feat: 用户权限可被收回

backend/src/main/java/io/dataease/base/mapper/ext/ExtVAuthModelMapper.xml

@@ -14,12 +14,12 @@
         authCount.children_count AS children_count,
         IF
         (( authCount.children_count > 0 ), 0, 1 ) AS leaf
-        FROM
-        ( SELECT * FROM v_auth_model
+        FROM (select get_grant_auths (#{modelType},#{createBy}) cids1) t1,
+        ( SELECT * FROM (select get_grant_auths (#{modelType},#{createBy}) cids2) t2 ,v_auth_model
         <where>
             model_type = #{modelType}
-            <if test="createBy != null">
-               and  FIND_IN_SET(v_auth_model.id,GET_V_AUTH_MODEL_WITH_PARENT ( (select GROUP_CONCAT(id) from v_auth_model where model_type = #{modelType} and create_by =#{createBy}) ,#{modelType}))
+            <if test="1== withAuth">
+               and  FIND_IN_SET(v_auth_model.id,GET_V_AUTH_MODEL_WITH_PARENT ( cids2 ,#{modelType}))
             </if>
             <if test="pid !=null">
                 and v_auth_model.pid = #{pid}
@@ -50,11 +50,11 @@
         count( 1 ) AS `children_count`,
         `authTemp`.`pid` AS `pid`
         FROM
-        ( SELECT * FROM v_auth_model
+        ( SELECT * FROM (select get_grant_auths (#{modelType},#{createBy}) cids3) t3,v_auth_model
         <where>
             model_type = #{modelType}
-            <if test="createBy != null">
-                and   FIND_IN_SET(v_auth_model.id,GET_V_AUTH_MODEL_WITH_PARENT ( (select GROUP_CONCAT(id) from v_auth_model where model_type = #{modelType} and create_by =#{createBy}) ,#{modelType}))
+            <if test="1== withAuth">
+                and   FIND_IN_SET(v_auth_model.id,GET_V_AUTH_MODEL_WITH_PARENT ( cids3 ,#{modelType}))
             </if>
         </where>
         ) authTemp
@@ -63,8 +63,8 @@
         ) authCount ON
         auth.id = authCount.pid
         <where>
-            <if test="createBy != null">
-                (authCount.children_count>0 or auth.create_by = #{createBy})
+            <if test="1== withAuth">
+                (authCount.children_count>0 or FIND_IN_SET(auth.id,cids1) )
             </if>
         </where>
 

backend/src/main/java/io/dataease/controller/request/BaseTreeRequest.java

@@ -26,6 +26,9 @@ public class BaseTreeRequest {
 
     private String createBy;
 
+    private String withAuth;//需要根据权限返回
+
+
     public BaseTreeRequest() {
     }
 

backend/src/main/java/io/dataease/service/sys/SysAuthService.java

@@ -40,18 +40,20 @@ public class SysAuthService {
     @Resource
     private ExtVAuthModelMapper extVAuthModelMapper;
 
-    private static List<String> PRI_MODEL_TYPE = Arrays.asList("link","dataset","chart","panel");
+    private static List<String> PRI_MODEL_TYPE = Arrays.asList("link","dataset","chart","panel","menu");
 
 
     /**
-     * @Description: 查询可见授权数据的数据如果是管理员（IsAdmin = true）且modelType 为link dataset chart panel可以查询到所有的数据，
+     * @Description: 查询可见授权数据的数据如果是管理员（IsAdmin = true）且modelType 为link dataset chart panel menu可以查询到所有的数据，
      * 如果是普通用户，只能查询到自己的数据；但是 node_type 为spine 时 节点也会返回
      **/
     public List<VAuthModelDTO> searchAuthModelTree(BaseTreeRequest request) {
         CurrentUserDto currentUserDto = AuthUtils.getUser();
-        request.setCreateBy(null);
+        request.setCreateBy(String.valueOf(currentUserDto.getUserId()));
         if(PRI_MODEL_TYPE.contains(request.getModelType())&&(currentUserDto.getIsAdmin() == null || !currentUserDto.getIsAdmin())){
-            request.setCreateBy(currentUserDto.getUsername());
+            request.setWithAuth("1");
+        }else{
+            request.setWithAuth("0");
         }
         return extVAuthModelMapper.searchTree(request);
     }

backend/src/main/resources/i18n/messages_en_US.properties

@@ -226,6 +226,7 @@ i18n_auth_view=View
 i18n_auth_use=Use
 i18n_auth_export=Export
 i18n_auth_manage=Manage
+i18n_auth_grant=Grant
 i18n_template_system=System Template
 i18n_template_self=Self Template
 i18n_name_cant_repeat_same_group=Name is already exists in the same group

backend/src/main/resources/i18n/messages_zh_CN.properties

@@ -227,6 +227,7 @@ i18n_auth_view=查看
 i18n_auth_use=使用
 i18n_auth_export=导出
 i18n_auth_manage=管理
+i18n_auth_grant=授权
 i18n_template_system=系统模板
 i18n_template_self=用户模板
 i18n_name_cant_repeat_same_group=同一分组下名称不能重复

backend/src/main/resources/i18n/messages_zh_TW.properties

@@ -227,6 +227,7 @@ i18n_auth_view=查看
 i18n_auth_use=使用
 i18n_auth_export=導出
 i18n_auth_manage=管理
+i18n_auth_grant=授权
 i18n_template_system=系統模板
 i18n_template_self=用戶模板
 i18n_name_cant_repeat_same_group=同一分組下名稱不能重復

frontend/src/lang/zh.js

@@ -940,6 +940,7 @@ export default {
     datasetAuth: '数据集权限',
     chartAuth: '视图权限',
     panelAuth: '仪表盘权限',
+    menuAuth: '菜单和操作权限',
     deptHead: '所有组织',
     roleHead: '所有角色',
     userHead: '所有用户',
@@ -947,6 +948,7 @@ export default {
     datasetAuthHead: '所有数据',
     chartAuthHead: '所有视图',
     panelAuthHead: '所有仪表盘',
+    menuAuthHead: '所有菜单和操作',
     view: '查看',
     use: '使用',
     export: '导出',

frontend/src/views/system/authority/authConfig.vue

@@ -27,7 +27,7 @@
         </el-input>
       </div>
       <el-tabs v-model="sourceActiveName" :class="{'de-search-header': showSourceSearchInput}" @tab-click="handleClick">
-        <el-tab-pane v-for="(sourceInfo, index) in sourceInfoArray" :key="index" :lazy="true" :label="sourceInfo.tabName" :name="sourceInfo.authType">
+        <el-tab-pane v-for="(sourceInfo, index) in sourceInfoTabs" :key="index" :lazy="true" :label="sourceInfo.tabName" :name="sourceInfo.authType">
           <lazy-tree
             v-if="authCondition"
             :active-name="sourceActiveName"
@@ -86,26 +86,39 @@ export default {
             tabName: this.$t('auth.linkAuth'),
             head: this.$t('auth.linkAuthHead'),
             direction: 'source',
-            authType: 'link'
+            authType: 'link',
+            authTargets: 'dept,role,user'
           },
           {
             tabName: this.$t('auth.datasetAuth'),
             head: this.$t('auth.datasetAuthHead'),
             direction: 'source',
-            authType: 'dataset'
+            authType: 'dataset',
+            authTargets: 'dept,role,user'
           },
           {
             tabName: this.$t('auth.chartAuth'),
             head: this.$t('auth.linkAuthHead'),
             direction: 'source',
-            authType: 'chart'
+            authType: 'chart',
+            authTargets: 'dept,role,user'
           },
           {
             tabName: this.$t('auth.panelAuth'),
             head: this.$t('auth.panelAuthHead'),
             direction: 'source',
-            authType: 'panel'
-          }],
+            authType: 'panel',
+            authTargets: 'dept,role,user'
+          }
+          // ,
+          // {
+          //   tabName: this.$t('auth.menuAuth'),
+          //   head: this.$t('auth.menuAuthHead'),
+          //   direction: 'source',
+          //   authType: 'menu',
+          //   authTargets: 'role'
+          // }
+        ],
       targetActiveName: null,
       sourceActiveName: null,
       showSourceSearchInput: false,
@@ -116,6 +129,17 @@ export default {
       authCondition: null
     }
   },
+  computed: {
+    sourceInfoTabs() {
+      const tabs = []
+      this.sourceInfoArray.forEach(item => {
+        if (item.authTargets.indexOf(this.targetActiveName) > -1) {
+          tabs.push(item)
+        }
+      })
+      return tabs
+    }
+  },
   created() {
     this.targetActiveName = this.targetInfoArray[0].authType
     this.sourceActiveName = this.sourceInfoArray[0].authType