diff --git a/dbsql/update/update202306.sql b/dbsql/update/update202306.sql index d250016..81f8622 100644 --- a/dbsql/update/update202306.sql +++ b/dbsql/update/update202306.sql @@ -4,6 +4,8 @@ comment on column BIANMU.SYS_USER.SECRET_LEVEL is '涉密级别'; -- 目录表增加数据密级字段 alter table BIANMU.B_DIRECTORY add SECRET_LEVEL integer default 0 not null; comment on column BIANMU.B_DIRECTORY.SECRET_LEVEL is '数据密级'; - -UPDATE BIANMU.SYS_USER t SET t.SECRET_LEVEL = 4 WHERE t.USER_ID = 'admin' -UPDATE BIANMU.SYS_USER t SET t.SECRET_LEVEL = 4 WHERE t.USER_ID = 'sa' \ No newline at end of file +-- 修改管理员用户的涉密级别为最高级别 +UPDATE BIANMU.SYS_USER t SET t.SECRET_LEVEL = 4 WHERE t.USER_ID = 'admin'; +UPDATE BIANMU.SYS_USER t SET t.SECRET_LEVEL = 4 WHERE t.USER_ID = 'sa'; +-- 启用密级字段项中的内部 +UPDATE BIANMU.SYS_DICT t SET t.DICT_STATE = 1 WHERE t.ID = '2'; \ No newline at end of file diff --git a/shandan-bianmu/src/main/resources/static/js/business/metadata/edit.js b/shandan-bianmu/src/main/resources/static/js/business/metadata/edit.js index 12df89b..64c0398 100644 --- a/shandan-bianmu/src/main/resources/static/js/business/metadata/edit.js +++ b/shandan-bianmu/src/main/resources/static/js/business/metadata/edit.js @@ -27,6 +27,11 @@ layui.use(['form', 'layer', 'editPage', 'laytpl', 'laydate', 'element', 'table', formInitUrl: requestParam.id ? `${ctx}/business/metadata/get/${requestParam.id}` : '', formSubmitInvoke: async function () { // 自定义表单提交时的方法 let metadataBasic = form.val('metadataForm'); + console.info(user); + if(metadataBasic.secretLevel > user.secretLevel){ + layer.alert('禁止上传超过自身涉密等级的数据,您的涉密等级为【'+ DICT.getText('secret_level', user.secretLevel) +'】', {icon:2}) + return; + } metadataBasic.metadataDetailsList = []; for (let metadata of metadataTableMap.values()) { metadataBasic.metadataDetailsList.push(metadata); diff --git a/shandan-bianmu/src/main/resources/view/business/metadata/metadataEdit.html b/shandan-bianmu/src/main/resources/view/business/metadata/metadataEdit.html index 144306b..292349c 100644 --- a/shandan-bianmu/src/main/resources/view/business/metadata/metadataEdit.html +++ b/shandan-bianmu/src/main/resources/view/business/metadata/metadataEdit.html @@ -66,7 +66,7 @@
-
diff --git a/shandan-common/src/main/resources/view/common/head.html b/shandan-common/src/main/resources/view/common/head.html index 2176679..45f4b1b 100644 --- a/shandan-common/src/main/resources/view/common/head.html +++ b/shandan-common/src/main/resources/view/common/head.html @@ -11,9 +11,8 @@ //项目根路径 // ctx = /*[[@{/}]]*/''; ctx = [[${#request.getContextPath()}]];//应用路径 - user = sessionStorage.getItem('login_user'); - let newUser = /*[[${loginUser}]]*/ {}; - sessionStorage.setItem('login_user', JSON.stringify(newUser)); + user = /*[[${loginUser}]]*/ {}; + sessionStorage.setItem('login_user', JSON.stringify(user)); //获取api加密开关并存到sessionStorage let sys = sessionStorage.getItem('sysApiEncrypt'); diff --git a/shandan-system/src/main/resources/static/js/business/directory/dirCommon.js b/shandan-system/src/main/resources/static/js/business/directory/dirCommon.js index 21fbb6c..4cea208 100644 --- a/shandan-system/src/main/resources/static/js/business/directory/dirCommon.js +++ b/shandan-system/src/main/resources/static/js/business/directory/dirCommon.js @@ -175,7 +175,7 @@ function openDirectoryEditLayer(data, callback, view) { function saveDirectory(index, callback) { form.on('submit(directoryEditForm)', function ({elem, field}) { if(field.secretLevel > user.secretLevel){ - layer.alert('禁止上传超过自身涉密等级的文件,您的涉密等级为【'+ DICT.getText('secret_level', user.secretLevel) +'】') + layer.alert('禁止上传超过自身涉密等级的文件,您的涉密等级为【'+ DICT.getText('secret_level', user.secretLevel) +'】', {icon:2}) return; } // 转换数据类型 diff --git a/shandan-system/src/main/resources/static/js/sys/org/org.js b/shandan-system/src/main/resources/static/js/sys/org/org.js index 7dda7f1..69484da 100644 --- a/shandan-system/src/main/resources/static/js/sys/org/org.js +++ b/shandan-system/src/main/resources/static/js/sys/org/org.js @@ -134,7 +134,7 @@ layui.use(['layer', 'gtable', 'orgTree'], function () { let queryOps = {where: {orgParentId: param.id}, page: {page: 1}}; gtable.reload(queryOps); - let currentUserOrg = JSON.parse(user).org; + let currentUserOrg = user.org; let data = param.recordData; if(data && data.orgPath.startsWith(currentUserOrg.orgPath)){ isParent = true; diff --git a/shandan-system/src/main/resources/static/js/sys/user/edit.js b/shandan-system/src/main/resources/static/js/sys/user/edit.js index 5bec634..8a9a888 100644 --- a/shandan-system/src/main/resources/static/js/sys/user/edit.js +++ b/shandan-system/src/main/resources/static/js/sys/user/edit.js @@ -19,6 +19,14 @@ layui.use(['element', 'form', 'table', 'layer', 'laydate', 'tree', 'dict', 'dtre */ function save() { let userForm = $("#userForm").serializeObject(); + if(userForm.userId === user.userId){ + layer.alert('该操作包含数据权限等危险操作,所以您不能直接修改自己的用户数据,请联系您的上级主管', {icon:2}) + return false; + } + if(userForm.secretLevel > user.secretLevel){ + layer.alert('无法为用户设置超过自身涉密等级的权限,您的涉密等级为【'+ DICT.getText('secret_level', user.secretLevel) +'】', {icon:2}) + return; + } form.on('submit(userForm)', function(){ $.post(ctx + "/sys/sysUser/save", userForm, function (data) { if (!data.flag) {