-이전 릴리스
-
**v0.4.0 하이라이트:**
- **[지식 어시스턴트](https://weknora.weixin.qq.com/platform)**: 클라우드 호스팅 지식 어시스턴트 서비스, 로컬 배포 없이 빠르게 시작 가능
diff --git a/VERSION b/VERSION
index cb0c939a..a918a2aa 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-0.5.2
+0.6.0
diff --git a/docs/QA.md b/docs/QA.md
index 7fb417aa..2a10ceb9 100644
--- a/docs/QA.md
+++ b/docs/QA.md
@@ -203,5 +203,35 @@ Wiki 模式允许 Agent 根据原始文档自动生成并维护一套结构化
3. 当你向该知识库上传文档时,系统会自动触发异步任务,通过大模型提取文档中的实体与核心概念,并自动生成结构化的 Wiki 页面及页面间的知识图谱链接。
4. 你可以在该知识库的“Wiki”标签页中,使用专用的 Wiki 浏览器查阅、管理页面,并通过可视化的知识图谱查看不同内容之间的关联关系。
+## 11. 升级到 0.6.0 后,原本能做的操作变成了「权限不足」?
+
+0.6.0 引入了租户内 RBAC(角色矩阵 + 资源归属),所有写入接口都会按角色 + `creator_id` 鉴权。常见现象:
+
+- **看得到但点不动**:你大概率是该资源的 `Viewer` 或非创建者的 `Contributor`,UI 已经把写操作隐藏/置灰。检查 **用户菜单 → 当前工作区** 角色徽章。
+- **共享空间里的 KB / Agent**:他人共享给你的 KB 默认按 `Viewer` 看待;要写需要在源租户里被授予 `Admin+`。
+- **API Key 调用**:`X-API-Key` 合成虚拟用户固定为所属租户的 `Admin`(仅删除租户需 `Owner`),脚本一般无需迁移。
+- **跨租户超管**:要 `User.CanAccessAllTenants=true` 且 `enable_cross_tenant_access=true`,并通过 `X-Tenant-ID` 切租户。
+
+如需临时回退到「仅审计、不拦截」灰度窗口,可在配置里设置 `tenant.enable_rbac=false`(或环境变量 `WEKNORA_TENANT_ENABLE_RBAC=false`)。完整的角色矩阵和归属链请见 [`docs/RBAC说明.md`](./RBAC说明.md)。
+
+## 12. 为什么登录后没有自动回到上次的工作区?
+
+升级到 0.6.0 后系统会记住「最后活跃工作区」并在登录后自动恢复。若仍未恢复,通常是:
+
+1. 浏览器清理了 LocalStorage / 切换了浏览器;
+2. 你最后访问的那个工作区已经把你移除(`/leave` 或被管理员剔除)— 系统会回退到默认租户;
+3. JWT 中携带了 `tenant_id` 但已无效 — 退出重登录即可。
+
+## 13. 如何让多人协作时正确分配权限?
+
+按照 [`docs/RBAC说明.md`](./RBAC说明.md) 的角色矩阵:
+
+- 只读用户 → `Viewer`
+- 普通成员(上传文档、维护「自己」的 KB / Agent)→ `Contributor`
+- 运维人员(管理共享模型、向量库、解析器等基础设施)→ `Admin`
+- 租户所有者(拥有删除租户权限,每租户唯一)→ `Owner`
+
+如果你希望开启「invite-only」(不允许自助注册到本租户),可在租户设置里打开邀请制,并通过「邀请」入口签发邀请码或链接。
+
## P.S.
如果以上方式未解决问题,请在issue中描述您的问题,并提供必要的日志信息辅助我们进行问题排查
diff --git a/docs/RBAC说明.md b/docs/RBAC说明.md
index 5b15c5a4..26b277a1 100644
--- a/docs/RBAC说明.md
+++ b/docs/RBAC说明.md
@@ -184,6 +184,37 @@ Pinia 中的 `authStore` 暴露:
这是后端守卫的镜像:**任何在后端会 403 的按钮,前端直接隐藏而不是让用户点了再吃错误。**
+### 前端实际界面
+
+
+
+
+ 成员管理页
+ 
+
同时展示「待接受的邀请」和「空间成员」两组列表;只有 Owner 可以新增 / 移除成员;右上角的「审计日志」入口跳转到 audit_logs 视图。
+ |
+
+
+
+ 用户菜单 + 工作区切换器
+ 
+
左侧:当前空间角色徽章 / 设置入口 / 退出;右侧:切换到其它空间,「当前」角标标识活跃工作区。
+ |
+
+ 自助创建工作区
+ 
+
任何用户都可以自助创建租户,创建后自动成为新空间的 Owner(受 WEKNORA_TENANT_MAX_PER_USER 上限保护)。
+ |
+
+
+
+ 待处理邀请弹窗
+ 
+
用户菜单上的邀请铃铛会展示来自其它空间的待处理邀请,可直接「接受 / 拒绝」;7 天未响应自动过期。
+ |
+
+
+
## 九、常见问题
### 升级后所有人都变成了 Contributor,找不到 Admin?
diff --git a/docs/docs.go b/docs/docs.go
index b5febc90..71f656e7 100644
--- a/docs/docs.go
+++ b/docs/docs.go
@@ -1942,6 +1942,30 @@ const docTemplate = `{
}
}
},
+ "/auth/config": {
+ "get": {
+ "description": "返回当前部署的注册模式等公开认证配置,供前端决定是否展示注册入口",
+ "consumes": [
+ "application/json"
+ ],
+ "produces": [
+ "application/json"
+ ],
+ "tags": [
+ "认证"
+ ],
+ "summary": "获取认证配置",
+ "responses": {
+ "200": {
+ "description": "认证配置",
+ "schema": {
+ "type": "object",
+ "additionalProperties": true
+ }
+ }
+ }
+ }
+ },
"/auth/login": {
"post": {
"description": "用户登录并获取访问令牌",
@@ -2052,6 +2076,58 @@ const docTemplate = `{
}
}
},
+ "/auth/me/preferences": {
+ "put": {
+ "security": [
+ {
+ "Bearer": []
+ }
+ ],
+ "description": "按 PATCH 语义合并用户偏好(仅覆盖请求体里出现的字段,其余字段保持不变),\n数据存放在 users.preferences (JSON),跨设备/浏览器自动同步。",
+ "consumes": [
+ "application/json"
+ ],
+ "produces": [
+ "application/json"
+ ],
+ "tags": [
+ "认证"
+ ],
+ "summary": "更新当前用户的个性化设置",
+ "parameters": [
+ {
+ "description": "Preferences patch",
+ "name": "request",
+ "in": "body",
+ "required": true,
+ "schema": {
+ "$ref": "#/definitions/internal_handler.updateMyPreferencesRequest"
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "更新后的偏好",
+ "schema": {
+ "type": "object",
+ "additionalProperties": true
+ }
+ },
+ "400": {
+ "description": "请求参数错误",
+ "schema": {
+ "$ref": "#/definitions/github_com_Tencent_WeKnora_internal_errors.AppError"
+ }
+ },
+ "401": {
+ "description": "未授权",
+ "schema": {
+ "$ref": "#/definitions/github_com_Tencent_WeKnora_internal_errors.AppError"
+ }
+ }
+ }
+ }
+ },
"/auth/oidc/callback": {
"get": {
"description": "接收OIDC provider回调并由后端完成code交换,随后重定向回前端登录页",
@@ -2251,6 +2327,65 @@ const docTemplate = `{
}
}
},
+ "/auth/switch-tenant": {
+ "post": {
+ "security": [
+ {
+ "Bearer": []
+ }
+ ],
+ "description": "为当前用户在目标租户重新签发访问令牌;要求该用户在目标租户存在 active 成员关系",
+ "consumes": [
+ "application/json"
+ ],
+ "produces": [
+ "application/json"
+ ],
+ "tags": [
+ "认证"
+ ],
+ "summary": "切换激活租户",
+ "parameters": [
+ {
+ "description": "切换请求",
+ "name": "request",
+ "in": "body",
+ "required": true,
+ "schema": {
+ "type": "object",
+ "properties": {
+ "refresh_token": {
+ "type": "string"
+ },
+ "tenant_id": {
+ "type": "integer"
+ }
+ }
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "OK",
+ "schema": {
+ "$ref": "#/definitions/github_com_Tencent_WeKnora_internal_types.LoginResponse"
+ }
+ },
+ "400": {
+ "description": "参数错误",
+ "schema": {
+ "$ref": "#/definitions/github_com_Tencent_WeKnora_internal_errors.AppError"
+ }
+ },
+ "403": {
+ "description": "无该租户成员关系",
+ "schema": {
+ "$ref": "#/definitions/github_com_Tencent_WeKnora_internal_errors.AppError"
+ }
+ }
+ }
+ }
+ },
"/auth/validate": {
"get": {
"security": [
@@ -6942,6 +7077,122 @@ const docTemplate = `{
}
}
},
+ "/mcp-services/{id}/credentials": {
+ "put": {
+ "security": [
+ {
+ "Bearer": []
+ },
+ {
+ "ApiKeyAuth": []
+ }
+ ],
+ "description": "为指定字段写入新凭据;省略的字段保留原值;空字符串视为 no-op(如需删除请用 DELETE)",
+ "consumes": [
+ "application/json"
+ ],
+ "produces": [
+ "application/json"
+ ],
+ "tags": [
+ "MCP服务"
+ ],
+ "summary": "设置 MCP 服务凭据",
+ "parameters": [
+ {
+ "type": "string",
+ "description": "MCP 服务 ID",
+ "name": "id",
+ "in": "path",
+ "required": true
+ },
+ {
+ "description": "{api_key?: string, token?: string}",
+ "name": "request",
+ "in": "body",
+ "required": true,
+ "schema": {
+ "type": "object",
+ "additionalProperties": true
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "写入后的凭据状态",
+ "schema": {
+ "type": "object",
+ "additionalProperties": true
+ }
+ },
+ "400": {
+ "description": "请求参数错误",
+ "schema": {
+ "$ref": "#/definitions/github_com_Tencent_WeKnora_internal_errors.AppError"
+ }
+ },
+ "404": {
+ "description": "服务不存在",
+ "schema": {
+ "$ref": "#/definitions/github_com_Tencent_WeKnora_internal_errors.AppError"
+ }
+ }
+ }
+ }
+ },
+ "/mcp-services/{id}/credentials/{field}": {
+ "delete": {
+ "security": [
+ {
+ "Bearer": []
+ },
+ {
+ "ApiKeyAuth": []
+ }
+ ],
+ "description": "删除指定字段的存储凭据;删除已为空的字段是幂等的",
+ "produces": [
+ "application/json"
+ ],
+ "tags": [
+ "MCP服务"
+ ],
+ "summary": "移除 MCP 服务的单个凭据字段",
+ "parameters": [
+ {
+ "type": "string",
+ "description": "MCP 服务 ID",
+ "name": "id",
+ "in": "path",
+ "required": true
+ },
+ {
+ "type": "string",
+ "description": "字段名(api_key | token)",
+ "name": "field",
+ "in": "path",
+ "required": true
+ }
+ ],
+ "responses": {
+ "204": {
+ "description": "No Content"
+ },
+ "400": {
+ "description": "字段名非法",
+ "schema": {
+ "$ref": "#/definitions/github_com_Tencent_WeKnora_internal_errors.AppError"
+ }
+ },
+ "404": {
+ "description": "服务不存在",
+ "schema": {
+ "$ref": "#/definitions/github_com_Tencent_WeKnora_internal_errors.AppError"
+ }
+ }
+ }
+ }
+ },
"/mcp-services/{id}/resources": {
"get": {
"security": [
@@ -7153,6 +7404,136 @@ const docTemplate = `{
}
}
},
+ "/me/invitations": {
+ "get": {
+ "security": [
+ {
+ "Bearer": []
+ }
+ ],
+ "description": "返回当前登录用户的待接受邀请(默认仅 pending),用于头像入口和 /invitations 收件箱页。",
+ "produces": [
+ "application/json"
+ ],
+ "tags": [
+ "我的邀请"
+ ],
+ "summary": "列出我的待接受邀请",
+ "parameters": [
+ {
+ "type": "boolean",
+ "description": "是否包含已处理 / 已过期等终止态行(默认 false)",
+ "name": "include_terminal",
+ "in": "query"
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "OK",
+ "schema": {
+ "type": "object",
+ "additionalProperties": true
+ }
+ }
+ }
+ }
+ },
+ "/me/invitations/pending-count": {
+ "get": {
+ "security": [
+ {
+ "Bearer": []
+ }
+ ],
+ "description": "轻量级 endpoint,返回当前登录用户的 pending 邀请数,用于头像旁的角标轮询。",
+ "produces": [
+ "application/json"
+ ],
+ "tags": [
+ "我的邀请"
+ ],
+ "summary": "获取我的待处理邀请数",
+ "responses": {
+ "200": {
+ "description": "OK",
+ "schema": {
+ "type": "object",
+ "additionalProperties": true
+ }
+ }
+ }
+ }
+ },
+ "/me/invitations/{inv_id}/accept": {
+ "post": {
+ "security": [
+ {
+ "Bearer": []
+ }
+ ],
+ "description": "当前登录用户接受一条 pending 邀请;服务端会同时写入 tenant_members 行。",
+ "produces": [
+ "application/json"
+ ],
+ "tags": [
+ "我的邀请"
+ ],
+ "summary": "接受邀请",
+ "parameters": [
+ {
+ "type": "string",
+ "description": "邀请 ID",
+ "name": "inv_id",
+ "in": "path",
+ "required": true
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "OK",
+ "schema": {
+ "type": "object",
+ "additionalProperties": true
+ }
+ }
+ }
+ }
+ },
+ "/me/invitations/{inv_id}/decline": {
+ "post": {
+ "security": [
+ {
+ "Bearer": []
+ }
+ ],
+ "description": "当前登录用户拒绝一条 pending 邀请;不创建 tenant_members 行。",
+ "produces": [
+ "application/json"
+ ],
+ "tags": [
+ "我的邀请"
+ ],
+ "summary": "拒绝邀请",
+ "parameters": [
+ {
+ "type": "string",
+ "description": "邀请 ID",
+ "name": "inv_id",
+ "in": "path",
+ "required": true
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "OK",
+ "schema": {
+ "type": "object",
+ "additionalProperties": true
+ }
+ }
+ }
+ }
+ },
"/messages/chat-history-stats": {
"get": {
"security": [
@@ -7662,7 +8043,7 @@ const docTemplate = `{
"Bearer": []
}
],
- "description": "获取当前用户所属的所有组织,并附带各空间内知识库/智能体数量",
+ "description": "获取当前租户所属的所有组织,并附带各空间内知识库/智能体数量",
"produces": [
"application/json"
],
@@ -8362,7 +8743,7 @@ const docTemplate = `{
"Bearer": []
}
],
- "description": "获取组织的所有成员",
+ "description": "获取组织的所有成员(按租户)",
"produces": [
"application/json"
],
@@ -8389,14 +8770,14 @@ const docTemplate = `{
}
}
},
- "/organizations/{id}/members/{user_id}": {
+ "/organizations/{id}/members/{tenant_id}": {
"put": {
"security": [
{
"Bearer": []
}
],
- "description": "更新组织成员的角色(需要管理员权限)",
+ "description": "更新组织成员(租户)的角色(需要管理员权限)",
"consumes": [
"application/json"
],
@@ -8417,8 +8798,8 @@ const docTemplate = `{
},
{
"type": "string",
- "description": "用户ID",
- "name": "user_id",
+ "description": "成员租户ID",
+ "name": "tenant_id",
"in": "path",
"required": true
},
@@ -8454,7 +8835,7 @@ const docTemplate = `{
"Bearer": []
}
],
- "description": "从组织中移除成员(需要管理员权限)",
+ "description": "从组织中移除成员租户(需要管理员权限)",
"tags": [
"组织管理"
],
@@ -8469,8 +8850,8 @@ const docTemplate = `{
},
{
"type": "string",
- "description": "用户ID",
- "name": "user_id",
+ "description": "成员租户ID",
+ "name": "tenant_id",
"in": "path",
"required": true
}
@@ -8545,21 +8926,21 @@ const docTemplate = `{
}
}
},
- "/organizations/{id}/search-users": {
+ "/organizations/{id}/search-tenants": {
"get": {
"security": [
{
"Bearer": []
}
],
- "description": "搜索用户(排除已有成员)用于邀请加入组织",
+ "description": "搜索租户(排除已加入的租户)用于邀请加入组织;按租户去重,附带代表用户",
"produces": [
"application/json"
],
"tags": [
"组织管理"
],
- "summary": "搜索可邀请的用户",
+ "summary": "搜索可邀请的租户",
"parameters": [
{
"type": "string",
@@ -8570,7 +8951,7 @@ const docTemplate = `{
},
{
"type": "string",
- "description": "搜索关键词(用户名或邮箱)",
+ "description": "搜索关键词(租户名、用户名或邮箱)",
"name": "q",
"in": "query",
"required": true
@@ -8600,6 +8981,12 @@ const docTemplate = `{
}
}
},
+ "/organizations/{id}/search-users": {
+ "get": {
+ "deprecated": true,
+ "responses": {}
+ }
+ },
"/organizations/{id}/shared-agents": {
"get": {
"security": [
@@ -9780,7 +10167,7 @@ const docTemplate = `{
"Bearer": []
}
],
- "description": "创建新的租户",
+ "description": "创建新的租户。任意已登录用户均可调用以建立自己的新工作区,\n调用方会被自动设为该租户的 Owner。跨租户超管仍可像以前一样\n通过本接口创建任意租户。",
"consumes": [
"application/json"
],
@@ -9798,7 +10185,7 @@ const docTemplate = `{
"in": "body",
"required": true,
"schema": {
- "$ref": "#/definitions/github_com_Tencent_WeKnora_internal_types.Tenant"
+ "$ref": "#/definitions/internal_handler.createTenantRequest"
}
}
],
@@ -9854,82 +10241,6 @@ const docTemplate = `{
}
}
},
- "/tenants/kv/agent-config": {
- "get": {
- "security": [
- {
- "Bearer": []
- },
- {
- "ApiKeyAuth": []
- }
- ],
- "description": "获取租户的全局Agent配置(默认应用于所有会话)",
- "consumes": [
- "application/json"
- ],
- "produces": [
- "application/json"
- ],
- "tags": [
- "租户管理"
- ],
- "summary": "获取租户Agent配置",
- "responses": {
- "200": {
- "description": "Agent配置",
- "schema": {
- "type": "object",
- "additionalProperties": true
- }
- },
- "400": {
- "description": "请求参数错误",
- "schema": {
- "$ref": "#/definitions/github_com_Tencent_WeKnora_internal_errors.AppError"
- }
- }
- }
- }
- },
- "/tenants/kv/conversation-config": {
- "get": {
- "security": [
- {
- "Bearer": []
- },
- {
- "ApiKeyAuth": []
- }
- ],
- "description": "获取租户的全局对话配置(默认应用于普通模式会话)",
- "consumes": [
- "application/json"
- ],
- "produces": [
- "application/json"
- ],
- "tags": [
- "租户管理"
- ],
- "summary": "获取租户对话配置",
- "responses": {
- "200": {
- "description": "对话配置",
- "schema": {
- "type": "object",
- "additionalProperties": true
- }
- },
- "400": {
- "description": "请求参数错误",
- "schema": {
- "$ref": "#/definitions/github_com_Tencent_WeKnora_internal_errors.AppError"
- }
- }
- }
- }
- },
"/tenants/kv/prompt-templates": {
"get": {
"security": [
@@ -10016,7 +10327,7 @@ const docTemplate = `{
"ApiKeyAuth": []
}
],
- "description": "获取租户级别的KV配置(支持agent-config、web-search-config、conversation-config)",
+ "description": "获取租户级别的KV配置(支持web-search-config、prompt-templates、parser-engine-config、storage-engine-config、chat-history-config、retrieval-config)",
"consumes": [
"application/json"
],
@@ -10061,7 +10372,7 @@ const docTemplate = `{
"ApiKeyAuth": []
}
],
- "description": "更新租户级别的KV配置(支持agent-config、web-search-config、conversation-config)",
+ "description": "更新租户级别的KV配置(支持web-search-config、parser-engine-config、storage-engine-config、chat-history-config、retrieval-config)",
"consumes": [
"application/json"
],
@@ -10369,6 +10680,535 @@ const docTemplate = `{
}
}
},
+ "/tenants/{id}/audit-log": {
+ "get": {
+ "security": [
+ {
+ "Bearer": []
+ },
+ {
+ "ApiKeyAuth": []
+ }
+ ],
+ "description": "返回该租户最近的审计事件,按 id 倒序。游标分页:将上次响应的 next_cursor 作为下一次请求的 after_id。",
+ "produces": [
+ "application/json"
+ ],
+ "tags": [
+ "审计日志"
+ ],
+ "summary": "获取租户审计日志",
+ "parameters": [
+ {
+ "type": "string",
+ "description": "租户ID",
+ "name": "id",
+ "in": "path",
+ "required": true
+ },
+ {
+ "type": "integer",
+ "description": "游标:返回 id 小于此值的记录(默认从最新开始)",
+ "name": "after_id",
+ "in": "query"
+ },
+ {
+ "type": "integer",
+ "description": "页大小,1-100,默认 50",
+ "name": "limit",
+ "in": "query"
+ },
+ {
+ "type": "string",
+ "description": "按 action 精确过滤(如 rbac.member_added / rbac.access_denied)",
+ "name": "action",
+ "in": "query"
+ },
+ {
+ "type": "string",
+ "description": "按 outcome 精确过滤(success / denied)",
+ "name": "outcome",
+ "in": "query"
+ },
+ {
+ "type": "string",
+ "description": "按 actor_user_id 精确过滤",
+ "name": "actor",
+ "in": "query"
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "OK",
+ "schema": {
+ "$ref": "#/definitions/internal_handler.auditLogListResponse"
+ }
+ },
+ "400": {
+ "description": "Bad Request",
+ "schema": {
+ "$ref": "#/definitions/github_com_Tencent_WeKnora_internal_errors.AppError"
+ }
+ }
+ }
+ }
+ },
+ "/tenants/{id}/invitations": {
+ "get": {
+ "security": [
+ {
+ "Bearer": []
+ }
+ ],
+ "description": "按 tenant 列出待接受 / 历史邀请。query include_terminal=true 时附带 accepted/declined/revoked/expired。",
+ "produces": [
+ "application/json"
+ ],
+ "tags": [
+ "租户邀请"
+ ],
+ "summary": "列出租户邀请",
+ "parameters": [
+ {
+ "type": "string",
+ "description": "租户 ID",
+ "name": "id",
+ "in": "path",
+ "required": true
+ },
+ {
+ "type": "boolean",
+ "description": "是否包含终止态行(默认 false)",
+ "name": "include_terminal",
+ "in": "query"
+ },
+ {
+ "type": "integer",
+ "default": 1,
+ "description": "页码(从 1 起)",
+ "name": "page",
+ "in": "query"
+ },
+ {
+ "type": "integer",
+ "default": 20,
+ "description": "每页数量",
+ "name": "page_size",
+ "in": "query"
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "OK",
+ "schema": {
+ "type": "object",
+ "additionalProperties": true
+ }
+ }
+ }
+ },
+ "post": {
+ "security": [
+ {
+ "Bearer": []
+ }
+ ],
+ "description": "Owner 通过邮箱邀请已注册用户加入当前租户;被邀请人需要在 /me/invitations 接受后才会成为成员。",
+ "consumes": [
+ "application/json"
+ ],
+ "produces": [
+ "application/json"
+ ],
+ "tags": [
+ "租户邀请"
+ ],
+ "summary": "发出租户邀请",
+ "parameters": [
+ {
+ "type": "string",
+ "description": "租户 ID",
+ "name": "id",
+ "in": "path",
+ "required": true
+ },
+ {
+ "description": "邀请请求",
+ "name": "request",
+ "in": "body",
+ "required": true,
+ "schema": {
+ "$ref": "#/definitions/internal_handler.createInvitationRequest"
+ }
+ }
+ ],
+ "responses": {
+ "201": {
+ "description": "Created",
+ "schema": {
+ "type": "object",
+ "additionalProperties": true
+ }
+ }
+ }
+ }
+ },
+ "/tenants/{id}/invitations/{inv_id}": {
+ "delete": {
+ "security": [
+ {
+ "Bearer": []
+ }
+ ],
+ "description": "Owner 取消一条还在 pending 的邀请;已 accepted/declined/revoked/expired 的行不可再撤销。",
+ "produces": [
+ "application/json"
+ ],
+ "tags": [
+ "租户邀请"
+ ],
+ "summary": "撤销待接受邀请",
+ "parameters": [
+ {
+ "type": "string",
+ "description": "租户 ID",
+ "name": "id",
+ "in": "path",
+ "required": true
+ },
+ {
+ "type": "string",
+ "description": "邀请 ID",
+ "name": "inv_id",
+ "in": "path",
+ "required": true
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "OK",
+ "schema": {
+ "type": "object",
+ "additionalProperties": true
+ }
+ }
+ }
+ }
+ },
+ "/tenants/{id}/leave": {
+ "post": {
+ "security": [
+ {
+ "Bearer": []
+ }
+ ],
+ "description": "调用方主动退出当前租户。等价于以自己的 user_id 调 RemoveMember,",
+ "produces": [
+ "application/json"
+ ],
+ "tags": [
+ "租户成员"
+ ],
+ "summary": "退出当前租户",
+ "parameters": [
+ {
+ "type": "string",
+ "description": "租户 ID",
+ "name": "id",
+ "in": "path",
+ "required": true
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "OK",
+ "schema": {
+ "type": "object",
+ "additionalProperties": true
+ }
+ }
+ }
+ }
+ },
+ "/tenants/{id}/members": {
+ "get": {
+ "security": [
+ {
+ "Bearer": []
+ }
+ ],
+ "description": "分页返回当前租户内 active 成员(含每位成员的角色、邮箱、头像);支持 q 按邮箱/用户名筛选",
+ "produces": [
+ "application/json"
+ ],
+ "tags": [
+ "租户成员"
+ ],
+ "summary": "列出租户成员",
+ "parameters": [
+ {
+ "type": "string",
+ "description": "租户 ID",
+ "name": "id",
+ "in": "path",
+ "required": true
+ },
+ {
+ "type": "string",
+ "description": "按邮箱/用户名模糊筛选",
+ "name": "q",
+ "in": "query"
+ },
+ {
+ "type": "integer",
+ "default": 1,
+ "description": "页码(从 1 起)",
+ "name": "page",
+ "in": "query"
+ },
+ {
+ "type": "integer",
+ "default": 20,
+ "description": "每页数量(最大 100)",
+ "name": "page_size",
+ "in": "query"
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "OK",
+ "schema": {
+ "type": "object",
+ "additionalProperties": true
+ }
+ }
+ }
+ },
+ "post": {
+ "security": [
+ {
+ "Bearer": []
+ }
+ ],
+ "consumes": [
+ "application/json"
+ ],
+ "produces": [
+ "application/json"
+ ],
+ "tags": [
+ "租户成员"
+ ],
+ "summary": "直接添加租户成员(直加路径)",
+ "parameters": [
+ {
+ "type": "string",
+ "description": "租户 ID",
+ "name": "id",
+ "in": "path",
+ "required": true
+ },
+ {
+ "description": "邀请请求",
+ "name": "request",
+ "in": "body",
+ "required": true,
+ "schema": {
+ "$ref": "#/definitions/internal_handler.addMemberRequest"
+ }
+ }
+ ],
+ "responses": {
+ "201": {
+ "description": "Created",
+ "schema": {
+ "type": "object",
+ "additionalProperties": true
+ }
+ }
+ }
+ }
+ },
+ "/tenants/{id}/members/{user_id}": {
+ "put": {
+ "security": [
+ {
+ "Bearer": []
+ }
+ ],
+ "description": "Owner 修改某位成员在当前租户内的角色;不能将最后一位 Owner 降级",
+ "consumes": [
+ "application/json"
+ ],
+ "produces": [
+ "application/json"
+ ],
+ "tags": [
+ "租户成员"
+ ],
+ "summary": "修改租户成员角色",
+ "parameters": [
+ {
+ "type": "string",
+ "description": "租户 ID",
+ "name": "id",
+ "in": "path",
+ "required": true
+ },
+ {
+ "type": "string",
+ "description": "用户 ID",
+ "name": "user_id",
+ "in": "path",
+ "required": true
+ },
+ {
+ "description": "目标角色",
+ "name": "request",
+ "in": "body",
+ "required": true,
+ "schema": {
+ "$ref": "#/definitions/internal_handler.updateMemberRoleRequest"
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "OK",
+ "schema": {
+ "type": "object",
+ "additionalProperties": true
+ }
+ }
+ }
+ },
+ "delete": {
+ "security": [
+ {
+ "Bearer": []
+ }
+ ],
+ "description": "Owner 将某位成员从当前租户中移除(软删除 tenant_members 行);不能移除最后一位 Owner",
+ "produces": [
+ "application/json"
+ ],
+ "tags": [
+ "租户成员"
+ ],
+ "summary": "移除租户成员",
+ "parameters": [
+ {
+ "type": "string",
+ "description": "租户 ID",
+ "name": "id",
+ "in": "path",
+ "required": true
+ },
+ {
+ "type": "string",
+ "description": "用户 ID",
+ "name": "user_id",
+ "in": "path",
+ "required": true
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "OK",
+ "schema": {
+ "type": "object",
+ "additionalProperties": true
+ }
+ }
+ }
+ }
+ },
+ "/user/favorites": {
+ "get": {
+ "description": "Lists this user's starred resources in the current tenant for a given type",
+ "tags": [
+ "User"
+ ],
+ "summary": "List my favorites",
+ "parameters": [
+ {
+ "type": "string",
+ "description": "Resource type (kb | agent)",
+ "name": "type",
+ "in": "query",
+ "required": true
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "OK",
+ "schema": {
+ "type": "object",
+ "additionalProperties": true
+ }
+ }
+ }
+ },
+ "post": {
+ "tags": [
+ "User"
+ ],
+ "summary": "Star a resource",
+ "parameters": [
+ {
+ "description": "Type + id",
+ "name": "body",
+ "in": "body",
+ "required": true,
+ "schema": {
+ "$ref": "#/definitions/internal_handler.AddFavoriteRequest"
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "OK",
+ "schema": {
+ "type": "object",
+ "additionalProperties": true
+ }
+ }
+ }
+ }
+ },
+ "/user/favorites/{type}/{id}": {
+ "delete": {
+ "tags": [
+ "User"
+ ],
+ "summary": "Unstar a resource",
+ "parameters": [
+ {
+ "type": "string",
+ "description": "Resource type",
+ "name": "type",
+ "in": "path",
+ "required": true
+ },
+ {
+ "type": "string",
+ "description": "Resource id",
+ "name": "id",
+ "in": "path",
+ "required": true
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "OK",
+ "schema": {
+ "type": "object",
+ "additionalProperties": true
+ }
+ }
+ }
+ }
+ },
"/vector-stores": {
"get": {
"security": [
@@ -11366,7 +12206,9 @@ const docTemplate = `{
2100,
2101,
2102,
- 2103
+ 2103,
+ 2200,
+ 2201
],
"x-enum-varnames": [
"ErrBadRequest",
@@ -11388,7 +12230,9 @@ const docTemplate = `{
"ErrAgentMissingThinkingModel",
"ErrAgentMissingAllowedTools",
"ErrAgentInvalidMaxIterations",
- "ErrAgentInvalidTemperature"
+ "ErrAgentInvalidTemperature",
+ "ErrVectorStoreBindingInvalid",
+ "ErrVectorStoreUnavailable"
]
},
"github_com_Tencent_WeKnora_internal_infrastructure_chunker.DocProfile": {
@@ -11502,133 +12346,6 @@ const docTemplate = `{
}
}
},
- "github_com_Tencent_WeKnora_internal_types.AgentConfig": {
- "type": "object",
- "properties": {
- "allowed_skills": {
- "description": "Skill names whitelist (empty = allow all)",
- "type": "array",
- "items": {
- "type": "string"
- }
- },
- "allowed_tools": {
- "description": "List of allowed tool names",
- "type": "array",
- "items": {
- "type": "string"
- }
- },
- "history_turns": {
- "description": "Number of history turns to keep in context",
- "type": "integer"
- },
- "knowledge_bases": {
- "description": "Accessible knowledge base IDs",
- "type": "array",
- "items": {
- "type": "string"
- }
- },
- "knowledge_ids": {
- "description": "Accessible knowledge IDs (individual documents)",
- "type": "array",
- "items": {
- "type": "string"
- }
- },
- "llm_call_timeout": {
- "description": "LLM call timeout in seconds (default: 120). Controls the maximum time for a single LLM call.",
- "type": "integer"
- },
- "max_context_tokens": {
- "description": "Maximum context window tokens for the agent (default: 200000).\nThe agent compresses older messages to stay within this limit,\npreserving tool_call/tool_result pairs.",
- "type": "integer"
- },
- "max_iterations": {
- "description": "Maximum number of ReAct iterations",
- "type": "integer"
- },
- "max_tool_output_chars": {
- "description": "Maximum character length for tool output (default: 16000).\nOutputs exceeding this limit are truncated with head + tail preservation.",
- "type": "integer"
- },
- "mcp_selection_mode": {
- "description": "MCP service selection",
- "type": "string"
- },
- "mcp_services": {
- "description": "Selected MCP service IDs (when mode is \"selected\")",
- "type": "array",
- "items": {
- "type": "string"
- }
- },
- "multi_turn_enabled": {
- "description": "Whether multi-turn conversation is enabled",
- "type": "boolean"
- },
- "parallel_tool_calls": {
- "description": "Whether to execute independent tool calls in parallel (default: false).\nWhen enabled and the LLM returns multiple tool calls, they run concurrently via errgroup.",
- "type": "boolean"
- },
- "retain_retrieval_history": {
- "description": "Whether to retain retrieval history (like wiki_read_page results) across turns (default: false)",
- "type": "boolean"
- },
- "retrieve_kb_only_when_mentioned": {
- "description": "Whether to retrieve knowledge base only when explicitly mentioned with @ (default: false)",
- "type": "boolean"
- },
- "skill_dirs": {
- "description": "Directories to search for skills",
- "type": "array",
- "items": {
- "type": "string"
- }
- },
- "skills_enabled": {
- "description": "Skills configuration (Progressive Disclosure pattern)",
- "type": "boolean"
- },
- "system_prompt": {
- "description": "Unified system prompt (uses web_search_status placeholder for dynamic behavior)",
- "type": "string"
- },
- "system_prompt_web_disabled": {
- "description": "Deprecated: Custom prompt when web search is disabled",
- "type": "string"
- },
- "system_prompt_web_enabled": {
- "description": "Deprecated: Use SystemPrompt instead. Kept for backward compatibility during migration.",
- "type": "string"
- },
- "temperature": {
- "description": "LLM temperature for agent",
- "type": "number"
- },
- "thinking": {
- "description": "Whether to enable thinking mode (for models that support extended thinking)",
- "type": "boolean"
- },
- "use_custom_system_prompt": {
- "description": "Whether to use custom system prompt instead of default",
- "type": "boolean"
- },
- "web_search_enabled": {
- "description": "Whether web search tool is enabled",
- "type": "boolean"
- },
- "web_search_max_results": {
- "description": "Maximum number of web search results (default: 5)",
- "type": "integer"
- },
- "web_search_provider_id": {
- "description": "WebSearchProviderEntity ID (resolved from agent config)",
- "type": "string"
- }
- }
- },
"github_com_Tencent_WeKnora_internal_types.AgentStep": {
"type": "object",
"properties": {
@@ -11636,6 +12353,10 @@ const docTemplate = `{
"description": "Iteration number (0-indexed)",
"type": "integer"
},
+ "reasoning_content": {
+ "description": "ReasoningContent stores the OpenAI-protocol reasoning_content emitted by the\nmodel in this round. Persisted on AgentStep so cross-turn replay can put it\nback on the assistant message — required by MiMo / DeepSeek V3.2+ thinking\nmode, ignored by providers that don't recognize the field.",
+ "type": "string"
+ },
"thought": {
"description": "LLM's reasoning/thinking (Think phase)",
"type": "string"
@@ -11664,6 +12385,91 @@ const docTemplate = `{
"AnswerStrategyRandom"
]
},
+ "github_com_Tencent_WeKnora_internal_types.AuditAction": {
+ "type": "string",
+ "enum": [
+ "rbac.member_added",
+ "rbac.member_removed",
+ "rbac.member_role_changed",
+ "rbac.member_left",
+ "rbac.access_denied",
+ "rbac.invitation_sent",
+ "rbac.invitation_accepted",
+ "rbac.invitation_declined",
+ "rbac.invitation_revoked",
+ "rbac.invitation_expired"
+ ],
+ "x-enum-varnames": [
+ "AuditActionMemberAdded",
+ "AuditActionMemberRemoved",
+ "AuditActionMemberRoleChanged",
+ "AuditActionMemberLeft",
+ "AuditActionAccessDenied",
+ "AuditActionInvitationSent",
+ "AuditActionInvitationAccepted",
+ "AuditActionInvitationDeclined",
+ "AuditActionInvitationRevoked",
+ "AuditActionInvitationExpired"
+ ]
+ },
+ "github_com_Tencent_WeKnora_internal_types.AuditLog": {
+ "type": "object",
+ "properties": {
+ "action": {
+ "$ref": "#/definitions/github_com_Tencent_WeKnora_internal_types.AuditAction"
+ },
+ "actor_role": {
+ "type": "string"
+ },
+ "actor_user_id": {
+ "type": "string"
+ },
+ "created_at": {
+ "type": "string"
+ },
+ "details": {
+ "type": "array",
+ "items": {
+ "type": "integer"
+ }
+ },
+ "id": {
+ "type": "integer"
+ },
+ "outcome": {
+ "$ref": "#/definitions/github_com_Tencent_WeKnora_internal_types.AuditOutcome"
+ },
+ "request_method": {
+ "type": "string"
+ },
+ "request_path": {
+ "type": "string"
+ },
+ "target_id": {
+ "type": "string"
+ },
+ "target_type": {
+ "type": "string"
+ },
+ "target_user_id": {
+ "type": "string"
+ },
+ "tenant_id": {
+ "type": "integer"
+ }
+ }
+ },
+ "github_com_Tencent_WeKnora_internal_types.AuditOutcome": {
+ "type": "string",
+ "enum": [
+ "success",
+ "denied"
+ ],
+ "x-enum-varnames": [
+ "AuditOutcomeSuccess",
+ "AuditOutcomeDenied"
+ ]
+ },
"github_com_Tencent_WeKnora_internal_types.COSEngineConfig": {
"type": "object",
"properties": {
@@ -11851,76 +12657,6 @@ const docTemplate = `{
}
}
},
- "github_com_Tencent_WeKnora_internal_types.ConversationConfig": {
- "type": "object",
- "properties": {
- "context_template": {
- "description": "ContextTemplate is the prompt template for summarizing retrieval results",
- "type": "string"
- },
- "embedding_top_k": {
- "type": "integer"
- },
- "enable_query_expansion": {
- "type": "boolean"
- },
- "enable_rewrite": {
- "type": "boolean"
- },
- "fallback_prompt": {
- "type": "string"
- },
- "fallback_response": {
- "type": "string"
- },
- "fallback_strategy": {
- "description": "Fallback strategy",
- "type": "string"
- },
- "keyword_threshold": {
- "type": "number"
- },
- "max_completion_tokens": {
- "description": "MaxTokens is the maximum number of tokens to generate",
- "type": "integer"
- },
- "max_rounds": {
- "description": "Retrieval \u0026 strategy parameters",
- "type": "integer"
- },
- "prompt": {
- "description": "Prompt is the system prompt for normal mode",
- "type": "string"
- },
- "rerank_model_id": {
- "type": "string"
- },
- "rerank_threshold": {
- "type": "number"
- },
- "rerank_top_k": {
- "type": "integer"
- },
- "rewrite_prompt_system": {
- "description": "Rewrite prompts",
- "type": "string"
- },
- "rewrite_prompt_user": {
- "type": "string"
- },
- "summary_model_id": {
- "description": "Model configuration",
- "type": "string"
- },
- "temperature": {
- "description": "Temperature controls the randomness of the model output",
- "type": "number"
- },
- "vector_threshold": {
- "type": "number"
- }
- }
- },
"github_com_Tencent_WeKnora_internal_types.CreateOrganizationRequest": {
"type": "object",
"required": [
@@ -11993,6 +12729,10 @@ const docTemplate = `{
"description": "ContextTemplateID references a template ID in prompt_templates/ YAML files.\nIf set and ContextTemplate is empty, the template content will be resolved at startup.",
"type": "string"
},
+ "data_analysis_enabled": {
+ "description": "===== Data Analysis Settings =====\nWhether to run the legacy in-pipeline DuckDB SQL data-analysis stage when\nthe retrieved chunks include CSV/Excel files. This issues an extra LLM\ncall to generate a SQL query and is disabled by default because most\nquick-answer / RAG-style agents do not want the added latency.",
+ "type": "boolean"
+ },
"embedding_top_k": {
"description": "===== Retrieval Strategy Settings (for both modes) =====\nEmbedding/Vector retrieval top K",
"type": "integer"
@@ -12087,6 +12827,10 @@ const docTemplate = `{
"description": "===== Multi-turn Conversation Settings =====\nWhether multi-turn conversation is enabled",
"type": "boolean"
},
+ "query_understand_model_id": {
+ "description": "Dedicated chat model ID for the query-understanding (rewrite + intent) step.\nWhen empty, the main conversation ModelID is used as a fallback.",
+ "type": "string"
+ },
"rerank_model_id": {
"description": "ReRank model ID for retrieval",
"type": "string"
@@ -12640,10 +13384,13 @@ const docTemplate = `{
"github_com_Tencent_WeKnora_internal_types.InviteMemberRequest": {
"type": "object",
"required": [
- "role",
- "user_id"
+ "role"
],
"properties": {
+ "representative_user_id": {
+ "description": "RepresentativeUserID identifies the user attached to the OTM row for\ndisplay/audit. Optional: when unset, the handler picks a stable default\n(the user from the legacy UserID field, or the tenant's owner).",
+ "type": "string"
+ },
"role": {
"description": "Role to assign: admin/editor/viewer",
"allOf": [
@@ -12652,8 +13399,12 @@ const docTemplate = `{
}
]
},
+ "tenant_id": {
+ "description": "TenantID is the tenant to enrol as an org member. Preferred field.",
+ "type": "integer"
+ },
"user_id": {
- "description": "User ID to invite",
+ "description": "UserID is retained for backward compatibility. When set without\nTenantID, the handler resolves the user's TenantID and uses this\nuser as the representative.",
"type": "string"
}
}
@@ -12883,6 +13634,14 @@ const docTemplate = `{
"description": "Creation time of the knowledge base",
"type": "string"
},
+ "creator_id": {
+ "description": "CreatorID records the user ID of whoever originally created the KB.\nUsed by the tenant-level RBAC middleware to let Contributors edit\ntheir own KBs without granting them access to everyone else's.\nNullable for backward compatibility with rows created before the\nRBAC migration backfilled the column to the tenant Owner.",
+ "type": "string"
+ },
+ "creator_name": {
+ "description": "CreatorName 是 CreatorID 对应用户的展示名(username / email 等),\n仅在列表场景由 handler 批量回填,不落库;为空表示创建者无法解析(用户已删除、\nCreatorID 为空的老数据等)。前端用它在卡片来源徽章上做 mine vs tenant 的二分。",
+ "type": "string"
+ },
"deleted_at": {
"description": "Deletion time of the knowledge base",
"allOf": [
@@ -12936,7 +13695,7 @@ const docTemplate = `{
]
},
"is_pinned": {
- "description": "Whether this knowledge base is pinned to the top of the list",
+ "description": "IsPinned and PinnedAt are computed per-caller from user_kb_pins\n(see migration 000050). They used to be stored on the row itself,\nwhich made pinning a tenant-wide ordering decision gated behind\nthe kb-edit RBAC guard. The columns are still present in legacy\nschemas for rollback safety but are no longer read or written by\nthe application — both fields are tagged ` + "`" + `gorm:\"-\"` + "`" + ` so GORM\nignores them on every CRUD call and the list handler stamps them\nafter enriching with the caller's pin set.",
"type": "boolean"
},
"is_processing": {
@@ -12956,7 +13715,7 @@ const docTemplate = `{
"type": "string"
},
"pinned_at": {
- "description": "Time when the knowledge base was pinned (nil if not pinned)",
+ "description": "PinnedAt records when the current caller pinned this knowledge\nbase; nil when they have not.",
"type": "string"
},
"processing_count": {
@@ -13256,6 +14015,21 @@ const docTemplate = `{
"github_com_Tencent_WeKnora_internal_types.LoginResponse": {
"type": "object",
"properties": {
+ "active_tenant": {
+ "description": "ActiveTenant is the tenant whose ID is encoded in the issued JWT;\nfuture requests are scoped to it until the client calls /auth/switch-tenant.\nDefaults to the user's home tenant on a fresh login.",
+ "allOf": [
+ {
+ "$ref": "#/definitions/github_com_Tencent_WeKnora_internal_types.Tenant"
+ }
+ ]
+ },
+ "memberships": {
+ "description": "Memberships lists every tenant the user can authenticate into,\nalong with their role in each. Always populated (length 1 for users\nwho only belong to their home tenant) so frontends can render a\ntenant switcher without a follow-up request. Serialised without\nomitempty so the field is always present as a JSON array (possibly\nempty) — the \"always populated\" contract relies on the server side\nguaranteeing a non-nil slice.",
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/github_com_Tencent_WeKnora_internal_types.Membership"
+ }
+ },
"message": {
"type": "string"
},
@@ -13265,9 +14039,6 @@ const docTemplate = `{
"success": {
"type": "boolean"
},
- "tenant": {
- "$ref": "#/definitions/github_com_Tencent_WeKnora_internal_types.Tenant"
- },
"token": {
"type": "string"
},
@@ -13492,6 +14263,20 @@ const docTemplate = `{
"MatchTypeDataAnalysis"
]
},
+ "github_com_Tencent_WeKnora_internal_types.Membership": {
+ "type": "object",
+ "properties": {
+ "role": {
+ "$ref": "#/definitions/github_com_Tencent_WeKnora_internal_types.TenantRole"
+ },
+ "tenant_id": {
+ "type": "integer"
+ },
+ "tenant_name": {
+ "type": "string"
+ }
+ }
+ },
"github_com_Tencent_WeKnora_internal_types.MentionedItem": {
"type": "object",
"properties": {
@@ -13839,6 +14624,32 @@ const docTemplate = `{
"ModelTypeASR"
]
},
+ "github_com_Tencent_WeKnora_internal_types.OBSEngineConfig": {
+ "type": "object",
+ "properties": {
+ "access_key": {
+ "type": "string"
+ },
+ "bucket_name": {
+ "type": "string"
+ },
+ "endpoint": {
+ "type": "string"
+ },
+ "path_prefix": {
+ "type": "string"
+ },
+ "region": {
+ "type": "string"
+ },
+ "secret_key": {
+ "type": "string"
+ },
+ "use_ssl": {
+ "type": "boolean"
+ }
+ }
+ },
"github_com_Tencent_WeKnora_internal_types.OIDCAuthURLResponse": {
"type": "object",
"properties": {
@@ -13930,12 +14741,18 @@ const docTemplate = `{
"joined_at": {
"type": "string"
},
+ "representative_user_id": {
+ "type": "string"
+ },
"role": {
"type": "string"
},
"tenant_id": {
"type": "integer"
},
+ "tenant_name": {
+ "type": "string"
+ },
"user_id": {
"type": "string"
},
@@ -13995,6 +14812,10 @@ const docTemplate = `{
"owner_id": {
"type": "string"
},
+ "owner_tenant_id": {
+ "description": "OwnerTenantID is the persisted owner tenant of the organization\n(Plan 3, migration 000046). Frontend uses this to identify the\n\"owner row\" in the tenant-keyed members list — comparing\nmember.tenant_id against owner_tenant_id is the post-Plan-3\nequivalent of the old member.user_id == owner_id check.",
+ "type": "integer"
+ },
"pending_join_request_count": {
"description": "待审批加入申请数(仅管理员可见)",
"type": "integer"
@@ -14056,6 +14877,10 @@ const docTemplate = `{
"mineru_model": {
"description": "MinerU 自建解析参数",
"type": "string"
+ },
+ "mineru_vlm_server_url": {
+ "description": "vLLM 服务器地址 (vlm-http-client / hybrid-http-client)",
+ "type": "string"
}
}
},
@@ -14369,6 +15194,9 @@ const docTemplate = `{
"endpoint": {
"type": "string"
},
+ "force_path_style": {
+ "type": "boolean"
+ },
"path_prefix": {
"type": "string"
},
@@ -14377,6 +15205,9 @@ const docTemplate = `{
},
"secret_key": {
"type": "string"
+ },
+ "use_ssl": {
+ "type": "boolean"
}
}
},
@@ -14563,6 +15394,14 @@ const docTemplate = `{
"description": "IsPinned indicates whether the session is pinned in the list.",
"type": "boolean"
},
+ "last_request_state": {
+ "description": "LastRequestState records the input-bar state used the last time this\nsession sent a question (agent, model, KB scope, web search, MCPs).\nPersisted on every successful POST to /knowledge-chat or /agent-chat so\nthat reopening the session can restore the original request context to\nthe chat UI. Stored in the legacy sessions.agent_config JSONB column to\navoid a new migration; the shape used today is ` + "`" + `SessionLastRequestState` + "`" + `.",
+ "allOf": [
+ {
+ "$ref": "#/definitions/github_com_Tencent_WeKnora_internal_types.SessionLastRequestState"
+ }
+ ]
+ },
"pinned_at": {
"description": "PinnedAt records when the session was pinned; nil when not pinned.",
"type": "string"
@@ -14584,6 +15423,35 @@ const docTemplate = `{
}
}
},
+ "github_com_Tencent_WeKnora_internal_types.SessionLastRequestState": {
+ "type": "object",
+ "properties": {
+ "agent_enabled": {
+ "type": "boolean"
+ },
+ "agent_id": {
+ "type": "string"
+ },
+ "knowledge_base_ids": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ },
+ "knowledge_ids": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ },
+ "model_id": {
+ "type": "string"
+ },
+ "web_search_enabled": {
+ "type": "boolean"
+ }
+ }
+ },
"github_com_Tencent_WeKnora_internal_types.ShareKnowledgeBaseRequest": {
"type": "object",
"required": [
@@ -14603,25 +15471,44 @@ const docTemplate = `{
"type": "object",
"properties": {
"app_id": {
+ "description": "App ID (COS specific)",
"type": "string"
},
"bucket_name": {
+ "description": "Bucket Name",
"type": "string"
},
+ "endpoint": {
+ "description": "Endpoint (S3 specific) - e.g., s3.amazonaws.com, oss-cn-hangzhou.aliyuncs.com",
+ "type": "string"
+ },
+ "force_path_style": {
+ "description": "ForcePathStyle (S3 specific) - whether to use path-style URLs",
+ "type": "boolean"
+ },
"path_prefix": {
+ "description": "Path Prefix",
"type": "string"
},
"provider": {
+ "description": "Provider: \"cos\", \"minio\", \"s3\"",
"type": "string"
},
"region": {
+ "description": "Region",
"type": "string"
},
"secret_id": {
+ "description": "Secret ID (COS) / Access Key ID (S3, MinIO)",
"type": "string"
},
"secret_key": {
+ "description": "Secret Key (COS) / Secret Access Key (S3, MinIO)",
"type": "string"
+ },
+ "use_ssl": {
+ "description": "UseSSL (S3 specific) - whether to use HTTPS",
+ "type": "boolean"
}
}
},
@@ -14632,7 +15519,7 @@ const docTemplate = `{
"$ref": "#/definitions/github_com_Tencent_WeKnora_internal_types.COSEngineConfig"
},
"default_provider": {
- "description": "\"local\", \"minio\", \"cos\", \"tos\", \"s3\", \"oss\", \"ks3\"",
+ "description": "\"local\", \"minio\", \"cos\", \"tos\", \"s3\", \"oss\", \"ks3\", \"obs\"",
"type": "string"
},
"ks3": {
@@ -14644,6 +15531,9 @@ const docTemplate = `{
"minio": {
"$ref": "#/definitions/github_com_Tencent_WeKnora_internal_types.MinIOEngineConfig"
},
+ "obs": {
+ "$ref": "#/definitions/github_com_Tencent_WeKnora_internal_types.OBSEngineConfig"
+ },
"oss": {
"$ref": "#/definitions/github_com_Tencent_WeKnora_internal_types.OSSEngineConfig"
},
@@ -14659,7 +15549,7 @@ const docTemplate = `{
"type": "object",
"properties": {
"provider": {
- "description": "\"local\", \"minio\", \"cos\", \"tos\", \"s3\", \"oss\", \"ks3\"",
+ "description": "\"local\", \"minio\", \"cos\", \"tos\", \"s3\", \"oss\", \"ks3\", \"obs\"",
"type": "string"
}
}
@@ -14787,14 +15677,6 @@ const docTemplate = `{
"github_com_Tencent_WeKnora_internal_types.Tenant": {
"type": "object",
"properties": {
- "agent_config": {
- "description": "Deprecated: AgentConfig is deprecated, use CustomAgent (builtin-smart-reasoning) config instead.\nThis field is kept for backward compatibility and will be removed in future versions.",
- "allOf": [
- {
- "$ref": "#/definitions/github_com_Tencent_WeKnora_internal_types.AgentConfig"
- }
- ]
- },
"api_key": {
"description": "API key",
"type": "string"
@@ -14819,14 +15701,6 @@ const docTemplate = `{
}
]
},
- "conversation_config": {
- "description": "Deprecated: ConversationConfig is deprecated, use CustomAgent (builtin-quick-answer) config instead.\nThis field is kept for backward compatibility and will be removed in future versions.",
- "allOf": [
- {
- "$ref": "#/definitions/github_com_Tencent_WeKnora_internal_types.ConversationConfig"
- }
- ]
- },
"created_at": {
"description": "Creation time",
"type": "string"
@@ -14917,6 +15791,21 @@ const docTemplate = `{
}
}
},
+ "github_com_Tencent_WeKnora_internal_types.TenantRole": {
+ "type": "string",
+ "enum": [
+ "owner",
+ "admin",
+ "contributor",
+ "viewer"
+ ],
+ "x-enum-varnames": [
+ "TenantRoleOwner",
+ "TenantRoleAdmin",
+ "TenantRoleContributor",
+ "TenantRoleViewer"
+ ]
+ },
"github_com_Tencent_WeKnora_internal_types.ToolCall": {
"type": "object",
"properties": {
@@ -15071,6 +15960,14 @@ const docTemplate = `{
"description": "Whether the user is active",
"type": "boolean"
},
+ "preferences": {
+ "description": "Per-user UI/feature preferences (memory toggle, future knobs).\nStored as JSON (jsonb on Postgres, TEXT on SQLite) via the\ndriver.Valuer / sql.Scanner methods on UserPreferences.",
+ "allOf": [
+ {
+ "$ref": "#/definitions/github_com_Tencent_WeKnora_internal_types.UserPreferences"
+ }
+ ]
+ },
"tenant": {
"description": "Association relationship, not stored in the database",
"allOf": [
@@ -15093,6 +15990,19 @@ const docTemplate = `{
}
}
},
+ "github_com_Tencent_WeKnora_internal_types.UserPreferences": {
+ "type": "object",
+ "properties": {
+ "enable_memory": {
+ "description": "EnableMemory mirrors the \"开启记忆功能\" switch in General Settings.\nnil = preference never set (treat as feature default = false)\n*false / *true = user explicitly set the toggle.",
+ "type": "boolean"
+ },
+ "last_active_tenant_id": {
+ "description": "LastActiveTenantID remembers the last tenant the user actively\nswitched into, so a fresh login (new device, cleared browser, new\nrefresh token) lands them back in that workspace instead of always\nbouncing to their home tenant. Login / RefreshToken validate that\nthe tenant still exists and the user still has an active membership\n(or CanAccessAllTenants) before honouring this preference; an\ninvalid pointer is best-effort cleared and the user falls back to\nhome.\n\nnil = no preference (use user.TenantID, i.e. home)\n*0 = \"clear preference\" sentinel for the partial-update endpoint\n (UpdateUserPreferences turns this into nil). Otherwise treat\n a stored *0 the same as nil.\n*N = preferred tenant id.",
+ "type": "integer"
+ }
+ }
+ },
"github_com_Tencent_WeKnora_internal_types.VLMConfig": {
"type": "object",
"properties": {
@@ -15751,6 +16661,17 @@ const docTemplate = `{
}
}
},
+ "internal_handler.AddFavoriteRequest": {
+ "type": "object",
+ "properties": {
+ "id": {
+ "type": "string"
+ },
+ "type": {
+ "type": "string"
+ }
+ }
+ },
"internal_handler.BatchDeleteKnowledgeRequest": {
"type": "object",
"required": [
@@ -16338,6 +17259,10 @@ const docTemplate = `{
"interfaceType": {
"type": "string"
},
+ "modelId": {
+ "description": "ModelID, when set, instructs the handler to substitute any missing\nsecrets (APIKey, AppSecret via ExtraConfig) from the stored model\nrecord before assembling the test client. This lets the \"Test\nconnection\" button work on existing models without making the\nfrontend reload — and ship — the plaintext API key. Other fields\n(BaseURL, ModelName, etc.) on this request still override the\nstored values, so a user can validate a new endpoint against the\nexisting credentials in one click.",
+ "type": "string"
+ },
"modelName": {
"type": "string"
},
@@ -16553,6 +17478,10 @@ const docTemplate = `{
"interfaceType": {
"type": "string"
},
+ "modelId": {
+ "description": "ModelID, when set, instructs the handler to substitute any missing\nsecrets (APIKey, AppSecret via ExtraConfig) from the stored model\nrecord before assembling the test client. This lets the \"Test\nconnection\" button work on existing models without making the\nfrontend reload — and ship — the plaintext API key. Other fields\n(BaseURL, ModelName, etc.) on this request still override the\nstored values, so a user can validate a new endpoint against the\nexisting credentials in one click.",
+ "type": "string"
+ },
"modelName": {
"type": "string"
},
@@ -16604,11 +17533,14 @@ const docTemplate = `{
"minio": {
"$ref": "#/definitions/github_com_Tencent_WeKnora_internal_types.MinIOEngineConfig"
},
+ "obs": {
+ "$ref": "#/definitions/github_com_Tencent_WeKnora_internal_types.OBSEngineConfig"
+ },
"oss": {
"$ref": "#/definitions/github_com_Tencent_WeKnora_internal_types.OSSEngineConfig"
},
"provider": {
- "description": "\"minio\", \"cos\", \"tos\", \"s3\", \"oss\", \"ks3\"",
+ "description": "\"minio\", \"cos\", \"tos\", \"s3\", \"oss\", \"ks3\", \"obs\"",
"type": "string"
},
"s3": {
@@ -16815,6 +17747,21 @@ const docTemplate = `{
}
}
},
+ "internal_handler.addMemberRequest": {
+ "type": "object",
+ "required": [
+ "email",
+ "role"
+ ],
+ "properties": {
+ "email": {
+ "type": "string"
+ },
+ "role": {
+ "$ref": "#/definitions/github_com_Tencent_WeKnora_internal_types.TenantRole"
+ }
+ }
+ },
"internal_handler.addSimilarQuestionsRequest": {
"type": "object",
"required": [
@@ -16830,6 +17777,58 @@ const docTemplate = `{
}
}
},
+ "internal_handler.auditLogListResponse": {
+ "type": "object",
+ "properties": {
+ "data": {
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/github_com_Tencent_WeKnora_internal_types.AuditLog"
+ }
+ },
+ "next_cursor": {
+ "type": "integer"
+ },
+ "success": {
+ "type": "boolean"
+ }
+ }
+ },
+ "internal_handler.createInvitationRequest": {
+ "type": "object",
+ "required": [
+ "email",
+ "role"
+ ],
+ "properties": {
+ "email": {
+ "type": "string"
+ },
+ "message": {
+ "type": "string"
+ },
+ "role": {
+ "$ref": "#/definitions/github_com_Tencent_WeKnora_internal_types.TenantRole"
+ }
+ }
+ },
+ "internal_handler.createTenantRequest": {
+ "type": "object",
+ "required": [
+ "name"
+ ],
+ "properties": {
+ "description": {
+ "type": "string",
+ "maxLength": 512
+ },
+ "name": {
+ "type": "string",
+ "maxLength": 128,
+ "minLength": 1
+ }
+ }
+ },
"internal_handler.updateLastFAQImportResultDisplayStatusRequest": {
"type": "object",
"required": [
@@ -16845,6 +17844,29 @@ const docTemplate = `{
}
}
},
+ "internal_handler.updateMemberRoleRequest": {
+ "type": "object",
+ "required": [
+ "role"
+ ],
+ "properties": {
+ "role": {
+ "$ref": "#/definitions/github_com_Tencent_WeKnora_internal_types.TenantRole"
+ }
+ }
+ },
+ "internal_handler.updateMyPreferencesRequest": {
+ "type": "object",
+ "properties": {
+ "enable_memory": {
+ "type": "boolean"
+ },
+ "last_active_tenant_id": {
+ "description": "LastActiveTenantID lets the SPA persist \"after a fresh login,\ndrop me back into this workspace\" across devices. Send a positive\ntenant id to set / replace, or 0 to clear. Membership is validated\nat next login, not here. Nil = field omitted from the PATCH and\nstays untouched.",
+ "type": "integer"
+ }
+ }
+ },
"internal_handler_session.AttachmentUpload": {
"type": "object",
"properties": {
@@ -16892,7 +17914,7 @@ const docTemplate = `{
"type": "boolean"
},
"enable_memory": {
- "description": "Whether memory feature is enabled for this request",
+ "description": "EnableMemory is the per-request override for the memory feature.\nPointer + omitempty so the request can distinguish three states:\n nil = client did not specify; backend falls back to the calling\n user's persisted preference (user.preferences.enable_memory),\n defaulting to false if that's also unset. This is the path\n used by the normal logged-in chat UI now that the toggle is\n stored server-side per user.\n *true / *false = explicit override. Embedded mode forces *false so a\n user's personal memory setting doesn't leak into a widget\n context; older clients that still send a literal bool also\n land here (back-compat).",
"type": "boolean"
},
"images": {
diff --git a/docs/images/architecture.png b/docs/images/architecture.png
index dfb06f9a..181e7f8b 100644
Binary files a/docs/images/architecture.png and b/docs/images/architecture.png differ
diff --git a/docs/images/rbac-create-workspace.png b/docs/images/rbac-create-workspace.png
new file mode 100644
index 00000000..a4000496
Binary files /dev/null and b/docs/images/rbac-create-workspace.png differ
diff --git a/docs/images/rbac-member-management.png b/docs/images/rbac-member-management.png
new file mode 100644
index 00000000..c82cbbe5
Binary files /dev/null and b/docs/images/rbac-member-management.png differ
diff --git a/docs/images/rbac-pending-invitation.png b/docs/images/rbac-pending-invitation.png
new file mode 100644
index 00000000..97477d37
Binary files /dev/null and b/docs/images/rbac-pending-invitation.png differ
diff --git a/docs/images/rbac-workspace-switcher.png b/docs/images/rbac-workspace-switcher.png
new file mode 100644
index 00000000..24fdaa68
Binary files /dev/null and b/docs/images/rbac-workspace-switcher.png differ
diff --git a/docs/swagger.json b/docs/swagger.json
index e7121f1f..cc48de52 100644
--- a/docs/swagger.json
+++ b/docs/swagger.json
@@ -1935,6 +1935,30 @@
}
}
},
+ "/auth/config": {
+ "get": {
+ "description": "返回当前部署的注册模式等公开认证配置,供前端决定是否展示注册入口",
+ "consumes": [
+ "application/json"
+ ],
+ "produces": [
+ "application/json"
+ ],
+ "tags": [
+ "认证"
+ ],
+ "summary": "获取认证配置",
+ "responses": {
+ "200": {
+ "description": "认证配置",
+ "schema": {
+ "type": "object",
+ "additionalProperties": true
+ }
+ }
+ }
+ }
+ },
"/auth/login": {
"post": {
"description": "用户登录并获取访问令牌",
@@ -2045,6 +2069,58 @@
}
}
},
+ "/auth/me/preferences": {
+ "put": {
+ "security": [
+ {
+ "Bearer": []
+ }
+ ],
+ "description": "按 PATCH 语义合并用户偏好(仅覆盖请求体里出现的字段,其余字段保持不变),\n数据存放在 users.preferences (JSON),跨设备/浏览器自动同步。",
+ "consumes": [
+ "application/json"
+ ],
+ "produces": [
+ "application/json"
+ ],
+ "tags": [
+ "认证"
+ ],
+ "summary": "更新当前用户的个性化设置",
+ "parameters": [
+ {
+ "description": "Preferences patch",
+ "name": "request",
+ "in": "body",
+ "required": true,
+ "schema": {
+ "$ref": "#/definitions/internal_handler.updateMyPreferencesRequest"
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "更新后的偏好",
+ "schema": {
+ "type": "object",
+ "additionalProperties": true
+ }
+ },
+ "400": {
+ "description": "请求参数错误",
+ "schema": {
+ "$ref": "#/definitions/github_com_Tencent_WeKnora_internal_errors.AppError"
+ }
+ },
+ "401": {
+ "description": "未授权",
+ "schema": {
+ "$ref": "#/definitions/github_com_Tencent_WeKnora_internal_errors.AppError"
+ }
+ }
+ }
+ }
+ },
"/auth/oidc/callback": {
"get": {
"description": "接收OIDC provider回调并由后端完成code交换,随后重定向回前端登录页",
@@ -2244,6 +2320,65 @@
}
}
},
+ "/auth/switch-tenant": {
+ "post": {
+ "security": [
+ {
+ "Bearer": []
+ }
+ ],
+ "description": "为当前用户在目标租户重新签发访问令牌;要求该用户在目标租户存在 active 成员关系",
+ "consumes": [
+ "application/json"
+ ],
+ "produces": [
+ "application/json"
+ ],
+ "tags": [
+ "认证"
+ ],
+ "summary": "切换激活租户",
+ "parameters": [
+ {
+ "description": "切换请求",
+ "name": "request",
+ "in": "body",
+ "required": true,
+ "schema": {
+ "type": "object",
+ "properties": {
+ "refresh_token": {
+ "type": "string"
+ },
+ "tenant_id": {
+ "type": "integer"
+ }
+ }
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "OK",
+ "schema": {
+ "$ref": "#/definitions/github_com_Tencent_WeKnora_internal_types.LoginResponse"
+ }
+ },
+ "400": {
+ "description": "参数错误",
+ "schema": {
+ "$ref": "#/definitions/github_com_Tencent_WeKnora_internal_errors.AppError"
+ }
+ },
+ "403": {
+ "description": "无该租户成员关系",
+ "schema": {
+ "$ref": "#/definitions/github_com_Tencent_WeKnora_internal_errors.AppError"
+ }
+ }
+ }
+ }
+ },
"/auth/validate": {
"get": {
"security": [
@@ -6935,6 +7070,122 @@
}
}
},
+ "/mcp-services/{id}/credentials": {
+ "put": {
+ "security": [
+ {
+ "Bearer": []
+ },
+ {
+ "ApiKeyAuth": []
+ }
+ ],
+ "description": "为指定字段写入新凭据;省略的字段保留原值;空字符串视为 no-op(如需删除请用 DELETE)",
+ "consumes": [
+ "application/json"
+ ],
+ "produces": [
+ "application/json"
+ ],
+ "tags": [
+ "MCP服务"
+ ],
+ "summary": "设置 MCP 服务凭据",
+ "parameters": [
+ {
+ "type": "string",
+ "description": "MCP 服务 ID",
+ "name": "id",
+ "in": "path",
+ "required": true
+ },
+ {
+ "description": "{api_key?: string, token?: string}",
+ "name": "request",
+ "in": "body",
+ "required": true,
+ "schema": {
+ "type": "object",
+ "additionalProperties": true
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "写入后的凭据状态",
+ "schema": {
+ "type": "object",
+ "additionalProperties": true
+ }
+ },
+ "400": {
+ "description": "请求参数错误",
+ "schema": {
+ "$ref": "#/definitions/github_com_Tencent_WeKnora_internal_errors.AppError"
+ }
+ },
+ "404": {
+ "description": "服务不存在",
+ "schema": {
+ "$ref": "#/definitions/github_com_Tencent_WeKnora_internal_errors.AppError"
+ }
+ }
+ }
+ }
+ },
+ "/mcp-services/{id}/credentials/{field}": {
+ "delete": {
+ "security": [
+ {
+ "Bearer": []
+ },
+ {
+ "ApiKeyAuth": []
+ }
+ ],
+ "description": "删除指定字段的存储凭据;删除已为空的字段是幂等的",
+ "produces": [
+ "application/json"
+ ],
+ "tags": [
+ "MCP服务"
+ ],
+ "summary": "移除 MCP 服务的单个凭据字段",
+ "parameters": [
+ {
+ "type": "string",
+ "description": "MCP 服务 ID",
+ "name": "id",
+ "in": "path",
+ "required": true
+ },
+ {
+ "type": "string",
+ "description": "字段名(api_key | token)",
+ "name": "field",
+ "in": "path",
+ "required": true
+ }
+ ],
+ "responses": {
+ "204": {
+ "description": "No Content"
+ },
+ "400": {
+ "description": "字段名非法",
+ "schema": {
+ "$ref": "#/definitions/github_com_Tencent_WeKnora_internal_errors.AppError"
+ }
+ },
+ "404": {
+ "description": "服务不存在",
+ "schema": {
+ "$ref": "#/definitions/github_com_Tencent_WeKnora_internal_errors.AppError"
+ }
+ }
+ }
+ }
+ },
"/mcp-services/{id}/resources": {
"get": {
"security": [
@@ -7146,6 +7397,136 @@
}
}
},
+ "/me/invitations": {
+ "get": {
+ "security": [
+ {
+ "Bearer": []
+ }
+ ],
+ "description": "返回当前登录用户的待接受邀请(默认仅 pending),用于头像入口和 /invitations 收件箱页。",
+ "produces": [
+ "application/json"
+ ],
+ "tags": [
+ "我的邀请"
+ ],
+ "summary": "列出我的待接受邀请",
+ "parameters": [
+ {
+ "type": "boolean",
+ "description": "是否包含已处理 / 已过期等终止态行(默认 false)",
+ "name": "include_terminal",
+ "in": "query"
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "OK",
+ "schema": {
+ "type": "object",
+ "additionalProperties": true
+ }
+ }
+ }
+ }
+ },
+ "/me/invitations/pending-count": {
+ "get": {
+ "security": [
+ {
+ "Bearer": []
+ }
+ ],
+ "description": "轻量级 endpoint,返回当前登录用户的 pending 邀请数,用于头像旁的角标轮询。",
+ "produces": [
+ "application/json"
+ ],
+ "tags": [
+ "我的邀请"
+ ],
+ "summary": "获取我的待处理邀请数",
+ "responses": {
+ "200": {
+ "description": "OK",
+ "schema": {
+ "type": "object",
+ "additionalProperties": true
+ }
+ }
+ }
+ }
+ },
+ "/me/invitations/{inv_id}/accept": {
+ "post": {
+ "security": [
+ {
+ "Bearer": []
+ }
+ ],
+ "description": "当前登录用户接受一条 pending 邀请;服务端会同时写入 tenant_members 行。",
+ "produces": [
+ "application/json"
+ ],
+ "tags": [
+ "我的邀请"
+ ],
+ "summary": "接受邀请",
+ "parameters": [
+ {
+ "type": "string",
+ "description": "邀请 ID",
+ "name": "inv_id",
+ "in": "path",
+ "required": true
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "OK",
+ "schema": {
+ "type": "object",
+ "additionalProperties": true
+ }
+ }
+ }
+ }
+ },
+ "/me/invitations/{inv_id}/decline": {
+ "post": {
+ "security": [
+ {
+ "Bearer": []
+ }
+ ],
+ "description": "当前登录用户拒绝一条 pending 邀请;不创建 tenant_members 行。",
+ "produces": [
+ "application/json"
+ ],
+ "tags": [
+ "我的邀请"
+ ],
+ "summary": "拒绝邀请",
+ "parameters": [
+ {
+ "type": "string",
+ "description": "邀请 ID",
+ "name": "inv_id",
+ "in": "path",
+ "required": true
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "OK",
+ "schema": {
+ "type": "object",
+ "additionalProperties": true
+ }
+ }
+ }
+ }
+ },
"/messages/chat-history-stats": {
"get": {
"security": [
@@ -7655,7 +8036,7 @@
"Bearer": []
}
],
- "description": "获取当前用户所属的所有组织,并附带各空间内知识库/智能体数量",
+ "description": "获取当前租户所属的所有组织,并附带各空间内知识库/智能体数量",
"produces": [
"application/json"
],
@@ -8355,7 +8736,7 @@
"Bearer": []
}
],
- "description": "获取组织的所有成员",
+ "description": "获取组织的所有成员(按租户)",
"produces": [
"application/json"
],
@@ -8382,14 +8763,14 @@
}
}
},
- "/organizations/{id}/members/{user_id}": {
+ "/organizations/{id}/members/{tenant_id}": {
"put": {
"security": [
{
"Bearer": []
}
],
- "description": "更新组织成员的角色(需要管理员权限)",
+ "description": "更新组织成员(租户)的角色(需要管理员权限)",
"consumes": [
"application/json"
],
@@ -8410,8 +8791,8 @@
},
{
"type": "string",
- "description": "用户ID",
- "name": "user_id",
+ "description": "成员租户ID",
+ "name": "tenant_id",
"in": "path",
"required": true
},
@@ -8447,7 +8828,7 @@
"Bearer": []
}
],
- "description": "从组织中移除成员(需要管理员权限)",
+ "description": "从组织中移除成员租户(需要管理员权限)",
"tags": [
"组织管理"
],
@@ -8462,8 +8843,8 @@
},
{
"type": "string",
- "description": "用户ID",
- "name": "user_id",
+ "description": "成员租户ID",
+ "name": "tenant_id",
"in": "path",
"required": true
}
@@ -8538,21 +8919,21 @@
}
}
},
- "/organizations/{id}/search-users": {
+ "/organizations/{id}/search-tenants": {
"get": {
"security": [
{
"Bearer": []
}
],
- "description": "搜索用户(排除已有成员)用于邀请加入组织",
+ "description": "搜索租户(排除已加入的租户)用于邀请加入组织;按租户去重,附带代表用户",
"produces": [
"application/json"
],
"tags": [
"组织管理"
],
- "summary": "搜索可邀请的用户",
+ "summary": "搜索可邀请的租户",
"parameters": [
{
"type": "string",
@@ -8563,7 +8944,7 @@
},
{
"type": "string",
- "description": "搜索关键词(用户名或邮箱)",
+ "description": "搜索关键词(租户名、用户名或邮箱)",
"name": "q",
"in": "query",
"required": true
@@ -8593,6 +8974,12 @@
}
}
},
+ "/organizations/{id}/search-users": {
+ "get": {
+ "deprecated": true,
+ "responses": {}
+ }
+ },
"/organizations/{id}/shared-agents": {
"get": {
"security": [
@@ -9773,7 +10160,7 @@
"Bearer": []
}
],
- "description": "创建新的租户",
+ "description": "创建新的租户。任意已登录用户均可调用以建立自己的新工作区,\n调用方会被自动设为该租户的 Owner。跨租户超管仍可像以前一样\n通过本接口创建任意租户。",
"consumes": [
"application/json"
],
@@ -9791,7 +10178,7 @@
"in": "body",
"required": true,
"schema": {
- "$ref": "#/definitions/github_com_Tencent_WeKnora_internal_types.Tenant"
+ "$ref": "#/definitions/internal_handler.createTenantRequest"
}
}
],
@@ -9847,82 +10234,6 @@
}
}
},
- "/tenants/kv/agent-config": {
- "get": {
- "security": [
- {
- "Bearer": []
- },
- {
- "ApiKeyAuth": []
- }
- ],
- "description": "获取租户的全局Agent配置(默认应用于所有会话)",
- "consumes": [
- "application/json"
- ],
- "produces": [
- "application/json"
- ],
- "tags": [
- "租户管理"
- ],
- "summary": "获取租户Agent配置",
- "responses": {
- "200": {
- "description": "Agent配置",
- "schema": {
- "type": "object",
- "additionalProperties": true
- }
- },
- "400": {
- "description": "请求参数错误",
- "schema": {
- "$ref": "#/definitions/github_com_Tencent_WeKnora_internal_errors.AppError"
- }
- }
- }
- }
- },
- "/tenants/kv/conversation-config": {
- "get": {
- "security": [
- {
- "Bearer": []
- },
- {
- "ApiKeyAuth": []
- }
- ],
- "description": "获取租户的全局对话配置(默认应用于普通模式会话)",
- "consumes": [
- "application/json"
- ],
- "produces": [
- "application/json"
- ],
- "tags": [
- "租户管理"
- ],
- "summary": "获取租户对话配置",
- "responses": {
- "200": {
- "description": "对话配置",
- "schema": {
- "type": "object",
- "additionalProperties": true
- }
- },
- "400": {
- "description": "请求参数错误",
- "schema": {
- "$ref": "#/definitions/github_com_Tencent_WeKnora_internal_errors.AppError"
- }
- }
- }
- }
- },
"/tenants/kv/prompt-templates": {
"get": {
"security": [
@@ -10009,7 +10320,7 @@
"ApiKeyAuth": []
}
],
- "description": "获取租户级别的KV配置(支持agent-config、web-search-config、conversation-config)",
+ "description": "获取租户级别的KV配置(支持web-search-config、prompt-templates、parser-engine-config、storage-engine-config、chat-history-config、retrieval-config)",
"consumes": [
"application/json"
],
@@ -10054,7 +10365,7 @@
"ApiKeyAuth": []
}
],
- "description": "更新租户级别的KV配置(支持agent-config、web-search-config、conversation-config)",
+ "description": "更新租户级别的KV配置(支持web-search-config、parser-engine-config、storage-engine-config、chat-history-config、retrieval-config)",
"consumes": [
"application/json"
],
@@ -10362,6 +10673,535 @@
}
}
},
+ "/tenants/{id}/audit-log": {
+ "get": {
+ "security": [
+ {
+ "Bearer": []
+ },
+ {
+ "ApiKeyAuth": []
+ }
+ ],
+ "description": "返回该租户最近的审计事件,按 id 倒序。游标分页:将上次响应的 next_cursor 作为下一次请求的 after_id。",
+ "produces": [
+ "application/json"
+ ],
+ "tags": [
+ "审计日志"
+ ],
+ "summary": "获取租户审计日志",
+ "parameters": [
+ {
+ "type": "string",
+ "description": "租户ID",
+ "name": "id",
+ "in": "path",
+ "required": true
+ },
+ {
+ "type": "integer",
+ "description": "游标:返回 id 小于此值的记录(默认从最新开始)",
+ "name": "after_id",
+ "in": "query"
+ },
+ {
+ "type": "integer",
+ "description": "页大小,1-100,默认 50",
+ "name": "limit",
+ "in": "query"
+ },
+ {
+ "type": "string",
+ "description": "按 action 精确过滤(如 rbac.member_added / rbac.access_denied)",
+ "name": "action",
+ "in": "query"
+ },
+ {
+ "type": "string",
+ "description": "按 outcome 精确过滤(success / denied)",
+ "name": "outcome",
+ "in": "query"
+ },
+ {
+ "type": "string",
+ "description": "按 actor_user_id 精确过滤",
+ "name": "actor",
+ "in": "query"
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "OK",
+ "schema": {
+ "$ref": "#/definitions/internal_handler.auditLogListResponse"
+ }
+ },
+ "400": {
+ "description": "Bad Request",
+ "schema": {
+ "$ref": "#/definitions/github_com_Tencent_WeKnora_internal_errors.AppError"
+ }
+ }
+ }
+ }
+ },
+ "/tenants/{id}/invitations": {
+ "get": {
+ "security": [
+ {
+ "Bearer": []
+ }
+ ],
+ "description": "按 tenant 列出待接受 / 历史邀请。query include_terminal=true 时附带 accepted/declined/revoked/expired。",
+ "produces": [
+ "application/json"
+ ],
+ "tags": [
+ "租户邀请"
+ ],
+ "summary": "列出租户邀请",
+ "parameters": [
+ {
+ "type": "string",
+ "description": "租户 ID",
+ "name": "id",
+ "in": "path",
+ "required": true
+ },
+ {
+ "type": "boolean",
+ "description": "是否包含终止态行(默认 false)",
+ "name": "include_terminal",
+ "in": "query"
+ },
+ {
+ "type": "integer",
+ "default": 1,
+ "description": "页码(从 1 起)",
+ "name": "page",
+ "in": "query"
+ },
+ {
+ "type": "integer",
+ "default": 20,
+ "description": "每页数量",
+ "name": "page_size",
+ "in": "query"
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "OK",
+ "schema": {
+ "type": "object",
+ "additionalProperties": true
+ }
+ }
+ }
+ },
+ "post": {
+ "security": [
+ {
+ "Bearer": []
+ }
+ ],
+ "description": "Owner 通过邮箱邀请已注册用户加入当前租户;被邀请人需要在 /me/invitations 接受后才会成为成员。",
+ "consumes": [
+ "application/json"
+ ],
+ "produces": [
+ "application/json"
+ ],
+ "tags": [
+ "租户邀请"
+ ],
+ "summary": "发出租户邀请",
+ "parameters": [
+ {
+ "type": "string",
+ "description": "租户 ID",
+ "name": "id",
+ "in": "path",
+ "required": true
+ },
+ {
+ "description": "邀请请求",
+ "name": "request",
+ "in": "body",
+ "required": true,
+ "schema": {
+ "$ref": "#/definitions/internal_handler.createInvitationRequest"
+ }
+ }
+ ],
+ "responses": {
+ "201": {
+ "description": "Created",
+ "schema": {
+ "type": "object",
+ "additionalProperties": true
+ }
+ }
+ }
+ }
+ },
+ "/tenants/{id}/invitations/{inv_id}": {
+ "delete": {
+ "security": [
+ {
+ "Bearer": []
+ }
+ ],
+ "description": "Owner 取消一条还在 pending 的邀请;已 accepted/declined/revoked/expired 的行不可再撤销。",
+ "produces": [
+ "application/json"
+ ],
+ "tags": [
+ "租户邀请"
+ ],
+ "summary": "撤销待接受邀请",
+ "parameters": [
+ {
+ "type": "string",
+ "description": "租户 ID",
+ "name": "id",
+ "in": "path",
+ "required": true
+ },
+ {
+ "type": "string",
+ "description": "邀请 ID",
+ "name": "inv_id",
+ "in": "path",
+ "required": true
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "OK",
+ "schema": {
+ "type": "object",
+ "additionalProperties": true
+ }
+ }
+ }
+ }
+ },
+ "/tenants/{id}/leave": {
+ "post": {
+ "security": [
+ {
+ "Bearer": []
+ }
+ ],
+ "description": "调用方主动退出当前租户。等价于以自己的 user_id 调 RemoveMember,",
+ "produces": [
+ "application/json"
+ ],
+ "tags": [
+ "租户成员"
+ ],
+ "summary": "退出当前租户",
+ "parameters": [
+ {
+ "type": "string",
+ "description": "租户 ID",
+ "name": "id",
+ "in": "path",
+ "required": true
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "OK",
+ "schema": {
+ "type": "object",
+ "additionalProperties": true
+ }
+ }
+ }
+ }
+ },
+ "/tenants/{id}/members": {
+ "get": {
+ "security": [
+ {
+ "Bearer": []
+ }
+ ],
+ "description": "分页返回当前租户内 active 成员(含每位成员的角色、邮箱、头像);支持 q 按邮箱/用户名筛选",
+ "produces": [
+ "application/json"
+ ],
+ "tags": [
+ "租户成员"
+ ],
+ "summary": "列出租户成员",
+ "parameters": [
+ {
+ "type": "string",
+ "description": "租户 ID",
+ "name": "id",
+ "in": "path",
+ "required": true
+ },
+ {
+ "type": "string",
+ "description": "按邮箱/用户名模糊筛选",
+ "name": "q",
+ "in": "query"
+ },
+ {
+ "type": "integer",
+ "default": 1,
+ "description": "页码(从 1 起)",
+ "name": "page",
+ "in": "query"
+ },
+ {
+ "type": "integer",
+ "default": 20,
+ "description": "每页数量(最大 100)",
+ "name": "page_size",
+ "in": "query"
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "OK",
+ "schema": {
+ "type": "object",
+ "additionalProperties": true
+ }
+ }
+ }
+ },
+ "post": {
+ "security": [
+ {
+ "Bearer": []
+ }
+ ],
+ "consumes": [
+ "application/json"
+ ],
+ "produces": [
+ "application/json"
+ ],
+ "tags": [
+ "租户成员"
+ ],
+ "summary": "直接添加租户成员(直加路径)",
+ "parameters": [
+ {
+ "type": "string",
+ "description": "租户 ID",
+ "name": "id",
+ "in": "path",
+ "required": true
+ },
+ {
+ "description": "邀请请求",
+ "name": "request",
+ "in": "body",
+ "required": true,
+ "schema": {
+ "$ref": "#/definitions/internal_handler.addMemberRequest"
+ }
+ }
+ ],
+ "responses": {
+ "201": {
+ "description": "Created",
+ "schema": {
+ "type": "object",
+ "additionalProperties": true
+ }
+ }
+ }
+ }
+ },
+ "/tenants/{id}/members/{user_id}": {
+ "put": {
+ "security": [
+ {
+ "Bearer": []
+ }
+ ],
+ "description": "Owner 修改某位成员在当前租户内的角色;不能将最后一位 Owner 降级",
+ "consumes": [
+ "application/json"
+ ],
+ "produces": [
+ "application/json"
+ ],
+ "tags": [
+ "租户成员"
+ ],
+ "summary": "修改租户成员角色",
+ "parameters": [
+ {
+ "type": "string",
+ "description": "租户 ID",
+ "name": "id",
+ "in": "path",
+ "required": true
+ },
+ {
+ "type": "string",
+ "description": "用户 ID",
+ "name": "user_id",
+ "in": "path",
+ "required": true
+ },
+ {
+ "description": "目标角色",
+ "name": "request",
+ "in": "body",
+ "required": true,
+ "schema": {
+ "$ref": "#/definitions/internal_handler.updateMemberRoleRequest"
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "OK",
+ "schema": {
+ "type": "object",
+ "additionalProperties": true
+ }
+ }
+ }
+ },
+ "delete": {
+ "security": [
+ {
+ "Bearer": []
+ }
+ ],
+ "description": "Owner 将某位成员从当前租户中移除(软删除 tenant_members 行);不能移除最后一位 Owner",
+ "produces": [
+ "application/json"
+ ],
+ "tags": [
+ "租户成员"
+ ],
+ "summary": "移除租户成员",
+ "parameters": [
+ {
+ "type": "string",
+ "description": "租户 ID",
+ "name": "id",
+ "in": "path",
+ "required": true
+ },
+ {
+ "type": "string",
+ "description": "用户 ID",
+ "name": "user_id",
+ "in": "path",
+ "required": true
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "OK",
+ "schema": {
+ "type": "object",
+ "additionalProperties": true
+ }
+ }
+ }
+ }
+ },
+ "/user/favorites": {
+ "get": {
+ "description": "Lists this user's starred resources in the current tenant for a given type",
+ "tags": [
+ "User"
+ ],
+ "summary": "List my favorites",
+ "parameters": [
+ {
+ "type": "string",
+ "description": "Resource type (kb | agent)",
+ "name": "type",
+ "in": "query",
+ "required": true
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "OK",
+ "schema": {
+ "type": "object",
+ "additionalProperties": true
+ }
+ }
+ }
+ },
+ "post": {
+ "tags": [
+ "User"
+ ],
+ "summary": "Star a resource",
+ "parameters": [
+ {
+ "description": "Type + id",
+ "name": "body",
+ "in": "body",
+ "required": true,
+ "schema": {
+ "$ref": "#/definitions/internal_handler.AddFavoriteRequest"
+ }
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "OK",
+ "schema": {
+ "type": "object",
+ "additionalProperties": true
+ }
+ }
+ }
+ }
+ },
+ "/user/favorites/{type}/{id}": {
+ "delete": {
+ "tags": [
+ "User"
+ ],
+ "summary": "Unstar a resource",
+ "parameters": [
+ {
+ "type": "string",
+ "description": "Resource type",
+ "name": "type",
+ "in": "path",
+ "required": true
+ },
+ {
+ "type": "string",
+ "description": "Resource id",
+ "name": "id",
+ "in": "path",
+ "required": true
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "OK",
+ "schema": {
+ "type": "object",
+ "additionalProperties": true
+ }
+ }
+ }
+ }
+ },
"/vector-stores": {
"get": {
"security": [
@@ -11359,7 +12199,9 @@
2100,
2101,
2102,
- 2103
+ 2103,
+ 2200,
+ 2201
],
"x-enum-varnames": [
"ErrBadRequest",
@@ -11381,7 +12223,9 @@
"ErrAgentMissingThinkingModel",
"ErrAgentMissingAllowedTools",
"ErrAgentInvalidMaxIterations",
- "ErrAgentInvalidTemperature"
+ "ErrAgentInvalidTemperature",
+ "ErrVectorStoreBindingInvalid",
+ "ErrVectorStoreUnavailable"
]
},
"github_com_Tencent_WeKnora_internal_infrastructure_chunker.DocProfile": {
@@ -11495,133 +12339,6 @@
}
}
},
- "github_com_Tencent_WeKnora_internal_types.AgentConfig": {
- "type": "object",
- "properties": {
- "allowed_skills": {
- "description": "Skill names whitelist (empty = allow all)",
- "type": "array",
- "items": {
- "type": "string"
- }
- },
- "allowed_tools": {
- "description": "List of allowed tool names",
- "type": "array",
- "items": {
- "type": "string"
- }
- },
- "history_turns": {
- "description": "Number of history turns to keep in context",
- "type": "integer"
- },
- "knowledge_bases": {
- "description": "Accessible knowledge base IDs",
- "type": "array",
- "items": {
- "type": "string"
- }
- },
- "knowledge_ids": {
- "description": "Accessible knowledge IDs (individual documents)",
- "type": "array",
- "items": {
- "type": "string"
- }
- },
- "llm_call_timeout": {
- "description": "LLM call timeout in seconds (default: 120). Controls the maximum time for a single LLM call.",
- "type": "integer"
- },
- "max_context_tokens": {
- "description": "Maximum context window tokens for the agent (default: 200000).\nThe agent compresses older messages to stay within this limit,\npreserving tool_call/tool_result pairs.",
- "type": "integer"
- },
- "max_iterations": {
- "description": "Maximum number of ReAct iterations",
- "type": "integer"
- },
- "max_tool_output_chars": {
- "description": "Maximum character length for tool output (default: 16000).\nOutputs exceeding this limit are truncated with head + tail preservation.",
- "type": "integer"
- },
- "mcp_selection_mode": {
- "description": "MCP service selection",
- "type": "string"
- },
- "mcp_services": {
- "description": "Selected MCP service IDs (when mode is \"selected\")",
- "type": "array",
- "items": {
- "type": "string"
- }
- },
- "multi_turn_enabled": {
- "description": "Whether multi-turn conversation is enabled",
- "type": "boolean"
- },
- "parallel_tool_calls": {
- "description": "Whether to execute independent tool calls in parallel (default: false).\nWhen enabled and the LLM returns multiple tool calls, they run concurrently via errgroup.",
- "type": "boolean"
- },
- "retain_retrieval_history": {
- "description": "Whether to retain retrieval history (like wiki_read_page results) across turns (default: false)",
- "type": "boolean"
- },
- "retrieve_kb_only_when_mentioned": {
- "description": "Whether to retrieve knowledge base only when explicitly mentioned with @ (default: false)",
- "type": "boolean"
- },
- "skill_dirs": {
- "description": "Directories to search for skills",
- "type": "array",
- "items": {
- "type": "string"
- }
- },
- "skills_enabled": {
- "description": "Skills configuration (Progressive Disclosure pattern)",
- "type": "boolean"
- },
- "system_prompt": {
- "description": "Unified system prompt (uses web_search_status placeholder for dynamic behavior)",
- "type": "string"
- },
- "system_prompt_web_disabled": {
- "description": "Deprecated: Custom prompt when web search is disabled",
- "type": "string"
- },
- "system_prompt_web_enabled": {
- "description": "Deprecated: Use SystemPrompt instead. Kept for backward compatibility during migration.",
- "type": "string"
- },
- "temperature": {
- "description": "LLM temperature for agent",
- "type": "number"
- },
- "thinking": {
- "description": "Whether to enable thinking mode (for models that support extended thinking)",
- "type": "boolean"
- },
- "use_custom_system_prompt": {
- "description": "Whether to use custom system prompt instead of default",
- "type": "boolean"
- },
- "web_search_enabled": {
- "description": "Whether web search tool is enabled",
- "type": "boolean"
- },
- "web_search_max_results": {
- "description": "Maximum number of web search results (default: 5)",
- "type": "integer"
- },
- "web_search_provider_id": {
- "description": "WebSearchProviderEntity ID (resolved from agent config)",
- "type": "string"
- }
- }
- },
"github_com_Tencent_WeKnora_internal_types.AgentStep": {
"type": "object",
"properties": {
@@ -11629,6 +12346,10 @@
"description": "Iteration number (0-indexed)",
"type": "integer"
},
+ "reasoning_content": {
+ "description": "ReasoningContent stores the OpenAI-protocol reasoning_content emitted by the\nmodel in this round. Persisted on AgentStep so cross-turn replay can put it\nback on the assistant message — required by MiMo / DeepSeek V3.2+ thinking\nmode, ignored by providers that don't recognize the field.",
+ "type": "string"
+ },
"thought": {
"description": "LLM's reasoning/thinking (Think phase)",
"type": "string"
@@ -11657,6 +12378,91 @@
"AnswerStrategyRandom"
]
},
+ "github_com_Tencent_WeKnora_internal_types.AuditAction": {
+ "type": "string",
+ "enum": [
+ "rbac.member_added",
+ "rbac.member_removed",
+ "rbac.member_role_changed",
+ "rbac.member_left",
+ "rbac.access_denied",
+ "rbac.invitation_sent",
+ "rbac.invitation_accepted",
+ "rbac.invitation_declined",
+ "rbac.invitation_revoked",
+ "rbac.invitation_expired"
+ ],
+ "x-enum-varnames": [
+ "AuditActionMemberAdded",
+ "AuditActionMemberRemoved",
+ "AuditActionMemberRoleChanged",
+ "AuditActionMemberLeft",
+ "AuditActionAccessDenied",
+ "AuditActionInvitationSent",
+ "AuditActionInvitationAccepted",
+ "AuditActionInvitationDeclined",
+ "AuditActionInvitationRevoked",
+ "AuditActionInvitationExpired"
+ ]
+ },
+ "github_com_Tencent_WeKnora_internal_types.AuditLog": {
+ "type": "object",
+ "properties": {
+ "action": {
+ "$ref": "#/definitions/github_com_Tencent_WeKnora_internal_types.AuditAction"
+ },
+ "actor_role": {
+ "type": "string"
+ },
+ "actor_user_id": {
+ "type": "string"
+ },
+ "created_at": {
+ "type": "string"
+ },
+ "details": {
+ "type": "array",
+ "items": {
+ "type": "integer"
+ }
+ },
+ "id": {
+ "type": "integer"
+ },
+ "outcome": {
+ "$ref": "#/definitions/github_com_Tencent_WeKnora_internal_types.AuditOutcome"
+ },
+ "request_method": {
+ "type": "string"
+ },
+ "request_path": {
+ "type": "string"
+ },
+ "target_id": {
+ "type": "string"
+ },
+ "target_type": {
+ "type": "string"
+ },
+ "target_user_id": {
+ "type": "string"
+ },
+ "tenant_id": {
+ "type": "integer"
+ }
+ }
+ },
+ "github_com_Tencent_WeKnora_internal_types.AuditOutcome": {
+ "type": "string",
+ "enum": [
+ "success",
+ "denied"
+ ],
+ "x-enum-varnames": [
+ "AuditOutcomeSuccess",
+ "AuditOutcomeDenied"
+ ]
+ },
"github_com_Tencent_WeKnora_internal_types.COSEngineConfig": {
"type": "object",
"properties": {
@@ -11844,76 +12650,6 @@
}
}
},
- "github_com_Tencent_WeKnora_internal_types.ConversationConfig": {
- "type": "object",
- "properties": {
- "context_template": {
- "description": "ContextTemplate is the prompt template for summarizing retrieval results",
- "type": "string"
- },
- "embedding_top_k": {
- "type": "integer"
- },
- "enable_query_expansion": {
- "type": "boolean"
- },
- "enable_rewrite": {
- "type": "boolean"
- },
- "fallback_prompt": {
- "type": "string"
- },
- "fallback_response": {
- "type": "string"
- },
- "fallback_strategy": {
- "description": "Fallback strategy",
- "type": "string"
- },
- "keyword_threshold": {
- "type": "number"
- },
- "max_completion_tokens": {
- "description": "MaxTokens is the maximum number of tokens to generate",
- "type": "integer"
- },
- "max_rounds": {
- "description": "Retrieval \u0026 strategy parameters",
- "type": "integer"
- },
- "prompt": {
- "description": "Prompt is the system prompt for normal mode",
- "type": "string"
- },
- "rerank_model_id": {
- "type": "string"
- },
- "rerank_threshold": {
- "type": "number"
- },
- "rerank_top_k": {
- "type": "integer"
- },
- "rewrite_prompt_system": {
- "description": "Rewrite prompts",
- "type": "string"
- },
- "rewrite_prompt_user": {
- "type": "string"
- },
- "summary_model_id": {
- "description": "Model configuration",
- "type": "string"
- },
- "temperature": {
- "description": "Temperature controls the randomness of the model output",
- "type": "number"
- },
- "vector_threshold": {
- "type": "number"
- }
- }
- },
"github_com_Tencent_WeKnora_internal_types.CreateOrganizationRequest": {
"type": "object",
"required": [
@@ -11986,6 +12722,10 @@
"description": "ContextTemplateID references a template ID in prompt_templates/ YAML files.\nIf set and ContextTemplate is empty, the template content will be resolved at startup.",
"type": "string"
},
+ "data_analysis_enabled": {
+ "description": "===== Data Analysis Settings =====\nWhether to run the legacy in-pipeline DuckDB SQL data-analysis stage when\nthe retrieved chunks include CSV/Excel files. This issues an extra LLM\ncall to generate a SQL query and is disabled by default because most\nquick-answer / RAG-style agents do not want the added latency.",
+ "type": "boolean"
+ },
"embedding_top_k": {
"description": "===== Retrieval Strategy Settings (for both modes) =====\nEmbedding/Vector retrieval top K",
"type": "integer"
@@ -12080,6 +12820,10 @@
"description": "===== Multi-turn Conversation Settings =====\nWhether multi-turn conversation is enabled",
"type": "boolean"
},
+ "query_understand_model_id": {
+ "description": "Dedicated chat model ID for the query-understanding (rewrite + intent) step.\nWhen empty, the main conversation ModelID is used as a fallback.",
+ "type": "string"
+ },
"rerank_model_id": {
"description": "ReRank model ID for retrieval",
"type": "string"
@@ -12633,10 +13377,13 @@
"github_com_Tencent_WeKnora_internal_types.InviteMemberRequest": {
"type": "object",
"required": [
- "role",
- "user_id"
+ "role"
],
"properties": {
+ "representative_user_id": {
+ "description": "RepresentativeUserID identifies the user attached to the OTM row for\ndisplay/audit. Optional: when unset, the handler picks a stable default\n(the user from the legacy UserID field, or the tenant's owner).",
+ "type": "string"
+ },
"role": {
"description": "Role to assign: admin/editor/viewer",
"allOf": [
@@ -12645,8 +13392,12 @@
}
]
},
+ "tenant_id": {
+ "description": "TenantID is the tenant to enrol as an org member. Preferred field.",
+ "type": "integer"
+ },
"user_id": {
- "description": "User ID to invite",
+ "description": "UserID is retained for backward compatibility. When set without\nTenantID, the handler resolves the user's TenantID and uses this\nuser as the representative.",
"type": "string"
}
}
@@ -12876,6 +13627,14 @@
"description": "Creation time of the knowledge base",
"type": "string"
},
+ "creator_id": {
+ "description": "CreatorID records the user ID of whoever originally created the KB.\nUsed by the tenant-level RBAC middleware to let Contributors edit\ntheir own KBs without granting them access to everyone else's.\nNullable for backward compatibility with rows created before the\nRBAC migration backfilled the column to the tenant Owner.",
+ "type": "string"
+ },
+ "creator_name": {
+ "description": "CreatorName 是 CreatorID 对应用户的展示名(username / email 等),\n仅在列表场景由 handler 批量回填,不落库;为空表示创建者无法解析(用户已删除、\nCreatorID 为空的老数据等)。前端用它在卡片来源徽章上做 mine vs tenant 的二分。",
+ "type": "string"
+ },
"deleted_at": {
"description": "Deletion time of the knowledge base",
"allOf": [
@@ -12929,7 +13688,7 @@
]
},
"is_pinned": {
- "description": "Whether this knowledge base is pinned to the top of the list",
+ "description": "IsPinned and PinnedAt are computed per-caller from user_kb_pins\n(see migration 000050). They used to be stored on the row itself,\nwhich made pinning a tenant-wide ordering decision gated behind\nthe kb-edit RBAC guard. The columns are still present in legacy\nschemas for rollback safety but are no longer read or written by\nthe application — both fields are tagged `gorm:\"-\"` so GORM\nignores them on every CRUD call and the list handler stamps them\nafter enriching with the caller's pin set.",
"type": "boolean"
},
"is_processing": {
@@ -12949,7 +13708,7 @@
"type": "string"
},
"pinned_at": {
- "description": "Time when the knowledge base was pinned (nil if not pinned)",
+ "description": "PinnedAt records when the current caller pinned this knowledge\nbase; nil when they have not.",
"type": "string"
},
"processing_count": {
@@ -13249,6 +14008,21 @@
"github_com_Tencent_WeKnora_internal_types.LoginResponse": {
"type": "object",
"properties": {
+ "active_tenant": {
+ "description": "ActiveTenant is the tenant whose ID is encoded in the issued JWT;\nfuture requests are scoped to it until the client calls /auth/switch-tenant.\nDefaults to the user's home tenant on a fresh login.",
+ "allOf": [
+ {
+ "$ref": "#/definitions/github_com_Tencent_WeKnora_internal_types.Tenant"
+ }
+ ]
+ },
+ "memberships": {
+ "description": "Memberships lists every tenant the user can authenticate into,\nalong with their role in each. Always populated (length 1 for users\nwho only belong to their home tenant) so frontends can render a\ntenant switcher without a follow-up request. Serialised without\nomitempty so the field is always present as a JSON array (possibly\nempty) — the \"always populated\" contract relies on the server side\nguaranteeing a non-nil slice.",
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/github_com_Tencent_WeKnora_internal_types.Membership"
+ }
+ },
"message": {
"type": "string"
},
@@ -13258,9 +14032,6 @@
"success": {
"type": "boolean"
},
- "tenant": {
- "$ref": "#/definitions/github_com_Tencent_WeKnora_internal_types.Tenant"
- },
"token": {
"type": "string"
},
@@ -13485,6 +14256,20 @@
"MatchTypeDataAnalysis"
]
},
+ "github_com_Tencent_WeKnora_internal_types.Membership": {
+ "type": "object",
+ "properties": {
+ "role": {
+ "$ref": "#/definitions/github_com_Tencent_WeKnora_internal_types.TenantRole"
+ },
+ "tenant_id": {
+ "type": "integer"
+ },
+ "tenant_name": {
+ "type": "string"
+ }
+ }
+ },
"github_com_Tencent_WeKnora_internal_types.MentionedItem": {
"type": "object",
"properties": {
@@ -13832,6 +14617,32 @@
"ModelTypeASR"
]
},
+ "github_com_Tencent_WeKnora_internal_types.OBSEngineConfig": {
+ "type": "object",
+ "properties": {
+ "access_key": {
+ "type": "string"
+ },
+ "bucket_name": {
+ "type": "string"
+ },
+ "endpoint": {
+ "type": "string"
+ },
+ "path_prefix": {
+ "type": "string"
+ },
+ "region": {
+ "type": "string"
+ },
+ "secret_key": {
+ "type": "string"
+ },
+ "use_ssl": {
+ "type": "boolean"
+ }
+ }
+ },
"github_com_Tencent_WeKnora_internal_types.OIDCAuthURLResponse": {
"type": "object",
"properties": {
@@ -13923,12 +14734,18 @@
"joined_at": {
"type": "string"
},
+ "representative_user_id": {
+ "type": "string"
+ },
"role": {
"type": "string"
},
"tenant_id": {
"type": "integer"
},
+ "tenant_name": {
+ "type": "string"
+ },
"user_id": {
"type": "string"
},
@@ -13988,6 +14805,10 @@
"owner_id": {
"type": "string"
},
+ "owner_tenant_id": {
+ "description": "OwnerTenantID is the persisted owner tenant of the organization\n(Plan 3, migration 000046). Frontend uses this to identify the\n\"owner row\" in the tenant-keyed members list — comparing\nmember.tenant_id against owner_tenant_id is the post-Plan-3\nequivalent of the old member.user_id == owner_id check.",
+ "type": "integer"
+ },
"pending_join_request_count": {
"description": "待审批加入申请数(仅管理员可见)",
"type": "integer"
@@ -14049,6 +14870,10 @@
"mineru_model": {
"description": "MinerU 自建解析参数",
"type": "string"
+ },
+ "mineru_vlm_server_url": {
+ "description": "vLLM 服务器地址 (vlm-http-client / hybrid-http-client)",
+ "type": "string"
}
}
},
@@ -14362,6 +15187,9 @@
"endpoint": {
"type": "string"
},
+ "force_path_style": {
+ "type": "boolean"
+ },
"path_prefix": {
"type": "string"
},
@@ -14370,6 +15198,9 @@
},
"secret_key": {
"type": "string"
+ },
+ "use_ssl": {
+ "type": "boolean"
}
}
},
@@ -14556,6 +15387,14 @@
"description": "IsPinned indicates whether the session is pinned in the list.",
"type": "boolean"
},
+ "last_request_state": {
+ "description": "LastRequestState records the input-bar state used the last time this\nsession sent a question (agent, model, KB scope, web search, MCPs).\nPersisted on every successful POST to /knowledge-chat or /agent-chat so\nthat reopening the session can restore the original request context to\nthe chat UI. Stored in the legacy sessions.agent_config JSONB column to\navoid a new migration; the shape used today is `SessionLastRequestState`.",
+ "allOf": [
+ {
+ "$ref": "#/definitions/github_com_Tencent_WeKnora_internal_types.SessionLastRequestState"
+ }
+ ]
+ },
"pinned_at": {
"description": "PinnedAt records when the session was pinned; nil when not pinned.",
"type": "string"
@@ -14577,6 +15416,35 @@
}
}
},
+ "github_com_Tencent_WeKnora_internal_types.SessionLastRequestState": {
+ "type": "object",
+ "properties": {
+ "agent_enabled": {
+ "type": "boolean"
+ },
+ "agent_id": {
+ "type": "string"
+ },
+ "knowledge_base_ids": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ },
+ "knowledge_ids": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ },
+ "model_id": {
+ "type": "string"
+ },
+ "web_search_enabled": {
+ "type": "boolean"
+ }
+ }
+ },
"github_com_Tencent_WeKnora_internal_types.ShareKnowledgeBaseRequest": {
"type": "object",
"required": [
@@ -14596,25 +15464,44 @@
"type": "object",
"properties": {
"app_id": {
+ "description": "App ID (COS specific)",
"type": "string"
},
"bucket_name": {
+ "description": "Bucket Name",
"type": "string"
},
+ "endpoint": {
+ "description": "Endpoint (S3 specific) - e.g., s3.amazonaws.com, oss-cn-hangzhou.aliyuncs.com",
+ "type": "string"
+ },
+ "force_path_style": {
+ "description": "ForcePathStyle (S3 specific) - whether to use path-style URLs",
+ "type": "boolean"
+ },
"path_prefix": {
+ "description": "Path Prefix",
"type": "string"
},
"provider": {
+ "description": "Provider: \"cos\", \"minio\", \"s3\"",
"type": "string"
},
"region": {
+ "description": "Region",
"type": "string"
},
"secret_id": {
+ "description": "Secret ID (COS) / Access Key ID (S3, MinIO)",
"type": "string"
},
"secret_key": {
+ "description": "Secret Key (COS) / Secret Access Key (S3, MinIO)",
"type": "string"
+ },
+ "use_ssl": {
+ "description": "UseSSL (S3 specific) - whether to use HTTPS",
+ "type": "boolean"
}
}
},
@@ -14625,7 +15512,7 @@
"$ref": "#/definitions/github_com_Tencent_WeKnora_internal_types.COSEngineConfig"
},
"default_provider": {
- "description": "\"local\", \"minio\", \"cos\", \"tos\", \"s3\", \"oss\", \"ks3\"",
+ "description": "\"local\", \"minio\", \"cos\", \"tos\", \"s3\", \"oss\", \"ks3\", \"obs\"",
"type": "string"
},
"ks3": {
@@ -14637,6 +15524,9 @@
"minio": {
"$ref": "#/definitions/github_com_Tencent_WeKnora_internal_types.MinIOEngineConfig"
},
+ "obs": {
+ "$ref": "#/definitions/github_com_Tencent_WeKnora_internal_types.OBSEngineConfig"
+ },
"oss": {
"$ref": "#/definitions/github_com_Tencent_WeKnora_internal_types.OSSEngineConfig"
},
@@ -14652,7 +15542,7 @@
"type": "object",
"properties": {
"provider": {
- "description": "\"local\", \"minio\", \"cos\", \"tos\", \"s3\", \"oss\", \"ks3\"",
+ "description": "\"local\", \"minio\", \"cos\", \"tos\", \"s3\", \"oss\", \"ks3\", \"obs\"",
"type": "string"
}
}
@@ -14780,14 +15670,6 @@
"github_com_Tencent_WeKnora_internal_types.Tenant": {
"type": "object",
"properties": {
- "agent_config": {
- "description": "Deprecated: AgentConfig is deprecated, use CustomAgent (builtin-smart-reasoning) config instead.\nThis field is kept for backward compatibility and will be removed in future versions.",
- "allOf": [
- {
- "$ref": "#/definitions/github_com_Tencent_WeKnora_internal_types.AgentConfig"
- }
- ]
- },
"api_key": {
"description": "API key",
"type": "string"
@@ -14812,14 +15694,6 @@
}
]
},
- "conversation_config": {
- "description": "Deprecated: ConversationConfig is deprecated, use CustomAgent (builtin-quick-answer) config instead.\nThis field is kept for backward compatibility and will be removed in future versions.",
- "allOf": [
- {
- "$ref": "#/definitions/github_com_Tencent_WeKnora_internal_types.ConversationConfig"
- }
- ]
- },
"created_at": {
"description": "Creation time",
"type": "string"
@@ -14910,6 +15784,21 @@
}
}
},
+ "github_com_Tencent_WeKnora_internal_types.TenantRole": {
+ "type": "string",
+ "enum": [
+ "owner",
+ "admin",
+ "contributor",
+ "viewer"
+ ],
+ "x-enum-varnames": [
+ "TenantRoleOwner",
+ "TenantRoleAdmin",
+ "TenantRoleContributor",
+ "TenantRoleViewer"
+ ]
+ },
"github_com_Tencent_WeKnora_internal_types.ToolCall": {
"type": "object",
"properties": {
@@ -15064,6 +15953,14 @@
"description": "Whether the user is active",
"type": "boolean"
},
+ "preferences": {
+ "description": "Per-user UI/feature preferences (memory toggle, future knobs).\nStored as JSON (jsonb on Postgres, TEXT on SQLite) via the\ndriver.Valuer / sql.Scanner methods on UserPreferences.",
+ "allOf": [
+ {
+ "$ref": "#/definitions/github_com_Tencent_WeKnora_internal_types.UserPreferences"
+ }
+ ]
+ },
"tenant": {
"description": "Association relationship, not stored in the database",
"allOf": [
@@ -15086,6 +15983,19 @@
}
}
},
+ "github_com_Tencent_WeKnora_internal_types.UserPreferences": {
+ "type": "object",
+ "properties": {
+ "enable_memory": {
+ "description": "EnableMemory mirrors the \"开启记忆功能\" switch in General Settings.\nnil = preference never set (treat as feature default = false)\n*false / *true = user explicitly set the toggle.",
+ "type": "boolean"
+ },
+ "last_active_tenant_id": {
+ "description": "LastActiveTenantID remembers the last tenant the user actively\nswitched into, so a fresh login (new device, cleared browser, new\nrefresh token) lands them back in that workspace instead of always\nbouncing to their home tenant. Login / RefreshToken validate that\nthe tenant still exists and the user still has an active membership\n(or CanAccessAllTenants) before honouring this preference; an\ninvalid pointer is best-effort cleared and the user falls back to\nhome.\n\nnil = no preference (use user.TenantID, i.e. home)\n*0 = \"clear preference\" sentinel for the partial-update endpoint\n (UpdateUserPreferences turns this into nil). Otherwise treat\n a stored *0 the same as nil.\n*N = preferred tenant id.",
+ "type": "integer"
+ }
+ }
+ },
"github_com_Tencent_WeKnora_internal_types.VLMConfig": {
"type": "object",
"properties": {
@@ -15744,6 +16654,17 @@
}
}
},
+ "internal_handler.AddFavoriteRequest": {
+ "type": "object",
+ "properties": {
+ "id": {
+ "type": "string"
+ },
+ "type": {
+ "type": "string"
+ }
+ }
+ },
"internal_handler.BatchDeleteKnowledgeRequest": {
"type": "object",
"required": [
@@ -16331,6 +17252,10 @@
"interfaceType": {
"type": "string"
},
+ "modelId": {
+ "description": "ModelID, when set, instructs the handler to substitute any missing\nsecrets (APIKey, AppSecret via ExtraConfig) from the stored model\nrecord before assembling the test client. This lets the \"Test\nconnection\" button work on existing models without making the\nfrontend reload — and ship — the plaintext API key. Other fields\n(BaseURL, ModelName, etc.) on this request still override the\nstored values, so a user can validate a new endpoint against the\nexisting credentials in one click.",
+ "type": "string"
+ },
"modelName": {
"type": "string"
},
@@ -16546,6 +17471,10 @@
"interfaceType": {
"type": "string"
},
+ "modelId": {
+ "description": "ModelID, when set, instructs the handler to substitute any missing\nsecrets (APIKey, AppSecret via ExtraConfig) from the stored model\nrecord before assembling the test client. This lets the \"Test\nconnection\" button work on existing models without making the\nfrontend reload — and ship — the plaintext API key. Other fields\n(BaseURL, ModelName, etc.) on this request still override the\nstored values, so a user can validate a new endpoint against the\nexisting credentials in one click.",
+ "type": "string"
+ },
"modelName": {
"type": "string"
},
@@ -16597,11 +17526,14 @@
"minio": {
"$ref": "#/definitions/github_com_Tencent_WeKnora_internal_types.MinIOEngineConfig"
},
+ "obs": {
+ "$ref": "#/definitions/github_com_Tencent_WeKnora_internal_types.OBSEngineConfig"
+ },
"oss": {
"$ref": "#/definitions/github_com_Tencent_WeKnora_internal_types.OSSEngineConfig"
},
"provider": {
- "description": "\"minio\", \"cos\", \"tos\", \"s3\", \"oss\", \"ks3\"",
+ "description": "\"minio\", \"cos\", \"tos\", \"s3\", \"oss\", \"ks3\", \"obs\"",
"type": "string"
},
"s3": {
@@ -16808,6 +17740,21 @@
}
}
},
+ "internal_handler.addMemberRequest": {
+ "type": "object",
+ "required": [
+ "email",
+ "role"
+ ],
+ "properties": {
+ "email": {
+ "type": "string"
+ },
+ "role": {
+ "$ref": "#/definitions/github_com_Tencent_WeKnora_internal_types.TenantRole"
+ }
+ }
+ },
"internal_handler.addSimilarQuestionsRequest": {
"type": "object",
"required": [
@@ -16823,6 +17770,58 @@
}
}
},
+ "internal_handler.auditLogListResponse": {
+ "type": "object",
+ "properties": {
+ "data": {
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/github_com_Tencent_WeKnora_internal_types.AuditLog"
+ }
+ },
+ "next_cursor": {
+ "type": "integer"
+ },
+ "success": {
+ "type": "boolean"
+ }
+ }
+ },
+ "internal_handler.createInvitationRequest": {
+ "type": "object",
+ "required": [
+ "email",
+ "role"
+ ],
+ "properties": {
+ "email": {
+ "type": "string"
+ },
+ "message": {
+ "type": "string"
+ },
+ "role": {
+ "$ref": "#/definitions/github_com_Tencent_WeKnora_internal_types.TenantRole"
+ }
+ }
+ },
+ "internal_handler.createTenantRequest": {
+ "type": "object",
+ "required": [
+ "name"
+ ],
+ "properties": {
+ "description": {
+ "type": "string",
+ "maxLength": 512
+ },
+ "name": {
+ "type": "string",
+ "maxLength": 128,
+ "minLength": 1
+ }
+ }
+ },
"internal_handler.updateLastFAQImportResultDisplayStatusRequest": {
"type": "object",
"required": [
@@ -16838,6 +17837,29 @@
}
}
},
+ "internal_handler.updateMemberRoleRequest": {
+ "type": "object",
+ "required": [
+ "role"
+ ],
+ "properties": {
+ "role": {
+ "$ref": "#/definitions/github_com_Tencent_WeKnora_internal_types.TenantRole"
+ }
+ }
+ },
+ "internal_handler.updateMyPreferencesRequest": {
+ "type": "object",
+ "properties": {
+ "enable_memory": {
+ "type": "boolean"
+ },
+ "last_active_tenant_id": {
+ "description": "LastActiveTenantID lets the SPA persist \"after a fresh login,\ndrop me back into this workspace\" across devices. Send a positive\ntenant id to set / replace, or 0 to clear. Membership is validated\nat next login, not here. Nil = field omitted from the PATCH and\nstays untouched.",
+ "type": "integer"
+ }
+ }
+ },
"internal_handler_session.AttachmentUpload": {
"type": "object",
"properties": {
@@ -16885,7 +17907,7 @@
"type": "boolean"
},
"enable_memory": {
- "description": "Whether memory feature is enabled for this request",
+ "description": "EnableMemory is the per-request override for the memory feature.\nPointer + omitempty so the request can distinguish three states:\n nil = client did not specify; backend falls back to the calling\n user's persisted preference (user.preferences.enable_memory),\n defaulting to false if that's also unset. This is the path\n used by the normal logged-in chat UI now that the toggle is\n stored server-side per user.\n *true / *false = explicit override. Embedded mode forces *false so a\n user's personal memory setting doesn't leak into a widget\n context; older clients that still send a literal bool also\n land here (back-compat).",
"type": "boolean"
},
"images": {
diff --git a/docs/swagger.yaml b/docs/swagger.yaml
index 9eb57092..f2415fd3 100644
--- a/docs/swagger.yaml
+++ b/docs/swagger.yaml
@@ -113,6 +113,8 @@ definitions:
- 2101
- 2102
- 2103
+ - 2200
+ - 2201
type: integer
x-enum-varnames:
- ErrBadRequest
@@ -135,6 +137,8 @@ definitions:
- ErrAgentMissingAllowedTools
- ErrAgentInvalidMaxIterations
- ErrAgentInvalidTemperature
+ - ErrVectorStoreBindingInvalid
+ - ErrVectorStoreUnavailable
github_com_Tencent_WeKnora_internal_infrastructure_chunker.DocProfile:
properties:
all_caps_short_line_count:
@@ -211,117 +215,18 @@ definitions:
model_id:
type: string
type: object
- github_com_Tencent_WeKnora_internal_types.AgentConfig:
- properties:
- allowed_skills:
- description: Skill names whitelist (empty = allow all)
- items:
- type: string
- type: array
- allowed_tools:
- description: List of allowed tool names
- items:
- type: string
- type: array
- history_turns:
- description: Number of history turns to keep in context
- type: integer
- knowledge_bases:
- description: Accessible knowledge base IDs
- items:
- type: string
- type: array
- knowledge_ids:
- description: Accessible knowledge IDs (individual documents)
- items:
- type: string
- type: array
- llm_call_timeout:
- description: 'LLM call timeout in seconds (default: 120). Controls the maximum
- time for a single LLM call.'
- type: integer
- max_context_tokens:
- description: |-
- Maximum context window tokens for the agent (default: 200000).
- The agent compresses older messages to stay within this limit,
- preserving tool_call/tool_result pairs.
- type: integer
- max_iterations:
- description: Maximum number of ReAct iterations
- type: integer
- max_tool_output_chars:
- description: |-
- Maximum character length for tool output (default: 16000).
- Outputs exceeding this limit are truncated with head + tail preservation.
- type: integer
- mcp_selection_mode:
- description: MCP service selection
- type: string
- mcp_services:
- description: Selected MCP service IDs (when mode is "selected")
- items:
- type: string
- type: array
- multi_turn_enabled:
- description: Whether multi-turn conversation is enabled
- type: boolean
- parallel_tool_calls:
- description: |-
- Whether to execute independent tool calls in parallel (default: false).
- When enabled and the LLM returns multiple tool calls, they run concurrently via errgroup.
- type: boolean
- retain_retrieval_history:
- description: 'Whether to retain retrieval history (like wiki_read_page results)
- across turns (default: false)'
- type: boolean
- retrieve_kb_only_when_mentioned:
- description: 'Whether to retrieve knowledge base only when explicitly mentioned
- with @ (default: false)'
- type: boolean
- skill_dirs:
- description: Directories to search for skills
- items:
- type: string
- type: array
- skills_enabled:
- description: Skills configuration (Progressive Disclosure pattern)
- type: boolean
- system_prompt:
- description: Unified system prompt (uses web_search_status placeholder for
- dynamic behavior)
- type: string
- system_prompt_web_disabled:
- description: 'Deprecated: Custom prompt when web search is disabled'
- type: string
- system_prompt_web_enabled:
- description: 'Deprecated: Use SystemPrompt instead. Kept for backward compatibility
- during migration.'
- type: string
- temperature:
- description: LLM temperature for agent
- type: number
- thinking:
- description: Whether to enable thinking mode (for models that support extended
- thinking)
- type: boolean
- use_custom_system_prompt:
- description: Whether to use custom system prompt instead of default
- type: boolean
- web_search_enabled:
- description: Whether web search tool is enabled
- type: boolean
- web_search_max_results:
- description: 'Maximum number of web search results (default: 5)'
- type: integer
- web_search_provider_id:
- description: WebSearchProviderEntity ID (resolved from agent config)
- type: string
- type: object
github_com_Tencent_WeKnora_internal_types.AgentStep:
properties:
iteration:
description: Iteration number (0-indexed)
type: integer
+ reasoning_content:
+ description: |-
+ ReasoningContent stores the OpenAI-protocol reasoning_content emitted by the
+ model in this round. Persisted on AgentStep so cross-turn replay can put it
+ back on the assistant message — required by MiMo / DeepSeek V3.2+ thinking
+ mode, ignored by providers that don't recognize the field.
+ type: string
thought:
description: LLM's reasoning/thinking (Think phase)
type: string
@@ -342,6 +247,69 @@ definitions:
x-enum-varnames:
- AnswerStrategyAll
- AnswerStrategyRandom
+ github_com_Tencent_WeKnora_internal_types.AuditAction:
+ enum:
+ - rbac.member_added
+ - rbac.member_removed
+ - rbac.member_role_changed
+ - rbac.member_left
+ - rbac.access_denied
+ - rbac.invitation_sent
+ - rbac.invitation_accepted
+ - rbac.invitation_declined
+ - rbac.invitation_revoked
+ - rbac.invitation_expired
+ type: string
+ x-enum-varnames:
+ - AuditActionMemberAdded
+ - AuditActionMemberRemoved
+ - AuditActionMemberRoleChanged
+ - AuditActionMemberLeft
+ - AuditActionAccessDenied
+ - AuditActionInvitationSent
+ - AuditActionInvitationAccepted
+ - AuditActionInvitationDeclined
+ - AuditActionInvitationRevoked
+ - AuditActionInvitationExpired
+ github_com_Tencent_WeKnora_internal_types.AuditLog:
+ properties:
+ action:
+ $ref: '#/definitions/github_com_Tencent_WeKnora_internal_types.AuditAction'
+ actor_role:
+ type: string
+ actor_user_id:
+ type: string
+ created_at:
+ type: string
+ details:
+ items:
+ type: integer
+ type: array
+ id:
+ type: integer
+ outcome:
+ $ref: '#/definitions/github_com_Tencent_WeKnora_internal_types.AuditOutcome'
+ request_method:
+ type: string
+ request_path:
+ type: string
+ target_id:
+ type: string
+ target_type:
+ type: string
+ target_user_id:
+ type: string
+ tenant_id:
+ type: integer
+ type: object
+ github_com_Tencent_WeKnora_internal_types.AuditOutcome:
+ enum:
+ - success
+ - denied
+ type: string
+ x-enum-varnames:
+ - AuditOutcomeSuccess
+ - AuditOutcomeDenied
github_com_Tencent_WeKnora_internal_types.COSEngineConfig:
properties:
app_id:
@@ -502,56 +470,6 @@ definitions:
description: 'Summarize threshold: number of messages before summarization'
type: integer
type: object
- github_com_Tencent_WeKnora_internal_types.ConversationConfig:
- properties:
- context_template:
- description: ContextTemplate is the prompt template for summarizing retrieval
- results
- type: string
- embedding_top_k:
- type: integer
- enable_query_expansion:
- type: boolean
- enable_rewrite:
- type: boolean
- fallback_prompt:
- type: string
- fallback_response:
- type: string
- fallback_strategy:
- description: Fallback strategy
- type: string
- keyword_threshold:
- type: number
- max_completion_tokens:
- description: MaxTokens is the maximum number of tokens to generate
- type: integer
- max_rounds:
- description: Retrieval & strategy parameters
- type: integer
- prompt:
- description: Prompt is the system prompt for normal mode
- type: string
- rerank_model_id:
- type: string
- rerank_threshold:
- type: number
- rerank_top_k:
- type: integer
- rewrite_prompt_system:
- description: Rewrite prompts
- type: string
- rewrite_prompt_user:
- type: string
- summary_model_id:
- description: Model configuration
- type: string
- temperature:
- description: Temperature controls the randomness of the model output
- type: number
- vector_threshold:
- type: number
- type: object
github_com_Tencent_WeKnora_internal_types.CreateOrganizationRequest:
properties:
avatar:
@@ -614,6 +532,14 @@ definitions:
ContextTemplateID references a template ID in prompt_templates/ YAML files.
If set and ContextTemplate is empty, the template content will be resolved at startup.
type: string
+ data_analysis_enabled:
+ description: |-
+ ===== Data Analysis Settings =====
+ Whether to run the legacy in-pipeline DuckDB SQL data-analysis stage when
+ the retrieved chunks include CSV/Excel files. This issues an extra LLM
+ call to generate a SQL query and is disabled by default because most
+ quick-answer / RAG-style agents do not want the added latency.
+ type: boolean
embedding_top_k:
description: |-
===== Retrieval Strategy Settings (for both modes) =====
@@ -708,6 +634,11 @@ definitions:
===== Multi-turn Conversation Settings =====
Whether multi-turn conversation is enabled
type: boolean
+ query_understand_model_id:
+ description: |-
+ Dedicated chat model ID for the query-understanding (rewrite + intent) step.
+ When empty, the main conversation ModelID is used as a fallback.
+ type: string
rerank_model_id:
description: ReRank model ID for retrieval
type: string
@@ -1118,16 +1049,27 @@ definitions:
type: object
github_com_Tencent_WeKnora_internal_types.InviteMemberRequest:
properties:
+ representative_user_id:
+ description: |-
+ RepresentativeUserID identifies the user attached to the OTM row for
+ display/audit. Optional: when unset, the handler picks a stable default
+ (the user from the legacy UserID field, or the tenant's owner).
+ type: string
role:
allOf:
- $ref: '#/definitions/github_com_Tencent_WeKnora_internal_types.OrgMemberRole'
description: 'Role to assign: admin/editor/viewer'
+ tenant_id:
+ description: TenantID is the tenant to enrol as an org member. Preferred field.
+ type: integer
user_id:
- description: User ID to invite
+ description: |-
+ UserID is retained for backward compatibility. When set without
+ TenantID, the handler resolves the user's TenantID and uses this
+ user as the representative.
type: string
required:
- role
- - user_id
type: object
github_com_Tencent_WeKnora_internal_types.JoinByOrganizationIDRequest:
properties:
@@ -1287,6 +1229,20 @@ definitions:
created_at:
description: Creation time of the knowledge base
type: string
+ creator_id:
+ description: |-
+ CreatorID records the user ID of whoever originally created the KB.
+ Used by the tenant-level RBAC middleware to let Contributors edit
+ their own KBs without granting them access to everyone else's.
+ Nullable for backward compatibility with rows created before the
+ RBAC migration backfilled the column to the tenant Owner.
+ type: string
+ creator_name:
+ description: |-
+ CreatorName 是 CreatorID 对应用户的展示名(username / email 等),
+ 仅在列表场景由 handler 批量回填,不落库;为空表示创建者无法解析(用户已删除、
+ CreatorID 为空的老数据等)。前端用它在卡片来源徽章上做 mine vs tenant 的二分。
+ type: string
deleted_at:
allOf:
- $ref: '#/definitions/gorm.DeletedAt'
@@ -1320,7 +1276,15 @@ definitions:
IndexingStrategy controls which indexing pipelines are active for this knowledge base.
Pipelines: vector search, keyword search, wiki generation, knowledge graph extraction.
is_pinned:
- description: Whether this knowledge base is pinned to the top of the list
+ description: |-
+ IsPinned and PinnedAt are computed per-caller from user_kb_pins
+ (see migration 000050). They used to be stored on the row itself,
+ which made pinning a tenant-wide ordering decision gated behind
+ the kb-edit RBAC guard. The columns are still present in legacy
+ schemas for rollback safety but are no longer read or written by
+ the application — both fields are tagged `gorm:"-"` so GORM
+ ignores them on every CRUD call and the list handler stamps them
+ after enriching with the caller's pin set.
type: boolean
is_processing:
description: IsProcessing indicates if there is a processing import task (for
@@ -1337,7 +1301,9 @@ definitions:
description: Name of the knowledge base
type: string
pinned_at:
- description: Time when the knowledge base was pinned (nil if not pinned)
+ description: |-
+ PinnedAt records when the current caller pinned this knowledge
+ base; nil when they have not.
type: string
processing_count:
description: ProcessingCount indicates the number of knowledge items being
@@ -1540,14 +1506,31 @@ definitions:
type: object
github_com_Tencent_WeKnora_internal_types.LoginResponse:
properties:
+ active_tenant:
+ allOf:
+ - $ref: '#/definitions/github_com_Tencent_WeKnora_internal_types.Tenant'
+ description: |-
+ ActiveTenant is the tenant whose ID is encoded in the issued JWT;
+ future requests are scoped to it until the client calls /auth/switch-tenant.
+ Defaults to the user's home tenant on a fresh login.
+ memberships:
+ description: |-
+ Memberships lists every tenant the user can authenticate into,
+ along with their role in each. Always populated (length 1 for users
+ who only belong to their home tenant) so frontends can render a
+ tenant switcher without a follow-up request. Serialised without
+ omitempty so the field is always present as a JSON array (possibly
+ empty) — the "always populated" contract relies on the server side
+ guaranteeing a non-nil slice.
+ items:
+ $ref: '#/definitions/github_com_Tencent_WeKnora_internal_types.Membership'
+ type: array
message:
type: string
refresh_token:
type: string
success:
type: boolean
- tenant:
- $ref: '#/definitions/github_com_Tencent_WeKnora_internal_types.Tenant'
token:
type: string
user:
@@ -1708,6 +1691,15 @@ definitions:
- MatchTypeWebSearch
- MatchTypeDirectLoad
- MatchTypeDataAnalysis
+ github_com_Tencent_WeKnora_internal_types.Membership:
+ properties:
+ role:
+ $ref: '#/definitions/github_com_Tencent_WeKnora_internal_types.TenantRole'
+ tenant_id:
+ type: integer
+ tenant_name:
+ type: string
+ type: object
github_com_Tencent_WeKnora_internal_types.MentionedItem:
properties:
id:
@@ -1988,6 +1980,23 @@ definitions:
- ModelTypeKnowledgeQA
- ModelTypeVLLM
- ModelTypeASR
+ github_com_Tencent_WeKnora_internal_types.OBSEngineConfig:
+ properties:
+ access_key:
+ type: string
+ bucket_name:
+ type: string
+ endpoint:
+ type: string
+ path_prefix:
+ type: string
+ region:
+ type: string
+ secret_key:
+ type: string
+ use_ssl:
+ type: boolean
+ type: object
github_com_Tencent_WeKnora_internal_types.OIDCAuthURLResponse:
properties:
authorization_url:
@@ -2049,10 +2058,14 @@ definitions:
type: string
joined_at:
type: string
+ representative_user_id:
+ type: string
role:
type: string
tenant_id:
type: integer
+ tenant_name:
+ type: string
user_id:
type: string
username:
@@ -2093,6 +2106,14 @@ definitions:
type: string
owner_id:
type: string
+ owner_tenant_id:
+ description: |-
+ OwnerTenantID is the persisted owner tenant of the organization
+ (Plan 3, migration 000046). Frontend uses this to identify the
+ "owner row" in the tenant-keyed members list — comparing
+ member.tenant_id against owner_tenant_id is the post-Plan-3
+ equivalent of the old member.user_id == owner_id check.
+ type: integer
pending_join_request_count:
description: 待审批加入申请数(仅管理员可见)
type: integer
@@ -2136,6 +2157,9 @@ definitions:
mineru_model:
description: MinerU 自建解析参数
type: string
+ mineru_vlm_server_url:
+ description: vLLM 服务器地址 (vlm-http-client / hybrid-http-client)
+ type: string
type: object
github_com_Tencent_WeKnora_internal_types.ParserEngineRule:
properties:
@@ -2366,12 +2390,16 @@ definitions:
type: string
endpoint:
type: string
+ force_path_style:
+ type: boolean
path_prefix:
type: string
region:
type: string
secret_key:
type: string
+ use_ssl:
+ type: boolean
type: object
github_com_Tencent_WeKnora_internal_types.SearchParams:
properties:
@@ -2516,6 +2544,16 @@ definitions:
is_pinned:
description: IsPinned indicates whether the session is pinned in the list.
type: boolean
+ last_request_state:
+ allOf:
+ - $ref: '#/definitions/github_com_Tencent_WeKnora_internal_types.SessionLastRequestState'
+ description: |-
+ LastRequestState records the input-bar state used the last time this
+ session sent a question (agent, model, KB scope, web search, MCPs).
+ Persisted on every successful POST to /knowledge-chat or /agent-chat so
+ that reopening the session can restore the original request context to
+ the chat UI. Stored in the legacy sessions.agent_config JSONB column to
+ avoid a new migration; the shape used today is `SessionLastRequestState`.
pinned_at:
description: PinnedAt records when the session was pinned; nil when not pinned.
type: string
@@ -2533,6 +2571,25 @@ definitions:
tenant level) and for IM-created sessions that do not map to a WeKnora user.
type: string
type: object
+ github_com_Tencent_WeKnora_internal_types.SessionLastRequestState:
+ properties:
+ agent_enabled:
+ type: boolean
+ agent_id:
+ type: string
+ knowledge_base_ids:
+ items:
+ type: string
+ type: array
+ knowledge_ids:
+ items:
+ type: string
+ type: array
+ model_id:
+ type: string
+ web_search_enabled:
+ type: boolean
+ type: object
github_com_Tencent_WeKnora_internal_types.ShareKnowledgeBaseRequest:
properties:
organization_id:
@@ -2546,26 +2603,42 @@ definitions:
github_com_Tencent_WeKnora_internal_types.StorageConfig:
properties:
app_id:
+ description: App ID (COS specific)
type: string
bucket_name:
+ description: Bucket Name
type: string
+ endpoint:
+ description: Endpoint (S3 specific) - e.g., s3.amazonaws.com, oss-cn-hangzhou.aliyuncs.com
+ type: string
+ force_path_style:
+ description: ForcePathStyle (S3 specific) - whether to use path-style URLs
+ type: boolean
path_prefix:
+ description: Path Prefix
type: string
provider:
+ description: 'Provider: "cos", "minio", "s3"'
type: string
region:
+ description: Region
type: string
secret_id:
+ description: Secret ID (COS) / Access Key ID (S3, MinIO)
type: string
secret_key:
+ description: Secret Key (COS) / Secret Access Key (S3, MinIO)
type: string
+ use_ssl:
+ description: UseSSL (S3 specific) - whether to use HTTPS
+ type: boolean
type: object
github_com_Tencent_WeKnora_internal_types.StorageEngineConfig:
properties:
cos:
$ref: '#/definitions/github_com_Tencent_WeKnora_internal_types.COSEngineConfig'
default_provider:
- description: '"local", "minio", "cos", "tos", "s3", "oss", "ks3"'
+ description: '"local", "minio", "cos", "tos", "s3", "oss", "ks3", "obs"'
type: string
ks3:
$ref: '#/definitions/github_com_Tencent_WeKnora_internal_types.KS3EngineConfig'
@@ -2573,6 +2646,8 @@ definitions:
$ref: '#/definitions/github_com_Tencent_WeKnora_internal_types.LocalEngineConfig'
minio:
$ref: '#/definitions/github_com_Tencent_WeKnora_internal_types.MinIOEngineConfig'
+ obs:
+ $ref: '#/definitions/github_com_Tencent_WeKnora_internal_types.OBSEngineConfig'
oss:
$ref: '#/definitions/github_com_Tencent_WeKnora_internal_types.OSSEngineConfig'
s3:
@@ -2583,7 +2658,7 @@ definitions:
github_com_Tencent_WeKnora_internal_types.StorageProviderConfig:
properties:
provider:
- description: '"local", "minio", "cos", "tos", "s3", "oss", "ks3"'
+ description: '"local", "minio", "cos", "tos", "s3", "oss", "ks3", "obs"'
type: string
type: object
github_com_Tencent_WeKnora_internal_types.SubmitJoinRequestRequest:
@@ -2673,12 +2748,6 @@ definitions:
type: object
github_com_Tencent_WeKnora_internal_types.Tenant:
properties:
- agent_config:
- allOf:
- - $ref: '#/definitions/github_com_Tencent_WeKnora_internal_types.AgentConfig'
- description: |-
- Deprecated: AgentConfig is deprecated, use CustomAgent (builtin-smart-reasoning) config instead.
- This field is kept for backward compatibility and will be removed in future versions.
api_key:
description: API key
type: string
@@ -2695,12 +2764,6 @@ definitions:
- $ref: '#/definitions/github_com_Tencent_WeKnora_internal_types.ContextConfig'
description: Global Context configuration for this tenant (default for all
sessions)
- conversation_config:
- allOf:
- - $ref: '#/definitions/github_com_Tencent_WeKnora_internal_types.ConversationConfig'
- description: |-
- Deprecated: ConversationConfig is deprecated, use CustomAgent (builtin-quick-answer) config instead.
- This field is kept for backward compatibility and will be removed in future versions.
created_at:
description: Creation time
type: string
@@ -2759,6 +2822,18 @@ definitions:
- $ref: '#/definitions/github_com_Tencent_WeKnora_internal_types.WebSearchConfig'
description: Global WebSearch configuration for this tenant
type: object
+ github_com_Tencent_WeKnora_internal_types.TenantRole:
+ enum:
+ - owner
+ - admin
+ - contributor
+ - viewer
+ type: string
+ x-enum-varnames:
+ - TenantRoleOwner
+ - TenantRoleAdmin
+ - TenantRoleContributor
+ - TenantRoleViewer
github_com_Tencent_WeKnora_internal_types.ToolCall:
properties:
args:
@@ -2866,6 +2941,13 @@ definitions:
is_active:
description: Whether the user is active
type: boolean
+ preferences:
+ allOf:
+ - $ref: '#/definitions/github_com_Tencent_WeKnora_internal_types.UserPreferences'
+ description: |-
+ Per-user UI/feature preferences (memory toggle, future knobs).
+ Stored as JSON (jsonb on Postgres, TEXT on SQLite) via the
+ driver.Valuer / sql.Scanner methods on UserPreferences.
tenant:
allOf:
- $ref: '#/definitions/github_com_Tencent_WeKnora_internal_types.Tenant'
@@ -2880,6 +2962,32 @@ definitions:
description: Username of the user
type: string
type: object
+ github_com_Tencent_WeKnora_internal_types.UserPreferences:
+ properties:
+ enable_memory:
+ description: |-
+ EnableMemory mirrors the "开启记忆功能" switch in General Settings.
+ nil = preference never set (treat as feature default = false)
+ *false / *true = user explicitly set the toggle.
+ type: boolean
+ last_active_tenant_id:
+ description: |-
+ LastActiveTenantID remembers the last tenant the user actively
+ switched into, so a fresh login (new device, cleared browser, new
+ refresh token) lands them back in that workspace instead of always
+ bouncing to their home tenant. Login / RefreshToken validate that
+ the tenant still exists and the user still has an active membership
+ (or CanAccessAllTenants) before honouring this preference; an
+ invalid pointer is best-effort cleared and the user falls back to
+ home.
+
+ nil = no preference (use user.TenantID, i.e. home)
+ *0 = "clear preference" sentinel for the partial-update endpoint
+ (UpdateUserPreferences turns this into nil). Otherwise treat
+ a stored *0 the same as nil.
+ *N = preferred tenant id.
+ type: integer
+ type: object
github_com_Tencent_WeKnora_internal_types.VLMConfig:
properties:
api_key:
@@ -3393,6 +3501,13 @@ definitions:
description: Valid is true if Time is not NULL
type: boolean
type: object
+ internal_handler.AddFavoriteRequest:
+ properties:
+ id:
+ type: string
+ type:
+ type: string
+ type: object
internal_handler.BatchDeleteKnowledgeRequest:
properties:
ids:
@@ -3792,6 +3907,17 @@ definitions:
type: object
interfaceType:
type: string
+ modelId:
+ description: |-
+ ModelID, when set, instructs the handler to substitute any missing
+ secrets (APIKey, AppSecret via ExtraConfig) from the stored model
+ record before assembling the test client. This lets the "Test
+ connection" button work on existing models without making the
+ frontend reload — and ship — the plaintext API key. Other fields
+ (BaseURL, ModelName, etc.) on this request still override the
+ stored values, so a user can validate a new endpoint against the
+ existing credentials in one click.
+ type: string
modelName:
type: string
provider:
@@ -3937,6 +4063,17 @@ definitions:
type: object
interfaceType:
type: string
+ modelId:
+ description: |-
+ ModelID, when set, instructs the handler to substitute any missing
+ secrets (APIKey, AppSecret via ExtraConfig) from the stored model
+ record before assembling the test client. This lets the "Test
+ connection" button work on existing models without making the
+ frontend reload — and ship — the plaintext API key. Other fields
+ (BaseURL, ModelName, etc.) on this request still override the
+ stored values, so a user can validate a new endpoint against the
+ existing credentials in one click.
+ type: string
modelName:
type: string
provider:
@@ -3974,10 +4111,12 @@ definitions:
$ref: '#/definitions/github_com_Tencent_WeKnora_internal_types.KS3EngineConfig'
minio:
$ref: '#/definitions/github_com_Tencent_WeKnora_internal_types.MinIOEngineConfig'
+ obs:
+ $ref: '#/definitions/github_com_Tencent_WeKnora_internal_types.OBSEngineConfig'
oss:
$ref: '#/definitions/github_com_Tencent_WeKnora_internal_types.OSSEngineConfig'
provider:
- description: '"minio", "cos", "tos", "s3", "oss", "ks3"'
+ description: '"minio", "cos", "tos", "s3", "oss", "ks3", "obs"'
type: string
s3:
$ref: '#/definitions/github_com_Tencent_WeKnora_internal_types.S3EngineConfig'
@@ -4113,6 +4252,16 @@ definitions:
required:
- name
type: object
+ internal_handler.addMemberRequest:
+ properties:
+ email:
+ type: string
+ role:
+ $ref: '#/definitions/github_com_Tencent_WeKnora_internal_types.TenantRole'
+ required:
+ - email
+ - role
+ type: object
internal_handler.addSimilarQuestionsRequest:
properties:
similar_questions:
@@ -4123,6 +4272,41 @@ definitions:
required:
- similar_questions
type: object
+ internal_handler.auditLogListResponse:
+ properties:
+ data:
+ items:
+ $ref: '#/definitions/github_com_Tencent_WeKnora_internal_types.AuditLog'
+ type: array
+ next_cursor:
+ type: integer
+ success:
+ type: boolean
+ type: object
+ internal_handler.createInvitationRequest:
+ properties:
+ email:
+ type: string
+ message:
+ type: string
+ role:
+ $ref: '#/definitions/github_com_Tencent_WeKnora_internal_types.TenantRole'
+ required:
+ - email
+ - role
+ type: object
+ internal_handler.createTenantRequest:
+ properties:
+ description:
+ maxLength: 512
+ type: string
+ name:
+ maxLength: 128
+ minLength: 1
+ type: string
+ required:
+ - name
+ type: object
internal_handler.updateLastFAQImportResultDisplayStatusRequest:
properties:
display_status:
@@ -4133,6 +4317,26 @@ definitions:
required:
- display_status
type: object
+ internal_handler.updateMemberRoleRequest:
+ properties:
+ role:
+ $ref: '#/definitions/github_com_Tencent_WeKnora_internal_types.TenantRole'
+ required:
+ - role
+ type: object
+ internal_handler.updateMyPreferencesRequest:
+ properties:
+ enable_memory:
+ type: boolean
+ last_active_tenant_id:
+ description: |-
+ LastActiveTenantID lets the SPA persist "after a fresh login,
+ drop me back into this workspace" across devices. Send a positive
+ tenant id to set / replace, or 0 to clear. Membership is validated
+ at next login, not here. Nil = field omitted from the PATCH and
+ stays untouched.
+ type: integer
+ type: object
internal_handler_session.AttachmentUpload:
properties:
data:
@@ -4166,7 +4370,18 @@ definitions:
description: Whether to disable auto title generation
type: boolean
enable_memory:
- description: Whether memory feature is enabled for this request
+ description: |-
+ EnableMemory is the per-request override for the memory feature.
+ Pointer + omitempty so the request can distinguish three states:
+ nil = client did not specify; backend falls back to the calling
+ user's persisted preference (user.preferences.enable_memory),
+ defaulting to false if that's also unset. This is the path
+ used by the normal logged-in chat UI now that the toggle is
+ stored server-side per user.
+ *true / *false = explicit override. Embedded mode forces *false so a
+ user's personal memory setting doesn't leak into a widget
+ context; older clients that still send a literal bool also
+ land here (back-compat).
type: boolean
images:
description: Attached images for multimodal chat
@@ -5533,6 +5748,22 @@ paths:
summary: 修改密码
tags:
- 认证
+ /auth/config:
+ get:
+ consumes:
+ - application/json
+ description: 返回当前部署的注册模式等公开认证配置,供前端决定是否展示注册入口
+ produces:
+ - application/json
+ responses:
+ "200":
+ description: 认证配置
+ schema:
+ additionalProperties: true
+ type: object
+ summary: 获取认证配置
+ tags:
+ - 认证
/auth/login:
post:
consumes:
@@ -5603,6 +5834,41 @@ paths:
summary: 获取当前用户信息
tags:
- 认证
+ /auth/me/preferences:
+ put:
+ consumes:
+ - application/json
+ description: |-
+ 按 PATCH 语义合并用户偏好(仅覆盖请求体里出现的字段,其余字段保持不变),
+ 数据存放在 users.preferences (JSON),跨设备/浏览器自动同步。
+ parameters:
+ - description: Preferences patch
+ in: body
+ name: request
+ required: true
+ schema:
+ $ref: '#/definitions/internal_handler.updateMyPreferencesRequest'
+ produces:
+ - application/json
+ responses:
+ "200":
+ description: 更新后的偏好
+ schema:
+ additionalProperties: true
+ type: object
+ "400":
+ description: 请求参数错误
+ schema:
+ $ref: '#/definitions/github_com_Tencent_WeKnora_internal_errors.AppError'
+ "401":
+ description: 未授权
+ schema:
+ $ref: '#/definitions/github_com_Tencent_WeKnora_internal_errors.AppError'
+ security:
+ - Bearer: []
+ summary: 更新当前用户的个性化设置
+ tags:
+ - 认证
/auth/oidc/callback:
get:
consumes:
@@ -5733,6 +5999,43 @@ paths:
summary: 用户注册
tags:
- 认证
+ /auth/switch-tenant:
+ post:
+ consumes:
+ - application/json
+ description: 为当前用户在目标租户重新签发访问令牌;要求该用户在目标租户存在 active 成员关系
+ parameters:
+ - description: 切换请求
+ in: body
+ name: request
+ required: true
+ schema:
+ properties:
+ refresh_token:
+ type: string
+ tenant_id:
+ type: integer
+ type: object
+ produces:
+ - application/json
+ responses:
+ "200":
+ description: OK
+ schema:
+ $ref: '#/definitions/github_com_Tencent_WeKnora_internal_types.LoginResponse'
+ "400":
+ description: 参数错误
+ schema:
+ $ref: '#/definitions/github_com_Tencent_WeKnora_internal_errors.AppError'
+ "403":
+ description: 无该租户成员关系
+ schema:
+ $ref: '#/definitions/github_com_Tencent_WeKnora_internal_errors.AppError'
+ security:
+ - Bearer: []
+ summary: 切换激活租户
+ tags:
+ - 认证
/auth/validate:
get:
consumes:
@@ -8686,6 +8989,79 @@ paths:
summary: 更新MCP服务
tags:
- MCP服务
+ /mcp-services/{id}/credentials:
+ put:
+ consumes:
+ - application/json
+ description: 为指定字段写入新凭据;省略的字段保留原值;空字符串视为 no-op(如需删除请用 DELETE)
+ parameters:
+ - description: MCP 服务 ID
+ in: path
+ name: id
+ required: true
+ type: string
+ - description: '{api_key?: string, token?: string}'
+ in: body
+ name: request
+ required: true
+ schema:
+ additionalProperties: true
+ type: object
+ produces:
+ - application/json
+ responses:
+ "200":
+ description: 写入后的凭据状态
+ schema:
+ additionalProperties: true
+ type: object
+ "400":
+ description: 请求参数错误
+ schema:
+ $ref: '#/definitions/github_com_Tencent_WeKnora_internal_errors.AppError'
+ "404":
+ description: 服务不存在
+ schema:
+ $ref: '#/definitions/github_com_Tencent_WeKnora_internal_errors.AppError'
+ security:
+ - Bearer: []
+ - ApiKeyAuth: []
+ summary: 设置 MCP 服务凭据
+ tags:
+ - MCP服务
+ /mcp-services/{id}/credentials/{field}:
+ delete:
+ description: 删除指定字段的存储凭据;删除已为空的字段是幂等的
+ parameters:
+ - description: MCP 服务 ID
+ in: path
+ name: id
+ required: true
+ type: string
+ - description: 字段名(api_key | token)
+ in: path
+ name: field
+ required: true
+ type: string
+ produces:
+ - application/json
+ responses:
+ "204":
+ description: No Content
+ "400":
+ description: 字段名非法
+ schema:
+ $ref: '#/definitions/github_com_Tencent_WeKnora_internal_errors.AppError'
+ "404":
+ description: 服务不存在
+ schema:
+ $ref: '#/definitions/github_com_Tencent_WeKnora_internal_errors.AppError'
+ security:
+ - Bearer: []
+ - ApiKeyAuth: []
+ summary: 移除 MCP 服务的单个凭据字段
+ tags:
+ - MCP服务
/mcp-services/{id}/resources:
get:
consumes:
@@ -8818,6 +9194,87 @@ paths:
summary: 获取MCP服务工具列表
tags:
- MCP服务
+ /me/invitations:
+ get:
+ description: 返回当前登录用户的待接受邀请(默认仅 pending),用于头像入口和 /invitations 收件箱页。
+ parameters:
+ - description: 是否包含已处理 / 已过期等终止态行(默认 false)
+ in: query
+ name: include_terminal
+ type: boolean
+ produces:
+ - application/json
+ responses:
+ "200":
+ description: OK
+ schema:
+ additionalProperties: true
+ type: object
+ security:
+ - Bearer: []
+ summary: 列出我的待接受邀请
+ tags:
+ - 我的邀请
+ /me/invitations/{inv_id}/accept:
+ post:
+ description: 当前登录用户接受一条 pending 邀请;服务端会同时写入 tenant_members 行。
+ parameters:
+ - description: 邀请 ID
+ in: path
+ name: inv_id
+ required: true
+ type: string
+ produces:
+ - application/json
+ responses:
+ "200":
+ description: OK
+ schema:
+ additionalProperties: true
+ type: object
+ security:
+ - Bearer: []
+ summary: 接受邀请
+ tags:
+ - 我的邀请
+ /me/invitations/{inv_id}/decline:
+ post:
+ description: 当前登录用户拒绝一条 pending 邀请;不创建 tenant_members 行。
+ parameters:
+ - description: 邀请 ID
+ in: path
+ name: inv_id
+ required: true
+ type: string
+ produces:
+ - application/json
+ responses:
+ "200":
+ description: OK
+ schema:
+ additionalProperties: true
+ type: object
+ security:
+ - Bearer: []
+ summary: 拒绝邀请
+ tags:
+ - 我的邀请
+ /me/invitations/pending-count:
+ get:
+ description: 轻量级 endpoint,返回当前登录用户的 pending 邀请数,用于头像旁的角标轮询。
+ produces:
+ - application/json
+ responses:
+ "200":
+ description: OK
+ schema:
+ additionalProperties: true
+ type: object
+ security:
+ - Bearer: []
+ summary: 获取我的待处理邀请数
+ tags:
+ - 我的邀请
/messages/{session_id}/{id}:
delete:
consumes:
@@ -9130,7 +9587,7 @@ paths:
- WeKnoraCloud
/organizations:
get:
- description: 获取当前用户所属的所有组织,并附带各空间内知识库/智能体数量
+ description: 获取当前租户所属的所有组织,并附带各空间内知识库/智能体数量
produces:
- application/json
responses:
@@ -9435,7 +9892,7 @@ paths:
- 组织管理
/organizations/{id}/members:
get:
- description: 获取组织的所有成员
+ description: 获取组织的所有成员(按租户)
parameters:
- description: 组织ID
in: path
@@ -9454,18 +9911,18 @@ paths:
summary: 获取组织成员列表
tags:
- 组织管理
- /organizations/{id}/members/{user_id}:
+ /organizations/{id}/members/{tenant_id}:
delete:
- description: 从组织中移除成员(需要管理员权限)
+ description: 从组织中移除成员租户(需要管理员权限)
parameters:
- description: 组织ID
in: path
name: id
required: true
type: string
- - description: 用户ID
+ - description: 成员租户ID
in: path
- name: user_id
+ name: tenant_id
required: true
type: string
responses:
@@ -9486,16 +9943,16 @@ paths:
put:
consumes:
- application/json
- description: 更新组织成员的角色(需要管理员权限)
+ description: 更新组织成员(租户)的角色(需要管理员权限)
parameters:
- description: 组织ID
in: path
name: id
required: true
type: string
- - description: 用户ID
+ - description: 成员租户ID
in: path
- name: user_id
+ name: tenant_id
required: true
type: string
- description: 角色信息
@@ -9555,16 +10012,16 @@ paths:
summary: 申请权限升级
tags:
- 组织管理
- /organizations/{id}/search-users:
+ /organizations/{id}/search-tenants:
get:
- description: 搜索用户(排除已有成员)用于邀请加入组织
+ description: 搜索租户(排除已加入的租户)用于邀请加入组织;按租户去重,附带代表用户
parameters:
- description: 组织ID
in: path
name: id
required: true
type: string
- - description: 搜索关键词(用户名或邮箱)
+ - description: 搜索关键词(租户名、用户名或邮箱)
in: query
name: q
required: true
@@ -9588,9 +10045,13 @@ paths:
$ref: '#/definitions/github_com_Tencent_WeKnora_internal_errors.AppError'
security:
- Bearer: []
- summary: 搜索可邀请的用户
+ summary: 搜索可邀请的租户
tags:
- 组织管理
+ /organizations/{id}/search-users:
+ get:
+ deprecated: true
+ responses: {}
/organizations/{id}/shared-agents:
get:
description: 获取指定空间下所有共享智能体,包含他人共享的与我共享的,用于列表页空间视角
@@ -10466,14 +10927,17 @@ paths:
post:
consumes:
- application/json
- description: 创建新的租户
+ description: |-
+ 创建新的租户。任意已登录用户均可调用以建立自己的新工作区,
+ 调用方会被自动设为该租户的 Owner。跨租户超管仍可像以前一样
+ 通过本接口创建任意租户。
parameters:
- description: 租户信息
in: body
name: request
required: true
schema:
- $ref: '#/definitions/github_com_Tencent_WeKnora_internal_types.Tenant'
+ $ref: '#/definitions/internal_handler.createTenantRequest'
produces:
- application/json
responses:
@@ -10616,6 +11080,291 @@ paths:
summary: 重置租户 API Key
tags:
- 租户管理
+ /tenants/{id}/audit-log:
+ get:
+ description: 返回该租户最近的审计事件,按 id 倒序。游标分页:将上次响应的 next_cursor 作为下一次请求的 after_id。
+ parameters:
+ - description: 租户ID
+ in: path
+ name: id
+ required: true
+ type: string
+ - description: 游标:返回 id 小于此值的记录(默认从最新开始)
+ in: query
+ name: after_id
+ type: integer
+ - description: 页大小,1-100,默认 50
+ in: query
+ name: limit
+ type: integer
+ - description: 按 action 精确过滤(如 rbac.member_added / rbac.access_denied)
+ in: query
+ name: action
+ type: string
+ - description: 按 outcome 精确过滤(success / denied)
+ in: query
+ name: outcome
+ type: string
+ - description: 按 actor_user_id 精确过滤
+ in: query
+ name: actor
+ type: string
+ produces:
+ - application/json
+ responses:
+ "200":
+ description: OK
+ schema:
+ $ref: '#/definitions/internal_handler.auditLogListResponse'
+ "400":
+ description: Bad Request
+ schema:
+ $ref: '#/definitions/github_com_Tencent_WeKnora_internal_errors.AppError'
+ security:
+ - Bearer: []
+ - ApiKeyAuth: []
+ summary: 获取租户审计日志
+ tags:
+ - 审计日志
+ /tenants/{id}/invitations:
+ get:
+ description: 按 tenant 列出待接受 / 历史邀请。query include_terminal=true 时附带 accepted/declined/revoked/expired。
+ parameters:
+ - description: 租户 ID
+ in: path
+ name: id
+ required: true
+ type: string
+ - description: 是否包含终止态行(默认 false)
+ in: query
+ name: include_terminal
+ type: boolean
+ - default: 1
+ description: 页码(从 1 起)
+ in: query
+ name: page
+ type: integer
+ - default: 20
+ description: 每页数量
+ in: query
+ name: page_size
+ type: integer
+ produces:
+ - application/json
+ responses:
+ "200":
+ description: OK
+ schema:
+ additionalProperties: true
+ type: object
+ security:
+ - Bearer: []
+ summary: 列出租户邀请
+ tags:
+ - 租户邀请
+ post:
+ consumes:
+ - application/json
+ description: Owner 通过邮箱邀请已注册用户加入当前租户;被邀请人需要在 /me/invitations 接受后才会成为成员。
+ parameters:
+ - description: 租户 ID
+ in: path
+ name: id
+ required: true
+ type: string
+ - description: 邀请请求
+ in: body
+ name: request
+ required: true
+ schema:
+ $ref: '#/definitions/internal_handler.createInvitationRequest'
+ produces:
+ - application/json
+ responses:
+ "201":
+ description: Created
+ schema:
+ additionalProperties: true
+ type: object
+ security:
+ - Bearer: []
+ summary: 发出租户邀请
+ tags:
+ - 租户邀请
+ /tenants/{id}/invitations/{inv_id}:
+ delete:
+ description: Owner 取消一条还在 pending 的邀请;已 accepted/declined/revoked/expired 的行不可再撤销。
+ parameters:
+ - description: 租户 ID
+ in: path
+ name: id
+ required: true
+ type: string
+ - description: 邀请 ID
+ in: path
+ name: inv_id
+ required: true
+ type: string
+ produces:
+ - application/json
+ responses:
+ "200":
+ description: OK
+ schema:
+ additionalProperties: true
+ type: object
+ security:
+ - Bearer: []
+ summary: 撤销待接受邀请
+ tags:
+ - 租户邀请
+ /tenants/{id}/leave:
+ post:
+ description: 调用方主动退出当前租户。等价于以自己的 user_id 调 RemoveMember,
+ parameters:
+ - description: 租户 ID
+ in: path
+ name: id
+ required: true
+ type: string
+ produces:
+ - application/json
+ responses:
+ "200":
+ description: OK
+ schema:
+ additionalProperties: true
+ type: object
+ security:
+ - Bearer: []
+ summary: 退出当前租户
+ tags:
+ - 租户成员
+ /tenants/{id}/members:
+ get:
+ description: 分页返回当前租户内 active 成员(含每位成员的角色、邮箱、头像);支持 q 按邮箱/用户名筛选
+ parameters:
+ - description: 租户 ID
+ in: path
+ name: id
+ required: true
+ type: string
+ - description: 按邮箱/用户名模糊筛选
+ in: query
+ name: q
+ type: string
+ - default: 1
+ description: 页码(从 1 起)
+ in: query
+ name: page
+ type: integer
+ - default: 20
+ description: 每页数量(最大 100)
+ in: query
+ name: page_size
+ type: integer
+ produces:
+ - application/json
+ responses:
+ "200":
+ description: OK
+ schema:
+ additionalProperties: true
+ type: object
+ security:
+ - Bearer: []
+ summary: 列出租户成员
+ tags:
+ - 租户成员
+ post:
+ consumes:
+ - application/json
+ parameters:
+ - description: 租户 ID
+ in: path
+ name: id
+ required: true
+ type: string
+ - description: 邀请请求
+ in: body
+ name: request
+ required: true
+ schema:
+ $ref: '#/definitions/internal_handler.addMemberRequest'
+ produces:
+ - application/json
+ responses:
+ "201":
+ description: Created
+ schema:
+ additionalProperties: true
+ type: object
+ security:
+ - Bearer: []
+ summary: 直接添加租户成员(直加路径)
+ tags:
+ - 租户成员
+ /tenants/{id}/members/{user_id}:
+ delete:
+ description: Owner 将某位成员从当前租户中移除(软删除 tenant_members 行);不能移除最后一位 Owner
+ parameters:
+ - description: 租户 ID
+ in: path
+ name: id
+ required: true
+ type: string
+ - description: 用户 ID
+ in: path
+ name: user_id
+ required: true
+ type: string
+ produces:
+ - application/json
+ responses:
+ "200":
+ description: OK
+ schema:
+ additionalProperties: true
+ type: object
+ security:
+ - Bearer: []
+ summary: 移除租户成员
+ tags:
+ - 租户成员
+ put:
+ consumes:
+ - application/json
+ description: Owner 修改某位成员在当前租户内的角色;不能将最后一位 Owner 降级
+ parameters:
+ - description: 租户 ID
+ in: path
+ name: id
+ required: true
+ type: string
+ - description: 用户 ID
+ in: path
+ name: user_id
+ required: true
+ type: string
+ - description: 目标角色
+ in: body
+ name: request
+ required: true
+ schema:
+ $ref: '#/definitions/internal_handler.updateMemberRoleRequest'
+ produces:
+ - application/json
+ responses:
+ "200":
+ description: OK
+ schema:
+ additionalProperties: true
+ type: object
+ security:
+ - Bearer: []
+ summary: 修改租户成员角色
+ tags:
+ - 租户成员
/tenants/all:
get:
consumes:
@@ -10642,7 +11391,7 @@ paths:
get:
consumes:
- application/json
- description: 获取租户级别的KV配置(支持agent-config、web-search-config、conversation-config)
+ description: 获取租户级别的KV配置(支持web-search-config、prompt-templates、parser-engine-config、storage-engine-config、chat-history-config、retrieval-config)
parameters:
- description: 配置键名
in: path
@@ -10670,7 +11419,7 @@ paths:
put:
consumes:
- application/json
- description: 更新租户级别的KV配置(支持agent-config、web-search-config、conversation-config)
+ description: 更新租户级别的KV配置(支持web-search-config、parser-engine-config、storage-engine-config、chat-history-config、retrieval-config)
parameters:
- description: 配置键名
in: path
@@ -10701,52 +11450,6 @@ paths:
summary: 更新租户KV配置
tags:
- 租户管理
- /tenants/kv/agent-config:
- get:
- consumes:
- - application/json
- description: 获取租户的全局Agent配置(默认应用于所有会话)
- produces:
- - application/json
- responses:
- "200":
- description: Agent配置
- schema:
- additionalProperties: true
- type: object
- "400":
- description: 请求参数错误
- schema:
- $ref: '#/definitions/github_com_Tencent_WeKnora_internal_errors.AppError'
- security:
- - Bearer: []
- - ApiKeyAuth: []
- summary: 获取租户Agent配置
- tags:
- - 租户管理
- /tenants/kv/conversation-config:
- get:
- consumes:
- - application/json
- description: 获取租户的全局对话配置(默认应用于普通模式会话)
- produces:
- - application/json
- responses:
- "200":
- description: 对话配置
- schema:
- additionalProperties: true
- type: object
- "400":
- description: 请求参数错误
- schema:
- $ref: '#/definitions/github_com_Tencent_WeKnora_internal_errors.AppError'
- security:
- - Bearer: []
- - ApiKeyAuth: []
- summary: 获取租户对话配置
- tags:
- - 租户管理
/tenants/kv/prompt-templates:
get:
consumes:
@@ -10835,6 +11538,64 @@ paths:
summary: 搜索租户
tags:
- 租户管理
+ /user/favorites:
+ get:
+ description: Lists this user's starred resources in the current tenant for a
+ given type
+ parameters:
+ - description: Resource type (kb | agent)
+ in: query
+ name: type
+ required: true
+ type: string
+ responses:
+ "200":
+ description: OK
+ schema:
+ additionalProperties: true
+ type: object
+ summary: List my favorites
+ tags:
+ - User
+ post:
+ parameters:
+ - description: Type + id
+ in: body
+ name: body
+ required: true
+ schema:
+ $ref: '#/definitions/internal_handler.AddFavoriteRequest'
+ responses:
+ "200":
+ description: OK
+ schema:
+ additionalProperties: true
+ type: object
+ summary: Star a resource
+ tags:
+ - User
+ /user/favorites/{type}/{id}:
+ delete:
+ parameters:
+ - description: Resource type
+ in: path
+ name: type
+ required: true
+ type: string
+ - description: Resource id
+ in: path
+ name: id
+ required: true
+ type: string
+ responses:
+ "200":
+ description: OK
+ schema:
+ additionalProperties: true
+ type: object
+ summary: Unstar a resource
+ tags:
+ - User
/vector-stores:
get:
description: List all vector stores for the current tenant, including environment-configured
diff --git a/frontend/package-lock.json b/frontend/package-lock.json
index 7e2217e8..a5bbd71c 100644
--- a/frontend/package-lock.json
+++ b/frontend/package-lock.json
@@ -1,12 +1,12 @@
{
"name": "knowledage-base",
- "version": "0.5.2",
+ "version": "0.6.0",
"lockfileVersion": 3,
"requires": true,
"packages": {
"": {
"name": "knowledage-base",
- "version": "0.5.2",
+ "version": "0.6.0",
"dependencies": {
"@microsoft/fetch-event-source": "^2.0.1",
"@types/dompurify": "^3.2.0",
diff --git a/frontend/package.json b/frontend/package.json
index b36fb558..d942a9a8 100644
--- a/frontend/package.json
+++ b/frontend/package.json
@@ -1,6 +1,6 @@
{
"name": "knowledage-base",
- "version": "0.5.2",
+ "version": "0.6.0",
"private": true,
"type": "module",
"scripts": {
diff --git a/frontend/src/i18n/locales/en-US.ts b/frontend/src/i18n/locales/en-US.ts
index 761f842e..d0489357 100755
--- a/frontend/src/i18n/locales/en-US.ts
+++ b/frontend/src/i18n/locales/en-US.ts
@@ -4438,6 +4438,7 @@ export default {
tenantMember: {
title: 'Members',
sectionDescription: 'Invite teammates to the tenant and manage their roles. Only Owner can add or remove members.',
+ learnRbacGuide: 'Learn about RBAC',
totalCount: '{n} members',
listTitle: 'Workspace members',
filterMatched: '{n} matched',
diff --git a/frontend/src/i18n/locales/ko-KR.ts b/frontend/src/i18n/locales/ko-KR.ts
index ea41d623..68b2819b 100755
--- a/frontend/src/i18n/locales/ko-KR.ts
+++ b/frontend/src/i18n/locales/ko-KR.ts
@@ -4498,6 +4498,7 @@ export default {
tenantMember: {
title: "멤버 관리",
sectionDescription: "테넌트에 동료를 초대하고 역할을 관리합니다. 소유자만 멤버를 추가하거나 제거할 수 있습니다.",
+ learnRbacGuide: "RBAC 알아보기",
totalCount: "총 {n}명",
listTitle: "워크스페이스 멤버",
filterMatched: "{n}명 일치",
diff --git a/frontend/src/i18n/locales/ru-RU.ts b/frontend/src/i18n/locales/ru-RU.ts
index 6ca2e7d6..12669654 100755
--- a/frontend/src/i18n/locales/ru-RU.ts
+++ b/frontend/src/i18n/locales/ru-RU.ts
@@ -4395,6 +4395,7 @@ export default {
tenantMember: {
title: 'Участники',
sectionDescription: 'Приглашайте коллег в тенант и управляйте их ролями. Добавлять и удалять участников может только Владелец.',
+ learnRbacGuide: 'Подробнее о RBAC',
totalCount: 'Участников: {n}',
listTitle: 'Участники пространства',
filterMatched: 'найдено: {n}',
diff --git a/frontend/src/i18n/locales/zh-CN.ts b/frontend/src/i18n/locales/zh-CN.ts
index ea872ef5..fb847704 100755
--- a/frontend/src/i18n/locales/zh-CN.ts
+++ b/frontend/src/i18n/locales/zh-CN.ts
@@ -4430,6 +4430,7 @@ export default {
tenantMember: {
title: "成员管理",
sectionDescription: "邀请伙伴加入当前空间并分配角色。只有 Owner 可以新增或移除成员。",
+ learnRbacGuide: "了解 RBAC",
totalCount: "共 {n} 位成员",
listTitle: "空间成员",
filterMatched: "筛选出 {n} 位",
diff --git a/frontend/src/views/settings/TenantMembers.vue b/frontend/src/views/settings/TenantMembers.vue
index 73fa813c..b8094bb4 100644
--- a/frontend/src/views/settings/TenantMembers.vue
+++ b/frontend/src/views/settings/TenantMembers.vue
@@ -50,7 +50,18 @@
- {{ $t('tenantMember.sectionDescription') }}
+
+ {{ $t('tenantMember.sectionDescription') }}
+
+ {{ $t('tenantMember.learnRbacGuide') }}
+
+
+
diff --git a/helm/Chart.yaml b/helm/Chart.yaml
index 401297de..03e6c8f1 100644
--- a/helm/Chart.yaml
+++ b/helm/Chart.yaml
@@ -5,7 +5,7 @@ description: |
with document parsing, vector search, and LLM integration.
type: application
version: 0.1.0
-appVersion: "v0.5.2"
+appVersion: "v0.6.0"
kubeVersion: ">=1.25.0-0"
home: https://github.com/Tencent/WeKnora
icon: https://raw.githubusercontent.com/Tencent/WeKnora/main/docs/images/logo.png
diff --git a/internal/handler/audit_log.go b/internal/handler/audit_log.go
index ecbe9469..cf0c4887 100644
--- a/internal/handler/audit_log.go
+++ b/internal/handler/audit_log.go
@@ -4,7 +4,7 @@ import (
"net/http"
"strconv"
- apperrors "github.com/Tencent/WeKnora/internal/errors"
+ "github.com/Tencent/WeKnora/internal/errors"
"github.com/Tencent/WeKnora/internal/logger"
"github.com/Tencent/WeKnora/internal/types"
"github.com/Tencent/WeKnora/internal/types/interfaces"
@@ -86,7 +86,7 @@ func (h *AuditLogHandler) ListTenantAuditLog(c *gin.Context) {
entries, err := h.auditService.List(ctx, tenantID, q)
if err != nil {
logger.ErrorWithFields(ctx, err, map[string]interface{}{"tenant_id": tenantID})
- c.Error(apperrors.NewInternalServerError(err.Error()))
+ c.Error(errors.NewInternalServerError(err.Error()))
return
}
+ 
- 
