package data_manage_permission import ( "eta/eta_api/utils" "fmt" "github.com/beego/beego/v2/client/orm" "strconv" "time" ) // EdbInfoPermission // @Description: 指标权限表 type EdbInfoPermission struct { EdbInfoPermissionId int64 `json:"edb_info_permission_id" orm:"column(edb_info_permission_id);pk"` EdbInfoId int32 `json:"edb_info_id"` // 指标id EdbInfoType int32 `json:"edb_info_type"` // 指标类型,0:普通指标,1:预测指标 SysUserId int32 `json:"sys_user_id"` // 系统用户id ModifyTime time.Time `json:"modify_time"` // 变更时间 CreateTime time.Time `json:"create_time"` // 关系建立时间 } // EdbClassifyPermission // @Description: 指标分类权限表 type EdbClassifyPermission struct { EdbClassifyPermissionId int64 `json:"edb_classify_permission_id" orm:"column(edb_classify_permission_id);pk"` EdbClassifyId int32 `json:"edb_classify_id"` // 分类id EdbClassifyType int32 `json:"edb_classify_type"` // 分类类型,0:普通指标分类,1:预测指标分类 SysUserId int32 `json:"sys_user_id"` // 系统用户id ModifyTime time.Time `json:"modify_time"` // 变更时间 CreateTime time.Time `json:"create_time"` // 关系建立时间 } // SetIsPermissionEdbChartByEdbClassifyIdList // @Description: 设置指标分类是否涉密 // @author: Roc // @datetime 2024-03-27 14:15:42 // @param classifyIdList []int func SetIsPermissionEdbChartByEdbClassifyIdList(classifyIdList []int, classifyType int) (err error) { num := len(classifyIdList) o, err := orm.NewOrmUsingDB("data").Begin() if err != nil { return } defer func() { if err != nil { _ = o.Rollback() } else { _ = o.Commit() } }() //// 获取已经配置涉密的分类权限 //edbClassifyList := make([]*EdbClassify, 0) //sql := `SELECT * FROM edb_classify WHERE is_join_permission = ? ` //_, err = o.Raw(sql, 1).QueryRows(&edbClassifyList) //if err != nil { // return //} //edbClassifyMap := make(map[int]*EdbClassify) //for _, v := range edbClassifyList { // edbClassifyMap[v.ClassifyId] = v //} // 先将所有已经设置了涉密的分类设置为不涉密 sql := `UPDATE edb_classify SET is_join_permission=?,modify_time=now() WHERE is_join_permission = 1 AND classify_type = ?` _, err = o.Raw(sql, 0, classifyType).Exec() if err != nil { return } if num > 0 { // 将对应的分类设置为涉密 sql = `UPDATE edb_classify SET is_join_permission=?,modify_time=now() WHERE classify_type = ? AND classify_id in (` + utils.GetOrmInReplace(num) + `) ` _, err = o.Raw(sql, 1, classifyType, classifyIdList).Exec() if err != nil { return } } return } // SetPermissionByEdbIdList // @Description: 根据指标ID列表设置指标的用户权限 // @author: Roc // @datetime 2024-03-27 14:03:42 // @param edbIdList []string // @param userIdList []int // @param chartInfoType int // @return err error func SetPermissionByEdbIdList(edbIdList []string, userIdList []int, edbInfoType int) (err error) { edbNum := len(edbIdList) if edbNum <= 0 { return } o, err := orm.NewOrmUsingDB("data").Begin() if err != nil { return } defer func() { if err != nil { _ = o.Rollback() } else { _ = o.Commit() } }() // 获取已经配置的指标权限用户 edbInfoPermissionList := make([]*EdbInfoPermission, 0) // 定义批次大小 batchSize := 500 var sql string for i := 0; i < edbNum; i += batchSize { // 确定当前批次的结束索引 end := i + batchSize if end > edbNum { end = edbNum } // 获取当前批次的 ID 列表 batch := edbIdList[i:end] // 生成批次查询 SQL sql = `SELECT * FROM edb_info_permission WHERE edb_info_type = ? AND edb_info_id in (` + utils.GetOrmInReplace(len(batch)) + `)` // 执行查询 var batchResult []*EdbInfoPermission _, err = o.Raw(sql, edbInfoType, batch).QueryRows(&batchResult) if err != nil { return } // 将批次结果追加到总列表中 edbInfoPermissionList = append(edbInfoPermissionList, batchResult...) } edbInfoPermissionMap := make(map[string]*EdbInfoPermission) for _, v := range edbInfoPermissionList { edbInfoPermissionMap[fmt.Sprint(v.EdbInfoId, "_", v.SysUserId)] = v } // 标记指标是否纳入权限管控 { // 默认 标记指标为纳入权限管控 isJoinPermission := 1 // 用户不选的情况下,说明是要给这些指标移除权限管控 if len(userIdList) <= 0 { // 标记指标为不纳入权限管控 isJoinPermission = 0 } sql = `UPDATE edb_info SET is_join_permission=?,modify_time=now() WHERE edb_info_type = ? AND edb_info_id in (` + utils.GetOrmInReplace(edbNum) + `) ` _, err = o.Raw(sql, isJoinPermission, edbInfoType, edbIdList).Exec() if err != nil { return } } // 待添加的配置项 addList := make([]*EdbInfoPermission, 0) // 遍历待配置的指标和用户,筛选出需要添加的配置项 for _, edbInfoIdStr := range edbIdList { edbInfoId, tmpErr := strconv.ParseInt(edbInfoIdStr, 10, 64) if tmpErr != nil { err = tmpErr return } for _, userId := range userIdList { key := fmt.Sprint(edbInfoId, "_", userId) if _, ok := edbInfoPermissionMap[key]; ok { // 如果存在那么就移除,说明不需要处理了 delete(edbInfoPermissionMap, key) } else { // 如果不存在,那么就添加 addList = append(addList, &EdbInfoPermission{ //PermissionId: 0, EdbInfoId: int32(edbInfoId), SysUserId: int32(userId), EdbInfoType: int32(edbInfoType), ModifyTime: time.Now(), CreateTime: time.Now(), }) } } } // 添加待配置项 if len(addList) > 0 { _, err = o.InsertMulti(500, addList) if err != nil { return } } // 移除废弃的配置项 { // 待移除的配置项 deletePermissionIdList := make([]int64, 0) for _, v := range edbInfoPermissionMap { deletePermissionIdList = append(deletePermissionIdList, v.EdbInfoPermissionId) } deletePermissionIdNum := len(deletePermissionIdList) if deletePermissionIdNum > 0 { sql = "DELETE FROM edb_info_permission WHERE edb_info_permission_id in (" + utils.GetOrmInReplace(deletePermissionIdNum) + ")" _, err = o.Raw(sql, deletePermissionIdList).Exec() if err != nil { return } } } return } // SetPermissionByEdbClassifyIdList // @Description: 根据指标分类ID列表设置分类的用户权限 // @author: Roc // @datetime 2024-03-28 14:53:04 // @param classifyIdList []int // @param userIdList []int // @return err error func SetPermissionByEdbClassifyIdList(classifyIdList []int, userIdList []int, classifyType int) (err error) { userNum := len(userIdList) if userNum <= 0 { return } o, err := orm.NewOrmUsingDB("data").Begin() if err != nil { return } defer func() { if err != nil { _ = o.Rollback() } else { _ = o.Commit() } }() // 获取当前选择用户已经配置的指标分类权限 classifyPermissionList := make([]*EdbClassifyPermission, 0) sql := `SELECT * FROM edb_classify_permission WHERE edb_classify_type = ? AND sys_user_id in (` + utils.GetOrmInReplace(userNum) + `) ` _, err = o.Raw(sql, classifyType, userIdList).QueryRows(&classifyPermissionList) if err != nil { return } classifyPermissionMap := make(map[string]*EdbClassifyPermission) for _, v := range classifyPermissionList { classifyPermissionMap[fmt.Sprint(v.EdbClassifyId, "_", v.SysUserId)] = v } // 待添加的配置项 addList := make([]*EdbClassifyPermission, 0) // 遍历待配置的指标和用户,筛选出需要添加的配置项 for _, userId := range userIdList { for _, classifyId := range classifyIdList { key := fmt.Sprint(classifyId, "_", userId) if _, ok := classifyPermissionMap[key]; ok { // 如果存在那么就移除,说明不需要处理了 delete(classifyPermissionMap, key) } else { // 如果不存在,那么就提那家 addList = append(addList, &EdbClassifyPermission{ //PermissionId: 0, EdbClassifyId: int32(classifyId), EdbClassifyType: int32(classifyType), SysUserId: int32(userId), ModifyTime: time.Now(), CreateTime: time.Now(), }) } } } // 添加待配置项 if len(addList) > 0 { _, err = o.InsertMulti(500, addList) if err != nil { return } } // 移除废弃的配置项 { // 获取移除的配置项 deletePermissionIdList := make([]int64, 0) for _, v := range classifyPermissionMap { deletePermissionIdList = append(deletePermissionIdList, v.EdbClassifyPermissionId) } deletePermissionIdNum := len(deletePermissionIdList) if deletePermissionIdNum > 0 { sql = "DELETE FROM edb_classify_permission WHERE edb_classify_permission_id in (" + utils.GetOrmInReplace(deletePermissionIdNum) + ")" _, err = o.Raw(sql, deletePermissionIdList).Exec() if err != nil { return } } } return } // GetPermissionEdbClassifyIdListByUserId // @Description: 根据用户ID获取已经配置的分类id列表 // @author: Roc // @datetime 2024-03-29 16:24:46 // @param userId int // @param classifyType int // @return edbClassifyIdList []int // @return err error func GetPermissionEdbClassifyIdListByUserId(userId int, classifyType int) (edbClassifyIdList []int, err error) { o := orm.NewOrmUsingDB("data") sql := `SELECT edb_classify_id FROM edb_classify_permission WHERE edb_classify_type = ? AND sys_user_id = ? ` _, err = o.Raw(sql, classifyType, userId).QueryRows(&edbClassifyIdList) return } // GetPermissionUserIdListByEdbId // @Description: 根据指标ID获取已经配置的用户id列表 // @author: Roc // @datetime 2024-03-29 16:24:46 // @param dataId int // @param edbInfoType int // @return userIdList []int // @return err error func GetPermissionUserIdListByEdbId(dataId int, edbInfoType int) (userIdList []int, err error) { o := orm.NewOrmUsingDB("data") sql := `SELECT sys_user_id FROM edb_info_permission WHERE edb_info_type = ? AND edb_info_id= ? ` _, err = o.Raw(sql, edbInfoType, dataId).QueryRows(&userIdList) return } // GetPermissionUserIdListByEdbClassifyId // @Description: 根据指标分类ID获取已经配置的用户id列表 // @author: Roc // @datetime 2024-03-29 16:24:46 // @param classifyId int // @param edbClassifyType int // @return userIdList []int // @return err error func GetPermissionUserIdListByEdbClassifyId(classifyId int, edbClassifyType int) (userIdList []int, err error) { o := orm.NewOrmUsingDB("data") sql := `SELECT sys_user_id FROM edb_classify_permission WHERE edb_classify_type = ? AND edb_classify_id= ? ` _, err = o.Raw(sql, edbClassifyType, classifyId).QueryRows(&userIdList) return } // GetPermissionEdbIdList // @Description: 获取用户权限的指标列表 // @author: Roc // @datetime 2024-03-28 16:50:47 // @param userId int // @param edbInfoId int // @return idList []int // @return err error func GetPermissionEdbIdList(userId, edbInfoId int) (idList []int, err error) { pars := []interface{}{userId} o := orm.NewOrmUsingDB("data") sql := `SELECT edb_info_id FROM edb_info_permission WHERE sys_user_id = ? ` if edbInfoId > 0 { sql += ` AND edb_info_id = ? ` pars = append(pars, edbInfoId) } _, err = o.Raw(sql, pars).QueryRows(&idList) return } // GetPermissionEdbClassifyIdList // @Description: 获取用户权限的指标分类列表 // @author: Roc // @datetime 2024-03-28 16:50:47 // @param userId int // @param classifyId int // @return idList []int // @return err error func GetPermissionEdbClassifyIdList(userId, classifyId int) (idList []int, err error) { pars := []interface{}{userId} o := orm.NewOrmUsingDB("data") sql := `SELECT edb_classify_id FROM edb_classify_permission WHERE sys_user_id = ? ` if classifyId > 0 { sql += ` AND edb_classify_id = ? ` pars = append(pars, classifyId) } _, err = o.Raw(sql, pars).QueryRows(&idList) return } // InheritParentClassifyByEdbClassifyId // @Description: 继承父级分类的指标权限信息 // @author: Roc // @datetime 2024-04-07 21:02:51 // @param source int // @param classifyType int // @param classifyId int // @param parentClassifyId int // @param classifyName string // @param uniqueCode string // @return err error func InheritParentClassifyByEdbClassifyId(source, classifyType, classifyId, parentClassifyId int, classifyName, uniqueCode string) (err error) { o, err := orm.NewOrmUsingDB("data").Begin() if err != nil { return } defer func() { if err != nil { _ = o.Rollback() } else { _ = o.Commit() } }() // 将对应的分类设置为涉密 sql := `UPDATE edb_classify SET is_join_permission=?,modify_time=now() WHERE classify_type = ? AND classify_id = ? ` _, err = o.Raw(sql, 1, classifyType, classifyId).Exec() if err != nil { return } // 添加未授权记录 { // 获取父级未授权的用户记录 var parentRecordItems []*EdbInfoClassifyPermissionNoAuthRecord sql = `SELECT * FROM edb_info_classify_permission_no_auth_record WHERE classify_id = ? AND edb_classify_type = ? ORDER BY edb_info_classify_permission_no_auth_record_id desc LIMIT ?,? ` _, err = o.Raw(sql, parentClassifyId, source, classifyType).QueryRows(&parentRecordItems) addNoAuthRecordItems := make([]*EdbInfoClassifyPermissionNoAuthRecord, 0) for _, v := range parentRecordItems { addNoAuthRecordItems = append(addNoAuthRecordItems, &EdbInfoClassifyPermissionNoAuthRecord{ EdbInfoClassifyPermissionNoAuthRecordId: 0, EdbClassifyType: v.EdbClassifyType, OpUniqueCode: uniqueCode, ClassifyId: fmt.Sprint(classifyId), ClassifyName: classifyName, SysUserId: v.SysUserId, CreateTime: time.Now(), }) } // 添加待配置项 if len(addNoAuthRecordItems) > 0 { _, err = o.InsertMulti(500, addNoAuthRecordItems) if err != nil { return } } } // 添加授权记录 { // 获取父级分类已经授权的用户 parentClassifyPermissionList := make([]*EdbClassifyPermission, 0) sql = `SELECT * FROM edb_classify_permission WHERE edb_classify_type = ? AND edb_classify_id = ? ` _, err = o.Raw(sql, classifyType, parentClassifyId).QueryRows(&parentClassifyPermissionList) if err != nil { return } addList := make([]*EdbClassifyPermission, 0) for _, v := range parentClassifyPermissionList { // 如果不存在,那么就提那家 addList = append(addList, &EdbClassifyPermission{ //PermissionId: 0, EdbClassifyId: int32(classifyId), EdbClassifyType: int32(classifyType), SysUserId: v.SysUserId, ModifyTime: time.Now(), CreateTime: time.Now(), }) } // 添加待配置项 if len(addList) > 0 { _, err = o.InsertMulti(500, addList) if err != nil { return } } } return } // EdbInfoPermissionNoAuthRecord // @Description: 指标数据权限未授权记录表 type EdbInfoPermissionNoAuthRecord struct { EdbInfoPermissionNoAuthRecordId int64 `json:"edb_info_permission_no_auth_record_id" orm:"column(edb_info_permission_no_auth_record_id);pk"` // 资产数据操作记录id OpUniqueCode string `json:"op_unique_code"` // 操作的唯一编码,主要是记录统一操作的日志 EdbInfoType int32 `json:"edb_info_type"` // 指标类型,0:普通指标,1:预测指标 EdbInfoId int32 `json:"edb_info_id"` // 指标id EdbCode string `json:"edb_code"` // 指标编码 EdbName string `json:"edb_name"` // 指标名称 SysUserId int32 `json:"sys_user_id"` // 系统用户id CreateTime time.Time `json:"create_time"` // 创建时间 } // AddEdbInfoPermissionNoAuthRecordBySourceAndDataIdList // @Description: 添加未授权用户记录 // @author: Roc // @datetime 2024-04-07 15:25:49 // @param source int // @param edbInfoType int // @param dataList []DataItem // @param noAuthUserIdList []int 未授权用户 // @param authUserIdList []int 已授权用户 // @param uniqueCode // @param content string // @param opUserId int // @return err error func AddEdbInfoPermissionNoAuthRecordBySourceAndDataIdList(source, edbInfoType int, dataList []DataItem, noAuthUserIdList, authUserIdList []int, uniqueCode, title, content string, opUserId int) (err error) { num := len(dataList) if num <= 0 { return } dataIdList := make([]int, 0) for _, v := range dataList { dataIdList = append(dataIdList, v.DataId) } userNum := len(noAuthUserIdList) if userNum <= 0 { return } o, err := orm.NewOrmUsingDB("data").Begin() if err != nil { return } defer func() { if err != nil { _ = o.Rollback() } else { _ = o.Commit() } }() // 根据指标获取已经存在的未授权记录 var existList []*EdbInfoPermissionNoAuthRecord sql := `SELECT * FROM edb_info_permission_no_auth_record WHERE edb_info_type = ? AND edb_info_id in (` + utils.GetOrmInReplace(num) + `)` _, err = o.Raw(sql, edbInfoType, dataIdList).QueryRows(&existList) if err != nil { return } // 已经标记了的数据 existMap := make(map[int32]map[string]*EdbInfoPermissionNoAuthRecord) for _, v := range existList { tmpUserExistMap, ok := existMap[v.SysUserId] if !ok { tmpUserExistMap = make(map[string]*EdbInfoPermissionNoAuthRecord) } key := fmt.Sprint(v.EdbInfoType, "_", v.EdbInfoId) tmpUserExistMap[key] = v existMap[v.SysUserId] = tmpUserExistMap } addMessageList := make([]*DataPermissionMessage, 0) addRecordList := make([]*EdbInfoPermissionNoAuthRecord, 0) for _, userId := range noAuthUserIdList { isAdd := false tmpUserExistMap, userExistOk := existMap[int32(userId)] for _, dataItem := range dataList { // 判断是否已经存在,已经存在就过滤 if userExistOk { key := fmt.Sprint(edbInfoType, "_", dataItem.DataId) _, ok := tmpUserExistMap[key] if ok { continue } } isAdd = true addRecordList = append(addRecordList, &EdbInfoPermissionNoAuthRecord{ EdbInfoPermissionNoAuthRecordId: 0, OpUniqueCode: uniqueCode, EdbInfoType: int32(edbInfoType), EdbInfoId: int32(dataItem.DataId), EdbCode: dataItem.DataCode, EdbName: dataItem.DataName, SysUserId: int32(userId), CreateTime: time.Now(), }) } // 有记录的话,需要添加消息 if isAdd { addMessageList = append(addMessageList, &DataPermissionMessage{ DataPermissionMessageId: 0, SendUserId: int32(opUserId), ReceiveUserId: int32(userId), Content: title, Remark: content, OpType: 3, Source: int32(source), SubSource: int32(edbInfoType), OpUniqueCode: uniqueCode, IsRead: 0, CreateTime: time.Now(), ModifyTime: time.Now(), }) } } // 添加消息 if len(addMessageList) > 0 { _, err = o.InsertMulti(500, addMessageList) if err != nil { return } } // 添加记录 if len(addRecordList) > 0 { _, err = o.InsertMulti(500, addRecordList) if err != nil { return } } // 已经授权了的用户,需要删除未授权记录 authUserIdNum := len(authUserIdList) if authUserIdNum > 0 { sql = `DELETE FROM edb_info_permission_no_auth_record WHERE edb_info_type = ? AND sys_user_id in (` + utils.GetOrmInReplace(authUserIdNum) + `) AND edb_info_id in (` + utils.GetOrmInReplace(num) + `)` _, err = o.Raw(sql, edbInfoType, authUserIdList, dataIdList).Exec() } return } // DeleteEdbInfoPermissionNoAuthRecordBySourceAndDataIdList // @Description: 根据来源和数据id列表删除记录 // @author: Roc // @datetime 2024-04-07 14:47:37 // @param source int // @param subSource int // @param dataIdList []string // @return err error func DeleteEdbInfoPermissionNoAuthRecordBySourceAndDataIdList(edbInfoType int, dataIdList []string) (err error) { num := len(dataIdList) if num <= 0 { return } o := orm.NewOrmUsingDB("data") sql := `DELETE FROM edb_info_permission_no_auth_record WHERE edb_info_type = ? AND edb_info_id in (` + utils.GetOrmInReplace(num) + `)` _, err = o.Raw(sql, edbInfoType, dataIdList).Exec() return } // GetEdbInfoDataPermissionNoAuthRecordListByUserId // @Description: 获取明细数据 // @author: Roc // @datetime 2024-04-10 14:23:15 // @param userId int32 // @param edbInfoType int32 // @param startSize int // @param pageSize int // @return total int // @return items []*DataPermissionNoAuthRecord // @return err error func GetEdbInfoDataPermissionNoAuthRecordListByUserId(userId int32, edbInfoType, startSize, pageSize int) (total int, items []*DataPermissionNoAuthRecord, err error) { o := orm.NewOrmUsingDB("data") // 获取总数 sql := `SELECT count(1) AS total FROM edb_info_permission_no_auth_record WHERE sys_user_id = ? AND edb_info_type = ? ` err = o.Raw(sql, userId, edbInfoType).QueryRow(&total) if err != nil { return } sql = `SELECT edb_info_permission_no_auth_record_id as data_permission_no_auth_record_id,op_unique_code,edb_info_type as sub_source,edb_info_id as data_id,edb_code as data_code,edb_name as data_name,sys_user_id,create_time FROM edb_info_permission_no_auth_record WHERE sys_user_id = ? AND edb_info_type = ? ORDER BY edb_info_permission_no_auth_record_id desc LIMIT ?,? ` _, err = o.Raw(sql, userId, edbInfoType, startSize, pageSize).QueryRows(&items) return } type EdbInfoClassifyPermissionNoAuthRecord struct { EdbInfoClassifyPermissionNoAuthRecordId int64 `json:"edb_info_classify_permission_no_auth_record_id" orm:"column(edb_info_classify_permission_no_auth_record_id);pk"` // 资产分类数据操作记录id EdbClassifyType int32 `json:"edb_classify_type"` // 子来源 :ETA表格中的各种表格类型,以及图表的来源(这个是后续的扩展方向) OpUniqueCode string `json:"op_unique_code"` // 操作的唯一编码,主要是记录统一操作的日志 ClassifyId string `json:"classify_id"` // 资产分类id(指标、图表、表格) ClassifyName string `json:"classify_name"` // 资产分类名称(指标、图表、表格) SysUserId int32 `json:"sys_user_id"` // 系统用户id CreateTime time.Time `json:"create_time"` // 创建时间 } // AddEdbInfoClassifyNoAuthRecordBySourceAndClassifyIdList // @Description: 根据分类添加用户分类未授权记录 // @author: Roc // @datetime 2024-04-07 16:44:21 // @param source int // @param edbClassifyType int // @param classifyInfoList []ClassifyDataItem // @param noAuthUserIdList []int // @param uniqueCode string // @param content string // @param opUserId int // @return err error func AddEdbInfoClassifyNoAuthRecordBySourceAndClassifyIdList(source, edbClassifyType int, classifyInfoList []ClassifyDataItem, noAuthUserIdList []int, uniqueCode, title, content string, opUserId int) (err error) { num := len(classifyInfoList) if num <= 0 { return } // 分类id classifyIdList := make([]int, 0) for _, v := range classifyInfoList { classifyIdList = append(classifyIdList, v.ClassifyId) } userNum := len(noAuthUserIdList) if userNum <= 0 { return } o, err := orm.NewOrmUsingDB("data").Begin() if err != nil { return } defer func() { if err != nil { _ = o.Rollback() } else { _ = o.Commit() } }() // 根据分类获取已经存在的未授权记录 var existList []*EdbInfoClassifyPermissionNoAuthRecord sql := `SELECT * FROM edb_info_classify_permission_no_auth_record WHERE edb_classify_type = ? AND classify_id in (` + utils.GetOrmInReplace(num) + `)` _, err = o.Raw(sql, edbClassifyType, classifyIdList).QueryRows(&existList) if err != nil { return } // 已经标记了的数据 existMap := make(map[int32]map[string]*EdbInfoClassifyPermissionNoAuthRecord) for _, v := range existList { tmpUserExistMap, ok := existMap[v.SysUserId] if !ok { tmpUserExistMap = make(map[string]*EdbInfoClassifyPermissionNoAuthRecord) } key := fmt.Sprint(v.EdbClassifyType, "_", v.ClassifyId) tmpUserExistMap[key] = v existMap[v.SysUserId] = tmpUserExistMap } addMessageList := make([]*DataPermissionMessage, 0) addRecordList := make([]*EdbInfoClassifyPermissionNoAuthRecord, 0) for _, userId := range noAuthUserIdList { isAdd := false tmpUserExistMap, userExistOk := existMap[int32(userId)] for _, dataItem := range classifyInfoList { // 判断是否已经存在,已经存在就过滤 if userExistOk { key := fmt.Sprint(edbClassifyType, "_", dataItem.ClassifyId) _, ok := tmpUserExistMap[key] if ok { continue } } isAdd = true addRecordList = append(addRecordList, &EdbInfoClassifyPermissionNoAuthRecord{ EdbInfoClassifyPermissionNoAuthRecordId: 0, EdbClassifyType: int32(edbClassifyType), OpUniqueCode: uniqueCode, ClassifyId: fmt.Sprint(dataItem.ClassifyId), ClassifyName: dataItem.ClassifyName, SysUserId: int32(userId), CreateTime: time.Now(), }) } // 有记录的话,需要添加消息 if isAdd { addMessageList = append(addMessageList, &DataPermissionMessage{ DataPermissionMessageId: 0, SendUserId: int32(opUserId), ReceiveUserId: int32(userId), Content: title, Remark: content, OpType: 4, Source: int32(source), SubSource: int32(edbClassifyType), OpUniqueCode: uniqueCode, IsRead: 0, CreateTime: time.Now(), ModifyTime: time.Now(), }) } } // 添加消息 if len(addMessageList) > 0 { _, err = o.InsertMulti(500, addMessageList) if err != nil { return } } // 添加记录 if len(addRecordList) > 0 { _, err = o.InsertMulti(500, addRecordList) if err != nil { return } } // 移除已经公开了的分类权限,需要删除未授权记录 authUserIdNum := len(classifyIdList) if authUserIdNum > 0 { sql = `DELETE FROM edb_info_classify_permission_no_auth_record WHERE edb_classify_type = ? AND classify_id not in (` + utils.GetOrmInReplace(num) + `)` _, err = o.Raw(sql, edbClassifyType, classifyIdList).Exec() } return } // AddEdbInfoClassifyNoAuthRecordBySourceAndUserIdList // @Description: 根据用户添加用户分类未授权记录 // @author: Roc // @datetime 2024-04-07 20:12:44 // @param source int // @param edbClassifyType int // @param noAuthClassifyMap map[int]ClassifyDataItem // @param configUserIdList []int // @param uniqueCode string // @param content string // @param opUserId int // @return err error func AddEdbInfoClassifyNoAuthRecordBySourceAndUserIdList(source, edbClassifyType int, noAuthClassifyMap map[int]ClassifyDataItem, configUserIdList []int, uniqueCode, title, content string, opUserId int) (err error) { // 当前配置用户 configUserNum := len(configUserIdList) if configUserNum <= 0 { return } //// 总共的涉密分类 //noAuthClassifyInfoNum := len(noAuthClassifyMap) //if noAuthClassifyInfoNum <= 0 { // return //} o, err := orm.NewOrmUsingDB("data").Begin() if err != nil { return } defer func() { if err != nil { _ = o.Rollback() } else { _ = o.Commit() } }() // 根据当前配置用户获取已经存在的未授权记录 var existList []*EdbInfoClassifyPermissionNoAuthRecord sql := `SELECT * FROM edb_info_classify_permission_no_auth_record WHERE edb_classify_type = ? AND sys_user_id in (` + utils.GetOrmInReplace(configUserNum) + `)` _, err = o.Raw(sql, edbClassifyType, configUserIdList).QueryRows(&existList) if err != nil { return } // 已经标记了的数据 existMap := make(map[int32]map[string]*EdbInfoClassifyPermissionNoAuthRecord) delRecordIdMap := make(map[int64]int64) for _, v := range existList { tmpUserExistMap, ok := existMap[v.SysUserId] if !ok { tmpUserExistMap = make(map[string]*EdbInfoClassifyPermissionNoAuthRecord) } tmpUserExistMap[v.ClassifyId] = v existMap[v.SysUserId] = tmpUserExistMap // 已经配置了的记录id delRecordIdMap[v.EdbInfoClassifyPermissionNoAuthRecordId] = v.EdbInfoClassifyPermissionNoAuthRecordId } addMessageList := make([]*DataPermissionMessage, 0) addRecordList := make([]*EdbInfoClassifyPermissionNoAuthRecord, 0) for _, userId := range configUserIdList { isAdd := false tmpUserExistMap, userExistOk := existMap[int32(userId)] for _, dataItem := range noAuthClassifyMap { // 判断是否已经存在,已经存在就过滤 if userExistOk { key := fmt.Sprint(dataItem.ClassifyId) tmpUserRecord, ok := tmpUserExistMap[key] if ok { delete(delRecordIdMap, tmpUserRecord.EdbInfoClassifyPermissionNoAuthRecordId) continue } } isAdd = true addRecordList = append(addRecordList, &EdbInfoClassifyPermissionNoAuthRecord{ EdbInfoClassifyPermissionNoAuthRecordId: 0, EdbClassifyType: int32(edbClassifyType), OpUniqueCode: uniqueCode, ClassifyId: fmt.Sprint(dataItem.ClassifyId), ClassifyName: dataItem.ClassifyName, SysUserId: int32(userId), CreateTime: time.Now(), }) } // 有记录的话,需要添加消息 if isAdd { addMessageList = append(addMessageList, &DataPermissionMessage{ DataPermissionMessageId: 0, SendUserId: int32(opUserId), ReceiveUserId: int32(userId), Content: title, Remark: content, OpType: 4, Source: int32(source), SubSource: int32(edbClassifyType), OpUniqueCode: uniqueCode, IsRead: 0, CreateTime: time.Now(), ModifyTime: time.Now(), }) } } // 添加消息 if len(addMessageList) > 0 { _, err = o.InsertMulti(500, addMessageList) if err != nil { return } } // 添加记录 if len(addRecordList) > 0 { _, err = o.InsertMulti(500, addRecordList) if err != nil { return } } // 需要删除未授权记录 delRecordIdNum := len(delRecordIdMap) if delRecordIdNum > 0 { delRecordIdList := make([]int64, 0) for _, v := range delRecordIdMap { delRecordIdList = append(delRecordIdList, v) } sql = `DELETE FROM edb_info_classify_permission_no_auth_record WHERE edb_info_classify_permission_no_auth_record_id in (` + utils.GetOrmInReplace(delRecordIdNum) + `) ` _, err = o.Raw(sql, delRecordIdList).Exec() } return } // DeleteEdbInfoClassifyNoAuthRecordBySourceAndClassifyIdList // @Description: 根据来源和删除分类授权记录 // @author: Roc // @datetime 2024-04-07 14:47:37 // @param source int // @param edbClassifyType int // @return err error func DeleteEdbInfoClassifyNoAuthRecordBySourceAndClassifyIdList(edbClassifyType int) (err error) { o := orm.NewOrmUsingDB("data") sql := `DELETE FROM edb_info_classify_permission_no_auth_record WHERE edb_classify_type = ?` _, err = o.Raw(sql, edbClassifyType).Exec() return } // GetEdbInfoDataPermissionClassifyNoAuthRecordListByUserId // @Description: 根据用户获取未授权的资产分类记录 // @author: Roc // @datetime 2024-04-07 20:14:49 // @param userId int // @param source int // @param subSource int // @param startSize int // @param pageSize int // @return total int // @return items []*DataPermissionClassifyNoAuthRecord // @return err error func GetEdbInfoDataPermissionClassifyNoAuthRecordListByUserId(userId int32, edbClassifyType, startSize, pageSize int) (total int, items []*DataPermissionClassifyNoAuthRecord, err error) { o := orm.NewOrmUsingDB("data") // 获取总数 sql := `SELECT count(1) AS total FROM edb_info_classify_permission_no_auth_record WHERE sys_user_id = ? AND edb_classify_type = ? ` err = o.Raw(sql, userId, edbClassifyType).QueryRow(&total) if err != nil { return } sql = `SELECT edb_info_classify_permission_no_auth_record_id as data_permission_classify_no_auth_record_id,edb_classify_type as sub_source,op_unique_code,classify_id,classify_name,sys_user_id,create_time FROM edb_info_classify_permission_no_auth_record WHERE sys_user_id = ? AND edb_classify_type = ? ORDER BY edb_info_classify_permission_no_auth_record_id desc LIMIT ?,? ` _, err = o.Raw(sql, userId, edbClassifyType, startSize, pageSize).QueryRows(&items) return }