center/dataease-dm
center/dataease-dm
13
0
Fork 0
forked from github/dataease
Code Pull Requests Activity

feat: 对 SQL 进行加密传输

Browse Source
This commit is contained in:
taojinlong 2022-08-22 18:24:52 +08:00
parent 2156dc623e
commit 035245c3df
7 changed files with 38 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
backend/src/main/java/io/dataease/dto/dataset/DataTableInfoDTO.java
View File

@ -15,6 +15,7 @@ import java.util.List;
public class DataTableInfoDTO {
private String table;
private String sql;
private boolean isBase64Encryption = false;
private List<ExcelSheetData> excelSheetDataList;
private String data;// file path
private List<DataTableInfoCustomUnion> list;// 自定义数据集

4
backend/src/main/java/io/dataease/service/chart/ChartViewService.java
View File

@ -458,7 +458,7 @@ public class ChartViewService {
datasourceRequest.setQuery(qp.getSQL(dataTableInfoDTO.getTable(), xAxis, yAxis, fieldCustomFilter, rowPermissionsTree, extFilterList, ds, view));
}
} else if (StringUtils.equalsIgnoreCase(table.getType(), DatasetType.SQL.name())) {
String sql = new String(java.util.Base64.getDecoder().decode(dataTableInfoDTO.getSql()));
String sql = dataTableInfoDTO.isBase64Encryption()? new String(java.util.Base64.getDecoder().decode(dataTableInfoDTO.getSql())): dataTableInfoDTO.getSql();
sql = handleVariable(sql, requestList, qp);
if (StringUtils.equalsIgnoreCase("text", view.getType()) || StringUtils.equalsIgnoreCase("gauge", view.getType()) || StringUtils.equalsIgnoreCase("liquid", view.getType())) {
datasourceRequest.setQuery(qp.getSQLSummaryAsTmp(sql, yAxis, fieldCustomFilter, rowPermissionsTree, extFilterList, view));
@ -854,7 +854,7 @@ public class ChartViewService {
datasourceRequest.setQuery(qp.getSQL(dataTableInfoDTO.getTable(), xAxis, yAxis, fieldCustomFilter, rowPermissionsTree, extFilterList, ds, view));
}
} else if (StringUtils.equalsIgnoreCase(table.getType(), DatasetType.SQL.name())) {
String sql = new String(java.util.Base64.getDecoder().decode(dataTableInfoDTO.getSql()));
String sql = dataTableInfoDTO.isBase64Encryption()? new String(java.util.Base64.getDecoder().decode(dataTableInfoDTO.getSql())): dataTableInfoDTO.getSql();
sql = handleVariable(sql, requestList, qp);
if (StringUtils.equalsIgnoreCase("text", view.getType()) || StringUtils.equalsIgnoreCase("gauge", view.getType()) || StringUtils.equalsIgnoreCase("liquid", view.getType())) {
datasourceRequest.setQuery(qp.getSQLSummaryAsTmp(sql, yAxis, fieldCustomFilter, rowPermissionsTree, extFilterList, view));

3
backend/src/main/java/io/dataease/service/chart/ViewPluginBaseServiceImpl.java
View File

@ -106,7 +106,8 @@ public class ViewPluginBaseServiceImpl implements ViewPluginBaseService {
tableName = dataTableInfoDTO.getTable();
break;
case SQL:
tableName = dataSetTableService.handleVariableDefaultValue( new String(java.util.Base64.getDecoder().decode(dataTableInfoDTO.getSql())), null);
String sql = dataTableInfoDTO.isBase64Encryption()? new String(java.util.Base64.getDecoder().decode(dataTableInfoDTO.getSql())): dataTableInfoDTO.getSql();
tableName = dataSetTableService.handleVariableDefaultValue( sql, null);
tableName = "(" + tableName + ")";
break;
case CUSTOM:

8
backend/src/main/java/io/dataease/service/dataset/DataSetTableService.java
View File

@ -660,7 +660,9 @@ public class DataSetTableService {
Provider datasourceProvider = ProviderFactory.getProvider(ds.getType());
DatasourceRequest datasourceRequest = new DatasourceRequest();
datasourceRequest.setDatasource(ds);
String sql = handleVariableDefaultValue( new String(java.util.Base64.getDecoder().decode(new Gson().fromJson(datasetTable.getInfo(), DataTableInfoDTO.class).getSql())), null);
DataTableInfoDTO dataTableInfo = new Gson().fromJson(datasetTable.getInfo(), DataTableInfoDTO.class);
String sql = dataTableInfo.isBase64Encryption() ? new String(java.util.Base64.getDecoder().decode(dataTableInfo.getSql())) : dataTableInfo.getSql();
sql = handleVariableDefaultValue(sql, null);
QueryProvider qp = ProviderFactory.getQueryProvider(ds.getType());
datasourceRequest.setQuery(
qp.createQuerySQLWithPage(sql, fields, page, pageSize, realSize, false, null, rowPermissionsTree));
@ -1050,7 +1052,9 @@ public class DataSetTableService {
Provider datasourceProvider = ProviderFactory.getProvider(ds.getType());
DatasourceRequest datasourceRequest = new DatasourceRequest();
datasourceRequest.setDatasource(ds);
String sql = handleVariableDefaultValue(new String(java.util.Base64.getDecoder().decode(new Gson().fromJson(dataSetTableRequest.getInfo(), DataTableInfoDTO.class).getSql())), dataSetTableRequest.getSqlVariableDetails());
DataTableInfoDTO dataTableInfo = new Gson().fromJson(dataSetTableRequest.getInfo(), DataTableInfoDTO.class);
String sql = dataTableInfo.isBase64Encryption() ? new String(java.util.Base64.getDecoder().decode(dataTableInfo.getSql())) : dataTableInfo.getSql();
sql = handleVariableDefaultValue(sql, dataSetTableRequest.getSqlVariableDetails());
if (StringUtils.isEmpty(sql)) {
DataEaseException.throwException(Translator.get("i18n_sql_not_empty"));
}

5
backend/src/main/java/io/dataease/service/dataset/ExtractDataService.java
View File

@ -1020,8 +1020,11 @@ public class ExtractDataService {
}
if (extractType.equalsIgnoreCase("all_scope") && datasetTable.getType().equalsIgnoreCase(DatasetType.SQL.name())) {
selectSQL = new Gson().fromJson(datasetTable.getInfo(), DataTableInfoDTO.class).getSql();
DataTableInfoDTO dataTableInfoDTO = new Gson().fromJson(datasetTable.getInfo(), DataTableInfoDTO.class);
selectSQL = dataTableInfoDTO.getSql();
if(dataTableInfoDTO.isBase64Encryption()){
selectSQL = new String(java.util.Base64.getDecoder().decode(selectSQL));
}
QueryProvider qp = ProviderFactory.getQueryProvider(datasource.getType());
selectSQL = qp.createRawQuerySQLAsTmp(selectSQL, datasetTableFields);
}

2
backend/src/main/java/io/dataease/service/dataset/impl/direct/DirectFieldService.java
View File

@ -145,7 +145,9 @@ public class DirectFieldService implements DataSetFieldService {
datasourceRequest.setQuery(qp.createQuerySQL(dataTableInfoDTO.getTable(), permissionFields, !needSort, ds, customFilter, rowPermissionsTree, deSortFields));
} else if (StringUtils.equalsIgnoreCase(datasetTable.getType(), DatasetType.SQL.toString())) {
String sql = dataTableInfoDTO.getSql();
if(dataTableInfoDTO.isBase64Encryption()){
sql = new String(java.util.Base64.getDecoder().decode(sql));
}
sql = dataSetTableService.removeVariables(sql);
datasourceRequest.setQuery(qp.createQuerySQLAsTmp(sql, permissionFields, !needSort, customFilter, rowPermissionsTree, deSortFields));
} else if (StringUtils.equalsIgnoreCase(datasetTable.getType(), DatasetType.CUSTOM.toString())) {

9
frontend/src/views/dataset/add/AddSQL.vue
View File

@ -351,7 +351,12 @@ export default {
this.name = table.name
this.dataSource = table.dataSourceId
this.mode = table.mode + ''
if(JSON.parse(table.info).isBase64Encryption){
this.sql = Base64.decode(JSON.parse(table.info).sql)
}else {
this.sql = JSON.parse(table.info.replace(/\n/g, '\\n').replace(/\r/g, '\\r')).sql
}
this.variables= JSON.parse(table.sqlVariableDetails)
this.getSQLPreview()
})
@ -372,7 +377,7 @@ export default {
dataSourceId: this.dataSource,
type: 'sql',
sqlVariableDetails: JSON.stringify(this.variables),
info: JSON.stringify({sql: Base64.encode(this.sql.trim())})
info: JSON.stringify({sql: Base64.encode(this.sql.trim()), isBase64Encryption: true})
}).then(response => {
this.fields = response.data.fields
this.data = response.data.data
@ -416,7 +421,7 @@ export default {
syncType: this.syncType,
mode: parseInt(this.mode),
sqlVariableDetails: JSON.stringify(this.variables),
info: JSON.stringify({sql: Base64.encode(this.sql.trim())})
info: JSON.stringify({sql: Base64.encode(this.sql.trim()), isBase64Encryption: true})
}
post('/dataset/table/update', table).then(response => {
this.$emit('saveSuccess', table)