forked from github/dataease
feat: 对 SQL 进行加密传输
This commit is contained in:
taojinlong
parent
2156dc623e
commit
035245c3df
@ -15,6 +15,7 @@ import java.util.List;
|
||||
public class DataTableInfoDTO {
|
||||
private String table;
|
||||
private String sql;
|
||||
private boolean isBase64Encryption = false;
|
||||
private List<ExcelSheetData> excelSheetDataList;
|
||||
private String data;// file path
|
||||
private List<DataTableInfoCustomUnion> list;// 自定义数据集
|
||||
|
||||
@ -458,7 +458,7 @@ public class ChartViewService {
|
||||
datasourceRequest.setQuery(qp.getSQL(dataTableInfoDTO.getTable(), xAxis, yAxis, fieldCustomFilter, rowPermissionsTree, extFilterList, ds, view));
|
||||
}
|
||||
} else if (StringUtils.equalsIgnoreCase(table.getType(), DatasetType.SQL.name())) {
|
||||
String sql = new String(java.util.Base64.getDecoder().decode(dataTableInfoDTO.getSql()));
|
||||
String sql = dataTableInfoDTO.isBase64Encryption()? new String(java.util.Base64.getDecoder().decode(dataTableInfoDTO.getSql())): dataTableInfoDTO.getSql();
|
||||
sql = handleVariable(sql, requestList, qp);
|
||||
if (StringUtils.equalsIgnoreCase("text", view.getType()) || StringUtils.equalsIgnoreCase("gauge", view.getType()) || StringUtils.equalsIgnoreCase("liquid", view.getType())) {
|
||||
datasourceRequest.setQuery(qp.getSQLSummaryAsTmp(sql, yAxis, fieldCustomFilter, rowPermissionsTree, extFilterList, view));
|
||||
@ -854,7 +854,7 @@ public class ChartViewService {
|
||||
datasourceRequest.setQuery(qp.getSQL(dataTableInfoDTO.getTable(), xAxis, yAxis, fieldCustomFilter, rowPermissionsTree, extFilterList, ds, view));
|
||||
}
|
||||
} else if (StringUtils.equalsIgnoreCase(table.getType(), DatasetType.SQL.name())) {
|
||||
String sql = new String(java.util.Base64.getDecoder().decode(dataTableInfoDTO.getSql()));
|
||||
String sql = dataTableInfoDTO.isBase64Encryption()? new String(java.util.Base64.getDecoder().decode(dataTableInfoDTO.getSql())): dataTableInfoDTO.getSql();
|
||||
sql = handleVariable(sql, requestList, qp);
|
||||
if (StringUtils.equalsIgnoreCase("text", view.getType()) || StringUtils.equalsIgnoreCase("gauge", view.getType()) || StringUtils.equalsIgnoreCase("liquid", view.getType())) {
|
||||
datasourceRequest.setQuery(qp.getSQLSummaryAsTmp(sql, yAxis, fieldCustomFilter, rowPermissionsTree, extFilterList, view));
|
||||
|
||||
@ -106,7 +106,8 @@ public class ViewPluginBaseServiceImpl implements ViewPluginBaseService {
|
||||
tableName = dataTableInfoDTO.getTable();
|
||||
break;
|
||||
case SQL:
|
||||
tableName = dataSetTableService.handleVariableDefaultValue( new String(java.util.Base64.getDecoder().decode(dataTableInfoDTO.getSql())), null);
|
||||
String sql = dataTableInfoDTO.isBase64Encryption()? new String(java.util.Base64.getDecoder().decode(dataTableInfoDTO.getSql())): dataTableInfoDTO.getSql();
|
||||
tableName = dataSetTableService.handleVariableDefaultValue( sql, null);
|
||||
tableName = "(" + tableName + ")";
|
||||
break;
|
||||
case CUSTOM:
|
||||
|
||||
@ -660,7 +660,9 @@ public class DataSetTableService {
|
||||
Provider datasourceProvider = ProviderFactory.getProvider(ds.getType());
|
||||
DatasourceRequest datasourceRequest = new DatasourceRequest();
|
||||
datasourceRequest.setDatasource(ds);
|
||||
String sql = handleVariableDefaultValue( new String(java.util.Base64.getDecoder().decode(new Gson().fromJson(datasetTable.getInfo(), DataTableInfoDTO.class).getSql())), null);
|
||||
DataTableInfoDTO dataTableInfo = new Gson().fromJson(datasetTable.getInfo(), DataTableInfoDTO.class);
|
||||
String sql = dataTableInfo.isBase64Encryption() ? new String(java.util.Base64.getDecoder().decode(dataTableInfo.getSql())) : dataTableInfo.getSql();
|
||||
sql = handleVariableDefaultValue(sql, null);
|
||||
QueryProvider qp = ProviderFactory.getQueryProvider(ds.getType());
|
||||
datasourceRequest.setQuery(
|
||||
qp.createQuerySQLWithPage(sql, fields, page, pageSize, realSize, false, null, rowPermissionsTree));
|
||||
@ -1029,7 +1031,7 @@ public class DataSetTableService {
|
||||
if (CollectionUtils.isNotEmpty(select.getWithItemsList())) {
|
||||
builder.append("WITH");
|
||||
builder.append(" ");
|
||||
for (Iterator<WithItem> iter = select.getWithItemsList().iterator(); iter.hasNext();) {
|
||||
for (Iterator<WithItem> iter = select.getWithItemsList().iterator(); iter.hasNext(); ) {
|
||||
WithItem withItem = iter.next();
|
||||
builder.append(withItem.toString());
|
||||
if (iter.hasNext()) {
|
||||
@ -1038,7 +1040,7 @@ public class DataSetTableService {
|
||||
}
|
||||
}
|
||||
|
||||
builder.append( " " + plainSelect);
|
||||
builder.append(" " + plainSelect);
|
||||
return builder.toString();
|
||||
}
|
||||
|
||||
@ -1050,7 +1052,9 @@ public class DataSetTableService {
|
||||
Provider datasourceProvider = ProviderFactory.getProvider(ds.getType());
|
||||
DatasourceRequest datasourceRequest = new DatasourceRequest();
|
||||
datasourceRequest.setDatasource(ds);
|
||||
String sql = handleVariableDefaultValue(new String(java.util.Base64.getDecoder().decode(new Gson().fromJson(dataSetTableRequest.getInfo(), DataTableInfoDTO.class).getSql())), dataSetTableRequest.getSqlVariableDetails());
|
||||
DataTableInfoDTO dataTableInfo = new Gson().fromJson(dataSetTableRequest.getInfo(), DataTableInfoDTO.class);
|
||||
String sql = dataTableInfo.isBase64Encryption() ? new String(java.util.Base64.getDecoder().decode(dataTableInfo.getSql())) : dataTableInfo.getSql();
|
||||
sql = handleVariableDefaultValue(sql, dataSetTableRequest.getSqlVariableDetails());
|
||||
if (StringUtils.isEmpty(sql)) {
|
||||
DataEaseException.throwException(Translator.get("i18n_sql_not_empty"));
|
||||
}
|
||||
@ -2474,7 +2478,7 @@ public class DataSetTableService {
|
||||
datasetTables.forEach(datasetTable -> {
|
||||
if (StringUtils.isNotEmpty(datasetTable.getQrtzInstance()) && !activeQrtzInstances.contains(datasetTable.getQrtzInstance().substring(0, datasetTable.getQrtzInstance().length() - 13))) {
|
||||
jobStoppeddDatasetTables.add(datasetTable);
|
||||
}else {
|
||||
} else {
|
||||
syncDatasetTables.add(datasetTable);
|
||||
}
|
||||
});
|
||||
@ -2483,7 +2487,7 @@ public class DataSetTableService {
|
||||
DatasetTableTaskExample datasetTableTaskExample = new DatasetTableTaskExample();
|
||||
DatasetTableTaskExample.Criteria criteria = datasetTableTaskExample.createCriteria();
|
||||
criteria.andTableIdEqualTo(datasetTable.getId()).andLastExecStatusEqualTo(JobStatus.Underway.name());
|
||||
if(CollectionUtils.isEmpty(dataSetTableTaskService.list(datasetTableTaskExample))){
|
||||
if (CollectionUtils.isEmpty(dataSetTableTaskService.list(datasetTableTaskExample))) {
|
||||
DatasetTable record = new DatasetTable();
|
||||
record.setSyncStatus(JobStatus.Error.name());
|
||||
example.clear();
|
||||
@ -2583,33 +2587,33 @@ public class DataSetTableService {
|
||||
public void visit(MinorThan minorThan) {
|
||||
getBuffer().append(minorThan.getLeftExpression());
|
||||
getBuffer().append(" < ");
|
||||
getBuffer().append( minorThan.getRightExpression());
|
||||
getBuffer().append(minorThan.getRightExpression());
|
||||
}
|
||||
|
||||
@Override
|
||||
public void visit(MinorThanEquals minorThan) {
|
||||
getBuffer().append(minorThan.getLeftExpression());
|
||||
getBuffer().append(" <= ");
|
||||
getBuffer().append( minorThan.getRightExpression());
|
||||
getBuffer().append(minorThan.getRightExpression());
|
||||
}
|
||||
|
||||
@Override
|
||||
public void visit(GreaterThanEquals minorThan) {
|
||||
getBuffer().append(minorThan.getLeftExpression());
|
||||
getBuffer().append(" >= ");
|
||||
getBuffer().append( minorThan.getRightExpression());
|
||||
getBuffer().append(minorThan.getRightExpression());
|
||||
}
|
||||
|
||||
@Override
|
||||
public void visit(GreaterThan minorThan) {
|
||||
getBuffer().append(minorThan.getLeftExpression());
|
||||
getBuffer().append(" > ");
|
||||
getBuffer().append( minorThan.getRightExpression());
|
||||
getBuffer().append(minorThan.getRightExpression());
|
||||
}
|
||||
|
||||
@Override
|
||||
public void visit(ExpressionList expressionList) {
|
||||
for (Iterator<Expression> iter = expressionList.getExpressions().iterator(); iter.hasNext();) {
|
||||
for (Iterator<Expression> iter = expressionList.getExpressions().iterator(); iter.hasNext(); ) {
|
||||
Expression expression = iter.next();
|
||||
expression.accept(this);
|
||||
if (iter.hasNext()) {
|
||||
@ -2620,9 +2624,9 @@ public class DataSetTableService {
|
||||
|
||||
@Override
|
||||
public void visit(Between between) {
|
||||
if(hasVarible(between.getBetweenExpressionStart().toString()) || hasVarible(between.getBetweenExpressionEnd().toString())){
|
||||
if (hasVarible(between.getBetweenExpressionStart().toString()) || hasVarible(between.getBetweenExpressionEnd().toString())) {
|
||||
getBuffer().append(SubstitutedSql);
|
||||
}else {
|
||||
} else {
|
||||
getBuffer().append(between.getLeftExpression()).append(" BETWEEN ").append(between.getBetweenExpressionStart()).append(" AND ").append(between.getBetweenExpressionEnd());
|
||||
}
|
||||
}
|
||||
|
||||
@ -1020,8 +1020,11 @@ public class ExtractDataService {
|
||||
}
|
||||
|
||||
if (extractType.equalsIgnoreCase("all_scope") && datasetTable.getType().equalsIgnoreCase(DatasetType.SQL.name())) {
|
||||
selectSQL = new Gson().fromJson(datasetTable.getInfo(), DataTableInfoDTO.class).getSql();
|
||||
selectSQL = new String(java.util.Base64.getDecoder().decode(selectSQL));
|
||||
DataTableInfoDTO dataTableInfoDTO = new Gson().fromJson(datasetTable.getInfo(), DataTableInfoDTO.class);
|
||||
selectSQL = dataTableInfoDTO.getSql();
|
||||
if(dataTableInfoDTO.isBase64Encryption()){
|
||||
selectSQL = new String(java.util.Base64.getDecoder().decode(selectSQL));
|
||||
}
|
||||
QueryProvider qp = ProviderFactory.getQueryProvider(datasource.getType());
|
||||
selectSQL = qp.createRawQuerySQLAsTmp(selectSQL, datasetTableFields);
|
||||
}
|
||||
|
||||
@ -145,7 +145,9 @@ public class DirectFieldService implements DataSetFieldService {
|
||||
datasourceRequest.setQuery(qp.createQuerySQL(dataTableInfoDTO.getTable(), permissionFields, !needSort, ds, customFilter, rowPermissionsTree, deSortFields));
|
||||
} else if (StringUtils.equalsIgnoreCase(datasetTable.getType(), DatasetType.SQL.toString())) {
|
||||
String sql = dataTableInfoDTO.getSql();
|
||||
sql = new String(java.util.Base64.getDecoder().decode(sql));
|
||||
if(dataTableInfoDTO.isBase64Encryption()){
|
||||
sql = new String(java.util.Base64.getDecoder().decode(sql));
|
||||
}
|
||||
sql = dataSetTableService.removeVariables(sql);
|
||||
datasourceRequest.setQuery(qp.createQuerySQLAsTmp(sql, permissionFields, !needSort, customFilter, rowPermissionsTree, deSortFields));
|
||||
} else if (StringUtils.equalsIgnoreCase(datasetTable.getType(), DatasetType.CUSTOM.toString())) {
|
||||
|
||||
@ -351,7 +351,12 @@ export default {
|
||||
this.name = table.name
|
||||
this.dataSource = table.dataSourceId
|
||||
this.mode = table.mode + ''
|
||||
this.sql = Base64.decode(JSON.parse(table.info).sql)
|
||||
|
||||
if(JSON.parse(table.info).isBase64Encryption){
|
||||
this.sql = Base64.decode(JSON.parse(table.info).sql)
|
||||
}else {
|
||||
this.sql = JSON.parse(table.info.replace(/\n/g, '\\n').replace(/\r/g, '\\r')).sql
|
||||
}
|
||||
this.variables= JSON.parse(table.sqlVariableDetails)
|
||||
this.getSQLPreview()
|
||||
})
|
||||
@ -372,7 +377,7 @@ export default {
|
||||
dataSourceId: this.dataSource,
|
||||
type: 'sql',
|
||||
sqlVariableDetails: JSON.stringify(this.variables),
|
||||
info: JSON.stringify({sql: Base64.encode(this.sql.trim())})
|
||||
info: JSON.stringify({sql: Base64.encode(this.sql.trim()), isBase64Encryption: true})
|
||||
}).then(response => {
|
||||
this.fields = response.data.fields
|
||||
this.data = response.data.data
|
||||
@ -416,7 +421,7 @@ export default {
|
||||
syncType: this.syncType,
|
||||
mode: parseInt(this.mode),
|
||||
sqlVariableDetails: JSON.stringify(this.variables),
|
||||
info: JSON.stringify({sql: Base64.encode(this.sql.trim())})
|
||||
info: JSON.stringify({sql: Base64.encode(this.sql.trim()), isBase64Encryption: true})
|
||||
}
|
||||
post('/dataset/table/update', table).then(response => {
|
||||
this.$emit('saveSuccess', table)
|
||||
|
||||
Loading…
Reference in New Issue
Block a user