Merge branch 'dev' of github.com:dataease/dataease into dev

2021-07-29 19:22:52 +08:00 · 2021-07-29 19:22:52 +08:00 · 0ab579b4fe
commit 0ab579b4fe
parent b177feef56 04624bf657
22 changed files with 301 additions and 40 deletions
--- a/backend/src/main/java/io/dataease/auth/config/ShiroConfig.java
+++ b/backend/src/main/java/io/dataease/auth/config/ShiroConfig.java
@ -50,6 +50,7 @@ public class ShiroConfig {
        filterMap.put("f2cPerms", new F2CPermissionsFilter());
        filterMap.put("jwt", new JWTFilter());
        filterMap.put("logout", new F2CLogoutFilter());
+        filterMap.put("link", new F2CLinkFilter());
        factoryBean.setSecurityManager(securityManager);
        factoryBean.setLoginUrl("/login");
        factoryBean.setUnauthorizedUrl("/login");
--- a/backend/src/main/java/io/dataease/auth/filter/F2CLinkFilter.java
+++ b/backend/src/main/java/io/dataease/auth/filter/F2CLinkFilter.java
@ -0,0 +1,51 @@
+package io.dataease.auth.filter;
+
+import cn.hutool.core.util.ObjectUtil;
+import com.auth0.jwt.JWT;
+import com.auth0.jwt.interfaces.Claim;
+import com.auth0.jwt.interfaces.DecodedJWT;
+import io.dataease.auth.config.RsaProperties;
+import io.dataease.auth.util.JWTUtils;
+import io.dataease.auth.util.LinkUtil;
+import io.dataease.auth.util.RsaUtil;
+import io.dataease.base.domain.PanelLink;
+import io.dataease.commons.utils.LogUtil;
+import org.apache.commons.lang3.StringUtils;
+import org.apache.shiro.web.filter.authc.AnonymousFilter;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.http.HttpServletRequest;
+
+public class F2CLinkFilter extends AnonymousFilter {
+
+    private static final Logger logger = LoggerFactory.getLogger(F2CLogoutFilter.class);
+
+    private static final String LINK_TOKEN_KEY = "LINK-PWD-TOKEN";
+
+    @Override
+    protected boolean onPreHandle(ServletRequest request, ServletResponse response, Object mappedValue) {
+        try{
+            HttpServletRequest req = (HttpServletRequest) request;
+            String link_token = req.getHeader(LINK_TOKEN_KEY);
+            DecodedJWT jwt = JWT.decode(link_token);
+            Claim resourceId = jwt.getClaim("resourceId");
+            String id = resourceId.asString();
+            PanelLink panelLink = LinkUtil.queryLink(id);
+            if (ObjectUtil.isEmpty(panelLink)) return false;
+            if (!panelLink.getEnablePwd()) {
+                panelLink.setPwd("dataease");
+            }
+            return JWTUtils.verifyLink(link_token, id, RsaUtil.decryptByPrivateKey(RsaProperties.privateKey, panelLink.getPwd()));
+        }catch (Exception e) {
+            LogUtil.error(e);
+        }
+        return false;
+
+    }
+
+
+
+
+}
--- a/backend/src/main/java/io/dataease/auth/service/impl/ShiroServiceImpl.java
+++ b/backend/src/main/java/io/dataease/auth/service/impl/ShiroServiceImpl.java
@ -41,8 +41,7 @@ public class ShiroServiceImpl implements ShiroService {

        //验证链接
        filterChainDefinitionMap.put("/api/link/validate**", ANON);
-        filterChainDefinitionMap.put("/panel/group/findOne/**", ANON);
-        filterChainDefinitionMap.put("/chart/view/getData/**", ANON);
+


        filterChainDefinitionMap.put("/system/ui/**", ANON);
@ -59,9 +58,16 @@ public class ShiroServiceImpl implements ShiroService {
        filterChainDefinitionMap.put("/tokenExpired", ANON);
        filterChainDefinitionMap.put("/downline", ANON);
        filterChainDefinitionMap.put("/common-files/**", ANON);
+
        filterChainDefinitionMap.put("/api/auth/logout", "logout");
+
+        filterChainDefinitionMap.put("/api/link/resourceDetail/**", "link");
+        filterChainDefinitionMap.put("/api/link/viewDetail/**", "link");
+
        filterChainDefinitionMap.put("/**", "authc");
+
        filterChainDefinitionMap.put("/**", "jwt");
+
        return filterChainDefinitionMap;
    }
    
--- a/backend/src/main/java/io/dataease/auth/util/LinkUtil.java
+++ b/backend/src/main/java/io/dataease/auth/util/LinkUtil.java
@ -0,0 +1,22 @@
+package io.dataease.auth.util;
+
+import io.dataease.base.domain.PanelLink;
+import io.dataease.service.panel.PanelLinkService;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Component;
+
+@Component
+public class LinkUtil {
+
+
+    private static PanelLinkService panelLinkService;
+
+    @Autowired
+    public void setPanelLinkService(PanelLinkService panelLinkService) {
+        LinkUtil.panelLinkService = panelLinkService;
+    }
+
+    public static PanelLink queryLink(String resourceId) {
+        return panelLinkService.findOne(resourceId);
+    }
+}
--- a/backend/src/main/java/io/dataease/controller/panel/api/LinkApi.java
+++ b/backend/src/main/java/io/dataease/controller/panel/api/LinkApi.java
@ -1,6 +1,7 @@
 package io.dataease.controller.panel.api;


+import io.dataease.controller.request.chart.ChartExtRequest;
 import io.dataease.controller.request.panel.link.EnablePwdRequest;
 import io.dataease.controller.request.panel.link.LinkRequest;
 import io.dataease.controller.request.panel.link.PasswordRequest;
@ -40,4 +41,12 @@ public interface LinkApi {
    @ApiOperation("验证密码")
    @PostMapping("/validatePwd")
    boolean validatePwd(PasswordRequest request) throws Exception;
+
+    @ApiOperation("资源详息")
+    @PostMapping("/resourceDetail/{resourceId}")
+    Object resourceDetail(@PathVariable String resourceId);
+
+    @ApiOperation("视图详息")
+    @PostMapping("/viewDetail/{viewId}")
+    Object viewDetail(@PathVariable String viewId, @RequestBody ChartExtRequest requestList) throws Exception;
 }
--- a/backend/src/main/java/io/dataease/controller/panel/server/LinkServer.java
+++ b/backend/src/main/java/io/dataease/controller/panel/server/LinkServer.java
@ -4,18 +4,22 @@ package io.dataease.controller.panel.server;
 import com.google.gson.Gson;
 import io.dataease.base.domain.PanelLink;
 import io.dataease.controller.panel.api.LinkApi;
+import io.dataease.controller.request.chart.ChartExtRequest;
 import io.dataease.controller.request.panel.link.EnablePwdRequest;
 import io.dataease.controller.request.panel.link.LinkRequest;
 import io.dataease.controller.request.panel.link.PasswordRequest;
 import io.dataease.controller.request.panel.link.ValidateRequest;
 import io.dataease.dto.panel.link.GenerateDto;
 import io.dataease.dto.panel.link.ValidateDto;
+import io.dataease.service.chart.ChartViewService;
 import io.dataease.service.panel.PanelLinkService;
 import org.apache.commons.lang3.ObjectUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RestController;
+
+import javax.annotation.Resource;
 import java.util.Map;


@ -27,6 +31,9 @@ public class LinkServer implements LinkApi {
    @Autowired
    private PanelLinkService panelLinkService;

+    @Resource
+    private ChartViewService chartViewService;
+

    @Override
    public void replacePwd(@RequestBody PasswordRequest request) {
@ -73,4 +80,14 @@ public class LinkServer implements LinkApi {
    public boolean validatePwd(@RequestBody PasswordRequest request) throws Exception {
        return panelLinkService.validatePwd(request);
    }
+
+    @Override
+    public Object resourceDetail(@PathVariable String resourceId) {
+        return panelLinkService.resourceInfo(resourceId);
+    }
+
+    @Override
+    public Object viewDetail(String viewId, ChartExtRequest requestList) throws Exception{
+        return chartViewService.getData(viewId, requestList);
+    }
 }
--- a/backend/src/main/java/io/dataease/service/panel/PanelLinkService.java
+++ b/backend/src/main/java/io/dataease/service/panel/PanelLinkService.java
@ -4,7 +4,9 @@ import com.google.gson.Gson;
 import io.dataease.auth.config.RsaProperties;
 import io.dataease.auth.util.JWTUtils;
 import io.dataease.auth.util.RsaUtil;
+import io.dataease.base.domain.PanelGroupWithBLOBs;
 import io.dataease.base.domain.PanelLink;
+import io.dataease.base.mapper.PanelGroupMapper;
 import io.dataease.base.mapper.PanelLinkMapper;
 import io.dataease.commons.utils.ServletUtils;
 import io.dataease.controller.request.panel.link.EnablePwdRequest;
@ -32,6 +34,9 @@ public class PanelLinkService {
    @Resource
    private PanelLinkMapper mapper;

+    @Resource
+    private PanelGroupMapper panelGroupMapper;
+
    public void changeValid(LinkRequest request){
        PanelLink po = new PanelLink();
        po.setResourceId(request.getResourceId());
@ -117,7 +122,16 @@ public class PanelLinkService {
    public Boolean validateHeads(PanelLink panelLink) throws Exception{
        HttpServletRequest request = ServletUtils.request();
        String token = request.getHeader("LINK-PWD-TOKEN");
-        if (StringUtils.isEmpty(token) || StringUtils.equals("undefined", token) || StringUtils.equals("null", token)) return false;
+        if (!panelLink.getEnablePwd() || StringUtils.isEmpty(token) || StringUtils.equals("undefined", token) || StringUtils.equals("null", token)) {
+            String resourceId = panelLink.getResourceId();
+            String pwd = "dataease";
+            String tk = JWTUtils.signLink(resourceId, pwd);
+            HttpServletResponse httpServletResponse = ServletUtils.response();
+            httpServletResponse.addHeader("Access-Control-Expose-Headers", "LINK-PWD-TOKEN");
+            httpServletResponse.setHeader("LINK-PWD-TOKEN", tk);
+            return false;
+        }
+        if (StringUtils.isEmpty(panelLink.getPwd())) return false;
        boolean verify = JWTUtils.verifyLink(token, panelLink.getResourceId(), decryptParam(panelLink.getPwd()));
        return verify;
    }
@ -137,4 +151,9 @@ public class PanelLinkService {
        return pass;
    }

+    public PanelGroupWithBLOBs resourceInfo(String resourceId) {
+        return panelGroupMapper.selectByPrimaryKey(resourceId);
+    }
+
+
 }
--- a/frontend/src/api/link/index.js
+++ b/frontend/src/api/link/index.js
@ -51,7 +51,17 @@ export function loadGenerate(resourceId) {

 export function loadResource(resourceId) {
  return request({
-    url: 'panel/group/findOne/' + resourceId,
-    method: 'get'
+    url: 'api/link/resourceDetail/' + resourceId,
+    method: 'post'
+  })
+}
+
+export function viewInfo(id, data) {
+  return request({
+    url: 'api/link/viewDetail/' + id,
+    method: 'post',
+    timeout: 30000,
+    hideMsg: true,
+    data
  })
 }
--- a/frontend/src/components/Notification/index.vue
+++ b/frontend/src/components/Notification/index.vue
@ -120,17 +120,30 @@ export default {
      if (this.$route && this.$route.name && this.$route.name === row.router) {
        // 如果当前路由就是目标路由 那么使用router.push页面不会刷新 这时候要使用事件方式
        row.callback && bus.$emit(row.callback, param)
+        row.status || this.setReaded(row.msgId)
      } else {
-        this.$router.push({ name: row.router, params: param })
+        if (this.hasPermissionRoute(row.router)) {
+          this.$router.push({ name: row.router, params: param })
+          row.status || this.setReaded(row.msgId)
+          return
+        }
+        this.$warning(this.$t('commons.no_target_permission'))
      }
-
-      row.status || this.setReaded(row.msgId)
    },
    remove(row) {

    },
    msgSetting() {

+    },
+    hasPermissionRoute(name, permission_routes) {
+      permission_routes = permission_routes || this.permission_routes
+      for (let index = 0; index < permission_routes.length; index++) {
+        const route = permission_routes[index]
+        if (route.name && route.name === name) return true
+        if (route.children && this.hasPermissionRoute(name, route.children)) return true
+      }
+      return false
    },
    showMore() {
      const routerName = 'sys-msg-web-all'
--- a/frontend/src/components/canvas/custom-component/UserView.vue
+++ b/frontend/src/components/canvas/custom-component/UserView.vue
@ -25,6 +25,7 @@
 <script>

 import { viewData } from '@/api/panel/panel'
+import { viewInfo } from '@/api/link'
 import ChartComponent from '@/views/chart/components/ChartComponent.vue'
 import TableNormal from '@/views/chart/components/table/TableNormal'
 import LabelNormal from '../../../views/chart/components/normal/LabelNormal'
@ -35,7 +36,7 @@ import { isChange } from '@/utils/conditionUtil'
 import { BASE_CHART_STRING } from '@/views/chart/chart/chart'
 import eventBus from '@/components/canvas/utils/eventBus'
 import { deepCopy } from '@/components/canvas/utils/utils'
-
+import { getToken, getLinkToken } from '@/utils/auth'
 export default {
  name: 'UserView',
  components: { ChartComponent, TableNormal, LabelNormal },
@ -161,7 +162,14 @@ export default {
      if (id) {
        this.requestStatus = 'waiting'
        this.message = null
-        viewData(id, this.filter).then(response => {
+
+        // 增加判断 仪表板公共连接中使用viewInfo 正常使用viewData
+        let method = viewData
+        if (!getToken() && getLinkToken()) {
+          method = viewInfo
+        }
+
+        method(id, this.filter).then(response => {
          // 将视图传入echart组件
          if (response.success) {
            this.chart = response.data
--- a/frontend/src/lang/en.js
+++ b/frontend/src/lang/en.js
@ -129,6 +129,7 @@ export default {
    password_error: 'The password can not be less than 8 digits'
  },
  commons: {
+    no_target_permission: 'No permission',
    success: 'Success',
    switch_lang: 'Switch Language Success',
    close: 'Close',
@ -823,7 +824,8 @@ export default {
    map_range: 'Map range',
    select_map_range: 'Please select map range',
    area: 'Area',
-    placeholder_field: 'Drag Field To Here'
+    placeholder_field: 'Drag Field To Here',
+    axis_label_rotate: 'Label Rotate'
  },
  dataset: {
    sheet_warn: 'There are multiple sheet pages, and the first one is extracted by default',
--- a/frontend/src/lang/tw.js
+++ b/frontend/src/lang/tw.js
@ -129,6 +129,7 @@ export default {
    password_error: '密碼不小於 8 位'
  },
  commons: {
+    no_target_permission: '沒有權限',
    success: '成功',
    switch_lang: '切換語言成功',
    close: '關閉',
@ -823,7 +824,8 @@ export default {
    select_map_range: '請選擇地圖範圍',
    area: '地區',
    stack_item: '堆疊項',
-    placeholder_field: '拖動字段至此處'
+    placeholder_field: '拖動字段至此處',
+    axis_label_rotate: '標簽角度'
  },
  dataset: {
    sheet_warn: '有多個sheet頁面，默認抽取第一個',
--- a/frontend/src/lang/zh.js
+++ b/frontend/src/lang/zh.js
@ -129,6 +129,7 @@ export default {
    password_error: '密码不小于 8 位'
  },
  commons: {
+    no_target_permission: '没有权限',
    success: '成功',
    switch_lang: '切换语言成功',
    close: '关闭',
@ -823,7 +824,8 @@ export default {
    select_map_range: '请选择地图范围',
    area: '地区',
    stack_item: '堆叠项',
-    placeholder_field: '拖动字段至此处'
+    placeholder_field: '拖动字段至此处',
+    axis_label_rotate: '标签角度'
  },
  dataset: {
    sheet_warn: '有多个 Sheet 页，默认抽取第一个',
--- a/frontend/src/utils/request.js
+++ b/frontend/src/utils/request.js
@ -79,8 +79,8 @@ const checkAuth = response => {
    store.dispatch('user/refreshToken', refreshToken)
  }

-  if (response.headers[LinkTokenKey.toLocaleLowerCase()]) {
-    const linkToken = response.headers[LinkTokenKey.toLocaleLowerCase()]
+  if (response.headers[LinkTokenKey.toLocaleLowerCase()] || (response.config.headers && response.config.headers[LinkTokenKey.toLocaleLowerCase()])) {
+    const linkToken = response.headers[LinkTokenKey.toLocaleLowerCase()] || response.config.headers[LinkTokenKey.toLocaleLowerCase()]
    setLinkToken(linkToken)
  }
  // 许可状态改变 刷新页面
--- a/frontend/src/views/chart/components/component-style/XAxisSelector.vue
+++ b/frontend/src/views/chart/components/component-style/XAxisSelector.vue
@ -15,13 +15,10 @@
          <el-form-item :label="$t('chart.name')" class="form-item">
            <el-input v-model="axisForm.name" size="mini" @blur="changeXAxisStyle" />
          </el-form-item>
-          <el-form-item :label="$t('chart.rotate')" class="form-item form-item-slider">
-            <el-slider v-model="axisForm.axisLabel.rotate" show-input :show-input-controls="false" :min="-90" :max="90" input-size="mini" @change="changeXAxisStyle" />
-          </el-form-item>
          <el-form-item :label="$t('chart.axis_name_color')" class="form-item">
            <el-color-picker v-model="axisForm.nameTextStyle.color" class="color-picker-style" @change="changeXAxisStyle" />
          </el-form-item>
-          <el-form-item :label="$t('chart.axis_name_fontsize')" class="form-item form-item-slider">
+          <el-form-item :label="$t('chart.axis_name_fontsize')" class="form-item">
            <el-select v-model="axisForm.nameTextStyle.fontSize" :placeholder="$t('chart.axis_name_fontsize')" @change="changeXAxisStyle">
              <el-option v-for="option in fontSize" :key="option.value" :label="option.name" :value="option.value" />
            </el-select>
@ -53,7 +50,10 @@
            <el-form-item :label="$t('chart.axis_label_color')" class="form-item">
              <el-color-picker v-model="axisForm.axisLabel.color" class="el-color-picker" @change="changeXAxisStyle" />
            </el-form-item>
-            <el-form-item :label="$t('chart.axis_label_fontsize')" class="form-item form-item-slider">
+            <el-form-item :label="$t('chart.axis_label_rotate')" class="form-item form-item-slider">
+              <el-slider v-model="axisForm.axisLabel.rotate" show-input :show-input-controls="false" :min="-90" :max="90" input-size="mini" @change="changeXAxisStyle" />
+            </el-form-item>
+            <el-form-item :label="$t('chart.axis_label_fontsize')" class="form-item">
              <el-select v-model="axisForm.axisLabel.fontSize" :placeholder="$t('chart.axis_label_fontsize')" @change="changeXAxisStyle">
                <el-option v-for="option in fontSize" :key="option.value" :label="option.name" :value="option.value" />
              </el-select>
--- a/frontend/src/views/chart/components/component-style/YAxisSelector.vue
+++ b/frontend/src/views/chart/components/component-style/YAxisSelector.vue
@ -15,13 +15,10 @@
          <el-form-item :label="$t('chart.name')" class="form-item">
            <el-input v-model="axisForm.name" size="mini" @blur="changeYAxisStyle" />
          </el-form-item>
-          <el-form-item :label="$t('chart.rotate')" class="form-item form-item-slider">
-            <el-slider v-model="axisForm.axisLabel.rotate" show-input :show-input-controls="false" :min="-90" :max="90" input-size="mini" @change="changeYAxisStyle" />
-          </el-form-item>
          <el-form-item :label="$t('chart.axis_name_color')" class="form-item">
            <el-color-picker v-model="axisForm.nameTextStyle.color" class="color-picker-style" @change="changeYAxisStyle" />
          </el-form-item>
-          <el-form-item :label="$t('chart.axis_name_fontsize')" class="form-item form-item-slider">
+          <el-form-item :label="$t('chart.axis_name_fontsize')" class="form-item">
            <el-select v-model="axisForm.nameTextStyle.fontSize" :placeholder="$t('chart.axis_name_fontsize')" @change="changeYAxisStyle">
              <el-option v-for="option in fontSize" :key="option.value" :label="option.name" :value="option.value" />
            </el-select>
@ -53,7 +50,10 @@
            <el-form-item :label="$t('chart.axis_label_color')" class="form-item">
              <el-color-picker v-model="axisForm.axisLabel.color" class="el-color-picker" @change="changeYAxisStyle" />
            </el-form-item>
-            <el-form-item :label="$t('chart.axis_label_fontsize')" class="form-item form-item-slider">
+            <el-form-item :label="$t('chart.axis_label_rotate')" class="form-item form-item-slider">
+              <el-slider v-model="axisForm.axisLabel.rotate" show-input :show-input-controls="false" :min="-90" :max="90" input-size="mini" @change="changeYAxisStyle" />
+            </el-form-item>
+            <el-form-item :label="$t('chart.axis_label_fontsize')" class="form-item">
              <el-select v-model="axisForm.axisLabel.fontSize" :placeholder="$t('chart.axis_label_fontsize')" @change="changeYAxisStyle">
                <el-option v-for="option in fontSize" :key="option.value" :label="option.name" :value="option.value" />
              </el-select>
--- a/frontend/src/views/dataset/data/CalcFieldEdit.vue
+++ b/frontend/src/views/dataset/data/CalcFieldEdit.vue
@ -217,12 +217,11 @@ export default {
    'param': function() {
      this.initFunctions()
    },
-    'field': function() {
-      if (this.field.id) {
-        this.fieldForm = JSON.parse(JSON.stringify(this.field))
-      } else {
-        this.fieldForm = JSON.parse(JSON.stringify(this.fieldForm))
-      }
+    'field': {
+      handler: function() {
+        this.initField()
+      },
+      deep: true
    }
  },
  mounted() {
@ -230,6 +229,7 @@ export default {
      this.$refs.myCm.codemirror.showHint()
    })
    this.initFunctions()
+    this.initField()
  },
  methods: {
    onCmReady(cm) {
@ -256,7 +256,16 @@ export default {
      })
    },

+    initField() {
+      if (this.field.id) {
+        this.fieldForm = JSON.parse(JSON.stringify(this.field))
+      } else {
+        this.fieldForm = JSON.parse(JSON.stringify(this.fieldForm))
+      }
+    },
+
    closeCalcField() {
+      this.resetField()
      this.$emit('onEditClose', {})
    },

@ -268,6 +277,21 @@ export default {
      post('/dataset/field/save', this.fieldForm).then(response => {
        this.closeCalcField()
      })
+    },
+
+    resetField() {
+      this.fieldForm = {
+        id: null,
+        name: '',
+        groupType: 'd',
+        deType: 0,
+        originName: '',
+        tableId: this.param.id,
+        checked: 1,
+        columnIndex: this.tableFields.dimensionList.length + this.tableFields.quotaList.length,
+        size: 0,
+        extField: 2
+      }
    }
  }
 }
--- a/frontend/src/views/dataset/data/FieldEdit.vue
+++ b/frontend/src/views/dataset/data/FieldEdit.vue
@ -247,7 +247,6 @@
      :visible="editCalcField"
      :show-close="false"
      class="dialog-css"
-      :destroy-on-close="true"
      :title="currEditField.id?$t('dataset.edit_calc_field'):$t('dataset.add_calc_field')"
      append-to-body
    >
--- a/frontend/src/views/link/pwd/index.vue
+++ b/frontend/src/views/link/pwd/index.vue
@ -13,7 +13,7 @@
        <div class="input-layout">
          <div class="input-main">
            <div class="div-input">
-              <el-form ref="pwdForm" :model="form" :rules="rule" size="small">
+              <el-form ref="pwdForm" :model="form" :rules="rule" size="small" @submit.native.prevent>
                <el-form-item prop="password">
                  <el-input v-model="form.password" maxlength="4" show-password class="real-input" :placeholder="$t('pblink.input_placeholder')" />
                </el-form-item>
@ -65,8 +65,25 @@ export default {
      }
    }
  },
-
+  mounted() {
+    this.bindKey()
+  },
+  destroyed() {
+    this.unBindKey()
+  },
  methods: {
+    entryKey(event) {
+      const keyCode = event.keyCode
+      if (keyCode === 13) {
+        this.refresh()
+      }
+    },
+    bindKey() {
+      document.addEventListener('keypress', this.entryKey)
+    },
+    unBindKey() {
+      document.removeEventListener('keypress', this.entryKey)
+    },
    // 验证密码是否正确 如果正确 设置请求头部带LINK-PWD-TOKEN=entrypt(pwd)再刷新页面
    refresh() {
      this.$refs.pwdForm.validate(valid => {
--- a/frontend/src/views/msg/all.vue
+++ b/frontend/src/views/msg/all.vue
@ -55,6 +55,7 @@ import { query, updateStatus } from '@/api/system/msg'
 import { msgTypes, getTypeName, loadMsgTypes } from '@/utils/webMsg'
 import bus from '@/utils/bus'
 import { addOrder, formatOrders } from '@/utils/index'
+import { mapGetters } from 'vuex'
 export default {
  components: {
    LayoutContent,
@ -82,6 +83,11 @@ export default {
      orderConditions: []
    }
  },
+  computed: {
+    ...mapGetters([
+      'permission_routes'
+    ])
+  },
  mounted() {
    this.search()
  },
@ -120,8 +126,21 @@ export default {
    },
    toDetail(row) {
      const param = { ...{ msgNotification: true, msgType: row.typeId, sourceParam: row.param }}
-      this.$router.push({ name: row.router, params: param })
-      row.status || this.setReaded(row)
+      if (this.hasPermissionRoute(row.router)) {
+        this.$router.push({ name: row.router, params: param })
+        row.status || this.setReaded(row)
+        return
+      }
+      this.$warning(this.$t('commons.no_target_permission'))
+    },
+    hasPermissionRoute(name, permission_routes) {
+      permission_routes = permission_routes || this.permission_routes
+      for (let index = 0; index < permission_routes.length; index++) {
+        const route = permission_routes[index]
+        if (route.name && route.name === name) return true
+        if (route.children && this.hasPermissionRoute(name, route.children)) return true
+      }
+      return false
    },
    // 设置已读
    setReaded(row) {
--- a/frontend/src/views/msg/readed.vue
+++ b/frontend/src/views/msg/readed.vue
@ -60,6 +60,7 @@ import ComplexTable from '@/components/business/complex-table'
 import { query } from '@/api/system/msg'
 import { msgTypes, getTypeName, loadMsgTypes } from '@/utils/webMsg'
 import { addOrder, formatOrders } from '@/utils/index'
+import { mapGetters } from 'vuex'
 export default {
  components: {
    LayoutContent,
@ -87,6 +88,11 @@ export default {
      }
    }
  },
+  computed: {
+    ...mapGetters([
+      'permission_routes'
+    ])
+  },
  mounted() {
    this.search()
  },
@ -125,7 +131,21 @@ export default {
    },
    toDetail(row) {
      const param = { ...{ msgNotification: true, msgType: row.typeId, sourceParam: row.param }}
-      this.$router.push({ name: row.router, params: param })
+      // this.$router.push({ name: row.router, params: param })
+      if (this.hasPermissionRoute(row.router)) {
+        this.$router.push({ name: row.router, params: param })
+        return
+      }
+      this.$warning(this.$t('commons.no_target_permission'))
+    },
+    hasPermissionRoute(name, permission_routes) {
+      permission_routes = permission_routes || this.permission_routes
+      for (let index = 0; index < permission_routes.length; index++) {
+        const route = permission_routes[index]
+        if (route.name && route.name === name) return true
+        if (route.children && this.hasPermissionRoute(name, route.children)) return true
+      }
+      return false
    },
    sortChange({ column, prop, order }) {
      this.orderConditions = []
--- a/frontend/src/views/msg/unread.vue
+++ b/frontend/src/views/msg/unread.vue
@ -65,7 +65,7 @@ import { query, updateStatus, batchRead } from '@/api/system/msg'
 import { msgTypes, getTypeName, loadMsgTypes } from '@/utils/webMsg'
 import bus from '@/utils/bus'
 import { addOrder, formatOrders } from '@/utils/index'
-
+import { mapGetters } from 'vuex'
 export default {
  components: {
    LayoutContent,
@ -98,6 +98,11 @@ export default {
      orderConditions: []
    }
  },
+  computed: {
+    ...mapGetters([
+      'permission_routes'
+    ])
+  },
  mounted() {
    this.search()
  },
@ -136,8 +141,23 @@ export default {
    },
    toDetail(row) {
      const param = { ...{ msgNotification: true, msgType: row.typeId, sourceParam: row.param }}
-      this.$router.push({ name: row.router, params: param })
-      this.setReaded(row)
+      //   this.$router.push({ name: row.router, params: param })
+      //   this.setReaded(row)
+      if (this.hasPermissionRoute(row.router)) {
+        this.$router.push({ name: row.router, params: param })
+        this.setReaded(row)
+        return
+      }
+      this.$warning(this.$t('commons.no_target_permission'))
+    },
+    hasPermissionRoute(name, permission_routes) {
+      permission_routes = permission_routes || this.permission_routes
+      for (let index = 0; index < permission_routes.length; index++) {
+        const route = permission_routes[index]
+        if (route.name && route.name === name) return true
+        if (route.children && this.hasPermissionRoute(name, route.children)) return true
+      }
+      return false
    },
    // 设置已读
    setReaded(row) {