fix: 枚举值接口支持行权限

backend/src/main/java/io/dataease/auth/filter/F2CLinkFilter.java

@@ -16,7 +16,7 @@ import javax.servlet.http.HttpServletRequest;
 
 public class F2CLinkFilter extends AnonymousFilter {
 
-    private static final String LINK_TOKEN_KEY = "LINK-PWD-TOKEN";
+    public static final String LINK_TOKEN_KEY = "LINK-PWD-TOKEN";
 
     @Override
     protected boolean onPreHandle(ServletRequest request, ServletResponse response, Object mappedValue) {

backend/src/main/java/io/dataease/auth/service/impl/ShiroServiceImpl.java

@@ -50,7 +50,6 @@ public class ShiroServiceImpl implements ShiroService {
         filterChainDefinitionMap.put("/api/link/validate**", ANON);
         filterChainDefinitionMap.put("/api/map/areaEntitys/**", ANON);
         filterChainDefinitionMap.put("/dataset/field/fieldValues/**", ANON);
-        filterChainDefinitionMap.put("/dataset/field/multFieldValues", ANON);
         filterChainDefinitionMap.put("/linkJump/queryPanelJumpInfo/**", ANON);
 
         filterChainDefinitionMap.put("/tempMobileLink/**", ANON);
@@ -84,6 +83,7 @@ public class ShiroServiceImpl implements ShiroService {
 
         filterChainDefinitionMap.put("/api/link/resourceDetail/**", "link");
         filterChainDefinitionMap.put("/api/link/viewDetail/**", "link");
+        filterChainDefinitionMap.put("/dataset/field/linkMultFieldValues", ANON);
 
         filterChainDefinitionMap.put("/**", "authc");
 

backend/src/main/java/io/dataease/controller/dataset/DataSetTableFieldController.java

@@ -1,7 +1,11 @@
 package io.dataease.controller.dataset;
 
+import com.auth0.jwt.JWT;
+import com.auth0.jwt.interfaces.DecodedJWT;
 import com.github.xiaoymin.knife4j.annotations.ApiSupport;
+import io.dataease.auth.filter.F2CLinkFilter;
 import io.dataease.base.domain.DatasetTableField;
+import io.dataease.controller.request.dataset.MultFieldValuesRequest;
 import io.dataease.controller.response.DatasetTableField4Type;
 import io.dataease.service.dataset.DataSetFieldService;
 import io.dataease.service.dataset.DataSetTableFieldsService;
@@ -10,8 +14,11 @@ import io.swagger.annotations.ApiOperation;
 import org.apache.commons.lang3.ObjectUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.web.bind.annotation.*;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
 
 import javax.annotation.Resource;
+import javax.servlet.http.HttpServletRequest;
 import java.util.ArrayList;
 import java.util.Comparator;
 import java.util.List;
@@ -75,18 +82,23 @@ public class DataSetTableFieldController {
         dataSetTableFieldsService.delete(id);
     }
 
-    @ApiOperation("值枚举")
-    @PostMapping("fieldValues/{fieldId}")
-    public List<Object> fieldValues(@PathVariable String fieldId) throws Exception {
-        return dataSetFieldService.fieldValues(fieldId);
+    @ApiOperation("多字段值枚举")
+    @PostMapping("linkMultFieldValues")
+    public List<Object> linkMultFieldValues(@RequestBody MultFieldValuesRequest multFieldValuesRequest) throws Exception {
+        HttpServletRequest request =((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest();
+        String linkToken = request.getHeader(F2CLinkFilter.LINK_TOKEN_KEY);
+        DecodedJWT jwt = JWT.decode(linkToken);
+        Long userId = jwt.getClaim("userId").asLong();
+        multFieldValuesRequest.setUserId(userId);
+        return multFieldValues(multFieldValuesRequest);
     }
 
     @ApiOperation("多字段值枚举")
     @PostMapping("multFieldValues")
-    public List<Object> multFieldValues(@RequestBody List<String> fieldIds) throws Exception {
+    public List<Object> multFieldValues(@RequestBody MultFieldValuesRequest multFieldValuesRequest) throws Exception {
         List<Object> results = new ArrayList<>();
-        for (String fieldId : fieldIds) {
-            results.addAll(dataSetFieldService.fieldValues(fieldId));
+        for (String fieldId : multFieldValuesRequest.getFieldIds()) {
+            results.addAll(dataSetFieldService.fieldValues(fieldId, multFieldValuesRequest.getUserId()));
         }
         ArrayList<Object> list = results.stream().collect(
                 Collectors.collectingAndThen(

backend/src/main/java/io/dataease/controller/panel/server/LinkServer.java

@@ -1,6 +1,9 @@
 package io.dataease.controller.panel.server;
 
 
+import com.auth0.jwt.JWT;
+import com.auth0.jwt.interfaces.DecodedJWT;
+import io.dataease.auth.filter.F2CLinkFilter;
 import io.dataease.base.domain.PanelLink;
 import io.dataease.controller.panel.api.LinkApi;
 import io.dataease.controller.request.chart.ChartExtRequest;
@@ -14,8 +17,11 @@ import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RestController;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
 
 import javax.annotation.Resource;
+import javax.servlet.http.HttpServletRequest;
 import java.net.URLDecoder;
 import java.util.Map;
 
@@ -91,6 +97,11 @@ public class LinkServer implements LinkApi {
 
     @Override
     public Object viewDetail(String viewId, ChartExtRequest requestList) throws Exception {
+        HttpServletRequest request =((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest();
+        String linkToken = request.getHeader(F2CLinkFilter.LINK_TOKEN_KEY);
+        DecodedJWT jwt = JWT.decode(linkToken);
+        Long userId = jwt.getClaim("userId").asLong();
+        requestList.setUser(userId);
         return chartViewService.getData(viewId, requestList);
     }
 

backend/src/main/java/io/dataease/controller/request/dataset/MultFieldValuesRequest.java

@@ -0,0 +1,12 @@
+package io.dataease.controller.request.dataset;
+
+import lombok.Data;
+
+import java.util.ArrayList;
+import java.util.List;
+
+@Data
+public class MultFieldValuesRequest {
+    List<String> fieldIds = new ArrayList<>();
+    Long userId= null;
+}

backend/src/main/java/io/dataease/service/dataset/DataSetFieldService.java

@@ -5,5 +5,5 @@ import java.util.List;
 
 public interface DataSetFieldService {
 
-    List<Object> fieldValues(String fieldId) throws Exception;
+    List<Object> fieldValues(String fieldId, Long userId) throws Exception;
 }

backend/src/main/java/io/dataease/service/dataset/DataSetTableService.java

@@ -456,17 +456,18 @@ public class DataSetTableService {
         }
         RowPermissionService rowPermissionService = SpringContextUtil.getBean(RowPermissionService.class);
         CurrentUserDto user = AuthUtils.getUser();
-        List<Long> roleIds;
-        Long deptId;
+        List<Long> roleIds = new ArrayList<>();
+        Long deptId = null;
 
-        if(user == null){
-            SysUserEntity userEntity = authUserService.getUserById(userId);
-            if(userEntity.getIsAdmin()){
-                return datasetRowPermissions;
-            }
-            deptId = userEntity.getDeptId();
-            roleIds = authUserService.roles(userId).stream().map(r -> Long.valueOf(r)).collect(Collectors.toList());
-        }else {
+        if(user == null && userId == null ){
+            return datasetRowPermissions;
+        }
+
+        if(user != null && userId != null ){
+            return datasetRowPermissions;
+        }
+
+        if(user != null){
             if(user.getIsAdmin()){
                 return datasetRowPermissions;
             }
@@ -474,7 +475,16 @@ public class DataSetTableService {
             deptId = user.getDeptId();
             roleIds = user.getRoles().stream().map(CurrentRoleDto::getId).collect(Collectors.toList());
         }
-        userId = user != null ? user.getUserId() : userId;
+
+        if(userId != null){
+            SysUserEntity userEntity = authUserService.getUserById(userId);
+            if(userEntity.getIsAdmin()){
+                return datasetRowPermissions;
+            }
+            deptId = userEntity.getDeptId();
+            roleIds = authUserService.roles(userId).stream().map(r -> Long.valueOf(r)).collect(Collectors.toList());
+        }
+
 
         DataSetRowPermissionsDTO dataSetRowPermissionsDTO = new DataSetRowPermissionsDTO();
         dataSetRowPermissionsDTO.setDatasetId(datasetId);

backend/src/main/java/io/dataease/service/dataset/impl/direct/DirectFieldService.java

@@ -42,7 +42,7 @@ public class DirectFieldService implements DataSetFieldService {
     private DataSetTableUnionService dataSetTableUnionService;
 
     @Override
-    public List<Object> fieldValues(String fieldId) throws Exception{
+    public List<Object> fieldValues(String fieldId, Long userId) throws Exception{
         List<DatasetTableField> list = dataSetTableFieldsService.getListByIds(new ArrayList<String>() {{
             add(fieldId);
         }});
@@ -58,7 +58,7 @@ public class DirectFieldService implements DataSetFieldService {
 
         DatasetTableField datasetTableField = DatasetTableField.builder().tableId(tableId).checked(Boolean.TRUE).build();
         List<DatasetTableField> fields = dataSetTableFieldsService.list(datasetTableField);
-        List<ChartFieldCustomFilterDTO> customFilter = dataSetTableService.getCustomFilters(fields, datasetTable, null);
+        List<ChartFieldCustomFilterDTO> customFilter = dataSetTableService.getCustomFilters(fields, datasetTable, userId);
 
         DatasourceRequest datasourceRequest = new DatasourceRequest();
         DatasourceProvider datasourceProvider = null;