Merge pull request #2424 from actiontech/main

Main

Author: LordofAvernus

sqle/api/controller/v1/sql_audit_record.go

@@ -12,6 +12,7 @@ import (
 	"net/http"
 	"os"
 	"path/filepath"
+	"strconv"
 	"strings"
 	"time"
 
@@ -682,20 +683,33 @@ func GetSQLAuditRecordsV1(c echo.Context) error {
 	}
 
 	limit, offset := controller.GetLimitAndOffset(req.PageIndex, req.PageSize)
-	hasPermission, err := hasViewPermission(user.GetIDStr(), projectUid, v1.OpPermissionViewQuickAuditRecord)
-
+	up, err := dms.NewUserPermission(user.GetIDStr(), projectUid)
+	if err != nil {
+		return controller.JSONBaseErrorReq(c, fmt.Errorf("check project manager failed: %v", err))
+	}
+	canViewProject := up.CanViewProject()
+	viewQuickAuditRecordPermission := up.GetOnePermission(v1.OpPermissionViewQuickAuditRecord)
 	data := map[string]interface{}{
 		"filter_project_id":       projectUid,
 		"filter_creator_id":       user.ID,
 		"fuzzy_search_tags":       req.FuzzySearchTags,
-		"filter_instance_id":      req.FilterInstanceId,
+		"filter_instance_ids":     req.FilterInstanceId,
 		"filter_create_time_from": req.FilterCreateTimeFrom,
 		"filter_create_time_to":   req.FilterCreateTimeTo,
-		"check_user_can_access":   !hasPermission,
+		"check_user_can_access":   !canViewProject,
 		"filter_audit_record_ids": req.FilterSqlAuditRecordIDs,
 		"limit":                   limit,
 		"offset":                  offset,
 	}
+	if !canViewProject && viewQuickAuditRecordPermission != nil {
+		rangeUids := viewQuickAuditRecordPermission.RangeUids
+		if req.FilterInstanceId != 0 {
+			rangeUids = utils.FindIntersection(rangeUids, []string{strconv.FormatUint(req.FilterInstanceId, 10)})
+		}
+		data["filter_instance_ids"] = fmt.Sprintf("\"%s\"", strings.Join(rangeUids, "\",\""))
+		data["check_user_can_access"] = false
+	}
+
 	if req.FilterSQLAuditStatus == SQLAuditRecordStatusAuditing {
 		data["filter_task_status_exclude"] = model.TaskStatusAudited
 	} else if req.FilterSQLAuditStatus == SQLAuditRecordStatusSuccessfully {

sqle/model/sql_audit_record_list.go

@@ -76,8 +76,8 @@ AND tasks.status = :filter_task_status
 AND tasks.status <> :filter_task_status_exclude
 {{- end }}
 
-{{- if .filter_instance_id }}
-AND  tasks.instance_id = :filter_instance_id
+{{- if .filter_instance_ids }}
+AND  tasks.instance_id IN ( {{ .filter_instance_ids }} )
 {{- end }}
 
 {{- if .filter_create_time_from }}

sqle/utils/util.go

@@ -489,3 +489,24 @@ func GenerateSSHKeyPair() (privateKeyStr, publicKeyStr string, err error) {
 
 	return string(privatePEM), publicKeyStr, nil
 }
+
+func FindIntersection(slice1, slice2 []string) []string {
+	map1 := make(map[string]bool)
+	map2 := make(map[string]bool)
+
+	// 填充第一个 map
+	for _, item := range slice1 {
+		map1[item] = true
+	}
+
+	// 填充第二个 map 并查找交集
+	var intersection []string
+	for _, item := range slice2 {
+		if map1[item] && !map2[item] {
+			intersection = append(intersection, item)
+		}
+		map2[item] = true
+	}
+
+	return intersection
+}