提交 f33e4b93 authored 作者: taojinlong's avatar taojinlong

fix: 列权限校验

上级 17e2ec66
...@@ -61,6 +61,19 @@ public class DataSetTableFieldController { ...@@ -61,6 +61,19 @@ public class DataSetTableFieldController {
return fields; return fields;
} }
@ApiOperation("查询表下属字段")
@PostMapping("listWithPermission/{tableId}")
public List<DatasetTableField> listWithPermission(@PathVariable String tableId) {
DatasetTableField datasetTableField = DatasetTableField.builder().build();
datasetTableField.setTableId(tableId);
List<DatasetTableField> fields = dataSetTableFieldsService.list(datasetTableField);
List<String> desensitizationList = new ArrayList<>();
fields = permissionService.filterColumnPermissons(fields, desensitizationList, tableId, null);
fields = fields.stream().filter(item -> !desensitizationList.contains(item.getDataeaseName())).collect(Collectors.toList());
return fields;
}
//管理权限,可以列出所有字段
@ApiOperation("查询表下属字段") @ApiOperation("查询表下属字段")
@PostMapping("listForPermissionSeting/{tableId}") @PostMapping("listForPermissionSeting/{tableId}")
public List<DatasetTableField> listForPermissionSeting(@PathVariable String tableId) { public List<DatasetTableField> listForPermissionSeting(@PathVariable String tableId) {
...@@ -70,6 +83,7 @@ public class DataSetTableFieldController { ...@@ -70,6 +83,7 @@ public class DataSetTableFieldController {
return fields; return fields;
} }
//管理权限,可以列出所有字段
@ApiOperation("分组查询表下属字段") @ApiOperation("分组查询表下属字段")
@PostMapping("listByDQ/{tableId}") @PostMapping("listByDQ/{tableId}")
public DatasetTableField4Type listByDQ(@PathVariable String tableId) { public DatasetTableField4Type listByDQ(@PathVariable String tableId) {
...@@ -77,10 +91,8 @@ public class DataSetTableFieldController { ...@@ -77,10 +91,8 @@ public class DataSetTableFieldController {
datasetTableField.setTableId(tableId); datasetTableField.setTableId(tableId);
datasetTableField.setGroupType("d"); datasetTableField.setGroupType("d");
List<DatasetTableField> dimensionList = dataSetTableFieldsService.list(datasetTableField); List<DatasetTableField> dimensionList = dataSetTableFieldsService.list(datasetTableField);
dimensionList = permissionService.filterColumnPermissons(dimensionList, new ArrayList<>(), tableId, null);
datasetTableField.setGroupType("q"); datasetTableField.setGroupType("q");
List<DatasetTableField> quotaList = dataSetTableFieldsService.list(datasetTableField); List<DatasetTableField> quotaList = dataSetTableFieldsService.list(datasetTableField);
quotaList = permissionService.filterColumnPermissons(quotaList, new ArrayList<>(), tableId, null);
DatasetTableField4Type datasetTableField4Type = new DatasetTableField4Type(); DatasetTableField4Type datasetTableField4Type = new DatasetTableField4Type();
datasetTableField4Type.setDimensionList(dimensionList); datasetTableField4Type.setDimensionList(dimensionList);
...@@ -134,7 +146,30 @@ public class DataSetTableFieldController { ...@@ -134,7 +146,30 @@ public class DataSetTableFieldController {
public List<Object> multFieldValues(@RequestBody MultFieldValuesRequest multFieldValuesRequest) throws Exception { public List<Object> multFieldValues(@RequestBody MultFieldValuesRequest multFieldValuesRequest) throws Exception {
List<Object> results = new ArrayList<>(); List<Object> results = new ArrayList<>();
for (String fieldId : multFieldValuesRequest.getFieldIds()) { for (String fieldId : multFieldValuesRequest.getFieldIds()) {
List<Object> fieldValues = dataSetFieldService.fieldValues(fieldId, multFieldValuesRequest.getUserId()); List<Object> fieldValues = dataSetFieldService.fieldValues(fieldId, multFieldValuesRequest.getUserId(), true);
if (CollectionUtil.isNotEmpty(fieldValues)) {
results.addAll(fieldValues);
}
}
ArrayList<Object> list = results.stream().collect(
Collectors.collectingAndThen(
Collectors.toCollection(
() -> new TreeSet<>(Comparator.comparing(t -> {
if (ObjectUtils.isEmpty(t))
return "";
return t.toString();
}))),
ArrayList::new));
return list;
}
@ApiOperation("多字段值枚举")
@PostMapping("multFieldValuesForPermissions")
public List<Object> multFieldValuesForPermissions(@RequestBody MultFieldValuesRequest multFieldValuesRequest) throws Exception {
List<Object> results = new ArrayList<>();
for (String fieldId : multFieldValuesRequest.getFieldIds()) {
List<Object> fieldValues = dataSetFieldService.fieldValues(fieldId, multFieldValuesRequest.getUserId(), false);
if (CollectionUtil.isNotEmpty(fieldValues)) { if (CollectionUtil.isNotEmpty(fieldValues)) {
results.addAll(fieldValues); results.addAll(fieldValues);
} }
......
...@@ -305,6 +305,10 @@ public class ChartViewService { ...@@ -305,6 +305,10 @@ public class ChartViewService {
filterRequest.setFieldId(fId); filterRequest.setFieldId(fId);
DatasetTableField datasetTableField = dataSetTableFieldsService.get(fId); DatasetTableField datasetTableField = dataSetTableFieldsService.get(fId);
if(datasetTableField == null){
continue;
}
if(!desensitizationList.contains(datasetTableField.getDataeaseName()) && dataeaseNames.contains(datasetTableField.getDataeaseName())){
filterRequest.setDatasetTableField(datasetTableField); filterRequest.setDatasetTableField(datasetTableField);
if (StringUtils.equalsIgnoreCase(datasetTableField.getTableId(), view.getTableId())) { if (StringUtils.equalsIgnoreCase(datasetTableField.getTableId(), view.getTableId())) {
if (CollectionUtils.isNotEmpty(filterRequest.getViewIds())) { if (CollectionUtils.isNotEmpty(filterRequest.getViewIds())) {
...@@ -319,11 +323,13 @@ public class ChartViewService { ...@@ -319,11 +323,13 @@ public class ChartViewService {
} }
} }
} }
}
//联动过滤条件联动条件全部加上 //联动过滤条件联动条件全部加上
if (ObjectUtils.isNotEmpty(requestList.getLinkageFilters())) { if (ObjectUtils.isNotEmpty(requestList.getLinkageFilters())) {
for (ChartExtFilterRequest request : requestList.getLinkageFilters()) { for (ChartExtFilterRequest request : requestList.getLinkageFilters()) {
DatasetTableField datasetTableField = dataSetTableFieldsService.get(request.getFieldId()); DatasetTableField datasetTableField = dataSetTableFieldsService.get(request.getFieldId());
if(!desensitizationList.contains(datasetTableField.getDataeaseName()) && dataeaseNames.contains(datasetTableField.getDataeaseName())){
request.setDatasetTableField(datasetTableField); request.setDatasetTableField(datasetTableField);
if (StringUtils.equalsIgnoreCase(datasetTableField.getTableId(), view.getTableId())) { if (StringUtils.equalsIgnoreCase(datasetTableField.getTableId(), view.getTableId())) {
if (CollectionUtils.isNotEmpty(request.getViewIds())) { if (CollectionUtils.isNotEmpty(request.getViewIds())) {
...@@ -336,6 +342,7 @@ public class ChartViewService { ...@@ -336,6 +342,7 @@ public class ChartViewService {
} }
} }
} }
}
// 下钻 // 下钻
List<ChartExtFilterRequest> drillFilters = new ArrayList<>(); List<ChartExtFilterRequest> drillFilters = new ArrayList<>();
......
...@@ -5,5 +5,5 @@ import java.util.List; ...@@ -5,5 +5,5 @@ import java.util.List;
public interface DataSetFieldService { public interface DataSetFieldService {
List<Object> fieldValues(String fieldId, Long userId) throws Exception; List<Object> fieldValues(String fieldId, Long userId, Boolean userPermissions) throws Exception;
} }
...@@ -42,7 +42,7 @@ public class DirectFieldService implements DataSetFieldService { ...@@ -42,7 +42,7 @@ public class DirectFieldService implements DataSetFieldService {
private PermissionService permissionService; private PermissionService permissionService;
@Override @Override
public List<Object> fieldValues(String fieldId, Long userId) throws Exception { public List<Object> fieldValues(String fieldId, Long userId, Boolean userPermissions) throws Exception {
DatasetTableField field = dataSetTableFieldsService.selectByPrimaryKey(fieldId); DatasetTableField field = dataSetTableFieldsService.selectByPrimaryKey(fieldId);
if (field == null || StringUtils.isEmpty(field.getTableId())) return null; if (field == null || StringUtils.isEmpty(field.getTableId())) return null;
...@@ -52,22 +52,23 @@ public class DirectFieldService implements DataSetFieldService { ...@@ -52,22 +52,23 @@ public class DirectFieldService implements DataSetFieldService {
DatasetTableField datasetTableField = DatasetTableField.builder().tableId(field.getTableId()).checked(Boolean.TRUE).build(); DatasetTableField datasetTableField = DatasetTableField.builder().tableId(field.getTableId()).checked(Boolean.TRUE).build();
List<DatasetTableField> fields = dataSetTableFieldsService.list(datasetTableField); List<DatasetTableField> fields = dataSetTableFieldsService.list(datasetTableField);
List<ChartFieldCustomFilterDTO> customFilter = new ArrayList<>();
if(userPermissions){
//列权限 //列权限
List<String> desensitizationList = new ArrayList<>(); List<String> desensitizationList = new ArrayList<>();
fields = permissionService.filterColumnPermissons(fields, desensitizationList, datasetTable.getId(), userId); fields = permissionService.filterColumnPermissons(fields, desensitizationList, datasetTable.getId(), userId);
//禁用的 //禁用的
if(!fields.stream().map(DatasetTableField::getId).collect(Collectors.toList()).contains(fieldId)){ if(!fields.stream().map(DatasetTableField::getId).collect(Collectors.toList()).contains(fieldId)){
return new ArrayList<>(); return new ArrayList<>();
} }
if (CollectionUtils.isNotEmpty(desensitizationList) && desensitizationList.contains(field.getDataeaseName())) { if (CollectionUtils.isNotEmpty(desensitizationList) && desensitizationList.contains(field.getDataeaseName())) {
List<Object> results = new ArrayList<>(); List<Object> results = new ArrayList<>();
results.add(ColumnPermissionConstants.Desensitization_desc); results.add(ColumnPermissionConstants.Desensitization_desc);
return results; return results;
} }
//行权限 //行权限
List<ChartFieldCustomFilterDTO> customFilter = permissionService.getCustomFilters(fields, datasetTable, userId); customFilter = permissionService.getCustomFilters(fields, datasetTable, userId);
}
DatasourceRequest datasourceRequest = new DatasourceRequest(); DatasourceRequest datasourceRequest = new DatasourceRequest();
DatasourceProvider datasourceProvider = null; DatasourceProvider datasourceProvider = null;
......
...@@ -103,6 +103,14 @@ export function fieldList(id, showLoading = true) { ...@@ -103,6 +103,14 @@ export function fieldList(id, showLoading = true) {
}) })
} }
export function fieldListWithPermission(id, showLoading = true) {
return request({
url: '/dataset/field/listWithPermission/' + id,
loading: showLoading,
method: 'post'
})
}
export function fieldListDQ(id, showLoading = true) { export function fieldListDQ(id, showLoading = true) {
return request({ return request({
url: '/dataset/field/listByDQ/' + id, url: '/dataset/field/listByDQ/' + id,
......
...@@ -184,7 +184,7 @@ import { ...@@ -184,7 +184,7 @@ import {
} from 'vuex' } from 'vuex'
import { import {
groupTree, groupTree,
fieldList, fieldListWithPermission,
post post
} from '@/api/dataset/dataset' } from '@/api/dataset/dataset'
import { import {
...@@ -489,7 +489,7 @@ export default { ...@@ -489,7 +489,7 @@ export default {
}, },
loadField(tableId) { loadField(tableId) {
fieldList(tableId).then(res => { fieldListWithPermission(tableId).then(res => {
let datas = res.data let datas = res.data
if (this.widget && this.widget.filterFieldMethod) { if (this.widget && this.widget.filterFieldMethod) {
datas = this.widget.filterFieldMethod(datas) datas = this.widget.filterFieldMethod(datas)
...@@ -498,7 +498,7 @@ export default { ...@@ -498,7 +498,7 @@ export default {
}) })
}, },
comLoadField(tableId) { comLoadField(tableId) {
fieldList(tableId).then(res => { fieldListWithPermission(tableId).then(res => {
let datas = res.data let datas = res.data
if (this.widget && this.widget.filterFieldMethod) { if (this.widget && this.widget.filterFieldMethod) {
datas = this.widget.filterFieldMethod(datas) datas = this.widget.filterFieldMethod(datas)
......
Markdown 格式
0%
您添加了 0 到此讨论。请谨慎行事。
请先完成此评论的编辑!
注册 或者 后发表评论