Merge branch 'dev' into pr@dev@feat_union_dataset

backend/src/main/java/io/dataease/auth/filter/JWTFilter.java

 package io.dataease.auth.filter;
 
+import com.auth0.jwt.algorithms.Algorithm;
 import io.dataease.auth.entity.ASKToken;
 import io.dataease.auth.entity.JWTToken;
 import io.dataease.auth.entity.SysUserEntity;
@@ -115,9 +116,9 @@ public class JWTFilter extends BasicHttpAuthenticationFilter {
             DataEaseException.throwException(Translator.get("i18n_not_find_user"));
         }
         String password = user.getPassword();
-
+        Algorithm algorithm = Algorithm.HMAC256(password);
+        JWTUtils.verifySign(algorithm, token);
         String newToken = JWTUtils.sign(tokenInfo, password);
-
         // 设置响应的Header头新Token
         HttpServletResponse httpServletResponse = (HttpServletResponse) response;
         httpServletResponse.addHeader("Access-Control-Expose-Headers", "RefreshAuthorization");

backend/src/main/java/io/dataease/auth/service/impl/ShiroServiceImpl.java

@@ -41,7 +41,6 @@ public class ShiroServiceImpl implements ShiroService {
         filterChainDefinitionMap.put("/link/**", ANON);
         filterChainDefinitionMap.put("/index.html", ANON);
         filterChainDefinitionMap.put("/link.html", ANON);
-        filterChainDefinitionMap.put("/xggznb/**", ANON);
 
 
         //获取主题信息

backend/src/main/java/io/dataease/auth/util/JWTUtils.java

@@ -35,15 +35,23 @@ public class JWTUtils {
      * @return 是否正确
      */
     public static boolean verify(String token, TokenInfo tokenInfo, String secret) {
+
         Algorithm algorithm = Algorithm.HMAC256(secret);
         Verification verification = JWT.require(algorithm)
                 .withClaim("username", tokenInfo.getUsername())
                 .withClaim("userId", tokenInfo.getUserId());
         JWTVerifier verifier = verification.build();
+
+        verifySign(algorithm, token);
         verifier.verify(token);
         return true;
     }
 
+    public static void verifySign(Algorithm algorithm, String token) {
+        DecodedJWT decode = JWT.decode(token);
+        algorithm.verify(decode);
+    }
+
     /**
      * 获得token中的信息无需secret解密也能获得
      *

backend/src/main/java/io/dataease/base/domain/VAuthModel.java

@@ -21,5 +21,7 @@ public class VAuthModel implements Serializable {
 
     private Long level;
 
+    private Long mode;
+
     private static final long serialVersionUID = 1L;
 }
\ No newline at end of file

backend/src/main/java/io/dataease/base/domain/VAuthModelExample.java

@@ -653,6 +653,66 @@ public class VAuthModelExample {
             addCriterion("`level` not between", value1, value2, "level");
             return (Criteria) this;
         }
+
+        public Criteria andModeIsNull() {
+            addCriterion("`mode` is null");
+            return (Criteria) this;
+        }
+
+        public Criteria andModeIsNotNull() {
+            addCriterion("`mode` is not null");
+            return (Criteria) this;
+        }
+
+        public Criteria andModeEqualTo(Long value) {
+            addCriterion("`mode` =", value, "mode");
+            return (Criteria) this;
+        }
+
+        public Criteria andModeNotEqualTo(Long value) {
+            addCriterion("`mode` <>", value, "mode");
+            return (Criteria) this;
+        }
+
+        public Criteria andModeGreaterThan(Long value) {
+            addCriterion("`mode` >", value, "mode");
+            return (Criteria) this;
+        }
+
+        public Criteria andModeGreaterThanOrEqualTo(Long value) {
+            addCriterion("`mode` >=", value, "mode");
+            return (Criteria) this;
+        }
+
+        public Criteria andModeLessThan(Long value) {
+            addCriterion("`mode` <", value, "mode");
+            return (Criteria) this;
+        }
+
+        public Criteria andModeLessThanOrEqualTo(Long value) {
+            addCriterion("`mode` <=", value, "mode");
+            return (Criteria) this;
+        }
+
+        public Criteria andModeIn(List<Long> values) {
+            addCriterion("`mode` in", values, "mode");
+            return (Criteria) this;
+        }
+
+        public Criteria andModeNotIn(List<Long> values) {
+            addCriterion("`mode` not in", values, "mode");
+            return (Criteria) this;
+        }
+
+        public Criteria andModeBetween(Long value1, Long value2) {
+            addCriterion("`mode` between", value1, value2, "mode");
+            return (Criteria) this;
+        }
+
+        public Criteria andModeNotBetween(Long value1, Long value2) {
+            addCriterion("`mode` not between", value1, value2, "mode");
+            return (Criteria) this;
+        }
     }
 
     public static class Criteria extends GeneratedCriteria {

backend/src/main/java/io/dataease/base/mapper/VAuthModelMapper.xml

@@ -10,6 +10,7 @@
     <result column="auth_type" jdbcType="VARCHAR" property="authType" />
     <result column="create_by" jdbcType="VARCHAR" property="createBy" />
     <result column="level" jdbcType="BIGINT" property="level" />
+    <result column="mode" jdbcType="BIGINT" property="mode" />
   </resultMap>
   <resultMap extends="BaseResultMap" id="ResultMapWithBLOBs" type="io.dataease.base.domain.VAuthModelWithBLOBs">
     <result column="name" jdbcType="LONGVARCHAR" property="name" />
@@ -74,7 +75,8 @@
     </where>
   </sql>
   <sql id="Base_Column_List">
-    id, pid, node_type, model_type, model_inner_type, auth_type, create_by, `level`
+    id, pid, node_type, model_type, model_inner_type, auth_type, create_by, `level`, 
+    `mode`
   </sql>
   <sql id="Blob_Column_List">
     `name`, `label`
@@ -118,12 +120,12 @@
   <insert id="insert" parameterType="io.dataease.base.domain.VAuthModelWithBLOBs">
     insert into v_auth_model (id, pid, node_type, 
       model_type, model_inner_type, auth_type, 
-      create_by, `level`, `name`, 
-      `label`)
+      create_by, `level`, `mode`, 
+      `name`, `label`)
     values (#{id,jdbcType=VARCHAR}, #{pid,jdbcType=VARCHAR}, #{nodeType,jdbcType=VARCHAR}, 
       #{modelType,jdbcType=VARCHAR}, #{modelInnerType,jdbcType=VARCHAR}, #{authType,jdbcType=VARCHAR}, 
-      #{createBy,jdbcType=VARCHAR}, #{level,jdbcType=BIGINT}, #{name,jdbcType=LONGVARCHAR}, 
-      #{label,jdbcType=LONGVARCHAR})
+      #{createBy,jdbcType=VARCHAR}, #{level,jdbcType=BIGINT}, #{mode,jdbcType=BIGINT}, 
+      #{name,jdbcType=LONGVARCHAR}, #{label,jdbcType=LONGVARCHAR})
   </insert>
   <insert id="insertSelective" parameterType="io.dataease.base.domain.VAuthModelWithBLOBs">
     insert into v_auth_model
@@ -152,6 +154,9 @@
       <if test="level != null">
         `level`,
       </if>
+      <if test="mode != null">
+        `mode`,
+      </if>
       <if test="name != null">
         `name`,
       </if>
@@ -184,6 +189,9 @@
       <if test="level != null">
         #{level,jdbcType=BIGINT},
       </if>
+      <if test="mode != null">
+        #{mode,jdbcType=BIGINT},
+      </if>
       <if test="name != null">
         #{name,jdbcType=LONGVARCHAR},
       </if>
@@ -225,6 +233,9 @@
       <if test="record.level != null">
         `level` = #{record.level,jdbcType=BIGINT},
       </if>
+      <if test="record.mode != null">
+        `mode` = #{record.mode,jdbcType=BIGINT},
+      </if>
       <if test="record.name != null">
         `name` = #{record.name,jdbcType=LONGVARCHAR},
       </if>
@@ -246,6 +257,7 @@
       auth_type = #{record.authType,jdbcType=VARCHAR},
       create_by = #{record.createBy,jdbcType=VARCHAR},
       `level` = #{record.level,jdbcType=BIGINT},
+      `mode` = #{record.mode,jdbcType=BIGINT},
       `name` = #{record.name,jdbcType=LONGVARCHAR},
       `label` = #{record.label,jdbcType=LONGVARCHAR}
     <if test="_parameter != null">
@@ -261,7 +273,8 @@
       model_inner_type = #{record.modelInnerType,jdbcType=VARCHAR},
       auth_type = #{record.authType,jdbcType=VARCHAR},
       create_by = #{record.createBy,jdbcType=VARCHAR},
-      `level` = #{record.level,jdbcType=BIGINT}
+      `level` = #{record.level,jdbcType=BIGINT},
+      `mode` = #{record.mode,jdbcType=BIGINT}
     <if test="_parameter != null">
       <include refid="Update_By_Example_Where_Clause" />
     </if>

backend/src/main/java/io/dataease/base/mapper/ext/ExtChartViewMapper.java

@@ -22,4 +22,6 @@ public interface ExtChartViewMapper {
     String searchAdviceSceneId(@Param("userId") String userId,@Param("panelId") String panelId);
 
     int checkSameDataSet(@Param("viewIdSource") String viewIdSource,@Param("viewIdTarget") String viewIdTarget);
+
+    ChartViewDTO searchOneWithPrivileges(@Param("userId") String userId,@Param("id") String id );
 }

backend/src/main/java/io/dataease/base/mapper/ext/ExtChartViewMapper.xml

@@ -8,6 +8,13 @@
         <result column="privileges" property="privileges"/>
     </resultMap>
 
+    <select id="searchOneWithPrivileges" resultMap="BaseResultMapDTO">
+        select
+        chart_view.*,
+        get_auths(id,'chart',#{userId}) as `privileges`
+        from chart_view where id = #{id}
+    </select>
+
     <select id="searchOne" resultMap="BaseResultMapDTO">
         select
         id, `name`, scene_id, table_id, `type`, title, create_by, create_time, update_time,

backend/src/main/java/io/dataease/base/mapper/ext/ExtDataSetTableMapper.xml

@@ -11,9 +11,8 @@
         select
         id, `name`, scene_id, data_source_id, `type`, `mode`,`info`, create_by, create_time,
         get_auths(id,'dataset',#{userId}) as `privileges`
-        from (select GET_V_AUTH_MODEL_ID_P_USE (#{userId}, 'dataset') cids) t,dataset_table
+        from dataset_table
         <where>
-            FIND_IN_SET(dataset_table.id,cids)
             <if test="id != null">
                 and id = #{id,jdbcType=VARCHAR}
             </if>

backend/src/main/java/io/dataease/base/mapper/ext/ExtPanelGroupMapper.xml

@@ -160,7 +160,7 @@
                 and panel_group.level = #{level}
             </if>
         </where>
-     ORDER BY CONVERT(panel_group.name using gbk)
+     ORDER BY panel_group.node_type desc, CONVERT(panel_group.name using gbk)
     </select>
 
     <delete id="deleteCircle">

backend/src/main/java/io/dataease/base/mapper/ext/ExtVAuthModelMapper.xml

@@ -18,6 +18,7 @@
 		v_auth_model.auth_type,
 		v_auth_model.create_by,
 		v_auth_model.level,
+		v_auth_model.mode,
 		authInfo.PRIVILEGES AS `privileges`
 	FROM
 		( SELECT GET_V_AUTH_MODEL_ID_P_USE ( #{request.userId}, #{request.modelType} ) cids ) t,
@@ -33,7 +34,7 @@
 						`sys_auth`.`id` = `sys_auth_detail`.`auth_id`
 					)))
 		WHERE
-			sys_auth_detail.privilege_value = #{request.userId}
+			sys_auth_detail.privilege_value = 1
 			AND sys_auth.auth_source_type = #{request.modelType}
 			AND (
 				(
@@ -54,7 +55,7 @@
 		) authInfo ON v_auth_model.id = authInfo.auth_source
 	WHERE
 		FIND_IN_SET( v_auth_model.id, cids )
-		ORDER BY CONVERT(v_auth_model.label using gbk) asc
+		ORDER BY v_auth_model.node_type desc, CONVERT(v_auth_model.label using gbk) asc
   </select>
 
 </mapper>

backend/src/main/java/io/dataease/controller/IndexController.java

@@ -32,15 +32,6 @@ public class IndexController {
         return "index.html";
     }
 
-    @GetMapping("/link")
-    public String link() {
-        return "link.html";
-    }
-
-    @GetMapping("/test")
-    public String test() {
-        return "test.html";
-    }
 
     @GetMapping("/deApi")
     public String deApi() {
@@ -53,12 +44,12 @@ public class IndexController {
         }
     }
 
-    @GetMapping("/xggznb/{index}")
-    public String xggznb(@PathVariable(value = "index", required = true) Long index)  {
+    @GetMapping("/link/{index}")
+    public String link(@PathVariable(value = "index", required = true) Long index) {
         String url = panelLinkService.getUrlByIndex(index);
         HttpServletResponse response = ServletUtils.response();
         String param = url.substring(url.indexOf("?") + 1);
-        Cookie cookie = new Cookie("link", param);
+        Cookie cookie = new Cookie("link", param.split("=")[1]);
         response.addCookie(cookie);
         return url;
     }

backend/src/main/java/io/dataease/controller/chart/ChartViewController.java

@@ -88,10 +88,6 @@ public class ChartViewController {
     public ChartViewDTO getOneWithPermission(@PathVariable String id, @RequestBody ChartExtRequest requestList) throws Exception {
         //如果能获取用户 则添加对应的权限
         ChartViewDTO dto = chartViewService.getData(id, requestList);
-        if (dto != null && AuthUtils.getUser() != null) {
-            ChartViewDTO permissionDto = chartViewService.getOneWithPermission(dto.getId());
-            dto.setPrivileges(permissionDto.getPrivileges());
-        }
         return dto;
     }
 

backend/src/main/java/io/dataease/controller/dataset/DataSetTableController.java

@@ -10,9 +10,7 @@ import io.dataease.dto.datasource.TableFiled;
 import io.dataease.dto.dataset.DataSetTableDTO;
 import io.dataease.dto.dataset.ExcelFileData;
 import io.dataease.service.dataset.DataSetTableService;
-import io.swagger.annotations.Api;
-import io.swagger.annotations.ApiOperation;
-import io.swagger.annotations.ApiParam;
+import io.swagger.annotations.*;
 import org.springframework.web.bind.annotation.*;
 import org.springframework.web.multipart.MultipartFile;
 
@@ -132,8 +130,13 @@ public class DataSetTableController {
         return dataSetTableService.getDatasetDetail(id);
     }
 
-    //    @ApiOperation("excel上传")
+    @ApiOperation("excel上传")
     @PostMapping("excel/upload")
+    @ApiImplicitParams({
+        @ApiImplicitParam(name = "file", value = "文件", required = true, dataType = "MultipartFile"),
+        @ApiImplicitParam(name = "tableId", value = "数据表ID", required = true, dataType = "String"),
+        @ApiImplicitParam(name = "editType", value = "编辑类型", required = true, dataType = "Integer")
+    })
     public ExcelFileData excelUpload(@RequestParam("file") MultipartFile file, @RequestParam("tableId") String tableId, @RequestParam("editType") Integer editType) throws Exception {
         return dataSetTableService.excelSaveAndParse(file, tableId, editType);
     }

backend/src/main/java/io/dataease/controller/panel/server/LinkServer.java

@@ -2,7 +2,6 @@ package io.dataease.controller.panel.server;
 
 
 import io.dataease.base.domain.PanelLink;
-import io.dataease.controller.ResultHolder;
 import io.dataease.controller.panel.api.LinkApi;
 import io.dataease.controller.request.chart.ChartExtRequest;
 import io.dataease.controller.request.panel.link.*;
@@ -17,6 +16,7 @@ import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RestController;
 
 import javax.annotation.Resource;
+import java.net.URLDecoder;
 import java.util.Map;
 
 
@@ -24,7 +24,6 @@ import java.util.Map;
 public class LinkServer implements LinkApi {
 
 
-
     @Autowired
     private PanelLinkService panelLinkService;
 
@@ -42,12 +41,11 @@ public class LinkServer implements LinkApi {
         panelLinkService.changeEnablePwd(request);
     }
 
-    
 
     @Override
     public void resetOverTime(@RequestBody OverTimeRequest request) {
         panelLinkService.overTime(request);
-        
+
     }
 
     @Override
@@ -61,15 +59,16 @@ public class LinkServer implements LinkApi {
     }
 
     @Override
-    public ValidateDto validate(@RequestBody LinkValidateRequest request)  throws Exception{
+    public ValidateDto validate(@RequestBody LinkValidateRequest request) throws Exception {
         String link = request.getLink();
+        link = URLDecoder.decode(link, "UTF-8");
         String json = panelLinkService.decryptParam(link);
 
         ValidateDto dto = new ValidateDto();
         String resourceId = json;
         PanelLink one = panelLinkService.findOne(resourceId);
         dto.setResourceId(resourceId);
-        if (ObjectUtils.isEmpty(one)){
+        if (ObjectUtils.isEmpty(one)) {
             dto.setValid(false);
             return dto;
         }
@@ -91,14 +90,13 @@ public class LinkServer implements LinkApi {
     }
 
     @Override
-    public Object viewDetail(String viewId, ChartExtRequest requestList) throws Exception{
+    public Object viewDetail(String viewId, ChartExtRequest requestList) throws Exception {
         return chartViewService.getData(viewId, requestList);
     }
 
 
-
     @Override
-    public String shortUrl(Map<String,String> param) {
+    public String shortUrl(Map<String, String> param) {
         String resourceId = param.get("resourceId");
         return panelLinkService.getShortUrl(resourceId);
     }

backend/src/main/java/io/dataease/controller/request/chart/ChartCalRequest.java

 package io.dataease.controller.request.chart;
 
 import io.dataease.base.domain.ChartViewWithBLOBs;
+import io.dataease.dto.chart.ChartViewDTO;
 import io.swagger.annotations.ApiModelProperty;
 import lombok.Data;
 
@@ -11,7 +12,7 @@ import lombok.Data;
 @Data
 public class ChartCalRequest {
     @ApiModelProperty("视图")
-    private ChartViewWithBLOBs view;
+    private ChartViewDTO view;
     @ApiModelProperty("额外请求参数")
     private ChartExtRequest requestList;
 }

backend/src/main/java/io/dataease/provider/datasource/JdbcProvider.java

@@ -121,6 +121,9 @@ public class JdbcProvider extends DatasourceProvider {
                             row[j] = rs.getDate(j + 1).toString();
                         }
                         break;
+                    case Types.BOOLEAN:
+                        row[j] = rs.getBoolean(j + 1) ? "1" : "0";
+                        break;
                     default:
                         row[j] = rs.getString(j + 1);
                         break;

backend/src/main/java/io/dataease/provider/query/hive/HiveQueryProvider.java

@@ -40,6 +40,7 @@ public class HiveQueryProvider extends QueryProvider {
 
     @Override
     public Integer transFieldType(String field) {
+        field = field.toLowerCase();
         switch (field) {
             case "varchar":
             case "string":

backend/src/main/java/io/dataease/service/chart/ChartViewService.java

@@ -79,11 +79,6 @@ public class ChartViewService {
         Optional.ofNullable(chartView.getId()).ifPresent(id -> {
             CacheUtils.remove(JdbcConstants.VIEW_CACHE_KEY, id);
         });
-        try {
-            calcData(chartView, new ChartExtRequest(), true);
-        } catch (Exception e) {
-
-        }
         return getOneWithPermission(chartView.getId());
     }
 
@@ -167,12 +162,9 @@ public class ChartViewService {
     }
 
     public ChartViewDTO getOneWithPermission(String id) {
-        ChartViewRequest chartViewRequest = new ChartViewRequest();
-        chartViewRequest.setId(id);
-        chartViewRequest.setUserId(String.valueOf(AuthUtils.getUser().getUserId()));
-        return extChartViewMapper.searchOne(chartViewRequest);
+        String userId = AuthUtils.getUser()!=null?String.valueOf(AuthUtils.getUser().getUserId()):"NONE";
+        return extChartViewMapper.searchOneWithPrivileges(userId,id);
     }
-
     public void delete(String id) {
         chartViewMapper.deleteByPrimaryKey(id);
     }
@@ -184,7 +176,7 @@ public class ChartViewService {
     }
 
     public ChartViewDTO getData(String id, ChartExtRequest request) throws Exception {
-        ChartViewWithBLOBs view = chartViewMapper.selectByPrimaryKey(id);
+        ChartViewDTO view = this.getOneWithPermission(id);
         // 如果是从仪表板获取视图数据，则仪表板的查询模式，查询结果的数量，覆盖视图对应的属性
         if (CommonConstants.VIEW_QUERY_FROM.PANEL.equals(request.getQueryFrom()) && CommonConstants.VIEW_RESULT_MODE.CUSTOM.equals(request.getResultMode())) {
             view.setResultMode(request.getResultMode());
@@ -193,7 +185,7 @@ public class ChartViewService {
         return calcData(view, request, request.isCache());
     }
 
-    public ChartViewDTO calcData(ChartViewWithBLOBs view, ChartExtRequest requestList, boolean cache) throws Exception {
+    public ChartViewDTO calcData(ChartViewDTO view, ChartExtRequest requestList, boolean cache) throws Exception {
         if (ObjectUtils.isEmpty(view)) {
             throw new RuntimeException(Translator.get("i18n_chart_delete"));
         }

backend/src/main/java/io/dataease/service/dataset/DataSetTableService.java

@@ -980,6 +980,7 @@ public class DataSetTableService {
                     datasetTableField.setTableId(datasetTable.getId());
                     datasetTableField.setColumnIndex(i);
                 }
+                dataSetTableFieldsService.deleteByTableId(datasetTable.getId());
                 dataSetTableFieldsService.batchEdit(fieldList);
                 // custom 创建doris视图
                 if (datasetTable.getMode() == 1) {

backend/src/main/java/io/dataease/service/panel/PanelLinkService.java

@@ -32,7 +32,7 @@ import java.util.List;
 public class PanelLinkService {
 
     private static final String BASEURL = "/link.html?link=";
-    private static final String SHORT_URL_PREFIX = "/xggznb/";
+    private static final String SHORT_URL_PREFIX = "/link/";
 
     @Resource
     private PanelLinkMapper mapper;