Skip to content

T
test
Commit ba9a9b3b authored by 雍欢's avatar 雍欢
Browse files
Options

上传附件的时候,检查附件密级是否与人员密级匹配、校验附件密级是否与表单密级匹配

parent 7f38ae14
Hide whitespace changes
Inline Side-by-side
Showing with 90 additions and 50 deletions
huigou-uasp/src/main/java/com/huigou/uasp/bmp/doc/attachment/application/AttachmentSecretInfoResolver.java
View file @ ba9a9b3b
package com.huigou.uasp.bmp.doc.attachment.application;
import com.huigou.uasp.bmp.doc.attachment.domain.model.Attachment;
import com.huigou.uasp.bmp.doc.attachment.domain.model.FileInfo;
/**
* 附件涉密信息解析器
......@@ -12,9 +12,10 @@ public interface AttachmentSecretInfoResolver {
/**
* 解析附件密级
*
* @param attachment 附件
* @param fileInfo 附件
* @return 附件密级
* @throws IllegalArgumentException 如果解析失败将抛出该异常
*/
void resolve(Attachment attachment);
String resolve(FileInfo fileInfo);
}
huigou-uasp/src/main/java/com/huigou/uasp/bmp/doc/attachment/application/WebUploaderService.java
View file @ ba9a9b3b
......@@ -2,6 +2,7 @@ package com.huigou.uasp.bmp.doc.attachment.application;
import java.io.File;
import com.huigou.uasp.bmp.doc.attachment.domain.model.Attachment;
import com.huigou.uasp.bmp.doc.attachment.domain.model.FileInfo;
......@@ -40,4 +41,6 @@ public interface WebUploaderService {
* @return
*/
String saveFileMap(FileInfo info, File file);
}
\ No newline at end of file
Attachment saveFile(FileInfo info, File file);
}
huigou-uasp/src/main/java/com/huigou/uasp/bmp/doc/attachment/application/impl/TestAttachmentSecretInfoResolver.java
View file @ ba9a9b3b
......@@ -4,8 +4,8 @@ import com.huigou.cache.DictionaryDesc;
import com.huigou.cache.SystemCache;
import com.huigou.context.ThreadLocalUtil;
import com.huigou.uasp.bmp.doc.attachment.application.AttachmentSecretInfoResolver;
import com.huigou.uasp.bmp.doc.attachment.domain.model.Attachment;
import com.huigou.uasp.bmp.doc.attachment.domain.model.AttachmentConfiguration;
import com.huigou.uasp.bmp.doc.attachment.domain.model.FileInfo;
import com.huigou.uasp.bmp.doc.attachment.repository.AttachmentConfigurationRepository;
import com.huigou.uasp.bmp.opm.application.OrgApplication;
import com.huigou.uasp.bmp.opm.domain.model.org.Person;
......@@ -49,14 +49,14 @@ public class TestAttachmentSecretInfoResolver implements AttachmentSecretInfoRes
}
@Override
public void resolve(Attachment attachment) {
AttachmentConfiguration attachmentConfiguration = attachmentConfigurationRepository.findByCode(attachment.getBizKindId());
public String resolve(FileInfo fileInfo) {
AttachmentConfiguration attachmentConfiguration = attachmentConfigurationRepository.findByCode(fileInfo.getBizCode());
if (!Objects.equals(attachmentConfiguration.getEnableSecret(), 1)) {
// 未启用密级
return;
return null;
}
// 1、从文件名中解析附件密级
Matcher matcher = FILE_NAME_PATTERN.matcher(attachment.getFileName());
Matcher matcher = FILE_NAME_PATTERN.matcher(fileInfo.getName());
Assert.isTrue(matcher.matches(), "附件名不合法");
String attachmentSecurityGradeName = matcher.group(1);
Assert.hasText(attachmentSecurityGradeName, "附件名中未包含附件密级信息");
......@@ -75,7 +75,16 @@ public class TestAttachmentSecretInfoResolver implements AttachmentSecretInfoRes
.orElseThrow(() -> new IllegalArgumentException(String.format("无效的人员密级:%s", person.getPersonSecurityGrade())));
boolean personSecurityGradeGreaterThanAttachmentSecurityGrade = personSecurityGrade.getSequence().compareTo(attachmentSecurityGrade.getSequence()) > -1;
Assert.isTrue(personSecurityGradeGreaterThanAttachmentSecurityGrade, "附件密级与人员密级不匹配");
// 3、设置附件密级
attachment.setSecretLevel(attachmentSecurityGrade.getValue());
// 3、校验附件密级是否与表单密级匹配
Assert.hasText(fileInfo.getFormSecretLevel(), "表单密级不能为空");
DictionaryDesc formSecurityGrade = secrecyLevels
.stream()
.filter(e -> Objects.equals(e.getValue(), fileInfo.getFormSecretLevel()))
.findAny()
.orElseThrow(() -> new IllegalArgumentException(String.format("无效的表单密级:%s", fileInfo.getFormSecretLevel())));
boolean formSecurityGradeThanAttachmentSecurityGrade = formSecurityGrade.getSequence().compareTo(attachmentSecurityGrade.getSequence()) > -1;
Assert.isTrue(formSecurityGradeThanAttachmentSecurityGrade, "附件密级与表单密级不匹配");
// 4、返回附件密级
return attachmentSecurityGrade.getValue();
}
}
huigou-uasp/src/main/java/com/huigou/uasp/bmp/doc/attachment/application/impl/WebUploaderServiceImpl.java
View file @ ba9a9b3b
......@@ -47,7 +47,7 @@ public class WebUploaderServiceImpl extends BaseApplication implements WebUpload
/**
* 文件上传路径更新为指定文件信息签名后的临时文件夹,用于后期合并
*
*
* @param info
* @return
*/
......@@ -64,7 +64,7 @@ public class WebUploaderServiceImpl extends BaseApplication implements WebUpload
/**
* 获取文件保存目录
*
*
* @return
*/
private String getFileSavePath(FileInfo info) {
......@@ -81,7 +81,7 @@ public class WebUploaderServiceImpl extends BaseApplication implements WebUpload
/**
* 获取正式文件保存路径信息
*
*
* @return
*/
private Map<String, String> getSaveFilePathInfo(FileInfo info) {
......@@ -245,6 +245,11 @@ public class WebUploaderServiceImpl extends BaseApplication implements WebUpload
return null;
}
@Override
public Attachment saveFile(FileInfo fileInfo, File newFile) {
String id = saveFileMap(fileInfo, newFile);
return attachmentApplication.loadAttachment(id);
}
@Override
public String saveFileMap(FileInfo fileInfo, File newFile) {
......@@ -276,7 +281,7 @@ public class WebUploaderServiceImpl extends BaseApplication implements WebUpload
attachment.setStatus(Attachment.Status.NORMAL.getId());
attachment.setUploadKind(Attachment.UploadKind.WEB.name());
attachment.setIsMore(fileInfo.getIsMore());
attachmentSecretInfoResolver.resolve(attachment);
attachment.setSecretLevel(attachmentSecretInfoResolver.resolve(fileInfo));
return this.attachmentApplication.saveAttachment(attachment);
} catch (Exception ex) {
......@@ -290,11 +295,9 @@ public class WebUploaderServiceImpl extends BaseApplication implements WebUpload
/**
* 清理分片上传的相关数据
* 文件夹,tmp文件
*
* @param folder
* 文件夹名称
* @param path
* 上传文件根路径
*
* @param folder 文件夹名称
* @param path 上传文件根路径
* @return
*/
private boolean cleanSpace(String folder, String path) {
......@@ -313,9 +316,8 @@ public class WebUploaderServiceImpl extends BaseApplication implements WebUpload
/**
* 获取指定文件的所有分片
*
* @param folder
* 文件夹路径
*
* @param folder 文件夹路径
* @return
*/
private File[] getChunks(String folder) {
......@@ -339,9 +341,8 @@ public class WebUploaderServiceImpl extends BaseApplication implements WebUpload
/**
* 获取指定文件的分片数量
*
* @param folder
* 文件夹路径
*
* @param folder 文件夹路径
* @return
*/
private int getChunksNum(String folder) {
......@@ -354,9 +355,8 @@ public class WebUploaderServiceImpl extends BaseApplication implements WebUpload
/**
* 创建存放上传的文件的文件夹
*
* @param file
* 文件夹路径
*
* @param file 文件夹路径
* @return
*/
private boolean createFileFolder(String file, boolean hasTmp) {
......@@ -389,9 +389,8 @@ public class WebUploaderServiceImpl extends BaseApplication implements WebUpload
/**
* 为上传的文件生成随机名称
*
* @param ext
* 文件的原始名称,主要用来获取文件的后缀名
*
* @param ext 文件的原始名称,主要用来获取文件的后缀名
* @return
*/
private String randomFileName(String extName) {
......
huigou-uasp/src/main/java/com/huigou/uasp/bmp/doc/attachment/controller/WebUploadController.java
View file @ ba9a9b3b
......@@ -3,6 +3,7 @@ package com.huigou.uasp.bmp.doc.attachment.controller;
import java.io.File;
import java.util.Map;
import com.huigou.uasp.bmp.doc.attachment.domain.model.Attachment;
import org.apache.commons.fileupload.FileItem;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
......@@ -57,6 +58,7 @@ public class WebUploadController extends CommonController {
info.setUniqueName(sdo.getProperty("uniqueName", String.class));
info.setIsMore(sdo.getProperty("isMore", String.class));
info.setDeleteOld(sdo.getProperty("deleteOld", String.class));
info.setFormSecretLevel(sdo.getProperty("formSecretLevel", String.class));
try {
String chunkIndex = sdo.getProperty("chunkIndex", String.class);
info.setChunkIndex(Integer.parseInt(chunkIndex));
......@@ -91,9 +93,11 @@ public class WebUploadController extends CommonController {
if (info.getChunks() <= 0) {
String backurl = this.getBackurl();
if (StringUtil.isBlank(backurl)) {
String attachmentId = webUploaderService.saveFileMap(info, target);
Attachment attachment = webUploaderService.saveFile(info, target);
Map<String, Object> map = info.toMap();
map.put("id", attachmentId);
map.put("id", attachment.getId());
map.put("secretLevel", attachment.getSecretLevel());
map.put("secretLimit", attachment.getSecrecyLimit());
return toResult(map);
} else {
Map<String, Object> param = info.toMap();
......@@ -178,9 +182,11 @@ public class WebUploadController extends CommonController {
}
String backurl = this.getBackurl();
if (StringUtil.isBlank(backurl)) {
String fileId = webUploaderService.saveFileMap(info, target);
Attachment attachment = webUploaderService.saveFile(info, target);
Map<String, Object> map = info.toMap();
map.put("id", fileId);
map.put("id", attachment.getId());
map.put("secretLevel", attachment.getSecretLevel());
map.put("secretLimit", attachment.getSecrecyLimit());
return toResult(map);
} else {
Map<String, Object> param = info.toMap();
......@@ -208,4 +214,4 @@ public class WebUploadController extends CommonController {
sdo.putProperty("uploadFileType", allowTypes);
return forward("/lib/webUploader/batchUpload/batchUpload.jsp", sdo);
}
}
\ No newline at end of file
}
huigou-uasp/src/main/java/com/huigou/uasp/bmp/doc/attachment/domain/model/FileInfo.java
View file @ ba9a9b3b
......@@ -14,7 +14,7 @@ import com.huigou.util.FileHelper;
/**
* webUploader附件文件对象
*
*
* @author gongmm
*/
public class FileInfo {
......@@ -50,6 +50,10 @@ public class FileInfo {
private String savePath;
private String uniqueName;
/**
* 对应的表单密级
*/
private String formSecretLevel;
public FileInfo() {
bizCode = "";
......@@ -184,6 +188,14 @@ public class FileInfo {
this.uniqueName = uniqueName;
}
public String getFormSecretLevel() {
return formSecretLevel;
}
public void setFormSecretLevel(String formSecretLevel) {
this.formSecretLevel = formSecretLevel;
}
public boolean deleteOld() {
return "true".equals(this.deleteOld);
}
......@@ -246,6 +258,6 @@ public class FileInfo {
public String toString() {
return "name=" + this.name + "; size=" + this.size + "; chunkIndex=" + this.chunkIndex + "; id=" + this.id + "; chunks=" + this.chunks + "; chunk="
+ this.chunk + "; lastModifiedDate=" + this.lastModifiedDate + "; type=" + this.type + "; ext=" + this.ext;
+ this.chunk + "; lastModifiedDate=" + this.lastModifiedDate + "; type=" + this.type + "; ext=" + this.ext;
}
}
huigou-xt/src/main/resources/config/spring/spring-extend.xml
View file @ ba9a9b3b
......@@ -74,6 +74,6 @@
<bean id="attachmentSecretInfoResolver"
class="com.huigou.uasp.bmp.doc.attachment.application.impl.TestAttachmentSecretInfoResolver">
<property name="securityGradeDictionaryCode" value="secrecyLevel"/>
<property name="securityGradeDictionaryCode" value="securityGrade"/>
</bean>
</beans>
huigou-xt/src/main/webapp/biz/demo/leaveDetails.jsp
View file @ ba9a9b3b
......@@ -28,7 +28,7 @@
<div class="hg-form-cols">
<div class="hg-form-row">
<x:selectC name="secretLevel" title="密级" required="true" label="密级" labelCol="2" fieldCol="2"
dictionary="secrecyLevel"/>
dictionary="securityGrade"/>
<x:inputC name="secrecyLimit" title="密级年限" required="false" label="密级年限" labelCol="2" fieldCol="2"
mask="nnn"/>
</div>
......@@ -55,7 +55,9 @@
function setId(leaveId) {
$("#leaveId").val(leaveId);
// 为文件上传控件绑定业务id
$('#fileList').fileList({bizId: leaveId});
$('#fileList').fileList({
bizId: leaveId
});
}
/**
......
huigou-xt/src/main/webapp/lib/webUploader/jquery.webuploader.js
View file @ ba9a9b3b
......@@ -17,7 +17,7 @@ WebUploader.Uploader.register({
//秒传验证
var task = new $.Deferred();
var data = $.extend(true, JQWebUploader.getFileParam(file),param);
$.ajax({type: "POST", url: JQWebUploader.getBackEndUrl('md5Check'), cache: false, dataType: "json",
$.ajax({type: "POST", url: JQWebUploader.getBackEndUrl('md5Check'), cache: false, dataType: "json",
timeout: 1000, //TODO 超时的话,只能认为该文件不曾上传过
data:data
}).then(function(data, textStatus, jqXHR){
......@@ -130,6 +130,8 @@ JQWebUploader.createWebUploader=function(element){
this['JQWebUploader']=jqWebUp;
//动态设置fromData属性
this.options.formData=jqWebUp.getParam();
// 取到表单密级
this.options.formData.formSecretLevel = getSecretLevel();
});
//当文件被加入队列之前触发,此事件的handler返回值为false,则此文件不会被添加进入队列
uploader.on("beforeFileQueued", function(file){
......@@ -138,7 +140,7 @@ JQWebUploader.createWebUploader=function(element){
lastModifiedDate = d.getFullYear()+''+(d.getMonth()+1)+''+d.getDate()+''+d.getHours()+''+d.getMinutes()+''+d.getSeconds();
}catch(e){
lastModifiedDate = d+'';
}
}
file.lastModifiedDate=lastModifiedDate;
var jqWebUp=this['JQWebUploader'];//上传按钮对象
var flag=jqWebUp.beforeFileQueued(file);
......@@ -188,7 +190,7 @@ JQWebUploader.createWebUploader=function(element){
div.html('');
span=$('<span></span>').appendTo(div);
}
div.find('span').css("width", progress+ "%");
div.find('span').css("width", progress+ "%");
div.find('span').html(progress + "%");
if(parseInt(percentage,10)==1){
//文件合并中...
......@@ -214,7 +216,7 @@ JQWebUploader.createWebUploader=function(element){
JQWebUploader.uploadComplete(file);
});
uploader.on("uploadError", function(file,msg){
});
uploader.on("error", function(kind){
if(kind=='F_EXCEED_SIZE'||kind=='Q_EXCEED_SIZE_LIMIT'){
......@@ -261,7 +263,7 @@ JQWebUploader.renderSizeView=function(value){
index +=1;
quotient=quotient/1024;
}
var tempNumber = parseInt((quotient * Math.pow(10,2)+0.5))/Math.pow(10,2);
var tempNumber = parseInt((quotient * Math.pow(10,2)+0.5))/Math.pow(10,2);
return tempNumber+" "+unitArr[index];
};
......@@ -353,6 +355,6 @@ $.extend(JQWebUploader.prototype, {
obj.set(op);
}
}
});
});
};
})(jQuery);
\ No newline at end of file
})(jQuery);
huigou-xt/src/main/webapp/system/bpm/job.js
View file @ ba9a9b3b
......@@ -1800,4 +1800,10 @@ function closeJobPageAndReloadTaskCenter(){
function getAdditionSelectOrgParams(){
return {};
}
\ No newline at end of file
}
/**
* 获取表单的密级
*/
function getSecretLevel() {
}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment