routers/api/v1/api.go

@@ -1264,6 +1264,7 @@ func RegisterRoutes(m *macaron.Macaron) {
 					m.Get("/show_model_api", repo.ShowModelManageApi)
 					m.Delete("/delete_model", repo.DeleteModel)
 					m.Get("/downloadall", repo.DownloadModel)
+					m.Get("/downloadsingle/:ID", repo.DownloadModelSingle)
 					m.Get("/query_model_byId", repo.QueryModelById)
 					m.Get("/query_model_byName", repo.QueryModelByName)
 					m.Get("/query_model_for_predict", repo.QueryModelListForPredict)

routers/api/v1/repo/attachments.go

@@ -102,14 +102,71 @@ func GetAttachment(ctx *context.APIContext) {
 
 func GetModelChunks(ctx *context.APIContext) {
 	log.Info("GetModelChunks by api.")
+	modeluuid := ctx.Query("modeluuid")
+	model, err := models.QueryModelById(modeluuid)
+	if err == nil {
+		if errStr := checkModelPermission(ctx, model); errStr != "" {
+			ctx.JSON(200, map[string]string{
+				"result_code": "-1",
+				"msg":         errStr,
+			})
+			return
+		}
+	} else {
+		ctx.JSON(200, map[string]string{
+			"result_code": "-1",
+			"msg":         "model not exist.",
+		})
+		return
+	}
 	routeRepo.GetModelChunks(ctx.Context)
 }
 
 func NewModelMultipart(ctx *context.APIContext) {
 	log.Info("NewModelMultipart by api.")
+	modeluuid := ctx.Query("modeluuid")
+	model, err := models.QueryModelById(modeluuid)
+	if err == nil {
+		if errStr := checkModelPermission(ctx, model); errStr != "" {
+			ctx.JSON(200, map[string]string{
+				"result_code": "-1",
+				"msg":         errStr,
+			})
+			return
+		}
+	} else {
+		ctx.JSON(200, map[string]string{
+			"result_code": "-1",
+			"msg":         "model not exist.",
+		})
+		return
+	}
+
 	routeRepo.NewModelMultipart(ctx.Context)
 }
 
+func checkModelPermission(ctx *context.APIContext, model *models.AiModelManage) string {
+	if ctx.User == nil {
+		return "User not login."
+	}
+	if ctx.Repo.Repository == nil {
+		repo, err := models.GetRepositoryByID(model.RepoId)
+		if err == nil {
+			ctx.Repo.Repository = repo
+			owner, err := models.GetUserByID(repo.OwnerID)
+			if err == nil {
+				ctx.Repo.Owner = owner
+			}
+		} else {
+			return "Repo is not exist."
+		}
+	}
+	if !routeRepo.IsOperModifyOrDelete(ctx.Context, model.UserId) {
+		return "User has not right to operate."
+	}
+	return ""
+}
+
 func GetModelMultipartUploadUrl(ctx *context.APIContext) {
 	log.Info("GetModelMultipartUploadUrl by api.")
 	routeRepo.GetModelMultipartUploadUrl(ctx.Context)

routers/api/v1/repo/modelmanage.go

@@ -40,14 +40,21 @@ func DownloadModel(ctx *context.APIContext) {
 	routerRepo.DownloadMultiModelFile(ctx.Context)
 }
 
+func DownloadModelSingle(ctx *context.APIContext) {
+	log.Info("DownloadModel by api.")
+	routerRepo.DownloadSingleModelFile(ctx.Context)
+}
+
 func QueryModelById(ctx *context.APIContext) {
 	log.Info("QueryModelById by api.")
-	routerRepo.QueryModelById(ctx.Context)
+	model := routerRepo.QueryModelObjById(ctx.Context)
+	ctx.JSON(200, model)
 }
 
 func QueryModelByName(ctx *context.APIContext) {
 	log.Info("QueryModelByName by api.")
-	routerRepo.ShowSingleModel(ctx.Context)
+	models := routerRepo.QueryModelObjByName(ctx.Context)
+	ctx.JSON(200, models)
 }
 
 func QueryModelListForPredict(ctx *context.APIContext) {

routers/repo/ai_model_manage.go

@@ -949,7 +949,7 @@ func ShowModelInfo(ctx *context.Context) {
 	ctx.HTML(200, tplModelInfo)
 }
 
-func QueryModelById(ctx *context.Context) {
+func QueryModelObjById(ctx *context.Context) *models.AiModelManage {
 	id := ctx.Query("id")
 	model, err := models.QueryModelById(id)
 	if err == nil {
@@ -957,13 +957,22 @@ func QueryModelById(ctx *context.Context) {
 		model.IsCanDelete = isCanDelete(ctx, model.UserId)
 		model.IsCanDownload = isCanDownload(ctx, model)
 		removeIpInfo(model)
+		return model
+	} else {
+		return nil
+	}
+}
+
+func QueryModelById(ctx *context.Context) {
+	model := QueryModelObjById(ctx)
+	if model != nil {
 		ctx.JSON(http.StatusOK, model)
 	} else {
 		ctx.JSON(http.StatusNotFound, nil)
 	}
 }
 
-func ShowSingleModel(ctx *context.Context) {
+func QueryModelObjByName(ctx *context.Context) []*models.AiModelManage {
 	name := ctx.Query("name")
 	log.Info("Show single ModelInfo start.name=" + name)
 	modelArrays := models.QueryModelByName(name, ctx.Repo.Repository.ID)
@@ -1004,8 +1013,11 @@ func ShowSingleModel(ctx *context.Context) {
 			model.UserRelAvatarLink = value.RelAvatarLink()
 		}
 	}
+	return modelResult
+}
 
-	ctx.JSON(http.StatusOK, modelResult)
+func ShowSingleModel(ctx *context.Context) {
+	ctx.JSON(http.StatusOK, QueryModelObjByName(ctx))
 }
 
 func removeIpInfo(model *models.AiModelManage) {
@@ -1172,6 +1184,8 @@ func isAdminRight(ctx *context.Context) bool {
 	if err != nil {
 		log.Error("GetUserRepoPermission failed:%v", err.Error())
 		return false
+	} else {
+		log.Info("permission.AccessMode=" + string(permission.AccessMode))
 	}
 	if permission.AccessMode >= models.AccessModeAdmin {
 		return true
@@ -1181,6 +1195,7 @@ func isAdminRight(ctx *context.Context) bool {
 
 func isOperModifyOrDelete(ctx *context.Context, modelUserId int64) bool {
 	if ctx.User == nil {
+		log.Info("user is nil")
 		return false
 	}
 	if ctx.User.IsAdmin || ctx.User.ID == modelUserId {
@@ -1189,6 +1204,10 @@ func isOperModifyOrDelete(ctx *context.Context, modelUserId int64) bool {
 	return isAdminRight(ctx)
 }
 
+func IsOperModifyOrDelete(ctx *context.Context, modelUserId int64) bool {
+	return isOperModifyOrDelete(ctx, modelUserId)
+}
+
 func ShowModelPageInfo(ctx *context.Context) {
 	log.Info("ShowModelInfo start.")
 	if !isQueryRight(ctx) {