密级修改由安全员进行修改

8b1c7547 · 雍欢 · f0f8fa65 · 8b1c7547 · 8b1c7547 · 8b1c7547
Commit 8b1c7547 authored Mar 01, 2021 by 雍欢
3 changed files
--- a/huigou-uasp/src/main/java/com/huigou/shiro/realm/StandardRealm.java
+++ b/huigou-uasp/src/main/java/com/huigou/shiro/realm/StandardRealm.java
@@ -5,6 +5,7 @@ import com.huigou.context.ContextUtil;
 import com.huigou.context.Operator;
 import com.huigou.context.ThreadLocalUtil;
 import com.huigou.context.TmspmConifg;
+import com.huigou.data.domain.query.QueryPageRequest;
 import com.huigou.data.repository.GeneralRepository;
 import com.huigou.domain.ValidStatus;
 import com.huigou.exception.ApplicationException;
@@ -12,8 +13,10 @@ import com.huigou.shiro.authc.LimitLoginAccountException;
 import com.huigou.shiro.token.StandardUserToken;
 import com.huigou.uasp.bmp.operator.OperatorApplication;
 import com.huigou.uasp.bmp.opm.LicenseChecker;
+import com.huigou.uasp.bmp.opm.application.AccessApplication;
+import com.huigou.uasp.bmp.opm.application.AccessQueryApplication;
 import com.huigou.uasp.bmp.opm.domain.model.org.Person;
-import com.huigou.uasp.bmp.opm.proxy.AccessApplicationProxy;
+import com.huigou.uasp.bmp.opm.domain.query.AuthorizedPermissionsByOrgFullIdQueryRequest;
 import com.huigou.uasp.bmp.securitypolicy.application.SecurityPolicyApplication;
 import com.huigou.uasp.bmp.securitypolicy.domain.model.PersonAccount;
 import com.huigou.uasp.bmp.securitypolicy.domain.model.PersonAccount.PersonAccountStatus;
@@ -37,6 +40,9 @@ import org.springframework.beans.factory.annotation.Autowired;

 import java.util.Date;
 import java.util.List;
+import java.util.Map;
+import java.util.Set;
+import java.util.stream.Collectors;

 /**
 * 平台默认shiro安全处理域
@@ -49,7 +55,7 @@ public class StandardRealm extends AuthorizingRealm {
    private OperatorApplication operatorApplication;

    @Autowired
-    private AccessApplicationProxy accessApplication;
+    private AccessApplication accessApplication;

    @Autowired
    private LoginLogApplication loginLogApplication;
@@ -65,9 +71,12 @@ public class StandardRealm extends AuthorizingRealm {

    @Autowired
    private TmspmConifg tmspmConifg;
+    @Autowired
+    private AccessQueryApplication accessQueryApplication;
    @Deprecated
    private static long LICESENE_INDEX = 0;

+
    private LicenseChecker getLicenseChecker() {
        return licenseChecker;
    }
@@ -110,7 +119,7 @@ public class StandardRealm extends AuthorizingRealm {
        if (operator != null) {
            SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
            // 1、 添加角色
-
+            authorizationInfo.setRoles(findRoles(operator));
            // 2、 添加权限
            List<String> permissions = this.accessApplication.queryPersonFunPermissions(operator.getUserId());
            authorizationInfo.addStringPermissions(permissions);
@@ -119,6 +128,19 @@ public class StandardRealm extends AuthorizingRealm {
        return null;
    }

+    private Set<String> findRoles(Operator operator) {
+        AuthorizedPermissionsByOrgFullIdQueryRequest request = new AuthorizedPermissionsByOrgFullIdQueryRequest();
+        request.setOrgFullId(operator.getFullId());
+        QueryPageRequest page = new QueryPageRequest();
+        page.setPageIndex(1);
+        page.setPageSize(Integer.MAX_VALUE);
+        request.setPageModel(page);
+        return ((List<Map<String, Object>>) accessQueryApplication.slicedQueryRolesByOrgFullId(request).get(Constants.ROWS))
+                .stream()
+                .map(role -> (String) role.get("code"))
+                .collect(Collectors.toSet());
+    }
+
    @Override
    public String getName() {
        return "StandardRealm";

--- a/huigou-uasp/src/main/java/com/huigou/uasp/bmp/opm/controller/OrgController.java
+++ b/huigou-uasp/src/main/java/com/huigou/uasp/bmp/opm/controller/OrgController.java
 package com.huigou.uasp.bmp.opm.controller;

+import com.huigou.context.TmspmConifg;
 import com.huigou.data.domain.model.CommonDomainConstants;
 import com.huigou.data.domain.query.CodeAndNameQueryRequest;
 import com.huigou.domain.ValidStatus;
@@ -65,6 +66,9 @@ public class OrgController extends CommonController {
    @Autowired
    private AttachmentApplication attachmentApplication;

+    @Autowired
+    private TmspmConifg tmspmConifg;
+
    @Override
    protected String getPagePath() {
        return "/system/opm/organization/";
@@ -376,6 +380,8 @@ public class OrgController extends CommonController {
        this.putAttribute("status", ValidStatus.ENABLED.getId());

        this.putAttribute("status", ValidStatus.ENABLED.getId());
+        this.putAttribute("useTspm", tmspmConifg.isUseTspm());
+        this.putAttribute("enableTspm", tmspmConifg.isEnableTspm());

        return this.forward(PERSON_DETAIL_PAGE, sdo.getProperties());
    }
@@ -447,6 +453,8 @@ public class OrgController extends CommonController {
            Attachment attachment = attachments.get(0);
            this.putAttribute("picturePath", StringUtil.encode(attachment.getPath()));
        }
+        this.putAttribute("useTspm", tmspmConifg.isUseTspm());
+        this.putAttribute("enableTspm", tmspmConifg.isEnableTspm());
        return forward(PERSON_DETAIL_PAGE, person);
    }


--- a/huigou-xt/src/main/webapp/system/opm/organization/PersonDetail.jsp
+++ b/huigou-xt/src/main/webapp/system/opm/organization/PersonDetail.jsp
 <%@ page language="java" contentType="text/html; charset=utf-8"%>
 <%@taglib uri="/WEB-INF/taglib.tld" prefix="x"%>
 <%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c"%>
+<%@ taglib prefix="s" uri="http://shiro.apache.org/tags" %>
 <form class="hg-form" method="post" action="" id="submitForm">
 	<x:hidden name="id" />
 	<x:hidden name="mainOrgId" />
@@ -93,10 +94,20 @@
 		</div>
 	</div>
 	<div class="hg-form-row">
-		<div class="col-md-8">
-			<x:selectC name="securityGrade" label="密级" dictionary="securityGrade" labelCol="2" fieldCol="4" />
-			<x:selectC name="personSecurityGrade" label="涉密等级" dictionary="personSecurityGrade" labelCol="2" fieldCol="4" />
-		</div>
+		<c:if test="${useTspm}">
+			<s:hasRole name="securityGuard">
+				<div class="col-md-8">
+					<x:selectC name="securityGrade" label="密级" dictionary="securityGrade" labelCol="2" fieldCol="4" />
+					<x:selectC name="personSecurityGrade" label="涉密等级" dictionary="personSecurityGrade" labelCol="2" fieldCol="4" />
+				</div>
+			</s:hasRole>
+		</c:if>
+		<c:if test="${!useTspm}">
+			<div class="col-md-8">
+				<x:selectC name="securityGrade" label="密级" dictionary="securityGrade" labelCol="2" fieldCol="4" />
+				<x:selectC name="personSecurityGrade" label="涉密等级" dictionary="personSecurityGrade" labelCol="2" fieldCol="4" />
+			</div>
+		</c:if>
 		<div class="col-md-4">
 			<x:inputC name="sequence" required="true" label="排序号" spinner="true" mask="nnn" dataOptions="min:1" labelCol="4" fieldCol="8" />
 		</div>