fix：指标库添加权限校验

controllers/data_manage/edb_classify.go

@@ -889,6 +889,21 @@ func (this *EdbClassifyController) SimpleList() {
 
 	var sortList data_manage.EdbClassifyItemList
 	if parentId > 0 {
+		// 查询当前分类信息
+		currClassify, err := data_manage.GetEdbClassifyById(parentId)
+		if err != nil && err.Error() != utils.ErrNoRow() {
+			br.Msg = "获取失败"
+			br.ErrMsg = "获取当前分类信息失败，Err:" + err.Error()
+			return
+		}
+		// 获取所有有权限的指标和分类
+		permissionEdbIdList, permissionClassifyIdList, err := data.GetUserEdbAndClassifyPermissionList(this.SysUser.AdminId, 0, 0)
+		if err != nil {
+			br.Msg = "获取失败"
+			br.ErrMsg = "获取所有有权限的指标和分类失败，Err:" + err.Error()
+			return
+		}
+
 		// 查询挂在当前分类上的指标列表
 		// 获取当前账号的不可见指标
 		obj := data_manage.EdbInfoNoPermissionAdmin{}
@@ -919,7 +934,7 @@ func (this *EdbClassifyController) SimpleList() {
 			v.Button = button
 			v.Children = make([]*data_manage.EdbClassifyItems, 0)
 			v.ParentId = parentId
-			v.HaveOperaAuth = true
+			v.HaveOperaAuth = data.CheckEdbPermissionByPermissionIdList(v.IsJoinPermission, currClassify.IsJoinPermission, v.EdbInfoId, v.ClassifyId, permissionEdbIdList, permissionClassifyIdList)
 			nodeAll = append(nodeAll, v)
 		}
 	}

controllers/data_manage/edb_info.go

@@ -2135,7 +2135,25 @@ func (this *EdbInfoController) EdbInfoList() {
 	button := data.GetEdbOpButton(this.SysUser, edbInfoItem.SysUserId, edbInfoItem.EdbType, edbInfoItem.EdbInfoType)
 	button.AddButton = false
 	edbInfoItem.Button = button
-	edbInfoItem.HaveOperaAuth = true
+
+	// 权限校验
+	{
+		currClassify, err := data_manage.GetEdbClassifyById(edbInfoItem.EdbInfoId)
+		if err != nil && err.Error() != utils.ErrNoRow() {
+			br.Msg = "获取失败"
+			br.ErrMsg = "获取当前分类信息失败，Err:" + err.Error()
+			return
+		}
+		if currClassify != nil {
+			haveOperaAuth, err := data.CheckEdbPermission(edbInfoItem.IsJoinPermission, currClassify.IsJoinPermission, this.SysUser.AdminId, edbInfoItem.EdbInfoId, edbInfoItem.ClassifyId)
+			if err != nil {
+				br.Msg = err.Error()
+				br.ErrMsg = "校验指标权限失败，err:" + err.Error()
+				return
+			}
+			edbInfoItem.HaveOperaAuth = haveOperaAuth
+		}
+	}
 
 	//是否展示英文标识
 	edbInfoItem.IsEnEdb = data.CheckIsEnEdb(edbInfoItem.EdbNameEn, edbInfoItem.Unit, edbInfoItem.UnitEn)
@@ -3135,9 +3153,42 @@ func (this *EdbInfoController) EdbInfoFilterByEs() {
 
 	edbInfoListLen := len(edbInfoList)
 
+	classifyIdList := make([]int, 0)
 	for i := 0; i < edbInfoListLen; i++ {
 		edbInfoList[i].EdbNameAlias = edbInfoList[i].EdbName
-		edbInfoList[i].HaveOperaAuth = true
+		classifyIdList = append(classifyIdList, edbInfoList[i].ClassifyId)
+	}
+
+	// 当前列表中的分类map
+	classifyMap := make(map[int]*data_manage.EdbClassify)
+	if edbInfoListLen > 0 {
+		classifyList, err := data_manage.GetEdbClassifyByIdList(classifyIdList)
+		if err != nil {
+			if err != nil {
+				br.Msg = "获取失败"
+				br.ErrMsg = "获取分类列表失败，Err:" + err.Error()
+				return
+			}
+		}
+
+		for _, v := range classifyList {
+			classifyMap[v.ClassifyId] = v
+		}
+
+		// 获取所有有权限的指标和分类
+		permissionEdbIdList, permissionClassifyIdList, err := data.GetUserEdbAndClassifyPermissionList(this.SysUser.AdminId, 0, 0)
+		if err != nil {
+			br.Msg = "获取失败"
+			br.ErrMsg = "获取所有有权限的指标和分类失败，Err:" + err.Error()
+			return
+		}
+
+		for i := 0; i < edbInfoListLen; i++ {
+			tmpEdbInfo := edbInfoList[i]
+			if currClassify, ok := classifyMap[tmpEdbInfo.ClassifyId]; ok {
+				edbInfoList[i].HaveOperaAuth = data.CheckEdbPermissionByPermissionIdList(tmpEdbInfo.IsJoinPermission, currClassify.IsJoinPermission, tmpEdbInfo.EdbInfoId, tmpEdbInfo.ClassifyId, permissionEdbIdList, permissionClassifyIdList)
+			}
+		}
 	}
 
 	for i := 0; i < edbInfoListLen; i++ {
@@ -3367,6 +3418,11 @@ func (this *ChartInfoController) EdbInfoData() {
 		br.Ret = 408
 		return
 	}
+
+	fullEdb := new(data_manage.EdbInfoFullClassify)
+	resp := new(data_manage.EdbInfoDataFullClassifyResp)
+	dataList := make([]*data_manage.EdbDataList, 0)
+
 	edbInfoId, _ := this.GetInt("EdbInfoId")
 	if edbInfoId <= 0 {
 		br.Msg = "参数错误"
@@ -3396,21 +3452,8 @@ func (this *ChartInfoController) EdbInfoData() {
 		br.ErrMsg = "获取失败,Err:" + err.Error()
 		return
 	}
-	maxYear := 0
-	if edbInfo.LatestDate != "" {
-		latestDateT, _ := time.Parse(utils.FormatDate, edbInfo.LatestDate)
-		maxYear = latestDateT.Year()
-	}
-	dataList := make([]*data_manage.EdbDataList, 0)
-	startDate, endDate = utils.GetDateByDateTypeV2(dateType, startDate, endDate, startYear, maxYear)
-	dataList, err = data_manage.GetEdbDataList(edbInfo.Source, edbInfo.SubSource, edbInfoId, startDate, endDate)
-	if err != nil {
-		br.Msg = "获取失败"
-		br.ErrMsg = "获取失败,Err:" + err.Error()
-		return
-	}
-	fullEdb := new(data_manage.EdbInfoFullClassify)
-	resp := new(data_manage.EdbInfoDataFullClassifyResp)
+
+	// 分类
 	classifyList, err, errMsg := data.GetFullClassifyByClassifyId(edbInfo.ClassifyId)
 	if err != nil {
 		br.Msg = err.Error()
@@ -3419,9 +3462,41 @@ func (this *ChartInfoController) EdbInfoData() {
 	}
 	fullEdb.EdbInfo = edbInfo
 	fullEdb.ClassifyList = classifyList
-	fullEdb.HaveOperaAuth = true
+
+	var currClassifyItem *data_manage.EdbClassifyIdItems
+	for _, v := range classifyList {
+		if v.ClassifyId == edbInfo.ClassifyId {
+			currClassifyItem = v
+		}
+	}
+	if currClassifyItem != nil {
+		haveOperaAuth, err := data.CheckEdbPermission(edbInfo.IsJoinPermission, currClassifyItem.IsJoinPermission, sysUser.AdminId, edbInfo.EdbInfoId, edbInfo.ClassifyId)
+		if err != nil {
+			br.Msg = err.Error()
+			br.ErrMsg = "校验指标权限失败，err:" + err.Error()
+			return
+		}
+		fullEdb.HaveOperaAuth = haveOperaAuth
+	}
 	resp.EdbInfo = fullEdb
-	resp.DataList = dataList
+
+	// 数据获取
+	if fullEdb.HaveOperaAuth { // 有权限才获取数据
+		maxYear := 0
+		if edbInfo.LatestDate != "" {
+			latestDateT, _ := time.Parse(utils.FormatDate, edbInfo.LatestDate)
+			maxYear = latestDateT.Year()
+		}
+		startDate, endDate = utils.GetDateByDateTypeV2(dateType, startDate, endDate, startYear, maxYear)
+		dataList, err = data_manage.GetEdbDataList(edbInfo.Source, edbInfo.SubSource, edbInfoId, startDate, endDate)
+		if err != nil {
+			br.Msg = "获取失败"
+			br.ErrMsg = "获取失败,Err:" + err.Error()
+			return
+		}
+
+		resp.DataList = dataList
+	}
 	br.Ret = 200
 	br.Success = true
 	br.Msg = "获取成功"
@@ -4526,9 +4601,42 @@ func (this *EdbInfoController) AllEdbInfoByEs() {
 
 	edbInfoListLen := len(edbInfoList)
 
+	classifyIdList := make([]int, 0)
 	for i := 0; i < edbInfoListLen; i++ {
 		edbInfoList[i].EdbNameAlias = edbInfoList[i].EdbName
-		edbInfoList[i].HaveOperaAuth = true
+		classifyIdList = append(classifyIdList, edbInfoList[i].ClassifyId)
+	}
+
+	// 当前列表中的分类map
+	classifyMap := make(map[int]*data_manage.EdbClassify)
+	if edbInfoListLen > 0 {
+		classifyList, err := data_manage.GetEdbClassifyByIdList(classifyIdList)
+		if err != nil {
+			if err != nil {
+				br.Msg = "获取失败"
+				br.ErrMsg = "获取分类列表失败，Err:" + err.Error()
+				return
+			}
+		}
+
+		for _, v := range classifyList {
+			classifyMap[v.ClassifyId] = v
+		}
+
+		// 获取所有有权限的指标和分类
+		permissionEdbIdList, permissionClassifyIdList, err := data.GetUserEdbAndClassifyPermissionList(this.SysUser.AdminId, 0, 0)
+		if err != nil {
+			br.Msg = "获取失败"
+			br.ErrMsg = "获取所有有权限的指标和分类失败，Err:" + err.Error()
+			return
+		}
+
+		for i := 0; i < edbInfoListLen; i++ {
+			tmpEdbInfo := edbInfoList[i]
+			if currClassify, ok := classifyMap[tmpEdbInfo.ClassifyId]; ok {
+				edbInfoList[i].HaveOperaAuth = data.CheckEdbPermissionByPermissionIdList(tmpEdbInfo.IsJoinPermission, currClassify.IsJoinPermission, tmpEdbInfo.EdbInfoId, tmpEdbInfo.ClassifyId, permissionEdbIdList, permissionClassifyIdList)
+			}
+		}
 	}
 
 	for i := 0; i < edbInfoListLen; i++ {
@@ -5051,10 +5159,43 @@ func (this *EdbInfoController) EdbChartList() {
 	if len(list) == 0 {
 		list = make([]*data_manage.EdbInfoList, 0)
 	} else {
+		classifyIdList := make([]int, 0)
 		for _, v := range list {
-			v.HaveOperaAuth = true
+			classifyIdList = append(classifyIdList, v.ClassifyId)
 			v.Button = data.GetEdbOpButton(sysUser, v.SysUserId, v.EdbType, v.EdbInfoType)
 		}
+
+		// 指标权限
+		{
+			// 当前的分类
+			classifyMap := make(map[int]*data_manage.EdbClassify)
+			classifyList, err := data_manage.GetEdbClassifyByIdList(classifyIdList)
+			if err != nil {
+				if err != nil {
+					br.Msg = "获取失败"
+					br.ErrMsg = "获取分类列表失败，Err:" + err.Error()
+					return
+				}
+			}
+
+			for _, v := range classifyList {
+				classifyMap[v.ClassifyId] = v
+			}
+
+			// 获取所有有权限的指标和分类
+			permissionEdbIdList, permissionClassifyIdList, err := data.GetUserEdbAndClassifyPermissionList(this.SysUser.AdminId, 0, 0)
+			if err != nil {
+				br.Msg = "获取失败"
+				br.ErrMsg = "获取所有有权限的指标和分类失败，Err:" + err.Error()
+				return
+			}
+
+			for _, v := range list {
+				if currClassify, ok := classifyMap[v.ClassifyId]; ok {
+					v.HaveOperaAuth = data.CheckEdbPermissionByPermissionIdList(v.IsJoinPermission, currClassify.IsJoinPermission, v.EdbInfoId, v.ClassifyId, permissionEdbIdList, permissionClassifyIdList)
+				}
+			}
+		}
 		page = paging.GetPaging(currentIndex, pageSize, int(dataCount))
 	}
 

controllers/data_manage/edb_info_calculate.go

@@ -237,7 +237,6 @@ func (this *ChartInfoController) CalculateDetail() {
 		return
 	}
 
-	fullEdb.HaveOperaAuth = true
 	fullEdb.EdbInfo = edbInfo
 	fullEdb.ClassifyList = classifyList
 
@@ -251,12 +250,11 @@ func (this *ChartInfoController) CalculateDetail() {
 		haveOperaAuth, err := data.CheckEdbPermission(edbInfo.IsJoinPermission, currClassifyItem.IsJoinPermission, sysUser.AdminId, edbInfo.EdbInfoId, edbInfo.ClassifyId)
 		if err != nil {
 			br.Msg = err.Error()
-			br.ErrMsg = errMsg
+			br.ErrMsg = "校验指标权限失败，err:" + err.Error()
 			return
 		}
 		fullEdb.HaveOperaAuth = haveOperaAuth
 	}
-	//HaveOperaAuth,err
 
 	// 拟合残差计算相关系数
 	if fullEdb.HaveOperaAuth && edbInfo.Source == utils.DATA_SOURCE_CALCULATE_NHCC {

models/data_manage/edb_classify.go

@@ -557,3 +557,21 @@ func GetEdbClassifyByParentIdAndName(parentId int, classifyName string, classify
 	err = o.Raw(sql, parentId, classifyName, classifyId).QueryRow(&item)
 	return
 }
+
+// GetEdbClassifyByIdList
+// @Description: 根据分类id列表获取分类列表
+// @author: Roc
+// @datetime 2024-03-29 10:30:21
+// @param classifyId int
+// @return item *EdbClassify
+// @return err error
+func GetEdbClassifyByIdList(classifyIdList []int) (item []*EdbClassify, err error) {
+	num := len(classifyIdList)
+	if num <= 0 {
+		return
+	}
+	o := orm.NewOrmUsingDB("data")
+	sql := `SELECT * FROM edb_classify WHERE classify_id in (` + utils.GetOrmInReplace(num) + `) `
+	_, err = o.Raw(sql, classifyIdList).QueryRows(&item)
+	return
+}

models/data_manage/edb_info.go

@@ -354,6 +354,7 @@ type EdbInfoList struct {
 	IndicatorCode    string                  `description:"指标代码"`
 	StockCode        string                  `description:"证券代码"`
 	NoUpdate         int8                    `description:"是否停止更新，0：继续更新；1：停止更新"`
+	IsJoinPermission int                     `description:"是否加入权限管控，0：不加入；1：加入；默认：0"`
 	HaveOperaAuth    bool                    `description:"是否有数据权限，默认：false"`
 }