1. 链接权限
1.1. 链接权限说明
在链接上设置用于控制被授权用户所能看到的数据范围
1.1.1. 链接权限的定义
链接权限结构说明
| 字段 | 类型 | 描述 | 
|---|---|---|
| id | LONG | 权限条目的 id | 
| title | STRING | 权限条目的标题 | 
| type | STRING | 规则类型,分为:ROW(行规则),COLUMN(列规则) | 
| connectionId | LONG | 权限条目所属的链接id | 
| priority | STRING | 权限条目的权限级别 | 
| nodeType | STRING | 权限条目作用的节点类型 | 
| path | STRING数组 | 权限条目作用的具体路径 | 
| options | OBJECT | 权限条目的配置信息 | 
| options.filter | OBJECT | 权限条目的过滤条件相关信息 | 
| options.filter.where | HE 数组 | 行过滤条件 | 
| options.filter.excludeColumns | HE 数组 | 列过滤条件 | 
| options.filter.filterType | STRING | 过滤条件类型 | 
priority值说明
| 字段值 | 描述 | 
|---|---|
| LS | 表示用户仅可见权限条目作用节点的名称,如:用户只能看到链接下某些表的名称或某个目录下所有表的名称。但是对表的结构和数据一律不可见 | 
| SC | 表示用户可见权限条目作用的某张表或某个目录下所有表的结构信息(表头) | 
| RO | 表示用户可见权限条目作用的某张表或某个目录下所有表的结构信息和具体数据 | 
| RW | 表示用户对权限条目作用的某张表或某个目录下所有表拥有完整权限,包括对表结构和数据的可见以及可以将表作为数据集成的输出目的地 | 
权限级别关系:RW>RO>SC>LS
nodeType值说明
| 字段值 | 描述 | 
|---|---|
| PATH | 表示对权限条目作用于链接中的某个目录,用户对该目录下的所有表持有特定权限 | 
| TABLE | 表示对权限条目作用于链接中的某张表,用户对该表持有特定权限,当对权限条目作用于表并且权限为RO时,owner可添加针对该表的行过滤条件 | 
| CONNECTION | 表示权限条目作用于整个链接,其效果与之前版本的协作类似,被对权限条目包含的用户/用户组对整个链接下的所有资源持有特定权限 | 
多条权限条目间的关系
多条权限条目作用于同一个表时,规则间为"或"关系。用户被多条规则选中时,看到的是多条权限条目的并集过滤后的数据
1.2. 接口说明
1.2.1. 新增权限条目
请求URL
POST /api/v1/connections/{connectionId}/auths
请求参数
URL 参数
无
Request Body 参数
| 字段 | 类型 | 是否必须 | 描述 | 
|---|---|---|---|
| title | STRING | 是 | 权限条目的标题 | 
| connectionId | NUMBER | 是 | 权限条目所属的链接id | 
| type | STRING | 是 | 规则类型,可选值:ROW(行权限) & COLUMN(列权限) | 
| priority | STRING | 是 | 权限条目的权限级别,type为COlUMN时固定为LS | 
| nodeType | STRING | 是 | 权限条目作用的节点类型 | 
| path | STRING数组 | nodeType不是CONNECTION时必须 | 权限条目作用的具体路径 | 
| options.filter.where | HE数组 | 否 | 行过滤条件 | 
| options.filter.excludeColumns | HE数组 | 否 | 列过滤条件 | 
| users | OBJECT数组 | 否 | 权限条目所选用户 | 
| organizations | OBJECT数组 | 否 | 权限条目所选用户组 | 
| org | OBJECT数组 | 否 | 权限条目所选组织架构 | 
| tenants | OBJECT数组 | 否 | 权限条目所选租户(行权限仅在priority为RO时有效) | 
返回对象的格式说明
| 字段 | 类型 | 说明 | 
|---|---|---|
| version | STRING | 当前系统版本哈希值 | 
| data | OBJECT | 见笔记结构说明 | 
接口示例1(新增行权限)
- 请求
POST /api/v1/connections/{connectionId}/auths{ "title": "规则1", "connectionId": 1, "type": "ROW", "nodeType": "TABLE", "priority": "RO", "path": [ "public", "A_IVT_MOVIE" ], "users": [ { "id": 1 }, { "id": 2 } ], "organizations": [ { "id": 1 }, { "id": 2 } ], "org": [ { "id": 1 }, { "id": 2 } ], "tenants": [ { "id": 10001 }, { "id": 10002 } ], "options": { "filter": { "columns": [], "where": [ { "kind": "function", "op": "and", "args": [ { "kind": "function", "op": "<", "args": [ { "kind": "field", "op": "id", "type": "number" }, { "kind": "constant", "op": 5, "type": "number" } ] } ] } ] } } }{ "version": "4.6-SNAPSHOT@@git.commit.id.abbrev@#null", "code": 0, "msg": "success", "data": { "id": 1, "title": "规则1", "type" : "ROW", "connectionId": 8, "priority": "RO", "nodeType": "TABLE", "path": [ "public", "A_IVT_MOVIE" ], "options": { "filter": { "columns": [], "where": [ { "kind": "function", "op": "and", "args": [ { "kind": "function", "op": "<", "args": [ { "kind": "field", "op": "id", "type": "number" }, { "kind": "constant", "op": 5, "type": "number" } ] } ] } ], "filterType": "CONNECTION" } }, "createdBy": 1, "createdAt": "2020-05-28 12:21:31", "updatedBy": 1, "updatedAt": "2020-05-28 14:26:11", "visible": true, "users": [ { "id": 1 }, { "id": 2 } ], "organizations": [ { "id": 1 }, { "id": 2 } ], "org": [ { "id": 1 }, { "id": 2 } ], "tenants": [ { "id": 10001 }, { "id": 10002 } ], "editable": true, "delete": false } }
接口示例2(新增列权限)
- 请求
POST /api/v1/connections/{connectionId}/auths{ "title": "规则1", "connectionId": 1, "type": "COLUMN", "nodeType": "TABLE", "priority": "LS", "path": [ "public", "A_IVT_MOVIE" ], "users": [ { "id": 1 }, { "id": 2 } ], "organizations": [ { "id": 1 }, { "id": 2 } ], "org": [ { "id": 1 }, { "id": 2 } ], "tenants": [ { "id": 10001 }, { "id": 10002 } ], "options": { "filter": { "excludeColumns": [ { "fieldName": "id" }, { "fieldName": "name" } ] } } }{ "version": "4.6-SNAPSHOT@@git.commit.id.abbrev@#null", "code": 0, "msg": "success", "data": { "id": 1, "title": "规则1", "type": "COLUMN", "connectionId": 8, "priority": "LS", "nodeType": "TABLE", "path": [ "public", "A_IVT_MOVIE" ], "options": { "filter": { "excludeColumns": [ { "fieldName": "id" }, { "fieldName": "name" } ], "where": [], "filterType": "CONNECTION" } }, "createdBy": 1, "createdAt": "2020-05-28 12:21:31", "updatedBy": 1, "updatedAt": "2020-05-28 14:26:11", "visible": true, "users": [ { "id": 1 }, { "id": 2 } ], "organizations": [ { "id": 1 }, { "id": 2 } ], "org": [ { "id": 1 }, { "id": 2 } ], "tenants": [ { "id": 10001 }, { "id": 10002 } ], "editable": true, "delete": false } }
1.2.2. 更新权限条目
请求URL
PUT /api/v1/connections/{connectionId}/auths/{authId}
请求参数
URL 参数
无
Request Body 参数
| 字段 | 类型 | 是否必须 | 描述 | 
|---|---|---|---|
| title | STRING | 是 | 权限条目的标题 | 
| connectionId | NUMBER | 是 | 权限条目所属的链接id | 
| type | STRING | 是 | 规则类型,可选值:ROW(行权限) & COLUMN(列权限) | 
| priority | STRING | 是 | 权限条目的权限级别,type为COlUMN时固定为LS | 
| nodeType | STRING | 是 | 权限条目作用的节点类型 | 
| path | STRING数组 | nodeType不是CONNECTION时必须 | 权限条目作用的具体路径 | 
| options.filter.where | HE数组 | 否 | 行过滤条件 | 
| options.filter.excludeColumns | HE数组 | 否 | 列过滤条件 | 
| users | OBJECT数组 | 否 | 权限条目所选用户 | 
| organizations | OBJECT数组 | 否 | 权限条目所选用户组 | 
| org | OBJECT数组 | 否 | 权限条目所选组织架构 | 
| tenants | OBJECT数组 | 否 | 权限条目所选租户(行权限仅在priority为RO时有效) | 
返回对象的格式说明
| 字段 | 类型 | 说明 | 
|---|---|---|
| version | STRING | 当前系统版本哈希值 | 
| data | OBJECT | 见笔记结构说明 | 
接口示例1
- 请求
PUT /api/v1/connections/{connectionId}/auths/{authId}{ "title": "规则1", "connectionId": 1, "id": 1, "type": "ROW", "nodeType": "TABLE", "priority": "RO", "path": [ "public", "A_IVT_MOVIE" ], "users": [ { "id": 1 }, { "id": 2 } ], "organizations": [ { "id": 1 }, { "id": 2 } ], "org": [ { "id": 1 }, { "id": 2 } ], "tenants": [ { "id": 10001 }, { "id": 10002 } ], "options": { "filter": { "columns": [], "where": [ { "kind": "function", "op": "and", "args": [ { "kind": "function", "op": "<", "args": [ { "kind": "field", "op": "id", "type": "number" }, { "kind": "constant", "op": 5, "type": "number" } ] } ] } ] } } }{ "version": "4.6-SNAPSHOT@@git.commit.id.abbrev@#null", "code": 0, "msg": "success", "data": { "id": 1, "title": "规则1", "type" : "ROW", "connectionId": 8, "priority": "RO", "nodeType": "TABLE", "path": [ "public", "A_IVT_MOVIE" ], "options": { "filter": { "columns": [], "where": [ { "kind": "function", "op": "and", "args": [ { "kind": "function", "op": "<", "args": [ { "kind": "field", "op": "id", "type": "number" }, { "kind": "constant", "op": 5, "type": "number" } ] } ] } ], "filterType": "CONNECTION" } }, "createdBy": 1, "createdAt": "2020-05-28 12:21:31", "updatedBy": 1, "updatedAt": "2020-05-28 14:26:11", "visible": true, "users": [ { "id": 1 }, { "id": 2 } ], "organizations": [ { "id": 1 }, { "id": 2 } ], "org": [ { "id": 1 }, { "id": 2 } ], "tenants": [ { "id": 10001 }, { "id": 10002 } ], "editable": true, "delete": false } }
接口示例2(更新列权限)
- 请求
PUT /api/v1/connections/{connectionId}/auths/{authId}{ "title": "规则1", "id": 1 "connectionId": 1, "type": "COLUMN", "nodeType": "TABLE", "priority": "LS", "path": [ "public", "A_IVT_MOVIE" ], "users": [ { "id": 1 }, { "id": 2 } ], "organizations": [ { "id": 1 }, { "id": 2 } ], "org": [ { "id": 1 }, { "id": 2 } ], "tenants": [ { "id": 10001 }, { "id": 10002 } ], "options": { "filter": { "excludeColumns": [ { "fieldName": "code" }, { "fieldName": "name" } ] } } }{ "version": "4.6-SNAPSHOT@@git.commit.id.abbrev@#null", "code": 0, "msg": "success", "data": { "id": 1, "title": "规则1", "type": "COLUMN", "connectionId": 8, "priority": "LS", "nodeType": "TABLE", "path": [ "public", "A_IVT_MOVIE" ], "options": { "filter": { "excludeColumns": [ { "fieldName": "code" }, { "fieldName": "name" } ], "where": [], "filterType": "CONNECTION" } }, "createdBy": 1, "createdAt": "2020-05-28 12:21:31", "updatedBy": 1, "updatedAt": "2020-05-28 14:26:11", "visible": true, "users": [ { "id": 1 }, { "id": 2 } ], "organizations": [ { "id": 1 }, { "id": 2 } ], "org": [ { "id": 1 }, { "id": 2 } ], "tenants": [ { "id": 10001 }, { "id": 10002 } ], "editable": true, "delete": false } }
1.2.3. 根据ID获取权限条目
请求URL
GET /api/v1/connections/{connectionId}/auths/{authId}
请求参数
URL 参数
无
Request Body 参数
无
返回对象的格式说明
| 字段 | 类型 | 说明 | 
|---|---|---|
| version | STRING | 当前系统版本哈希值 | 
| data | OBJECT | 见笔记结构说明 | 
接口示例1
- 请求
GET /api/v1/connections/{connectionId}/auths/{authId}
返回
{
  "version": "3.2-SNAPSHOT@@git.commit.id.abbrev@#null",
  "code": 0,
  "msg": "success",
  "data": {
    "id": 1,
    "title": "规则1",
    "type": "ROW",
    "connectionId": 8,
    "priority": "RO",
    "nodeType": "TABLE",
    "path": [
      "public",
      "A_IVT_MOVIE"
    ],
    "options": {
      "filter": {
        "columns": [],
        "where": [
          {
            "kind": "function",
            "op": "and",
            "args": [
              {
                "kind": "function",
                "op": "<",
                "args": [
                  {
                    "kind": "field",
                    "op": "id",
                    "type": "number"
                  },
                  {
                    "kind": "constant",
                    "op": 5,
                    "type": "number"
                  }
                ]
              }
            ]
          }
        ],
        "filterType": "CONNECTION"
      }
    },
    "createdBy": 1,
    "createdAt": "2020-05-28 12:21:31",
    "updatedBy": 1,
    "updatedAt": "2020-05-28 14:26:11",
    "visible": true,
    "users": [
      {
        "id": 1
      },
      {
        "id": 2
      }
    ],
    "organizations": [
      {
        "id": 1
      },
      {
        "id": 2
      }
    ],
    "editable": true,
    "delete": false
  }
}
1.2.4. 根据ID删除权限条目
请求URL
DELETE /api/v1/connections/{connectionId}/auths/{authId}
请求参数
URL 参数
无
Request Body 参数
无
返回对象的格式说明
| 字段 | 类型 | 说明 | 
|---|---|---|
| version | STRING | 当前系统版本哈希值 | 
接口示例1
- 请求
DELETE /api/v1/connections/{connectionId}/auths/{authId}
返回
{
  "version": "3.2-SNAPSHOT@@git.commit.id.abbrev@#null",
  "code": 0,
  "msg": "success"
}
1.2.5. 获取指定路径下的连接权限
请求URL
POST /api/v1/connections/{connectionId}/auths/path
请求参数
URL 参数
无
Request Body 参数
| 字段 | 类型 | 是否必须 | 描述 | 
|---|---|---|---|
| path | STRING数组 | 否(为空表示查询CONNECTION级权限) | 权限条目作用的具体路径 | 
返回对象的格式说明
| 字段 | 类型 | 说明 | 
|---|---|---|
| version | STRING | 当前系统版本哈希值 | 
| data | OBJECT | 见笔记结构说明 | 
接口示例1
- 请求
POST /api/v1/connections/{connectionId}/auths/path{ "path": [ "public", "A_IVT_MOVIE" ] }{ "version": "3.2-SNAPSHOT@@git.commit.id.abbrev@#null", "code": 0, "msg": "success", "data": [ { "id": 3, "title": "规则2", "type": "ROW", "connectionId": 8, "priority": "LS", "nodeType": "TABLE", "path": [ "public", "A_IVT_MOVIE" ], "options": { "filter": { "columns": [], "where": [] } }, "createdBy": 1, "createdAt": "2020-05-28 14:25:19", "updatedBy": 1, "updatedAt": "2020-05-28 14:25:19", "visible": true, "editable": true, "delete": false }, { "id": 2, "title": "规则1", "connectionId": 8, "type": "ROW", "priority": "RO", "nodeType": "TABLE", "path": [ "public", "A_IVT_MOVIE" ], "options": { "filter": { "columns": [], "where": [ { "op": "and", "args": [ { "op": "<", "args": [ { "op": "id", "kind": "field", "type": "number" }, { "op": 5, "kind": "constant", "type": "number" } ], "kind": "function" } ], "kind": "function" } ], "filterType": "CONNECTION" } }, "createdBy": 1, "createdAt": "2020-05-28 12:21:31", "updatedBy": 1, "updatedAt": "2020-05-28 14:50:31", "visible": true, "users": [ { "id": 2, "name": "test2" } ], "editable": true, "delete": false }, { "id": 5, "title": "规则3", "connectionId": 8, "priority": "LS", "nodeType": "TABLE", "path": [ "public", "A_IVT_MOVIE" ], "options": { "filter": { "columns": [], "where": [] } }, "createdBy": 1, "createdAt": "2020-05-28 14:55:00", "updatedBy": 1, "updatedAt": "2020-05-28 14:55:00", "visible": true, "editable": true, "delete": false } ], "totalHits": 3, "offset": 0 }
1.2.6. 批量添加链接规则
请求URL
POST /api/v1/connections/{connectionId}/auths/batch-add
请求参数
URL 参数
无
Request Body 参数
- 根据paths添加
```json
{
 "priority": "RO",
 "type": "ROW",
 "connnectionId": 3,
 "nodeType": "TABLE",
 "paths": [
 ], "type": "ROW", "title": "批量添加", "users": [[ "public", "A_IVT_MOVIE" ], [ "public", "a_ivt_college" ], [ "public", "a_ivt_countries" ], [ "public", "a_ivt_employee" ]
 ], "organizations": [{ "id": 2 }, { "id": 3 }, { "id": 7 }
 ], "tenants": [{ "id": 2 }, { "id": 3 }, { "id": 4 }
 ], "options": {{ "id": 10001 }, { "id": 10002 }, { "id": 10003 }
 } }"filter": { "where": [], "excludeColumns": [] }
2. 根据ConnectionAuthDtos添加
```json
{
    "connectionAuthDtos": [
        {
            "priority": "RO",
            "connnectionId": 3,
            "nodeType": "TABLE",
            "path": [
                "public",
                "A_IVT_MOVIE"
            ],
            "type": "ROW",
            "title": "分别添加1",
            "users": [
                {
                    "id": 2
                }
            ],
            "organizations": [
                {
                    "id": 2
                },
                {
                    "id": 3
                }
            ],
            "tenants": [
                {
                    "id": 10001
                }
            ],
            "options": {
                "filter": {
                    "where": [],
                    "excludeColumns": []
                }
            }
        },
        {
            "priority": "RO",
            "connnectionId": 3,
            "nodeType": "TABLE",
            "path": [
                "public",
                "a_ivt_college"
            ],
            "type": "ROW",
            "title": "分别添加2",
            "users": [
                {
                    "id": 2
                },
                {
                    "id": 3
                }
            ],
            "organizations": [
                {
                    "id": 4
                },
                {
                    "id": 3
                }
            ],
            "tenants": [
                {
                    "id": 10001
                },
                {
                    "id": 10003
                }
            ],
            "options": {
                "filter": {
                    "where": [],
                    "excludeColumns": []
                }
            }
        },
        {
            "priority": "RO",
            "connnectionId": 3,
            "nodeType": "TABLE",
            "path": [
                "public",
                "A_IVT_MOVIE"
            ],
            "type": "ROW",
            "title": "分别添加3",
            "users": [
                {
                    "id": 2
                },
                {
                    "id": 3
                },
                {
                    "id": 7
                }
            ],
            "organizations": [
                {
                    "id": 2
                },
                {
                    "id": 3
                },
                {
                    "id": 4
                }
            ],
            "tenants": [
                {
                    "id": 10001
                },
                {
                    "id": 10002
                },
                {
                    "id": 10003
                }
            ],
            "options": {
                "filter": {
                    "where": [],
                    "excludeColumns": []
                }
            }
        }
    ]
}
返回对象的格式说明
| 字段 | 类型 | 说明 | 
|---|---|---|
| version | STRING | 当前系统版本哈希值 | 
| data | OBJECT | 见笔记结构说明 | 
接口示例1
- 请求
POST /api/v1/connections/{connectionId}/auths/batch-add{ "priority": "RO", "connnectionId": 3, "nodeType": "TABLE", "paths": [ [ "public", "A_IVT_MOVIE" ], [ "public", "a_ivt_college" ], [ "public", "a_ivt_countries" ], [ "public", "a_ivt_employee" ] ], "type": "ROW", "title": "批量添加", "users": [ { "id": 2 }, { "id": 3 }, { "id": 7 } ], "organizations": [ { "id": 2 }, { "id": 3 }, { "id": 4 } ], "tenants": [ { "id": 10001 }, { "id": 10002 }, { "id": 10003 } ], "options": { "filter": { "where": [], "excludeColumns": [] } } }{ "version": "4.2-SNAPSHOT@@git.commit.id.abbrev@#352dc7c5", "code": 0, "msg": "success", "data": [ { "id": 12, "title": "分别添加1", "connectionId": 3, "priority": "RO", "type": "ROW", "nodeType": "TABLE", "path": [ "public", "A_IVT_MOVIE" ], "options": { "filter": { "excludeColumns": [], "where": [], "ruleType": "ROW" } }, "createdBy": 2, "updatedBy": 2, "visible": true, "users": [ { "id": 2 } ], "organizations": [ { "id": 2 }, { "id": 3 } ], "tenants": [ { "id": 10001 } ] }, { "id": 13, "title": "分别添加2", "connectionId": 3, "priority": "RO", "type": "ROW", "nodeType": "TABLE", "path": [ "public", "a_ivt_college" ], "options": { "filter": { "excludeColumns": [], "where": [], "ruleType": "ROW" } }, "createdBy": 2, "updatedBy": 2, "visible": true, "users": [ { "id": 2 }, { "id": 3 } ], "organizations": [ { "id": 4 }, { "id": 3 } ], "tenants": [ { "id": 10001 }, { "id": 10003 } ] }, { "id": 14, "title": "分别添加3", "connectionId": 3, "priority": "RO", "type": "ROW", "nodeType": "TABLE", "path": [ "public", "A_IVT_MOVIE" ], "options": { "filter": { "excludeColumns": [], "where": [], "ruleType": "ROW" } }, "createdBy": 2, "updatedBy": 2, "visible": true, "users": [ { "id": 2 }, { "id": 3 }, { "id": 7 } ], "organizations": [ { "id": 2 }, { "id": 3 }, { "id": 4 } ], "tenants": [ { "id": 10001 }, { "id": 10002 }, { "id": 10003 } ] } ] }
1.2.7. 获取链接级规则
请求URL
GET /api/v1/connections/{connectionId}/auths/priority-connection
请求参数
URL 参数
无
Request Body 参数
无
返回对象的格式说明
| 字段 | 类型 | 说明 | 
|---|---|---|
| version | STRING | 当前系统版本哈希值 | 
| data | OBJECT | 见笔记结构说明 | 
接口示例1
- 请求
GET /api/v1/connections/{connectionId}/auths/priority-connection
返回
{
  "version": "3.2-SNAPSHOT@@git.commit.id.abbrev@#null",
  "code": 0,
  "msg": "success",
  "data": [
    {
      "id": 6,
      "title": "规则1 (1)",
      "connectionId": 8,
      "priority": "LS",
      "nodeType": "CONNECTION",
      "options": {},
      "createdBy": 1,
      "createdAt": "2020-05-28 15:05:40",
      "updatedBy": 1,
      "updatedAt": "2020-05-28 15:05:40",
      "visible": true,
      "editable": true,
      "delete": false
    }
  ],
  "totalHits": 1,
  "offset": 0
}