eta_api/models/data_manage/data_manage_permission.go

package data_manage

import (
	"eta/eta_api/utils"
	"fmt"
	"github.com/beego/beego/v2/client/orm"
	"strconv"
	"time"
)

// SetDataIsPermissionReq
// @Description: 设置数据分类权限请求
type SetDataIsPermissionReq struct {
	Source         int   `description:"来源id"`
	SubSource      int   `description:"子来源id"`
	ClassifyIdList []int `description:"指标/图表/表格分类唯一id列表，如果为空，说明要给这些指标移除权限管控"`
}

// SetIsPermissionEdbChartByEdbClassifyIdList
// @Description: 设置指标分类是否涉密
// @author: Roc
// @datetime 2024-03-27 14:15:42
// @param classifyIdList []int
func SetIsPermissionEdbChartByEdbClassifyIdList(classifyIdList []int) (err error) {
	num := len(classifyIdList)
	if num <= 0 {
		return
	}
	o, err := orm.NewOrmUsingDB("data").Begin()
	if err != nil {
		return
	}
	defer func() {
		if err != nil {
			_ = o.Rollback()
		} else {
			_ = o.Commit()
		}
	}()

	//// 获取已经配置涉密的分类权限
	//edbClassifyList := make([]*EdbClassify, 0)
	//sql := `SELECT * FROM edb_classify WHERE is_join_permission = ? `
	//_, err = o.Raw(sql, 1).QueryRows(&edbClassifyList)
	//if err != nil {
	//	return
	//}
	//edbClassifyMap := make(map[int]*EdbClassify)
	//for _, v := range edbClassifyList {
	//	edbClassifyMap[v.ClassifyId] = v
	//}

	// 先将所有已经设置了涉密的分类设置为不涉密
	sql := `UPDATE edb_classify SET is_join_permission=?,modify_time=now() WHERE is_join_permission = 1 `
	_, err = o.Raw(sql, 0).Exec()
	if err != nil {
		return
	}

	if len(classifyIdList) > 0 {
		// 将对应的分类设置为涉密
		sql = `UPDATE edb_classify SET is_join_permission=?,modify_time=now() WHERE classify_id in (` + utils.GetOrmInReplace(num) + `) `
		_, err = o.Raw(sql, 1, classifyIdList).Exec()
		if err != nil {
			return
		}
	}

	// TODO 判断是否要记录移除的分类，用于发送通知给客户

	return
}

// SetEdbChartPermissionReq
// @Description: 设置数据权限请求
type SetEdbChartPermissionReq struct {
	Source       int      `description:"来源id"`
	SubSource    int      `description:"子来源id"`
	UserId       int      `description:"用户筛选"`
	DataIdList   []string `description:"指标/图表/表格唯一id列表"`
	NoDataIdList []string `description:"指标/图表/表格唯一id列表"`
	UserList     []int    `description:"赋权用户id列表，如果为空，说明要给这些指标移除权限管控"`
	IsSelectAll  bool     `description:"是否选择所有指标"`
	ClassifyId   string   `description:"分类id，支持多选，用英文,隔开"`
	Keyword      string   `description:"关键字"`
}

// EdbInfoPermission
// @Description: 指标权限表
type EdbInfoPermission struct {
	PermissionId int64     `json:"permission_id" orm:"column(permission_id);pk"`
	EdbInfoId    int32     `json:"edb_info_id"` // 指标id
	SysUserId    int32     `json:"sys_user_id"` // 系统用户id
	ModifyTime   time.Time `json:"modify_time"` // 变更时间
	CreateTime   time.Time `json:"create_time"` // 关系建立时间
}

// EdbClassifyPermission
// @Description: 指标分类权限表
type EdbClassifyPermission struct {
	PermissionId  int64     `json:"permission_id" orm:"column(permission_id);pk"`
	EdbClassifyId int32     `json:"edb_classify_id"` // 分类id
	SysUserId     int32     `json:"sys_user_id"`     // 系统用户id
	ModifyTime    time.Time `json:"modify_time"`     // 变更时间
	CreateTime    time.Time `json:"create_time"`     // 关系建立时间
}

// SetPermissionEdbChartByEdbIdList
// @Description: 根据指标ID列表设置指标的用户权限
// @author: Roc
// @datetime 2024-03-27 14:03:42
// @param edbIdList []string
// @param userIdList []int
// @return err error
func SetPermissionEdbChartByEdbIdList(edbIdList []string, userIdList []int) (err error) {
	edbNum := len(edbIdList)
	if edbNum <= 0 {
		return
	}
	o, err := orm.NewOrmUsingDB("data").Begin()
	if err != nil {
		return
	}
	defer func() {
		if err != nil {
			_ = o.Rollback()
		} else {
			_ = o.Commit()
		}
	}()

	// 获取已经配置的指标权限用户
	edbInfoPermissionList := make([]*EdbInfoPermission, 0)
	sql := `SELECT * FROM edb_info_permission WHERE edb_info_id in (` + utils.GetOrmInReplace(edbNum) + `) `
	_, err = o.Raw(sql, edbIdList).QueryRows(&edbInfoPermissionList)
	if err != nil {
		return
	}
	edbInfoPermissionMap := make(map[string]*EdbInfoPermission)
	for _, v := range edbInfoPermissionList {
		edbInfoPermissionMap[fmt.Sprint(v.EdbInfoId, "_", v.SysUserId)] = v
	}

	// 标记指标是否纳入权限管控
	{
		// 默认 标记指标为纳入权限管控
		isJoinPermission := 1
		// 用户不选的情况下，说明是要给这些指标移除权限管控
		if len(userIdList) <= 0 {
			// 标记指标为不纳入权限管控
			isJoinPermission = 0
		}
		sql = `UPDATE edb_info SET is_join_permission=?,modify_time=now() WHERE edb_info_id in (` + utils.GetOrmInReplace(edbNum) + `) `
		_, err = o.Raw(sql, isJoinPermission, edbIdList).Exec()
		if err != nil {
			return
		}
	}

	// 待添加的配置项
	addList := make([]*EdbInfoPermission, 0)

	// 遍历待配置的指标和用户，筛选出需要添加的配置项
	for _, edbInfoIdStr := range edbIdList {
		edbInfoId, tmpErr := strconv.ParseInt(edbInfoIdStr, 10, 64)
		if tmpErr != nil {
			err = tmpErr
			return
		}
		for _, userId := range userIdList {
			key := fmt.Sprint(edbInfoId, "_", userId)
			if _, ok := edbInfoPermissionMap[key]; ok {
				// 如果存在那么就移除，说明不需要处理了
				delete(edbInfoPermissionMap, key)
			} else {
				// 如果不存在，那么就提那家
				addList = append(addList, &EdbInfoPermission{
					//PermissionId: 0,
					EdbInfoId:  int32(edbInfoId),
					SysUserId:  int32(userId),
					ModifyTime: time.Now(),
					CreateTime: time.Now(),
				})
			}
		}
	}

	// 添加待配置项
	if len(addList) > 0 {
		_, err = o.InsertMulti(500, addList)
		if err != nil {
			return
		}
	}

	// 移除废弃的配置项
	{
		// 待移除的配置项
		deletePermissionIdList := make([]int64, 0)
		for _, v := range edbInfoPermissionMap {
			deletePermissionIdList = append(deletePermissionIdList, v.PermissionId)
		}

		deletePermissionIdNum := len(deletePermissionIdList)
		if deletePermissionIdNum > 0 {
			sql = "DELETE FROM edb_info_permission WHERE permission_id in (" + utils.GetOrmInReplace(deletePermissionIdNum) + ")"
			_, err = o.Raw(sql, deletePermissionIdList).Exec()
			if err != nil {
				return
			}
		}
	}

	return
}

// SetEdbChartClassifyPermissionReq
// @Description: 设置数据分类权限请求
type SetEdbChartClassifyPermissionReq struct {
	Source         int   `description:"来源id"`
	SubSource      int   `description:"子来源id"`
	UserList       []int `description:"赋权用户id列表，如果为空，说明要给这些数据分类移除权限管控"`
	ClassifyIdList []int `description:"指标/图表/表格分类唯一id列表"`
}

// SetPermissionEdbChartClassifyIdByClassifyIdList
// @Description: 根据指标分类ID列表设置分类的用户权限
// @author: Roc
// @datetime 2024-03-28 14:53:04
// @param classifyIdList []int
// @param userIdList []int
// @return err error
func SetPermissionEdbChartClassifyIdByClassifyIdList(classifyIdList []int, userIdList []int) (err error) {
	userNum := len(userIdList)
	if userNum <= 0 {
		return
	}
	o, err := orm.NewOrmUsingDB("data").Begin()
	if err != nil {
		return
	}
	defer func() {
		if err != nil {
			_ = o.Rollback()
		} else {
			_ = o.Commit()
		}
	}()

	// 获取当前选择用户已经配置的指标分类权限
	classifyPermissionList := make([]*EdbClassifyPermission, 0)
	sql := `SELECT * FROM edb_classify_permission WHERE sys_user_id in (` + utils.GetOrmInReplace(userNum) + `) `
	_, err = o.Raw(sql, userIdList).QueryRows(&classifyPermissionList)
	if err != nil {
		return
	}
	classifyPermissionMap := make(map[string]*EdbClassifyPermission)
	for _, v := range classifyPermissionList {
		classifyPermissionMap[fmt.Sprint(v.EdbClassifyId, "_", v.SysUserId)] = v
	}

	// 待添加的配置项
	addList := make([]*EdbClassifyPermission, 0)

	// 遍历待配置的指标和用户，筛选出需要添加的配置项
	for _, userId := range userIdList {
		for _, classifyId := range classifyIdList {
			key := fmt.Sprint(classifyId, "_", userId)
			if _, ok := classifyPermissionMap[key]; ok {
				// 如果存在那么就移除，说明不需要处理了
				delete(classifyPermissionMap, key)
			} else {
				// 如果不存在，那么就提那家
				addList = append(addList, &EdbClassifyPermission{
					//PermissionId: 0,
					EdbClassifyId: int32(classifyId),
					SysUserId:     int32(userId),
					ModifyTime:    time.Now(),
					CreateTime:    time.Now(),
				})
			}
		}
	}

	// 添加待配置项
	if len(addList) > 0 {
		_, err = o.InsertMulti(500, addList)
		if err != nil {
			return
		}
	}

	// 移除废弃的配置项
	{
		// 获取移除的配置项
		deletePermissionIdList := make([]int64, 0)
		for _, v := range classifyPermissionMap {
			deletePermissionIdList = append(deletePermissionIdList, v.PermissionId)
		}

		deletePermissionIdNum := len(deletePermissionIdList)
		if deletePermissionIdNum > 0 {
			sql = "DELETE FROM edb_classify_permission WHERE permission_id in (" + utils.GetOrmInReplace(deletePermissionIdNum) + ")"
			_, err = o.Raw(sql, deletePermissionIdList).Exec()
			if err != nil {
				return
			}
		}
	}

	return
}

// GetPermissionEdbIdList
// @Description: 获取用户权限的指标列表
// @author: Roc
// @datetime 2024-03-28 16:50:47
// @param userId int
// @param edbInfoId int
// @return idList []int
// @return err error
func GetPermissionEdbIdList(userId, edbInfoId int) (idList []int, err error) {
	pars := []interface{}{userId}
	o := orm.NewOrmUsingDB("data")
	sql := `SELECT edb_info_id FROM edb_info_permission WHERE sys_user_id = ? `
	if edbInfoId > 0 {
		sql += ` AND edb_info_id = ? `
		pars = append(pars, edbInfoId)
	}
	_, err = o.Raw(sql, pars).QueryRows(&idList)

	return
}

// GetPermissionEdbClassifyIdList
// @Description: 获取用户权限的指标分类列表
// @author: Roc
// @datetime 2024-03-28 16:50:47
// @param userId int
// @param classifyId int
// @return idList []int
// @return err error
func GetPermissionEdbClassifyIdList(userId, classifyId int) (idList []int, err error) {
	pars := []interface{}{userId}
	o := orm.NewOrmUsingDB("data")
	sql := `SELECT edb_classify_id FROM edb_classify_permission WHERE sys_user_id = ? `
	if classifyId > 0 {
		sql += ` AND edb_classify_id = ? `
		pars = append(pars, classifyId)
	}
	_, err = o.Raw(sql, pars).QueryRows(&idList)

	return
}