上传附件的时候，检查附件密级是否与人员密级匹配、校验附件密级是否与表单密级匹配

ba9a9b3b · 雍欢 · 7f38ae14 · ba9a9b3b · ba9a9b3b · ba9a9b3b
Commit ba9a9b3b authored Mar 08, 2021 by 雍欢
10 changed files
--- a/huigou-uasp/src/main/java/com/huigou/uasp/bmp/doc/attachment/application/AttachmentSecretInfoResolver.java
+++ b/huigou-uasp/src/main/java/com/huigou/uasp/bmp/doc/attachment/application/AttachmentSecretInfoResolver.java
 package com.huigou.uasp.bmp.doc.attachment.application;
-import com.huigou.uasp.bmp.doc.attachment.domain.model.Attachment;
+import com.huigou.uasp.bmp.doc.attachment.domain.model.FileInfo;
 /**
 * 附件涉密信息解析器
@@ -12,9 +12,10 @@ public interface AttachmentSecretInfoResolver {
    /**
     * 解析附件密级
     *
-     * @param attachment 附件
+     * @param fileInfo 附件
+     * @return 附件密级
     * @throws IllegalArgumentException 如果解析失败将抛出该异常
     */
-    void resolve(Attachment attachment);
+    String resolve(FileInfo fileInfo);
 }
--- a/huigou-uasp/src/main/java/com/huigou/uasp/bmp/doc/attachment/application/WebUploaderService.java
+++ b/huigou-uasp/src/main/java/com/huigou/uasp/bmp/doc/attachment/application/WebUploaderService.java
@@ -2,6 +2,7 @@ package com.huigou.uasp.bmp.doc.attachment.application;
 import java.io.File;
+import com.huigou.uasp.bmp.doc.attachment.domain.model.Attachment;
 import com.huigou.uasp.bmp.doc.attachment.domain.model.FileInfo;
@@ -40,4 +41,6 @@ public interface WebUploaderService {
     * @return
     */
    String saveFileMap(FileInfo info, File file);
+    Attachment saveFile(FileInfo info, File file);
 }
--- a/huigou-uasp/src/main/java/com/huigou/uasp/bmp/doc/attachment/application/impl/TestAttachmentSecretInfoResolver.java
+++ b/huigou-uasp/src/main/java/com/huigou/uasp/bmp/doc/attachment/application/impl/TestAttachmentSecretInfoResolver.java
@@ -4,8 +4,8 @@ import com.huigou.cache.DictionaryDesc;
 import com.huigou.cache.SystemCache;
 import com.huigou.context.ThreadLocalUtil;
 import com.huigou.uasp.bmp.doc.attachment.application.AttachmentSecretInfoResolver;
-import com.huigou.uasp.bmp.doc.attachment.domain.model.Attachment;
 import com.huigou.uasp.bmp.doc.attachment.domain.model.AttachmentConfiguration;
+import com.huigou.uasp.bmp.doc.attachment.domain.model.FileInfo;
 import com.huigou.uasp.bmp.doc.attachment.repository.AttachmentConfigurationRepository;
 import com.huigou.uasp.bmp.opm.application.OrgApplication;
 import com.huigou.uasp.bmp.opm.domain.model.org.Person;
@@ -49,14 +49,14 @@ public class TestAttachmentSecretInfoResolver implements AttachmentSecretInfoRes
    }
    @Override
-    public void resolve(Attachment attachment) {
+    public String resolve(FileInfo fileInfo) {
-        AttachmentConfiguration attachmentConfiguration = attachmentConfigurationRepository.findByCode(attachment.getBizKindId());
+        AttachmentConfiguration attachmentConfiguration = attachmentConfigurationRepository.findByCode(fileInfo.getBizCode());
        if (!Objects.equals(attachmentConfiguration.getEnableSecret(), 1)) {
            // 未启用密级
-            return;
+            return null;
        }
        // 1、从文件名中解析附件密级
-        Matcher matcher = FILE_NAME_PATTERN.matcher(attachment.getFileName());
+        Matcher matcher = FILE_NAME_PATTERN.matcher(fileInfo.getName());
        Assert.isTrue(matcher.matches(), "附件名不合法");
        String attachmentSecurityGradeName = matcher.group(1);
        Assert.hasText(attachmentSecurityGradeName, "附件名中未包含附件密级信息");
@@ -75,7 +75,16 @@ public class TestAttachmentSecretInfoResolver implements AttachmentSecretInfoRes
                .orElseThrow(() -> new IllegalArgumentException(String.format("无效的人员密级：%s", person.getPersonSecurityGrade())));
        boolean personSecurityGradeGreaterThanAttachmentSecurityGrade = personSecurityGrade.getSequence().compareTo(attachmentSecurityGrade.getSequence()) > -1;
        Assert.isTrue(personSecurityGradeGreaterThanAttachmentSecurityGrade, "附件密级与人员密级不匹配");
-        // 3、设置附件密级
+        // 3、校验附件密级是否与表单密级匹配
-        attachment.setSecretLevel(attachmentSecurityGrade.getValue());
+        Assert.hasText(fileInfo.getFormSecretLevel(), "表单密级不能为空");
+        DictionaryDesc formSecurityGrade = secrecyLevels
+                .stream()
+                .filter(e -> Objects.equals(e.getValue(), fileInfo.getFormSecretLevel()))
+                .findAny()
+                .orElseThrow(() -> new IllegalArgumentException(String.format("无效的表单密级：%s", fileInfo.getFormSecretLevel())));
+        boolean formSecurityGradeThanAttachmentSecurityGrade = formSecurityGrade.getSequence().compareTo(attachmentSecurityGrade.getSequence()) > -1;
+        Assert.isTrue(formSecurityGradeThanAttachmentSecurityGrade, "附件密级与表单密级不匹配");
+        // 4、返回附件密级
+        return attachmentSecurityGrade.getValue();
    }
 }
--- a/huigou-uasp/src/main/java/com/huigou/uasp/bmp/doc/attachment/application/impl/WebUploaderServiceImpl.java
+++ b/huigou-uasp/src/main/java/com/huigou/uasp/bmp/doc/attachment/application/impl/WebUploaderServiceImpl.java
@@ -245,6 +245,11 @@ public class WebUploaderServiceImpl extends BaseApplication implements WebUpload
        return null;
    }
+    @Override
+    public Attachment saveFile(FileInfo fileInfo, File newFile) {
+        String id = saveFileMap(fileInfo, newFile);
+        return attachmentApplication.loadAttachment(id);
+    }
    @Override
    public String saveFileMap(FileInfo fileInfo, File newFile) {
@@ -276,7 +281,7 @@ public class WebUploaderServiceImpl extends BaseApplication implements WebUpload
            attachment.setStatus(Attachment.Status.NORMAL.getId());
            attachment.setUploadKind(Attachment.UploadKind.WEB.name());
            attachment.setIsMore(fileInfo.getIsMore());
-            attachmentSecretInfoResolver.resolve(attachment);
+            attachment.setSecretLevel(attachmentSecretInfoResolver.resolve(fileInfo));
            return this.attachmentApplication.saveAttachment(attachment);
        } catch (Exception ex) {
@@ -291,10 +296,8 @@ public class WebUploaderServiceImpl extends BaseApplication implements WebUpload
     * 清理分片上传的相关数据
     * 文件夹，tmp文件
     *
-     * @param folder
+     * @param folder 文件夹名称
-     *            文件夹名称
+     * @param path   上传文件根路径
-     * @param path
-     *            上传文件根路径
     * @return
     */
    private boolean cleanSpace(String folder, String path) {
@@ -314,8 +317,7 @@ public class WebUploaderServiceImpl extends BaseApplication implements WebUpload
    /**
     * 获取指定文件的所有分片
     *
-     * @param folder
+     * @param folder 文件夹路径
-     *            文件夹路径
     * @return
     */
    private File[] getChunks(String folder) {
@@ -340,8 +342,7 @@ public class WebUploaderServiceImpl extends BaseApplication implements WebUpload
    /**
     * 获取指定文件的分片数量
     *
-     * @param folder
+     * @param folder 文件夹路径
-     *            文件夹路径
     * @return
     */
    private int getChunksNum(String folder) {
@@ -355,8 +356,7 @@ public class WebUploaderServiceImpl extends BaseApplication implements WebUpload
    /**
     * 创建存放上传的文件的文件夹
     *
-     * @param file
+     * @param file 文件夹路径
-     *            文件夹路径
     * @return
     */
    private boolean createFileFolder(String file, boolean hasTmp) {
@@ -390,8 +390,7 @@ public class WebUploaderServiceImpl extends BaseApplication implements WebUpload
    /**
     * 为上传的文件生成随机名称
     *
-     * @param ext
+     * @param ext 文件的原始名称，主要用来获取文件的后缀名
-     *            文件的原始名称，主要用来获取文件的后缀名
     * @return
     */
    private String randomFileName(String extName) {

--- a/huigou-uasp/src/main/java/com/huigou/uasp/bmp/doc/attachment/controller/WebUploadController.java
+++ b/huigou-uasp/src/main/java/com/huigou/uasp/bmp/doc/attachment/controller/WebUploadController.java
@@ -3,6 +3,7 @@ package com.huigou.uasp.bmp.doc.attachment.controller;
 import java.io.File;
 import java.util.Map;
+import com.huigou.uasp.bmp.doc.attachment.domain.model.Attachment;
 import org.apache.commons.fileupload.FileItem;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Controller;
@@ -57,6 +58,7 @@ public class WebUploadController extends CommonController {
        info.setUniqueName(sdo.getProperty("uniqueName", String.class));
        info.setIsMore(sdo.getProperty("isMore", String.class));
        info.setDeleteOld(sdo.getProperty("deleteOld", String.class));
+        info.setFormSecretLevel(sdo.getProperty("formSecretLevel", String.class));
        try {
            String chunkIndex = sdo.getProperty("chunkIndex", String.class);
            info.setChunkIndex(Integer.parseInt(chunkIndex));
@@ -91,9 +93,11 @@ public class WebUploadController extends CommonController {
                if (info.getChunks() <= 0) {
                    String backurl = this.getBackurl();
                    if (StringUtil.isBlank(backurl)) {
-                        String attachmentId = webUploaderService.saveFileMap(info, target);
+                        Attachment attachment = webUploaderService.saveFile(info, target);
                        Map<String, Object> map = info.toMap();
-                        map.put("id", attachmentId);
+                        map.put("id", attachment.getId());
+                        map.put("secretLevel", attachment.getSecretLevel());
+                        map.put("secretLimit", attachment.getSecrecyLimit());
                        return toResult(map);
                    } else {
                        Map<String, Object> param = info.toMap();
@@ -178,9 +182,11 @@ public class WebUploadController extends CommonController {
            }
            String backurl = this.getBackurl();
            if (StringUtil.isBlank(backurl)) {
-                String fileId = webUploaderService.saveFileMap(info, target);
+                Attachment attachment = webUploaderService.saveFile(info, target);
                Map<String, Object> map = info.toMap();
-                map.put("id", fileId);
+                map.put("id", attachment.getId());
+                map.put("secretLevel", attachment.getSecretLevel());
+                map.put("secretLimit", attachment.getSecrecyLimit());
                return toResult(map);
            } else {
                Map<String, Object> param = info.toMap();

--- a/huigou-uasp/src/main/java/com/huigou/uasp/bmp/doc/attachment/domain/model/FileInfo.java
+++ b/huigou-uasp/src/main/java/com/huigou/uasp/bmp/doc/attachment/domain/model/FileInfo.java
@@ -50,6 +50,10 @@ public class FileInfo {
    private String savePath;
    private String uniqueName;
+    /**
+     * 对应的表单密级
+     */
+    private String formSecretLevel;
    public FileInfo() {
        bizCode = "";
@@ -184,6 +188,14 @@ public class FileInfo {
        this.uniqueName = uniqueName;
    }
+    public String getFormSecretLevel() {
+        return formSecretLevel;
+    }
+    public void setFormSecretLevel(String formSecretLevel) {
+        this.formSecretLevel = formSecretLevel;
+    }
    public boolean deleteOld() {
        return "true".equals(this.deleteOld);
    }

--- a/huigou-xt/src/main/resources/config/spring/spring-extend.xml
+++ b/huigou-xt/src/main/resources/config/spring/spring-extend.xml
@@ -74,6 +74,6 @@
    <bean id="attachmentSecretInfoResolver"
          class="com.huigou.uasp.bmp.doc.attachment.application.impl.TestAttachmentSecretInfoResolver">
-        <property name="securityGradeDictionaryCode" value="secrecyLevel"/>
+        <property name="securityGradeDictionaryCode" value="securityGrade"/>
    </bean>
 </beans>
--- a/huigou-xt/src/main/webapp/biz/demo/leaveDetails.jsp
+++ b/huigou-xt/src/main/webapp/biz/demo/leaveDetails.jsp
@@ -28,7 +28,7 @@
        <div class="hg-form-cols">
            <div class="hg-form-row">
                <x:selectC name="secretLevel" title="密级" required="true" label="密级" labelCol="2" fieldCol="2"
-                           dictionary="secrecyLevel"/>
+                           dictionary="securityGrade"/>
                <x:inputC name="secrecyLimit" title="密级年限" required="false" label="密级年限" labelCol="2" fieldCol="2"
                          mask="nnn"/>
            </div>
@@ -55,7 +55,9 @@
    function setId(leaveId) {
        $("#leaveId").val(leaveId);
        // 为文件上传控件绑定业务id
-        $('#fileList').fileList({bizId: leaveId});
+        $('#fileList').fileList({
+            bizId: leaveId
+        });
    }
    /**

--- a/huigou-xt/src/main/webapp/lib/webUploader/jquery.webuploader.js
+++ b/huigou-xt/src/main/webapp/lib/webUploader/jquery.webuploader.js
@@ -130,6 +130,8 @@ JQWebUploader.createWebUploader=function(element){
 			this['JQWebUploader']=jqWebUp;
 			//动态设置fromData属性
 			this.options.formData=jqWebUp.getParam();
+			// 取到表单密级
+			this.options.formData.formSecretLevel = getSecretLevel();
 		});
 		//当文件被加入队列之前触发，此事件的handler返回值为false，则此文件不会被添加进入队列
 		uploader.on("beforeFileQueued", function(file){

--- a/huigou-xt/src/main/webapp/system/bpm/job.js
+++ b/huigou-xt/src/main/webapp/system/bpm/job.js
@@ -1801,3 +1801,9 @@ function closeJobPageAndReloadTaskCenter(){
 function getAdditionSelectOrgParams(){
 	return {};
 }
+/**
+ * 获取表单的密级
+ */
+function getSecretLevel() {
+}