fix: get audit records by instance ids

[Jarvis1105]

User description

assign in @LordofAvernus

关联的 issue

https://github.com/actiontech/sqle-ee/issues/2387#issuecomment-3027273488

描述你的变更

查看快捷审核记录在有查看快捷审核记录权限的时候需要根据数据源做筛选

确认项（pr提交后操作）

Tip

请在指定复审人之前，确认并完成以下事项，完成后✅

---

• 我已完成自测
• 我已记录完整日志方便进行诊断
• 我已在关联的issue里补充了实现方案
• 我已在关联的issue里补充了测试影响面
• 我已确认了变更的兼容性，如果不兼容则在issue里标记 not_compatible
• 我已确认了是否要更新文档，如果要更新则在issue里标记 need_update_doc

---

---

Description

• 修改审核记录权限校验逻辑

• 调整查询参数由 filter_instance_id 改为 filter_instance_ids

• 添加多实例过滤交集计算的工具函数

• 更新 SQL 模板中实例过滤语句

---

Changes diagram

flowchart LR
  A["修改权限检查逻辑"] --> B["更新查询参数传递"]
  B --> C["更新 SQL 查询条件"]
  B --> D["调用 FindIntersection 函数"]

Loading

---

Changes walkthrough 📝

	Relevant files
Bug fix	sql_audit_record.go 更新审核记录权限与过滤逻辑                                                                                        sqle/api/controller/v1/sql_audit_record.go 新增导入 strconv 包 使用 dms.NewUserPermission 替代旧权限校验 调整数据 map 中实例过滤逻辑 +18/-4    sql_audit_record_list.go 更新 SQL 查询条件过滤参数                                                                                    sqle/model/sql_audit_record_list.go 参数名由 filter_instance_id 改为 filter_instance_ids 修改 SQL 条件使用 IN 查询 +2/-2
Enhancement	util.go 添加工具函数 FindIntersection                                                                    sqle/utils/util.go 新增 FindIntersection 函数计算字符串交集 +21/-0

---

Need help?

Type /help how to ... in the comments thread for any questions about PR-Agent usage.

Check out the documentation for more information.

[github-actions]

PR Code Suggestions ✨

Latest suggestions up to 1206d17

Explore these optional code suggestions:

Category	Suggestion	Impact
Possible issue	检查筛选集合非空 建议在设置 filter_instance_ids 之前检查 rangeUids 的长度，防止其为空导致 SQL 查询异常或返回意外结果。如果交集为空时，应采取适当的后续处理，例如直接返回空结果或报错，确保后续 SQL 查询的安全性和正确性。 sqle/api/controller/v1/sql_audit_record.go [704-711] if !canViewProject && viewQuickAuditRecordPermission != nil { rangeUids := viewQuickAuditRecordPermission.RangeUids if req.FilterInstanceId != 0 { rangeUids = utils.FindIntersection(rangeUids, []string{strconv.FormatUint(req.FilterInstanceId, 10)}) } + if len(rangeUids) == 0 { + return controller.JSONBaseErrorReq(c, fmt.Errorf("no permitted instance ids")) + } data["filter_instance_ids"] = fmt.Sprintf("\"%s\"", strings.Join(rangeUids, "\",\"")) data["check_user_can_access"] = false } Suggestion importance[1-10]: 7 __ Why: The suggestion introduces an error handling check for an empty rangeUids array, which prevents potential issues with an unexpected empty SQL IN clause. This improvement is accurate and directly modifies the existing code block to enhance reliability.	Medium

---

Previous suggestions

Suggestions up to commit 8c196ef

Category	Suggestion	Impact
Possible issue	增加空切片检查 建议在将 rangeUids 拼接为 SQL 字符串之前，检查 rangeUids 是否为空。如果为空，最好返回错误或采取其他适当措施，以防止 SQL 查询过滤条件异常，避免因空过滤导致未预期的数据返回或潜在错误。 sqle/api/controller/v1/sql_audit_record.go [704-711] if !canViewProject && viewQuickAuditRecordPermission != nil { rangeUids := viewQuickAuditRecordPermission.RangeUids if req.FilterInstanceId != 0 { rangeUids = utils.FindIntersection(rangeUids, strconv.FormatUint(req.FilterInstanceId, 10)) } + if len(rangeUids) == 0 { + return controller.JSONBaseErrorReq(c, fmt.Errorf("no valid instance id found")) + } data["filter_instance_ids"] = fmt.Sprintf("\"%s\"", strings.Join(rangeUids, "\",\"")) data["check_user_can_access"] = false } Suggestion importance[1-10]: 6 __ Why: The suggestion correctly addresses a potential issue with an empty rangeUids slice before constructing the SQL filter, improving error handling. However, the change is moderate in impact and does not fix a critical bug.	Low

Suggestions up to commit e058aee

Category	Suggestion	Impact
General	增加对 RangeUids 检查 建议在使用 strings.Join 前检查 RangeUids 数组是否为空，以防止产生空字符串过滤值，这可能导致意外查询结果。保证当没有有效权限时，系统能正确返回预期行为。 sqle/api/controller/v1/sql_audit_record.go [703-708] if !canViewProject && viewQuickAuditRecordPermission != nil && req.FilterInstanceId == 0 { rangeUids := viewQuickAuditRecordPermission.RangeUids - filterInstanceIds := strings.Join(rangeUids, ",") - data["filter_instance_ids"] = filterInstanceIds - data["check_user_can_access"] = false + if len(rangeUids) > 0 { + filterInstanceIds := strings.Join(rangeUids, ",") + data["filter_instance_ids"] = filterInstanceIds + data["check_user_can_access"] = false + } else { + // 处理无有效权限的情况，例如记录日志或返回错误 + } } Suggestion importance[1-10]: 7 __ Why: The suggestion adds a defensive check for an empty RangeUids slice before joining, enhancing robustness without a major change in logic.	Medium

Suggestions up to commit 750b324

Category	Suggestion	Impact
Possible issue	增加空列表判断 在拼接 viewQuickAuditRecordPermission.RangeUids 之前，请增加对空切片的判断，以防止生成空字符串导致 SQL 查询不符合预期或触发运行时错误。检查 rangeUids 的长度，确保只有在有数据时才对其进行拼接。 sqle/api/controller/v1/sql_audit_record.go [703-708] if !canViewProject && viewQuickAuditRecordPermission != nil { rangeUids := viewQuickAuditRecordPermission.RangeUids - filterInstanceIds := strings.Join(rangeUids, ",") - data["filter_instance_ids"] = filterInstanceIds + if len(rangeUids) > 0 { + filterInstanceIds := strings.Join(rangeUids, ",") + data["filter_instance_ids"] = filterInstanceIds + } data["check_user_can_access"] = false } Suggestion importance[1-10]: 7 __ Why: The suggestion adds a check on the length of viewQuickAuditRecordPermission.RangeUids to guard against empty slices, which improves robustness. The improved code snippet correctly reflects the intended modification without altering the overall logic.	Medium