From 47f9ca83bc09bc613b0eece98bc78548b269e30d Mon Sep 17 00:00:00 2001
From: taojinlong <jinlong@fit2cloud.com>
Date: Thu, 30 Dec 2021 14:50:08 +0800
Subject: [PATCH] =?UTF-8?q?fix:=20=E6=9E=9A=E4=B8=BE=E5=80=BC=E6=8E=A5?=
 =?UTF-8?q?=E5=8F=A3=E6=94=AF=E6=8C=81=E8=A1=8C=E6=9D=83=E9=99=90?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../dataease/auth/filter/F2CLinkFilter.java   |  2 +-
 .../auth/service/impl/ShiroServiceImpl.java   |  2 +-
 .../dataset/DataSetTableFieldController.java  | 26 +++++++++++----
 .../controller/panel/server/LinkServer.java   | 11 +++++++
 .../dataset/MultFieldValuesRequest.java       | 12 +++++++
 .../service/dataset/DataSetFieldService.java  |  2 +-
 .../service/dataset/DataSetTableService.java  | 32 ++++++++++++-------
 .../impl/direct/DirectFieldService.java       |  4 +--
 frontend/src/api/dataset/dataset.js           |  9 ++++++
 .../components/widget/DeWidget/DeSelect.vue   | 20 ++++++++++--
 .../widget/DeWidget/DeSelectGrid.vue          | 21 +++++++++---
 .../components/filter/ResultFilterEditor.vue  |  2 +-
 12 files changed, 111 insertions(+), 32 deletions(-)
 create mode 100644 backend/src/main/java/io/dataease/controller/request/dataset/MultFieldValuesRequest.java

diff --git a/backend/src/main/java/io/dataease/auth/filter/F2CLinkFilter.java b/backend/src/main/java/io/dataease/auth/filter/F2CLinkFilter.java
index 9d712977a6..dd47d1ff7a 100644
--- a/backend/src/main/java/io/dataease/auth/filter/F2CLinkFilter.java
+++ b/backend/src/main/java/io/dataease/auth/filter/F2CLinkFilter.java
@@ -16,7 +16,7 @@ import javax.servlet.http.HttpServletRequest;
 
 public class F2CLinkFilter extends AnonymousFilter {
 
-    private static final String LINK_TOKEN_KEY = "LINK-PWD-TOKEN";
+    public static final String LINK_TOKEN_KEY = "LINK-PWD-TOKEN";
 
     @Override
     protected boolean onPreHandle(ServletRequest request, ServletResponse response, Object mappedValue) {
diff --git a/backend/src/main/java/io/dataease/auth/service/impl/ShiroServiceImpl.java b/backend/src/main/java/io/dataease/auth/service/impl/ShiroServiceImpl.java
index 9ce092b0e1..b7ba1436f4 100644
--- a/backend/src/main/java/io/dataease/auth/service/impl/ShiroServiceImpl.java
+++ b/backend/src/main/java/io/dataease/auth/service/impl/ShiroServiceImpl.java
@@ -50,7 +50,6 @@ public class ShiroServiceImpl implements ShiroService {
         filterChainDefinitionMap.put("/api/link/validate**", ANON);
         filterChainDefinitionMap.put("/api/map/areaEntitys/**", ANON);
         filterChainDefinitionMap.put("/dataset/field/fieldValues/**", ANON);
-        filterChainDefinitionMap.put("/dataset/field/multFieldValues", ANON);
         filterChainDefinitionMap.put("/linkJump/queryPanelJumpInfo/**", ANON);
 
         filterChainDefinitionMap.put("/tempMobileLink/**", ANON);
@@ -84,6 +83,7 @@ public class ShiroServiceImpl implements ShiroService {
 
         filterChainDefinitionMap.put("/api/link/resourceDetail/**", "link");
         filterChainDefinitionMap.put("/api/link/viewDetail/**", "link");
+        filterChainDefinitionMap.put("/dataset/field/linkMultFieldValues", ANON);
 
         filterChainDefinitionMap.put("/**", "authc");
 
diff --git a/backend/src/main/java/io/dataease/controller/dataset/DataSetTableFieldController.java b/backend/src/main/java/io/dataease/controller/dataset/DataSetTableFieldController.java
index 897dbe3354..7ac5c1e2ad 100644
--- a/backend/src/main/java/io/dataease/controller/dataset/DataSetTableFieldController.java
+++ b/backend/src/main/java/io/dataease/controller/dataset/DataSetTableFieldController.java
@@ -1,7 +1,11 @@
 package io.dataease.controller.dataset;
 
+import com.auth0.jwt.JWT;
+import com.auth0.jwt.interfaces.DecodedJWT;
 import com.github.xiaoymin.knife4j.annotations.ApiSupport;
+import io.dataease.auth.filter.F2CLinkFilter;
 import io.dataease.base.domain.DatasetTableField;
+import io.dataease.controller.request.dataset.MultFieldValuesRequest;
 import io.dataease.controller.response.DatasetTableField4Type;
 import io.dataease.service.dataset.DataSetFieldService;
 import io.dataease.service.dataset.DataSetTableFieldsService;
@@ -10,8 +14,11 @@ import io.swagger.annotations.ApiOperation;
 import org.apache.commons.lang3.ObjectUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.web.bind.annotation.*;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
 
 import javax.annotation.Resource;
+import javax.servlet.http.HttpServletRequest;
 import java.util.ArrayList;
 import java.util.Comparator;
 import java.util.List;
@@ -75,18 +82,23 @@ public class DataSetTableFieldController {
         dataSetTableFieldsService.delete(id);
     }
 
-    @ApiOperation("值枚举")
-    @PostMapping("fieldValues/{fieldId}")
-    public List<Object> fieldValues(@PathVariable String fieldId) throws Exception {
-        return dataSetFieldService.fieldValues(fieldId);
+    @ApiOperation("多字段值枚举")
+    @PostMapping("linkMultFieldValues")
+    public List<Object> linkMultFieldValues(@RequestBody MultFieldValuesRequest multFieldValuesRequest) throws Exception {
+        HttpServletRequest request =((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest();
+        String linkToken = request.getHeader(F2CLinkFilter.LINK_TOKEN_KEY);
+        DecodedJWT jwt = JWT.decode(linkToken);
+        Long userId = jwt.getClaim("userId").asLong();
+        multFieldValuesRequest.setUserId(userId);
+        return multFieldValues(multFieldValuesRequest);
     }
 
     @ApiOperation("多字段值枚举")
     @PostMapping("multFieldValues")
-    public List<Object> multFieldValues(@RequestBody List<String> fieldIds) throws Exception {
+    public List<Object> multFieldValues(@RequestBody MultFieldValuesRequest multFieldValuesRequest) throws Exception {
         List<Object> results = new ArrayList<>();
-        for (String fieldId : fieldIds) {
-            results.addAll(dataSetFieldService.fieldValues(fieldId));
+        for (String fieldId : multFieldValuesRequest.getFieldIds()) {
+            results.addAll(dataSetFieldService.fieldValues(fieldId, multFieldValuesRequest.getUserId()));
         }
         ArrayList<Object> list = results.stream().collect(
                 Collectors.collectingAndThen(
diff --git a/backend/src/main/java/io/dataease/controller/panel/server/LinkServer.java b/backend/src/main/java/io/dataease/controller/panel/server/LinkServer.java
index ad2ad807d1..43ab59b9a0 100644
--- a/backend/src/main/java/io/dataease/controller/panel/server/LinkServer.java
+++ b/backend/src/main/java/io/dataease/controller/panel/server/LinkServer.java
@@ -1,6 +1,9 @@
 package io.dataease.controller.panel.server;
 
 
+import com.auth0.jwt.JWT;
+import com.auth0.jwt.interfaces.DecodedJWT;
+import io.dataease.auth.filter.F2CLinkFilter;
 import io.dataease.base.domain.PanelLink;
 import io.dataease.controller.panel.api.LinkApi;
 import io.dataease.controller.request.chart.ChartExtRequest;
@@ -14,8 +17,11 @@ import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RestController;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
 
 import javax.annotation.Resource;
+import javax.servlet.http.HttpServletRequest;
 import java.net.URLDecoder;
 import java.util.Map;
 
@@ -91,6 +97,11 @@ public class LinkServer implements LinkApi {
 
     @Override
     public Object viewDetail(String viewId, ChartExtRequest requestList) throws Exception {
+        HttpServletRequest request =((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest();
+        String linkToken = request.getHeader(F2CLinkFilter.LINK_TOKEN_KEY);
+        DecodedJWT jwt = JWT.decode(linkToken);
+        Long userId = jwt.getClaim("userId").asLong();
+        requestList.setUser(userId);
         return chartViewService.getData(viewId, requestList);
     }
 
diff --git a/backend/src/main/java/io/dataease/controller/request/dataset/MultFieldValuesRequest.java b/backend/src/main/java/io/dataease/controller/request/dataset/MultFieldValuesRequest.java
new file mode 100644
index 0000000000..c5e98eb02b
--- /dev/null
+++ b/backend/src/main/java/io/dataease/controller/request/dataset/MultFieldValuesRequest.java
@@ -0,0 +1,12 @@
+package io.dataease.controller.request.dataset;
+
+import lombok.Data;
+
+import java.util.ArrayList;
+import java.util.List;
+
+@Data
+public class MultFieldValuesRequest {
+    List<String> fieldIds = new ArrayList<>();
+    Long userId= null;
+}
diff --git a/backend/src/main/java/io/dataease/service/dataset/DataSetFieldService.java b/backend/src/main/java/io/dataease/service/dataset/DataSetFieldService.java
index 221cc6f3b7..8f8a178dcf 100644
--- a/backend/src/main/java/io/dataease/service/dataset/DataSetFieldService.java
+++ b/backend/src/main/java/io/dataease/service/dataset/DataSetFieldService.java
@@ -5,5 +5,5 @@ import java.util.List;
 
 public interface DataSetFieldService {
 
-    List<Object> fieldValues(String fieldId) throws Exception;
+    List<Object> fieldValues(String fieldId, Long userId) throws Exception;
 }
diff --git a/backend/src/main/java/io/dataease/service/dataset/DataSetTableService.java b/backend/src/main/java/io/dataease/service/dataset/DataSetTableService.java
index 3dfc4411a5..734682dbc1 100644
--- a/backend/src/main/java/io/dataease/service/dataset/DataSetTableService.java
+++ b/backend/src/main/java/io/dataease/service/dataset/DataSetTableService.java
@@ -456,17 +456,18 @@ public class DataSetTableService {
         }
         RowPermissionService rowPermissionService = SpringContextUtil.getBean(RowPermissionService.class);
         CurrentUserDto user = AuthUtils.getUser();
-        List<Long> roleIds;
-        Long deptId;
+        List<Long> roleIds = new ArrayList<>();
+        Long deptId = null;
 
-        if(user == null){
-            SysUserEntity userEntity = authUserService.getUserById(userId);
-            if(userEntity.getIsAdmin()){
-                return datasetRowPermissions;
-            }
-            deptId = userEntity.getDeptId();
-            roleIds = authUserService.roles(userId).stream().map(r -> Long.valueOf(r)).collect(Collectors.toList());
-        }else {
+        if(user == null && userId == null ){
+            return datasetRowPermissions;
+        }
+
+        if(user != null && userId != null ){
+            return datasetRowPermissions;
+        }
+
+        if(user != null){
             if(user.getIsAdmin()){
                 return datasetRowPermissions;
             }
@@ -474,7 +475,16 @@ public class DataSetTableService {
             deptId = user.getDeptId();
             roleIds = user.getRoles().stream().map(CurrentRoleDto::getId).collect(Collectors.toList());
         }
-        userId = user != null ? user.getUserId() : userId;
+
+        if(userId != null){
+            SysUserEntity userEntity = authUserService.getUserById(userId);
+            if(userEntity.getIsAdmin()){
+                return datasetRowPermissions;
+            }
+            deptId = userEntity.getDeptId();
+            roleIds = authUserService.roles(userId).stream().map(r -> Long.valueOf(r)).collect(Collectors.toList());
+        }
+
 
         DataSetRowPermissionsDTO dataSetRowPermissionsDTO = new DataSetRowPermissionsDTO();
         dataSetRowPermissionsDTO.setDatasetId(datasetId);
diff --git a/backend/src/main/java/io/dataease/service/dataset/impl/direct/DirectFieldService.java b/backend/src/main/java/io/dataease/service/dataset/impl/direct/DirectFieldService.java
index 7c1509249a..60eb7ac073 100644
--- a/backend/src/main/java/io/dataease/service/dataset/impl/direct/DirectFieldService.java
+++ b/backend/src/main/java/io/dataease/service/dataset/impl/direct/DirectFieldService.java
@@ -42,7 +42,7 @@ public class DirectFieldService implements DataSetFieldService {
     private DataSetTableUnionService dataSetTableUnionService;
 
     @Override
-    public List<Object> fieldValues(String fieldId) throws Exception{
+    public List<Object> fieldValues(String fieldId, Long userId) throws Exception{
         List<DatasetTableField> list = dataSetTableFieldsService.getListByIds(new ArrayList<String>() {{
             add(fieldId);
         }});
@@ -58,7 +58,7 @@ public class DirectFieldService implements DataSetFieldService {
 
         DatasetTableField datasetTableField = DatasetTableField.builder().tableId(tableId).checked(Boolean.TRUE).build();
         List<DatasetTableField> fields = dataSetTableFieldsService.list(datasetTableField);
-        List<ChartFieldCustomFilterDTO> customFilter = dataSetTableService.getCustomFilters(fields, datasetTable, null);
+        List<ChartFieldCustomFilterDTO> customFilter = dataSetTableService.getCustomFilters(fields, datasetTable, userId);
 
         DatasourceRequest datasourceRequest = new DatasourceRequest();
         DatasourceProvider datasourceProvider = null;
diff --git a/frontend/src/api/dataset/dataset.js b/frontend/src/api/dataset/dataset.js
index e83de03eaf..f177d0683a 100644
--- a/frontend/src/api/dataset/dataset.js
+++ b/frontend/src/api/dataset/dataset.js
@@ -146,6 +146,15 @@ export function multFieldValues(data) {
   })
 }
 
+export function linkMultFieldValues(data) {
+  return request({
+    url: '/dataset/field/linkMultFieldValues',
+    method: 'post',
+    loading: true,
+    data
+  })
+}
+
 export function isKettleRunning(showLoading = true) {
   return request({
     url: '/dataset/group/isKettleRunning',
diff --git a/frontend/src/components/widget/DeWidget/DeSelect.vue b/frontend/src/components/widget/DeWidget/DeSelect.vue
index a5b27fd0c6..6b1fc62d28 100644
--- a/frontend/src/components/widget/DeWidget/DeSelect.vue
+++ b/frontend/src/components/widget/DeWidget/DeSelect.vue
@@ -28,8 +28,9 @@
 </template>
 
 <script>
-import { multFieldValues } from '@/api/dataset/dataset'
+import { multFieldValues, linkMultFieldValues} from '@/api/dataset/dataset'
 import bus from '@/utils/bus'
+import {getLinkToken, getToken} from "@/utils/auth";
 export default {
 
   props: {
@@ -85,9 +86,16 @@ export default {
     'element.options.attrs.fieldId': function(value, old) {
       if (typeof value === 'undefined' || value === old) return
       this.datas = []
+
+      let method =  multFieldValues
+      const token = this.$store.getters.token || getToken()
+      const linkToken = this.$store.getters.linkToken || getLinkToken()
+      if (!token && linkToken) {
+        method = linkMultFieldValues
+      }
       this.element.options.attrs.fieldId &&
       this.element.options.attrs.fieldId.length > 0 &&
-      multFieldValues(this.element.options.attrs.fieldId.split(',')).then(res => {
+      method({fieldIds: this.element.options.attrs.fieldId.split(',')}).then(res => {
         this.datas = this.optionDatas(res.data)
       }) || (this.element.options.value = '')
     },
@@ -124,7 +132,13 @@ export default {
       this.value = this.fillValueDerfault()
       this.datas = []
       if (this.element.options.attrs.fieldId) {
-        multFieldValues(this.element.options.attrs.fieldId.split(',')).then(res => {
+        let method =  multFieldValues
+        const token = this.$store.getters.token || getToken()
+        const linkToken = this.$store.getters.linkToken || getLinkToken()
+        if (!token && linkToken) {
+          method = linkMultFieldValues
+        }
+        method({fieldIds: this.element.options.attrs.fieldId.split(',')}).then(res => {
           this.datas = this.optionDatas(res.data)
         })
       }
diff --git a/frontend/src/components/widget/DeWidget/DeSelectGrid.vue b/frontend/src/components/widget/DeWidget/DeSelectGrid.vue
index ac80659665..5b4e518617 100644
--- a/frontend/src/components/widget/DeWidget/DeSelectGrid.vue
+++ b/frontend/src/components/widget/DeWidget/DeSelectGrid.vue
@@ -36,9 +36,8 @@
 </template>
 
 <script>
-import {
-  multFieldValues
-} from '@/api/dataset/dataset'
+import {multFieldValues, linkMultFieldValues} from '@/api/dataset/dataset'
+import {getLinkToken, getToken} from "@/utils/auth";
 export default {
 
   props: {
@@ -110,9 +109,15 @@ export default {
     'element.options.attrs.fieldId': function(value, old) {
       if (typeof value === 'undefined' || value === old) return
       this.datas = []
+      let method =  multFieldValues
+      const token = this.$store.getters.token || getToken()
+      const linkToken = this.$store.getters.linkToken || getLinkToken()
+      if (!token && linkToken) {
+        method = linkMultFieldValues
+      }
       this.element.options.attrs.fieldId &&
           this.element.options.attrs.fieldId.length > 0 &&
-          multFieldValues(this.element.options.attrs.fieldId.split(',')).then(res => {
+      method({fieldIds: this.element.options.attrs.fieldId.split(',')}).then(res => {
             this.datas = this.optionDatas(res.data)
           }) || (this.element.options.value = '')
     },
@@ -137,7 +142,13 @@ export default {
     initLoad() {
       this.value = this.element.options.attrs.multiple ? [] : null
       if (this.element.options.attrs.fieldId) {
-        multFieldValues(this.element.options.attrs.fieldId.split(',')).then(res => {
+        let method = multFieldValues
+        const token = this.$store.getters.token || getToken()
+        const linkToken = this.$store.getters.linkToken || getLinkToken()
+        if (!token && linkToken) {
+          method = linkMultFieldValues
+        }
+        method({fieldIds: this.element.options.attrs.fieldId.split(',')}).then(res => {
           this.datas = this.optionDatas(res.data)
           if (this.element.options.attrs.multiple) {
             this.checkAll = this.value.length === this.datas.length
diff --git a/frontend/src/views/chart/components/filter/ResultFilterEditor.vue b/frontend/src/views/chart/components/filter/ResultFilterEditor.vue
index a66475671f..39ace163e8 100644
--- a/frontend/src/views/chart/components/filter/ResultFilterEditor.vue
+++ b/frontend/src/views/chart/components/filter/ResultFilterEditor.vue
@@ -239,7 +239,7 @@ export default {
     initEnumOptions() {
       // 查找枚举值
       if (this.item.deType === 0 || this.item.deType === 5) {
-        multFieldValues([this.item.id]).then(res => {
+        multFieldValues({fieldIds: [this.item.id]}).then(res => {
           this.fieldOptions = this.optionDatas(res.data)
         })
       }