@@ -571,36 +571,58 @@ func GetGlobalWorkflowsV1(c echo.Context) error {
571
571
return controller .JSONBaseErrorReq (c , err )
572
572
}
573
573
574
+ // 1. 权限控制
575
+ // 1.1. 获取用户的所有权限信息
574
576
user , err := controller .GetCurrentUser (c , dms .GetUser )
575
577
if err != nil {
576
578
return controller .JSONBaseErrorReq (c , err )
577
579
}
580
+ permissions , isAdmin , err := dmsobject .GetUserOpPermission (c .Request ().Context (), "" , user .GetIDStr (), dms .GetDMSServerAddress ())
581
+ if err != nil {
582
+ return controller .JSONBaseErrorReq (c , err )
583
+ }
584
+ // 1.2. 获取用户全局待关注清单的可见性
585
+ userVisibility := getGlobalDashBoardVisibilityOfUser (isAdmin , permissions )
586
+ if req .FilterCurrentStepAssigneeUserId != "" {
587
+ // 如果根据当前用户筛选,则筛选出用户在所有项目中的工单
588
+ userVisibility = GlobalDashBoardVisibilityGlobal
589
+ }
590
+ // 1.3. 若用户可见性为多项目,则需要根据项目id筛选
591
+ var projectIdsOfProjectAdmin []string
592
+ if userVisibility == GlobalDashBoardVisibilityProjects {
593
+ for _ , permission := range permissions {
594
+ if permission .OpPermissionType == dmsV1 .OpPermissionTypeProjectAdmin {
595
+ projectIdsOfProjectAdmin = append (projectIdsOfProjectAdmin , permission .RangeUids ... )
596
+ }
597
+ }
598
+ }
578
599
600
+ // 2. 组织筛选项
601
+ // 2.1. 基本筛选项
579
602
limit , offset := controller .GetLimitAndOffset (req .PageIndex , req .PageSize )
580
-
581
603
data := map [string ]interface {}{
582
- "filter_subject" : req .FilterSubject ,
583
- "filter_create_time_from" : req .FilterCreateTimeFrom ,
584
- "filter_create_time_to" : req .FilterCreateTimeTo ,
585
- "filter_create_user_id " : req .FilterCreateUserId ,
586
- "filter_task_execute_start_time_from " : req .FilterTaskExecuteStartTimeFrom ,
587
- "filter_task_execute_start_time_to " : req .FilterTaskExecuteStartTimeTo ,
588
- "filter_status " : req .FilterStatus ,
589
- "filter_current_step_assignee_user_id " : req .FilterCurrentStepAssigneeUserId ,
590
- "filter_task_instance_id " : req . FilterTaskInstanceId ,
591
- "current_user_id " : user . GetIDStr () ,
592
- "check_user_can_access " : user . Name != model . DefaultAdminUser , // dms-todo: 判断是否是超级管理员
593
- "limit" : limit ,
594
- "offset" : offset ,
595
- "filter_status_list" : req .FilterStatusList , // 根据SQL工单的状态筛选多个状态的工单
596
- "filter_project_id" : req .FilterProjectUid , // 根据项目id筛选某些一个项目下的多个工单
597
- "filter_instance_id" : req .FilterInstanceId , // 根据工单记录的数据源id,筛选包含该数据源的工单,多数据源情况下,一旦包含该数据源,则被选中
598
- }
599
-
600
- projectMap := make ( map [ string ] /* project uid */ * dmsV1. ListProject )
601
- // 若根据项目优先级筛选,则先请求dms,获取优先级对应的项目信息
604
+ // "filter_subject": req.FilterSubject,
605
+ // "filter_create_time_from": req.FilterCreateTimeFrom,
606
+ // "filter_create_time_to": req.FilterCreateTimeTo,
607
+ // "filter_task_execute_start_time_from ": req.FilterTaskExecuteStartTimeFrom ,
608
+ // "filter_task_execute_start_time_to ": req.FilterTaskExecuteStartTimeTo ,
609
+ // "filter_status ": req.FilterStatus ,
610
+ // "filter_current_step_assignee_user_id ": req.FilterCurrentStepAssigneeUserId ,
611
+ // "filter_task_instance_id ": req.FilterTaskInstanceId ,
612
+ // "current_user_id ": user.GetIDStr() ,
613
+ // "check_user_can_access ": canViewGlobal ,
614
+ "filter_create_user_id " : req . FilterCreateUserId ,
615
+ "limit" : limit ,
616
+ "offset" : offset ,
617
+ "filter_status_list" : req .FilterStatusList , // 根据SQL工单的状态筛选多个状态的工单
618
+ "filter_project_id" : req .FilterProjectUid , // 根据项目id筛选某些一个项目下的多个工单
619
+ "filter_instance_id" : req .FilterInstanceId , // 根据工单记录的数据源id,筛选包含该数据源的工单,多数据源情况下,一旦包含该数据源,则被选中
620
+ }
621
+ // 2.2 页面筛选项:如果根据项目优先级筛选,则先筛选出对应优先级下的项目
622
+ var projectIdsByPriority [] string
623
+ var projectMap map [ string ] * dmsV1. ListProject
602
624
if req .FilterProjectPriority != "" {
603
- data [ "filter_project_id_list" ] , projectMap , err = loadProjectsByPriority (c .Request ().Context (), req .FilterProjectPriority )
625
+ projectIdsByPriority , projectMap , err = loadProjectsByPriority (c .Request ().Context (), req .FilterProjectPriority )
604
626
if err != nil {
605
627
return controller .JSONBaseErrorReq (c , err )
606
628
}
@@ -612,7 +634,26 @@ func GetGlobalWorkflowsV1(c echo.Context) error {
612
634
})
613
635
}
614
636
}
637
+ if req .FilterProjectPriority != "" {
638
+ // 2.2.1 若根据项目优先级筛选,则根据优先级对应的项目筛选
639
+ data ["filter_project_id_list" ] = projectIdsByPriority
640
+ }
615
641
642
+ if req .FilterProjectPriority != "" && userVisibility == GlobalDashBoardVisibilityProjects {
643
+ // 2.2.2 若根据项目优先级筛选,且可以查看多项目待关注SQL,则将可查看的项目和项目优先级筛选后的项目的集合取交集
644
+ data ["filter_project_id_list" ] = utils .IntersectionStringSlice (projectIdsByPriority , projectIdsOfProjectAdmin )
645
+ }
646
+ // 2.3 若不根据项目优先级筛选
647
+ if req .FilterProjectPriority == "" && userVisibility == GlobalDashBoardVisibilityProjects {
648
+ // 2.3.1 若可以查看多项目待关注SQL,则通过用户的有权限的项目进行筛选
649
+ data ["filter_project_id_list" ] = projectIdsOfProjectAdmin
650
+ }
651
+ // 2.4. 若用户可见性为受让人,则可以查看在SQL管控中分配给他的SQL
652
+ if userVisibility == GlobalDashBoardVisibilityAssignee {
653
+ data ["filter_current_step_assignee_user_id" ] = user .GetIDStr ()
654
+ }
655
+
656
+ // 3. 根据筛选项筛选SQL管控的SQL信息
616
657
s := model .GetStorage ()
617
658
workflows , count , err := s .GetWorkflowsByReq (data )
618
659
if err != nil {
@@ -670,6 +711,32 @@ func GetGlobalWorkflowsV1(c echo.Context) error {
670
711
})
671
712
}
672
713
714
+ type GlobalDashBoardVisibility string
715
+
716
+ const GlobalDashBoardVisibilityGlobal GlobalDashBoardVisibility = "global"
717
+ const GlobalDashBoardVisibilityProjects GlobalDashBoardVisibility = "projects"
718
+ const GlobalDashBoardVisibilityAssignee GlobalDashBoardVisibility = "assignee"
719
+
720
+ func getGlobalDashBoardVisibilityOfUser (isAdmin bool , permissions []dmsV1.OpPermissionItem ) GlobalDashBoardVisibility {
721
+ // 角色:全局管理员,全局可查看者
722
+ if isAdmin {
723
+ return GlobalDashBoardVisibilityGlobal
724
+ }
725
+ for _ , permission := range permissions {
726
+ if permission .OpPermissionType == dmsV1 .OpPermissionTypeGlobalView || permission .OpPermissionType == dmsV1 .OpPermissionTypeGlobalManagement {
727
+ return GlobalDashBoardVisibilityGlobal
728
+ }
729
+ }
730
+ // 角色:多项目管理者
731
+ for _ , permission := range permissions {
732
+ if permission .OpPermissionType == dmsV1 .OpPermissionTypeProjectAdmin {
733
+ return GlobalDashBoardVisibilityProjects
734
+ }
735
+ }
736
+ // 角色:受让人,事件处理者
737
+ return GlobalDashBoardVisibilityAssignee
738
+ }
739
+
673
740
// 根据项目优先级从 dms 系统中获取相应的项目列表,并返回项目ID列表和项目映射
674
741
func loadProjectsByPriority (ctx context.Context , priority dmsV1.ProjectPriority ) (projectIds []string , projectMap map [string ] /* project uid */ * dmsV1.ListProject , err error ) {
675
742
projectMap = make (map [string ]* dmsV1.ListProject )
0 commit comments