Skip to content

D
dataease
提交 79934b3b authored 作者: fit2cloud-chenyw's avatar fit2cloud-chenyw
浏览文件
操作

refactor: 分享列表仪表板使用代理权限查看

上级 df603722
全部展开 隐藏空白字符变更
内嵌 并排
正在显示 包含 457 行增加79 行删除
backend/src/main/java/io/dataease/auth/annotation/DePermission.java
浏览文件 @ 79934b3b
......@@ -8,9 +8,9 @@ import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;
@Target({ElementType.TYPE, ElementType.METHOD})
@Target({ ElementType.TYPE, ElementType.METHOD })
@Retention(RetentionPolicy.RUNTIME)
public @interface DePermission {
public @interface DePermission {
DePermissionType type();
......
backend/src/main/java/io/dataease/auth/annotation/DePermissionProxy.java 0 → 100644
浏览文件 @ 79934b3b
package io.dataease.auth.annotation;
import java.lang.annotation.ElementType;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;
@Target({ ElementType.TYPE, ElementType.METHOD })
@Retention(RetentionPolicy.RUNTIME)
public @interface DePermissionProxy {
String value() default "";
int paramIndex() default 0;
}
backend/src/main/java/io/dataease/auth/aop/DeCleanerAnnotationHandler.java
浏览文件 @ 79934b3b
package io.dataease.auth.aop;
import io.dataease.auth.annotation.DeCleaner;
import io.dataease.auth.api.dto.CurrentUserDto;
import io.dataease.commons.constants.AuthConstants;
......@@ -23,7 +22,6 @@ public class DeCleanerAnnotationHandler {
@Around(value = "@annotation(io.dataease.auth.annotation.DeCleaner)")
public Object CleanerAround(ProceedingJoinPoint point) {
try {
CurrentUserDto user = AuthUtils.getUser();
MethodSignature ms = (MethodSignature) point.getSignature();
Method method = ms.getMethod();
DeCleaner deCleaner = method.getAnnotation(DeCleaner.class);
......@@ -41,7 +39,7 @@ public class DeCleanerAnnotationHandler {
}
return point.proceed(point.getArgs());
}catch (Throwable e) {
} catch (Throwable e) {
LogUtil.error(e.getMessage(), e);
throw new RuntimeException(e);
}
......@@ -55,6 +53,7 @@ public class DeCleanerAnnotationHandler {
CacheUtils.remove(AuthConstants.ROLE_PANEL_NAME, "role" + role.getId());
});
}
public void cleanDataSet() {
CurrentUserDto user = AuthUtils.getUser();
CacheUtils.remove(AuthConstants.USER_DATASET_NAME, "user" + user.getUserId());
......@@ -63,6 +62,7 @@ public class DeCleanerAnnotationHandler {
CacheUtils.remove(AuthConstants.ROLE_DATASET_NAME, "role" + role.getId());
});
}
public void cleanDataSource() {
CurrentUserDto user = AuthUtils.getUser();
CacheUtils.remove(AuthConstants.USER_LINK_NAME, "user" + user.getUserId());
......
backend/src/main/java/io/dataease/auth/aop/DePermissionProxyHandler.java 0 → 100644
浏览文件 @ 79934b3b
package io.dataease.auth.aop;
import java.lang.reflect.Array;
import java.lang.reflect.Field;
import java.lang.reflect.Method;
import java.util.Arrays;
import java.util.Collection;
import java.util.Map;
import org.apache.commons.lang3.StringUtils;
import org.aspectj.lang.ProceedingJoinPoint;
import org.aspectj.lang.annotation.Around;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.reflect.MethodSignature;
import org.springframework.core.annotation.Order;
import org.springframework.stereotype.Component;
import io.dataease.auth.annotation.DePermissionProxy;
import io.dataease.commons.utils.AuthUtils;
import io.dataease.commons.utils.LogUtil;
import io.dataease.dto.PermissionProxy;
@Aspect
@Component
@Order(0)
public class DePermissionProxyHandler {
@Around(value = "@annotation(io.dataease.auth.annotation.DePermissionProxy)")
public Object proxyAround(ProceedingJoinPoint point) {
try {
MethodSignature ms = (MethodSignature) point.getSignature();
Method method = ms.getMethod();
DePermissionProxy annotation = method.getAnnotation(DePermissionProxy.class);
Object[] args = point.getArgs();
if (null == args || args.length == 0) {
return point.proceed(args);
}
Object arg = point.getArgs()[annotation.paramIndex()];
/*
* if (arg instanceof PermissionProxy) {
* PermissionProxy proxy = (PermissionProxy) arg;
* AuthUtils.setProxyUser(proxy.getUserId());
* }
*/
PermissionProxy proxy = getProxy(arg, annotation, 0);
if (null != proxy && null != proxy.getUserId()) {
AuthUtils.setProxyUser(proxy.getUserId());
}
return point.proceed(args);
} catch (Throwable throwable) {
LogUtil.error(throwable.getMessage(), throwable);
throw new RuntimeException(throwable.getMessage());
} finally {
AuthUtils.cleanProxyUser();
}
}
private PermissionProxy getProxy(Object arg, DePermissionProxy annotation, int layer) throws Exception {
PermissionProxy result = null;
String value = annotation.value();
Class<?> parameterType = arg.getClass();
if (arg instanceof PermissionProxy) {
return (PermissionProxy) arg;
} else if (isArray(parameterType)) {
/*
* for (int i = 0; i < Array.getLength(arg); i++) {
* Object o = Array.get(arg, i);
* if ((result = getProxy(o, annotation, layer)) != null) {
* return result;
* }
* }
*/
return null;
} else if (isCollection(parameterType)) {
/*
* Object[] array = ((Collection) arg).toArray();
* for (int i = 0; i < array.length; i++) {
* Object o = array[i];
* if ((result = getProxy(o, annotation, layer)) != null) {
* return result;
* }
* }
*/
return null;
} else if (isMap(parameterType)) {
Map<String, Object> argMap = (Map) arg;
String[] values = value.split(".");
Object o = argMap.get(values[layer]);
return getProxy(o, annotation, ++layer);
} else {
// 当作自定义类处理
String[] values = value.split("\\.");
String fieldName = values[layer];
Object fieldValue = getFieldValue(arg, fieldName);
return getProxy(fieldValue, annotation, ++layer);
}
}
private Object getFieldValue(Object o, String fieldName) throws Exception {
Class<?> aClass = o.getClass();
while (null != aClass.getSuperclass()) {
Field[] declaredFields = aClass.getDeclaredFields();
for (int i = 0; i < declaredFields.length; i++) {
Field field = declaredFields[i];
String name = field.getName();
if (StringUtils.equals(name, fieldName)) {
field.setAccessible(true);
return field.get(o);
}
}
aClass = aClass.getSuperclass();
}
throw new NoSuchFieldException(fieldName);
}
private final static String[] wrapClasies = {
"java.lang.Boolean",
"java.lang.Character",
"java.lang.Integer",
"java.lang.Byte",
"java.lang.Short",
"java.lang.Long",
"java.lang.Float",
"java.lang.Double",
};
private Boolean isString(Class clz) {
return StringUtils.equals("java.lang.String", clz.getName());
}
private Boolean isArray(Class clz) {
return clz.isArray();
}
private Boolean isCollection(Class clz) {
return Collection.class.isAssignableFrom(clz);
}
private Boolean isMap(Class clz) {
return Map.class.isAssignableFrom(clz);
}
private Boolean isWrapClass(Class clz) {
return Arrays.stream(wrapClasies).anyMatch(item -> StringUtils.equals(item, clz.getName()));
}
}
backend/src/main/java/io/dataease/auth/config/F2CRealm.java
浏览文件 @ 79934b3b
......@@ -21,40 +21,37 @@ import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Lazy;
import org.springframework.stereotype.Component;
import java.util.Collection;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
import java.util.stream.Collectors;
@Component
public class F2CRealm extends AuthorizingRealm {
@Autowired
@Lazy //shiro组件加载过早 让authUserService等一等再注入 否则 注入的可能不是代理对象
@Lazy // shiro组件加载过早 让authUserService等一等再注入 否则 注入的可能不是代理对象
private AuthUserService authUserService;
@Override
public boolean supports(AuthenticationToken token) {
return token instanceof JWTToken || token instanceof ASKToken;
}
//验证资源权限
// 验证资源权限
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
CurrentUserDto userDto = (CurrentUserDto)principals.getPrimaryPrincipal();
CurrentUserDto userDto = (CurrentUserDto) principals.getPrimaryPrincipal();
SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();
Set<String> role = new HashSet<>(userDto.getRoles().stream().map(item -> ( item.getId() + "")).collect(Collectors.toSet()));
Set<String> role = new HashSet<>(
userDto.getRoles().stream().map(item -> (item.getId() + "")).collect(Collectors.toSet()));
simpleAuthorizationInfo.addRoles(role);
Set<String> permission = new HashSet<>(userDto.getPermissions());
simpleAuthorizationInfo.addStringPermissions(permission);
return simpleAuthorizationInfo;
}
//验证登录权限
// 验证登录权限
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken auth) throws AuthenticationException {
......@@ -73,11 +70,9 @@ public class F2CRealm extends AuthorizingRealm {
return new SimpleAuthenticationInfo(currentUserDto, signature, "f2cReam");
}
try {
CacheUtils.get("lic_info", "lic");
}catch (Exception e) {
} catch (Exception e) {
LogUtil.error(e);
throw new AuthenticationException("license error");
}
......@@ -88,7 +83,7 @@ public class F2CRealm extends AuthorizingRealm {
token = (String) auth.getCredentials();
// 解密获得username,用于和数据库进行对比
tokenInfo = JWTUtils.tokenInfoByToken(token);
}catch (Exception e) {
} catch (Exception e) {
throw new AuthenticationException(e);
}
......@@ -105,7 +100,7 @@ public class F2CRealm extends AuthorizingRealm {
} catch (Exception e) {
e.printStackTrace();
}
if (! JWTUtils.verify(token, tokenInfo, pass)) {
if (!JWTUtils.verify(token, tokenInfo, pass)) {
throw new AuthenticationException("Username or password error");
}
......@@ -118,7 +113,7 @@ public class F2CRealm extends AuthorizingRealm {
if (user == null) {
throw new AuthenticationException("User didn't existed!");
}
if (user.getEnabled()==0) {
if (user.getEnabled() == 0) {
throw new AuthenticationException("User is valid!");
}
return user;
......
backend/src/main/java/io/dataease/auth/service/ProxyAuthService.java 0 → 100644
浏览文件 @ 79934b3b
package io.dataease.auth.service;
import java.util.List;
import org.apache.shiro.authc.AuthenticationException;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import groovy.lang.Lazy;
import io.dataease.auth.api.dto.CurrentRoleDto;
import io.dataease.auth.api.dto.CurrentUserDto;
import io.dataease.auth.entity.SysUserEntity;
import io.dataease.commons.utils.BeanUtils;
@Service
public class ProxyAuthService {
@Autowired
@Lazy
private AuthUserService authUserService;
public CurrentUserDto queryCacheUserDto(Long userId) {
SysUserEntity user = authUserService.getUserById(userId);
if (user == null) {
throw new AuthenticationException("User didn't existed!");
}
if (user.getEnabled() == 0) {
throw new AuthenticationException("User is valid!");
}
// 使用缓存
List<CurrentRoleDto> currentRoleDtos = authUserService.roleInfos(user.getUserId());
// 使用缓存
List<String> permissions = authUserService.permissions(user.getUserId());
CurrentUserDto currentUserDto = BeanUtils.copyBean(new CurrentUserDto(), user);
currentUserDto.setRoles(currentRoleDtos);
currentUserDto.setPermissions(permissions);
return currentUserDto;
}
}
backend/src/main/java/io/dataease/base/mapper/ext/ExtPanelShareMapper.java
浏览文件 @ 79934b3b
package io.dataease.base.mapper.ext;
import io.dataease.base.domain.PanelShare;
import io.dataease.base.mapper.ext.query.GridExample;
import io.dataease.controller.request.panel.PanelShareRemoveRequest;
import io.dataease.controller.request.panel.PanelShareSearchRequest;
import io.dataease.dto.panel.PanelShareOutDTO;
import io.dataease.dto.panel.PanelSharePo;
import org.apache.ibatis.annotations.Param;
......@@ -20,9 +20,9 @@ public interface ExtPanelShareMapper {
List<PanelSharePo> queryOut(String userName);
List<PanelShare> queryWithResource(GridExample example);
List<PanelShare> queryWithResource(PanelShareSearchRequest request);
List<PanelShareOutDTO> queryTargets(String panelId);
List<PanelShareOutDTO> queryTargets(@Param("panelId") String panelId, @Param("userName") String userName);
void removeShares(@Param("request") PanelShareRemoveRequest request);
......
backend/src/main/java/io/dataease/base/mapper/ext/ExtPanelShareMapper.xml
浏览文件 @ 79934b3b
......@@ -6,6 +6,7 @@
<id column="id" property="id" />
<result column="name" property="name" />
<result column="creator" property="creator" />
<result column="user_id" jdbcType="BIGINT" property="userId" />
</resultMap>
<resultMap id="targetMap" type="io.dataease.dto.panel.PanelShareOutDTO">
......@@ -34,7 +35,7 @@
</delete>
<select id="query" resultMap="treeNodeMap">
select distinct s.panel_group_id as id, u.nick_name as creator, g.name
select distinct s.panel_group_id as id, u.nick_name as creator, g.name, u.user_id
from panel_share s
left join panel_group g on g.id = s.panel_group_id
left join sys_user u on u.username = IFNULL(s.granter,g.create_by)
......@@ -61,14 +62,17 @@
</select>
<select id="queryWithResource" parameterType="io.dataease.base.mapper.ext.query.GridExample" resultMap="io.dataease.base.mapper.PanelShareMapper.BaseResultMap">
select * from panel_share
<if test="_parameter != null">
<include refid="io.dataease.base.mapper.ext.query.GridSql.gridCondition" />
</if>
<if test="orderByClause != null">
order by ${orderByClause}
<select id="queryWithResource" parameterType="io.dataease.controller.request.panel.PanelShareSearchRequest" resultMap="io.dataease.base.mapper.PanelShareMapper.BaseResultMap">
select s.*
from panel_share s
left join panel_group g on g.id = s.panel_group_id
where
s.panel_group_id = #{resourceId}
<if test="type != null">
and s.type = #{type}
</if>
and (( s.granter is not null and s.granter = #{currentUserName} ) or ( s.granter is null and g.create_by = #{currentUserName} ))
order by s.create_time desc
</select>
......@@ -89,6 +93,7 @@
) as target_name
from panel_share s
where s.panel_group_id = #{panelId}
and s.granter = #{userName}
</select>
......
backend/src/main/java/io/dataease/commons/utils/AuthUtils.java
浏览文件 @ 79934b3b
......@@ -4,9 +4,12 @@ import io.dataease.auth.api.dto.CurrentRoleDto;
import io.dataease.auth.api.dto.CurrentUserDto;
import io.dataease.auth.entity.AuthItem;
import io.dataease.auth.service.ExtAuthService;
import io.dataease.auth.service.ProxyAuthService;
import io.dataease.commons.constants.DePermissionType;
import io.dataease.commons.constants.ResourceAuthLevel;
import io.dataease.commons.model.AuthURD;
import org.apache.commons.lang3.ObjectUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.shiro.SecurityUtils;
import org.springframework.beans.factory.annotation.Autowired;
......@@ -19,23 +22,43 @@ import java.util.stream.Collectors;
@Component
public class AuthUtils {
private static final String[] defaultPanelPermissions = {"panel_list"};
private static final String[] defaultDataSetPermissions = {"0"};
private static final String[] defaultLinkPermissions = {"0"};
private static final String[] defaultPanelPermissions = { "panel_list" };
private static final String[] defaultDataSetPermissions = { "0" };
private static final String[] defaultLinkPermissions = { "0" };
private static final ThreadLocal<CurrentUserDto> USER_INFO = new ThreadLocal<CurrentUserDto>();
private static ExtAuthService extAuthService;
private static ProxyAuthService proxyAuthService;
@Autowired
public void setExtAuthService(ExtAuthService extAuthService) {
AuthUtils.extAuthService = extAuthService;
}
@Autowired
public void setProxyAuthService(ProxyAuthService proxyAuthService) {
AuthUtils.proxyAuthService = proxyAuthService;
}
public static CurrentUserDto getUser() {
if (ObjectUtils.isNotEmpty(USER_INFO.get()))
return USER_INFO.get();
CurrentUserDto userDto = (CurrentUserDto) SecurityUtils.getSubject().getPrincipal();
return userDto;
}
//根据组织 角色 用户 获取下属用户ID
public static void setProxyUser(Long userId) {
CurrentUserDto currentUserDto = proxyAuthService.queryCacheUserDto(userId);
USER_INFO.set(currentUserDto);
}
public static void cleanProxyUser() {
USER_INFO.remove();
}
// 根据组织 角色 用户 获取下属用户ID
public static Set<Long> userIdsByURD(AuthURD request) {
Set<Long> userIds = extAuthService.userIdsByRD(request);
if (!CollectionUtils.isEmpty(request.getUserIds())) {
......@@ -49,8 +72,6 @@ public class AuthUtils {
return extAuthService.resourceTarget(resourceId);
}
public static Set<AuthItem> permissionByType(String type) {
CurrentUserDto user = getUser();
Long userId = user.getUserId();
......@@ -59,7 +80,8 @@ public class AuthUtils {
Set<AuthItem> result = new HashSet<>();
if (StringUtils.equals(DePermissionType.DATASOURCE.name().toLowerCase(), type)) {
Set<AuthItem> userSet = extAuthService.dataSourceIdByUser(userId).stream().collect(Collectors.toSet());
Set<AuthItem> roleSet = roles.stream().map(role -> extAuthService.dataSourceIdByRole(role.getId())).flatMap(Collection::stream).collect(Collectors.toSet());
Set<AuthItem> roleSet = roles.stream().map(role -> extAuthService.dataSourceIdByRole(role.getId()))
.flatMap(Collection::stream).collect(Collectors.toSet());
Set<AuthItem> deptSet = extAuthService.dataSourceIdByDept(deptId).stream().collect(Collectors.toSet());
result.addAll(userSet);
result.addAll(roleSet);
......@@ -72,7 +94,8 @@ public class AuthUtils {
else if (StringUtils.equals(DePermissionType.DATASET.name().toLowerCase(), type)) {
Set<AuthItem> userSet = extAuthService.dataSetIdByUser(userId).stream().collect(Collectors.toSet());
Set<AuthItem> roleSet = roles.stream().map(role -> extAuthService.dataSetIdByRole(role.getId())).flatMap(Collection::stream).collect(Collectors.toSet());
Set<AuthItem> roleSet = roles.stream().map(role -> extAuthService.dataSetIdByRole(role.getId()))
.flatMap(Collection::stream).collect(Collectors.toSet());
Set<AuthItem> deptSet = extAuthService.dataSetIdByDept(deptId).stream().collect(Collectors.toSet());
result.addAll(userSet);
result.addAll(roleSet);
......@@ -81,10 +104,10 @@ public class AuthUtils {
result.add(new AuthItem(item, ResourceAuthLevel.DATASET_LEVEL_MANAGE.getLevel()));
});
return result;
}
else if (StringUtils.equals(DePermissionType.PANEL.name().toLowerCase(), type)) {
} else if (StringUtils.equals(DePermissionType.PANEL.name().toLowerCase(), type)) {
Set<AuthItem> userSet = extAuthService.panelIdByUser(userId).stream().collect(Collectors.toSet());
Set<AuthItem> roleSet = roles.stream().map(role -> extAuthService.panelIdByRole(role.getId())).flatMap(Collection::stream).collect(Collectors.toSet());
Set<AuthItem> roleSet = roles.stream().map(role -> extAuthService.panelIdByRole(role.getId()))
.flatMap(Collection::stream).collect(Collectors.toSet());
Set<AuthItem> deptSet = extAuthService.panelIdByDept(deptId).stream().collect(Collectors.toSet());
result.addAll(userSet);
result.addAll(roleSet);
......
backend/src/main/java/io/dataease/controller/chart/ChartViewController.java
浏览文件 @ 79934b3b
......@@ -2,6 +2,7 @@ package io.dataease.controller.chart;
import com.github.xiaoymin.knife4j.annotations.ApiSupport;
import io.dataease.auth.annotation.DePermission;
import io.dataease.auth.annotation.DePermissionProxy;
import io.dataease.base.domain.ChartViewWithBLOBs;
import io.dataease.commons.constants.DePermissionType;
import io.dataease.commons.constants.ResourceAuthLevel;
......@@ -69,10 +70,12 @@ public class ChartViewController {
chartViewService.delete(id);
}
@DePermissionProxy(value = "proxy", paramIndex = 2)
@DePermission(type = DePermissionType.PANEL, level = ResourceAuthLevel.PANNEL_LEVEL_VIEW, paramIndex = 1)
@ApiOperation("数据")
@PostMapping("/getData/{id}/{panelId}")
public ChartViewDTO getData(@PathVariable String id, @PathVariable String panelId, @RequestBody ChartExtRequest requestList) throws Exception {
public ChartViewDTO getData(@PathVariable String id, @PathVariable String panelId,
@RequestBody ChartExtRequest requestList) throws Exception {
return chartViewService.getData(id, requestList);
}
......@@ -113,7 +116,8 @@ public class ChartViewController {
@ApiIgnore
@ApiOperation("验证视图是否使用相同数据集")
@GetMapping("/checkSameDataSet/{viewIdSource}/{viewIdTarget}")
public String checkSameDataSet(@PathVariable String viewIdSource, @PathVariable String viewIdTarget) throws Exception {
public String checkSameDataSet(@PathVariable String viewIdSource, @PathVariable String viewIdTarget)
throws Exception {
return chartViewService.checkSameDataSet(viewIdSource, viewIdTarget);
}
}
backend/src/main/java/io/dataease/controller/panel/PanelGroupController.java
浏览文件 @ 79934b3b
......@@ -2,6 +2,7 @@ package io.dataease.controller.panel;
import com.github.xiaoymin.knife4j.annotations.ApiSupport;
import io.dataease.auth.annotation.DePermission;
import io.dataease.auth.annotation.DePermissionProxy;
import io.dataease.auth.annotation.DePermissions;
import io.dataease.base.domain.PanelGroup;
import io.dataease.base.domain.PanelGroupWithBLOBs;
......@@ -9,13 +10,15 @@ import io.dataease.commons.constants.DePermissionType;
import io.dataease.commons.constants.ResourceAuthLevel;
import io.dataease.controller.handler.annotation.I18n;
import io.dataease.controller.request.panel.PanelGroupRequest;
import io.dataease.dto.PermissionProxy;
import io.dataease.dto.authModel.VAuthModelDTO;
import io.dataease.dto.panel.PanelGroupDTO;
import io.dataease.service.panel.PanelGroupService;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import springfox.documentation.annotations.ApiIgnore;
import org.apache.shiro.authz.annotation.Logical;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.web.bind.annotation.*;
import javax.annotation.Resource;
......@@ -50,8 +53,8 @@ public class PanelGroupController {
@ApiOperation("保存")
@PostMapping("/save")
@DePermissions(value = {
@DePermission(type = DePermissionType.PANEL, value = "id"),
@DePermission(type = DePermissionType.PANEL, value = "pid", level = ResourceAuthLevel.PANNEL_LEVEL_MANAGE)
@DePermission(type = DePermissionType.PANEL, value = "id"),
@DePermission(type = DePermissionType.PANEL, value = "pid", level = ResourceAuthLevel.PANNEL_LEVEL_MANAGE)
}, logical = Logical.AND)
@I18n
public PanelGroup saveOrUpdate(@RequestBody PanelGroupRequest request) {
......@@ -72,10 +75,20 @@ public class PanelGroupController {
return panelGroupService.findOne(id);
}
@ApiIgnore
@ApiOperation("详细信息(分享人代理)")
@DePermissionProxy(paramIndex = 1)
@DePermission(type = DePermissionType.PANEL, level = ResourceAuthLevel.PANNEL_LEVEL_VIEW)
@PostMapping("/proxy/findOne/{id}")
public PanelGroupWithBLOBs proxyFindOne(@PathVariable String id, @RequestBody PermissionProxy proxy)
throws Exception {
return panelGroupService.findOne(id);
}
@ApiOperation("仪表板视图信息")
@PostMapping("/queryPanelViewTree")
@I18n
public List<VAuthModelDTO> queryPanelViewTree(){
public List<VAuthModelDTO> queryPanelViewTree() {
return panelGroupService.queryPanelViewTree();
}
......
backend/src/main/java/io/dataease/controller/panel/PanelLinkJumpController.java
浏览文件 @ 79934b3b
package io.dataease.controller.panel;
import com.github.xiaoymin.knife4j.annotations.ApiSupport;
import io.dataease.auth.annotation.DePermissionProxy;
import io.dataease.base.domain.DatasetTableField;
import io.dataease.dto.PermissionProxy;
import io.dataease.dto.panel.linkJump.PanelLinkJumpBaseRequest;
import io.dataease.dto.panel.linkJump.PanelLinkJumpBaseResponse;
import io.dataease.dto.panel.linkJump.PanelLinkJumpDTO;
import io.dataease.service.panel.PanelLinkJumpService;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import springfox.documentation.annotations.ApiIgnore;
import org.springframework.web.bind.annotation.*;
import javax.annotation.Resource;
......@@ -33,7 +38,6 @@ public class PanelLinkJumpController {
return panelLinkJumpService.getViewFields(viewId);
}
@ApiOperation("根据仪表板ID和视图ID获取跳转信息")
@GetMapping("/queryWithViewId/{panelId}/{viewId}")
public PanelLinkJumpDTO queryWithViewId(@PathVariable String panelId, @PathVariable String viewId) {
......@@ -46,6 +50,15 @@ public class PanelLinkJumpController {
return panelLinkJumpService.queryPanelJumpInfo(panelId);
}
@ApiIgnore
@ApiOperation("根据仪表板ID获取跳转信息(分享人代理)")
@DePermissionProxy(paramIndex = 1)
@PostMapping("/proxy/queryPanelJumpInfo/{panelId}")
public PanelLinkJumpBaseResponse queryPanelJumpInfo(@PathVariable String panelId,
@RequestBody PermissionProxy proxy) {
return panelLinkJumpService.queryPanelJumpInfo(panelId);
}
@ApiOperation("更新跳转信息")
@PostMapping("/updateJumpSet")
public void updateJumpSet(@RequestBody PanelLinkJumpDTO jumpDTO) {
......
backend/src/main/java/io/dataease/controller/panel/PanelViewLinkageController.java
浏览文件 @ 79934b3b
package io.dataease.controller.panel;
import com.github.xiaoymin.knife4j.annotations.ApiSupport;
import io.dataease.auth.annotation.DePermissionProxy;
import io.dataease.commons.model.BaseRspModel;
import io.dataease.controller.request.panel.PanelLinkageRequest;
import io.dataease.dto.PanelViewLinkageDTO;
import io.dataease.dto.PermissionProxy;
import io.dataease.service.panel.PanelViewLinkageService;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import springfox.documentation.annotations.ApiIgnore;
import org.springframework.web.bind.annotation.*;
import javax.annotation.Resource;
......@@ -46,4 +51,13 @@ public class PanelViewLinkageController {
return panelViewLinkageService.getPanelAllLinkageInfo(panelId);
}
@ApiIgnore
@ApiOperation("获取当前仪表板所有联动信息(分享人代理)")
@DePermissionProxy(paramIndex = 1)
@PostMapping("/proxy/getPanelAllLinkageInfo/{panelId}")
public Map<String, List<String>> getPanelAllLinkageInfo(@PathVariable String panelId,
@RequestBody PermissionProxy proxy) {
return panelViewLinkageService.getPanelAllLinkageInfo(panelId);
}
}
backend/src/main/java/io/dataease/controller/panel/api/ShareApi.java
浏览文件 @ 79934b3b
......@@ -6,6 +6,7 @@ import io.dataease.base.domain.PanelShare;
import io.dataease.commons.constants.DePermissionType;
import io.dataease.controller.request.panel.PanelShareFineDto;
import io.dataease.controller.request.panel.PanelShareRemoveRequest;
import io.dataease.controller.request.panel.PanelShareSearchRequest;
import io.dataease.controller.sys.base.BaseGridRequest;
import io.dataease.dto.panel.PanelShareDto;
import io.dataease.dto.panel.PanelShareOutDTO;
......@@ -27,8 +28,6 @@ import java.util.List;
@RequestMapping("/api/share")
public interface ShareApi {
@ApiOperation("查询分享给我")
@PostMapping("/treeList")
List<PanelShareDto> treeList(BaseGridRequest request);
......@@ -37,25 +36,20 @@ public interface ShareApi {
@PostMapping("/shareOut")
List<PanelSharePo> shareOut();
@ApiOperation("根据资源查询分享")
@PostMapping("/queryWithResourceId")
List<PanelShare> queryWithResourceId(BaseGridRequest request);
List<PanelShare> queryWithResourceId(PanelShareSearchRequest request);
@ApiOperation("查询分享目标")
@PostMapping("/queryTargets/{panelId}")
@ApiImplicitParam(paramType = "path", value = "仪表板ID", name = "panelId", required = true, dataType = "String")
List<PanelShareOutDTO> queryTargets(@PathVariable("panelId") String panelId);
@DePermission(type = DePermissionType.PANEL, value = "resourceId")
@ApiOperation("创建分享")
@PostMapping("/fineSave")
void fineSave(PanelShareFineDto panelShareFineDto);
@ApiOperation("删除分享")
@PostMapping("/removeShares")
void removeShares(PanelShareRemoveRequest request);
......
backend/src/main/java/io/dataease/controller/panel/server/ShareServer.java
浏览文件 @ 79934b3b
......@@ -4,7 +4,7 @@ import io.dataease.base.domain.PanelShare;
import io.dataease.controller.panel.api.ShareApi;
import io.dataease.controller.request.panel.PanelShareFineDto;
import io.dataease.controller.request.panel.PanelShareRemoveRequest;
import io.dataease.controller.request.panel.PanelShareRequest;
import io.dataease.controller.request.panel.PanelShareSearchRequest;
import io.dataease.controller.sys.base.BaseGridRequest;
import io.dataease.dto.panel.PanelShareDto;
import io.dataease.dto.panel.PanelShareOutDTO;
......@@ -23,7 +23,6 @@ public class ShareServer implements ShareApi {
@Resource
private ShareService shareService;
@Override
public List<PanelShareDto> treeList(@RequestBody BaseGridRequest request) {
return shareService.queryTree(request);
......@@ -35,7 +34,7 @@ public class ShareServer implements ShareApi {
}
@Override
public List<PanelShare> queryWithResourceId(@RequestBody BaseGridRequest request) {
public List<PanelShare> queryWithResourceId(@RequestBody PanelShareSearchRequest request) {
return shareService.queryWithResource(request);
}
......@@ -54,5 +53,3 @@ public class ShareServer implements ShareApi {
shareService.removeShares(request);
}
}
backend/src/main/java/io/dataease/controller/request/chart/ChartExtRequest.java
浏览文件 @ 79934b3b
package io.dataease.controller.request.chart;
import io.dataease.dto.PermissionProxy;
import io.swagger.annotations.ApiModelProperty;
import lombok.Getter;
import lombok.Setter;
import springfox.documentation.annotations.ApiIgnore;
import java.util.List;
......@@ -16,7 +18,7 @@ public class ChartExtRequest {
@ApiModelProperty("视图额外过滤条件集合")
private List<ChartExtFilterRequest> filter;
//联动过滤条件
// 联动过滤条件
@ApiModelProperty("联动过滤条件集合")
private List<ChartExtFilterRequest> linkageFilters;
......@@ -37,4 +39,7 @@ public class ChartExtRequest {
@ApiModelProperty("用户ID")
private Long user = null;
@ApiModelProperty(hidden = true)
private PermissionProxy proxy;
}
backend/src/main/java/io/dataease/controller/request/panel/PanelShareSearchRequest.java 0 → 100644
浏览文件 @ 79934b3b
package io.dataease.controller.request.panel;
import java.io.Serializable;
import io.swagger.annotations.ApiModelProperty;
import lombok.Data;
@Data
public class PanelShareSearchRequest implements Serializable {
@ApiModelProperty(value = "分享目标类型", allowableValues = "0:user,1:role,2:dept")
private String type;
@ApiModelProperty("仪表板ID")
private String resourceId;
@ApiModelProperty("当前用户")
private String currentUserName;
}
backend/src/main/java/io/dataease/dto/PermissionProxy.java 0 → 100644
浏览文件 @ 79934b3b
package io.dataease.dto;
import java.io.Serializable;
import lombok.Data;
@Data
public class PermissionProxy implements Serializable {
private Long userId;
}
backend/src/main/java/io/dataease/dto/panel/PanelSharePo.java
浏览文件 @ 79934b3b
......@@ -4,7 +4,6 @@ import io.swagger.annotations.ApiModelProperty;
import lombok.Data;
import lombok.NoArgsConstructor;
@Data
@NoArgsConstructor
public class PanelSharePo {
......@@ -15,6 +14,7 @@ public class PanelSharePo {
private String name;
@ApiModelProperty("节点父ID")
private String creator;
@ApiModelProperty("分享人ID")
private Long userId;
}
frontend/src/api/panel/shareProxy.js 0 → 100644
浏览文件 @ 79934b3b
import request from '@/utils/request'
import { panelInit } from '@/components/canvas/utils/utils'
import store from '@/store'
export function proxyInitPanelData(panelId, proxy, callback) {
// 加载视图数据
findOne(panelId, proxy).then(response => {
// 初始化视图data和style 数据
panelInit(JSON.parse(response.data.panelData), JSON.parse(response.data.panelStyle))
// 设置当前仪表板全局信息
store.dispatch('panel/setPanelInfo', {
id: response.data.id,
name: response.data.name,
privileges: response.data.privileges,
proxy: proxy.userId
})
// 刷新联动信息
getPanelAllLinkageInfo(panelId, proxy).then(rsp => {
store.commit('setNowPanelTrackInfo', rsp.data)
})
// 刷新跳转信息
queryPanelJumpInfo(panelId, proxy).then(rsp => {
store.commit('setNowPanelJumpInfo', rsp.data)
})
callback(response)
})
}
export function findOne(id, data) {
return request({
url: '/panel/group/proxy/findOne/' + id,
method: 'post',
loading: true,
data
})
}
export function getPanelAllLinkageInfo(panelId, data) {
return request({
url: '/linkage/proxy/getPanelAllLinkageInfo/' + panelId,
method: 'post',
data
})
}
export function queryPanelJumpInfo(panelId, data) {
return request({
url: '/linkJump/proxy/queryPanelJumpInfo/' + panelId,
method: 'post',
data
})
}
frontend/src/components/canvas/custom-component/UserView.vue
浏览文件 @ 79934b3b
......@@ -433,6 +433,10 @@ export default {
...this.filter,
cache: cache
}
if (this.panelInfo.proxy) {
// method = viewInfo
requestInfo.proxy = { userId: this.panelInfo.proxy }
}
method(id, this.panelInfo.id, requestInfo).then(response => {
// 将视图传入echart组件
if (response.success) {
......
frontend/src/components/widget/DeWidget/DeSelect.vue
浏览文件 @ 79934b3b
......@@ -73,6 +73,9 @@ export default {
},
manualModify() {
return !!this.element.options.manualModify
},
panelInfo() {
return this.$store.state.panel.panelInfo
}
},
......@@ -96,9 +99,13 @@ export default {
if (!token && linkToken) {
method = linkMultFieldValues
}
const param = { fieldIds: this.element.options.attrs.fieldId.split(',') }
if (this.panelInfo.proxy) {
param.userId = this.panelInfo.proxy
}
this.element.options.attrs.fieldId &&
this.element.options.attrs.fieldId.length > 0 &&
method({ fieldIds: this.element.options.attrs.fieldId.split(',') }).then(res => {
method(param).then(res => {
this.datas = this.optionDatas(res.data)
}) || (this.element.options.value = '')
},
......
frontend/src/components/widget/DeWidget/DeSelectGrid.vue
浏览文件 @ 79934b3b
......@@ -93,6 +93,9 @@ export default {
},
manualModify() {
return !!this.element.options.manualModify
},
panelInfo() {
return this.$store.state.panel.panelInfo
}
},
watch: {
......@@ -119,9 +122,13 @@ export default {
if (!token && linkToken) {
method = linkMultFieldValues
}
const param = { fieldIds: this.element.options.attrs.fieldId.split(',') }
if (this.panelInfo.proxy) {
param.userId = this.panelInfo.proxy
}
this.element.options.attrs.fieldId &&
this.element.options.attrs.fieldId.length > 0 &&
method({ fieldIds: this.element.options.attrs.fieldId.split(',') }).then(res => {
method(param).then(res => {
this.datas = this.optionDatas(res.data)
}) || (this.element.options.value = '')
},
......
frontend/src/store/modules/panel.js
浏览文件 @ 79934b3b
......@@ -5,7 +5,8 @@ const getDefaultState = () => {
panelInfo: {
id: null,
name: '',
preStyle: null
preStyle: null,
proxy: null
},
canvasStyleDataTemp: null, // 页面全局临时存储数据
componentDataTemp: null, // 画布组件临时存储数据
......
frontend/src/views/panel/GrantAuth/dept/index.vue
浏览文件 @ 79934b3b
......@@ -208,9 +208,7 @@ export default {
},
queryShareNodeIds(callBack) {
const conditionResourceId = { field: 'panel_group_id', operator: 'eq', value: this.resourceId }
const conditionType = { field: 'type', operator: 'eq', value: this.type }
const param = { conditions: [conditionResourceId, conditionType] }
const param = { resourceId: this.resourceId, type: this.type }
loadShares(param).then(res => {
const shares = res.data
const nodeIds = shares.map(share => share.targetId)
......
frontend/src/views/panel/GrantAuth/role/index.vue
浏览文件 @ 79934b3b
......@@ -93,9 +93,7 @@ export default {
},
queryShareNodeIds(callBack) {
const conditionResourceId = { field: 'panel_group_id', operator: 'eq', value: this.resourceId }
const conditionType = { field: 'type', operator: 'eq', value: this.type }
const param = { conditions: [conditionResourceId, conditionType] }
const param = { resourceId: this.resourceId, type: this.type }
loadShares(param).then(res => {
const shares = res.data
const nodeIds = shares.map(share => share.targetId)
......
frontend/src/views/panel/GrantAuth/shareTree.vue
浏览文件 @ 79934b3b
......@@ -50,7 +50,8 @@
<script>
import { loadTree, loadShareOutTree, removeShares } from '@/api/panel/share'
import { uuid } from 'vue-uuid'
import { get, initPanelData } from '@/api/panel/panel'
import { initPanelData } from '@/api/panel/panel'
import { proxyInitPanelData } from '@/api/panel/shareProxy'
import bus from '@/utils/bus'
export default {
name: 'ShareTree',
......@@ -103,7 +104,11 @@ export default {
return loadShareOutTree()
},
handleNodeClick(data) {
initPanelData(data.id, function() {
if (!data || !data.userId || !data.id) {
return
}
const param = { userId: data.userId }
proxyInitPanelData(data.id, param, function() {
bus.$emit('set-panel-show-type', 1)
})
this.$refs['botTree'].setCurrentKey(null)
......
frontend/src/views/panel/GrantAuth/user/index.vue
浏览文件 @ 79934b3b
......@@ -100,9 +100,7 @@ export default {
},
queryShareNodeIds(callBack) {
const conditionResourceId = { field: 'panel_group_id', operator: 'eq', value: this.resourceId }
const conditionType = { field: 'type', operator: 'eq', value: this.type }
const param = { conditions: [conditionResourceId, conditionType] }
const param = { resourceId: this.resourceId, type: this.type }
loadShares(param).then(res => {
const shares = res.data
const nodeIds = shares.map(share => share.targetId)
......
Markdown 格式
0%
您添加了 0 到此讨论。请谨慎行事。
请先完成此评论的编辑!
注册 或者 后发表评论