新增 CLAUDE.md 文件以提供项目指导，添加 .claudeignore 文件以排除不必要的文件，更新 pom.xml 版本至 3.9.2，修复多个路径遍历和 SQL 注入漏洞，优化字典翻译切面逻辑，增强文件上传和下载的安全性，新增音频文件类型支持，改进动态数据源的安全校验。

jeecg-boot/jeecg-module-system/jeecg-system-api/jeecg-system-cloud-api/pom.xml

@@ -5,7 +5,7 @@
     <parent>
         <artifactId>jeecg-system-api</artifactId>
         <groupId>org.jeecgframework.boot3</groupId>
-        <version>3.9.1</version>
+        <version>3.9.2</version>
     </parent>
     <modelVersion>4.0.0</modelVersion>
 

jeecg-boot/jeecg-module-system/jeecg-system-api/jeecg-system-cloud-api/src/main/java/org/jeecg/common/airag/api/IAiragBaseApi.java

@@ -20,11 +20,12 @@ import org.springframework.web.bind.annotation.RequestParam;
 public interface IAiragBaseApi {
 
     /**
-     * 知识库写入文本文档
+     * 知识库写入文本文档（支持自定义分段策略）
      *
-     * @param knowledgeId 知识库ID
-     * @param title       文档标题
-     * @param content     文档内容
+     * @param knowledgeId   知识库ID
+     * @param title         文档标题
+     * @param content       文档内容
+     * @param segmentConfig 【可选】分段策略配置JSON
      * @return 新增的文档ID
      * @author sjlei
      * @date 2025-12-30
@@ -33,7 +34,41 @@ public interface IAiragBaseApi {
     String knowledgeWriteTextDocument(
             @RequestParam("knowledgeId") String knowledgeId,
             @RequestParam("title") String title,
-            @RequestParam("content") String content
+            @RequestParam("content") String content,
+            @RequestParam(value = "segmentConfig", required = false) String segmentConfig
     );
 
+    /**
+     * 读取会话变量
+     */
+    @PostMapping("/airag/api/getChatVariable")
+    String getChatVariable(
+            @RequestParam("appId") String appId,
+            @RequestParam("username") String username,
+            @RequestParam("name") String name
+    );
+
+    /**
+     * 设置会话变量
+     */
+    @PostMapping("/airag/api/setChatVariable")
+    void setChatVariable(
+            @RequestParam("appId") String appId,
+            @RequestParam("username") String username,
+            @RequestParam("name") String name,
+            @RequestParam("value") String value
+    );
+
+    /**
+     * 根据应用ID查询记忆库ID
+     */
+    @PostMapping("/airag/api/getMemoryIdByAppId")
+    String getMemoryIdByAppId(@RequestParam("appId") String appId);
+
+    /**
+     * 根据提示词ID查询提示词内容
+     */
+    @PostMapping("/airag/api/getPromptContent")
+    String getPromptContent(@RequestParam("promptId") String promptId);
+
 }

jeecg-boot/jeecg-module-system/jeecg-system-api/jeecg-system-cloud-api/src/main/java/org/jeecg/common/airag/api/fallback/AiragBaseApiFallback.java

@@ -9,7 +9,26 @@ public class AiragBaseApiFallback implements IAiragBaseApi {
     private Throwable cause;
 
     @Override
-    public String knowledgeWriteTextDocument(String knowledgeId, String title, String content) {
+    public String knowledgeWriteTextDocument(String knowledgeId, String title, String content, String segmentConfig) {
+        return null;
+    }
+
+    @Override
+    public String getChatVariable(String appId, String username, String name) {
+        return null;
+    }
+
+    @Override
+    public void setChatVariable(String appId, String username, String name, String value) {
+    }
+
+    @Override
+    public String getMemoryIdByAppId(String appId) {
+        return null;
+    }
+
+    @Override
+    public String getPromptContent(String promptId) {
         return null;
     }
 

jeecg-boot/jeecg-module-system/jeecg-system-api/jeecg-system-cloud-api/src/main/java/org/jeecg/common/online/api/IOnlineBaseExtApi.java

@@ -13,7 +13,7 @@ import java.util.List;
 import java.util.Map;
 
 /**
- * @Description: 【Online】Feign API接口
+ * @Description: 【Online】online表单对外 Feign API接口
  *
  * @ConditionalOnMissingClass("org.jeecg.modules.online.cgform.service.impl.OnlineBaseExtApiImpl") => 有实现类的时候，不实例化Feign接口
  * @author: jeecg-boot

jeecg-boot/jeecg-module-system/jeecg-system-api/jeecg-system-cloud-api/src/main/java/org/jeecg/common/online/api/factory/OnlineBaseExtApiFallbackFactory.java

@@ -1,8 +1,8 @@
 package org.jeecg.common.online.api.factory;
 
-import org.springframework.cloud.openfeign.FallbackFactory;
 import org.jeecg.common.online.api.IOnlineBaseExtApi;
 import org.jeecg.common.online.api.fallback.OnlineBaseExtApiFallback;
+import org.springframework.cloud.openfeign.FallbackFactory;
 import org.springframework.stereotype.Component;
 
 /**

jeecg-boot/jeecg-module-system/jeecg-system-api/jeecg-system-cloud-api/src/main/java/org/jeecg/common/system/api/ISysBaseAPI.java

@@ -15,11 +15,11 @@ import org.jeecg.common.system.api.factory.SysBaseAPIFallbackFactory;
 import org.jeecg.common.system.vo.*;
 import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingClass;
 import org.springframework.cloud.openfeign.FeignClient;
-import org.springframework.data.repository.query.Param;
 import org.springframework.stereotype.Component;
 import org.springframework.web.bind.annotation.*;
 import org.springframework.web.servlet.mvc.method.annotation.SseEmitter;
 
+import java.util.Collection;
 import java.util.List;
 import java.util.Map;
 import java.util.Set;
@@ -130,7 +130,16 @@ public interface ISysBaseAPI extends CommonAPI {
      */
     @GetMapping("/sys/api/getDepartParentIdsByDepIds")
     Set<String> getDepartParentIdsByDepIds(@RequestParam("depIds") Set<String> depIds);
-    
+
+    /**
+     * 8.4 通过 userIds 查询部门ID列表
+     *
+     * @param userIds
+     * @return key = userId; value = 用户拥有的部门ID列表
+     */
+    @GetMapping("/sys/api/getDepartIdsByUserIds")
+    Map<String, List<String>> getDepartIdsByUserIds(@RequestParam("userIds") Collection<String> userIds);
+
     /**
      * 9通过用户账号查询部门 name
      * @param username
@@ -912,4 +921,18 @@ public interface ISysBaseAPI extends CommonAPI {
      */
     @PostMapping("/sys/api/uniPushMsgToUser")
     void uniPushMsgToUser(@RequestBody PushMessageDTO pushMessageDTO);
+
+    /**
+     * 根据用户名查询用户主部门信息。
+     * <p>
+     * 逻辑：取用户的主岗位（mainDepPostId），再查询该岗位节点在 sys_depart 中的父节点，
+     * 父节点即为用户的主部门，返回其信息。
+     * <p>
+     *
+     * @param username 用户账号
+     * @return 主部门信息，若用户未配置主岗位则返回 {@code null}
+     */
+    @GetMapping("/sys/api/queryMainDepartByUsername")
+    SysDepartModel queryMainDepartByUsername(@RequestParam("username") String username);
+
 }

jeecg-boot/jeecg-module-system/jeecg-system-api/jeecg-system-cloud-api/src/main/java/org/jeecg/common/system/api/fallback/SysBaseAPIFallback.java

@@ -14,6 +14,7 @@ import org.jeecg.common.system.api.ISysBaseAPI;
 import org.jeecg.common.system.vo.*;
 import org.springframework.web.servlet.mvc.method.annotation.SseEmitter;
 
+import java.util.Collection;
 import java.util.List;
 import java.util.Map;
 import java.util.Set;
@@ -89,6 +90,11 @@ public class SysBaseAPIFallback implements ISysBaseAPI {
         return null;
     }
 
+    @Override
+    public Map<String, List<String>> getDepartIdsByUserIds(Collection<String> userIds) {
+        return Map.of();
+    }
+
     @Override
     public List<String> getDepartNamesByUsername(String username) {
         return null;
@@ -517,6 +523,11 @@ public class SysBaseAPIFallback implements ISysBaseAPI {
 
     }
 
+    @Override
+    public SysDepartModel queryMainDepartByUsername(String username) {
+        return null;
+    }
+
     @Override
     public String getDepartPathNameByOrgCode(String orgCode, String depId) {
         return "";