mirror of
https://github.com/dataease/dataease.git
synced 2026-05-23 13:58:26 +08:00
perf: SQLBot 数据源接口 使用 AES 加密可配置
This commit is contained in:
fit2cloud-chenyw
committed by
fit2cloud-chenyw
fit2cloud-chenyw
parent
23a45e72a7
commit
4e482fc860
@@ -1,5 +1,6 @@
|
||||
package io.dataease.dataset.dao.ext.mapper;
|
||||
|
||||
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
|
||||
import org.apache.ibatis.annotations.Mapper;
|
||||
import org.apache.ibatis.annotations.Param;
|
||||
import org.apache.ibatis.annotations.Select;
|
||||
@@ -32,9 +33,10 @@ public interface DataSetAssistantMapper {
|
||||
left join `core_dataset_table_field` cdtf on cdtf.dataset_table_id = cdt.id
|
||||
left join `core_dataset_group` cdg on cdg.id = cdt.dataset_group_id
|
||||
where cdg.is_cross != 1 and (cd.STATUS IS NULL OR cd.STATUS != 'Error')
|
||||
${ew.customSqlSegment}
|
||||
"""
|
||||
)
|
||||
List<Map<String, Object>> queryAll();
|
||||
List<Map<String, Object>> queryAll(@Param("ew") QueryWrapper queryWrapper);
|
||||
|
||||
@Select("""
|
||||
WITH user_ds_permissions AS (
|
||||
@@ -69,8 +71,9 @@ public interface DataSetAssistantMapper {
|
||||
INNER JOIN `core_dataset_table_field` cdtf ON cdtf.dataset_table_id = cdt.id
|
||||
where not exists( select 1 from user_ds_permissions ds_p where cd.id = ds_p.resource_id )
|
||||
and not exists( select 1 from user_dg_permissions dg_p where cdg.id = dg_p.resource_id )
|
||||
${ew.customSqlSegment}
|
||||
""")
|
||||
List<Map<String, Object>> queryCommunity();
|
||||
List<Map<String, Object>> queryCommunity(@Param("ew") QueryWrapper queryWrapper);
|
||||
|
||||
|
||||
|
||||
@@ -144,9 +147,10 @@ public interface DataSetAssistantMapper {
|
||||
INNER JOIN `core_dataset_table_field` cdtf ON cdtf.dataset_table_id = cdt.id
|
||||
INNER JOIN user_ds_permissions ds_p ON cd.id = ds_p.resource_id
|
||||
INNER JOIN user_dg_permissions dg_p ON cdg.id = dg_p.resource_id
|
||||
${ew.customSqlSegment}
|
||||
</script>
|
||||
""")
|
||||
List<Map<String, Object>> queryEnterprise(@Param("oid") Long oid, @Param("uid") Long uid, @Param("orgAdmin") Boolean orgAdmin);
|
||||
List<Map<String, Object>> queryEnterprise(@Param("oid") Long oid, @Param("uid") Long uid, @Param("orgAdmin") Boolean orgAdmin, @Param("ew") QueryWrapper queryWrapper);
|
||||
|
||||
|
||||
}
|
||||
|
||||
@@ -1,5 +1,6 @@
|
||||
package io.dataease.dataset.manage;
|
||||
|
||||
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
|
||||
import io.dataease.api.dataset.union.DatasetTableInfoDTO;
|
||||
import io.dataease.api.dataset.vo.DataSQLBotAssistantVO;
|
||||
import io.dataease.api.dataset.vo.SQLBotAssistanTable;
|
||||
@@ -14,22 +15,24 @@ import io.dataease.api.permissions.role.dto.RoleRequest;
|
||||
import io.dataease.api.permissions.role.vo.RoleVO;
|
||||
import io.dataease.auth.bo.TokenUserBO;
|
||||
import io.dataease.commons.utils.EncryptUtils;
|
||||
import io.dataease.constant.ColumnPermissionConstants;
|
||||
import io.dataease.dataset.dao.ext.mapper.DataSetAssistantMapper;
|
||||
import io.dataease.datasource.dao.auto.entity.CoreDatasource;
|
||||
import io.dataease.datasource.manage.EngineManage;
|
||||
import io.dataease.extensions.datasource.vo.Configuration;
|
||||
import io.dataease.extensions.datasource.vo.DatasourceConfiguration;
|
||||
import io.dataease.extensions.view.dto.ColumnPermissionItem;
|
||||
import io.dataease.extensions.view.dto.ColumnPermissions;
|
||||
import io.dataease.home.manage.DeIndexManage;
|
||||
import io.dataease.utils.*;
|
||||
import jakarta.annotation.Resource;
|
||||
import org.apache.commons.collections4.CollectionUtils;
|
||||
import org.apache.commons.collections4.MapUtils;
|
||||
import org.apache.commons.lang3.ObjectUtils;
|
||||
import org.apache.commons.lang3.StringUtils;
|
||||
import org.springframework.beans.factory.annotation.Value;
|
||||
import org.springframework.core.env.Environment;
|
||||
import org.springframework.stereotype.Component;
|
||||
|
||||
import java.nio.charset.StandardCharsets;
|
||||
import java.util.*;
|
||||
import java.util.stream.Collectors;
|
||||
|
||||
@@ -48,8 +51,18 @@ public class DatasetSQLBotManage {
|
||||
@Resource
|
||||
private Environment environment;
|
||||
|
||||
private String aesKey = "y5txe1mRmS_JpOrUzFzHEu-kIQn3lf7l";
|
||||
private String aesIv = "sqlbot_em_aes_iv";
|
||||
private CoreDatasource deEngine;
|
||||
|
||||
@Resource
|
||||
private PermissionManage permissionManage;
|
||||
|
||||
@Value("${dataease.sqlbot.encrypt:false}")
|
||||
private boolean encryptEnabled;
|
||||
|
||||
@Value("${dataease.sqlbot.aes-key:y5txe1mRmS_JpOrUzFzHEu-kIQn3lf7l}")
|
||||
private String aesKey;
|
||||
@Value("${dataease.sqlbot.aes-iv:sqlbot_em_aes_iv}")
|
||||
private String aesIv;
|
||||
|
||||
private String aesEncrypt(String text) {
|
||||
String iv = aesIv;
|
||||
@@ -115,7 +128,7 @@ public class DatasetSQLBotManage {
|
||||
}
|
||||
|
||||
|
||||
public List<DataSQLBotAssistantVO> getDatasourceList(List<Long> ids) {
|
||||
public List<DataSQLBotAssistantVO> getDatasourceList(Long dsId, Long datasetId) {
|
||||
TokenUserBO user = Objects.requireNonNull(AuthUtils.getUser());
|
||||
Long oid = user.getDefaultOid();
|
||||
Long uid = user.getUserId();
|
||||
@@ -126,16 +139,23 @@ public class DatasetSQLBotManage {
|
||||
List<Map<String, Object>> list = null;
|
||||
boolean isAdmin = uid == 1;
|
||||
boolean withColsOrRowsPermission = false;
|
||||
QueryWrapper<Object> queryWrapper = new QueryWrapper<>();
|
||||
if (ObjectUtils.isNotEmpty(datasetId)) {
|
||||
queryWrapper.eq("cdg.id", datasetId);
|
||||
}
|
||||
if (ObjectUtils.isNotEmpty(dsId)) {
|
||||
queryWrapper.eq("cd.id", dsId);
|
||||
}
|
||||
if (ObjectUtils.isEmpty(model)) {
|
||||
if (!isAdmin) {
|
||||
return null;
|
||||
}
|
||||
list = dataSetAssistantMapper.queryAll();
|
||||
list = dataSetAssistantMapper.queryAll(queryWrapper);
|
||||
} else if (!model) {
|
||||
if (!isAdmin) {
|
||||
return null;
|
||||
}
|
||||
list = dataSetAssistantMapper.queryCommunity();
|
||||
list = dataSetAssistantMapper.queryCommunity(queryWrapper);
|
||||
} else {
|
||||
boolean isRootRole = isAdmin;
|
||||
if (!isAdmin) {
|
||||
@@ -145,11 +165,11 @@ public class DatasetSQLBotManage {
|
||||
isRootRole = roleVOS.stream().anyMatch(RoleVO::isRoot);
|
||||
roleIds = roleVOS.stream().map(RoleVO::getId).toList();
|
||||
|
||||
colPermissionMap = getColPermission(uid, roleIds);
|
||||
/*colPermissionMap = getColPermission(uid, roleIds);
|
||||
rowPermissionMap = getRowPermission(uid, roleIds);
|
||||
withColsOrRowsPermission = MapUtils.isNotEmpty(colPermissionMap) || MapUtils.isNotEmpty(rowPermissionMap);
|
||||
withColsOrRowsPermission = MapUtils.isNotEmpty(colPermissionMap) || MapUtils.isNotEmpty(rowPermissionMap);*/
|
||||
}
|
||||
list = dataSetAssistantMapper.queryEnterprise(oid, uid, isRootRole);
|
||||
list = dataSetAssistantMapper.queryEnterprise(oid, uid, isRootRole, queryWrapper);
|
||||
}
|
||||
|
||||
|
||||
@@ -157,6 +177,7 @@ public class DatasetSQLBotManage {
|
||||
Map<String, DataSQLBotAssistantVO> dsFlagMap = new HashMap<>();
|
||||
Map<String, SQLBotAssistanTable> tableFlagMap = new HashMap<>();
|
||||
Map<String, SQLBotAssistantField> fieldFlagMap = new HashMap<>();
|
||||
deEngine = engineManage.getDeEngine();
|
||||
for (Map<String, Object> row : list) {
|
||||
// build ds
|
||||
String datasourceId = row.get("datasource_id").toString();
|
||||
@@ -208,13 +229,41 @@ public class DatasetSQLBotManage {
|
||||
vos.forEach(vo -> {
|
||||
List<SQLBotAssistanTable> tables = vo.getTables();
|
||||
tables.forEach(table -> {
|
||||
Long datasetGroupId = table.getDatasetGroupId();
|
||||
List<DataSetColumnPermissionsDTO> dataSetColumnPermissionsDTOS = colPermissionMap.get(datasetGroupId);
|
||||
|
||||
List<ColumnPermissionItem> columnPermissionItems = new ArrayList<>();
|
||||
|
||||
for (DataSetColumnPermissionsDTO dataSetColumnPermissionsDTO : dataSetColumnPermissionsDTOS) {
|
||||
ColumnPermissions columnPermissions = JsonUtil.parseObject(dataSetColumnPermissionsDTO.getPermissions(), ColumnPermissions.class);
|
||||
if (!columnPermissions.getEnable()) {
|
||||
continue;
|
||||
}
|
||||
if (StringUtils.equalsAnyIgnoreCase(dataSetColumnPermissionsDTO.getAuthTargetType(), "user", "role")) {
|
||||
columnPermissionItems.addAll(columnPermissions.getColumns().stream().filter(columnPermissionItem -> columnPermissionItem.getSelected()).collect(Collectors.toList()));
|
||||
}
|
||||
}
|
||||
List<SQLBotAssistantField> filterFields = table.getFields().stream().filter(field -> {
|
||||
List<ColumnPermissionItem> fieldColumnPermissionItems = columnPermissionItems.stream().filter(columnPermissionItem -> columnPermissionItem.getId().equals(field.getFieldId())).collect(Collectors.toList());
|
||||
if (CollectionUtils.isEmpty(fieldColumnPermissionItems)) {
|
||||
return true;
|
||||
}
|
||||
return fieldColumnPermissionItems.stream().map(ColumnPermissionItem::getOpt).toList().contains(ColumnPermissionConstants.Desensitization);
|
||||
}).collect(Collectors.toList());
|
||||
table.setFields(filterFields);
|
||||
});
|
||||
});
|
||||
return null;
|
||||
return vos;
|
||||
}
|
||||
|
||||
private SQLBotAssistantField buildField(Map<String, Object> row) {
|
||||
SQLBotAssistantField field = new SQLBotAssistantField();
|
||||
if (ObjectUtils.isNotEmpty(row.get("field_id"))) {
|
||||
field.setFieldId(Long.parseLong(row.get("field_id").toString()));
|
||||
}
|
||||
if (ObjectUtils.isNotEmpty(row.get("dataease_name"))) {
|
||||
field.setDataeaseName(row.get("dataease_name").toString());
|
||||
}
|
||||
field.setName(row.get("origin_name").toString());
|
||||
field.setType(row.get("field_type").toString());
|
||||
field.setComment(row.get("field_show_name").toString());
|
||||
@@ -234,7 +283,6 @@ public class DatasetSQLBotManage {
|
||||
String dsType = row.get("ds_type").toString();
|
||||
Configuration config = null;
|
||||
if (dsType.contains(DatasourceConfiguration.DatasourceType.Excel.name()) || dsType.contains(DatasourceConfiguration.DatasourceType.API.name())) {
|
||||
CoreDatasource deEngine = engineManage.getDeEngine();
|
||||
String config_json = EncryptUtils.aesDecrypt(deEngine.getConfiguration()).toString();
|
||||
config = JsonUtil.parseObject(config_json, Configuration.class);
|
||||
if (StringUtils.isNotBlank(dsHost) && ObjectUtils.isNotEmpty(config)) {
|
||||
@@ -256,7 +304,9 @@ public class DatasetSQLBotManage {
|
||||
vo.setSchema(config.getSchema());
|
||||
vo.setUser(config.getUsername());
|
||||
vo.setPassword(config.getPassword());
|
||||
aesVO(vo);
|
||||
if (encryptEnabled) {
|
||||
aesVO(vo);
|
||||
}
|
||||
return vo;
|
||||
}
|
||||
|
||||
@@ -282,6 +332,9 @@ public class DatasetSQLBotManage {
|
||||
SQLBotAssistanTable table = new SQLBotAssistanTable();
|
||||
table.setName(row.get("table_name").toString());
|
||||
table.setComment(row.get("dataset_name").toString());
|
||||
if (ObjectUtils.isNotEmpty(row.get("dataset_group_id"))) {
|
||||
table.setDatasetGroupId(Long.parseLong(row.get("dataset_group_id").toString()));
|
||||
}
|
||||
|
||||
Object infoObj = null;
|
||||
if (ObjectUtils.isNotEmpty(infoObj = row.get("info"))) {
|
||||
|
||||
@@ -16,7 +16,7 @@ public class DatasetSQLBotServer implements DataAssistantApi {
|
||||
@Resource
|
||||
private DatasetSQLBotManage datasetSQLBotManage;
|
||||
@Override
|
||||
public List<DataSQLBotAssistantVO> getDatasourceList() {
|
||||
return datasetSQLBotManage.getDatasourceList(null);
|
||||
public List<DataSQLBotAssistantVO> getDatasourceList(Long dsId, Long datasetId) {
|
||||
return datasetSQLBotManage.getDatasourceList(dsId, datasetId);
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user