feat: 数据集列权限

2025-02-24 19:42:56 +08:00 · 2022-01-19 11:49:13 +08:00 · 2022-01-19 11:49:13 +08:00 · d5a3276a1c
commit d5a3276a1c
parent 5c351ea5e4
8 changed files with 57 additions and 42 deletions
--- a/backend/src/main/java/io/dataease/controller/dataset/DataSetTableFieldController.java
+++ b/backend/src/main/java/io/dataease/controller/dataset/DataSetTableFieldController.java
@ -14,6 +14,7 @@ import io.dataease.i18n.Translator;
 import io.dataease.service.dataset.DataSetFieldService;
 import io.dataease.service.dataset.DataSetTableFieldsService;
 import io.dataease.service.dataset.DataSetTableService;
 import io.dataease.service.dataset.PermissionService;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import org.apache.commons.lang3.ObjectUtils;
@ -47,13 +48,17 @@ public class DataSetTableFieldController {
    @Resource
    private DataSetTableService dataSetTableService;
    @Resource
    private PermissionService permissionService;
    @ApiOperation("查询表下属字段")
    @PostMapping("list/{tableId}")
    public List<DatasetTableField> list(@PathVariable String tableId) {
        DatasetTableField datasetTableField = DatasetTableField.builder().build();
        datasetTableField.setTableId(tableId);
-        return dataSetTableFieldsService.list(datasetTableField);
+        List<DatasetTableField> fields = dataSetTableFieldsService.list(datasetTableField);
        fields = permissionService.filterColumnPermissons(fields, new ArrayList<>(), tableId, null);
        return fields;
    }
    @ApiOperation("分组查询表下属字段")
@ -63,8 +68,10 @@ public class DataSetTableFieldController {
        datasetTableField.setTableId(tableId);
        datasetTableField.setGroupType("d");
        List<DatasetTableField> dimensionList = dataSetTableFieldsService.list(datasetTableField);
        dimensionList = permissionService.filterColumnPermissons(dimensionList, new ArrayList<>(), tableId, null);
        datasetTableField.setGroupType("q");
        List<DatasetTableField> quotaList = dataSetTableFieldsService.list(datasetTableField);
        quotaList = permissionService.filterColumnPermissons(quotaList, new ArrayList<>(), tableId, null);
        DatasetTableField4Type datasetTableField4Type = new DatasetTableField4Type();
        datasetTableField4Type.setDimensionList(dimensionList);
--- a/backend/src/main/java/io/dataease/service/chart/ChartViewService.java
+++ b/backend/src/main/java/io/dataease/service/chart/ChartViewService.java
@ -193,33 +193,31 @@ public class ChartViewService {
        return calcData(view, request, request.isCache());
    }
-    private void checkPermissions(List<? extends ChartViewFieldBaseDTO> chartViewFieldDTOS, List<DatasetTableField> fields, List<String> desensitizationList, Boolean alowDesensitization) throws Exception{
+//    private void checkPermissions(List<? extends ChartViewFieldBaseDTO> chartViewFieldDTOS, List<DatasetTableField> fields, List<String> desensitizationList, Boolean alowDesensitization) throws Exception {
-        String filedName = "";
+//        String filedName = "";
-        for (ChartViewFieldBaseDTO chartViewFieldDTO : chartViewFieldDTOS) {
+//        for (ChartViewFieldBaseDTO chartViewFieldDTO : chartViewFieldDTOS) {
-            if(alowDesensitization){
+//            if (alowDesensitization) {
-                if (!fields.stream().map(DatasetTableField::getDataeaseName).collect(Collectors.toList()).contains(chartViewFieldDTO.getDataeaseName())) {
+//                if (!fields.stream().map(DatasetTableField::getDataeaseName).collect(Collectors.toList()).contains(chartViewFieldDTO.getDataeaseName())) {
-                    filedName = filedName + chartViewFieldDTO.getName() + " ,";
+//                    filedName = filedName + chartViewFieldDTO.getName() + " ,";
-                }
+//                }
-            }else {
+//            } else {
-                if (desensitizationList.contains(chartViewFieldDTO.getDataeaseName()) || !fields.stream().map(DatasetTableField::getDataeaseName).collect(Collectors.toList()).contains(chartViewFieldDTO.getDataeaseName())) {
+//                if (desensitizationList.contains(chartViewFieldDTO.getDataeaseName()) || !fields.stream().map(DatasetTableField::getDataeaseName).collect(Collectors.toList()).contains(chartViewFieldDTO.getDataeaseName())) {
-                    filedName = filedName + chartViewFieldDTO.getName() + " ,";
+//                    filedName = filedName + chartViewFieldDTO.getName() + " ,";
-                }
+//                }
-            }
+//            }
-        }
+//        }
-        filedName = filedName.endsWith(",") ? filedName.substring(0, filedName.length() - 1) : filedName;
+//        filedName = filedName.endsWith(",") ? filedName.substring(0, filedName.length() - 1) : filedName;
-        if(StringUtils.isNotEmpty(filedName)){
+//        if (StringUtils.isNotEmpty(filedName)) {
-            throw new Exception("以下字段没有权限: " + filedName);
+//            throw new Exception("以下字段没有权限: " + filedName);
-        }
+//        }
-    }
+//    }
    public ChartViewDTO calcData(ChartViewDTO view, ChartExtRequest requestList, boolean cache) throws Exception {
        if (ObjectUtils.isEmpty(view)) {
            throw new RuntimeException(Translator.get("i18n_chart_delete"));
        }
-        List<ChartViewFieldDTO> xAxis = new Gson().fromJson(view.getXAxis(), new TypeToken<List<ChartViewFieldDTO>>() {
+        List<ChartViewFieldDTO> xAxis = new Gson().fromJson(view.getXAxis(), new TypeToken<List<ChartViewFieldDTO>>() {}.getType());
-        }.getType());
+        List<ChartViewFieldDTO> yAxis = new Gson().fromJson(view.getYAxis(), new TypeToken<List<ChartViewFieldDTO>>() {}.getType());
        List<ChartViewFieldDTO> yAxis = new Gson().fromJson(view.getYAxis(), new TypeToken<List<ChartViewFieldDTO>>() {
        }.getType());
        if (StringUtils.equalsIgnoreCase(view.getType(), "chart-mix")) {
            List<ChartViewFieldDTO> yAxisExt = new Gson().fromJson(view.getYAxisExt(), new TypeToken<List<ChartViewFieldDTO>>() {
            }.getType());
@ -241,8 +239,15 @@ public class ChartViewService {
        //列权限
        List<String> desensitizationList = new ArrayList<>();
-        fields = permissionService.filterColumnPermissons(fields, desensitizationList, datasetTable, null);
+        fields = permissionService.filterColumnPermissons(fields, desensitizationList, datasetTable.getId(), requestList.getUser());
-        checkPermissions(fieldCustomFilter, fields, desensitizationList, false);
+        //将没有权限的列删掉
        List<String> dataeaseNames = fields.stream().map(DatasetTableField::getDataeaseName).collect(Collectors.toList());
        fieldCustomFilter = fieldCustomFilter.stream().filter(item -> !desensitizationList.contains(item.getDataeaseName()) && dataeaseNames.contains(item.getDataeaseName())).collect(Collectors.toList());
        extStack = extStack.stream().filter(item -> !desensitizationList.contains(item.getDataeaseName()) && dataeaseNames.contains(item.getDataeaseName())).collect(Collectors.toList());
        extBubble = extBubble.stream().filter(item -> !desensitizationList.contains(item.getDataeaseName()) && dataeaseNames.contains(item.getDataeaseName())).collect(Collectors.toList());
        drill = drill.stream().filter(item -> !desensitizationList.contains(item.getDataeaseName()) && dataeaseNames.contains(item.getDataeaseName())).collect(Collectors.toList());
        //行权限
        List<ChartFieldCustomFilterDTO> permissionFields = permissionService.getCustomFilters(fields, datasetTable, requestList.getUser());
        fieldCustomFilter.addAll(permissionFields);
@ -255,30 +260,30 @@ public class ChartViewService {
            return emptyChartViewDTO(view);
        }
-        switch (view.getType()){
+        switch (view.getType()) {
            case "text":
            case "gauge":
            case "liquid":
                xAxis = new ArrayList<>();
-                checkPermissions(yAxis, fields, desensitizationList, false);
+                yAxis = yAxis.stream().filter(item -> !desensitizationList.contains(item.getDataeaseName()) && dataeaseNames.contains(item.getDataeaseName())).collect(Collectors.toList());
                if (CollectionUtils.isEmpty(yAxis)) {
                    return emptyChartViewDTO(view);
                }
                break;
            case "table-info":
                yAxis = new ArrayList<>();
-                checkPermissions(xAxis, fields, desensitizationList, true);
+                xAxis = xAxis.stream().filter(item -> dataeaseNames.contains(item.getDataeaseName())).collect(Collectors.toList());
                if (CollectionUtils.isEmpty(xAxis)) {
                    return emptyChartViewDTO(view);
                }
                break;
            case "table-normal":
-                checkPermissions(xAxis, fields, desensitizationList, true);
+                xAxis = xAxis.stream().filter(item -> dataeaseNames.contains(item.getDataeaseName())).collect(Collectors.toList());
-                checkPermissions(yAxis, fields, desensitizationList, true);
+                yAxis = yAxis.stream().filter(item -> dataeaseNames.contains(item.getDataeaseName())).collect(Collectors.toList());
                break;
            default:
-                checkPermissions(xAxis, fields, desensitizationList, false);
+                xAxis = xAxis.stream().filter(item -> !desensitizationList.contains(item.getDataeaseName()) && dataeaseNames.contains(item.getDataeaseName())).collect(Collectors.toList());
-                checkPermissions(yAxis, fields, desensitizationList, false);
+                yAxis = yAxis.stream().filter(item -> !desensitizationList.contains(item.getDataeaseName()) && dataeaseNames.contains(item.getDataeaseName())).collect(Collectors.toList());
        }
        // 过滤来自仪表板的条件
@ -1570,14 +1575,14 @@ public class ChartViewService {
        data.forEach(ele -> {
            Map<String, Object> d = new HashMap<>();
            for (int i = 0; i < fields.size(); i++) {
-                if(CollectionUtils.isNotEmpty(desensitizationList) && desensitizationList.contains(fields.get(i).getDataeaseName())){
+                if (CollectionUtils.isNotEmpty(desensitizationList) && desensitizationList.contains(fields.get(i).getDataeaseName())) {
                    d.put(fields.get(i).getDataeaseName(), ColumnPermissionConstants.Desensitization_desc);
                    continue;
                }
                ChartViewFieldDTO chartViewFieldDTO = fields.get(i);
                if (chartViewFieldDTO.getDeType() == 0 || chartViewFieldDTO.getDeType() == 1) {
-                        d.put(fields.get(i).getDataeaseName(), StringUtils.isEmpty(ele[i]) ? "" : ele[i]);
+                    d.put(fields.get(i).getDataeaseName(), StringUtils.isEmpty(ele[i]) ? "" : ele[i]);
                } else if (chartViewFieldDTO.getDeType() == 2 || chartViewFieldDTO.getDeType() == 3) {
                    d.put(fields.get(i).getDataeaseName(), StringUtils.isEmpty(ele[i]) ? null : new BigDecimal(ele[i]).setScale(2, RoundingMode.HALF_UP));
                }
--- a/backend/src/main/java/io/dataease/service/dataset/DataSetTableService.java
+++ b/backend/src/main/java/io/dataease/service/dataset/DataSetTableService.java
@ -399,7 +399,7 @@ public class DataSetTableService {
        datasetTableField.setTableId(dataSetTableRequest.getId());
        datasetTableField.setChecked(Boolean.TRUE);
        List<DatasetTableField> fields = dataSetTableFieldsService.list(datasetTableField);
-
+        fields = permissionService.filterColumnPermissons(fields, new ArrayList<>(), dataSetTableRequest.getId(), null);
        List<DatasetTableField> dimension = new ArrayList<>();
        List<DatasetTableField> quota = new ArrayList<>();
@ -450,7 +450,7 @@ public class DataSetTableService {
        DatasetTable datasetTable = datasetTableMapper.selectByPrimaryKey(dataSetTableRequest.getId());
        //列权限
        List<String> desensitizationList = new ArrayList<>();
-        fields = permissionService.filterColumnPermissons(fields, desensitizationList, datasetTable, null);
+        fields = permissionService.filterColumnPermissons(fields, desensitizationList, datasetTable.getId(), null);
        //行权限
        List<ChartFieldCustomFilterDTO> customFilter = permissionService.getCustomFilters(fields, datasetTable, null);
        String[] fieldArray = fields.stream().map(DatasetTableField::getDataeaseName).toArray(String[]::new);
--- a/backend/src/main/java/io/dataease/service/dataset/PermissionService.java
+++ b/backend/src/main/java/io/dataease/service/dataset/PermissionService.java
@ -64,10 +64,10 @@ public class PermissionService {
        return customFilter;
    }
-    public List<DatasetTableField> filterColumnPermissons(List<DatasetTableField> fields, List<String>desensitizationList, DatasetTable datasetTable, Long user){
+    public List<DatasetTableField> filterColumnPermissons(List<DatasetTableField> fields, List<String> desensitizationList, String datasetTableId, Long user){
        List<DatasetTableField> result = new ArrayList<>();
        List<ColumnPermissionItem> allColumnPermissionItems = new ArrayList<>();
-        for (DataSetColumnPermissionsDTO dataSetColumnPermissionsDTO : columnPermissions(datasetTable.getId(), user)) {
+        for (DataSetColumnPermissionsDTO dataSetColumnPermissionsDTO : columnPermissions(datasetTableId, user)) {
            ColumnPermissions columnPermissions = JSONObject.parseObject(dataSetColumnPermissionsDTO.getPermissions(), ColumnPermissions.class);
            if(!columnPermissions.getEnable()){continue;}
            allColumnPermissionItems.addAll(columnPermissions.getColumns().stream().filter(columnPermissionItem -> columnPermissionItem.getSelected()).collect(Collectors.toList()));
--- a/backend/src/main/java/io/dataease/service/dataset/impl/direct/DirectFieldService.java
+++ b/backend/src/main/java/io/dataease/service/dataset/impl/direct/DirectFieldService.java
@ -54,7 +54,7 @@ public class DirectFieldService implements DataSetFieldService {
        //列权限
        List<String> desensitizationList = new ArrayList<>();
-        fields = permissionService.filterColumnPermissons(fields, desensitizationList, datasetTable, userId);
+        fields = permissionService.filterColumnPermissons(fields, desensitizationList, datasetTable.getId(), userId);
        if (CollectionUtils.isNotEmpty(desensitizationList) && desensitizationList.contains(field.getDataeaseName())) {
            List<Object> results = new ArrayList<>();
--- a/frontend/src/lang/en.js
+++ b/frontend/src/lang/en.js
@ -1215,7 +1215,8 @@ export default {
      column_permission_not_empty: 'Please select authorization target',
      auth_type: 'Authorization type',
      auth_obj: 'Authorized object',
-      enable: 'Enable column permissions',
+      enable: 'Enable',
      disable: 'Disable',
      prohibit: 'Prohibit',
      desensitization: 'Desensitization'
    },
--- a/frontend/src/lang/tw.js
+++ b/frontend/src/lang/tw.js
@ -1215,7 +1215,8 @@ export default {
      column_permission_not_empty: '列權限不能為空',
      auth_type: '授權類型',
      auth_obj: '授權對象',
-      enable: '啟用列權限',
+      enable: '啟用',
      disable: '禁用',
      prohibit: '禁用',
      desensitization: '脫敏'
    },
--- a/frontend/src/lang/zh.js
+++ b/frontend/src/lang/zh.js
@ -1218,7 +1218,8 @@ export default {
      column_permission_not_empty: '列权限不能为空',
      auth_type: '授权类型',
      auth_obj: '授权对象',
-      enable: '启用列权限',
+      enable: '启用',
      disable: '禁用',
      prohibit: '禁用',
      desensitization: '脱敏'
    },