perf: API Permission Error Message Optimization

fit2cloud-chenyw · fit2cloud-chenyw · commit e3363923d6ad · 2026-02-04T16:33:11.000+08:00
diff --git a/backend/apps/system/schemas/permission.py b/backend/apps/system/schemas/permission.py
@@ -13,6 +13,8 @@
 from common.core.db import engine
 from apps.system.schemas.system_schema import UserInfoDTO
 
+from common.utils.locale import I18n
+i18n = I18n()
 
 class SqlbotPermission(BaseModel):
     role: Optional[list[str]] = None
@@ -49,6 +51,7 @@ def decorator(func):
         @wraps(func)
         async def wrapper(*args, **kwargs):
             request = RequestContext.get_request()
+            
             current_user: UserInfoDTO = getattr(request.state, 'current_user', None)
             if not current_user:
                 raise HTTPException(
@@ -57,6 +60,8 @@ async def wrapper(*args, **kwargs):
                 )
             current_oid = current_user.oid
             
+            trans = i18n(request)
+            
             if current_user.isAdmin and not permission.type:
                 return await func(*args, **kwargs)
             role_list = permission.role
@@ -65,9 +70,11 @@ async def wrapper(*args, **kwargs):
             
             if role_list:
                 if 'admin' in role_list and not current_user.isAdmin:
-                    raise Exception('no permission to execute, only for admin')
+                    #raise Exception('no permission to execute, only for admin')
+                    raise Exception(trans('i18n_permission.only_admin'))
                 if 'ws_admin' in role_list and current_user.weight == 0 and not current_user.isAdmin:
-                    raise Exception('no permission to execute, only for workspace admin')
+                    #raise Exception('no permission to execute, only for workspace admin')
+                    raise Exception(trans('i18n_permission.only_ws_admin'))
             if not resource_type:
                 return await func(*args, **kwargs)
             if keyExpression:
@@ -81,7 +88,8 @@ async def wrapper(*args, **kwargs):
                         value = bound_args.args[index]
                         if await check_ws_permission(current_oid, resource_type, value):
                             return await func(*args, **kwargs)
-                        raise Exception('no permission to execute or resource do not exist!')
+                        #raise Exception('no permission to execute or resource do not exist!')
+                        raise Exception(trans('i18n_permission.permission_resource_limit'))
                             
                 parts = keyExpression.split('.')
                 if not bound_args.arguments.get(parts[0]):
@@ -91,7 +99,7 @@ async def wrapper(*args, **kwargs):
                     value = getattr(value, part)
                 if await check_ws_permission(current_oid, resource_type, value):
                     return await func(*args, **kwargs)
-                raise Exception('no permission to execute or resource do not exist!')
+                raise Exception(trans('i18n_permission.permission_resource_limit'))
             
             return await func(*args, **kwargs)
         
diff --git a/backend/locales/en.json b/backend/locales/en.json
@@ -41,7 +41,9 @@
     "only_admin": "Only administrators are allowed to call!",
     "no_permission": "No permission to call {url}{msg}",
     "authenticate_invalid": "Authentication invalid【{msg}】",
-    "token_expired": "Token expired"
+    "token_expired": "Token expired",
+    "only_ws_admin": "Workspace administrator access required!",
+    "permission_resource_limit": "Access denied or resource not found!"
   },
   "i18n_llm": {
     "validate_error": "Validation failed [{msg}]",
diff --git a/backend/locales/ko-KR.json b/backend/locales/ko-KR.json
@@ -41,7 +41,9 @@
     "only_admin": "관리자만 호출할 수 있습니다!",
     "no_permission": "{url}{msg} 호출 권한이 없습니다",
     "authenticate_invalid": "인증 무효 【{msg}】",
-    "token_expired": "토큰이 만료됨"
+    "token_expired": "토큰이 만료됨",
+    "only_ws_admin": "워크스페이스 관리자만 사용 가능합니다!",
+    "permission_resource_limit": "권한이 없거나 리소스를 찾을 수 없습니다!"
   },
   "i18n_llm": {
     "validate_error": "검증 실패 [{msg}]",
diff --git a/backend/locales/zh-CN.json b/backend/locales/zh-CN.json
@@ -41,7 +41,9 @@
     "only_admin": "仅支持管理员调用！",
     "no_permission": "无权调用{url}{msg}",
     "authenticate_invalid": "认证无效【{msg}】",
-    "token_expired": "Token 已过期"
+    "token_expired": "Token 已过期",
+    "only_ws_admin": "仅支持工作空间管理员调用！",
+    "permission_resource_limit": "没有操作权限或资源不存在！"
   },
   "i18n_llm": {
     "validate_error": "校验失败[{msg}]",
