Merge pull request #414 from dataease/pr@dev@refactor_公共连接分享使用独立拦截器

refactor: 查看分享链接使用独立拦截器

Merge pull request #414 from dataease/pr@dev@refactor_公共连接分享使用独立拦截器
4a5f8680 · fit2cloud-chenyw · GitHub · 7beb636f · bcd786c4 · 4a5f8680
--- a/backend/src/main/java/io/dataease/auth/config/ShiroConfig.java
+++ b/backend/src/main/java/io/dataease/auth/config/ShiroConfig.java
@@ -50,6 +50,7 @@ public class ShiroConfig {
        filterMap.put("f2cPerms", new F2CPermissionsFilter());
        filterMap.put("jwt", new JWTFilter());
        filterMap.put("logout", new F2CLogoutFilter());
+        filterMap.put("link", new F2CLinkFilter());
        factoryBean.setSecurityManager(securityManager);
        factoryBean.setLoginUrl("/login");
        factoryBean.setUnauthorizedUrl("/login");

--- a/backend/src/main/java/io/dataease/auth/filter/F2CLinkFilter.java
+++ b/backend/src/main/java/io/dataease/auth/filter/F2CLinkFilter.java
+package io.dataease.auth.filter;
+import cn.hutool.core.util.ObjectUtil;
+import com.auth0.jwt.JWT;
+import com.auth0.jwt.interfaces.Claim;
+import com.auth0.jwt.interfaces.DecodedJWT;
+import io.dataease.auth.config.RsaProperties;
+import io.dataease.auth.util.JWTUtils;
+import io.dataease.auth.util.LinkUtil;
+import io.dataease.auth.util.RsaUtil;
+import io.dataease.base.domain.PanelLink;
+import io.dataease.commons.utils.LogUtil;
+import org.apache.commons.lang3.StringUtils;
+import org.apache.shiro.web.filter.authc.AnonymousFilter;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.http.HttpServletRequest;
+public class F2CLinkFilter extends AnonymousFilter {
+    private static final Logger logger = LoggerFactory.getLogger(F2CLogoutFilter.class);
+    private static final String LINK_TOKEN_KEY = "LINK-PWD-TOKEN";
+    @Override
+    protected boolean onPreHandle(ServletRequest request, ServletResponse response, Object mappedValue) {
+        try{
+            HttpServletRequest req = (HttpServletRequest) request;
+            String link_token = req.getHeader(LINK_TOKEN_KEY);
+            DecodedJWT jwt = JWT.decode(link_token);
+            Claim resourceId = jwt.getClaim("resourceId");
+            String id = resourceId.asString();
+            PanelLink panelLink = LinkUtil.queryLink(id);
+            if (ObjectUtil.isEmpty(panelLink)) return false;
+            if (!panelLink.getEnablePwd()) {
+                panelLink.setPwd("dataease");
+            }
+            return JWTUtils.verifyLink(link_token, id, RsaUtil.decryptByPrivateKey(RsaProperties.privateKey, panelLink.getPwd()));
+        }catch (Exception e) {
+            LogUtil.error(e);
+        }
+        return false;
+    }
+}
--- a/backend/src/main/java/io/dataease/auth/service/impl/ShiroServiceImpl.java
+++ b/backend/src/main/java/io/dataease/auth/service/impl/ShiroServiceImpl.java
@@ -41,8 +41,7 @@ public class ShiroServiceImpl implements ShiroService {
        //验证链接
        filterChainDefinitionMap.put("/api/link/validate**", ANON);
-        filterChainDefinitionMap.put("/panel/group/findOne/**", ANON);
-        filterChainDefinitionMap.put("/chart/view/getData/**", ANON);
        filterChainDefinitionMap.put("/system/ui/**", ANON);
@@ -59,9 +58,16 @@ public class ShiroServiceImpl implements ShiroService {
        filterChainDefinitionMap.put("/tokenExpired", ANON);
        filterChainDefinitionMap.put("/downline", ANON);
        filterChainDefinitionMap.put("/common-files/**", ANON);
        filterChainDefinitionMap.put("/api/auth/logout", "logout");
+        filterChainDefinitionMap.put("/api/link/resourceDetail/**", "link");
+        filterChainDefinitionMap.put("/api/link/viewDetail/**", "link");
        filterChainDefinitionMap.put("/**", "authc");
        filterChainDefinitionMap.put("/**", "jwt");
        return filterChainDefinitionMap;
    }

--- a/backend/src/main/java/io/dataease/auth/util/LinkUtil.java
+++ b/backend/src/main/java/io/dataease/auth/util/LinkUtil.java
+package io.dataease.auth.util;
+import io.dataease.base.domain.PanelLink;
+import io.dataease.service.panel.PanelLinkService;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Component;
+@Component
+public class LinkUtil {
+    private static PanelLinkService panelLinkService;
+    @Autowired
+    public void setPanelLinkService(PanelLinkService panelLinkService) {
+        LinkUtil.panelLinkService = panelLinkService;
+    }
+    public static PanelLink queryLink(String resourceId) {
+        return panelLinkService.findOne(resourceId);
+    }
+}
--- a/backend/src/main/java/io/dataease/controller/panel/api/LinkApi.java
+++ b/backend/src/main/java/io/dataease/controller/panel/api/LinkApi.java
 package io.dataease.controller.panel.api;
+import io.dataease.controller.request.chart.ChartExtRequest;
 import io.dataease.controller.request.panel.link.EnablePwdRequest;
 import io.dataease.controller.request.panel.link.LinkRequest;
 import io.dataease.controller.request.panel.link.PasswordRequest;
@@ -40,4 +41,12 @@ public interface LinkApi {
    @ApiOperation("验证密码")
    @PostMapping("/validatePwd")
    boolean validatePwd(PasswordRequest request) throws Exception;
+    @ApiOperation("资源详息")
+    @PostMapping("/resourceDetail/{resourceId}")
+    Object resourceDetail(@PathVariable String resourceId);
+    @ApiOperation("视图详息")
+    @PostMapping("/viewDetail/{viewId}")
+    Object viewDetail(@PathVariable String viewId, @RequestBody ChartExtRequest requestList) throws Exception;
 }
--- a/backend/src/main/java/io/dataease/controller/panel/server/LinkServer.java
+++ b/backend/src/main/java/io/dataease/controller/panel/server/LinkServer.java
@@ -4,18 +4,22 @@ package io.dataease.controller.panel.server;
 import com.google.gson.Gson;
 import io.dataease.base.domain.PanelLink;
 import io.dataease.controller.panel.api.LinkApi;
+import io.dataease.controller.request.chart.ChartExtRequest;
 import io.dataease.controller.request.panel.link.EnablePwdRequest;
 import io.dataease.controller.request.panel.link.LinkRequest;
 import io.dataease.controller.request.panel.link.PasswordRequest;
 import io.dataease.controller.request.panel.link.ValidateRequest;
 import io.dataease.dto.panel.link.GenerateDto;
 import io.dataease.dto.panel.link.ValidateDto;
+import io.dataease.service.chart.ChartViewService;
 import io.dataease.service.panel.PanelLinkService;
 import org.apache.commons.lang3.ObjectUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RestController;
+import javax.annotation.Resource;
 import java.util.Map;
@@ -27,6 +31,9 @@ public class LinkServer implements LinkApi {
    @Autowired
    private PanelLinkService panelLinkService;
+    @Resource
+    private ChartViewService chartViewService;
    @Override
    public void replacePwd(@RequestBody PasswordRequest request) {
@@ -73,4 +80,14 @@ public class LinkServer implements LinkApi {
    public boolean validatePwd(@RequestBody PasswordRequest request) throws Exception {
        return panelLinkService.validatePwd(request);
    }
+    @Override
+    public Object resourceDetail(@PathVariable String resourceId) {
+        return panelLinkService.resourceInfo(resourceId);
+    }
+    @Override
+    public Object viewDetail(String viewId, ChartExtRequest requestList) throws Exception{
+        return chartViewService.getData(viewId, requestList);
+    }
 }
--- a/backend/src/main/java/io/dataease/service/panel/PanelLinkService.java
+++ b/backend/src/main/java/io/dataease/service/panel/PanelLinkService.java
@@ -4,7 +4,9 @@ import com.google.gson.Gson;
 import io.dataease.auth.config.RsaProperties;
 import io.dataease.auth.util.JWTUtils;
 import io.dataease.auth.util.RsaUtil;
+import io.dataease.base.domain.PanelGroupWithBLOBs;
 import io.dataease.base.domain.PanelLink;
+import io.dataease.base.mapper.PanelGroupMapper;
 import io.dataease.base.mapper.PanelLinkMapper;
 import io.dataease.commons.utils.ServletUtils;
 import io.dataease.controller.request.panel.link.EnablePwdRequest;
@@ -32,6 +34,9 @@ public class PanelLinkService {
    @Resource
    private PanelLinkMapper mapper;
+    @Resource
+    private PanelGroupMapper panelGroupMapper;
    public void changeValid(LinkRequest request){
        PanelLink po = new PanelLink();
        po.setResourceId(request.getResourceId());
@@ -117,7 +122,16 @@ public class PanelLinkService {
    public Boolean validateHeads(PanelLink panelLink) throws Exception{
        HttpServletRequest request = ServletUtils.request();
        String token = request.getHeader("LINK-PWD-TOKEN");
-        if (StringUtils.isEmpty(token) || StringUtils.equals("undefined", token) || StringUtils.equals("null", token)) return false;
+        if (!panelLink.getEnablePwd() || StringUtils.isEmpty(token) || StringUtils.equals("undefined", token) || StringUtils.equals("null", token)) {
+            String resourceId = panelLink.getResourceId();
+            String pwd = "dataease";
+            String tk = JWTUtils.signLink(resourceId, pwd);
+            HttpServletResponse httpServletResponse = ServletUtils.response();
+            httpServletResponse.addHeader("Access-Control-Expose-Headers", "LINK-PWD-TOKEN");
+            httpServletResponse.setHeader("LINK-PWD-TOKEN", tk);
+            return false;
+        }
+        if (StringUtils.isEmpty(panelLink.getPwd())) return false;
        boolean verify = JWTUtils.verifyLink(token, panelLink.getResourceId(), decryptParam(panelLink.getPwd()));
        return verify;
    }
@@ -137,4 +151,9 @@ public class PanelLinkService {
        return pass;
    }
+    public PanelGroupWithBLOBs resourceInfo(String resourceId) {
+        return panelGroupMapper.selectByPrimaryKey(resourceId);
+    }
 }
--- a/frontend/src/api/link/index.js
+++ b/frontend/src/api/link/index.js
@@ -51,7 +51,17 @@ export function loadGenerate(resourceId) {
 export function loadResource(resourceId) {
  return request({
-    url: 'panel/group/findOne/' + resourceId,
+    url: 'api/link/resourceDetail/' + resourceId,
-    method: 'get'
+    method: 'post'
+  })
+}
+export function viewInfo(id, data) {
+  return request({
+    url: 'api/link/viewDetail/' + id,
+    method: 'post',
+    timeout: 30000,
+    hideMsg: true,
+    data
  })
 }
--- a/frontend/src/components/canvas/custom-component/UserView.vue
+++ b/frontend/src/components/canvas/custom-component/UserView.vue
@@ -25,6 +25,7 @@
 <script>
 import { viewData } from '@/api/panel/panel'
+import { viewInfo } from '@/api/link'
 import ChartComponent from '@/views/chart/components/ChartComponent.vue'
 import TableNormal from '@/views/chart/components/table/TableNormal'
 import LabelNormal from '../../../views/chart/components/normal/LabelNormal'
@@ -35,7 +36,7 @@ import { isChange } from '@/utils/conditionUtil'
 import { BASE_CHART_STRING } from '@/views/chart/chart/chart'
 import eventBus from '@/components/canvas/utils/eventBus'
 import { deepCopy } from '@/components/canvas/utils/utils'
+import { getToken, getLinkToken } from '@/utils/auth'
 export default {
  name: 'UserView',
  components: { ChartComponent, TableNormal, LabelNormal },
@@ -161,7 +162,14 @@ export default {
      if (id) {
        this.requestStatus = 'waiting'
        this.message = null
-        viewData(id, this.filter).then(response => {
+        // 增加判断 仪表板公共连接中使用viewInfo 正常使用viewData
+        let method = viewData
+        if (!getToken() && getLinkToken()) {
+          method = viewInfo
+        }
+        method(id, this.filter).then(response => {
          // 将视图传入echart组件
          if (response.success) {
            this.chart = response.data

--- a/frontend/src/utils/request.js
+++ b/frontend/src/utils/request.js
@@ -79,8 +79,8 @@ const checkAuth = response => {
    store.dispatch('user/refreshToken', refreshToken)
  }
-  if (response.headers[LinkTokenKey.toLocaleLowerCase()]) {
+  if (response.headers[LinkTokenKey.toLocaleLowerCase()] || (response.config.headers && response.config.headers[LinkTokenKey.toLocaleLowerCase()])) {
-    const linkToken = response.headers[LinkTokenKey.toLocaleLowerCase()]
+    const linkToken = response.headers[LinkTokenKey.toLocaleLowerCase()] || response.config.headers[LinkTokenKey.toLocaleLowerCase()]
    setLinkToken(linkToken)
  }
  // 许可状态改变 刷新页面

--- a/frontend/src/views/link/pwd/index.vue
+++ b/frontend/src/views/link/pwd/index.vue
@@ -13,7 +13,7 @@
        <div class="input-layout">
          <div class="input-main">
            <div class="div-input">
-              <el-form ref="pwdForm" :model="form" :rules="rule" size="small">
+              <el-form ref="pwdForm" :model="form" :rules="rule" size="small" @submit.native.prevent>
                <el-form-item prop="password">
                  <el-input v-model="form.password" maxlength="4" show-password class="real-input" :placeholder="$t('pblink.input_placeholder')" />
                </el-form-item>
@@ -65,8 +65,25 @@ export default {
      }
    }
  },
+  mounted() {
+    this.bindKey()
+  },
+  destroyed() {
+    this.unBindKey()
+  },
  methods: {
+    entryKey(event) {
+      const keyCode = event.keyCode
+      if (keyCode === 13) {
+        this.refresh()
+      }
+    },
+    bindKey() {
+      document.addEventListener('keypress', this.entryKey)
+    },
+    unBindKey() {
+      document.removeEventListener('keypress', this.entryKey)
+    },
    // 验证密码是否正确 如果正确 设置请求头部带LINK-PWD-TOKEN=entrypt(pwd)再刷新页面
    refresh() {
      this.$refs.pwdForm.validate(valid => {