이트:**
 
 - **[지식 어시스턴트](https://weknora.weixin.qq.com/platform)**: 클라우드 호스팅 지식 어시스턴트 서비스, 로컬 배포 없이 빠르게 시작 가능

VERSION

@@ -1 +1 @@
-0.5.2
+0.6.0

docs/QA.md

@@ -203,5 +203,35 @@ Wiki 模式允许 Agent 根据原始文档自动生成并维护一套结构化
 3. 当你向该知识库上传文档时，系统会自动触发异步任务，通过大模型提取文档中的实体与核心概念，并自动生成结构化的 Wiki 页面及页面间的知识图谱链接。
 4. 你可以在该知识库的“Wiki”标签页中，使用专用的 Wiki 浏览器查阅、管理页面，并通过可视化的知识图谱查看不同内容之间的关联关系。
 
+## 11. 升级到 0.6.0 后，原本能做的操作变成了「权限不足」？
+
+0.6.0 引入了租户内 RBAC（角色矩阵 + 资源归属），所有写入接口都会按角色 + `creator_id` 鉴权。常见现象：
+
+- **看得到但点不动**：你大概率是该资源的 `Viewer` 或非创建者的 `Contributor`，UI 已经把写操作隐藏/置灰。检查 **用户菜单 → 当前工作区** 角色徽章。
+- **共享空间里的 KB / Agent**：他人共享给你的 KB 默认按 `Viewer` 看待；要写需要在源租户里被授予 `Admin+`。
+- **API Key 调用**：`X-API-Key` 合成虚拟用户固定为所属租户的 `Admin`（仅删除租户需 `Owner`），脚本一般无需迁移。
+- **跨租户超管**：要 `User.CanAccessAllTenants=true` 且 `enable_cross_tenant_access=true`，并通过 `X-Tenant-ID` 切租户。
+
+如需临时回退到「仅审计、不拦截」灰度窗口，可在配置里设置 `tenant.enable_rbac=false`（或环境变量 `WEKNORA_TENANT_ENABLE_RBAC=false`）。完整的角色矩阵和归属链请见 [`docs/RBAC说明.md`](./RBAC说明.md)。
+
+## 12. 为什么登录后没有自动回到上次的工作区？
+
+升级到 0.6.0 后系统会记住「最后活跃工作区」并在登录后自动恢复。若仍未恢复，通常是：
+
+1. 浏览器清理了 LocalStorage / 切换了浏览器；
+2. 你最后访问的那个工作区已经把你移除（`/leave` 或被管理员剔除）— 系统会回退到默认租户；
+3. JWT 中携带了 `tenant_id` 但已无效 — 退出重登录即可。
+
+## 13. 如何让多人协作时正确分配权限？
+
+按照 [`docs/RBAC说明.md`](./RBAC说明.md) 的角色矩阵：
+
+- 只读用户 → `Viewer`
+- 普通成员（上传文档、维护「自己」的 KB / Agent）→ `Contributor`
+- 运维人员（管理共享模型、向量库、解析器等基础设施）→ `Admin`
+- 租户所有者（拥有删除租户权限，每租户唯一）→ `Owner`
+
+如果你希望开启「invite-only」（不允许自助注册到本租户），可在租户设置里打开邀请制，并通过「邀请」入口签发邀请码或链接。
+
 ## P.S.
 如果以上方式未解决问题，请在issue中描述您的问题，并提供必要的日志信息辅助我们进行问题排查

docs/RBAC说明.md

@@ -184,6 +184,37 @@ Pinia 中的 `authStore` 暴露：
 
 这是后端守卫的镜像：**任何在后端会 403 的按钮，前端直接隐藏而不是让用户点了再吃错误。**
 
+### 前端实际界面
+
+<table>
+  <tr>
+    <td colspan="2" align="center">
+      <b>成员管理页</b><br/>
+      <img src="./images/rbac-member-management.png" alt="成员管理" width="100%"/>
+      <br/><sub>同时展示「待接受的邀请」和「空间成员」两组列表；只有 Owner 可以新增 / 移除成员；右上角的「审计日志」入口跳转到 <code>audit_logs</code> 视图。</sub>
+    </td>
+  </tr>
+  <tr>
+    <td width="50%" align="center">
+      <b>用户菜单 + 工作区切换器</b><br/>
+      <img src="./images/rbac-workspace-switcher.png" alt="用户菜单 + 切换空间" width="100%"/>
+      <br/><sub>左侧：当前空间角色徽章 / 设置入口 / 退出；右侧：切换到其它空间，「当前」角标标识活跃工作区。</sub>
+    </td>
+    <td width="50%" align="center">
+      <b>自助创建工作区</b><br/>
+      <img src="./images/rbac-create-workspace.png" alt="创建新空间" width="100%"/>
+      <br/><sub>任何用户都可以自助创建租户，创建后自动成为新空间的 Owner（受 <code>WEKNORA_TENANT_MAX_PER_USER</code> 上限保护）。</sub>
+    </td>
+  </tr>
+  <tr>
+    <td colspan="2" align="center">
+      <b>待处理邀请弹窗</b><br/>
+      <img src="./images/rbac-pending-invitation.png" alt="我的邀请" width="80%"/>
+      <br/><sub>用户菜单上的邀请铃铛会展示来自其它空间的待处理邀请，可直接「接受 / 拒绝」；7 天未响应自动过期。</sub>
+    </td>
+  </tr>
+</table>
+
 ## 九、常见问题
 
 ### 升级后所有人都变成了 Contributor，找不到 Admin？

frontend/package-lock.json

@@ -1,12 +1,12 @@
 {
   "name": "knowledage-base",
-  "version": "0.5.2",
+  "version": "0.6.0",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "knowledage-base",
-      "version": "0.5.2",
+      "version": "0.6.0",
       "dependencies": {
         "@microsoft/fetch-event-source": "^2.0.1",
         "@types/dompurify": "^3.2.0",

frontend/package.json

@@ -1,6 +1,6 @@
 {
   "name": "knowledage-base",
-  "version": "0.5.2",
+  "version": "0.6.0",
   "private": true,
   "type": "module",
   "scripts": {

frontend/src/i18n/locales/en-US.ts

@@ -4438,6 +4438,7 @@ export default {
   tenantMember: {
     title: 'Members',
     sectionDescription: 'Invite teammates to the tenant and manage their roles. Only Owner can add or remove members.',
+    learnRbacGuide: 'Learn about RBAC',
     totalCount: '{n} members',
     listTitle: 'Workspace members',
     filterMatched: '{n} matched',

frontend/src/i18n/locales/ko-KR.ts

@@ -4498,6 +4498,7 @@ export default {
   tenantMember: {
     title: "멤버 관리",
     sectionDescription: "테넌트에 동료를 초대하고 역할을 관리합니다. 소유자만 멤버를 추가하거나 제거할 수 있습니다.",
+    learnRbacGuide: "RBAC 알아보기",
     totalCount: "총 {n}명",
     listTitle: "워크스페이스 멤버",
     filterMatched: "{n}명 일치",

frontend/src/i18n/locales/ru-RU.ts

@@ -4395,6 +4395,7 @@ export default {
   tenantMember: {
     title: 'Участники',
     sectionDescription: 'Приглашайте коллег в тенант и управляйте их ролями. Добавлять и удалять участников может только Владелец.',
+    learnRbacGuide: 'Подробнее о RBAC',
     totalCount: 'Участников: {n}',
     listTitle: 'Участники пространства',
     filterMatched: 'найдено: {n}',

frontend/src/i18n/locales/zh-CN.ts

@@ -4430,6 +4430,7 @@ export default {
   tenantMember: {
     title: "成员管理",
     sectionDescription: "邀请伙伴加入当前空间并分配角色。只有 Owner 可以新增或移除成员。",
+    learnRbacGuide: "了解 RBAC",
     totalCount: "共 {n} 位成员",
     listTitle: "空间成员",
     filterMatched: "筛选出 {n} 位",

frontend/src/views/settings/TenantMembers.vue

@@ -50,7 +50,18 @@
           </t-button>
         </div>
       </div>
-      <p class="section-description">{{ $t('tenantMember.sectionDescription') }}</p>
+      <p class="section-description">
+        {{ $t('tenantMember.sectionDescription') }}
+        <a
+          class="doc-link"
+          href="https://github.com/Tencent/WeKnora/blob/main/docs/RBAC%E8%AF%B4%E6%98%8E.md"
+          target="_blank"
+          rel="noopener noreferrer"
+        >
+          {{ $t('tenantMember.learnRbacGuide') }}
+          <t-icon name="link" class="link-icon" />
+        </a>
+      </p>
     </div>
 
     <div class="members-tab-layout">

helm/Chart.yaml

@@ -5,7 +5,7 @@ description: |
   with document parsing, vector search, and LLM integration.
 type: application
 version: 0.1.0
-appVersion: "v0.5.2"
+appVersion: "v0.6.0"
 kubeVersion: ">=1.25.0-0"
 home: https://github.com/Tencent/WeKnora
 icon: https://raw.githubusercontent.com/Tencent/WeKnora/main/docs/images/logo.png

internal/handler/audit_log.go

@@ -4,7 +4,7 @@ import (
 	"net/http"
 	"strconv"
 
-	apperrors "github.com/Tencent/WeKnora/internal/errors"
+	"github.com/Tencent/WeKnora/internal/errors"
 	"github.com/Tencent/WeKnora/internal/logger"
 	"github.com/Tencent/WeKnora/internal/types"
 	"github.com/Tencent/WeKnora/internal/types/interfaces"
@@ -86,7 +86,7 @@ func (h *AuditLogHandler) ListTenantAuditLog(c *gin.Context) {
 	entries, err := h.auditService.List(ctx, tenantID, q)
 	if err != nil {
 		logger.ErrorWithFields(ctx, err, map[string]interface{}{"tenant_id": tenantID})
-		c.Error(apperrors.NewInternalServerError(err.Error()))
+		c.Error(errors.NewInternalServerError(err.Error()))
 		return
 	}