center/dataease-dm
center/dataease-dm
13
0
Fork 0
forked from github/dataease
Code Pull Requests Activity

Merge pull request #1836 from dataease/pr@dev@refactor_permission

Browse Source 
refactor: 数据集视图权限
This commit is contained in:
Junjun 2022-02-27 14:53:21 +08:00 committed by GitHub
commit 723a0aa608
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
6 changed files with 38 additions and 38 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
backend/src/main/java/io/dataease/controller/chart/ChartController.java
View File

@ -1,26 +0,0 @@
package io.dataease.controller.chart;
import com.alibaba.fastjson.JSON;
import com.github.xiaoymin.knife4j.annotations.ApiSupport;
import io.dataease.controller.request.dataset.DataSetTableRequest;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import org.springframework.web.bind.annotation.*;
import java.util.ArrayList;
import java.util.List;
@Api(tags = "视图:视图管理")
@ApiSupport(order = 110)
@RestController
@RequestMapping("chart/table")
public class ChartController {
@ApiOperation("查询")
@PostMapping("list")
public List<JSON> list(@RequestBody DataSetTableRequest dataSetTableRequest) {
return new ArrayList<>();
}
}

4
backend/src/main/java/io/dataease/controller/chart/ChartGroupController.java
View File

@ -21,24 +21,28 @@ public class ChartGroupController {
@Resource
private ChartGroupService chartGroupService;
@ApiIgnore
@ApiOperation("保存")
@PostMapping("/save")
public ChartGroupDTO save(@RequestBody ChartGroup ChartGroup) {
return chartGroupService.save(ChartGroup);
}
@ApiIgnore
@ApiOperation("查询树")
@PostMapping("/tree")
public List<ChartGroupDTO> tree(@RequestBody ChartGroupRequest ChartGroup) {
return chartGroupService.tree(ChartGroup);
}
@ApiIgnore
@ApiOperation("查询树节点")
@PostMapping("/treeNode")
public List<ChartGroupDTO> treeNode(@RequestBody ChartGroupRequest ChartGroup) {
return chartGroupService.tree(ChartGroup);
}
@ApiIgnore
@ApiOperation("删除")
@PostMapping("/delete/{id}")
public void tree(@PathVariable String id) {

5
backend/src/main/java/io/dataease/controller/dataset/DataSetGroupController.java
View File

@ -45,14 +45,13 @@ public class DataSetGroupController {
return dataSetGroupService.save(datasetGroup);
}
@RequiresPermissions("data:read")
@ApiOperation("查询树")
@ApiIgnore
@PostMapping("/tree")
public List<DataSetGroupDTO> tree(@RequestBody DataSetGroupRequest datasetGroup) {
return dataSetGroupService.tree(datasetGroup);
}
@ApiOperation("查询树节点")
@ApiIgnore
@PostMapping("/treeNode")
public List<DataSetGroupDTO> treeNode(@RequestBody DataSetGroupRequest datasetGroup) {
return dataSetGroupService.treeNode(datasetGroup);

28
backend/src/main/java/io/dataease/controller/dataset/DataSetTableController.java
View File

@ -10,9 +10,9 @@ import io.dataease.commons.constants.DePermissionType;
import io.dataease.commons.constants.ResourceAuthLevel;
import io.dataease.controller.request.dataset.DataSetTableRequest;
import io.dataease.controller.response.DataSetDetail;
import io.dataease.dto.datasource.TableField;
import io.dataease.dto.dataset.DataSetTableDTO;
import io.dataease.dto.dataset.ExcelFileData;
import io.dataease.dto.datasource.TableField;
import io.dataease.service.dataset.DataSetTableService;
import io.swagger.annotations.*;
import org.apache.shiro.authz.annotation.Logical;
@ -38,9 +38,9 @@ public class DataSetTableController {
@RequiresPermissions("data:read")
@DePermissions(value = {
@DePermission(type = DePermissionType.DATASET, value = "id"),
@DePermission(type = DePermissionType.DATASET, value = "sceneId", level = ResourceAuthLevel.DATASET_LEVEL_MANAGE),
@DePermission(type = DePermissionType.DATASOURCE, value = "dataSourceId", level = ResourceAuthLevel.DATASET_LEVEL_USE)
@DePermission(type = DePermissionType.DATASET, value = "id"),
@DePermission(type = DePermissionType.DATASET, value = "sceneId", level = ResourceAuthLevel.DATASET_LEVEL_MANAGE),
@DePermission(type = DePermissionType.DATASOURCE, value = "dataSourceId", level = ResourceAuthLevel.DATASET_LEVEL_USE)
}, logical = Logical.AND)
@ApiOperation("批量保存")
@PostMapping("batchAdd")
@ -85,6 +85,7 @@ public class DataSetTableController {
}
@RequiresPermissions("data:read")
@DePermission(type = DePermissionType.DATASET, level = ResourceAuthLevel.DATASET_LEVEL_USE, value = "sceneId")
@ApiOperation("查询")
@PostMapping("list")
public List<DataSetTableDTO> list(@RequestBody DataSetTableRequest dataSetTableRequest) {
@ -92,6 +93,7 @@ public class DataSetTableController {
}
@RequiresPermissions("data:read")
@DePermission(type = DePermissionType.DATASET, level = ResourceAuthLevel.DATASET_LEVEL_USE, value = "sceneId")
@ApiOperation("查询组")
@PostMapping("listAndGroup")
public List<DataSetTableDTO> listAndGroup(@RequestBody DataSetTableRequest dataSetTableRequest) {
@ -107,6 +109,7 @@ public class DataSetTableController {
}
@RequiresPermissions("data:read")
@DePermission(type = DePermissionType.DATASET, level = ResourceAuthLevel.DATASET_LEVEL_USE)
@ApiOperation("带权限查询")
@PostMapping("getWithPermission/{id}")
public DataSetTableDTO getWithPermission(@PathVariable String id) {
@ -114,48 +117,63 @@ public class DataSetTableController {
}
@RequiresPermissions("data:read")
@DePermission(type = DePermissionType.DATASOURCE, level = ResourceAuthLevel.DATASOURCE_LEVEL_USE, value = "dataSourceId")
@ApiOperation("查询原始字段")
@PostMapping("getFields")
public List<TableField> getFields(@RequestBody DatasetTable datasetTable) throws Exception {
return dataSetTableService.getFields(datasetTable);
}
@RequiresPermissions("data:read")
@DePermission(type = DePermissionType.DATASET, level = ResourceAuthLevel.DATASET_LEVEL_USE, value = "id")
@ApiOperation("查询生成字段")
@PostMapping("getFieldsFromDE")
public Map<String, List<DatasetTableField>> getFieldsFromDE(@RequestBody DataSetTableRequest dataSetTableRequest) throws Exception {
return dataSetTableService.getFieldsFromDE(dataSetTableRequest);
}
@RequiresPermissions("data:read")
@DePermission(type = DePermissionType.DATASET, level = ResourceAuthLevel.DATASET_LEVEL_USE, value = "id")
@ApiOperation("查询预览数据")
@PostMapping("getPreviewData/{page}/{pageSize}")
public Map<String, Object> getPreviewData(@RequestBody DataSetTableRequest dataSetTableRequest, @PathVariable Integer page, @PathVariable Integer pageSize) throws Exception {
return dataSetTableService.getPreviewData(dataSetTableRequest, page, pageSize, null);
}
@RequiresPermissions("data:read")
@DePermission(type = DePermissionType.DATASOURCE, level = ResourceAuthLevel.DATASOURCE_LEVEL_USE, value = "dataSourceId")
@ApiOperation("根据sql查询预览数据")
@PostMapping("sqlPreview")
public Map<String, Object> getSQLPreview(@RequestBody DataSetTableRequest dataSetTableRequest) throws Exception {
return dataSetTableService.getSQLPreview(dataSetTableRequest);
}
@ApiOperation("客户预览数据")
@RequiresPermissions("data:read")
@DePermission(type = DePermissionType.DATASOURCE, level = ResourceAuthLevel.DATASOURCE_LEVEL_USE, value = "dataSourceId")
@ApiOperation("预览自定义数据数据")
@PostMapping("customPreview")
public Map<String, Object> customPreview(@RequestBody DataSetTableRequest dataSetTableRequest) throws Exception {
return dataSetTableService.getCustomPreview(dataSetTableRequest);
}
@RequiresPermissions("data:read")
@DePermission(type = DePermissionType.DATASET, level = ResourceAuthLevel.DATASET_LEVEL_USE, value = "tableId")
@ApiOperation("查询增量配置")
@PostMapping("incrementalConfig")
public DatasetTableIncrementalConfig incrementalConfig(@RequestBody DatasetTableIncrementalConfig datasetTableIncrementalConfig) throws Exception {
return dataSetTableService.incrementalConfig(datasetTableIncrementalConfig);
}
@RequiresPermissions("data:read")
@DePermission(type = DePermissionType.DATASET, level = ResourceAuthLevel.DATASET_LEVEL_MANAGE, value = "tableId")
@ApiOperation("保存增量配置")
@PostMapping("save/incrementalConfig")
public void saveIncrementalConfig(@RequestBody DatasetTableIncrementalConfig datasetTableIncrementalConfig) throws Exception {
dataSetTableService.saveIncrementalConfig(datasetTableIncrementalConfig);
}
@RequiresPermissions("data:read")
@DePermission(type = DePermissionType.DATASET)
@ApiOperation("数据集详息")
@PostMapping("datasetDetail/{id}")
public DataSetDetail datasetDetail(@PathVariable String id) {

11
backend/src/main/java/io/dataease/controller/dataset/DataSetTableFieldController.java
View File

@ -4,6 +4,7 @@ import com.auth0.jwt.JWT;
import com.auth0.jwt.interfaces.DecodedJWT;
import com.github.xiaoymin.knife4j.annotations.ApiSupport;
import io.dataease.auth.annotation.DePermission;
import io.dataease.auth.annotation.DePermissions;
import io.dataease.auth.filter.F2CLinkFilter;
import io.dataease.base.domain.DatasetTable;
import io.dataease.base.domain.DatasetTableField;
@ -21,6 +22,7 @@ import io.dataease.service.dataset.PermissionService;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import org.apache.commons.lang3.ObjectUtils;
import org.apache.shiro.authz.annotation.Logical;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.springframework.beans.BeanUtils;
import org.springframework.beans.factory.annotation.Autowired;
@ -139,10 +141,13 @@ public class DataSetTableFieldController {
return dataSetTableFieldsService.save(datasetTableField);
}
//TODO 校验权限
@RequiresPermissions("data:read")
@DePermissions(value = {
@DePermission(type = DePermissionType.DATASET, level = ResourceAuthLevel.DATASET_LEVEL_MANAGE, paramIndex = 1)
})
@ApiOperation("删除")
@PostMapping("delete/{id}")
public void delete(@PathVariable String id) {
@PostMapping("delete/{id}/{tableId}")
public void delete(@PathVariable String id, @PathVariable String tableId) {
dataSetTableFieldsService.delete(id);
}

2
frontend/src/views/dataset/data/FieldEdit.vue
View File

@ -392,7 +392,7 @@ export default {
cancelButtonText: this.$t('dataset.cancel'),
type: 'warning'
}).then(() => {
post('/dataset/field/delete/' + item.id, null).then(response => {
post('/dataset/field/delete/' + item.id + '/' + item.tableId, null).then(response => {
this.$message({
type: 'success',
message: this.$t('chart.delete_success'),