提交 f33e4b93 authored 作者: taojinlong's avatar taojinlong

fix: 列权限校验

上级 17e2ec66
......@@ -61,6 +61,19 @@ public class DataSetTableFieldController {
return fields;
}
@ApiOperation("查询表下属字段")
@PostMapping("listWithPermission/{tableId}")
public List<DatasetTableField> listWithPermission(@PathVariable String tableId) {
DatasetTableField datasetTableField = DatasetTableField.builder().build();
datasetTableField.setTableId(tableId);
List<DatasetTableField> fields = dataSetTableFieldsService.list(datasetTableField);
List<String> desensitizationList = new ArrayList<>();
fields = permissionService.filterColumnPermissons(fields, desensitizationList, tableId, null);
fields = fields.stream().filter(item -> !desensitizationList.contains(item.getDataeaseName())).collect(Collectors.toList());
return fields;
}
//管理权限,可以列出所有字段
@ApiOperation("查询表下属字段")
@PostMapping("listForPermissionSeting/{tableId}")
public List<DatasetTableField> listForPermissionSeting(@PathVariable String tableId) {
......@@ -70,6 +83,7 @@ public class DataSetTableFieldController {
return fields;
}
//管理权限,可以列出所有字段
@ApiOperation("分组查询表下属字段")
@PostMapping("listByDQ/{tableId}")
public DatasetTableField4Type listByDQ(@PathVariable String tableId) {
......@@ -77,10 +91,8 @@ public class DataSetTableFieldController {
datasetTableField.setTableId(tableId);
datasetTableField.setGroupType("d");
List<DatasetTableField> dimensionList = dataSetTableFieldsService.list(datasetTableField);
dimensionList = permissionService.filterColumnPermissons(dimensionList, new ArrayList<>(), tableId, null);
datasetTableField.setGroupType("q");
List<DatasetTableField> quotaList = dataSetTableFieldsService.list(datasetTableField);
quotaList = permissionService.filterColumnPermissons(quotaList, new ArrayList<>(), tableId, null);
DatasetTableField4Type datasetTableField4Type = new DatasetTableField4Type();
datasetTableField4Type.setDimensionList(dimensionList);
......@@ -134,7 +146,30 @@ public class DataSetTableFieldController {
public List<Object> multFieldValues(@RequestBody MultFieldValuesRequest multFieldValuesRequest) throws Exception {
List<Object> results = new ArrayList<>();
for (String fieldId : multFieldValuesRequest.getFieldIds()) {
List<Object> fieldValues = dataSetFieldService.fieldValues(fieldId, multFieldValuesRequest.getUserId());
List<Object> fieldValues = dataSetFieldService.fieldValues(fieldId, multFieldValuesRequest.getUserId(), true);
if (CollectionUtil.isNotEmpty(fieldValues)) {
results.addAll(fieldValues);
}
}
ArrayList<Object> list = results.stream().collect(
Collectors.collectingAndThen(
Collectors.toCollection(
() -> new TreeSet<>(Comparator.comparing(t -> {
if (ObjectUtils.isEmpty(t))
return "";
return t.toString();
}))),
ArrayList::new));
return list;
}
@ApiOperation("多字段值枚举")
@PostMapping("multFieldValuesForPermissions")
public List<Object> multFieldValuesForPermissions(@RequestBody MultFieldValuesRequest multFieldValuesRequest) throws Exception {
List<Object> results = new ArrayList<>();
for (String fieldId : multFieldValuesRequest.getFieldIds()) {
List<Object> fieldValues = dataSetFieldService.fieldValues(fieldId, multFieldValuesRequest.getUserId(), false);
if (CollectionUtil.isNotEmpty(fieldValues)) {
results.addAll(fieldValues);
}
......
......@@ -305,6 +305,10 @@ public class ChartViewService {
filterRequest.setFieldId(fId);
DatasetTableField datasetTableField = dataSetTableFieldsService.get(fId);
if(datasetTableField == null){
continue;
}
if(!desensitizationList.contains(datasetTableField.getDataeaseName()) && dataeaseNames.contains(datasetTableField.getDataeaseName())){
filterRequest.setDatasetTableField(datasetTableField);
if (StringUtils.equalsIgnoreCase(datasetTableField.getTableId(), view.getTableId())) {
if (CollectionUtils.isNotEmpty(filterRequest.getViewIds())) {
......@@ -319,11 +323,13 @@ public class ChartViewService {
}
}
}
}
//联动过滤条件联动条件全部加上
if (ObjectUtils.isNotEmpty(requestList.getLinkageFilters())) {
for (ChartExtFilterRequest request : requestList.getLinkageFilters()) {
DatasetTableField datasetTableField = dataSetTableFieldsService.get(request.getFieldId());
if(!desensitizationList.contains(datasetTableField.getDataeaseName()) && dataeaseNames.contains(datasetTableField.getDataeaseName())){
request.setDatasetTableField(datasetTableField);
if (StringUtils.equalsIgnoreCase(datasetTableField.getTableId(), view.getTableId())) {
if (CollectionUtils.isNotEmpty(request.getViewIds())) {
......@@ -336,6 +342,7 @@ public class ChartViewService {
}
}
}
}
// 下钻
List<ChartExtFilterRequest> drillFilters = new ArrayList<>();
......
......@@ -5,5 +5,5 @@ import java.util.List;
public interface DataSetFieldService {
List<Object> fieldValues(String fieldId, Long userId) throws Exception;
List<Object> fieldValues(String fieldId, Long userId, Boolean userPermissions) throws Exception;
}
......@@ -42,7 +42,7 @@ public class DirectFieldService implements DataSetFieldService {
private PermissionService permissionService;
@Override
public List<Object> fieldValues(String fieldId, Long userId) throws Exception {
public List<Object> fieldValues(String fieldId, Long userId, Boolean userPermissions) throws Exception {
DatasetTableField field = dataSetTableFieldsService.selectByPrimaryKey(fieldId);
if (field == null || StringUtils.isEmpty(field.getTableId())) return null;
......@@ -52,22 +52,23 @@ public class DirectFieldService implements DataSetFieldService {
DatasetTableField datasetTableField = DatasetTableField.builder().tableId(field.getTableId()).checked(Boolean.TRUE).build();
List<DatasetTableField> fields = dataSetTableFieldsService.list(datasetTableField);
List<ChartFieldCustomFilterDTO> customFilter = new ArrayList<>();
if(userPermissions){
//列权限
List<String> desensitizationList = new ArrayList<>();
fields = permissionService.filterColumnPermissons(fields, desensitizationList, datasetTable.getId(), userId);
//禁用的
if(!fields.stream().map(DatasetTableField::getId).collect(Collectors.toList()).contains(fieldId)){
return new ArrayList<>();
}
if (CollectionUtils.isNotEmpty(desensitizationList) && desensitizationList.contains(field.getDataeaseName())) {
List<Object> results = new ArrayList<>();
results.add(ColumnPermissionConstants.Desensitization_desc);
return results;
}
//行权限
List<ChartFieldCustomFilterDTO> customFilter = permissionService.getCustomFilters(fields, datasetTable, userId);
customFilter = permissionService.getCustomFilters(fields, datasetTable, userId);
}
DatasourceRequest datasourceRequest = new DatasourceRequest();
DatasourceProvider datasourceProvider = null;
......
......@@ -103,6 +103,14 @@ export function fieldList(id, showLoading = true) {
})
}
export function fieldListWithPermission(id, showLoading = true) {
return request({
url: '/dataset/field/listWithPermission/' + id,
loading: showLoading,
method: 'post'
})
}
export function fieldListDQ(id, showLoading = true) {
return request({
url: '/dataset/field/listByDQ/' + id,
......
......@@ -184,7 +184,7 @@ import {
} from 'vuex'
import {
groupTree,
fieldList,
fieldListWithPermission,
post
} from '@/api/dataset/dataset'
import {
......@@ -489,7 +489,7 @@ export default {
},
loadField(tableId) {
fieldList(tableId).then(res => {
fieldListWithPermission(tableId).then(res => {
let datas = res.data
if (this.widget && this.widget.filterFieldMethod) {
datas = this.widget.filterFieldMethod(datas)
......@@ -498,7 +498,7 @@ export default {
})
},
comLoadField(tableId) {
fieldList(tableId).then(res => {
fieldListWithPermission(tableId).then(res => {
let datas = res.data
if (this.widget && this.widget.filterFieldMethod) {
datas = this.widget.filterFieldMethod(datas)
......
Markdown 格式
0%
您添加了 0 到此讨论。请谨慎行事。
请先完成此评论的编辑!
注册 或者 后发表评论