Merge branch 'dev' of github.com:dataease/dataease into dev

backend/src/main/java/io/dataease/auth/aop/DePermissionAnnotationHandler.java

@@ -4,9 +4,13 @@ import io.dataease.auth.annotation.DePermission;
 import io.dataease.auth.annotation.DePermissions;
 import io.dataease.auth.entity.AuthItem;
 import io.dataease.auth.util.ReflectUtil;
+import io.dataease.commons.constants.DePermissionType;
 import io.dataease.commons.utils.AuthUtils;
-import io.dataease.commons.utils.LogUtil;
+import io.dataease.dto.log.FolderItem;
+import io.dataease.i18n.Translator;
+import io.dataease.service.sys.log.LogManager;
 import org.apache.commons.lang3.ObjectUtils;
+import org.apache.commons.lang3.StringUtils;
 import org.apache.shiro.authz.UnauthorizedException;
 import org.apache.shiro.authz.annotation.Logical;
 import org.aspectj.lang.ProceedingJoinPoint;
@@ -15,6 +19,7 @@ import org.aspectj.lang.annotation.Aspect;
 import org.aspectj.lang.reflect.MethodSignature;
 import org.springframework.stereotype.Component;
 
+import javax.annotation.Resource;
 import java.lang.reflect.Array;
 import java.lang.reflect.Method;
 import java.util.*;
@@ -24,6 +29,9 @@ import java.util.stream.Collectors;
 @Component
 public class DePermissionAnnotationHandler {
 
+    @Resource
+    private LogManager logManager;
+
     @Around(value = "@annotation(io.dataease.auth.annotation.DePermissions)")
     public Object PermissionsAround(ProceedingJoinPoint point) throws Throwable {
 
@@ -31,66 +39,59 @@ public class DePermissionAnnotationHandler {
             return point.proceed(point.getArgs());
         }
         Boolean access = false;
-        try {
-            MethodSignature ms = (MethodSignature) point.getSignature();
-            Method method = ms.getMethod();
-            DePermissions annotation = method.getAnnotation(DePermissions.class);
-            Logical logical = annotation.logical();
-            DePermission[] dePermissions = annotation.value();
-            Object[] args = point.getArgs();
-            if (logical == Logical.AND) {
-                access = true;
-                for (int i = 0; i < dePermissions.length; i++) {
-                    DePermission permission = dePermissions[i];
-                    boolean currentAccess = access(args[permission.paramIndex()], permission, 0);
-                    if (!currentAccess) {
-                        access = false;
-                        break;
-                    }
-                }
-            } else {
-                List<Exception> exceptions = new ArrayList<>();
-                for (int i = 0; i < dePermissions.length; i++) {
-                    DePermission permission = dePermissions[i];
-                    try {
-                        boolean currentAccess = access(args[permission.paramIndex()], permission, 0);
-                        if (currentAccess) {
-                            access = true;
-                            break;
-                        }
-                    } catch (Exception e) {
-                        exceptions.add(e);
-                    }
-                }
-                if (!access && exceptions.size() > 0) {
-                    throw exceptions.get(0);
+        MethodSignature ms = (MethodSignature) point.getSignature();
+        Method method = ms.getMethod();
+        DePermissions annotation = method.getAnnotation(DePermissions.class);
+        Logical logical = annotation.logical();
+        DePermission[] dePermissions = annotation.value();
+        Object[] args = point.getArgs();
+        if (logical == Logical.AND) {
+            access = true;
+            for (int i = 0; i < dePermissions.length; i++) {
+                DePermission permission = dePermissions[i];
+                boolean currentAccess = access(args[permission.paramIndex()], permission, 0);
+                if (!currentAccess) {
+                    access = false;
+                    break;
                 }
             }
-        } catch (Throwable throwable) {
-            LogUtil.error(throwable.getMessage(), throwable);
-            throw new RuntimeException(throwable.getMessage());
+        } else {
+            List<Exception> exceptions = new ArrayList<>();
+            for (int i = 0; i < dePermissions.length; i++) {
+                DePermission permission = dePermissions[i];
+                try {
+                    boolean currentAccess = access(args[permission.paramIndex()], permission, 0);
+                    if (currentAccess) {
+                        access = true;
+                        break;
+                    }
+                } catch (Exception e) {
+                    exceptions.add(e);
+                }
+            }
+            if (!access && exceptions.size() > 0) {
+                throw exceptions.get(0);
+            }
         }
+
         return access ? point.proceed(point.getArgs()) : null;
     }
 
     @Around(value = "@annotation(io.dataease.auth.annotation.DePermission)")
     public Object PermissionAround(ProceedingJoinPoint point) throws Throwable {
         Boolean access = false;
-        try {
-            if (AuthUtils.getUser().getIsAdmin()) {
-                return point.proceed(point.getArgs());
-            }
-            MethodSignature ms = (MethodSignature) point.getSignature();
-            Method method = ms.getMethod();
-            DePermission annotation = method.getAnnotation(DePermission.class);
-            Object arg = point.getArgs()[annotation.paramIndex()];
-            if (access(arg, annotation, 0)) {
-                access = true;
-            }
-        } catch (Throwable throwable) {
-            LogUtil.error(throwable.getMessage(), throwable);
-            throw new RuntimeException(throwable.getMessage());
+
+        if (AuthUtils.getUser().getIsAdmin()) {
+            return point.proceed(point.getArgs());
         }
+        MethodSignature ms = (MethodSignature) point.getSignature();
+        Method method = ms.getMethod();
+        DePermission annotation = method.getAnnotation(DePermission.class);
+        Object arg = point.getArgs()[annotation.paramIndex()];
+        if (access(arg, annotation, 0)) {
+            access = true;
+        }
+
         return access ? point.proceed(point.getArgs()) : null;
     }
 
@@ -107,8 +108,7 @@ public class DePermissionAnnotationHandler {
             boolean permissionValid = resourceIds.contains(arg);
             if (permissionValid)
                 return true;
-            throw new UnauthorizedException("Subject does not have permission[" + annotation.level().name() + ":"
-                    + annotation.type() + ":" + arg + "]");
+            throw new UnauthorizedException(msgI18n(arg, annotation));
         } else if (ReflectUtil.isArray(parameterType)) {
             for (int i = 0; i < Array.getLength(arg); i++) {
                 Object o = Array.get(arg, i);
@@ -139,4 +139,26 @@ public class DePermissionAnnotationHandler {
         }
         return true;
     }
+
+    private String msgI18n(Object arg, DePermission annotation) {
+        int sourceTypeValue = 0;
+        DePermissionType type = annotation.type();
+        if (type == DePermissionType.DATASOURCE) {
+            sourceTypeValue = 1;
+        }
+        if (type == DePermissionType.DATASET) {
+            sourceTypeValue = 2;
+        }
+        if (type == DePermissionType.PANEL) {
+            sourceTypeValue = 3;
+        }
+        String name = arg.toString();
+        if (sourceTypeValue > 0) {
+            FolderItem sourceInfo = logManager.nameWithId(arg.toString(), sourceTypeValue);
+            if (ObjectUtils.isNotEmpty(sourceInfo))
+                name = StringUtils.isNotBlank(sourceInfo.getName()) ? sourceInfo.getName() : arg.toString();
+        }
+        String msg = Translator.get("I18N_NO_PERMISSION") + "[" + Translator.get("I18N_" + annotation.level().name()) + ": " + Translator.get("SOURCE_TYPE_" + annotation.type().name()) + ": " + name + "]," + Translator.get("I18N_PLEASE_CONCAT_ADMIN");
+        return msg;
+    }
 }

backend/src/main/java/io/dataease/auth/aop/DePermissionProxyHandler.java

@@ -44,7 +44,6 @@ public class DePermissionProxyHandler {
             return point.proceed(args);
         } catch (Throwable throwable) {
             LogUtil.error(throwable.getMessage(), throwable);
-            /* throw new RuntimeException(throwable.getMessage()); */
             DataEaseException.throwException(throwable);
         } finally {
             AuthUtils.cleanProxyUser();

backend/src/main/java/io/dataease/controller/sys/SystemParameterController.java

@@ -68,11 +68,12 @@ public class SystemParameterController {
     @RequiresPermissions("sysparam:read")
     @PostMapping("/edit/basic")
     public CasSaveResult editBasic(@RequestBody List<SystemParameter> systemParameter) {
-        int timeout = Integer.parseInt(systemParameter.stream().filter(
-                parameter -> parameter.getParamKey().equals("basic.frontTimeOut")
-        ).findFirst().get().getParamValue());
-        if (timeout < 0 || timeout > 300) { //增加了合法性检验
-            throw new NumberFormatException("Timeout Range Error!");
+        String value = systemParameter.stream().filter(parameter -> parameter.getParamKey().equals("basic.frontTimeOut")).findFirst().get().getParamValue();
+        if (StringUtils.isNotBlank(value)) {
+            int timeout = Integer.parseInt(value);
+            if (timeout < 0 || timeout > 300) { //增加了合法性检验
+                throw new NumberFormatException("Timeout Range Error!");
+            }
         }
         return systemParameterService.editBasic(systemParameter);
     }

backend/src/main/java/io/dataease/service/chart/ChartViewFieldService.java

@@ -63,6 +63,12 @@ public class ChartViewFieldService {
         chartViewFieldMapper.deleteByExample(chartViewFieldExample);
     }
 
+    public void deleteByChartIds(List<String> chartIds) {
+        ChartViewFieldExample chartViewFieldExample = new ChartViewFieldExample();
+        chartViewFieldExample.createCriteria().andChartIdIn(chartIds);
+        chartViewFieldMapper.deleteByExample(chartViewFieldExample);
+    }
+
     public void checkFieldName(ChartViewField chartViewField) {
         if (StringUtils.isNotEmpty(chartViewField.getName()) && StringUtils.isNotEmpty(chartViewField.getChartId())) {
             ChartViewFieldExample chartViewFieldExample = new ChartViewFieldExample();
@@ -77,4 +83,17 @@ public class ChartViewFieldService {
             }
         }
     }
+
+    public void copyField(String sourceChartId, String targetChartId) {
+        ChartViewFieldExample chartViewFieldExample = new ChartViewFieldExample();
+        chartViewFieldExample.createCriteria().andChartIdEqualTo(sourceChartId);
+        List<ChartViewField> chartViewFields = chartViewFieldMapper.selectByExampleWithBLOBs(chartViewFieldExample);
+        if (CollectionUtils.isNotEmpty(chartViewFields)) {
+            for (ChartViewField field : chartViewFields) {
+                field.setId(null);
+                field.setChartId(targetChartId);
+                save(field);
+            }
+        }
+    }
 }

backend/src/main/java/io/dataease/service/chart/ChartViewService.java

@@ -103,6 +103,8 @@ public class ChartViewService {
     private ExtPanelGroupExtendDataMapper extPanelGroupExtendDataMapper;
     @Resource
     private ChartViewCacheService chartViewCacheService;
+    @Resource
+    private ChartViewFieldService chartViewFieldService;
 
 
     //默认使用非公平
@@ -450,7 +452,7 @@ public class ChartViewService {
                     datasourceRequest.setQuery(qp.getSQL(dataTableInfoDTO.getTable(), xAxis, yAxis, fieldCustomFilter, extFilterList, ds, view));
                 }
             } else if (StringUtils.equalsIgnoreCase(table.getType(), DatasetType.SQL.name())) {
-                String sql =  dataTableInfoDTO.getSql();
+                String sql = dataTableInfoDTO.getSql();
                 sql = handleVariable(sql, requestList);
                 if (StringUtils.equalsIgnoreCase("text", view.getType()) || StringUtils.equalsIgnoreCase("gauge", view.getType()) || StringUtils.equalsIgnoreCase("liquid", view.getType())) {
                     datasourceRequest.setQuery(qp.getSQLSummaryAsTmp(sql, yAxis, fieldCustomFilter, extFilterList, view));
@@ -821,7 +823,7 @@ public class ChartViewService {
                     datasourceRequest.setQuery(qp.getSQL(dataTableInfoDTO.getTable(), xAxis, yAxis, fieldCustomFilter, extFilterList, ds, view));
                 }
             } else if (StringUtils.equalsIgnoreCase(table.getType(), DatasetType.SQL.name())) {
-                String sql =  dataTableInfoDTO.getSql();
+                String sql = dataTableInfoDTO.getSql();
                 sql = handleVariable(sql, requestList);
                 if (StringUtils.equalsIgnoreCase("text", view.getType()) || StringUtils.equalsIgnoreCase("gauge", view.getType()) || StringUtils.equalsIgnoreCase("liquid", view.getType())) {
                     datasourceRequest.setQuery(qp.getSQLSummaryAsTmp(sql, yAxis, fieldCustomFilter, extFilterList, view));
@@ -1344,6 +1346,7 @@ public class ChartViewService {
         extChartViewMapper.copyCache(sourceViewId, newViewId);
         extPanelGroupExtendDataMapper.copyExtendData(sourceViewId, newViewId, panelId);
         chartViewCacheService.refreshCache(newViewId);
+        chartViewFieldService.copyField(sourceViewId, newViewId);
         return newViewId;
     }
 
@@ -1492,17 +1495,17 @@ public class ChartViewService {
         chartViewMapper.updateByPrimaryKeySelective(chartView);
     }
 
-    private String handleVariable(String sql, ChartExtRequest requestList)throws Exception{
-        if(requestList !=null &&CollectionUtils.isNotEmpty(requestList.getFilter()) ){
+    private String handleVariable(String sql, ChartExtRequest requestList) throws Exception {
+        if (requestList != null && CollectionUtils.isNotEmpty(requestList.getFilter())) {
             for (ChartExtFilterRequest chartExtFilterRequest : requestList.getFilter()) {
-                if(CollectionUtils.isEmpty(chartExtFilterRequest.getValue())){
+                if (CollectionUtils.isEmpty(chartExtFilterRequest.getValue())) {
                     continue;
                 }
-                if(chartExtFilterRequest.getValue().size() > 1){
+                if (chartExtFilterRequest.getValue().size() > 1) {
                     for (String parameter : chartExtFilterRequest.getParameters()) {
                         sql = sql.replace("${" + parameter + "}", String.join(",", chartExtFilterRequest.getValue()));
                     }
-                }else {
+                } else {
                     for (String parameter : chartExtFilterRequest.getParameters()) {
                         sql = sql.replace("${" + parameter + "}", chartExtFilterRequest.getValue().get(0));
                     }

backend/src/main/java/io/dataease/service/chart/ViewPluginBaseServiceImpl.java

@@ -107,6 +107,7 @@ public class ViewPluginBaseServiceImpl implements ViewPluginBaseService {
                     break;
                 case SQL:
                     tableName = dataSetTableService.handleVariableDefaultValue(dataTableInfoDTO.getSql(), pluginViewSet.getSqlVariableDetails());
+                    tableName = "(" + tableName + ")";
                     break;
                 case CUSTOM:
                     List<DataSetTableUnionDTO> list = dataSetTableUnionService.listByTableId(dataTableInfoDTO.getList().get(0).getTableId());

backend/src/main/resources/i18n/messages_en_US.properties

@@ -163,3 +163,28 @@ i18n_user_not_exist=user does not exist
 i18n_default_login_reset=Switched back to default login mode
 
 
+
+I18N_COMMON_LEVEL_USE=Consult
+
+I18N_PANNEL_LEVEL_VIEW=Consult
+I18N_PANNEL_LEVEL_EXPORT=Export
+I18N_PANNEL_LEVEL_MANAGE=Manage
+I18N_PANNEL_LEVEL_GRANT=Grant
+
+I18N_DATASET_LEVEL_USE=Consult
+I18N_DATASET_LEVEL_MANAGE=Manage
+I18N_DATASET_LEVEL_GRANT=Grant
+
+I18N_LINK_LEVEL_USE=Consult
+I18N_LINK_LEVEL_MANAGE=Manage
+I18N_LINK_LEVEL_GRANT=Grant
+
+I18N_DATASOURCE_LEVEL_USE=Consult
+I18N_DATASOURCE_LEVEL_MANAGE=Manage
+I18N_DATASOURCE_LEVEL_GRANT=Grant
+
+I18N_NO_PERMISSION=You do not have permission to 
+
+I18N_PLEASE_CONCAT_ADMIN=Please contact the administrator for authorization
+
+

backend/src/main/resources/i18n/messages_zh_CN.properties

@@ -166,4 +166,27 @@ i18n_not_admin_error=不是管理员账号
 
 i18n_user_not_exist=用户不存在
 
-i18n_default_login_reset=已切换回默认登录方式
+i18n_default_login_reset=已切换回默认登录方式
+
+I18N_COMMON_LEVEL_USE=查看
+
+I18N_PANNEL_LEVEL_VIEW=查看
+I18N_PANNEL_LEVEL_EXPORT=导出
+I18N_PANNEL_LEVEL_MANAGE=管理
+I18N_PANNEL_LEVEL_GRANT=授权
+
+I18N_DATASET_LEVEL_USE=查看
+I18N_DATASET_LEVEL_MANAGE=管理
+I18N_DATASET_LEVEL_GRANT=授权
+
+I18N_LINK_LEVEL_USE=查看
+I18N_LINK_LEVEL_MANAGE=管理
+I18N_LINK_LEVEL_GRANT=授权
+
+I18N_DATASOURCE_LEVEL_USE=查看
+I18N_DATASOURCE_LEVEL_MANAGE=管理
+I18N_DATASOURCE_LEVEL_GRANT=授权
+
+I18N_NO_PERMISSION=当前用户没有权限
+
+I18N_PLEASE_CONCAT_ADMIN=请联系管理员开通

backend/src/main/resources/i18n/messages_zh_TW.properties

@@ -159,4 +159,29 @@ I18N_DRIVER_NOT_FOUND=未找到驅動
 
 i18n_not_admin_error=不是管理員賬號
 i18n_user_not_exist=用戶不存在
-i18n_default_login_reset=已切換回默認登錄方式
+i18n_default_login_reset=已切換回默認登錄方式
+
+
+
+I18N_COMMON_LEVEL_USE=查看
+
+I18N_PANNEL_LEVEL_VIEW=查看
+I18N_PANNEL_LEVEL_EXPORT=導出
+I18N_PANNEL_LEVEL_MANAGE=管理
+I18N_PANNEL_LEVEL_GRANT=授權
+
+I18N_DATASET_LEVEL_USE=查看
+I18N_DATASET_LEVEL_MANAGE=管理
+I18N_DATASET_LEVEL_GRANT=授權
+
+I18N_LINK_LEVEL_USE=查看
+I18N_LINK_LEVEL_MANAGE=管理
+I18N_LINK_LEVEL_GRANT=授權
+
+I18N_DATASOURCE_LEVEL_USE=查看
+I18N_DATASOURCE_LEVEL_MANAGE=管理
+I18N_DATASOURCE_LEVEL_GRANT=授權
+
+I18N_NO_PERMISSION=當前用戶沒有權限
+
+I18N_PLEASE_CONCAT_ADMIN=請聯系管理員開通