gfwleak/k18-ntcs-web-ntc
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

1、数据范围根据用户角色筛选;2、界面功能按钮根据权限是否显示;3、文件上传后,文件访问链接改为服务接口返回的参数内容

Browse Source
This commit is contained in:
zhangwei
2018-05-21 17:21:21 +08:00
parent 46f43c6f5d
commit b46e302824
5 changed files with 93 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/main/java/com/nis/web/dao/configuration/AvCfgDao.xml
View File

@@ -177,6 +177,8 @@
<if test="level != null"> <if test="level != null">
AND a.level=#{level,jdbcType=INTEGER} AND a.level=#{level,jdbcType=INTEGER}
</if> </if>
<!-- 数据范围过滤 -->
${sqlMap.dsf}
</trim> </trim>
<choose> <choose>
<when test="page !=null and page.orderBy != null and page.orderBy != ''"> <when test="page !=null and page.orderBy != null and page.orderBy != ''">
@@ -274,6 +276,8 @@
<if test="description != null and description != ''"> <if test="description != null and description != ''">
AND a.description like concat(concat('%',#{description,jdbcType=VARCHAR}),'%') AND a.description like concat(concat('%',#{description,jdbcType=VARCHAR}),'%')
</if> </if>
<!-- 数据范围过滤 -->
${sqlMap.dsf}
</trim> </trim>
<choose> <choose>
<when test="page !=null and page.orderBy != null and page.orderBy != ''"> <when test="page !=null and page.orderBy != null and page.orderBy != ''">

59
src/main/java/com/nis/web/service/BaseService.java
View File

@@ -56,7 +56,7 @@ public abstract class BaseService {
for (String oa : StringUtils.split(officeAlias, ",")){ for (String oa : StringUtils.split(officeAlias, ",")){
if (!dataScope.contains(r.getDataScope()) && StringUtils.isNotBlank(oa)){ if (!dataScope.contains(r.getDataScope()) && StringUtils.isNotBlank(oa)){
sqlString.append(createScopeSql(r.getDataScope(),oa,user)); sqlString.append(createScopeSql(r.getDataScope(),oa,user,null));
dataScope.add(r.getDataScope()); dataScope.add(r.getDataScope());
} }
} }
@@ -84,7 +84,48 @@ public abstract class BaseService {
return ""; return "";
} }
/**
* 数据范围过滤
* @param user 当前用户对象通过“entity.getCurrentUser()”获取
* @param configAlias 配置表别名,多个用","逗号隔开,传递空,忽略此参数
* @return 标准连接条件对象
*/
public static String configScopeFilter(SysUser user, String configAlias) {
StringBuilder sqlString = new StringBuilder();
// 进行权限过滤,多个角色权限范围之间为或者关系。
List<Integer> dataScope = Lists.newArrayList();
if (StringUtils.isBlank(user.getLoginId())){
return "";
}
// 超级管理员,跳过权限过滤
if (!user.isAdmin()){
boolean isDataScopeAll = isContainsDataScopeAll(user.getUserRoleList());
// 如果没有全部数据权限
if (!isDataScopeAll){
for (SysRole r : user.getUserRoleList()) {
for (String c : StringUtils.split(configAlias, ",")){
if (!dataScope.contains(r.getDataScope()) && StringUtils.isNotBlank(c)){
sqlString.append(createScopeSql(r.getDataScope(),"",user,c));
dataScope.add(r.getDataScope());
}
}
}
}else{
// 如果包含全部权限,则去掉之前添加的所有条件,并跳出循环。
sqlString = new StringBuilder();
}
}
if (StringUtils.isNotBlank(sqlString.toString())){
return " AND (" + sqlString.substring(4) + ")";
}
return "";
}
/** /**
@@ -108,10 +149,12 @@ public abstract class BaseService {
/** /**
* 过滤机构信息 * 过滤机构信息
* @param dataScope 数据范围1所有数据2所在公司及以下数据3所在公司数据4所在部门及以下数据5所在部门数据6所在单位及以下数据7所在单位数据 * @param dataScope 数据范围1所有数据2所在公司及以下数据3所在公司数据
* 4所在部门及以下数据5所在部门数据6所在单位及以下数据7所在单位数据;
* 8:操作员数据9审核员数据10审计员数据
* @return * @return
*/ */
private static String createScopeSql(int dataScope,String officeAlias,SysUser user) { private static String createScopeSql(int dataScope,String officeAlias,SysUser user,String configAlias) {
StringBuilder scopeSql = new StringBuilder(1024); StringBuilder scopeSql = new StringBuilder(1024);
if (SysRole.DATA_SCOPE_COMPANY_AND_CHILD.equals(dataScope)){ if (SysRole.DATA_SCOPE_COMPANY_AND_CHILD.equals(dataScope)){
@@ -139,6 +182,14 @@ public abstract class BaseService {
// 包括本公司下的部门 type=1:公司type=2单位 3.部门) // 包括本公司下的部门 type=1:公司type=2单位 3.部门)
scopeSql.append(" OR (" + officeAlias + ".parent_id = '" + user.getEntity().getId() + "' AND " + officeAlias + ".type>1)"); scopeSql.append(" OR (" + officeAlias + ".parent_id = '" + user.getEntity().getId() + "' AND " + officeAlias + ".type>1)");
}else if (SysRole.DATA_SCOPE_CREATOR.equals(dataScope)){
scopeSql.append(" OR " + configAlias + ".is_audit !=3");
}
else if (SysRole.DATA_SCOPE_AUDITOR.equals(dataScope)){
scopeSql.append(" OR " + configAlias + ".is_audit = 0 and " + configAlias + ".is_valid = 0");
}
else if (SysRole.DATA_SCOPE_SHOWER.equals(dataScope)){
scopeSql.append(" OR " + configAlias + ".is_audit = 1");
} }
return scopeSql.toString(); return scopeSql.toString();

11
src/main/java/com/nis/web/service/configuration/AvCfgService.java
View File

@@ -50,12 +50,16 @@ public class AvCfgService extends BaseService{
return avCfgDao.getAvSignSampleById(cfgId); return avCfgDao.getAvSignSampleById(cfgId);
} }
public Page<AvFileSampleCfg> getAvFileSampleList(Page<AvFileSampleCfg> page, AvFileSampleCfg entity){ public Page<AvFileSampleCfg> getAvFileSampleList(Page<AvFileSampleCfg> page, AvFileSampleCfg entity){
// 生成数据权限过滤条件dsf为dataScopeFilter的简写在xml中使用 ${sqlMap.dsf}调用权限SQL
entity.getSqlMap().put("dsf", configScopeFilter(entity.getCurrentUser(),"a"));
entity.setPage(page); entity.setPage(page);
List<AvFileSampleCfg> list = avCfgDao.getAvFileSampleList(entity); List<AvFileSampleCfg> list = avCfgDao.getAvFileSampleList(entity);
page.setList(list); page.setList(list);
return page; return page;
} }
public Page<AvSignSampleCfg> getAvSignSampleList(Page<AvSignSampleCfg> page, AvSignSampleCfg entity){ public Page<AvSignSampleCfg> getAvSignSampleList(Page<AvSignSampleCfg> page, AvSignSampleCfg entity){
// 生成数据权限过滤条件dsf为dataScopeFilter的简写在xml中使用 ${sqlMap.dsf}调用权限SQL
entity.getSqlMap().put("dsf", configScopeFilter(entity.getCurrentUser(),"a"));
entity.setPage(page); entity.setPage(page);
List<AvSignSampleCfg> list = avCfgDao.getAvSignSampleList(entity); List<AvSignSampleCfg> list = avCfgDao.getAvSignSampleList(entity);
page.setList(list); page.setList(list);
@@ -157,6 +161,9 @@ public class AvCfgService extends BaseService{
srcMap.put("checksum", entity.getSrcMd5()); srcMap.put("checksum", entity.getSrcMd5());
String result1 = ConfigServiceUtil.postFileCfg(null, srcFile, JSONObject.fromObject(srcMap)); String result1 = ConfigServiceUtil.postFileCfg(null, srcFile, JSONObject.fromObject(srcMap));
logger.info("音视频源文件上传响应信息:"+result1); logger.info("音视频源文件上传响应信息:"+result1);
//获取文件上传响应信息(文件访问路径)
Map<String, Object> srcRes = gson.fromJson(result1,Map.class);
entity.setSrcUrl(srcRes.get("data").toString());
File smapleFile = new File(entity.getSamplePath()); File smapleFile = new File(entity.getSamplePath());
Map<String,Object> sampleMap = new HashMap(); Map<String,Object> sampleMap = new HashMap();
@@ -167,7 +174,9 @@ public class AvCfgService extends BaseService{
sampleMap.put("checksum", entity.getSampleMd5()); sampleMap.put("checksum", entity.getSampleMd5());
String result2 = ConfigServiceUtil.postFileCfg(null, srcFile, JSONObject.fromObject(sampleMap)); String result2 = ConfigServiceUtil.postFileCfg(null, srcFile, JSONObject.fromObject(sampleMap));
logger.info("音视频样例文件上传响应信息:"+result2); logger.info("音视频样例文件上传响应信息:"+result2);
Map<String, Object> sampleRes = gson.fromJson(result1,Map.class);
//获取文件上传响应信息(文件访问路径)
entity.setSampleUrl(sampleRes.get("data").toString());
} catch (Exception e) { } catch (Exception e) {
e.printStackTrace(); e.printStackTrace();
logger.info("音视频文件样例配置下发失败"); logger.info("音视频文件样例配置下发失败");

23
src/main/webapp/WEB-INF/views/cfg/av/fileSampleList.jsp
View File

@@ -52,10 +52,12 @@
<div class="page-content"> <div class="page-content">
<div class="theme-panel hidden-xs hidden-sm"> <div class="theme-panel hidden-xs hidden-sm">
<button type="button" class="btn btn-primary" <shiro:hasPermission name="avFileSample:config">
onClick="javascript:window.location='${ctx}/ntc/av/sample/fileSampleForm?functionId=${cfg.functionId}'"> <button type="button" class="btn btn-primary"
<i class="fa fa-plus"></i> onClick="javascript:window.location='${ctx}/ntc/av/sample/fileSampleForm?functionId=${cfg.functionId}'">
<spring:message code="add"></spring:message></button> <i class="fa fa-plus"></i>
<spring:message code="add"></spring:message></button>
</shiro:hasPermission>
</div> </div>
<h3 class="page-title"> <h3 class="page-title">
@@ -293,7 +295,7 @@
<tr> <tr>
<td><input type="checkbox" class="i-checks" id="${cfg.cfgId}" value="${cfg.isAudit}"></td> <td><input type="checkbox" class="i-checks" id="${cfg.cfgId}" value="${cfg.isAudit}"></td>
<td> <td>
<a href="${cfg.srcUrl }" data-original-title="${cfg.srcUrl }" <a href="${cfg.srcUrl }" data-original-title="${cfg.srcUrl }" target="_blank"
class="tooltips" data-flag="false" data-html="true" data-placement="top"> class="tooltips" data-flag="false" data-html="true" data-placement="top">
${fn:substring(cfg.srcUrl,0,20) } ${fn:substring(cfg.srcUrl,0,20) }
</a> </a>
@@ -307,12 +309,11 @@
<td>${cfg.level }</td> <td>${cfg.level }</td>
<td>${cfg.cfgDesc }</td> <td>${cfg.cfgDesc }</td>
<td> <td>
<c:if test="${1 eq cfg.action }"><spring:message code="block"/></c:if> <c:forEach items="${fns:getDictList('SERVICE_ACTION') }" var="dict">
<c:if test="${2 eq cfg.action }"><spring:message code="monitor"/></c:if> <c:if test="${dict.itemValue eq cfg.action }">
<c:if test="${5 eq cfg.action }"><spring:message code="block_white_list"/></c:if> <spring:message code="${dict.itemCode }"/>
<c:if test="${6 eq cfg.action }"><spring:message code="monitor_white_list"/></c:if> </c:if>
<c:if test="${7 eq cfg.action }"><spring:message code="block_monitor_white_list"/></c:if> </c:forEach>
<c:if test="${8 eq cfg.action }"><spring:message code="grey_list"/></c:if>
</td> </td>
<td> <td>
<c:if test="${cfg.isAreaEffective==0}"><spring:message code="no"/></c:if> <c:if test="${cfg.isAreaEffective==0}"><spring:message code="no"/></c:if>

22
src/main/webapp/WEB-INF/views/cfg/av/signSampleList.jsp
View File

@@ -54,10 +54,13 @@
<div class="page-content"> <div class="page-content">
<div class="theme-panel hidden-xs hidden-sm"> <div class="theme-panel hidden-xs hidden-sm">
<button type="button" class="btn btn-primary"
<shiro:hasPermission name="avSignSample:config">
<button type="button" class="btn btn-primary"
onClick="javascript:window.location='${ctx}/ntc/av/sample/signSampleForm?functionId=${cfg.functionId}'"> onClick="javascript:window.location='${ctx}/ntc/av/sample/signSampleForm?functionId=${cfg.functionId}'">
<i class="fa fa-plus"></i> <i class="fa fa-plus"></i>
<spring:message code="add"></spring:message></button> <spring:message code="add"></spring:message></button>
</shiro:hasPermission>
</div> </div>
<h3 class="page-title"> <h3 class="page-title">
@@ -87,7 +90,7 @@
<form:option value="0"><spring:message code="created"></spring:message></form:option> <form:option value="0"><spring:message code="created"></spring:message></form:option>
<form:option value="1"><spring:message code="approved"></spring:message></form:option> <form:option value="1"><spring:message code="approved"></spring:message></form:option>
<form:option value="2"><spring:message code="unapproved"></spring:message></form:option> <form:option value="2"><spring:message code="unapproved"></spring:message></form:option>
<form:option value="3"><spring:message code="cancel_approved"></spring:message></form:option> <%-- <form:option value="3"><spring:message code="cancel_approved"></spring:message></form:option> --%>
</form:select> </form:select>
</div> </div>
@@ -303,12 +306,11 @@
<td>${cfg.level }</td> <td>${cfg.level }</td>
<td>${cfg.cfgDesc }</td> <td>${cfg.cfgDesc }</td>
<td> <td>
<c:if test="${1 eq cfg.action }"><spring:message code="block"/></c:if> <c:forEach items="${fns:getDictList('SERVICE_ACTION') }" var="dict">
<c:if test="${2 eq cfg.action }"><spring:message code="monitor"/></c:if> <c:if test="${dict.itemValue eq cfg.action }">
<c:if test="${5 eq cfg.action }"><spring:message code="block_white_list"/></c:if> <spring:message code="${dict.itemCode }"/>
<c:if test="${6 eq cfg.action }"><spring:message code="monitor_white_list"/></c:if> </c:if>
<c:if test="${7 eq cfg.action }"><spring:message code="block_monitor_white_list"/></c:if> </c:forEach>
<c:if test="${8 eq cfg.action }"><spring:message code="grey_list"/></c:if>
</td> </td>
<td> <td>
<c:if test="${cfg.isAreaEffective==0}"><spring:message code="no"/></c:if> <c:if test="${cfg.isAreaEffective==0}"><spring:message code="no"/></c:if>