diff --git a/dbsql/update/update202306.sql b/dbsql/update/update202306.sql
index d250016..81f8622 100644
--- a/dbsql/update/update202306.sql
+++ b/dbsql/update/update202306.sql
@@ -4,6 +4,8 @@ comment on column BIANMU.SYS_USER.SECRET_LEVEL is '涉密级别';
-- 目录表增加数据密级字段
alter table BIANMU.B_DIRECTORY add SECRET_LEVEL integer default 0 not null;
comment on column BIANMU.B_DIRECTORY.SECRET_LEVEL is '数据密级';
-
-UPDATE BIANMU.SYS_USER t SET t.SECRET_LEVEL = 4 WHERE t.USER_ID = 'admin'
-UPDATE BIANMU.SYS_USER t SET t.SECRET_LEVEL = 4 WHERE t.USER_ID = 'sa'
\ No newline at end of file
+-- 修改管理员用户的涉密级别为最高级别
+UPDATE BIANMU.SYS_USER t SET t.SECRET_LEVEL = 4 WHERE t.USER_ID = 'admin';
+UPDATE BIANMU.SYS_USER t SET t.SECRET_LEVEL = 4 WHERE t.USER_ID = 'sa';
+-- 启用密级字段项中的内部
+UPDATE BIANMU.SYS_DICT t SET t.DICT_STATE = 1 WHERE t.ID = '2';
\ No newline at end of file
diff --git a/shandan-bianmu/src/main/resources/static/js/business/metadata/edit.js b/shandan-bianmu/src/main/resources/static/js/business/metadata/edit.js
index 12df89b..64c0398 100644
--- a/shandan-bianmu/src/main/resources/static/js/business/metadata/edit.js
+++ b/shandan-bianmu/src/main/resources/static/js/business/metadata/edit.js
@@ -27,6 +27,11 @@ layui.use(['form', 'layer', 'editPage', 'laytpl', 'laydate', 'element', 'table',
formInitUrl: requestParam.id ? `${ctx}/business/metadata/get/${requestParam.id}` : '',
formSubmitInvoke: async function () { // 自定义表单提交时的方法
let metadataBasic = form.val('metadataForm');
+ console.info(user);
+ if(metadataBasic.secretLevel > user.secretLevel){
+ layer.alert('禁止上传超过自身涉密等级的数据,您的涉密等级为【'+ DICT.getText('secret_level', user.secretLevel) +'】', {icon:2})
+ return;
+ }
metadataBasic.metadataDetailsList = [];
for (let metadata of metadataTableMap.values()) {
metadataBasic.metadataDetailsList.push(metadata);
diff --git a/shandan-bianmu/src/main/resources/view/business/metadata/metadataEdit.html b/shandan-bianmu/src/main/resources/view/business/metadata/metadataEdit.html
index 144306b..292349c 100644
--- a/shandan-bianmu/src/main/resources/view/business/metadata/metadataEdit.html
+++ b/shandan-bianmu/src/main/resources/view/business/metadata/metadataEdit.html
@@ -66,7 +66,7 @@
diff --git a/shandan-common/src/main/resources/view/common/head.html b/shandan-common/src/main/resources/view/common/head.html
index 2176679..45f4b1b 100644
--- a/shandan-common/src/main/resources/view/common/head.html
+++ b/shandan-common/src/main/resources/view/common/head.html
@@ -11,9 +11,8 @@
//项目根路径
// ctx = /*[[@{/}]]*/'';
ctx = [[${#request.getContextPath()}]];//应用路径
- user = sessionStorage.getItem('login_user');
- let newUser = /*[[${loginUser}]]*/ {};
- sessionStorage.setItem('login_user', JSON.stringify(newUser));
+ user = /*[[${loginUser}]]*/ {};
+ sessionStorage.setItem('login_user', JSON.stringify(user));
//获取api加密开关并存到sessionStorage
let sys = sessionStorage.getItem('sysApiEncrypt');
diff --git a/shandan-system/src/main/resources/static/js/business/directory/dirCommon.js b/shandan-system/src/main/resources/static/js/business/directory/dirCommon.js
index 21fbb6c..4cea208 100644
--- a/shandan-system/src/main/resources/static/js/business/directory/dirCommon.js
+++ b/shandan-system/src/main/resources/static/js/business/directory/dirCommon.js
@@ -175,7 +175,7 @@ function openDirectoryEditLayer(data, callback, view) {
function saveDirectory(index, callback) {
form.on('submit(directoryEditForm)', function ({elem, field}) {
if(field.secretLevel > user.secretLevel){
- layer.alert('禁止上传超过自身涉密等级的文件,您的涉密等级为【'+ DICT.getText('secret_level', user.secretLevel) +'】')
+ layer.alert('禁止上传超过自身涉密等级的文件,您的涉密等级为【'+ DICT.getText('secret_level', user.secretLevel) +'】', {icon:2})
return;
}
// 转换数据类型
diff --git a/shandan-system/src/main/resources/static/js/sys/org/org.js b/shandan-system/src/main/resources/static/js/sys/org/org.js
index 7dda7f1..69484da 100644
--- a/shandan-system/src/main/resources/static/js/sys/org/org.js
+++ b/shandan-system/src/main/resources/static/js/sys/org/org.js
@@ -134,7 +134,7 @@ layui.use(['layer', 'gtable', 'orgTree'], function () {
let queryOps = {where: {orgParentId: param.id}, page: {page: 1}};
gtable.reload(queryOps);
- let currentUserOrg = JSON.parse(user).org;
+ let currentUserOrg = user.org;
let data = param.recordData;
if(data && data.orgPath.startsWith(currentUserOrg.orgPath)){
isParent = true;
diff --git a/shandan-system/src/main/resources/static/js/sys/user/edit.js b/shandan-system/src/main/resources/static/js/sys/user/edit.js
index 5bec634..8a9a888 100644
--- a/shandan-system/src/main/resources/static/js/sys/user/edit.js
+++ b/shandan-system/src/main/resources/static/js/sys/user/edit.js
@@ -19,6 +19,14 @@ layui.use(['element', 'form', 'table', 'layer', 'laydate', 'tree', 'dict', 'dtre
*/
function save() {
let userForm = $("#userForm").serializeObject();
+ if(userForm.userId === user.userId){
+ layer.alert('该操作包含数据权限等危险操作,所以您不能直接修改自己的用户数据,请联系您的上级主管', {icon:2})
+ return false;
+ }
+ if(userForm.secretLevel > user.secretLevel){
+ layer.alert('无法为用户设置超过自身涉密等级的权限,您的涉密等级为【'+ DICT.getText('secret_level', user.secretLevel) +'】', {icon:2})
+ return;
+ }
form.on('submit(userForm)', function(){
$.post(ctx + "/sys/sysUser/save", userForm, function (data) {
if (!data.flag) {