xin/dify_admin

xin 671886d57b Implement Dify account creation with tenant association: 1. Create tenant named 'username's Workspace' 2. Set owner role for new account 3. Add normal role in ucas's Workspace 4. Fix UUID handling in tenant info retrieval

2025-06-01 17:52:27 +08:00

1.7 KiB

Raw Permalink Blame History

Tenant Manager API Documentation

Overview

The TenantManager class provides functionality for managing tenants (workspaces), including:

Tenant creation with RSA key pair generation
Key management (generation, storage)
Tenant search and retrieval

Class Methods

`generate_rsa_key_pair()`

Generates a new RSA key pair for tenant encryption.

Returns:

Tuple of (public_key_pem, private_key)
- public_key_pem: PEM formatted public key string
- private_key: RSA private key object

Example:

public_key, private_key = TenantManager.generate_rsa_key_pair()

`save_private_key(tenant_id, private_key)`

Securely stores a private key for a tenant.

Parameters:

tenant_id (UUID): Tenant identifier
private_key: RSA private key object

Returns:

Path to stored private key file

`create_tenant(workspace_name)`

Creates a new tenant with cryptographic keys.

Parameters:

workspace_name (str): Name for the new tenant/workspace

Returns:

UUID of created tenant

Process:

Generates RSA key pair
Stores private key securely
Creates tenant record with public key

Query Methods

get_tenant_by_name(workspace_name): Retrieves tenant by name
get_all_tenants(): Lists all tenants
search_tenants(search_term): Searches tenants by name

Return Format:

{
    "id": str/UUID,
    "name": str,
    "encrypt_public_key": str,
    "created_at": datetime
}

Security Considerations

Uses 2048-bit RSA keys for encryption
Private keys stored in secure directory structure
Public keys stored in database for encryption
All operations are logged

Error Handling

Methods raise exceptions on failure and log errors using the module logger.