center/dataease-dm
center/dataease-dm
13
0
Fork 0
forked from github/dataease
Code Pull Requests Activity

Merge pull request #1836 from dataease/pr@dev@refactor_permission

Browse Source 
refactor: 数据集视图权限
This commit is contained in:
Junjun 2022-02-27 14:53:21 +08:00 committed by GitHub
commit 723a0aa608
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
6 changed files with 38 additions and 38 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
backend/src/main/java/io/dataease/controller/chart/ChartController.java
View File

@ -1,26 +0,0 @@
package io.dataease.controller.chart;
import com.alibaba.fastjson.JSON;
import com.github.xiaoymin.knife4j.annotations.ApiSupport;
import io.dataease.controller.request.dataset.DataSetTableRequest;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import org.springframework.web.bind.annotation.*;
import java.util.ArrayList;
import java.util.List;
@Api(tags = "视图:视图管理")
@ApiSupport(order = 110)
@RestController
@RequestMapping("chart/table")
public class ChartController {
@ApiOperation("查询")
@PostMapping("list")
public List<JSON> list(@RequestBody DataSetTableRequest dataSetTableRequest) {
return new ArrayList<>();
}
}

4
backend/src/main/java/io/dataease/controller/chart/ChartGroupController.java
View File

@ -21,24 +21,28 @@ public class ChartGroupController {
@Resource @Resource
private ChartGroupService chartGroupService; private ChartGroupService chartGroupService;
@ApiIgnore
@ApiOperation("保存") @ApiOperation("保存")
@PostMapping("/save") @PostMapping("/save")
public ChartGroupDTO save(@RequestBody ChartGroup ChartGroup) { public ChartGroupDTO save(@RequestBody ChartGroup ChartGroup) {
return chartGroupService.save(ChartGroup); return chartGroupService.save(ChartGroup);
} }
@ApiIgnore
@ApiOperation("查询树") @ApiOperation("查询树")
@PostMapping("/tree") @PostMapping("/tree")
public List<ChartGroupDTO> tree(@RequestBody ChartGroupRequest ChartGroup) { public List<ChartGroupDTO> tree(@RequestBody ChartGroupRequest ChartGroup) {
return chartGroupService.tree(ChartGroup); return chartGroupService.tree(ChartGroup);
} }
@ApiIgnore
@ApiOperation("查询树节点") @ApiOperation("查询树节点")
@PostMapping("/treeNode") @PostMapping("/treeNode")
public List<ChartGroupDTO> treeNode(@RequestBody ChartGroupRequest ChartGroup) { public List<ChartGroupDTO> treeNode(@RequestBody ChartGroupRequest ChartGroup) {
return chartGroupService.tree(ChartGroup); return chartGroupService.tree(ChartGroup);
} }
@ApiIgnore
@ApiOperation("删除") @ApiOperation("删除")
@PostMapping("/delete/{id}") @PostMapping("/delete/{id}")
public void tree(@PathVariable String id) { public void tree(@PathVariable String id) {

5
backend/src/main/java/io/dataease/controller/dataset/DataSetGroupController.java
View File

@ -45,14 +45,13 @@ public class DataSetGroupController {
return dataSetGroupService.save(datasetGroup); return dataSetGroupService.save(datasetGroup);
} }
@RequiresPermissions("data:read") @ApiIgnore
@ApiOperation("查询树")
@PostMapping("/tree") @PostMapping("/tree")
public List<DataSetGroupDTO> tree(@RequestBody DataSetGroupRequest datasetGroup) { public List<DataSetGroupDTO> tree(@RequestBody DataSetGroupRequest datasetGroup) {
return dataSetGroupService.tree(datasetGroup); return dataSetGroupService.tree(datasetGroup);
} }
@ApiOperation("查询树节点") @ApiIgnore
@PostMapping("/treeNode") @PostMapping("/treeNode")
public List<DataSetGroupDTO> treeNode(@RequestBody DataSetGroupRequest datasetGroup) { public List<DataSetGroupDTO> treeNode(@RequestBody DataSetGroupRequest datasetGroup) {
return dataSetGroupService.treeNode(datasetGroup); return dataSetGroupService.treeNode(datasetGroup);

28
backend/src/main/java/io/dataease/controller/dataset/DataSetTableController.java
View File

@ -10,9 +10,9 @@ import io.dataease.commons.constants.DePermissionType;
import io.dataease.commons.constants.ResourceAuthLevel; import io.dataease.commons.constants.ResourceAuthLevel;
import io.dataease.controller.request.dataset.DataSetTableRequest; import io.dataease.controller.request.dataset.DataSetTableRequest;
import io.dataease.controller.response.DataSetDetail; import io.dataease.controller.response.DataSetDetail;
import io.dataease.dto.datasource.TableField;
import io.dataease.dto.dataset.DataSetTableDTO; import io.dataease.dto.dataset.DataSetTableDTO;
import io.dataease.dto.dataset.ExcelFileData; import io.dataease.dto.dataset.ExcelFileData;
import io.dataease.dto.datasource.TableField;
import io.dataease.service.dataset.DataSetTableService; import io.dataease.service.dataset.DataSetTableService;
import io.swagger.annotations.*; import io.swagger.annotations.*;
import org.apache.shiro.authz.annotation.Logical; import org.apache.shiro.authz.annotation.Logical;
@ -38,9 +38,9 @@ public class DataSetTableController {
@RequiresPermissions("data:read") @RequiresPermissions("data:read")
@DePermissions(value = { @DePermissions(value = {
@DePermission(type = DePermissionType.DATASET, value = "id"), @DePermission(type = DePermissionType.DATASET, value = "id"),
@DePermission(type = DePermissionType.DATASET, value = "sceneId", level = ResourceAuthLevel.DATASET_LEVEL_MANAGE), @DePermission(type = DePermissionType.DATASET, value = "sceneId", level = ResourceAuthLevel.DATASET_LEVEL_MANAGE),
@DePermission(type = DePermissionType.DATASOURCE, value = "dataSourceId", level = ResourceAuthLevel.DATASET_LEVEL_USE) @DePermission(type = DePermissionType.DATASOURCE, value = "dataSourceId", level = ResourceAuthLevel.DATASET_LEVEL_USE)
}, logical = Logical.AND) }, logical = Logical.AND)
@ApiOperation("批量保存") @ApiOperation("批量保存")
@PostMapping("batchAdd") @PostMapping("batchAdd")
@ -85,6 +85,7 @@ public class DataSetTableController {
} }
@RequiresPermissions("data:read") @RequiresPermissions("data:read")
@DePermission(type = DePermissionType.DATASET, level = ResourceAuthLevel.DATASET_LEVEL_USE, value = "sceneId")
@ApiOperation("查询") @ApiOperation("查询")
@PostMapping("list") @PostMapping("list")
public List<DataSetTableDTO> list(@RequestBody DataSetTableRequest dataSetTableRequest) { public List<DataSetTableDTO> list(@RequestBody DataSetTableRequest dataSetTableRequest) {
@ -92,6 +93,7 @@ public class DataSetTableController {
} }
@RequiresPermissions("data:read") @RequiresPermissions("data:read")
@DePermission(type = DePermissionType.DATASET, level = ResourceAuthLevel.DATASET_LEVEL_USE, value = "sceneId")
@ApiOperation("查询组") @ApiOperation("查询组")
@PostMapping("listAndGroup") @PostMapping("listAndGroup")
public List<DataSetTableDTO> listAndGroup(@RequestBody DataSetTableRequest dataSetTableRequest) { public List<DataSetTableDTO> listAndGroup(@RequestBody DataSetTableRequest dataSetTableRequest) {
@ -107,6 +109,7 @@ public class DataSetTableController {
} }
@RequiresPermissions("data:read") @RequiresPermissions("data:read")
@DePermission(type = DePermissionType.DATASET, level = ResourceAuthLevel.DATASET_LEVEL_USE)
@ApiOperation("带权限查询") @ApiOperation("带权限查询")
@PostMapping("getWithPermission/{id}") @PostMapping("getWithPermission/{id}")
public DataSetTableDTO getWithPermission(@PathVariable String id) { public DataSetTableDTO getWithPermission(@PathVariable String id) {
@ -114,48 +117,63 @@ public class DataSetTableController {
} }
@RequiresPermissions("data:read") @RequiresPermissions("data:read")
@DePermission(type = DePermissionType.DATASOURCE, level = ResourceAuthLevel.DATASOURCE_LEVEL_USE, value = "dataSourceId")
@ApiOperation("查询原始字段") @ApiOperation("查询原始字段")
@PostMapping("getFields") @PostMapping("getFields")
public List<TableField> getFields(@RequestBody DatasetTable datasetTable) throws Exception { public List<TableField> getFields(@RequestBody DatasetTable datasetTable) throws Exception {
return dataSetTableService.getFields(datasetTable); return dataSetTableService.getFields(datasetTable);
} }
@RequiresPermissions("data:read")
@DePermission(type = DePermissionType.DATASET, level = ResourceAuthLevel.DATASET_LEVEL_USE, value = "id")
@ApiOperation("查询生成字段") @ApiOperation("查询生成字段")
@PostMapping("getFieldsFromDE") @PostMapping("getFieldsFromDE")
public Map<String, List<DatasetTableField>> getFieldsFromDE(@RequestBody DataSetTableRequest dataSetTableRequest) throws Exception { public Map<String, List<DatasetTableField>> getFieldsFromDE(@RequestBody DataSetTableRequest dataSetTableRequest) throws Exception {
return dataSetTableService.getFieldsFromDE(dataSetTableRequest); return dataSetTableService.getFieldsFromDE(dataSetTableRequest);
} }
@RequiresPermissions("data:read")
@DePermission(type = DePermissionType.DATASET, level = ResourceAuthLevel.DATASET_LEVEL_USE, value = "id")
@ApiOperation("查询预览数据") @ApiOperation("查询预览数据")
@PostMapping("getPreviewData/{page}/{pageSize}") @PostMapping("getPreviewData/{page}/{pageSize}")
public Map<String, Object> getPreviewData(@RequestBody DataSetTableRequest dataSetTableRequest, @PathVariable Integer page, @PathVariable Integer pageSize) throws Exception { public Map<String, Object> getPreviewData(@RequestBody DataSetTableRequest dataSetTableRequest, @PathVariable Integer page, @PathVariable Integer pageSize) throws Exception {
return dataSetTableService.getPreviewData(dataSetTableRequest, page, pageSize, null); return dataSetTableService.getPreviewData(dataSetTableRequest, page, pageSize, null);
} }
@RequiresPermissions("data:read")
@DePermission(type = DePermissionType.DATASOURCE, level = ResourceAuthLevel.DATASOURCE_LEVEL_USE, value = "dataSourceId")
@ApiOperation("根据sql查询预览数据") @ApiOperation("根据sql查询预览数据")
@PostMapping("sqlPreview") @PostMapping("sqlPreview")
public Map<String, Object> getSQLPreview(@RequestBody DataSetTableRequest dataSetTableRequest) throws Exception { public Map<String, Object> getSQLPreview(@RequestBody DataSetTableRequest dataSetTableRequest) throws Exception {
return dataSetTableService.getSQLPreview(dataSetTableRequest); return dataSetTableService.getSQLPreview(dataSetTableRequest);
} }
@ApiOperation("客户预览数据") @RequiresPermissions("data:read")
@DePermission(type = DePermissionType.DATASOURCE, level = ResourceAuthLevel.DATASOURCE_LEVEL_USE, value = "dataSourceId")
@ApiOperation("预览自定义数据数据")
@PostMapping("customPreview") @PostMapping("customPreview")
public Map<String, Object> customPreview(@RequestBody DataSetTableRequest dataSetTableRequest) throws Exception { public Map<String, Object> customPreview(@RequestBody DataSetTableRequest dataSetTableRequest) throws Exception {
return dataSetTableService.getCustomPreview(dataSetTableRequest); return dataSetTableService.getCustomPreview(dataSetTableRequest);
} }
@RequiresPermissions("data:read")
@DePermission(type = DePermissionType.DATASET, level = ResourceAuthLevel.DATASET_LEVEL_USE, value = "tableId")
@ApiOperation("查询增量配置") @ApiOperation("查询增量配置")
@PostMapping("incrementalConfig") @PostMapping("incrementalConfig")
public DatasetTableIncrementalConfig incrementalConfig(@RequestBody DatasetTableIncrementalConfig datasetTableIncrementalConfig) throws Exception { public DatasetTableIncrementalConfig incrementalConfig(@RequestBody DatasetTableIncrementalConfig datasetTableIncrementalConfig) throws Exception {
return dataSetTableService.incrementalConfig(datasetTableIncrementalConfig); return dataSetTableService.incrementalConfig(datasetTableIncrementalConfig);
} }
@RequiresPermissions("data:read")
@DePermission(type = DePermissionType.DATASET, level = ResourceAuthLevel.DATASET_LEVEL_MANAGE, value = "tableId")
@ApiOperation("保存增量配置") @ApiOperation("保存增量配置")
@PostMapping("save/incrementalConfig") @PostMapping("save/incrementalConfig")
public void saveIncrementalConfig(@RequestBody DatasetTableIncrementalConfig datasetTableIncrementalConfig) throws Exception { public void saveIncrementalConfig(@RequestBody DatasetTableIncrementalConfig datasetTableIncrementalConfig) throws Exception {
dataSetTableService.saveIncrementalConfig(datasetTableIncrementalConfig); dataSetTableService.saveIncrementalConfig(datasetTableIncrementalConfig);
} }
@RequiresPermissions("data:read")
@DePermission(type = DePermissionType.DATASET)
@ApiOperation("数据集详息") @ApiOperation("数据集详息")
@PostMapping("datasetDetail/{id}") @PostMapping("datasetDetail/{id}")
public DataSetDetail datasetDetail(@PathVariable String id) { public DataSetDetail datasetDetail(@PathVariable String id) {

11
backend/src/main/java/io/dataease/controller/dataset/DataSetTableFieldController.java
View File

@ -4,6 +4,7 @@ import com.auth0.jwt.JWT;
import com.auth0.jwt.interfaces.DecodedJWT; import com.auth0.jwt.interfaces.DecodedJWT;
import com.github.xiaoymin.knife4j.annotations.ApiSupport; import com.github.xiaoymin.knife4j.annotations.ApiSupport;
import io.dataease.auth.annotation.DePermission; import io.dataease.auth.annotation.DePermission;
import io.dataease.auth.annotation.DePermissions;
import io.dataease.auth.filter.F2CLinkFilter; import io.dataease.auth.filter.F2CLinkFilter;
import io.dataease.base.domain.DatasetTable; import io.dataease.base.domain.DatasetTable;
import io.dataease.base.domain.DatasetTableField; import io.dataease.base.domain.DatasetTableField;
@ -21,6 +22,7 @@ import io.dataease.service.dataset.PermissionService;
import io.swagger.annotations.Api; import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation; import io.swagger.annotations.ApiOperation;
import org.apache.commons.lang3.ObjectUtils; import org.apache.commons.lang3.ObjectUtils;
import org.apache.shiro.authz.annotation.Logical;
import org.apache.shiro.authz.annotation.RequiresPermissions; import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.springframework.beans.BeanUtils; import org.springframework.beans.BeanUtils;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
@ -139,10 +141,13 @@ public class DataSetTableFieldController {
return dataSetTableFieldsService.save(datasetTableField); return dataSetTableFieldsService.save(datasetTableField);
} }
//TODO 校验权限 @RequiresPermissions("data:read")
@DePermissions(value = {
@DePermission(type = DePermissionType.DATASET, level = ResourceAuthLevel.DATASET_LEVEL_MANAGE, paramIndex = 1)
})
@ApiOperation("删除") @ApiOperation("删除")
@PostMapping("delete/{id}") @PostMapping("delete/{id}/{tableId}")
public void delete(@PathVariable String id) { public void delete(@PathVariable String id, @PathVariable String tableId) {
dataSetTableFieldsService.delete(id); dataSetTableFieldsService.delete(id);
} }

2
frontend/src/views/dataset/data/FieldEdit.vue
View File

@ -392,7 +392,7 @@ export default {
cancelButtonText: this.$t('dataset.cancel'), cancelButtonText: this.$t('dataset.cancel'),
type: 'warning' type: 'warning'
}).then(() => { }).then(() => {
post('/dataset/field/delete/' + item.id, null).then(response => { post('/dataset/field/delete/' + item.id + '/' + item.tableId, null).then(response => {
this.$message({ this.$message({
type: 'success', type: 'success',
message: this.$t('chart.delete_success'), message: this.$t('chart.delete_success'),