上传附件的时候，检查附件密级是否与人员密级匹配

huigou-common/src/main/java/com/huigou/cache/DictionaryDesc.java

 package com.huigou.cache;
 
-import java.io.Serializable;
-
 import com.huigou.context.MessageSourceContext;
 
+import java.io.Serializable;
+
 /**
  * 系统字典成员
- * 
+ *
  * @author gongmm
  */
 public class DictionaryDesc implements Serializable {
@@ -79,4 +79,5 @@ public class DictionaryDesc implements Serializable {
     public void setSequence(Integer sequence) {
         this.sequence = sequence;
     }
+
 }

huigou-data/src/main/java/com/huigou/data/domain/model/SecretRelatedEntity.java

@@ -16,5 +16,5 @@ public interface SecretRelatedEntity {
     /**
      * 获取密级期限
      */
-    String setSecrecyLimit();
+    String getSecrecyLimit();
 }

huigou-uasp/src/main/java/com/huigou/uasp/bmp/doc/attachment/application/AttachmentSecretInfoResolver.java

+package com.huigou.uasp.bmp.doc.attachment.application;
+
+import com.huigou.uasp.bmp.doc.attachment.domain.model.Attachment;
+
+/**
+ * 附件涉密信息解析器
+ *
+ * @author yonghuan
+ */
+public interface AttachmentSecretInfoResolver {
+
+    /**
+     * 解析附件密级
+     *
+     * @param attachment 附件
+     * @throws IllegalArgumentException 如果解析失败将抛出该异常
+     */
+    void resolve(Attachment attachment);
+
+}

huigou-uasp/src/main/java/com/huigou/uasp/bmp/doc/attachment/application/impl/TestAttachmentSecretInfoResolver.java

+package com.huigou.uasp.bmp.doc.attachment.application.impl;
+
+import com.huigou.cache.DictionaryDesc;
+import com.huigou.cache.SystemCache;
+import com.huigou.context.ThreadLocalUtil;
+import com.huigou.uasp.bmp.doc.attachment.application.AttachmentSecretInfoResolver;
+import com.huigou.uasp.bmp.doc.attachment.domain.model.Attachment;
+import com.huigou.uasp.bmp.doc.attachment.domain.model.AttachmentConfiguration;
+import com.huigou.uasp.bmp.doc.attachment.repository.AttachmentConfigurationRepository;
+import com.huigou.uasp.bmp.opm.application.OrgApplication;
+import com.huigou.uasp.bmp.opm.domain.model.org.Person;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.util.Assert;
+
+import java.util.Collection;
+import java.util.Objects;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
+
+/**
+ * 这是一个测试类，该类认为附件名的格式为【密级名称】xxx.xx,如 【非密】报销单.pdf
+ *
+ * @author yonghuan
+ */
+public class TestAttachmentSecretInfoResolver implements AttachmentSecretInfoResolver {
+    /**
+     * 附件文件名格式,如 【非密】报销单.pdf
+     */
+    private final static Pattern FILE_NAME_PATTERN = Pattern.compile("^【(.+)】.+$");
+    private AttachmentConfigurationRepository attachmentConfigurationRepository;
+    private OrgApplication orgApplication;
+
+    @Autowired
+    public void setAttachmentConfigurationRepository(AttachmentConfigurationRepository attachmentConfigurationRepository) {
+        this.attachmentConfigurationRepository = attachmentConfigurationRepository;
+    }
+
+    @Autowired
+    public void setOrgApplication(OrgApplication orgApplication) {
+        this.orgApplication = orgApplication;
+    }
+
+    @Override
+    public void resolve(Attachment attachment) {
+        AttachmentConfiguration attachmentConfiguration = attachmentConfigurationRepository.findByCode(attachment.getBizKindId());
+        if (!Objects.equals(attachmentConfiguration.getEnableSecret(), 1)) {
+            // 未启用密级
+            return;
+        }
+        // 1、从文件名中解析附件密级
+        Matcher matcher = FILE_NAME_PATTERN.matcher(attachment.getFileName());
+        Assert.isTrue(matcher.matches(), "附件名不合法");
+        String attachmentSecurityGradeName = matcher.group(1);
+        Assert.hasText(attachmentSecurityGradeName, "附件名中未包含附件密级信息");
+        Collection<DictionaryDesc> secrecyLevels = SystemCache.getDictionary("secrecyLevel").values();
+        DictionaryDesc attachmentSecurityGrade = secrecyLevels
+                .stream()
+                .filter(e -> Objects.equals(e.getName(), attachmentSecurityGradeName))
+                .findAny()
+                .orElseThrow(() -> new IllegalArgumentException(String.format("无效的附件密级：%s", attachmentSecurityGradeName)));
+        // 2、校验附件密级是否与人员密级匹配
+        Person person = orgApplication.loadPerson(ThreadLocalUtil.getOperator().getUserId());
+        DictionaryDesc personSecurityGrade = secrecyLevels
+                .stream()
+                .filter(e -> Objects.equals(e.getValue(), person.getPersonSecurityGrade()))
+                .findAny()
+                .orElseThrow(() -> new IllegalArgumentException(String.format("无效的人员密级：%s", person.getPersonSecurityGrade())));
+        boolean personSecurityGradeGreaterThanAttachmentSecurityGrade = personSecurityGrade.getSequence().compareTo(attachmentSecurityGrade.getSequence()) > -1;
+        Assert.isTrue(personSecurityGradeGreaterThanAttachmentSecurityGrade, "附件密级与人员密级不匹配");
+        // 3、设置附件密级
+        attachment.setSecretLevel(attachmentSecurityGrade.getValue());
+    }
+}

huigou-uasp/src/main/java/com/huigou/uasp/bmp/doc/attachment/application/impl/WebUploaderServiceImpl.java

@@ -19,6 +19,7 @@ import java.util.Map;
 import java.util.Random;
 import java.util.concurrent.locks.Lock;
 
+import com.huigou.uasp.bmp.doc.attachment.application.AttachmentSecretInfoResolver;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 
@@ -41,6 +42,8 @@ public class WebUploaderServiceImpl extends BaseApplication implements WebUpload
 
     @Autowired
     private AttachmentApplication attachmentApplication;
+    @Autowired
+    private AttachmentSecretInfoResolver attachmentSecretInfoResolver;
 
     /**
      * 文件上传路径更新为指定文件信息签名后的临时文件夹，用于后期合并
@@ -242,6 +245,7 @@ public class WebUploaderServiceImpl extends BaseApplication implements WebUpload
         return null;
     }
 
+
     @Override
     public String saveFileMap(FileInfo fileInfo, File newFile) {
         if (newFile == null || !newFile.exists()) {
@@ -272,6 +276,7 @@ public class WebUploaderServiceImpl extends BaseApplication implements WebUpload
             attachment.setStatus(Attachment.Status.NORMAL.getId());
             attachment.setUploadKind(Attachment.UploadKind.WEB.name());
             attachment.setIsMore(fileInfo.getIsMore());
+            attachmentSecretInfoResolver.resolve(attachment);
             return this.attachmentApplication.saveAttachment(attachment);
 
         } catch (Exception ex) {
@@ -394,4 +399,4 @@ public class WebUploaderServiceImpl extends BaseApplication implements WebUpload
         String newFileName = System.currentTimeMillis() + "_" + new Random().nextInt(1000) + "." + ext[ext.length - 1];
         return newFileName;
     }
-}
\ No newline at end of file
+}

huigou-uasp/src/main/java/com/huigou/uasp/bmp/doc/attachment/domain/model/Attachment.java

@@ -10,6 +10,7 @@ import javax.persistence.Entity;
 import javax.persistence.Table;
 import javax.persistence.Transient;
 
+import com.huigou.data.domain.model.SecretRelatedEntity;
 import org.springframework.util.Assert;
 
 import com.huigou.context.Operator;
@@ -19,12 +20,12 @@ import com.huigou.data.domain.model.Creator;
 
 /**
  * 附件配置
- * 
+ *
  * @author gongmm
  */
 @Entity
 @Table(name = "SA_Attachment")
-public class Attachment extends AbstractEntity {
+public class Attachment extends AbstractEntity implements SecretRelatedEntity {
 
     private static final long serialVersionUID = 8896755628851634664L;
 
@@ -63,6 +64,17 @@ public class Attachment extends AbstractEntity {
 
     @Embedded
     private Creator creator;
+    /**
+     * 密级
+     */
+    @Column(name = "secret_level")
+    private String secretLevel;
+
+    /**
+     * 密级期限
+     */
+    @Column(name = "secrecy_limit")
+    private String secrecyLimit;
 
     @Transient
     private String isMore;
@@ -179,6 +191,24 @@ public class Attachment extends AbstractEntity {
         this.sequence = sequence;
     }
 
+    @Override
+    public String getSecretLevel() {
+        return secretLevel;
+    }
+
+    public void setSecretLevel(String secretLevel) {
+        this.secretLevel = secretLevel;
+    }
+
+    @Override
+    public String getSecrecyLimit() {
+        return secrecyLimit;
+    }
+
+    public void setSecrecyLimit(String secrecyLimit) {
+        this.secrecyLimit = secrecyLimit;
+    }
+
     @Override
     public void checkConstraints() {
         super.checkConstraints();

huigou-uasp/src/main/java/com/huigou/uasp/bmp/doc/attachment/domain/model/AttachmentConfiguration.java

@@ -30,6 +30,11 @@ public class AttachmentConfiguration extends BaseInfoWithFolderAbstractEntity {
     @OneToMany(cascade = CascadeType.ALL, orphanRemoval = true)
     @JoinColumn(name = "attachmentconfig_id")
     private List<AttachmentConfigurationDetail> details;
+    /**
+     * 是否启用密级
+     */
+    @Column(name = "enable_secret")
+    private Integer enableSecret;
 
     private String remark;
 
@@ -49,6 +54,14 @@ public class AttachmentConfiguration extends BaseInfoWithFolderAbstractEntity {
         this.remark = remark;
     }
 
+    public Integer getEnableSecret() {
+        return enableSecret;
+    }
+
+    public void setEnableSecret(Integer enableSecret) {
+        this.enableSecret = enableSecret;
+    }
+
     @Override
     @JsonIgnore
     public List<AttachmentConfigurationDetail> getDetails() {

huigou-xt/src/main/resources/config/spring/spring-extend.xml

@@ -21,6 +21,15 @@
         <property name="useTspm" value="false"/>
         <property name="enableTspm" value="false"/>
         <property name="doHideSuperAdministrator" value="false"/>
+        <!-- 三员日志查看权限 -->
+        <property name="logAuthorities">
+            <value>
+                common=
+                administrator=
+                securityGuard=common,auditor
+                auditor=administrator,securityGuard
+            </value>
+        </property>
     </bean>
 
     <bean id="loadExpressClasses" class="com.huigou.express.LoadExpressClasses">
@@ -61,5 +70,8 @@
         <property name="initPswMail" value="initPasswordMail"/>
     </bean>
 
-    <bean id="awesomeCssIconParser" class="com.huigou.uasp.bmp.opm.application.impl.FontAwesomeCssIconParser" />
-</beans>
\ No newline at end of file
+    <bean id="awesomeCssIconParser" class="com.huigou.uasp.bmp.opm.application.impl.FontAwesomeCssIconParser"/>
+
+    <bean id="attachmentSecretInfoResolver"
+          class="com.huigou.uasp.bmp.doc.attachment.application.impl.TestAttachmentSecretInfoResolver" />
+</beans>

huigou-xt/src/main/webapp/biz/demo/leaveDetails.jsp

@@ -28,7 +28,7 @@
         <div class="hg-form-cols">
             <div class="hg-form-row">
                 <x:selectC name="secretLevel" title="密级" required="true" label="密级" labelCol="2" fieldCol="2"
-                           dictionary="personSecurityGrade"/>
+                           dictionary="secrecyLevel"/>
                 <x:inputC name="secrecyLimit" title="密级年限" required="false" label="密级年限" labelCol="2" fieldCol="2"
                           mask="nnn"/>
             </div>

huigou-xt/src/main/webapp/system/configuration/AttachmentConfigurationDetail.jsp

@@ -8,10 +8,11 @@
 		<x:inputC name="name" required="true" label="名称" maxLength="32" labelCol="1" fieldCol="3"/>
 		<x:radioC name="allowDelete" label="可删除" dictionary="yesorno"
 			value="1" labelCol="2" fieldCol="2"/>
+		<x:radioC name="enableSecret" label="启用密级" dictionary="yesorno" value="1" labelCol="2" fieldCol="2"/>
 	</div>
 	<div class="hg-form-row">
 		<x:inputC name="remark" required="false" label="备注" maxLength="128" labelCol="1" fieldCol="11"/>
 	</div>
 </form>
 <div class="blank_div clearfix"></div>
-<div id="attachmentConfigDetailGrid" style="margin: 2px;"></div>
\ No newline at end of file
+<div id="attachmentConfigDetailGrid" style="margin: 2px;"></div>