perf: 对接 SQLBot 优化角色权限

2026-05-14 21:12:33 +08:00 · 2025-09-11 14:35:56 +08:00
parent dc4c4701d8
commit a9730a4cce
2 changed files with 22 additions and 21 deletions
--- a/core/core-backend/src/main/java/io/dataease/dataset/dao/ext/mapper/DataSetAssistantMapper.java
+++ b/core/core-backend/src/main/java/io/dataease/dataset/dao/ext/mapper/DataSetAssistantMapper.java
@@ -132,7 +132,11 @@ public interface DataSetAssistantMapper {
    <script>
    WITH user_ds_permissions AS (
        <choose>
-            <when test="!orgAdmin">
+            <when test="orgAdmin">
+                SELECT id as resource_id FROM per_busi_resource 
+                WHERE org_id = #{oid} AND rt_id = 4
+            </when>
+            <otherwise>
                SELECT DISTINCT resource_id
                FROM (
                    SELECT resource_id FROM per_auth_busi_user
@@ -142,16 +146,16 @@ public interface DataSetAssistantMapper {
                    INNER JOIN per_user_role b ON a.rid = b.rid
                    WHERE b.oid = #{oid} AND b.uid = #{uid} AND a.resource_type = 4
                ) temp
-            </when>
-            <otherwise>
-                SELECT id as resource_id FROM per_busi_resource 
-                WHERE org_id = #{oid} AND rt_id = 4
            </otherwise>
        </choose>
    ),
    user_dg_permissions AS (
        <choose>
-            <when test="!orgAdmin">
+            <when test="orgAdmin">
+                SELECT id as resource_id FROM per_busi_resource 
+                WHERE org_id = #{oid} AND rt_id = 3
+            </when>
+            <otherwise>
                SELECT DISTINCT resource_id
                FROM (
                    SELECT resource_id FROM per_auth_busi_user
@@ -161,10 +165,6 @@ public interface DataSetAssistantMapper {
                    INNER JOIN per_user_role b ON a.rid = b.rid
                    WHERE b.oid = #{oid} AND b.uid = #{uid} AND a.resource_type = 3
                ) temp
-            </when>
-            <otherwise>
-                SELECT id as resource_id FROM per_busi_resource 
-                WHERE org_id = #{oid} AND rt_id = 3
            </otherwise>
        </choose>
    )
@@ -218,7 +218,9 @@ public interface DataSetAssistantMapper {
    ${ew.customSqlSegment}
    </script>
 """)
-    List<Map<String, Object>> queryEnterprise(@Param("oid") Long oid, @Param("uid") Long uid, @Param("orgAdmin") Boolean orgAdmin, @Param("ew") QueryWrapper queryWrapper);
+    List<Map<String, Object>> queryEnterprise(@Param("oid") Long oid, @Param("uid") Long uid, @Param("orgAdmin") boolean orgAdmin, @Param("ew") QueryWrapper queryWrapper);


+    @Select("select pr.id, pr.readonly, pr.pid from per_user_role pur left join per_role pr on pur.rid = pr.id where pur.uid = #{uid} and pur.oid = #{oid} ")
+    List<Map<String, Object>> roleInfoByUid(@Param("uid") Long uid, @Param("oid") Long oid);
 }
--- a/core/core-backend/src/main/java/io/dataease/dataset/manage/DatasetSQLBotManage.java
+++ b/core/core-backend/src/main/java/io/dataease/dataset/manage/DatasetSQLBotManage.java
@@ -11,9 +11,6 @@ import io.dataease.api.dataset.vo.SQLBotAssistantField;
 import io.dataease.api.permissions.dataset.api.ColumnPermissionsApi;
 import io.dataease.api.permissions.dataset.dto.DataSetColumnPermissionsDTO;
 import io.dataease.api.permissions.dataset.dto.DataSetRowPermissionsTreeDTO;
-import io.dataease.api.permissions.role.api.RoleApi;
-import io.dataease.api.permissions.role.dto.RoleRequest;
-import io.dataease.api.permissions.role.vo.RoleVO;
 import io.dataease.auth.bo.TokenUserBO;
 import io.dataease.commons.utils.EncryptUtils;
 import io.dataease.constant.ColumnPermissionConstants;
@@ -170,12 +167,13 @@ public class DatasetSQLBotManage {
        } else {
            boolean isRootRole = isAdmin;
            if (!isAdmin) {
-                RoleRequest request = new RoleRequest();
-                request.setUid(uid);
-                List<RoleVO> roleVOS = Objects.requireNonNull(CommonBeanFactory.getBean(RoleApi.class)).selectedForUser(request);
-                isRootRole = roleVOS.stream().anyMatch(RoleVO::isRoot);
-                roleIds = roleVOS.stream().map(RoleVO::getId).toList();
-
+                List<Map<String, Object>> roleMapList = dataSetAssistantMapper.roleInfoByUid(uid, oid);
+                if (CollectionUtils.isNotEmpty(roleMapList)) {
+                    isRootRole = roleMapList.stream().anyMatch(item -> ObjectUtils.isNotEmpty(item.get("pid")) && (Integer.parseInt(item.get("pid").toString())) == 0);
+                    roleIds = roleMapList.stream().map(item -> Long.parseLong(item.get("id").toString())).distinct().collect(Collectors.toList());
+                } else {
+                    roleIds = new ArrayList<>();
+                }
                colPermissionMap = getColPermission(uid, roleIds);
                rowPermissionMap = getRowPermission(uid, roleIds);
            }
@@ -282,7 +280,8 @@ public class DatasetSQLBotManage {
    };
    TypeReference<List<CalParam>> typeToken = new TypeReference<>() {
    };
-    private void rebuildTable(SQLBotAssistanTable table, List<DataSetColumnPermissionsDTO> columnPermissionsDTOS, List<DataSetRowPermissionsTreeDTO> rowPermissionsTree,  Map<String, Object> dsRowData) {
+
+    private void rebuildTable(SQLBotAssistanTable table, List<DataSetColumnPermissionsDTO> columnPermissionsDTOS, List<DataSetRowPermissionsTreeDTO> rowPermissionsTree, Map<String, Object> dsRowData) {
        Map<String, Object> rowData = table.getRowData();
        CoreDatasetGroup coreDatasetGroup = BeanUtils.mapToBean(rowData, CoreDatasetGroup.class);