eta_server
/
eta_api


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454
							package data_manage_permission

import (
	"eta/eta_api/utils"
	"fmt"
	"github.com/beego/beego/v2/client/orm"
	"strconv"
	"time"
)

// EdbInfoPermission
// @Description: 指标权限表
type EdbInfoPermission struct {
	EdbInfoPermissionId int64     `json:"edb_info_permission_id" orm:"column(edb_info_permission_id);pk"`
	EdbInfoId           int32     `json:"edb_info_id"`   // 指标id
	EdbInfoType         int32     `json:"edb_info_type"` // 指标类型，0：普通指标，1：预测指标
	SysUserId           int32     `json:"sys_user_id"`   // 系统用户id
	ModifyTime          time.Time `json:"modify_time"`   // 变更时间
	CreateTime          time.Time `json:"create_time"`   // 关系建立时间
}

// EdbClassifyPermission
// @Description: 指标分类权限表
type EdbClassifyPermission struct {
	EdbClassifyPermissionId int64     `json:"edb_classify_permission_id" orm:"column(edb_classify_permission_id);pk"`
	EdbClassifyId           int32     `json:"edb_classify_id"`   // 分类id
	EdbClassifyType         int32     `json:"edb_classify_type"` // 分类类型，0：普通指标分类，1：预测指标分类
	SysUserId               int32     `json:"sys_user_id"`       // 系统用户id
	ModifyTime              time.Time `json:"modify_time"`       // 变更时间
	CreateTime              time.Time `json:"create_time"`       // 关系建立时间
}

// SetIsPermissionEdbChartByEdbClassifyIdList
// @Description: 设置指标分类是否涉密
// @author: Roc
// @datetime 2024-03-27 14:15:42
// @param classifyIdList []int
func SetIsPermissionEdbChartByEdbClassifyIdList(classifyIdList []int, classifyType int) (err error) {
	num := len(classifyIdList)
	if num <= 0 {
		return
	}
	o, err := orm.NewOrmUsingDB("data").Begin()
	if err != nil {
		return
	}
	defer func() {
		if err != nil {
			_ = o.Rollback()
		} else {
			_ = o.Commit()
		}
	}()

	//// 获取已经配置涉密的分类权限
	//edbClassifyList := make([]*EdbClassify, 0)
	//sql := `SELECT * FROM edb_classify WHERE is_join_permission = ? `
	//_, err = o.Raw(sql, 1).QueryRows(&edbClassifyList)
	//if err != nil {
	//	return
	//}
	//edbClassifyMap := make(map[int]*EdbClassify)
	//for _, v := range edbClassifyList {
	//	edbClassifyMap[v.ClassifyId] = v
	//}

	// 先将所有已经设置了涉密的分类设置为不涉密
	sql := `UPDATE edb_classify SET is_join_permission=?,modify_time=now() WHERE is_join_permission = 1 AND classify_type = ?`
	_, err = o.Raw(sql, 0, classifyType).Exec()
	if err != nil {
		return
	}

	if len(classifyIdList) > 0 {
		// 将对应的分类设置为涉密
		sql = `UPDATE edb_classify SET is_join_permission=?,modify_time=now() WHERE classify_type = ? AND classify_id in (` + utils.GetOrmInReplace(num) + `) `
		_, err = o.Raw(sql, 1, classifyType, classifyIdList).Exec()
		if err != nil {
			return
		}
	}

	return
}

// SetPermissionByEdbIdList
// @Description: 根据指标ID列表设置指标的用户权限
// @author: Roc
// @datetime 2024-03-27 14:03:42
// @param edbIdList []string
// @param userIdList []int
// @param chartInfoType int
// @return err error
func SetPermissionByEdbIdList(edbIdList []string, userIdList []int, edbInfoType int) (err error) {
	edbNum := len(edbIdList)
	if edbNum <= 0 {
		return
	}
	o, err := orm.NewOrmUsingDB("data").Begin()
	if err != nil {
		return
	}
	defer func() {
		if err != nil {
			_ = o.Rollback()
		} else {
			_ = o.Commit()
		}
	}()

	// 获取已经配置的指标权限用户
	edbInfoPermissionList := make([]*EdbInfoPermission, 0)
	sql := `SELECT * FROM edb_info_permission WHERE edb_info_type = ? AND edb_info_id in (` + utils.GetOrmInReplace(edbNum) + `) `
	_, err = o.Raw(sql, edbInfoType, edbIdList).QueryRows(&edbInfoPermissionList)
	if err != nil {
		return
	}
	edbInfoPermissionMap := make(map[string]*EdbInfoPermission)
	for _, v := range edbInfoPermissionList {
		edbInfoPermissionMap[fmt.Sprint(v.EdbInfoId, "_", v.SysUserId)] = v
	}

	// 标记指标是否纳入权限管控
	{
		// 默认 标记指标为纳入权限管控
		isJoinPermission := 1
		// 用户不选的情况下，说明是要给这些指标移除权限管控
		if len(userIdList) <= 0 {
			// 标记指标为不纳入权限管控
			isJoinPermission = 0
		}
		sql = `UPDATE edb_info SET is_join_permission=?,modify_time=now() WHERE edb_info_type = ? AND edb_info_id in (` + utils.GetOrmInReplace(edbNum) + `) `
		_, err = o.Raw(sql, isJoinPermission, edbInfoType, edbIdList).Exec()
		if err != nil {
			return
		}
	}

	// 待添加的配置项
	addList := make([]*EdbInfoPermission, 0)

	// 遍历待配置的指标和用户，筛选出需要添加的配置项
	for _, edbInfoIdStr := range edbIdList {
		edbInfoId, tmpErr := strconv.ParseInt(edbInfoIdStr, 10, 64)
		if tmpErr != nil {
			err = tmpErr
			return
		}
		for _, userId := range userIdList {
			key := fmt.Sprint(edbInfoId, "_", userId)
			if _, ok := edbInfoPermissionMap[key]; ok {
				// 如果存在那么就移除，说明不需要处理了
				delete(edbInfoPermissionMap, key)
			} else {
				// 如果不存在，那么就添加
				addList = append(addList, &EdbInfoPermission{
					//PermissionId: 0,
					EdbInfoId:   int32(edbInfoId),
					SysUserId:   int32(userId),
					EdbInfoType: int32(edbInfoType),
					ModifyTime:  time.Now(),
					CreateTime:  time.Now(),
				})
			}
		}
	}

	// 添加待配置项
	if len(addList) > 0 {
		_, err = o.InsertMulti(500, addList)
		if err != nil {
			return
		}
	}

	// 移除废弃的配置项
	{
		// 待移除的配置项
		deletePermissionIdList := make([]int64, 0)
		for _, v := range edbInfoPermissionMap {
			deletePermissionIdList = append(deletePermissionIdList, v.EdbInfoPermissionId)
		}

		deletePermissionIdNum := len(deletePermissionIdList)
		if deletePermissionIdNum > 0 {
			sql = "DELETE FROM edb_info_permission WHERE edb_info_permission_id in (" + utils.GetOrmInReplace(deletePermissionIdNum) + ")"
			_, err = o.Raw(sql, deletePermissionIdList).Exec()
			if err != nil {
				return
			}
		}
	}

	return
}

// SetPermissionByEdbClassifyIdList
// @Description: 根据指标分类ID列表设置分类的用户权限
// @author: Roc
// @datetime 2024-03-28 14:53:04
// @param classifyIdList []int
// @param userIdList []int
// @return err error
func SetPermissionByEdbClassifyIdList(classifyIdList []int, userIdList []int, classifyType int) (err error) {
	userNum := len(userIdList)
	if userNum <= 0 {
		return
	}
	o, err := orm.NewOrmUsingDB("data").Begin()
	if err != nil {
		return
	}
	defer func() {
		if err != nil {
			_ = o.Rollback()
		} else {
			_ = o.Commit()
		}
	}()

	// 获取当前选择用户已经配置的指标分类权限
	classifyPermissionList := make([]*EdbClassifyPermission, 0)
	sql := `SELECT * FROM edb_classify_permission WHERE edb_classify_type = ? AND sys_user_id in (` + utils.GetOrmInReplace(userNum) + `) `
	_, err = o.Raw(sql, classifyType, userIdList).QueryRows(&classifyPermissionList)
	if err != nil {
		return
	}
	classifyPermissionMap := make(map[string]*EdbClassifyPermission)
	for _, v := range classifyPermissionList {
		classifyPermissionMap[fmt.Sprint(v.EdbClassifyId, "_", v.SysUserId)] = v
	}

	// 待添加的配置项
	addList := make([]*EdbClassifyPermission, 0)

	// 遍历待配置的指标和用户，筛选出需要添加的配置项
	for _, userId := range userIdList {
		for _, classifyId := range classifyIdList {
			key := fmt.Sprint(classifyId, "_", userId)
			if _, ok := classifyPermissionMap[key]; ok {
				// 如果存在那么就移除，说明不需要处理了
				delete(classifyPermissionMap, key)
			} else {
				// 如果不存在，那么就提那家
				addList = append(addList, &EdbClassifyPermission{
					//PermissionId: 0,
					EdbClassifyId:   int32(classifyId),
					EdbClassifyType: int32(classifyType),
					SysUserId:       int32(userId),
					ModifyTime:      time.Now(),
					CreateTime:      time.Now(),
				})
			}
		}
	}

	// 添加待配置项
	if len(addList) > 0 {
		_, err = o.InsertMulti(500, addList)
		if err != nil {
			return
		}
	}

	// 移除废弃的配置项
	{
		// 获取移除的配置项
		deletePermissionIdList := make([]int64, 0)
		for _, v := range classifyPermissionMap {
			deletePermissionIdList = append(deletePermissionIdList, v.EdbClassifyPermissionId)
		}

		deletePermissionIdNum := len(deletePermissionIdList)
		if deletePermissionIdNum > 0 {
			sql = "DELETE FROM edb_classify_permission WHERE edb_classify_permission_id in (" + utils.GetOrmInReplace(deletePermissionIdNum) + ")"
			_, err = o.Raw(sql, deletePermissionIdList).Exec()
			if err != nil {
				return
			}
		}
	}

	return
}

// GetPermissionEdbClassifyIdListByUserId
// @Description: 根据用户ID获取已经配置的分类id列表
// @author: Roc
// @datetime 2024-03-29 16:24:46
// @param userId int
// @param classifyType int
// @return edbClassifyIdList []int
// @return err error
func GetPermissionEdbClassifyIdListByUserId(userId int, classifyType int) (edbClassifyIdList []int, err error) {
	o := orm.NewOrmUsingDB("data")
	sql := `SELECT edb_classify_id FROM edb_classify_permission WHERE edb_classify_type = ? AND sys_user_id = ? `
	_, err = o.Raw(sql, classifyType, userId).QueryRows(&edbClassifyIdList)

	return
}

// GetPermissionEdbIdListByDataId
// @Description: 根据资产（指标、图表、表格）ID获取已经配置的用户id列表
// @author: Roc
// @datetime 2024-03-29 16:24:46
// @param dataId int
// @param edbInfoType int
// @return edbIdList []int
// @return err error
func GetPermissionEdbIdListByDataId(dataId int, edbInfoType int) (edbIdList []int, err error) {
	o := orm.NewOrmUsingDB("data")
	sql := `SELECT sys_user_id FROM edb_info_permission WHERE edb_info_type = ? AND edb_info_id= ? `
	_, err = o.Raw(sql, edbInfoType, dataId).QueryRows(&edbIdList)

	return
}

// GetPermissionEdbIdList
// @Description: 获取用户权限的指标列表
// @author: Roc
// @datetime 2024-03-28 16:50:47
// @param userId int
// @param edbInfoId int
// @return idList []int
// @return err error
func GetPermissionEdbIdList(userId, edbInfoId int) (idList []int, err error) {
	pars := []interface{}{userId}
	o := orm.NewOrmUsingDB("data")
	sql := `SELECT edb_info_id FROM edb_info_permission WHERE sys_user_id = ? `
	if edbInfoId > 0 {
		sql += ` AND edb_info_id = ? `
		pars = append(pars, edbInfoId)
	}
	_, err = o.Raw(sql, pars).QueryRows(&idList)

	return
}

// GetPermissionEdbClassifyIdList
// @Description: 获取用户权限的指标分类列表
// @author: Roc
// @datetime 2024-03-28 16:50:47
// @param userId int
// @param classifyId int
// @return idList []int
// @return err error
func GetPermissionEdbClassifyIdList(userId, classifyId int) (idList []int, err error) {
	pars := []interface{}{userId}
	o := orm.NewOrmUsingDB("data")
	sql := `SELECT edb_classify_id FROM edb_classify_permission WHERE sys_user_id = ? `
	if classifyId > 0 {
		sql += ` AND edb_classify_id = ? `
		pars = append(pars, classifyId)
	}
	_, err = o.Raw(sql, pars).QueryRows(&idList)

	return
}

// InheritParentClassifyByEdbClassifyId
// @Description: 继承父级分类的指标权限信息
// @author: Roc
// @datetime 2024-04-07 21:02:51
// @param source int
// @param classifyType int
// @param classifyId int
// @param parentClassifyId int
// @param classifyName string
// @param uniqueCode string
// @return err error
func InheritParentClassifyByEdbClassifyId(source, classifyType, classifyId, parentClassifyId int, classifyName, uniqueCode string) (err error) {
	o, err := orm.NewOrmUsingDB("data").Begin()
	if err != nil {
		return
	}
	defer func() {
		if err != nil {
			_ = o.Rollback()
		} else {
			_ = o.Commit()
		}
	}()

	// 将对应的分类设置为涉密
	sql := `UPDATE edb_classify SET is_join_permission=?,modify_time=now() WHERE classify_type = ? AND classify_id = ? `
	_, err = o.Raw(sql, 1, classifyType, classifyId).Exec()
	if err != nil {
		return
	}

	// 添加未授权记录
	{
		// 获取父级未授权的用户记录
		var parentRecordItems []*DataPermissionClassifyNoAuthRecord
		sql = `SELECT * FROM data_permission_classify_no_auth_record WHERE classify_id = ? AND source = ? AND sub_source = ? ORDER BY data_permission_classify_no_auth_record_id desc LIMIT ?,? `
		_, err = o.Raw(sql, parentClassifyId, source, classifyType).QueryRows(&parentRecordItems)

		addNoAuthRecordItems := make([]*DataPermissionClassifyNoAuthRecord, 0)
		for _, v := range parentRecordItems {
			addNoAuthRecordItems = append(addNoAuthRecordItems, &DataPermissionClassifyNoAuthRecord{
				DataPermissionClassifyNoAuthRecordId: 0,
				Source:                               v.Source,
				SubSource:                            v.SubSource,
				OpUniqueCode:                         uniqueCode,
				ClassifyId:                           fmt.Sprint(classifyId),
				ClassifyName:                         classifyName,
				SysUserId:                            v.SysUserId,
				CreateTime:                           time.Now(),
			})
		}

		// 添加待配置项
		if len(addNoAuthRecordItems) > 0 {
			_, err = o.InsertMulti(500, addNoAuthRecordItems)
			if err != nil {
				return
			}
		}

	}

	// 添加授权记录
	{
		// 获取父级分类已经授权的用户
		parentClassifyPermissionList := make([]*EdbClassifyPermission, 0)
		sql = `SELECT * FROM edb_classify_permission WHERE edb_classify_type = ? AND edb_classify_id = ? `
		_, err = o.Raw(sql, classifyType, parentClassifyId).QueryRows(&parentClassifyPermissionList)
		if err != nil {
			return
		}

		addList := make([]*EdbClassifyPermission, 0)
		for _, v := range parentClassifyPermissionList {
			// 如果不存在，那么就提那家
			addList = append(addList, &EdbClassifyPermission{
				//PermissionId: 0,
				EdbClassifyId:   int32(classifyId),
				EdbClassifyType: int32(classifyType),
				SysUserId:       v.SysUserId,
				ModifyTime:      time.Now(),
				CreateTime:      time.Now(),
			})
		}
		// 添加待配置项
		if len(addList) > 0 {
			_, err = o.InsertMulti(500, addList)
			if err != nil {
				return
			}
		}
	}

	return
}