package io.dataease.service.dataset; import com.alibaba.fastjson.JSONObject; import io.dataease.auth.api.dto.CurrentRoleDto; import io.dataease.auth.api.dto.CurrentUserDto; import io.dataease.auth.entity.SysUserEntity; import io.dataease.auth.service.AuthUserService; import io.dataease.base.domain.DatasetTable; import io.dataease.base.domain.DatasetTableField; import io.dataease.commons.constants.ColumnPermissionConstants; import io.dataease.commons.utils.AuthUtils; import io.dataease.dto.chart.ChartCustomFilterItemDTO; import io.dataease.dto.chart.ChartFieldCustomFilterDTO; import io.dataease.plugins.config.SpringContextUtil; import io.dataease.plugins.xpack.auth.dto.request.*; import io.dataease.plugins.xpack.auth.service.ColumnPermissionService; import io.dataease.plugins.xpack.auth.service.RowPermissionService; import org.apache.commons.collections4.CollectionUtils; import org.apache.commons.lang3.StringUtils; import org.springframework.stereotype.Service; import javax.annotation.Resource; import java.util.*; import java.util.stream.Collectors; @Service public class PermissionService { @Resource private AuthUserService authUserService; public List getCustomFilters(List fields, DatasetTable datasetTable, Long user) { List customFilter = new ArrayList<>(); for (DatasetRowPermissions datasetRowPermissions : rowPermissions(datasetTable.getId(), user)) { ChartFieldCustomFilterDTO dto = new ChartFieldCustomFilterDTO(); if (StringUtils.isEmpty(datasetRowPermissions.getDatasetFieldId())) { continue; } DatasetTableField field = getFieldById(fields, datasetRowPermissions.getDatasetFieldId()); if (field == null) { continue; } dto.setField(field); dto.setId(field.getId()); dto.setFilterType(datasetRowPermissions.getFilterType()); if (datasetRowPermissions.getFilterType().equalsIgnoreCase("logic")) { if (StringUtils.isEmpty(datasetRowPermissions.getFilter())) { continue; } List lists = JSONObject.parseArray(datasetRowPermissions.getFilter(), ChartCustomFilterItemDTO.class); lists.forEach(chartCustomFilterDTO -> { chartCustomFilterDTO.setFieldId(field.getId()); }); dto.setFilter(lists); dto.setLogic(datasetRowPermissions.getLogic()); customFilter.add(dto); } else { if (StringUtils.isEmpty(datasetRowPermissions.getEnumCheckField())) { continue; } dto.setEnumCheckField(Arrays.asList(datasetRowPermissions.getEnumCheckField().split(",").clone())); customFilter.add(dto); } } return customFilter; } public List filterColumnPermissons(List fields, List desensitizationList, String datasetTableId, Long user){ List result = new ArrayList<>(); List allColumnPermissionItems = new ArrayList<>(); for (DataSetColumnPermissionsDTO dataSetColumnPermissionsDTO : columnPermissions(datasetTableId, user)) { ColumnPermissions columnPermissions = JSONObject.parseObject(dataSetColumnPermissionsDTO.getPermissions(), ColumnPermissions.class); if(!columnPermissions.getEnable()){continue;} allColumnPermissionItems.addAll(columnPermissions.getColumns().stream().filter(columnPermissionItem -> columnPermissionItem.getSelected()).collect(Collectors.toList())); } fields.forEach(field ->{ List permissions = allColumnPermissionItems.stream().filter(columnPermissionItem -> columnPermissionItem.getId().equalsIgnoreCase(field.getId())).map(ColumnPermissionItem::getOpt).collect(Collectors.toList()); if(CollectionUtils.isEmpty(permissions)){ result.add(field); }else { if(!permissions.contains(ColumnPermissionConstants.Prohibit)){ desensitizationList.add(field.getDataeaseName()); result.add(field); } } }); return result; } private List rowPermissions(String datasetId, Long userId) { List datasetRowPermissions = new ArrayList<>(); Map beansOfType = SpringContextUtil.getApplicationContext().getBeansOfType((RowPermissionService.class)); if (beansOfType.keySet().size() == 0) { return new ArrayList<>(); } RowPermissionService rowPermissionService = SpringContextUtil.getBean(RowPermissionService.class); SysUserEntity userEntity = userId != null ? authUserService.getUserById(userId) : AuthUtils.getUser(); List roleIds = new ArrayList<>(); Long deptId = null; if (userEntity == null ) { return datasetRowPermissions; } if (userEntity.getIsAdmin()) { return datasetRowPermissions; } userId = userEntity.getUserId(); deptId = userEntity.getDeptId(); roleIds = authUserService.roles(userId).stream().map(r -> Long.valueOf(r)).collect(Collectors.toList()); DataSetRowPermissionsDTO dataSetRowPermissionsDTO = new DataSetRowPermissionsDTO(); dataSetRowPermissionsDTO.setDatasetId(datasetId); dataSetRowPermissionsDTO.setAuthTargetIds(Collections.singletonList(userId)); dataSetRowPermissionsDTO.setAuthTargetType("user"); datasetRowPermissions.addAll(rowPermissionService.searchRowPermissions(dataSetRowPermissionsDTO)); dataSetRowPermissionsDTO.setAuthTargetIds(roleIds); dataSetRowPermissionsDTO.setAuthTargetType("role"); datasetRowPermissions.addAll(rowPermissionService.searchRowPermissions(dataSetRowPermissionsDTO)); dataSetRowPermissionsDTO.setAuthTargetIds(Collections.singletonList(deptId)); dataSetRowPermissionsDTO.setAuthTargetType("dept"); datasetRowPermissions.addAll(rowPermissionService.searchRowPermissions(dataSetRowPermissionsDTO)); return datasetRowPermissions; } private List columnPermissions(String datasetId, Long userId) { List datasetColumnPermissions = new ArrayList<>(); Map beansOfType = SpringContextUtil.getApplicationContext().getBeansOfType((ColumnPermissionService.class)); if (beansOfType.keySet().size() == 0) { return new ArrayList<>(); } ColumnPermissionService columnPermissionService = SpringContextUtil.getBean(ColumnPermissionService.class); SysUserEntity userEntity = userId != null ? authUserService.getUserById(userId) : AuthUtils.getUser(); List roleIds = new ArrayList<>(); Long deptId = null; if (userEntity == null ) { return datasetColumnPermissions; } if (userEntity.getIsAdmin()) { return datasetColumnPermissions; } userId = userEntity.getUserId(); deptId = userEntity.getDeptId(); roleIds = authUserService.roles(userId).stream().map(r -> Long.valueOf(r)).collect(Collectors.toList()); DataSetColumnPermissionsDTO dataSetColumnPermissionsDTO = new DataSetColumnPermissionsDTO(); dataSetColumnPermissionsDTO.setDatasetId(datasetId); dataSetColumnPermissionsDTO.setAuthTargetIds(Collections.singletonList(userId)); dataSetColumnPermissionsDTO.setAuthTargetType("user"); datasetColumnPermissions.addAll(columnPermissionService.searchPermissions(dataSetColumnPermissionsDTO)); dataSetColumnPermissionsDTO.setAuthTargetIds(roleIds); dataSetColumnPermissionsDTO.setAuthTargetType("role"); datasetColumnPermissions.addAll(columnPermissionService.searchPermissions(dataSetColumnPermissionsDTO)); dataSetColumnPermissionsDTO.setAuthTargetIds(Collections.singletonList(deptId)); dataSetColumnPermissionsDTO.setAuthTargetType("dept"); datasetColumnPermissions.addAll(columnPermissionService.searchPermissions(dataSetColumnPermissionsDTO)); return datasetColumnPermissions; } private DatasetTableField getFieldById(List fields, String fieldId) { DatasetTableField field = null; for (DatasetTableField datasetTableField : fields) { if (fieldId.equalsIgnoreCase(datasetTableField.getId())) { field = datasetTableField; } } return field; } }