package data_manage_permission import ( "eta/eta_api/utils" "fmt" "github.com/beego/beego/v2/client/orm" "strconv" "time" ) // EdbInfoPermission // @Description: 指标权限表 type EdbInfoPermission struct { EdbInfoPermissionId int64 `json:"edb_info_permission_id" orm:"column(edb_info_permission_id);pk"` EdbInfoId int32 `json:"edb_info_id"` // 指标id EdbInfoType int32 `json:"edb_info_type"` // 指标类型,0:普通指标,1:预测指标 SysUserId int32 `json:"sys_user_id"` // 系统用户id ModifyTime time.Time `json:"modify_time"` // 变更时间 CreateTime time.Time `json:"create_time"` // 关系建立时间 } // EdbClassifyPermission // @Description: 指标分类权限表 type EdbClassifyPermission struct { EdbClassifyPermissionId int64 `json:"edb_classify_permission_id" orm:"column(edb_classify_permission_id);pk"` EdbClassifyId int32 `json:"edb_classify_id"` // 分类id EdbClassifyType int32 `json:"edb_classify_type"` // 分类类型,0:普通指标分类,1:预测指标分类 SysUserId int32 `json:"sys_user_id"` // 系统用户id ModifyTime time.Time `json:"modify_time"` // 变更时间 CreateTime time.Time `json:"create_time"` // 关系建立时间 } // SetIsPermissionEdbChartByEdbClassifyIdList // @Description: 设置指标分类是否涉密 // @author: Roc // @datetime 2024-03-27 14:15:42 // @param classifyIdList []int func SetIsPermissionEdbChartByEdbClassifyIdList(classifyIdList []int, classifyType int) (err error) { num := len(classifyIdList) if num <= 0 { return } o, err := orm.NewOrmUsingDB("data").Begin() if err != nil { return } defer func() { if err != nil { _ = o.Rollback() } else { _ = o.Commit() } }() //// 获取已经配置涉密的分类权限 //edbClassifyList := make([]*EdbClassify, 0) //sql := `SELECT * FROM edb_classify WHERE is_join_permission = ? ` //_, err = o.Raw(sql, 1).QueryRows(&edbClassifyList) //if err != nil { // return //} //edbClassifyMap := make(map[int]*EdbClassify) //for _, v := range edbClassifyList { // edbClassifyMap[v.ClassifyId] = v //} // 先将所有已经设置了涉密的分类设置为不涉密 sql := `UPDATE edb_classify SET is_join_permission=?,modify_time=now() WHERE is_join_permission = 1 AND classify_type = ?` _, err = o.Raw(sql, 0, classifyType).Exec() if err != nil { return } if len(classifyIdList) > 0 { // 将对应的分类设置为涉密 sql = `UPDATE edb_classify SET is_join_permission=?,modify_time=now() WHERE classify_type = ? AND classify_id in (` + utils.GetOrmInReplace(num) + `) ` _, err = o.Raw(sql, 1, classifyType, classifyIdList).Exec() if err != nil { return } } return } // SetPermissionByEdbIdList // @Description: 根据指标ID列表设置指标的用户权限 // @author: Roc // @datetime 2024-03-27 14:03:42 // @param edbIdList []string // @param userIdList []int // @param chartInfoType int // @return err error func SetPermissionByEdbIdList(edbIdList []string, userIdList []int, edbInfoType int) (err error) { edbNum := len(edbIdList) if edbNum <= 0 { return } o, err := orm.NewOrmUsingDB("data").Begin() if err != nil { return } defer func() { if err != nil { _ = o.Rollback() } else { _ = o.Commit() } }() // 获取已经配置的指标权限用户 edbInfoPermissionList := make([]*EdbInfoPermission, 0) sql := `SELECT * FROM edb_info_permission WHERE edb_info_type = ? AND edb_info_id in (` + utils.GetOrmInReplace(edbNum) + `) ` _, err = o.Raw(sql, edbInfoType, edbIdList).QueryRows(&edbInfoPermissionList) if err != nil { return } edbInfoPermissionMap := make(map[string]*EdbInfoPermission) for _, v := range edbInfoPermissionList { edbInfoPermissionMap[fmt.Sprint(v.EdbInfoId, "_", v.SysUserId)] = v } // 标记指标是否纳入权限管控 { // 默认 标记指标为纳入权限管控 isJoinPermission := 1 // 用户不选的情况下,说明是要给这些指标移除权限管控 if len(userIdList) <= 0 { // 标记指标为不纳入权限管控 isJoinPermission = 0 } sql = `UPDATE edb_info SET is_join_permission=?,modify_time=now() WHERE edb_info_type = ? AND edb_info_id in (` + utils.GetOrmInReplace(edbNum) + `) ` _, err = o.Raw(sql, isJoinPermission, edbInfoType, edbIdList).Exec() if err != nil { return } } // 待添加的配置项 addList := make([]*EdbInfoPermission, 0) // 遍历待配置的指标和用户,筛选出需要添加的配置项 for _, edbInfoIdStr := range edbIdList { edbInfoId, tmpErr := strconv.ParseInt(edbInfoIdStr, 10, 64) if tmpErr != nil { err = tmpErr return } for _, userId := range userIdList { key := fmt.Sprint(edbInfoId, "_", userId) if _, ok := edbInfoPermissionMap[key]; ok { // 如果存在那么就移除,说明不需要处理了 delete(edbInfoPermissionMap, key) } else { // 如果不存在,那么就添加 addList = append(addList, &EdbInfoPermission{ //PermissionId: 0, EdbInfoId: int32(edbInfoId), SysUserId: int32(userId), EdbInfoType: int32(edbInfoType), ModifyTime: time.Now(), CreateTime: time.Now(), }) } } } // 添加待配置项 if len(addList) > 0 { _, err = o.InsertMulti(500, addList) if err != nil { return } } // 移除废弃的配置项 { // 待移除的配置项 deletePermissionIdList := make([]int64, 0) for _, v := range edbInfoPermissionMap { deletePermissionIdList = append(deletePermissionIdList, v.EdbInfoPermissionId) } deletePermissionIdNum := len(deletePermissionIdList) if deletePermissionIdNum > 0 { sql = "DELETE FROM edb_info_permission WHERE edb_info_permission_id in (" + utils.GetOrmInReplace(deletePermissionIdNum) + ")" _, err = o.Raw(sql, deletePermissionIdList).Exec() if err != nil { return } } } return } // SetPermissionByEdbClassifyIdList // @Description: 根据指标分类ID列表设置分类的用户权限 // @author: Roc // @datetime 2024-03-28 14:53:04 // @param classifyIdList []int // @param userIdList []int // @return err error func SetPermissionByEdbClassifyIdList(classifyIdList []int, userIdList []int, classifyType int) (err error) { userNum := len(userIdList) if userNum <= 0 { return } o, err := orm.NewOrmUsingDB("data").Begin() if err != nil { return } defer func() { if err != nil { _ = o.Rollback() } else { _ = o.Commit() } }() // 获取当前选择用户已经配置的指标分类权限 classifyPermissionList := make([]*EdbClassifyPermission, 0) sql := `SELECT * FROM edb_classify_permission WHERE edb_classify_type = ? AND sys_user_id in (` + utils.GetOrmInReplace(userNum) + `) ` _, err = o.Raw(sql, classifyType, userIdList).QueryRows(&classifyPermissionList) if err != nil { return } classifyPermissionMap := make(map[string]*EdbClassifyPermission) for _, v := range classifyPermissionList { classifyPermissionMap[fmt.Sprint(v.EdbClassifyId, "_", v.SysUserId)] = v } // 待添加的配置项 addList := make([]*EdbClassifyPermission, 0) // 遍历待配置的指标和用户,筛选出需要添加的配置项 for _, userId := range userIdList { for _, classifyId := range classifyIdList { key := fmt.Sprint(classifyId, "_", userId) if _, ok := classifyPermissionMap[key]; ok { // 如果存在那么就移除,说明不需要处理了 delete(classifyPermissionMap, key) } else { // 如果不存在,那么就提那家 addList = append(addList, &EdbClassifyPermission{ //PermissionId: 0, EdbClassifyId: int32(classifyId), EdbClassifyType: int32(classifyType), SysUserId: int32(userId), ModifyTime: time.Now(), CreateTime: time.Now(), }) } } } // 添加待配置项 if len(addList) > 0 { _, err = o.InsertMulti(500, addList) if err != nil { return } } // 移除废弃的配置项 { // 获取移除的配置项 deletePermissionIdList := make([]int64, 0) for _, v := range classifyPermissionMap { deletePermissionIdList = append(deletePermissionIdList, v.EdbClassifyPermissionId) } deletePermissionIdNum := len(deletePermissionIdList) if deletePermissionIdNum > 0 { sql = "DELETE FROM edb_classify_permission WHERE edb_classify_permission_id in (" + utils.GetOrmInReplace(deletePermissionIdNum) + ")" _, err = o.Raw(sql, deletePermissionIdList).Exec() if err != nil { return } } } return } // GetPermissionEdbClassifyIdListByUserId // @Description: 根据用户ID获取已经配置的分类id列表 // @author: Roc // @datetime 2024-03-29 16:24:46 // @param userId int // @param classifyType int // @return edbClassifyIdList []int // @return err error func GetPermissionEdbClassifyIdListByUserId(userId int, classifyType int) (edbClassifyIdList []int, err error) { o := orm.NewOrmUsingDB("data") sql := `SELECT edb_classify_id FROM edb_classify_permission WHERE edb_classify_type = ? AND sys_user_id = ? ` _, err = o.Raw(sql, classifyType, userId).QueryRows(&edbClassifyIdList) return } // GetPermissionEdbIdListByDataId // @Description: 根据资产(指标、图表、表格)ID获取已经配置的用户id列表 // @author: Roc // @datetime 2024-03-29 16:24:46 // @param dataId int // @param edbInfoType int // @return edbIdList []int // @return err error func GetPermissionEdbIdListByDataId(dataId int, edbInfoType int) (edbIdList []int, err error) { o := orm.NewOrmUsingDB("data") sql := `SELECT sys_user_id FROM edb_info_permission WHERE edb_info_type = ? AND edb_info_id= ? ` _, err = o.Raw(sql, edbInfoType, dataId).QueryRows(&edbIdList) return } // GetPermissionEdbIdList // @Description: 获取用户权限的指标列表 // @author: Roc // @datetime 2024-03-28 16:50:47 // @param userId int // @param edbInfoId int // @return idList []int // @return err error func GetPermissionEdbIdList(userId, edbInfoId int) (idList []int, err error) { pars := []interface{}{userId} o := orm.NewOrmUsingDB("data") sql := `SELECT edb_info_id FROM edb_info_permission WHERE sys_user_id = ? ` if edbInfoId > 0 { sql += ` AND edb_info_id = ? ` pars = append(pars, edbInfoId) } _, err = o.Raw(sql, pars).QueryRows(&idList) return } // GetPermissionEdbClassifyIdList // @Description: 获取用户权限的指标分类列表 // @author: Roc // @datetime 2024-03-28 16:50:47 // @param userId int // @param classifyId int // @return idList []int // @return err error func GetPermissionEdbClassifyIdList(userId, classifyId int) (idList []int, err error) { pars := []interface{}{userId} o := orm.NewOrmUsingDB("data") sql := `SELECT edb_classify_id FROM edb_classify_permission WHERE sys_user_id = ? ` if classifyId > 0 { sql += ` AND edb_classify_id = ? ` pars = append(pars, classifyId) } _, err = o.Raw(sql, pars).QueryRows(&idList) return } // InheritParentClassifyByEdbClassifyId // @Description: 继承父级分类的指标权限信息 // @author: Roc // @datetime 2024-04-07 21:02:51 // @param source int // @param classifyType int // @param classifyId int // @param parentClassifyId int // @param classifyName string // @param uniqueCode string // @return err error func InheritParentClassifyByEdbClassifyId(source, classifyType, classifyId, parentClassifyId int, classifyName, uniqueCode string) (err error) { o, err := orm.NewOrmUsingDB("data").Begin() if err != nil { return } defer func() { if err != nil { _ = o.Rollback() } else { _ = o.Commit() } }() // 将对应的分类设置为涉密 sql := `UPDATE edb_classify SET is_join_permission=?,modify_time=now() WHERE classify_type = ? AND classify_id = ? ` _, err = o.Raw(sql, 1, classifyType, classifyId).Exec() if err != nil { return } // 添加未授权记录 { // 获取父级未授权的用户记录 var parentRecordItems []*DataPermissionClassifyNoAuthRecord sql = `SELECT * FROM data_permission_classify_no_auth_record WHERE classify_id = ? AND source = ? AND sub_source = ? ORDER BY data_permission_classify_no_auth_record_id desc LIMIT ?,? ` _, err = o.Raw(sql, parentClassifyId, source, classifyType).QueryRows(&parentRecordItems) addNoAuthRecordItems := make([]*DataPermissionClassifyNoAuthRecord, 0) for _, v := range parentRecordItems { addNoAuthRecordItems = append(addNoAuthRecordItems, &DataPermissionClassifyNoAuthRecord{ DataPermissionClassifyNoAuthRecordId: 0, Source: v.Source, SubSource: v.SubSource, OpUniqueCode: uniqueCode, ClassifyId: fmt.Sprint(classifyId), ClassifyName: classifyName, SysUserId: v.SysUserId, CreateTime: time.Now(), }) } // 添加待配置项 if len(addNoAuthRecordItems) > 0 { _, err = o.InsertMulti(500, addNoAuthRecordItems) if err != nil { return } } } // 添加授权记录 { // 获取父级分类已经授权的用户 parentClassifyPermissionList := make([]*EdbClassifyPermission, 0) sql = `SELECT * FROM edb_classify_permission WHERE edb_classify_type = ? AND edb_classify_id = ? ` _, err = o.Raw(sql, classifyType, parentClassifyId).QueryRows(&parentClassifyPermissionList) if err != nil { return } addList := make([]*EdbClassifyPermission, 0) for _, v := range parentClassifyPermissionList { // 如果不存在,那么就提那家 addList = append(addList, &EdbClassifyPermission{ //PermissionId: 0, EdbClassifyId: int32(classifyId), EdbClassifyType: int32(classifyType), SysUserId: v.SysUserId, ModifyTime: time.Now(), CreateTime: time.Now(), }) } // 添加待配置项 if len(addList) > 0 { _, err = o.InsertMulti(500, addList) if err != nil { return } } } return }