默认对附件密级进行校验

f2df85f1 · 雍欢 · c79079f1 · f2df85f1 · f2df85f1 · f2df85f1
Commit f2df85f1 authored Apr 13, 2021 by 雍欢
5 changed files
--- a/huigou-explorer/src/main/java/com/huigou/explorer/converters/bpmn/UserTaskConverter.java
+++ b/huigou-explorer/src/main/java/com/huigou/explorer/converters/bpmn/UserTaskConverter.java
@@ -23,7 +23,11 @@ public class UserTaskConverter extends AbstractElementConverter implements Eleme
    public final static String CUSTOM_PROPERTY_PREVIEW_HANDLER = "previewHandler";
    public final static String CUSTOM_PROPERTY_ASSISTANT_MUST_APPROVE = "assistantMustApprove";
    public final static String CUSTOM_PROPERTY_MERGE_HANDLER_KIND = "mergeHandlerKind";
-    public final static List<String> CUSTOM_PROPERTIES = Arrays.asList(CUSTOM_PROPERTY_NEED_TIMING, CUSTOM_PROPERTY_LIMIT_TIME, CUSTOM_PROPERTY_PREVIEW_HANDLER, CUSTOM_PROPERTY_ASSISTANT_MUST_APPROVE, CUSTOM_PROPERTY_MERGE_HANDLER_KIND);
+    /**
+     * 用户任务描述表达式
+     */
+    public final static String CUSTOM_PROPERTY_USER_TASK_DESCRIPTION_EXPRESSION = "descriptionExpression";
+    public final static List<String> CUSTOM_PROPERTIES = Arrays.asList(CUSTOM_PROPERTY_NEED_TIMING, CUSTOM_PROPERTY_LIMIT_TIME, CUSTOM_PROPERTY_PREVIEW_HANDLER, CUSTOM_PROPERTY_ASSISTANT_MUST_APPROVE, CUSTOM_PROPERTY_MERGE_HANDLER_KIND, CUSTOM_PROPERTY_USER_TASK_DESCRIPTION_EXPRESSION);

    public UserTaskConverter() {
        super(Collections.singletonList(Shape.USER_TASK));

--- a/huigou-uasp/src/main/java/com/huigou/uasp/bmp/doc/attachment/application/impl/AbstractAttachmentSecretInfoResolver.java
+++ b/huigou-uasp/src/main/java/com/huigou/uasp/bmp/doc/attachment/application/impl/AbstractAttachmentSecretInfoResolver.java
@@ -21,6 +21,14 @@ public abstract class AbstractAttachmentSecretInfoResolver implements Attachment
    private AttachmentConfigurationRepository attachmentConfigurationRepository;
    private OrgApplication orgApplication;
    private SecrecyLevelComparator secrecyLevelComparator;
+    /**
+     * 默认开启密级检查
+     */
+    private boolean defaultEnableSecret;
+
+    public void setDefaultEnableSecret(boolean defaultEnableSecret) {
+        this.defaultEnableSecret = defaultEnableSecret;
+    }

    @Autowired
    public void setAttachmentConfigurationRepository(AttachmentConfigurationRepository attachmentConfigurationRepository) {
@@ -40,25 +48,39 @@ public abstract class AbstractAttachmentSecretInfoResolver implements Attachment
    @Override
    public String resolve(FileInfo fileInfo) {
        AttachmentConfiguration attachmentConfiguration = attachmentConfigurationRepository.findByCode(fileInfo.getBizCode());
-        if (attachmentConfiguration == null) {
+        if (attachmentConfiguration == null && !defaultEnableSecret) {
            return null;
        }
-        if (!Objects.equals(attachmentConfiguration.getEnableSecret(), 1)) {
-            // 未启用密级
-            return null;
+        if (enableSecret(attachmentConfiguration)) {
+            // 1、解析附件密级
+            String attachmentSecurityLevel = resolveAttachmentSecurityLevel(fileInfo);
+            // 2、校验附件密级是否与人员密级匹配
+            Person person = orgApplication.loadPerson(ThreadLocalUtil.getOperator().getUserId());
+            boolean personSecurityGradeGreaterThanAttachmentSecurityGrade = secrecyLevelComparator.compare(person.getPersonSecurityGrade(), attachmentSecurityLevel) > -1;
+            Assert.isTrue(personSecurityGradeGreaterThanAttachmentSecurityGrade, "附件密级与人员密级不匹配");
+            // 3、校验附件密级是否与表单密级匹配
+            Assert.hasText(fileInfo.getFormSecretLevel(), "表单密级不能为空");
+            boolean formSecurityGradeThanAttachmentSecurityGrade = secrecyLevelComparator.compare(fileInfo.getFormSecretLevel(), attachmentSecurityLevel) > -1;
+            Assert.isTrue(formSecurityGradeThanAttachmentSecurityGrade, "附件密级与表单密级不匹配");
+            // 4、返回附件密级
+            return attachmentSecurityLevel;
+        }
+        // 未启用密级
+        return null;
+    }
+
+    private boolean enableSecret(AttachmentConfiguration attachmentConfiguration) {
+        boolean enableSecret;
+        if (attachmentConfiguration == null) {
+            enableSecret = defaultEnableSecret;
+        } else {
+            if (attachmentConfiguration.getEnableSecret() == null) {
+                enableSecret = defaultEnableSecret;
+            } else {
+                enableSecret = Objects.equals(attachmentConfiguration.getEnableSecret(), 1);
+            }
        }
-        // 1、解析附件密级
-        String attachmentSecurityLevel = resolveAttachmentSecurityLevel(fileInfo);
-        // 2、校验附件密级是否与人员密级匹配
-        Person person = orgApplication.loadPerson(ThreadLocalUtil.getOperator().getUserId());
-        boolean personSecurityGradeGreaterThanAttachmentSecurityGrade = secrecyLevelComparator.compare(person.getPersonSecurityGrade(), attachmentSecurityLevel) > -1;
-        Assert.isTrue(personSecurityGradeGreaterThanAttachmentSecurityGrade, "附件密级与人员密级不匹配");
-        // 3、校验附件密级是否与表单密级匹配
-        Assert.hasText(fileInfo.getFormSecretLevel(), "表单密级不能为空");
-        boolean formSecurityGradeThanAttachmentSecurityGrade = secrecyLevelComparator.compare(fileInfo.getFormSecretLevel(), attachmentSecurityLevel) > -1;
-        Assert.isTrue(formSecurityGradeThanAttachmentSecurityGrade, "附件密级与表单密级不匹配");
-        // 4、返回附件密级
-        return attachmentSecurityLevel;
+        return enableSecret;
    }

    /**

--- a/huigou-uasp/src/main/java/com/huigou/uasp/bmp/doc/attachment/application/impl/TestAttachmentSecretInfoResolver.java
+++ b/huigou-uasp/src/main/java/com/huigou/uasp/bmp/doc/attachment/application/impl/TestAttachmentSecretInfoResolver.java
@@ -34,7 +34,7 @@ public class TestAttachmentSecretInfoResolver extends AbstractAttachmentSecretIn
    @Override
    protected String resolveAttachmentSecurityLevel(FileInfo fileInfo) {
        Matcher matcher = FILE_NAME_PATTERN.matcher(fileInfo.getName());
-        Assert.isTrue(matcher.matches(), "附件名不合法");
+        Assert.isTrue(matcher.matches(), "附件名不合法，合法的附件名为：【密级】文件名，如：【非密】报销单.pdf");
        String attachmentSecurityGradeName = matcher.group(1);
        Assert.hasText(attachmentSecurityGradeName, "附件名中未包含附件密级信息");
        DictionaryDesc attachmentSecurityGrade = SystemCache.getDictionary(securityGradeDictionaryCode).values()

--- a/huigou-xt/pom.xml
+++ b/huigou-xt/pom.xml
@@ -112,11 +112,11 @@
                    <artifactId>huigou-explorer</artifactId>
                    <version>${project.version}</version>
                </dependency>
-                <dependency>
+              <!--  <dependency>
                    <groupId>com.huigou</groupId>
                    <artifactId>huigou-bpm</artifactId>
                    <version>${project.version}</version>
-                </dependency>
+                </dependency>-->
                <dependency>
                    <groupId>com.huigou</groupId>
                    <artifactId>huigou-rule</artifactId>

--- a/pom.xml
+++ b/pom.xml
@@ -22,8 +22,8 @@
        <module>huigou-demo</module>
        <module>huigou-xt</module>
        <module>query-spring</module>
-        <module>huigou-form</module>
-        <module>huigou-bpm</module>
+<!--        <module>huigou-form</module>-->
+<!--        <module>huigou-bpm</module>-->
        <module>huigou-webservice</module>
        <module>huigou-rule</module>
    </modules>