修改数据的时候，需要校验表单中的密级密级是否与表单、人员密级匹配

df363ab1 · 雍欢 · 65172649 · df363ab1 · df363ab1 · df363ab1
Commit df363ab1 authored Mar 09, 2021 by 雍欢
3 changed files
--- a/huigou-demo/src/main/java/com/huigou/demo/application/impl/LeaveApplicationImpl.java
+++ b/huigou-demo/src/main/java/com/huigou/demo/application/impl/LeaveApplicationImpl.java
 package com.huigou.demo.application.impl;


-import com.huigou.uasp.bmp.common.BizBillStatus;
-import com.huigou.uasp.bpm.FlowBroker;
-import com.huigou.util.ClassHelper;
 import com.huigou.demo.application.LeaveApplication;
 import com.huigou.demo.domain.model.Leave;
 import com.huigou.demo.domain.query.LeaveQuery;
 import com.huigou.demo.mapper.LeaveMapper;
 import com.huigou.demo.repository.LeaveRepository;
-import org.activiti.engine.RuntimeService;
-import org.activiti.engine.TaskService;
+import com.huigou.uasp.bmp.common.BizBillStatus;
+import com.huigou.uasp.bmp.doc.attachment.application.AttachmentApplication;
+import com.huigou.uasp.bmp.doc.attachment.application.SecrecyLevelComparator;
+import com.huigou.uasp.bpm.FlowBroker;
+import com.huigou.util.ClassHelper;
 import org.activiti.engine.delegate.DelegateExecution;
 import org.activiti.engine.delegate.DelegateTask;
-import org.activiti.engine.runtime.ProcessInstance;
-import org.activiti.engine.task.Task;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;

@@ -28,18 +26,7 @@ public class LeaveApplicationImpl extends FlowBroker implements LeaveApplication

    private LeaveRepository leaveRepository;
    private LeaveMapper leaveMapper;
-
-    @Autowired
-    private RuntimeService runtimeService;
-    @Autowired
-    private TaskService taskService;
-
-    public void test() {
-        Task task = taskService.createTaskQuery().taskId("taskId").singleResult();
-       ProcessInstance pi = runtimeService.createProcessInstanceQuery()
-                .processInstanceId( task.getProcessInstanceId())
-                .singleResult();
-    }
+    private AttachmentApplication attachmentApplication;

    @Autowired
    public void setLeaveRepository(LeaveRepository leaveRepository) {
@@ -51,6 +38,10 @@ public class LeaveApplicationImpl extends FlowBroker implements LeaveApplication
        this.leaveMapper = leaveMapper;
    }

+    @Autowired
+    public void setAttachmentApplication(AttachmentApplication attachmentApplication) {
+        this.attachmentApplication = attachmentApplication;
+    }

    @Override
    public Leave loadLeaveById(String id) {
@@ -70,15 +61,14 @@ public class LeaveApplicationImpl extends FlowBroker implements LeaveApplication
        if (leave.isNew()) {
            leave.setStatusId(BizBillStatus.APPLYING.getId());
        } else {
+            // 修改数据的时候，需要校验表单中的密级密级是否与表单、人员密级匹配
            leave = (Leave) commonDomainService.loadAndFillinProperties(leave);
+            attachmentApplication.checkAttachmentSecretLevel("demoLeave", leave.getId(), leave.getSecretLevel());
        }
-        leave = leaveRepository.save(leave);
-
        return leave.getId();
    }


-
    @Override
    protected Map<String, Object> getProcessBizParams(String bizId) {
        // 返回业务数据给流程实例，

--- a/huigou-uasp/src/main/java/com/huigou/uasp/bmp/doc/attachment/application/AttachmentApplication.java
+++ b/huigou-uasp/src/main/java/com/huigou/uasp/bmp/doc/attachment/application/AttachmentApplication.java
@@ -17,72 +17,62 @@ public interface AttachmentApplication {

    /**
     * 保存附件配置
-     * 
-     * @param attachmentConfiguration
-     *            附件配置实体
-     * @return
-     *         附件配置ID
+     *
+     * @param attachmentConfiguration 附件配置实体
+     * @return 附件配置ID
     */
    String saveAttachmentConfiguration(AttachmentConfiguration attachmentConfiguration);

    /**
     * 加载附件配置
-     * 
-     * @param id
-     *            附件配置ID
+     *
+     * @param id 附件配置ID
     * @return
     */
    AttachmentConfiguration loadAttachmentConfiguration(String id);

    /**
     * 删除附件配置
-     * 
-     * @param ids
-     *            附件配置ID列表
+     *
+     * @param ids 附件配置ID列表
     */
    void deleteAttachmentConfigurations(List<String> ids);

    /**
     * 移动附件配置
-     * 
-     * @param ids
-     *            附件配置ID列表
-     * @param folderId
-     *            文件夹ID
+     *
+     * @param ids      附件配置ID列表
+     * @param folderId 文件夹ID
     */
    void moveAttachmentConfigurations(List<String> ids, String folderId);

    /**
     * 分页查询附件配置
-     * 
-     * @param queryRequest
-     *            查询参数
+     *
+     * @param queryRequest 查询参数
     * @return
     */
    Map<String, Object> slicedQueryAttachmentConfigurations(FolderAndCodeAndNameQueryRequest queryRequest);

    /**
     * 删除附件配置明细
-     * 
-     * @param attachmentConfigurationId
-     *            附件配置ID
-     * @param ids
-     *            附件配置明细ID列表
+     *
+     * @param attachmentConfigurationId 附件配置ID
+     * @param ids                       附件配置明细ID列表
     */
    void deleteAttachmentConfigurationDetails(String attachmentConfigurationId, List<String> ids);

    /**
     * 分页查询附件配置 明细
-     * 
-     * @param queryRequest
-     *            查询请求参数
+     *
+     * @param queryRequest 查询请求参数
     * @return
     */
    Map<String, Object> slicedQueryAttachmentConfigurationDetails(ParentIdQueryRequest queryRequest);

    /**
     * 保存附件
-     * 
+     *
     * @param attachment
     * @return
     */
@@ -90,90 +80,75 @@ public interface AttachmentApplication {

    /**
     * 删除附件
-     * 
-     * @param id
-     *            附件ID
-     * @param verifyCreator
-     *            验证创建人员
+     *
+     * @param id            附件ID
+     * @param verifyCreator 验证创建人员
     */
    void deleteAttachment(String id, Boolean verifyCreator);

    /**
     * 根据ID列表删除附件
-     * 
-     * @param ids
-     *            附件ID列表
-     * @param verifyCreator
-     *            验证创建人员
+     *
+     * @param ids           附件ID列表
+     * @param verifyCreator 验证创建人员
     */
    void deleteAttachmentsByIds(List<String> ids, Boolean verifyCreator);

    /**
     * 通过业务ID删除附件
-     * 
-     * @param bizKindId
-     *            业务类别ID
-     * @param bizId
-     *            业务ID
-     * @param verifyCreator
-     *            验证创建人员
+     *
+     * @param bizKindId     业务类别ID
+     * @param bizId         业务ID
+     * @param verifyCreator 验证创建人员
     */
    void deleteAttachmentsByBizId(String bizKindId, String bizId, boolean verifyCreator);

    /**
     * 加载附件
-     * 
-     * @param id
-     *            附件ID
+     *
+     * @param id 附件ID
     * @return
     */
    Attachment loadAttachment(String id);

    /**
     * 保存附件排序号
-     * 
+     *
     * @param params
     */
    void updateAttachmentsSequence(Map<String, Integer> params);

    /**
     * 查询附件
-     * 
-     * @param bizKindId
-     *            业务类别ID
-     * @param bizId
-     *            业务ID
+     *
+     * @param bizKindId 业务类别ID
+     * @param bizId     业务ID
     * @return
     */
    List<Attachment> queryAttachments(String bizKindId, String bizId);

    /**
     * 查询分组的附件
-     * 
-     * @param bizKindId
-     *            业务类别ID
-     * @param bizId
-     *            业务ID
+     *
+     * @param bizKindId 业务类别ID
+     * @param bizId     业务ID
     * @return
     */
    List<AttachmentConfigurationDesc> queryGroupedAttachments(String bizKindId, String bizId);

    /**
     * 附件是否存在
-     * 
-     * @param bizKindId
-     *            业务类别ID
-     * @param bizSubKindId
-     *            子业务类别ID
-     * @param bizId
-     *            业务ID
+     *
+     * @param bizKindId    业务类别ID
+     * @param bizSubKindId 子业务类别ID
+     * @param bizId        业务ID
     * @return
     */
    boolean attachmentExists(String bizKindId, String bizSubKindId, String bizId);

    /**
     * 附件是否存在
-     * 
+     *
     * @param bizKindId
     * @param bizId
     * @return
@@ -182,20 +157,18 @@ public interface AttachmentApplication {

    /**
     * 按照附件ID附件复制
-     * 
+     *
     * @param fileId
     * @param toBizCode
     * @param toBizIds
-     * @param newOperator
-     *            false使用附件本身的上传用户
-     * @param isCopyFile
-     *            是否拷贝一份新文件
+     * @param newOperator false使用附件本身的上传用户
+     * @param isCopyFile  是否拷贝一份新文件
     */
    void copyAttachmentById(String fileId, String toBizCode, List<String> toBizIds, boolean newOperator, boolean isCopyFile);

    /**
     * 按照附件ID附件复制
-     * 
+     *
     * @param fileId
     * @param toBizCode
     * @param toBizId
@@ -204,21 +177,19 @@ public interface AttachmentApplication {

    /**
     * 附件复制
-     * 
+     *
     * @param fromBizCode
     * @param formBizId
     * @param toBizCode
     * @param toBizId
-     * @param newOperator
-     *            false使用附件本身的上传用户
-     * @param isCopyFile
-     *            是否拷贝一份新文件
+     * @param newOperator false使用附件本身的上传用户
+     * @param isCopyFile  是否拷贝一份新文件
     */
    void copyAttachment(String fromBizCode, String formBizId, String toBizCode, String toBizId, boolean newOperator, boolean isCopyFile);

    /**
     * 附件复制
-     * 
+     *
     * @param fromBizCode
     * @param formBizId
     * @param toBizCode
@@ -226,4 +197,21 @@ public interface AttachmentApplication {
     */
    void copyAttachment(String fromBizCode, String formBizId, String toBizCode, String toBizId);

+    /**
+     * 检查附件密级是否与人员密级、表单密级匹配
+     *
+     * @param attachment      附件
+     * @param formSecretLevel 表单密级
+     */
+    void checkAttachmentSecretLevel(Attachment attachment, String formSecretLevel);
+
+    /**
+     * 检查附件密级是否与人员密级、表单密级匹配
+     *
+     * @param bizKindId       bizKindId
+     * @param bizId           bizKindId
+     * @param formSecretLevel 表单密级
+     */
+    void checkAttachmentSecretLevel(String bizKindId, String bizId, String formSecretLevel);
+
 }
--- a/huigou-uasp/src/main/java/com/huigou/uasp/bmp/doc/attachment/application/impl/AttachmentApplicationImpl.java
+++ b/huigou-uasp/src/main/java/com/huigou/uasp/bmp/doc/attachment/application/impl/AttachmentApplicationImpl.java
@@ -165,7 +165,7 @@ public class AttachmentApplicationImpl extends BaseApplication implements Attach
                    throw new ApplicationException("不能删除其他人上传的文件。");
                }
            }
-            checkAttachmentSecretLevel(attachment);
+            checkAttachmentSecretLevel(attachment, null);
            attachment.setStatus(Attachment.Status.DELETED.getId());
        }

@@ -200,7 +200,7 @@ public class AttachmentApplicationImpl extends BaseApplication implements Attach
    public Attachment loadAttachment(String id) {
        this.checkIdNotBlank(id);
        Attachment attachment = this.attachmentRepository.findOne(id);
-        checkAttachmentSecretLevel(attachment);
+        checkAttachmentSecretLevel(attachment, null);
        return attachment;
    }

@@ -209,7 +209,7 @@ public class AttachmentApplicationImpl extends BaseApplication implements Attach
    public void updateAttachmentsSequence(Map<String, Integer> params) {
        Assert.notEmpty(params, "参数params不能为空。");
        params.keySet().stream().map(attachmentRepository::findOne)
-                .forEach(this::checkAttachmentSecretLevel);
+                .forEach(attachment -> checkAttachmentSecretLevel(attachment, null));
        this.commonDomainService.updateSequence(Attachment.class, params);
    }

@@ -231,8 +231,8 @@ public class AttachmentApplicationImpl extends BaseApplication implements Attach
        return attachments;
    }

-    private void checkAttachmentSecretLevel(Attachment attachment) {
-        if (attachment == null) {
+    public void checkAttachmentSecretLevel(Attachment attachment, String formSecretLevel) {
+        if (attachment == null || StringUtils.isBlank(attachment.getSecretLevel())) {
            return;
        }
        AttachmentConfiguration attachmentConfiguration = attachmentConfigurationRepository.findByCode(attachment.getBizKindId());
@@ -240,6 +240,16 @@ public class AttachmentApplicationImpl extends BaseApplication implements Attach
            Person person = orgApplication.loadPerson(ThreadLocalUtil.getOperator().getUserId());
            Assert.isTrue(matchingSecretLevel(person, attachment), String.format("人员密级[%s]与附件密级[%s]不匹配", person.getPersonSecurityGrade(), attachment.getSecretLevel()));
        }
+        if (StringUtils.isNotBlank(formSecretLevel)) {
+            boolean formSecurityGradeThanAttachmentSecurityGrade = secrecyLevelComparator.compare(formSecretLevel, attachment.getSecretLevel()) > -1;
+            Assert.isTrue(formSecurityGradeThanAttachmentSecurityGrade, String.format("表单密级[%s]与附件密级[%s]不匹配", formSecretLevel, attachment.getSecretLevel()));
+        }
+    }
+
+    @Override
+    public void checkAttachmentSecretLevel(String bizKindId, String bizId, String formSecretLevel) {
+        attachmentRepository.findValidAttachments(bizKindId, bizId)
+                .forEach(attachment -> checkAttachmentSecretLevel(attachment, formSecretLevel));
    }

    /**
@@ -325,7 +335,7 @@ public class AttachmentApplicationImpl extends BaseApplication implements Attach
        String sql = queryDescriptor.getSqlByName("loadById");
        Map<String, Object> map = this.sqlExecutorDao.queryToMap(sql, fileId);
        Assert.notEmpty(map, "文件不存在,可能被其他用户删除或修改！");
-        checkAttachmentSecretLevel(attachmentRepository.findOne(fileId));
+        checkAttachmentSecretLevel(attachmentRepository.findOne(fileId), null);
        BatchSqlUpdateDetail batchInsertDetail = this.getBatchInsertDetail();
        String path = null;
        Operator op = ThreadLocalUtil.getVariable("operator", Operator.class);
@@ -369,7 +379,7 @@ public class AttachmentApplicationImpl extends BaseApplication implements Attach
        }
        objs.stream().map(f -> (String) f.get("id"))
                .map(attachmentRepository::findOne)
-                .forEach(this::checkAttachmentSecretLevel);
+                .forEach(attachment -> checkAttachmentSecretLevel(attachment, null));
        BatchSqlUpdateDetail batchInsertDetail = this.getBatchInsertDetail();
        String path = null;
        Operator op = ThreadLocalUtil.getVariable("operator", Operator.class);