fix: 查询组件去除包含列权限脱敏和禁用的列

2023-12-07 16:50:04 +08:00 · 2023-12-07 16:50:04 +08:00 · 6c5b3561e5
commit 6c5b3561e5
parent 7abb01e06d
8 changed files with 72 additions and 12 deletions
--- a/core/core-backend/src/main/java/io/dataease/dataset/manage/DatasetGroupManage.java
+++ b/core/core-backend/src/main/java/io/dataease/dataset/manage/DatasetGroupManage.java
@ -498,4 +498,26 @@ public class DatasetGroupManage {
            geFullName(parent.getPid(), fullName);
        }
    }
+
+    public List<DatasetTableDTO> getDetailWithPerm(List<Long> ids) {
+        var result = new ArrayList<DatasetTableDTO>();
+        if (CollectionUtil.isNotEmpty(ids)) {
+            var dsList = coreDatasetGroupMapper.selectBatchIds(ids);
+            if (CollectionUtil.isNotEmpty(dsList)) {
+                dsList.forEach(ds -> {
+                    DatasetTableDTO dto = new DatasetTableDTO();
+                    BeanUtils.copyBean(dto, ds);
+                    var fields  = datasetTableFieldManage.listFieldsWithPermissions(ds.getId());
+                    List<DatasetTableFieldDTO> dimensionList = fields.stream().filter(ele -> StringUtils.equalsIgnoreCase(ele.getGroupType(), "d")).toList();
+                    List<DatasetTableFieldDTO> quotaList = fields.stream().filter(ele -> StringUtils.equalsIgnoreCase(ele.getGroupType(), "q")).toList();
+                    Map<String, List<DatasetTableFieldDTO>> map = new LinkedHashMap<>();
+                    map.put("dimensionList", dimensionList);
+                    map.put("quotaList", quotaList);
+                    dto.setFields(map);
+                    result.add(dto);
+                });
+            }
+        }
+        return result;
+    }
 }
--- a/core/core-backend/src/main/java/io/dataease/dataset/manage/DatasetTableFieldManage.java
+++ b/core/core-backend/src/main/java/io/dataease/dataset/manage/DatasetTableFieldManage.java
@ -1,6 +1,9 @@
 package io.dataease.dataset.manage;

+import cn.hutool.core.collection.CollUtil;
 import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
+import io.dataease.api.chart.dto.ColumnPermissionItem;
+import io.dataease.auth.bo.TokenUserBO;
 import io.dataease.dataset.dao.auto.entity.CoreDatasetTableField;
 import io.dataease.dataset.dao.auto.mapper.CoreDatasetGroupMapper;
 import io.dataease.dataset.dao.auto.mapper.CoreDatasetTableFieldMapper;
@ -9,6 +12,7 @@ import io.dataease.datasource.provider.CalciteProvider;
 import io.dataease.dto.dataset.DatasetTableFieldDTO;
 import io.dataease.exception.DEException;
 import io.dataease.i18n.Translator;
+import io.dataease.utils.AuthUtils;
 import io.dataease.utils.BeanUtils;
 import io.dataease.utils.IDUtils;
 import jakarta.annotation.Resource;
@ -18,9 +22,7 @@ import org.springframework.stereotype.Component;
 import org.springframework.transaction.annotation.Transactional;
 import org.springframework.util.CollectionUtils;

-import java.util.LinkedHashMap;
-import java.util.List;
-import java.util.Map;
+import java.util.*;
 import java.util.stream.Collectors;

 /**
@ -187,6 +189,19 @@ public class DatasetTableFieldManage {
        return map;
    }

+    public List<DatasetTableFieldDTO> listFieldsWithPermissions(Long id) {
+        List<DatasetTableFieldDTO> fields = selectByDatasetGroupId(id);
+        Map<String, ColumnPermissionItem> desensitizationList = new HashMap<>();
+        Long userId = AuthUtils.getUser() == null ? null : AuthUtils.getUser().getUserId();
+        return permissionManage
+                .filterColumnPermissions(fields, desensitizationList, id, userId)
+                .stream()
+                .filter(o -> !desensitizationList.containsKey(o.getDataeaseName()))
+                .sorted(Comparator.comparing(DatasetTableFieldDTO::getGroupType))
+                .toList();
+    }
+
+
    public List<DatasetTableFieldDTO> transDTO(List<CoreDatasetTableField> list) {
        return list.stream().map(ele -> {
            DatasetTableFieldDTO dto = new DatasetTableFieldDTO();
--- a/core/core-backend/src/main/java/io/dataease/dataset/server/DatasetFieldServer.java
+++ b/core/core-backend/src/main/java/io/dataease/dataset/server/DatasetFieldServer.java
@ -53,6 +53,11 @@ public class DatasetFieldServer implements DatasetTableApi {
        return datasetTableFieldManage.listByDQ(id);
    }

+    @Override
+    public List<DatasetTableFieldDTO> listFieldsWithPermissions(Long id) {
+        return datasetTableFieldManage.listFieldsWithPermissions(id);
+    }
+
    @Override
    public List<String> multFieldValuesForPermissions(@RequestBody MultFieldValuesRequest multFieldValuesRequest) throws Exception {
        return datasetDataManage.getFieldEnum(multFieldValuesRequest.getFieldIds());
--- a/core/core-backend/src/main/java/io/dataease/dataset/server/DatasetTreeServer.java
+++ b/core/core-backend/src/main/java/io/dataease/dataset/server/DatasetTreeServer.java
@ -77,4 +77,10 @@ public class DatasetTreeServer implements DatasetTreeApi {
    public List<SqlVariableDetails> getSqlParams(List<Long> ids) throws Exception {
        return datasetGroupManage.getSqlParams(ids);
    }
+
+    @Override
+    public List<DatasetTableDTO> detailWithPerm(List<Long> ids) throws Exception {
+        return datasetGroupManage.getDetailWithPerm(ids);
+    }
+
 }
--- a/core/core-frontend/src/api/dataset.ts
+++ b/core/core-frontend/src/api/dataset.ts
@ -154,6 +154,11 @@ export const getDsDetails = async (data): Promise<DatasetDetail[]> => {
    return res?.data
  })
 }
+export const getDsDetailsWithPerm = async (data): Promise<DatasetDetail[]> => {
+  return request.post({ url: '/datasetTree/detailWithPerm', data }).then(res => {
+    return res?.data
+  })
+}
 export const getSqlParams = async (data): Promise<ParamsDetail[]> => {
  return request.post({ url: '/datasetTree/getSqlParams', data }).then(res => {
    return res?.data
@ -175,6 +180,10 @@ export const multFieldValuesForPermissions = (data = {}) => {
  return request.post({ url: '/datasetField/multFieldValuesForPermissions', data })
 }

+export const listFieldsWithPermissions = (datasetId: number) => {
+  return request.get({ url: '/datasetField/listWithPermissions/' + datasetId })
+}
+
 export const saveRowPermission = (data = {}) => {
  return request.post({ url: '/dataset/rowPermissions/save', data })
 }
--- a/core/core-frontend/src/custom-component/v-query/QueryConditionConfiguration.vue
+++ b/core/core-frontend/src/custom-component/v-query/QueryConditionConfiguration.vue
@ -7,7 +7,7 @@ import { useI18n } from '@/hooks/web/useI18n'
 import { fieldType } from '@/utils/attr'
 import { ElMessage } from 'element-plus-secondary'
 import type { DatasetDetail } from '@/api/dataset'
-import { getDsDetails, getSqlParams } from '@/api/dataset'
+import { getDsDetailsWithPerm, getSqlParams, listFieldsWithPermissions } from '@/api/dataset'
 import EmptyBackground from '@/components/empty-background/src/EmptyBackground.vue'
 import { cloneDeep } from 'lodash-es'
 import Select from './Select.vue'
@ -391,7 +391,7 @@ const init = (queryId: string) => {
  }
  const params = [...new Set(datasetFieldList.value.map(ele => ele.tableId).filter(ele => !!ele))]
  if (!params.length) return
-  getDsDetails(params)
+  getDsDetailsWithPerm(params)
    .then(res => {
      res
        .filter(ele => !!ele)
@ -438,7 +438,7 @@ const handleCondition = item => {
  curComponent.value = conditions.value.find(ele => ele.id === item.id)

  multiple.value = curComponent.value.multiple
-  if (!curComponent.value.dataset.fields.length) {
+  if (!curComponent.value.dataset.fields.length && curComponent.value.dataset.id) {
    getOptions(curComponent.value.dataset.id, curComponent.value)
  }
  datasetFieldList.value.forEach(ele => {
@ -468,12 +468,8 @@ const handleCondition = item => {
 }

 const getOptions = (id, component) => {
-  getDsDetails([id]).then(res => {
-    res.forEach(ele => {
-      if (!ele) return
-      const { dimensionList, quotaList } = ele.fields
-      component.dataset.fields = [...dimensionList, ...quotaList]
-    })
+  listFieldsWithPermissions(id).then(res => {
+    component.dataset.fields = res.data
  })
 }

--- a/sdk/api/api-base/src/main/java/io/dataease/api/dataset/DatasetTableApi.java
+++ b/sdk/api/api-base/src/main/java/io/dataease/api/dataset/DatasetTableApi.java
@ -3,6 +3,7 @@ package io.dataease.api.dataset;
 import io.dataease.api.dataset.dto.MultFieldValuesRequest;
 import io.dataease.api.dataset.engine.SQLFunctionDTO;
 import io.dataease.dto.dataset.DatasetTableFieldDTO;
+import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestBody;
@ -37,6 +38,9 @@ public interface DatasetTableApi {
    @PostMapping("listByDQ/{id}")
    Map<String, List<DatasetTableFieldDTO>> listByDQ(@PathVariable Long id);

+    @GetMapping ("listWithPermissions/{id}")
+    List<DatasetTableFieldDTO> listFieldsWithPermissions(@PathVariable Long id);
+

    @PostMapping("multFieldValuesForPermissions")
    List<String> multFieldValuesForPermissions(@RequestBody MultFieldValuesRequest multFieldValuesRequest) throws Exception;
--- a/sdk/api/api-base/src/main/java/io/dataease/api/dataset/DatasetTreeApi.java
+++ b/sdk/api/api-base/src/main/java/io/dataease/api/dataset/DatasetTreeApi.java
@ -72,4 +72,7 @@ public interface DatasetTreeApi {

    @PostMapping("getSqlParams")
    List<SqlVariableDetails> getSqlParams(@RequestBody List<Long> ids) throws Exception;
+
+    @PostMapping("detailWithPerm")
+    List<DatasetTableDTO> detailWithPerm(@RequestBody List<Long> ids) throws Exception;
 }