diff --git a/headless/server/src/main/java/com/tencent/supersonic/headless/server/aspect/S2DataPermissionAspect.java b/headless/server/src/main/java/com/tencent/supersonic/headless/server/aspect/S2DataPermissionAspect.java index 84d14254d..0f73b6dbe 100644 --- a/headless/server/src/main/java/com/tencent/supersonic/headless/server/aspect/S2DataPermissionAspect.java +++ b/headless/server/src/main/java/com/tencent/supersonic/headless/server/aspect/S2DataPermissionAspect.java @@ -12,16 +12,19 @@ import com.tencent.supersonic.common.pojo.enums.FilterOperatorEnum; import com.tencent.supersonic.common.pojo.exception.InvalidArgumentException; import com.tencent.supersonic.common.pojo.exception.InvalidPermissionException; import com.tencent.supersonic.common.util.jsqlparser.SqlParserAddHelper; +import com.tencent.supersonic.headless.api.pojo.request.ModelSchemaFilterReq; import com.tencent.supersonic.headless.api.pojo.request.QuerySqlReq; import com.tencent.supersonic.headless.api.pojo.request.QueryStructReq; import com.tencent.supersonic.headless.api.pojo.request.SemanticQueryReq; import com.tencent.supersonic.headless.api.pojo.response.DimensionResp; import com.tencent.supersonic.headless.api.pojo.response.ModelResp; +import com.tencent.supersonic.headless.api.pojo.response.ModelSchemaResp; import com.tencent.supersonic.headless.api.pojo.response.SemanticQueryResp; import com.tencent.supersonic.headless.server.pojo.MetaFilter; import com.tencent.supersonic.headless.server.pojo.ModelFilter; import com.tencent.supersonic.headless.server.service.DimensionService; import com.tencent.supersonic.headless.server.service.ModelService; +import com.tencent.supersonic.headless.server.service.SchemaService; import com.tencent.supersonic.headless.server.utils.QueryStructUtils; import java.util.ArrayList; import java.util.HashSet; @@ -60,6 +63,8 @@ public class S2DataPermissionAspect extends AuthCheckBaseAspect { private ModelService modelService; @Value("${permission.data.enable:true}") private Boolean permissionDataEnable; + @Autowired + private SchemaService schemaService; @Pointcut("@annotation(com.tencent.supersonic.headless.server.annotation.S2DataPermission)") private void s2PermissionCheck() { @@ -105,7 +110,10 @@ public class S2DataPermissionAspect extends AuthCheckBaseAspect { User user = (User) objects[1]; List modelIds = querySqlReq.getModelIds(); // fetch data permission meta information - Set res4Privilege = queryStructUtils.getResNameEnExceptInternalCol(querySqlReq, user); + ModelSchemaFilterReq filter = new ModelSchemaFilterReq(); + filter.setModelIds(modelIds); + List modelSchemaRespList = schemaService.fetchModelSchema(filter, user); + Set res4Privilege = queryStructUtils.getResNameEnExceptInternalCol(querySqlReq, modelSchemaRespList); log.info("modelId:{}, res4Privilege:{}", modelIds, res4Privilege); Set sensitiveResByModel = getHighSensitiveColsByModelId(modelIds); diff --git a/headless/server/src/main/java/com/tencent/supersonic/headless/server/utils/QueryStructUtils.java b/headless/server/src/main/java/com/tencent/supersonic/headless/server/utils/QueryStructUtils.java index aee4b627e..32d439da4 100644 --- a/headless/server/src/main/java/com/tencent/supersonic/headless/server/utils/QueryStructUtils.java +++ b/headless/server/src/main/java/com/tencent/supersonic/headless/server/utils/QueryStructUtils.java @@ -5,8 +5,6 @@ import static com.tencent.supersonic.common.pojo.Constants.DAY_FORMAT; import static com.tencent.supersonic.common.pojo.Constants.MONTH; import static com.tencent.supersonic.common.pojo.Constants.WEEK; -import com.google.common.collect.Lists; -import com.tencent.supersonic.auth.api.authentication.pojo.User; import com.tencent.supersonic.common.pojo.Aggregator; import com.tencent.supersonic.common.pojo.DateConf; import com.tencent.supersonic.common.pojo.DateConf.DateMode; @@ -18,7 +16,6 @@ import com.tencent.supersonic.common.util.jsqlparser.FieldExpression; import com.tencent.supersonic.common.util.jsqlparser.SqlParserSelectHelper; import com.tencent.supersonic.headless.api.pojo.ItemDateFilter; import com.tencent.supersonic.headless.api.pojo.SchemaItem; -import com.tencent.supersonic.headless.api.pojo.request.ModelSchemaFilterReq; import com.tencent.supersonic.headless.api.pojo.request.QuerySqlReq; import com.tencent.supersonic.headless.api.pojo.request.QueryStructReq; import com.tencent.supersonic.headless.api.pojo.response.DimSchemaResp; @@ -28,7 +25,6 @@ import com.tencent.supersonic.headless.api.pojo.response.MetricSchemaResp; import com.tencent.supersonic.headless.api.pojo.response.ModelSchemaResp; import com.tencent.supersonic.headless.server.pojo.MetaFilter; import com.tencent.supersonic.headless.server.service.Catalog; -import com.tencent.supersonic.headless.server.service.SchemaService; import java.time.LocalDate; import java.time.format.DateTimeFormatter; import java.util.ArrayList; @@ -45,7 +41,6 @@ import java.util.stream.Collectors; import lombok.extern.slf4j.Slf4j; import org.apache.commons.lang3.tuple.ImmutablePair; import org.apache.commons.lang3.tuple.Triple; -import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Component; import org.springframework.util.CollectionUtils; @@ -66,9 +61,6 @@ public class QueryStructUtils { private final DateModeUtils dateModeUtils; private final SqlFilterUtils sqlFilterUtils; private final Catalog catalog; - @Autowired - private SchemaService schemaService; - private String variablePrefix = "'${"; public QueryStructUtils( @@ -140,13 +132,10 @@ public class QueryStructUtils { return resNameEnSet.stream().filter(res -> !internalCols.contains(res)).collect(Collectors.toSet()); } - public Set getResNameEnExceptInternalCol(QuerySqlReq querySqlReq, User user) { + public Set getResNameEnExceptInternalCol(QuerySqlReq querySqlReq, + List modelSchemaRespList) { Set resNameSet = getResName(querySqlReq); Set resNameEnSet = new HashSet<>(); - ModelSchemaFilterReq filter = new ModelSchemaFilterReq(); - List modelIds = Lists.newArrayList(querySqlReq.getModelIds()); - filter.setModelIds(modelIds); - List modelSchemaRespList = schemaService.fetchModelSchema(filter, user); if (!CollectionUtils.isEmpty(modelSchemaRespList)) { List metrics = modelSchemaRespList.get(0).getMetrics(); List dimensions = modelSchemaRespList.get(0).getDimensions();