Skip to content

T
test
Commit 9d15c8c2 authored by 雍欢's avatar 雍欢
Browse files
Options

1、修改平台人员密级相关功能为统一使用数据字典(原有逻辑是枚举+数据字典,存在硬编码); 

2、人员选择对话框可根据密级和涉密等级过滤人员;
3、取消lic检查
parent 987bcb64
Hide whitespace changes
Inline Side-by-side
Showing with 207 additions and 195 deletions
huigou-common/src/main/java/com/huigou/context/PersonMember.java
View file @ 9d15c8c2
......@@ -28,7 +28,7 @@ public class PersonMember extends OrgNode implements Serializable {
private String loginName;
private SecurityGrade securityGrade;
private String securityGrade;
private String tenantId;
......@@ -205,11 +205,11 @@ public class PersonMember extends OrgNode implements Serializable {
this.loginName = loginName;
}
public SecurityGrade getSecurityGrade() {
public String getSecurityGrade() {
return securityGrade;
}
public void setSecurityGrade(SecurityGrade securityGrade) {
public void setSecurityGrade(String securityGrade) {
this.securityGrade = securityGrade;
}
......
huigou-common/src/main/java/com/huigou/context/SecurityGrade.java
View file @ 9d15c8c2
......@@ -10,6 +10,7 @@ import com.huigou.util.StringUtil;
*
* @author gongmm
*/
@Deprecated
public enum SecurityGrade {
NONE("NONE", ""),
NON_SECRET("NON_SECRET", "非密"),
......
huigou-common/src/main/java/com/huigou/context/User.java
View file @ 9d15c8c2
......@@ -52,7 +52,7 @@ public class User implements Serializable {
private String password;
private SecurityGrade securityGrade;
private String securityGrade;
private String tenantId;
......@@ -167,7 +167,7 @@ public class User implements Serializable {
this.mainOrgFullName = mainOrgFullName;
this.mainOrgFullCode = mainOrgFullCode;
this.securityGrade = SecurityGrade.fromId(securityGradeId);
this.securityGrade = securityGradeId;
}
public User(PersonMember personMember) {
......@@ -247,11 +247,11 @@ public class User implements Serializable {
this.password = password;
}
public SecurityGrade getSecurityGrade() {
public String getSecurityGrade() {
return securityGrade;
}
public void setSecurityGrade(SecurityGrade securityGrade) {
public void setSecurityGrade(String securityGrade) {
this.securityGrade = securityGrade;
}
......
huigou-common/src/main/java/com/huigou/util/SDO.java
View file @ 9d15c8c2
package com.huigou.util;
import java.io.Serializable;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.*;
import java.util.regex.Pattern;
import java.util.stream.Collectors;
import com.huigou.context.Operator;
import com.huigou.domain.IdentifiedEntity;
import com.huigou.domain.QueryRequest;
import com.huigou.exception.ApplicationException;
import org.apache.commons.lang.StringUtils;
/**
* 服务数据对象
......@@ -20,6 +19,11 @@ import com.huigou.exception.ApplicationException;
public class SDO implements Serializable {
private final static List<String> NOT_STRIPXSS_KEY_WHITELIST = new ArrayList<String>();
/**
* @since 1.2.8
*/
private final static Pattern JSON_ARRAY_PATTERN = Pattern.compile("^\\[.*\\]$");
static {
// 导出时表头
NOT_STRIPXSS_KEY_WHITELIST.add(Constants.EXPORT_HEAD);
......@@ -145,7 +149,12 @@ public class SDO implements Serializable {
if (StringUtil.isBlank(jsonStr)) {
return null;
}
return JSONUtil.toList(jsonStr, String.class);
jsonStr = jsonStr.trim();
if (JSON_ARRAY_PATTERN.matcher(jsonStr).matches()) {
return JSONUtil.toList(jsonStr, String.class);
}
// 处理逗号分隔模式。
return Arrays.stream(StringUtils.split(jsonStr, ",")).collect(Collectors.toList());
}
public List<Integer> getIntegerList(String key) {
......@@ -153,7 +162,13 @@ public class SDO implements Serializable {
if (StringUtil.isBlank(jsonStr)) {
return null;
}
return JSONUtil.toList(jsonStr, Integer.class);
if (JSON_ARRAY_PATTERN.matcher(jsonStr).matches()) {
return JSONUtil.toList(jsonStr, Integer.class);
}
// 处理逗号分隔模式。
return Arrays.stream(StringUtils.split(jsonStr, ","))
.map(Integer::valueOf)
.collect(Collectors.toList());
}
public Map<String, Integer> getStringMap(String key) {
......
huigou-core-api/src/main/java/com/huigou/uasp/bmp/opm/domain/model/org/Person.java
View file @ 9d15c8c2
package com.huigou.uasp.bmp.opm.domain.model.org;
import java.util.Date;
import javax.persistence.Column;
import javax.persistence.Entity;
import javax.persistence.EnumType;
import javax.persistence.Enumerated;
import javax.persistence.Table;
import javax.persistence.Temporal;
import javax.persistence.TemporalType;
import javax.persistence.Transient;
import com.huigou.annotation.JsonIgnore;
import com.huigou.context.SecurityGrade;
import com.huigou.data.domain.model.BaseInfoWithTenantAbstractEntity;
import com.huigou.domain.ValidStatus;
import com.huigou.util.Util;
import javax.persistence.*;
import java.util.Date;
@Entity
@Table(name = "SA_OPPerson")
public class Person extends BaseInfoWithTenantAbstractEntity {
......@@ -188,12 +179,10 @@ public class Person extends BaseInfoWithTenantAbstractEntity {
private Integer caStatus;
@Column(name = "security_grade_id")
@Enumerated(EnumType.STRING)
private SecurityGrade securityGrade;
private String securityGrade;
@Column(name = "person_security_grade_id")
@Enumerated(EnumType.STRING)
private PersonSecurityGrade personSecurityGrade;
private String personSecurityGrade;
private Integer sequence;
......@@ -432,19 +421,19 @@ public class Person extends BaseInfoWithTenantAbstractEntity {
this.caStatus = caStatus;
}
public SecurityGrade getSecurityGrade() {
public String getSecurityGrade() {
return securityGrade;
}
public void setSecurityGrade(SecurityGrade securityGrade) {
public void setSecurityGrade(String securityGrade) {
this.securityGrade = securityGrade;
}
public PersonSecurityGrade getPersonSecurityGrade() {
public String getPersonSecurityGrade() {
return personSecurityGrade;
}
public void setPersonSecurityGrade(PersonSecurityGrade personSecurityGrade) {
public void setPersonSecurityGrade(String personSecurityGrade) {
this.personSecurityGrade = personSecurityGrade;
}
......
huigou-core-api/src/main/java/com/huigou/uasp/bmp/opm/domain/model/org/PersonSecurityGrade.java
View file @ 9d15c8c2
......@@ -10,8 +10,12 @@ import com.huigou.util.StringUtil;
*
* @author gongmm
*/
@Deprecated
public enum PersonSecurityGrade {
NON_SECRET("NON_SECRET", "非密"), COMMON("COMMON", "一般"), IMPORTANCE("IMPORTANCE", "重要"), CORE("CORE", "核心");
NON_SECRET("NON_SECRET", "非密"),
COMMON("COMMON", "一般"),
IMPORTANCE("IMPORTANCE", "重要"),
CORE("CORE", "核心");
private final String id;
......
huigou-core-api/src/main/java/com/huigou/uasp/bmp/opm/domain/query/OrgQueryModel.java
View file @ 9d15c8c2
......@@ -3,6 +3,7 @@ package com.huigou.uasp.bmp.opm.domain.query;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import java.util.ListIterator;
import org.springframework.util.Assert;
......@@ -19,7 +20,7 @@ import com.huigou.util.StringUtil;
/**
* 组织机构查询模型
*
*
* @author gongmm
*/
public class OrgQueryModel extends QueryModel {
......@@ -278,6 +279,38 @@ public class OrgQueryModel extends QueryModel {
}
condition.append(")");
// 密级
List<String> securityGrades = inputParams.getStringList("securityGrade");
if (securityGrades != null && securityGrades.size() > 0) {
condition.append(" and (o.org_kind_id='psm' and p.security_grade_id in (");
int i = 0;
for (ListIterator<String> ltr = securityGrades.listIterator(); ltr.hasNext(); ) {
String securityGrade = ltr.next();
paramName = String.format("securityGrade%d", i);
condition.append(':').append(paramName);
if (ltr.hasNext()) {
condition.append(",");
}
this.putParam(paramName, securityGrade);
}
condition.append(") or o.org_kind_id<>'psm')");
}
// 人员等级
List<String> personSecurityGrades = inputParams.getStringList("personSecurityGrade");
if (personSecurityGrades!=null && personSecurityGrades.size() > 0) {
condition.append(" and (o.org_kind_id='psm' and p.person_security_grade_id in (");
int i = 0;
for (ListIterator<String> ltr = personSecurityGrades.listIterator(); ltr.hasNext(); ) {
String personSecurityGrade = ltr.next();
paramName = String.format("personSecurityGrade%d", i);
condition.append(':').append(paramName);
if (ltr.hasNext()) {
condition.append(",");
}
this.putParam(paramName, personSecurityGrade);
}
condition.append(") or o.org_kind_id<>'psm')");
}
this.countCondition.append(condition);
if (first != last) {
countCondition.delete(first, last);
......
huigou-core-impl/src/main/java/com/huigou/uasp/bmp/opm/impl/AuthenticationApplicationImpl.java
View file @ 9d15c8c2
......@@ -29,6 +29,9 @@ public class AuthenticationApplicationImpl extends BaseApplication implements Au
private AccessApplication accessApplication;
private LicenseChecker licenseChecker;
@Deprecated
private static long LICESENE_INDEX = 0;
public void setOrgApplication(OrgApplication orgApplication) {
......@@ -39,8 +42,9 @@ public class AuthenticationApplicationImpl extends BaseApplication implements Au
this.accessApplication = accessApplication;
}
@Deprecated
private LicenseChecker getLicenseChecker() {
return StandardLicenseChecker.getInstance();
return licenseChecker;
}
@Override
......@@ -130,6 +134,7 @@ public class AuthenticationApplicationImpl extends BaseApplication implements Au
return result;
}
@Deprecated
private void checkLicense() {
if (LICESENE_INDEX >= 500) {
String sql = "select count(*) from SA_OnlineSession";
......@@ -169,7 +174,7 @@ public class AuthenticationApplicationImpl extends BaseApplication implements Au
throw new ApplicationException("登录出错,错误编码:0001。");
}
*/
checkLicense();
// checkLicense();
Person person = this.orgApplication.loadPersonByLoginName(loginName);
if (person == null) {
......
huigou-core-impl/src/main/java/com/huigou/uasp/bmp/opm/impl/OrgApplicationImpl.java
View file @ 9d15c8c2
package com.huigou.uasp.bmp.opm.impl;
import com.huigou.cache.DictUtil;
import com.huigou.cache.SystemCache;
import com.huigou.context.MessageSourceContext;
import com.huigou.context.Operator;
......@@ -59,6 +60,8 @@ public class OrgApplicationImpl extends BaseApplication implements OrgApplicatio
private InitPasswordListener initPasswordListener;
private LicenseChecker licenseChecker;
public void setOrgPropertyDefinitionRepository(OrgPropertyDefinitionRepository orgPropertyDefinitionRepository) {
this.orgPropertyDefinitionRepository = orgPropertyDefinitionRepository;
}
......@@ -95,13 +98,18 @@ public class OrgApplicationImpl extends BaseApplication implements OrgApplicatio
this.initPasswordListener = initPasswordListener;
}
public void setLicenseChecker(LicenseChecker licenseChecker) {
this.licenseChecker = licenseChecker;
}
private String getQuerySqlByName(String name) {
QueryDescriptor queryDescriptor = this.sqlExecutorDao.getQuery(QUERY_XML_FILE_PATH, "org");
return queryDescriptor.getSqlByName(name);
}
@Deprecated
private LicenseChecker getLicenseChecker() {
return StandardLicenseChecker.getInstance();
return licenseChecker;
}
@Override
......@@ -1224,21 +1232,21 @@ public class OrgApplicationImpl extends BaseApplication implements OrgApplicatio
@Override
public String insertPerson(Person person) {
int count = this.personRepository.countByStatus(ValidStatus.ENABLED.getId());
boolean flag = true;
try {
// linux 环境下无法取得文件
flag = this.getLicenseChecker().checkRegistUser(count);
} catch (ExceptionInInitializerError e1) {
flag = true;
} catch (NoClassDefFoundError e1) {
flag = true;
} catch (Exception e1) {
flag = true;
}
if (!flag) {
throw new ApplicationException("用户数已超过注册用户数。");
}
// int count = this.personRepository.countByStatus(ValidStatus.ENABLED.getId());
// boolean flag = true;
// try {
// // linux 环境下无法取得文件
// flag = this.getLicenseChecker().checkRegistUser(count);
// } catch (ExceptionInInitializerError e1) {
// flag = true;
// } catch (NoClassDefFoundError e1) {
// flag = true;
// } catch (Exception e1) {
// flag = true;
// }
// if (!flag) {
// throw new ApplicationException("用户数已超过注册用户数。");
// }
/*
* Calendar calendar = Calendar.getInstance();
* calendar.set(Calendar.YEAR, 2018);
......@@ -1274,10 +1282,10 @@ public class OrgApplicationImpl extends BaseApplication implements OrgApplicatio
person.setIsOperator(false);
if (person.getSecurityGrade() != null) {
String personSecurityGradeId = person.getSecurityGrade().getId();
SecurityPolicy securityPolicy = this.securityPolicyApplication.findSecurityGrade(personSecurityGradeId, ValidStatus.ENABLED.getId());
Assert.state(securityPolicy != null, String.format("密级“%s”没有设置或启用安全策略。", person.getSecurityGrade().getDisplayName()));
Assert.hasText(securityPolicy.getInitPassword(), String.format("安全策略“%s”,初始化密码不能为空。", person.getSecurityGrade().getDisplayName()));
SecurityPolicy securityPolicy = this.securityPolicyApplication.findSecurityGrade(person.getSecurityGrade(), ValidStatus.ENABLED.getId());
String securityGradeText = DictUtil.getDictionaryDetailText("securityGrade", person.getSecurityGrade());
Assert.state(securityPolicy != null, String.format("密级“%s”没有设置或启用安全策略。", securityGradeText));
Assert.hasText(securityPolicy.getInitPassword(), String.format("安全策略“%s”,初始化密码不能为空。", securityGradeText));
person.setPassword(Md5Builder.getMd5(securityPolicy.getInitPassword()));
}
......@@ -1327,7 +1335,6 @@ public class OrgApplicationImpl extends BaseApplication implements OrgApplicatio
* 更新人员状态
*
* @param id 人员唯一标识
* @param version 版本号
* @param fromStatuses 前置状态
* @param toStatus 更新状态
* @param operateType 操作类型
......@@ -1446,9 +1453,9 @@ public class OrgApplicationImpl extends BaseApplication implements OrgApplicatio
if (person.getSecurityGrade() != null) {
String decodedNewPassword = new String(Base64.decodeBase64(newPassword));
String personSecurityGradeId = person.getSecurityGrade().getId();
SecurityPolicy securityPolicy = this.securityPolicyApplication.findSecurityGrade(personSecurityGradeId, ValidStatus.ENABLED.getId());
Assert.state(securityPolicy != null, String.format("密级“%s”没有设置或启用安全策略。", person.getSecurityGrade().getDisplayName()));
SecurityPolicy securityPolicy = this.securityPolicyApplication.findSecurityGrade(person.getSecurityGrade(), ValidStatus.ENABLED.getId());
String securityGradeText = DictUtil.getDictionaryDetailText("securityGrade",person.getSecurityGrade());
Assert.state(securityPolicy != null, String.format("密级“%s”没有设置或启用安全策略。", securityGradeText));
if (decodedNewPassword.length() < securityPolicy.getPasswordMinimumLength()) {
throw new ApplicationException("新密码长度不能低于" + securityPolicy.getPasswordMinimumLength() + "位");
......
huigou-core-impl/src/main/java/com/huigou/uasp/bmp/opm/impl/StandardLicenseChecker.java
View file @ 9d15c8c2
package com.huigou.uasp.bmp.opm.impl;
import com.huigou.system.common.SystemUtils;
import com.huigou.uasp.bmp.opm.LicenseChecker;
import org.springframework.stereotype.Service;
@Service
public class StandardLicenseChecker implements LicenseChecker {
static {
String fileName = SystemUtils.normalizeLib("huigou-license");
System.load(fileName);
StandardLicenseChecker.initLicense();
}
private static LicenseChecker instance;
public static LicenseChecker getInstance() {
if (instance == null) {
synchronized (StandardLicenseChecker.class) {
if (instance == null) {
instance = new StandardLicenseChecker();
}
}
}
return instance;
}
public static native void initLicense();
@Override
public native boolean checkValidTime();
public boolean checkValidTime() {
return true;
}
@Override
public native boolean checkOnlineUser(int onlineUser);
public boolean checkOnlineUser(int onlineUser) {
return true;
}
@Override
public native boolean checkRegistUser(int registUser);
public boolean checkRegistUser(int registUser) {
return true;
}
@Override
public native boolean checkTask(int task);
public boolean checkTask(int task) {
return true;
}
}
huigou-core-proxy/src/main/java/com/huigou/uasp/bmp/opm/proxy/CoreApplicationFactory.java
View file @ 9d15c8c2
package com.huigou.uasp.bmp.opm.proxy;
import javax.annotation.Resource;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import com.huigou.cache.service.ICache;
import com.huigou.data.jdbc.SQLQuery;
import com.huigou.uasp.bmp.opm.LicenseChecker;
import com.huigou.uasp.bmp.opm.impl.AccessApplicationImpl;
import com.huigou.uasp.bmp.opm.impl.AgentApplicationImpl;
import com.huigou.uasp.bmp.opm.impl.AuthenticationApplicationImpl;
import com.huigou.uasp.bmp.opm.impl.ManagementApplicationImpl;
import com.huigou.uasp.bmp.opm.impl.OrgApplicationImpl;
import com.huigou.uasp.bmp.opm.impl.OrgTemplateApplicationImpl;
import com.huigou.uasp.bmp.opm.impl.OrgTypeApplicationImpl;
import com.huigou.uasp.bmp.opm.impl.PermissionApplicationImpl;
import com.huigou.uasp.bmp.opm.impl.PermissionBuilderImpl;
import com.huigou.uasp.bmp.opm.impl.StandardLicenseChecker;
import com.huigou.uasp.bmp.opm.impl.SysFunctionApplicationImpl;
import com.huigou.uasp.bmp.opm.impl.TMAuthorizeApplicationImpl;
import com.huigou.uasp.bmp.opm.impl.TenantApplicationImpl;
import com.huigou.uasp.bmp.opm.impl.UIElementApplicationImpl;
import com.huigou.uasp.bmp.opm.impl.UserGroupApplicationImpl;
import com.huigou.uasp.bmp.opm.impl.*;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import javax.annotation.Resource;
@Service("coreApplicationFactory")
public class CoreApplicationFactory {
......@@ -76,6 +61,7 @@ public class CoreApplicationFactory {
@Autowired
private UserGroupApplicationProxy userGroupApplicationProxy;
private LicenseChecker licenseChecker;
private AccessApplicationImpl accessApplicationImpl;
......@@ -236,7 +222,7 @@ public class CoreApplicationFactory {
}
public LicenseChecker getLicenseChecker() {
return StandardLicenseChecker.getInstance();
return licenseChecker;
}
}
huigou-uasp/src/main/java/com/huigou/shiro/realm/StandardRealm.java
View file @ 9d15c8c2
package com.huigou.shiro.realm;
import java.util.Date;
import java.util.List;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.ExcessiveAttemptsException;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.LockedAccountException;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.session.Session;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.beans.factory.annotation.Autowired;
import com.huigou.cache.DictUtil;
import com.huigou.context.ContextUtil;
import com.huigou.context.Operator;
import com.huigou.context.SecurityGrade;
import com.huigou.context.ThreadLocalUtil;
import com.huigou.context.TmspmConifg;
import com.huigou.data.repository.GeneralRepository;
......@@ -45,10 +27,21 @@ import com.huigou.util.CommonUtil;
import com.huigou.util.Constants;
import com.huigou.util.GetClientMacAddr;
import com.huigou.util.StringUtil;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.session.Session;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.beans.factory.annotation.Autowired;
import java.util.Date;
import java.util.List;
/**
* 平台默认shiro安全处理域
*
*
* @author xx
*/
public class StandardRealm extends AuthorizingRealm {
......@@ -73,13 +66,14 @@ public class StandardRealm extends AuthorizingRealm {
@Autowired
private TmspmConifg tmspmConifg;
@Deprecated
private static long LICESENE_INDEX = 0;
private LicenseChecker getLicenseChecker() {
return coreApplicationFactory.getLicenseChecker();
}
@Deprecated
private void checkLicense() {
if (LICESENE_INDEX >= 1000) {
long onlineUser = this.loginLogApplication.countOnlinePersons();
......@@ -133,7 +127,7 @@ public class StandardRealm extends AuthorizingRealm {
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
checkLicense();
// checkLicense();
String loginName = (String) token.getPrincipal();
String password = new String((char[]) token.getCredentials());
// 创建登录用户信息
......@@ -158,10 +152,11 @@ public class StandardRealm extends AuthorizingRealm {
throw ex;
}
private SecurityPolicy checkSecurityPolicy(SecurityGrade securityGrade) {
SecurityPolicy securityPolicy = this.securityPolicyApplication.findSecurityGrade(securityGrade.getId(), ValidStatus.ENABLED.getId());
private SecurityPolicy checkSecurityPolicy(String securityGrade) {
SecurityPolicy securityPolicy = this.securityPolicyApplication.findSecurityGrade(securityGrade, ValidStatus.ENABLED.getId());
if (securityPolicy == null) {
SecurityPolicyException ex = new SecurityPolicyException(String.format("安全策略“%s”没有设置或启用,请联系统系管理员。", securityGrade.getDisplayName()));
String securityGradeText = DictUtil.getDictionaryDetailText("securityGrade", securityGrade);
SecurityPolicyException ex = new SecurityPolicyException(String.format("安全策略“%s”没有设置或启用,请联系统系管理员。", securityGradeText));
processAuthenticationException(ex);
}
return securityPolicy;
......@@ -169,11 +164,9 @@ public class StandardRealm extends AuthorizingRealm {
/**
* 检查账号锁定
*
* @param personAccount
* 人员账号
* @param securityPolicy
* 安全策略
*
* @param personAccount 人员账号
* @param securityPolicy 安全策略
*/
private void checkLockout(PersonAccount personAccount, String password, String inputPassword, SecurityPolicy securityPolicy) {
Session session;
......@@ -217,9 +210,8 @@ public class StandardRealm extends AuthorizingRealm {
/**
* 检查登录限制
*
* @param person
* 人员
*
* @param person 人员
*/
private void checkLoginLimit(Person person) {
List<PersonLoginLimitDesc> personLoginLimits = securityPolicyApplication.queryPersonLoginLimitsByLoginName(person.getLoginName());
......@@ -237,7 +229,7 @@ public class StandardRealm extends AuthorizingRealm {
allowded = true;
}
if (personLoginLimit.getMachineIp().equals(ip) && StringUtil.isNotBlank(macAddress)
&& personLoginLimit.getMachineMacAddress().equals(macAddress)) {
&& personLoginLimit.getMachineMacAddress().equals(macAddress)) {
allowded = true;
break;
}
......@@ -251,11 +243,9 @@ public class StandardRealm extends AuthorizingRealm {
/**
* 检查密码到期
*
* @param personAccount
* 人员账号
* @param securityPolicy
* 安全策略
*
* @param personAccount 人员账号
* @param securityPolicy 安全策略
*/
private void checkPasswordExpired(PersonAccount personAccount, SecurityPolicy securityPolicy) {
Session session = SecurityUtils.getSubject().getSession();
......@@ -285,13 +275,10 @@ public class StandardRealm extends AuthorizingRealm {
/**
* 登录用户安全等级校验
*
* @param operator
* 操作员
* @param person
* 人员
* @param password
* 密码
*
* @param operator 操作员
* @param person 人员
* @param password 密码
*/
protected void verifySecurity(Operator operator, Person person, String inputPassword) {
if (person.getSecurityGrade() == null) {
......@@ -303,7 +290,7 @@ public class StandardRealm extends AuthorizingRealm {
}
PersonAccount personAccount = this.securityPolicyApplication.loadAndInitPersonAccountByLoginName(person.getLoginName(),
operator.getFullId());
operator.getFullId());
SecurityPolicy securityPolicy = this.checkSecurityPolicy(person.getSecurityGrade());
this.checkLockout(personAccount, person.getPassword(), inputPassword, securityPolicy);
......@@ -312,8 +299,8 @@ public class StandardRealm extends AuthorizingRealm {
}
/**
* 创建Operator
*
* 创建Operator
*
* @param loginName
* @return
*/
......@@ -327,7 +314,7 @@ public class StandardRealm extends AuthorizingRealm {
/**
* 登录验证成功将operator 对象写入 subject session
*
*
* @param operator
*/
protected void cacheOperator(Operator operator) {
......
huigou-uasp/src/main/java/com/huigou/uasp/bmp/securitypolicy/application/impl/SecurityPolicyApplicationImpl.java
View file @ 9d15c8c2
package com.huigou.uasp.bmp.securitypolicy.application.impl;
import java.util.List;
import java.util.Map;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.util.Assert;
import com.huigou.cache.DictUtil;
import com.huigou.context.MessageSourceContext;
import com.huigou.context.SecurityGrade;
import com.huigou.data.domain.EntityUtil;
import com.huigou.data.domain.model.MessageConstants;
import com.huigou.data.query.model.QueryDescriptor;
......@@ -23,6 +15,13 @@ import com.huigou.uasp.bmp.securitypolicy.domain.model.SecurityPolicy;
import com.huigou.uasp.bmp.securitypolicy.domain.query.PersonLoginLimitDesc;
import com.huigou.uasp.bmp.securitypolicy.domain.query.SecurityPoliciesQueryRequest;
import com.huigou.uasp.bmp.securitypolicy.repository.SecurityPolicyRepository;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.util.Assert;
import java.util.List;
import java.util.Map;
@Service("securityPolicyApplication")
public class SecurityPolicyApplicationImpl extends BaseApplication implements SecurityPolicyApplication {
......@@ -53,8 +52,8 @@ public class SecurityPolicyApplicationImpl extends BaseApplication implements Se
int count;
for (SecurityPolicy securityPolicy : securityPolicies) {
count = this.securityPolicyRepository.countDuplicate(securityPolicy.getId(), securityPolicy.getSecurityGrade(), status);
SecurityGrade securityGrade = SecurityGrade.fromId(securityPolicy.getSecurityGrade());
EntityUtil.isNotDuplicate(count == 0, String.format("密级“%s”的安全策略,已启用,不能重复启用。", securityGrade.getDisplayName()));
String securityGradeText = DictUtil.getDictionaryDetailText("securityGrade", securityPolicy.getSecurityGrade());
EntityUtil.isNotDuplicate(count == 0, String.format("密级“%s”的安全策略,已启用,不能重复启用。", securityGradeText));
}
}
......
huigou-uasp/src/main/java/com/huigou/uasp/bpm/FlowBroker.java
View file @ 9d15c8c2
......@@ -1524,6 +1524,7 @@ public class FlowBroker extends BaseApplication implements TaskListener, Executi
}
}
@Deprecated
private void checkLicense() {
// if (ProtectionManager.getCount() % 30 == 0) {
// ProtectionManager.checkPoint(ProtectionManager.getFlowFlag(),
......@@ -1537,7 +1538,7 @@ public class FlowBroker extends BaseApplication implements TaskListener, Executi
* @param delegateTask 代理任务
*/
protected void doCalculateNextProcUnitHandlers(DelegateTask delegateTask) {
checkLicense();
// checkLicense();
String processDefinitionKey = processFun.getProcessApprovalDefinitionKey(delegateTask.getProcessDefinitionId());
if (getApprovalParameter().isQueryAdvanceProcessAction() || getBizAndApprovalData().getList(PROC_UNIT_HANDLERS) != null) {
String nextProcUnitId = this.getNextProcUnitId(delegateTask);
......@@ -1550,7 +1551,7 @@ public class FlowBroker extends BaseApplication implements TaskListener, Executi
}
protected void doCalculateNextProcUnitHandlers(DelegateExecution delegateExecution) {
checkLicense();
// checkLicense();
String processDefinitionKey = processFun.getProcessApprovalDefinitionKey(delegateExecution.getProcessDefinitionId());
if (getApprovalParameter().isQueryAdvanceProcessAction()) {
String nextProcUnitId = this.getNextProcUnitId(delegateExecution);
......
huigou-uasp/src/main/java/com/huigou/uasp/log/aspect/BizLogBuilder.java
View file @ 9d15c8c2
package com.huigou.uasp.log.aspect;
import java.lang.reflect.Method;
import java.util.Date;
import java.util.Map;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import com.huigou.cache.ApplicationSystemDesc;
import com.huigou.cache.DictUtil;
import com.huigou.cache.SystemCache;
import com.huigou.context.ContextUtil;
import com.huigou.context.Operator;
import com.huigou.context.RoleKind;
import com.huigou.context.SecurityGrade;
import com.huigou.uasp.bmp.securitypolicy.domain.model.Machine;
import com.huigou.uasp.log.annotation.LogInfo;
import com.huigou.uasp.log.domain.model.BizLog;
import com.huigou.uasp.log.domain.model.BizLogDetail;
import com.huigou.uasp.log.domain.model.LogStatus;
import com.huigou.uasp.log.domain.model.LogType;
import com.huigou.uasp.log.domain.model.OperationType;
import com.huigou.uasp.log.domain.model.*;
import com.huigou.util.StringUtil;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import java.lang.reflect.Method;
import java.util.Date;
import java.util.Map;
/**
* 业务日志构造器
......@@ -156,7 +151,7 @@ public class BizLogBuilder {
RequiresPermissions requiresPermissions = method.getAnnotation(RequiresPermissions.class);
RoleKind roleKind = BizLogBuilder.getRoleKind(requiresPermissions, operator, isEnableTspm);
SecurityGrade PersonSecurityGrade = operator.getLoginUser().getSecurityGrade();
String securityGrade = operator.getLoginUser().getSecurityGrade();
bizLog.setBeginDate(new Date());
bizLog.setRoleKindId(roleKind.getId());
......@@ -182,9 +177,10 @@ public class BizLogBuilder {
bizLog.setMethodName(method.getName());
bizLog.setIp(ip);
if (PersonSecurityGrade != null) {
bizLog.setPersonSecurityLevelId(PersonSecurityGrade.getId());
bizLog.setPersonSecurityLevelName(PersonSecurityGrade.getDisplayName());
if (securityGrade != null) {
bizLog.setPersonSecurityLevelId(securityGrade);
String securityGradeText = DictUtil.getDictionaryDetailText("securityGrade", securityGrade);
bizLog.setPersonSecurityLevelName(securityGradeText);
}
// TODO
bizLog.setResourceSecurityLevelId("");
......@@ -192,9 +188,9 @@ public class BizLogBuilder {
if (machine != null) {
bizLog.setMac(machine.getMac());
SecurityGrade machineSecurityGrade = SecurityGrade.fromId(machine.getSecurityGrade());
bizLog.setMachineSecurityLevelId(machineSecurityGrade.getId());
bizLog.setMachineSecurityLevelName(machineSecurityGrade.getDisplayName());
bizLog.setMachineSecurityLevelId(machine.getSecurityGrade());
String securityGradeText = DictUtil.getDictionaryDetailText("securityGrade", machine.getSecurityGrade());
bizLog.setMachineSecurityLevelName(securityGradeText);
}
Map<String, ApplicationSystemDesc> map = SystemCache.getApplicationSystem();
......
huigou-xt/src/main/webapp/system/opm/organization/SelectOrgCommonPage.js
View file @ 9d15c8c2
......@@ -219,8 +219,8 @@
showProjectOrg: inputParams.showProjectOrg,
showPosition: inputParams.showPosition,
customDefinedRoot: inputParams.customDefinedRoot,
rootIds: inputParams.rootIds
//sortname: "fullSequence"
rootIds: inputParams.rootIds,
//sortname: "fullSequence",
},
checkbox: true,
idFieldName: "id",
......@@ -245,7 +245,9 @@
displayableOrgKinds: inputParams.displayableOrgKinds,
showDisabledOrg: inputParams.showDisabledOrg,
showVirtualOrg: inputParams.showVirtualOrg,
showPosition: inputParams.showPosition
showPosition: inputParams.showPosition,
securityGrade: inputParams.securityGrade,
personSecurityGrade: inputParams.personSecurityGrade
}, function (data) {
g.treeManager.append(node.target, data.Rows);
});
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment