diff --git a/core/core-frontend/src/api/auth.ts b/core/core-frontend/src/api/auth.ts
index 834f407124..2ae39019f7 100644
--- a/core/core-frontend/src/api/auth.ts
+++ b/core/core-frontend/src/api/auth.ts
@@ -1,10 +1,16 @@
import request from '@/config/axios'
export const queryUserApi = data => request.post({ url: '/user/byCurOrg', data })
-export const queryUserOptionsApi = () => request.get({ url: '/user/org/option' })
+export const queryUserOptionsApi = () => request.get({ url: '/user/query' })
export const queryRoleApi = data => request.post({ url: '/role/byCurOrg', data })
-export const resourceTreeApi = (flag: string) => request.get({ url: '/auth/busiResource/' + flag })
+export const resourceTreeApi = (flag: string, isSystem?: boolean) => {
+ const param = {
+ flag,
+ isSystem: !!isSystem
+ }
+ return request.post({ url: '/auth/busiResource', data: param })
+}
export const menuTreeApi = () => request.get({ url: '/auth/menuResource' })
diff --git a/core/core-frontend/src/api/user.ts b/core/core-frontend/src/api/user.ts
index ab334729d6..143ae2ad2d 100644
--- a/core/core-frontend/src/api/user.ts
+++ b/core/core-frontend/src/api/user.ts
@@ -7,7 +7,7 @@ export const switchOrg = (id: number | string) => request.post({ url: `/user/swi
export const userInfo = () => request.get({ url: '/user/info' })
-export const searchRoleApi = (keyword: string) =>
+export const searchRoleApi = (keyword?: string) =>
request.post({ url: '/role/query', data: { keyword } })
export const searchRoleByOidApi = (oid: number) => request.get({ url: `/role/queryWithOid/${oid}` })
diff --git a/core/core-frontend/src/assets/svg/icon-enter.svg b/core/core-frontend/src/assets/svg/icon-enter.svg
new file mode 100644
index 0000000000..701ccc5ff1
--- /dev/null
+++ b/core/core-frontend/src/assets/svg/icon-enter.svg
@@ -0,0 +1 @@
+
diff --git a/core/core-frontend/src/config/axios/service.ts b/core/core-frontend/src/config/axios/service.ts
index f86c189ef3..521839bbd1 100644
--- a/core/core-frontend/src/config/axios/service.ts
+++ b/core/core-frontend/src/config/axios/service.ts
@@ -121,6 +121,10 @@ service.interceptors.request.use(
} else if (embeddedStore.token) {
;(config.headers as AxiosRequestHeaders)['X-EMBEDDED-TOKEN'] = embeddedStore.token
}
+ const storedProxyInfo = wsCache.get('user.proxyInfo')
+ if (storedProxyInfo?.proxy && storedProxyInfo?.proxySecret) {
+ ;(config.headers as AxiosRequestHeaders)['X-DE-ADMIN-PROXY'] = storedProxyInfo.proxySecret
+ }
const locale = getLocale()
if (locale) {
const val = mapping[locale] || locale
diff --git a/core/core-frontend/src/locales/zh-CN.ts b/core/core-frontend/src/locales/zh-CN.ts
index 69861092f5..48ff02bdf9 100644
--- a/core/core-frontend/src/locales/zh-CN.ts
+++ b/core/core-frontend/src/locales/zh-CN.ts
@@ -967,6 +967,7 @@ export default {
resource_name: '资源名称',
menu_name: '菜单名称',
from_role: '继承自以下角色:',
+ from_org: '继承自以下组织:',
auth_alone: '单独授权',
org_role_empty: '组织管理员已拥有所有资源的权限,无需再授权',
user_role_empty: '该用户是组织管理员,已拥有所有资源的权限,无需再授权',
diff --git a/core/core-frontend/src/store/modules/user.ts b/core/core-frontend/src/store/modules/user.ts
index b8ad3401b3..9109daafcc 100644
--- a/core/core-frontend/src/store/modules/user.ts
+++ b/core/core-frontend/src/store/modules/user.ts
@@ -14,6 +14,11 @@ interface UserState {
language: string
exp: number
time: number
+ proxyInfo: {
+ proxy: boolean
+ proxyOid: string | null
+ proxySecret: string | null
+ }
}
export const userStore = defineStore('user', {
@@ -25,7 +30,12 @@ export const userStore = defineStore('user', {
oid: null,
language: 'zh-CN',
exp: null,
- time: null
+ time: null,
+ proxyInfo: {
+ proxy: false,
+ proxyOid: null,
+ proxySecret: null
+ }
}
},
getters: {
@@ -49,6 +59,9 @@ export const userStore = defineStore('user', {
},
getTime(): number {
return this.time
+ },
+ getProxyInfo(): { proxy: boolean; proxyOid: string | null; proxySecret: string | null } {
+ return this.proxyInfo
}
},
actions: {
@@ -66,6 +79,10 @@ export const userStore = defineStore('user', {
this[key] = data[dkey]
wsCache.set('user.' + key, this[key])
})
+ const cachedProxyInfo = wsCache.get('user.proxyInfo')
+ if (cachedProxyInfo) {
+ this.proxyInfo = cachedProxyInfo
+ }
const locale = useLocaleStoreWithOut()
if (locale.getCurrentLocale?.lang !== this.language && !window.DataEaseBi) {
window.location.reload()
@@ -96,6 +113,14 @@ export const userStore = defineStore('user', {
wsCache.set('user.oid', oid)
this.oid = oid
},
+ setProxyInfo(proxyInfo: {
+ proxy: boolean
+ proxyOid: string | null
+ proxySecret: string | null
+ }) {
+ wsCache.set('user.proxyInfo', proxyInfo)
+ this.proxyInfo = proxyInfo
+ },
setLanguage(language: string) {
const locale = useLocaleStoreWithOut()
if (!language || language === 'zh_CN') {
@@ -107,7 +132,7 @@ export const userStore = defineStore('user', {
changeLocale(language as any)
},
clear() {
- const keys: string[] = ['token', 'uid', 'name', 'oid', 'language', 'exp', 'time']
+ const keys: string[] = ['token', 'uid', 'name', 'oid', 'language', 'exp', 'time', 'proxyInfo']
keys.forEach(key => wsCache.delete('user.' + key))
}
}
diff --git a/sdk/api/api-permissions/src/main/java/io/dataease/api/permissions/auth/api/AuthApi.java b/sdk/api/api-permissions/src/main/java/io/dataease/api/permissions/auth/api/AuthApi.java
index 1a2b0dc810..457e6c6226 100644
--- a/sdk/api/api-permissions/src/main/java/io/dataease/api/permissions/auth/api/AuthApi.java
+++ b/sdk/api/api-permissions/src/main/java/io/dataease/api/permissions/auth/api/AuthApi.java
@@ -9,10 +9,9 @@ import io.dataease.api.permissions.auth.vo.ResourceItemVO;
import io.dataease.api.permissions.auth.vo.ResourceVO;
import io.swagger.v3.oas.annotations.Hidden;
import io.swagger.v3.oas.annotations.Operation;
-import io.swagger.v3.oas.annotations.Parameter;
+
import io.swagger.v3.oas.annotations.tags.Tag;
import org.springframework.web.bind.annotation.GetMapping;
-import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
@@ -24,9 +23,8 @@ public interface AuthApi {
@Operation(summary = "查询资源树")
@ApiOperationSupport(order = 1)
- @Parameter(name = "flag", description = "类型")
- @GetMapping("/busiResource/{flag}")
- List busiResource(@PathVariable("flag") String flag);
+ @PostMapping("/busiResource")
+ List busiResource(@RequestBody BusiResourceRequest request);
@Operation(summary = "查询对象已授权资源")
@ApiOperationSupport(order = 3)
diff --git a/sdk/api/api-permissions/src/main/java/io/dataease/api/permissions/auth/dto/BusiResourceRequest.java b/sdk/api/api-permissions/src/main/java/io/dataease/api/permissions/auth/dto/BusiResourceRequest.java
new file mode 100644
index 0000000000..6efed3de78
--- /dev/null
+++ b/sdk/api/api-permissions/src/main/java/io/dataease/api/permissions/auth/dto/BusiResourceRequest.java
@@ -0,0 +1,20 @@
+package io.dataease.api.permissions.auth.dto;
+
+import io.swagger.v3.oas.annotations.media.Schema;
+import lombok.Data;
+
+import java.io.Serial;
+import java.io.Serializable;
+
+@Schema(description = "业务资源请求参数")
+@Data
+public class BusiResourceRequest implements Serializable {
+ @Serial
+ private static final long serialVersionUID = 6769377426446797907L;
+
+ @Schema(description = "资源flag", requiredMode = Schema.RequiredMode.REQUIRED)
+ private String flag;
+
+ @Schema(description = "是否系统级查询")
+ private boolean isSystem;
+}
diff --git a/sdk/api/api-permissions/src/main/java/io/dataease/api/permissions/auth/vo/PermissionItem.java b/sdk/api/api-permissions/src/main/java/io/dataease/api/permissions/auth/vo/PermissionItem.java
index ffe384643b..c057f051c3 100644
--- a/sdk/api/api-permissions/src/main/java/io/dataease/api/permissions/auth/vo/PermissionItem.java
+++ b/sdk/api/api-permissions/src/main/java/io/dataease/api/permissions/auth/vo/PermissionItem.java
@@ -2,16 +2,20 @@ package io.dataease.api.permissions.auth.vo;
import com.fasterxml.jackson.databind.annotation.JsonSerialize;
import com.fasterxml.jackson.databind.ser.std.ToStringSerializer;
-import io.dataease.api.permissions.dataset.dto.DataSetColumnPermissionsDTO;
-import io.dataease.api.permissions.dataset.dto.DataSetRowPermissionsTreeDTO;
import io.swagger.v3.oas.annotations.media.Schema;
+import lombok.AllArgsConstructor;
+import lombok.Builder;
import lombok.Data;
+import lombok.NoArgsConstructor;
import java.io.Serial;
import java.io.Serializable;
@Schema(description = "权限项")
@Data
+@AllArgsConstructor
+@NoArgsConstructor
+@Builder
public class PermissionItem implements Serializable {
@Serial
@@ -21,10 +25,6 @@ public class PermissionItem implements Serializable {
private Long id;
@Schema(description = "权重")
private int weight;
- @Schema(description = "列权限")
- private DataSetColumnPermissionsDTO columnPermissions;
- @Schema(description = "行权限")
- private DataSetRowPermissionsTreeDTO rowPermissions;
@Schema(description = "独立权重")
private int ext;
}
diff --git a/sdk/api/api-permissions/src/main/java/io/dataease/api/permissions/auth/vo/PermissionOrigin.java b/sdk/api/api-permissions/src/main/java/io/dataease/api/permissions/auth/vo/PermissionOrigin.java
index c043f5f5d3..7d388edd57 100644
--- a/sdk/api/api-permissions/src/main/java/io/dataease/api/permissions/auth/vo/PermissionOrigin.java
+++ b/sdk/api/api-permissions/src/main/java/io/dataease/api/permissions/auth/vo/PermissionOrigin.java
@@ -3,7 +3,10 @@ package io.dataease.api.permissions.auth.vo;
import com.fasterxml.jackson.databind.annotation.JsonSerialize;
import com.fasterxml.jackson.databind.ser.std.ToStringSerializer;
import io.swagger.v3.oas.annotations.media.Schema;
+import lombok.AllArgsConstructor;
+import lombok.Builder;
import lombok.Data;
+import lombok.NoArgsConstructor;
import java.io.Serial;
import java.io.Serializable;
@@ -11,6 +14,9 @@ import java.util.List;
@Schema(description = "关联权限")
@Data
+@AllArgsConstructor
+@NoArgsConstructor
+@Builder
public class PermissionOrigin implements Serializable {
@Serial
private static final long serialVersionUID = 1455588932869130794L;
@@ -20,6 +26,8 @@ public class PermissionOrigin implements Serializable {
private Long id;
@Schema(description = "关联名称")
private String name;
+ @Schema(description = "来源类型: 0=user, 1=role, 2=org")
+ private Integer type;
@Schema(description = "关联权限项")
private List permissions;
}
diff --git a/sdk/api/api-permissions/src/main/java/io/dataease/api/permissions/auth/vo/PermissionVO.java b/sdk/api/api-permissions/src/main/java/io/dataease/api/permissions/auth/vo/PermissionVO.java
index 2d7f6579a8..c1fb6928c3 100644
--- a/sdk/api/api-permissions/src/main/java/io/dataease/api/permissions/auth/vo/PermissionVO.java
+++ b/sdk/api/api-permissions/src/main/java/io/dataease/api/permissions/auth/vo/PermissionVO.java
@@ -17,6 +17,8 @@ public class PermissionVO implements Serializable {
private boolean root;
@Schema(description = "是否只读")
private boolean readonly;
+ @Schema(description = "角色类型编码: 0=普通用户,5=数据分析师,9=组织管理员")
+ private Integer typeCode = 0;
@Schema(description = "直接权限项")
private List permissions;
@Schema(description = "关联权限项")
diff --git a/sdk/api/api-permissions/src/main/java/io/dataease/api/permissions/role/dto/RoleCreator.java b/sdk/api/api-permissions/src/main/java/io/dataease/api/permissions/role/dto/RoleCreator.java
index ec17769035..557aefc9f0 100644
--- a/sdk/api/api-permissions/src/main/java/io/dataease/api/permissions/role/dto/RoleCreator.java
+++ b/sdk/api/api-permissions/src/main/java/io/dataease/api/permissions/role/dto/RoleCreator.java
@@ -21,8 +21,4 @@ public class RoleCreator implements Serializable {
@JsonIgnore
@Schema(hidden = true)
private Long rid;
-
- private Long oid;
-
-
}
diff --git a/sdk/api/api-permissions/src/main/java/io/dataease/api/permissions/user/api/UserApi.java b/sdk/api/api-permissions/src/main/java/io/dataease/api/permissions/user/api/UserApi.java
index ad0c9f919a..2bf63f2085 100644
--- a/sdk/api/api-permissions/src/main/java/io/dataease/api/permissions/user/api/UserApi.java
+++ b/sdk/api/api-permissions/src/main/java/io/dataease/api/permissions/user/api/UserApi.java
@@ -8,7 +8,6 @@ import io.dataease.api.permissions.user.dto.*;
import io.dataease.api.permissions.user.vo.*;
import io.dataease.auth.DeApiPath;
import io.dataease.auth.DePermit;
-import io.dataease.auth.vo.TokenVO;
import io.dataease.model.KeywordRequest;
import io.dataease.result.PageResult;
import io.swagger.v3.oas.annotations.Hidden;
@@ -104,9 +103,9 @@ public interface UserApi {
@PostMapping("/role/option")
List optionForRole(@RequestBody UserRequest request);
- @Operation(summary = "组织内用户")
+ /*@Operation(summary = "组织内用户")
@GetMapping("/org/option")
- List optionForOrg();
+ List optionForOrg();*/
@Operation(summary = "角色已绑用户")
@Parameters({
@@ -118,7 +117,6 @@ public interface UserApi {
PageResult selectedForRole(@PathVariable("goPage") int goPage, @PathVariable("pageSize") int pageSize, @RequestBody UserRequest request);
-
@Operation(summary = "获取当前登录人信息")
@GetMapping("/info")
CurUserVO info();
@@ -255,4 +253,8 @@ public interface UserApi {
@Hidden
List getFormatRecipient(Long oid, List uidList, List ridList);
+ @Operation(summary = "查询用户")
+ @GetMapping("/query")
+ List query();
+
}
diff --git a/sdk/api/api-permissions/src/main/java/io/dataease/api/permissions/user/dto/UserQueryRequest.java b/sdk/api/api-permissions/src/main/java/io/dataease/api/permissions/user/dto/UserQueryRequest.java
new file mode 100644
index 0000000000..6a0fcfe23d
--- /dev/null
+++ b/sdk/api/api-permissions/src/main/java/io/dataease/api/permissions/user/dto/UserQueryRequest.java
@@ -0,0 +1,13 @@
+package io.dataease.api.permissions.user.dto;
+
+import io.dataease.model.KeywordRequest;
+import lombok.Data;
+import lombok.EqualsAndHashCode;
+
+import java.io.Serializable;
+
+@EqualsAndHashCode(callSuper = true)
+@Data
+public class UserQueryRequest extends KeywordRequest implements Serializable {
+ private Long oid;
+}
diff --git a/sdk/api/api-permissions/src/main/java/io/dataease/api/permissions/user/vo/UserOptionVO.java b/sdk/api/api-permissions/src/main/java/io/dataease/api/permissions/user/vo/UserOptionVO.java
new file mode 100644
index 0000000000..7ef5b6bf90
--- /dev/null
+++ b/sdk/api/api-permissions/src/main/java/io/dataease/api/permissions/user/vo/UserOptionVO.java
@@ -0,0 +1,13 @@
+package io.dataease.api.permissions.user.vo;
+
+import lombok.Data;
+import lombok.EqualsAndHashCode;
+
+import java.io.Serializable;
+
+@EqualsAndHashCode(callSuper = true)
+@Data
+public class UserOptionVO extends UserItem implements Serializable {
+
+ private String account;
+}
diff --git a/sdk/common/src/main/java/io/dataease/constant/SubjectTypeEnum.java b/sdk/common/src/main/java/io/dataease/constant/SubjectTypeEnum.java
new file mode 100644
index 0000000000..192a1bae8c
--- /dev/null
+++ b/sdk/common/src/main/java/io/dataease/constant/SubjectTypeEnum.java
@@ -0,0 +1,15 @@
+package io.dataease.constant;
+
+import lombok.Getter;
+
+@Getter
+public enum SubjectTypeEnum {
+ USER(0), ROLE(1), ORG(2);
+
+ private final int code;
+
+ SubjectTypeEnum(int code) {
+ this.code = code;
+ }
+
+}