Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
H
hp-smart
Overview
Overview
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
platform
hp-smart
Commits
0738d0c9
Commit
0738d0c9
authored
Mar 12, 2024
by
宋祥
Browse files
Options
Browse Files
Download
Plain Diff
Merge remote-tracking branch 'origin/dev' into dev
parents
1195f9ac
0cfa2c2a
Hide whitespace changes
Inline
Side-by-side
Showing
10 changed files
with
1055 additions
and
102 deletions
+1055
-102
FilterConfig.java
src/main/java/com/baosight/hpjx/config/FilterConfig.java
+25
-0
ServiceHPSC003B.java
...java/com/baosight/hpjx/hp/sc/service/ServiceHPSC003B.java
+58
-1
ServiceHPSC005A.java
...java/com/baosight/hpjx/hp/sc/service/ServiceHPSC005A.java
+3
-0
StringUtils.java
src/main/java/com/baosight/hpjx/util/StringUtils.java
+64
-1
HTMLFilter.java
src/main/java/com/baosight/hpjx/xss/HTMLFilter.java
+535
-0
XssFilter.java
src/main/java/com/baosight/hpjx/xss/XssFilter.java
+77
-0
XssHttpServletRequestWrapper.java
...a/com/baosight/hpjx/xss/XssHttpServletRequestWrapper.java
+155
-0
HPSC003.js
src/main/webapp/HP/SC/HPSC003.js
+85
-83
HPSC003B.js
src/main/webapp/HP/SC/HPSC003B.js
+51
-16
HPSC003B.jsp
src/main/webapp/HP/SC/HPSC003B.jsp
+2
-1
No files found.
src/main/java/com/baosight/hpjx/config/FilterConfig.java
0 → 100644
View file @
0738d0c9
package
com
.
baosight
.
hpjx
.
config
;
import
com.baosight.hpjx.xss.XssFilter
;
import
org.springframework.boot.web.servlet.FilterRegistrationBean
;
import
org.springframework.context.annotation.Bean
;
import
org.springframework.context.annotation.Configuration
;
/**
* @Author wwl
* @Date 2024/3/11 14:20
*/
@Configuration
public
class
FilterConfig
{
@Bean
public
FilterRegistrationBean
<
XssFilter
>
xssFilterRegistration
()
{
FilterRegistrationBean
<
XssFilter
>
registration
=
new
FilterRegistrationBean
<>();
registration
.
setFilter
(
new
XssFilter
());
registration
.
addUrlPatterns
(
"/*"
);
registration
.
setOrder
(
1
);
return
registration
;
}
}
\ No newline at end of file
src/main/java/com/baosight/hpjx/hp/sc/service/ServiceHPSC003B.java
View file @
0738d0c9
...
@@ -2,17 +2,22 @@ package com.baosight.hpjx.hp.sc.service;
...
@@ -2,17 +2,22 @@ package com.baosight.hpjx.hp.sc.service;
import
com.baosight.hpjx.aspect.annotation.OperationLogAnnotation
;
import
com.baosight.hpjx.aspect.annotation.OperationLogAnnotation
;
import
com.baosight.hpjx.common.DdynamicEnum
;
import
com.baosight.hpjx.common.DdynamicEnum
;
import
com.baosight.hpjx.common.ProdOrderStatusEnum
;
import
com.baosight.hpjx.core.constant.CommonConstant
;
import
com.baosight.hpjx.core.constant.CommonConstant
;
import
com.baosight.hpjx.core.dao.DaoBase
;
import
com.baosight.hpjx.core.dao.DaoBase
;
import
com.baosight.hpjx.core.dao.DaoUtils
;
import
com.baosight.hpjx.hp.constant.HPConstant
;
import
com.baosight.hpjx.hp.sc.domain.*
;
import
com.baosight.hpjx.hp.sc.domain.*
;
import
com.baosight.hpjx.hp.sc.tools.HPSCTools
;
import
com.baosight.hpjx.hp.sc.tools.HPSCTools
;
import
com.baosight.hpjx.hp.xs.domain.Org
;
import
com.baosight.hpjx.hp.xs.domain.Org
;
import
com.baosight.hpjx.hp.xs.tools.HPXSTools
;
import
com.baosight.hpjx.hp.xs.tools.HPXSTools
;
import
com.baosight.hpjx.util.AssertUtils
;
import
com.baosight.hpjx.util.CommonMethod
;
import
com.baosight.hpjx.util.CommonMethod
;
import
com.baosight.hpjx.util.LogUtils
;
import
com.baosight.hpjx.util.LogUtils
;
import
com.baosight.iplat4j.core.ei.EiConstant
;
import
com.baosight.iplat4j.core.ei.EiConstant
;
import
com.baosight.iplat4j.core.ei.EiInfo
;
import
com.baosight.iplat4j.core.ei.EiInfo
;
import
com.baosight.iplat4j.core.service.impl.ServiceBase
;
import
com.baosight.iplat4j.core.service.impl.ServiceBase
;
import
com.baosight.iplat4j.ed.util.SequenceGenerator
;
import
org.apache.commons.collections.CollectionUtils
;
import
org.apache.commons.collections.CollectionUtils
;
import
java.math.BigDecimal
;
import
java.math.BigDecimal
;
...
@@ -86,7 +91,7 @@ public class ServiceHPSC003B extends ServiceBase {
...
@@ -86,7 +91,7 @@ public class ServiceHPSC003B extends ServiceBase {
Map
parmMap
=
new
HashMap
();
Map
parmMap
=
new
HashMap
();
parmMap
.
put
(
"orgType"
,
"prodGroup"
);
parmMap
.
put
(
"orgType"
,
"prodGroup"
);
parmMap
.
put
(
"parentOrgId"
,
factoryCode
);
parmMap
.
put
(
"parentOrgId"
,
factoryCode
);
CommonMethod
.
initBlock
(
inInfo
,
Arrays
.
asList
(
DdynamicEnum
.
GROUP_RECORD_BLOCK_ID
),
null
,
false
);
CommonMethod
.
initBlock
(
inInfo
,
Arrays
.
asList
(
DdynamicEnum
.
GROUP_RECORD_BLOCK_ID
),
parmMap
,
false
);
}
catch
(
Exception
e
)
{
}
catch
(
Exception
e
)
{
LogUtils
.
setDetailMsg
(
inInfo
,
e
,
"初始化失败"
);
LogUtils
.
setDetailMsg
(
inInfo
,
e
,
"初始化失败"
);
}
}
...
@@ -101,4 +106,56 @@ public class ServiceHPSC003B extends ServiceBase {
...
@@ -101,4 +106,56 @@ public class ServiceHPSC003B extends ServiceBase {
public
EiInfo
query
(
EiInfo
inInfo
)
{
public
EiInfo
query
(
EiInfo
inInfo
)
{
return
inInfo
;
return
inInfo
;
}
}
/**
* 创建任务
* @param inInfo
* @return
*/
@OperationLogAnnotation
(
operModul
=
"自动排产"
,
operType
=
"查询"
)
public
EiInfo
autoGenerateTask
(
EiInfo
inInfo
)
{
try
{
List
<
Map
>
resultRows
=
inInfo
.
getBlock
(
EiConstant
.
resultBlock
).
getRows
();
// 写入数据
for
(
int
i
=
0
;
i
<
resultRows
.
size
();
i
++)
{
HPSC005
hpsc005
=
new
HPSC005
();
hpsc005
.
fromMap
(
resultRows
.
get
(
i
));
HPSC005
dbSc005
=
HPSCTools
.
HpSc005
.
get
(
hpsc005
.
getProdOrderNo
());
// 锁主单号
HPSCTools
.
HpSc005
.
lock
(
dbSc005
.
getProdOrderNo
());
// 校验主订单是否已分派
AssertUtils
.
isTrue
(
ProdOrderStatusEnum
.
ALL_ASSIGN
.
getCode
().
equals
(
dbSc005
.
getStatus
()),
String
.
format
(
"生产订单[%s]已全部分派,不能在进行批量分派,请检查!"
,
dbSc005
.
getProdOrderNo
()));
// 更新订单主表数量
if
(
ProdOrderStatusEnum
.
NOT_ASSIGN
.
getCode
().
equals
(
dbSc005
.
getStatus
()))
{
HPSCTools
.
checkAssignedNum
(
dbSc005
.
getProdOrderNo
(),
dbSc005
.
getNum
());
}
else
{
HPSCTools
.
checkAssignedNum2
(
dbSc005
.
getProdOrderNo
(),
dbSc005
.
getUnassignedNum
());
}
// 写入子表数据
HPSC005A
newSc005a
=
new
HPSC005A
();
newSc005a
.
setProdTaskNo
(
SequenceGenerator
.
getNextSequence
(
HPConstant
.
SequenceId
.
PROD_TASK_NO
,
new
String
[]{
dbSc005
.
getProdOrderNo
()}));
newSc005a
.
setProdOrderNo
(
dbSc005
.
getProdOrderNo
());
//区分未派单与部分派单
if
(
ProdOrderStatusEnum
.
NOT_ASSIGN
.
getCode
().
equals
(
dbSc005
.
getStatus
()))
{
newSc005a
.
setNum
(
dbSc005
.
getNum
());
}
else
{
newSc005a
.
setNum
(
dbSc005
.
getUnassignedNum
());
}
newSc005a
.
setTotalWt
(
newSc005a
.
getNum
().
multiply
(
dbSc005
.
getUnitWt
()));
newSc005a
.
setOrgNo
(
hpsc005
.
getOrgNo
());
newSc005a
.
setOrgName
(
hpsc005
.
getOrgName
());
newSc005a
.
setFactoryCode
(
hpsc005
.
getFactoryCode
());
newSc005a
.
setFactoryName
(
hpsc005
.
getFactoryName
());
DaoUtils
.
insert
(
HPSC005A
.
INSERT
,
newSc005a
);
}
inInfo
.
setStatus
(
EiConstant
.
STATUS_DEFAULT
);
inInfo
.
setMsg
(
"操作成功!本次对["
+
resultRows
.
size
()
+
"]条数据进行智能分派!"
);
}
catch
(
Exception
e
)
{
LogUtils
.
setDetailMsg
(
inInfo
,
e
,
"智能分派失败"
);
}
return
inInfo
;
}
}
}
src/main/java/com/baosight/hpjx/hp/sc/service/ServiceHPSC005A.java
View file @
0738d0c9
...
@@ -226,6 +226,9 @@ public class ServiceHPSC005A extends ServiceBase {
...
@@ -226,6 +226,9 @@ public class ServiceHPSC005A extends ServiceBase {
for
(
String
orderId
:
orderIds
)
{
for
(
String
orderId
:
orderIds
)
{
// 校验主订单是否已分派
// 校验主订单是否已分派
HPSC005
dbSc005
=
HPSCTools
.
HpSc005
.
getById
(
Long
.
parseLong
(
orderId
));
HPSC005
dbSc005
=
HPSCTools
.
HpSc005
.
getById
(
Long
.
parseLong
(
orderId
));
// 锁主单号
HPSCTools
.
HpSc005
.
lock
(
dbSc005
.
getProdOrderNo
());
AssertUtils
.
isTrue
(
ProdOrderStatusEnum
.
ALL_ASSIGN
.
getCode
().
equals
(
dbSc005
.
getStatus
()),
AssertUtils
.
isTrue
(
ProdOrderStatusEnum
.
ALL_ASSIGN
.
getCode
().
equals
(
dbSc005
.
getStatus
()),
String
.
format
(
"生产订单[%s]已全部分派,不能在进行批量分派,请检查!"
,
dbSc005
.
getProdOrderNo
()));
String
.
format
(
"生产订单[%s]已全部分派,不能在进行批量分派,请检查!"
,
dbSc005
.
getProdOrderNo
()));
// 更新订单主表数量
// 更新订单主表数量
...
...
src/main/java/com/baosight/hpjx/util/StringUtils.java
View file @
0738d0c9
...
@@ -2,9 +2,12 @@ package com.baosight.hpjx.util;
...
@@ -2,9 +2,12 @@ package com.baosight.hpjx.util;
import
com.alibaba.fastjson.JSONObject
;
import
com.alibaba.fastjson.JSONObject
;
import
com.baosight.iplat4j.core.exception.PlatException
;
import
com.baosight.iplat4j.core.exception.PlatException
;
import
org.springframework.util.AntPathMatcher
;
import
java.io.UnsupportedEncodingException
;
import
java.io.UnsupportedEncodingException
;
import
java.net.URLDecoder
;
import
java.net.URLDecoder
;
import
java.util.Collection
;
import
java.util.List
;
import
java.util.Map
;
import
java.util.Map
;
import
java.util.UUID
;
import
java.util.UUID
;
...
@@ -127,5 +130,65 @@ public class StringUtils extends org.apache.commons.lang3.StringUtils {
...
@@ -127,5 +130,65 @@ public class StringUtils extends org.apache.commons.lang3.StringUtils {
paramsText
=
URLDecoder
.
decode
(
paramsText
,
"UTF-8"
);
paramsText
=
URLDecoder
.
decode
(
paramsText
,
"UTF-8"
);
return
JSONObject
.
parseObject
(
paramsText
).
getInnerMap
();
return
JSONObject
.
parseObject
(
paramsText
).
getInnerMap
();
}
}
/**
* 查找指定字符串是否匹配指定字符串列表中的任意一个字符串
*
* @param str 指定字符串
* @param strs 需要检查的字符串数组
* @return 是否匹配
*/
public
static
boolean
matches
(
String
str
,
List
<
String
>
strs
)
{
if
(
isEmpty
(
str
)
||
isEmpty
(
strs
))
{
return
false
;
}
for
(
String
pattern
:
strs
)
{
if
(
isMatch
(
pattern
,
str
))
{
return
true
;
}
}
return
false
;
}
/**
* 判断url是否与规则配置:
* ? 表示单个字符;
* * 表示一层路径内的任意字符串,不可跨层级;
* ** 表示任意层路径;
*
* @param pattern 匹配规则
* @param url 需要匹配的url
* @return
*/
public
static
boolean
isMatch
(
String
pattern
,
String
url
)
{
AntPathMatcher
matcher
=
new
AntPathMatcher
();
return
matcher
.
match
(
pattern
,
url
);
}
/**
* * 判断一个Collection是否为空, 包含List,Set,Queue
*
* @param coll 要判断的Collection
* @return true:为空 false:非空
*/
public
static
boolean
isEmpty
(
Collection
<?>
coll
)
{
return
isNull
(
coll
)
||
coll
.
isEmpty
();
}
/**
* * 判断一个对象是否为空
*
* @param object Object
* @return true:为空 false:非空
*/
public
static
boolean
isNull
(
Object
object
)
{
return
object
==
null
;
}
}
}
src/main/java/com/baosight/hpjx/xss/HTMLFilter.java
0 → 100644
View file @
0738d0c9
package
com
.
baosight
.
hpjx
.
xss
;
import
java.util.ArrayList
;
import
java.util.Collections
;
import
java.util.HashMap
;
import
java.util.List
;
import
java.util.Map
;
import
java.util.concurrent.ConcurrentHashMap
;
import
java.util.concurrent.ConcurrentMap
;
import
java.util.logging.Logger
;
import
java.util.regex.Matcher
;
import
java.util.regex.Pattern
;
/**
*
* HTML filtering utility for protecting against XSS (Cross Site Scripting).
*
* This code is licensed LGPLv3
*
* This code is a Java port of the original work in PHP by Cal Hendersen.
* http://code.iamcal.com/php/lib_filter/
*
* The trickiest part of the translation was handling the differences in regex handling
* between PHP and Java. These resources were helpful in the process:
*
* http://java.sun.com/j2se/1.4.2/docs/api/java/util/regex/Pattern.html
* http://us2.php.net/manual/en/reference.pcre.pattern.modifiers.php
* http://www.regular-expressions.info/modifiers.html
*
* A note on naming conventions: instance variables are prefixed with a "v"; global
* constants are in all caps.
*
* Sample use:
* String input = ...
* String clean = new HTMLFilter().filter( input );
*
* The class is not thread safe. Create a new instance if in doubt.
*
* If you find bugs or have suggestions on improvement (especially regarding
* performance), please contact us. The latest version of this
* source, and our contact details, can be found at http://xss-html-filter.sf.net
*
* @author Joseph O'Connell
* @author Cal Hendersen
* @author Michael Semb Wever
*/
public
class
HTMLFilter
{
/** regex flag union representing /si modifiers in php **/
private
static
final
int
REGEX_FLAGS_SI
=
Pattern
.
CASE_INSENSITIVE
|
Pattern
.
DOTALL
;
private
static
final
Pattern
P_COMMENTS
=
Pattern
.
compile
(
"<!--(.*?)-->"
,
Pattern
.
DOTALL
);
private
static
final
Pattern
P_COMMENT
=
Pattern
.
compile
(
"^!--(.*)--$"
,
REGEX_FLAGS_SI
);
private
static
final
Pattern
P_TAGS
=
Pattern
.
compile
(
"<(.*?)>"
,
Pattern
.
DOTALL
);
private
static
final
Pattern
P_END_TAG
=
Pattern
.
compile
(
"^/([a-z0-9]+)"
,
REGEX_FLAGS_SI
);
private
static
final
Pattern
P_START_TAG
=
Pattern
.
compile
(
"^([a-z0-9]+)(.*?)(/?)$"
,
REGEX_FLAGS_SI
);
private
static
final
Pattern
P_QUOTED_ATTRIBUTES
=
Pattern
.
compile
(
"([a-z0-9]+)=([\"'])(.*?)\\2"
,
REGEX_FLAGS_SI
);
private
static
final
Pattern
P_UNQUOTED_ATTRIBUTES
=
Pattern
.
compile
(
"([a-z0-9]+)(=)([^\"\\s']+)"
,
REGEX_FLAGS_SI
);
private
static
final
Pattern
P_PROTOCOL
=
Pattern
.
compile
(
"^([^:]+):"
,
REGEX_FLAGS_SI
);
private
static
final
Pattern
P_ENTITY
=
Pattern
.
compile
(
"&#(\\d+);?"
);
private
static
final
Pattern
P_ENTITY_UNICODE
=
Pattern
.
compile
(
"&#x([0-9a-f]+);?"
);
private
static
final
Pattern
P_ENCODE
=
Pattern
.
compile
(
"%([0-9a-f]{2});?"
);
private
static
final
Pattern
P_VALID_ENTITIES
=
Pattern
.
compile
(
"&([^&;]*)(?=(;|&|$))"
);
private
static
final
Pattern
P_VALID_QUOTES
=
Pattern
.
compile
(
"(>|^)([^<]+?)(<|$)"
,
Pattern
.
DOTALL
);
private
static
final
Pattern
P_END_ARROW
=
Pattern
.
compile
(
"^>"
);
private
static
final
Pattern
P_BODY_TO_END
=
Pattern
.
compile
(
"<([^>]*?)(?=<|$)"
);
private
static
final
Pattern
P_XML_CONTENT
=
Pattern
.
compile
(
"(^|>)([^<]*?)(?=>)"
);
private
static
final
Pattern
P_STRAY_LEFT_ARROW
=
Pattern
.
compile
(
"<([^>]*?)(?=<|$)"
);
private
static
final
Pattern
P_STRAY_RIGHT_ARROW
=
Pattern
.
compile
(
"(^|>)([^<]*?)(?=>)"
);
private
static
final
Pattern
P_AMP
=
Pattern
.
compile
(
"&"
);
private
static
final
Pattern
P_QUOTE
=
Pattern
.
compile
(
"\""
);
private
static
final
Pattern
P_LEFT_ARROW
=
Pattern
.
compile
(
"<"
);
private
static
final
Pattern
P_RIGHT_ARROW
=
Pattern
.
compile
(
">"
);
private
static
final
Pattern
P_BOTH_ARROWS
=
Pattern
.
compile
(
"<>"
);
private
static
final
Pattern
P_DOUBLE_QUOT
=
Pattern
.
compile
(
"""
);
// @xxx could grow large... maybe use sesat's ReferenceMap
private
static
final
ConcurrentMap
<
String
,
Pattern
>
P_REMOVE_PAIR_BLANKS
=
new
ConcurrentHashMap
<
String
,
Pattern
>();
private
static
final
ConcurrentMap
<
String
,
Pattern
>
P_REMOVE_SELF_BLANKS
=
new
ConcurrentHashMap
<
String
,
Pattern
>();
/** set of allowed html elements, along with allowed attributes for each element **/
private
final
Map
<
String
,
List
<
String
>>
vAllowed
;
/** counts of open tags for each (allowable) html element **/
private
final
Map
<
String
,
Integer
>
vTagCounts
=
new
HashMap
<
String
,
Integer
>();
/** html elements which must always be self-closing (e.g. "<img />") **/
private
final
String
[]
vSelfClosingTags
;
/** html elements which must always have separate opening and closing tags (e.g. "<b></b>") **/
private
final
String
[]
vNeedClosingTags
;
/** set of disallowed html elements **/
private
final
String
[]
vDisallowed
;
/** attributes which should be checked for valid protocols **/
private
final
String
[]
vProtocolAtts
;
/** allowed protocols **/
private
final
String
[]
vAllowedProtocols
;
/** tags which should be removed if they contain no content (e.g. "<b></b>" or "<b />") **/
private
final
String
[]
vRemoveBlanks
;
/** entities allowed within html markup **/
private
final
String
[]
vAllowedEntities
;
/** flag determining whether comments are allowed in input String. */
private
final
boolean
stripComment
;
private
final
boolean
encodeQuotes
;
private
boolean
vDebug
=
false
;
/**
* flag determining whether to try to make tags when presented with "unbalanced"
* angle brackets (e.g. "<b text </b>" becomes "<b> text </b>"). If set to false,
* unbalanced angle brackets will be html escaped.
*/
private
final
boolean
alwaysMakeTags
;
/** Default constructor.
*
*/
public
HTMLFilter
()
{
vAllowed
=
new
HashMap
<>();
final
ArrayList
<
String
>
a_atts
=
new
ArrayList
<
String
>();
a_atts
.
add
(
"href"
);
a_atts
.
add
(
"target"
);
vAllowed
.
put
(
"a"
,
a_atts
);
final
ArrayList
<
String
>
img_atts
=
new
ArrayList
<
String
>();
img_atts
.
add
(
"src"
);
img_atts
.
add
(
"width"
);
img_atts
.
add
(
"height"
);
img_atts
.
add
(
"alt"
);
vAllowed
.
put
(
"img"
,
img_atts
);
final
ArrayList
<
String
>
no_atts
=
new
ArrayList
<
String
>();
vAllowed
.
put
(
"b"
,
no_atts
);
vAllowed
.
put
(
"strong"
,
no_atts
);
vAllowed
.
put
(
"i"
,
no_atts
);
vAllowed
.
put
(
"em"
,
no_atts
);
vSelfClosingTags
=
new
String
[]{
"img"
};
vNeedClosingTags
=
new
String
[]{
"a"
,
"b"
,
"strong"
,
"i"
,
"em"
};
vDisallowed
=
new
String
[]{};
vAllowedProtocols
=
new
String
[]{
"http"
,
"mailto"
,
"https"
};
// no ftp.
vProtocolAtts
=
new
String
[]{
"src"
,
"href"
};
vRemoveBlanks
=
new
String
[]{
"a"
,
"b"
,
"strong"
,
"i"
,
"em"
};
vAllowedEntities
=
new
String
[]{
"amp"
,
"gt"
,
"lt"
,
"quot"
};
stripComment
=
true
;
encodeQuotes
=
true
;
alwaysMakeTags
=
true
;
}
/** Set debug flag to true. Otherwise use default settings. See the default constructor.
*
* @param debug turn debug on with a true argument
*/
public
HTMLFilter
(
final
boolean
debug
)
{
this
();
vDebug
=
debug
;
}
/** Map-parameter configurable constructor.
*
* @param conf map containing configuration. keys match field names.
*/
public
HTMLFilter
(
final
Map
<
String
,
Object
>
conf
)
{
assert
conf
.
containsKey
(
"vAllowed"
)
:
"configuration requires vAllowed"
;
assert
conf
.
containsKey
(
"vSelfClosingTags"
)
:
"configuration requires vSelfClosingTags"
;
assert
conf
.
containsKey
(
"vNeedClosingTags"
)
:
"configuration requires vNeedClosingTags"
;
assert
conf
.
containsKey
(
"vDisallowed"
)
:
"configuration requires vDisallowed"
;
assert
conf
.
containsKey
(
"vAllowedProtocols"
)
:
"configuration requires vAllowedProtocols"
;
assert
conf
.
containsKey
(
"vProtocolAtts"
)
:
"configuration requires vProtocolAtts"
;
assert
conf
.
containsKey
(
"vRemoveBlanks"
)
:
"configuration requires vRemoveBlanks"
;
assert
conf
.
containsKey
(
"vAllowedEntities"
)
:
"configuration requires vAllowedEntities"
;
vAllowed
=
Collections
.
unmodifiableMap
((
HashMap
<
String
,
List
<
String
>>)
conf
.
get
(
"vAllowed"
));
vSelfClosingTags
=
(
String
[])
conf
.
get
(
"vSelfClosingTags"
);
vNeedClosingTags
=
(
String
[])
conf
.
get
(
"vNeedClosingTags"
);
vDisallowed
=
(
String
[])
conf
.
get
(
"vDisallowed"
);
vAllowedProtocols
=
(
String
[])
conf
.
get
(
"vAllowedProtocols"
);
vProtocolAtts
=
(
String
[])
conf
.
get
(
"vProtocolAtts"
);
vRemoveBlanks
=
(
String
[])
conf
.
get
(
"vRemoveBlanks"
);
vAllowedEntities
=
(
String
[])
conf
.
get
(
"vAllowedEntities"
);
stripComment
=
conf
.
containsKey
(
"stripComment"
)
?
(
Boolean
)
conf
.
get
(
"stripComment"
)
:
true
;
encodeQuotes
=
conf
.
containsKey
(
"encodeQuotes"
)
?
(
Boolean
)
conf
.
get
(
"encodeQuotes"
)
:
true
;
alwaysMakeTags
=
conf
.
containsKey
(
"alwaysMakeTags"
)
?
(
Boolean
)
conf
.
get
(
"alwaysMakeTags"
)
:
true
;
}
private
void
reset
()
{
vTagCounts
.
clear
();
}
private
void
debug
(
final
String
msg
)
{
if
(
vDebug
)
{
Logger
.
getAnonymousLogger
().
info
(
msg
);
}
}
//---------------------------------------------------------------
// my versions of some PHP library functions
public
static
String
chr
(
final
int
decimal
)
{
return
String
.
valueOf
((
char
)
decimal
);
}
public
static
String
htmlSpecialChars
(
final
String
s
)
{
String
result
=
s
;
result
=
regexReplace
(
P_AMP
,
"&"
,
result
);
result
=
regexReplace
(
P_QUOTE
,
"""
,
result
);
result
=
regexReplace
(
P_LEFT_ARROW
,
"<"
,
result
);
result
=
regexReplace
(
P_RIGHT_ARROW
,
">"
,
result
);
return
result
;
}
//---------------------------------------------------------------
/**
* given a user submitted input String, filter out any invalid or restricted
* html.
*
* @param input text (i.e. submitted by a user) than may contain html
* @return "clean" version of input, with only valid, whitelisted html elements allowed
*/
public
String
filter
(
final
String
input
)
{
reset
();
String
s
=
input
;
debug
(
"************************************************"
);
debug
(
" INPUT: "
+
input
);
s
=
escapeComments
(
s
);
debug
(
" escapeComments: "
+
s
);
// s = balanceHTML(s);
// debug(" balanceHTML: " + s);
//
// s = checkTags(s);
// debug(" checkTags: " + s);
//
// s = processRemoveBlanks(s);
// debug("processRemoveBlanks: " + s);
//
// s = validateEntities(s);
// debug(" validateEntites: " + s);
debug
(
"************************************************\n\n"
);
return
s
;
}
public
boolean
isAlwaysMakeTags
(){
return
alwaysMakeTags
;
}
public
boolean
isStripComments
(){
return
stripComment
;
}
private
String
escapeComments
(
final
String
s
)
{
final
Matcher
m
=
P_COMMENTS
.
matcher
(
s
);
final
StringBuffer
buf
=
new
StringBuffer
();
if
(
m
.
find
())
{
final
String
match
=
m
.
group
(
1
);
//(.*?)
m
.
appendReplacement
(
buf
,
Matcher
.
quoteReplacement
(
"<!--"
+
htmlSpecialChars
(
match
)
+
"-->"
));
}
m
.
appendTail
(
buf
);
return
buf
.
toString
();
}
private
String
balanceHTML
(
String
s
)
{
if
(
alwaysMakeTags
)
{
//
// try and form html
//
s
=
regexReplace
(
P_END_ARROW
,
""
,
s
);
s
=
regexReplace
(
P_BODY_TO_END
,
"<$1>"
,
s
);
s
=
regexReplace
(
P_XML_CONTENT
,
"$1<$2"
,
s
);
}
else
{
//
// escape stray brackets
//
s
=
regexReplace
(
P_STRAY_LEFT_ARROW
,
"<$1"
,
s
);
s
=
regexReplace
(
P_STRAY_RIGHT_ARROW
,
"$1$2><"
,
s
);
//
// the last regexp causes '<>' entities to appear
// (we need to do a lookahead assertion so that the last bracket can
// be used in the next pass of the regexp)
//
s
=
regexReplace
(
P_BOTH_ARROWS
,
""
,
s
);
}
return
s
;
}
private
String
checkTags
(
String
s
)
{
Matcher
m
=
P_TAGS
.
matcher
(
s
);
final
StringBuffer
buf
=
new
StringBuffer
();
while
(
m
.
find
())
{
String
replaceStr
=
m
.
group
(
1
);
replaceStr
=
processTag
(
replaceStr
);
m
.
appendReplacement
(
buf
,
Matcher
.
quoteReplacement
(
replaceStr
));
}
m
.
appendTail
(
buf
);
s
=
buf
.
toString
();
// these get tallied in processTag
// (remember to reset before subsequent calls to filter method)
for
(
String
key
:
vTagCounts
.
keySet
())
{
for
(
int
ii
=
0
;
ii
<
vTagCounts
.
get
(
key
);
ii
++)
{
s
+=
"</"
+
key
+
">"
;
}
}
return
s
;
}
private
String
processRemoveBlanks
(
final
String
s
)
{
String
result
=
s
;
for
(
String
tag
:
vRemoveBlanks
)
{
if
(!
P_REMOVE_PAIR_BLANKS
.
containsKey
(
tag
)){
P_REMOVE_PAIR_BLANKS
.
putIfAbsent
(
tag
,
Pattern
.
compile
(
"<"
+
tag
+
"(\\s[^>]*)?></"
+
tag
+
">"
));
}
result
=
regexReplace
(
P_REMOVE_PAIR_BLANKS
.
get
(
tag
),
""
,
result
);
if
(!
P_REMOVE_SELF_BLANKS
.
containsKey
(
tag
)){
P_REMOVE_SELF_BLANKS
.
putIfAbsent
(
tag
,
Pattern
.
compile
(
"<"
+
tag
+
"(\\s[^>]*)?/>"
));
}
result
=
regexReplace
(
P_REMOVE_SELF_BLANKS
.
get
(
tag
),
""
,
result
);
}
return
result
;
}
private
static
String
regexReplace
(
final
Pattern
regex_pattern
,
final
String
replacement
,
final
String
s
)
{
Matcher
m
=
regex_pattern
.
matcher
(
s
);
return
m
.
replaceAll
(
replacement
);
}
private
String
processTag
(
final
String
s
)
{
// ending tags
Matcher
m
=
P_END_TAG
.
matcher
(
s
);
if
(
m
.
find
())
{
final
String
name
=
m
.
group
(
1
).
toLowerCase
();
if
(
allowed
(
name
))
{
if
(!
inArray
(
name
,
vSelfClosingTags
))
{
if
(
vTagCounts
.
containsKey
(
name
))
{
vTagCounts
.
put
(
name
,
vTagCounts
.
get
(
name
)
-
1
);
return
"</"
+
name
+
">"
;
}
}
}
}
// starting tags
m
=
P_START_TAG
.
matcher
(
s
);
if
(
m
.
find
())
{
final
String
name
=
m
.
group
(
1
).
toLowerCase
();
final
String
body
=
m
.
group
(
2
);
String
ending
=
m
.
group
(
3
);
//debug( "in a starting tag, name='" + name + "'; body='" + body + "'; ending='" + ending + "'" );
if
(
allowed
(
name
))
{
String
params
=
""
;
final
Matcher
m2
=
P_QUOTED_ATTRIBUTES
.
matcher
(
body
);
final
Matcher
m3
=
P_UNQUOTED_ATTRIBUTES
.
matcher
(
body
);
final
List
<
String
>
paramNames
=
new
ArrayList
<
String
>();
final
List
<
String
>
paramValues
=
new
ArrayList
<
String
>();
while
(
m2
.
find
())
{
paramNames
.
add
(
m2
.
group
(
1
));
//([a-z0-9]+)
paramValues
.
add
(
m2
.
group
(
3
));
//(.*?)
}
while
(
m3
.
find
())
{
paramNames
.
add
(
m3
.
group
(
1
));
//([a-z0-9]+)
paramValues
.
add
(
m3
.
group
(
3
));
//([^\"\\s']+)
}
String
paramName
,
paramValue
;
for
(
int
ii
=
0
;
ii
<
paramNames
.
size
();
ii
++)
{
paramName
=
paramNames
.
get
(
ii
).
toLowerCase
();
paramValue
=
paramValues
.
get
(
ii
);
// debug( "paramName='" + paramName + "'" );
// debug( "paramValue='" + paramValue + "'" );
// debug( "allowed? " + vAllowed.get( name ).contains( paramName ) );
if
(
allowedAttribute
(
name
,
paramName
))
{
if
(
inArray
(
paramName
,
vProtocolAtts
))
{
paramValue
=
processParamProtocol
(
paramValue
);
}
params
+=
" "
+
paramName
+
"=\""
+
paramValue
+
"\""
;
}
}
if
(
inArray
(
name
,
vSelfClosingTags
))
{
ending
=
" /"
;
}
if
(
inArray
(
name
,
vNeedClosingTags
))
{
ending
=
""
;
}
if
(
ending
==
null
||
ending
.
length
()
<
1
)
{
if
(
vTagCounts
.
containsKey
(
name
))
{
vTagCounts
.
put
(
name
,
vTagCounts
.
get
(
name
)
+
1
);
}
else
{
vTagCounts
.
put
(
name
,
1
);
}
}
else
{
ending
=
" /"
;
}
return
"<"
+
name
+
params
+
ending
+
">"
;
}
else
{
return
""
;
}
}
// comments
m
=
P_COMMENT
.
matcher
(
s
);
if
(!
stripComment
&&
m
.
find
())
{
return
"<"
+
m
.
group
()
+
">"
;
}
return
""
;
}
private
String
processParamProtocol
(
String
s
)
{
s
=
decodeEntities
(
s
);
final
Matcher
m
=
P_PROTOCOL
.
matcher
(
s
);
if
(
m
.
find
())
{
final
String
protocol
=
m
.
group
(
1
);
if
(!
inArray
(
protocol
,
vAllowedProtocols
))
{
// bad protocol, turn into local anchor link instead
s
=
"#"
+
s
.
substring
(
protocol
.
length
()
+
1
,
s
.
length
());
if
(
s
.
startsWith
(
"#//"
))
{
s
=
"#"
+
s
.
substring
(
3
,
s
.
length
());
}
}
}
return
s
;
}
private
String
decodeEntities
(
String
s
)
{
StringBuffer
buf
=
new
StringBuffer
();
Matcher
m
=
P_ENTITY
.
matcher
(
s
);
while
(
m
.
find
())
{
final
String
match
=
m
.
group
(
1
);
final
int
decimal
=
Integer
.
decode
(
match
).
intValue
();
m
.
appendReplacement
(
buf
,
Matcher
.
quoteReplacement
(
chr
(
decimal
)));
}
m
.
appendTail
(
buf
);
s
=
buf
.
toString
();
buf
=
new
StringBuffer
();
m
=
P_ENTITY_UNICODE
.
matcher
(
s
);
while
(
m
.
find
())
{
final
String
match
=
m
.
group
(
1
);
final
int
decimal
=
Integer
.
valueOf
(
match
,
16
).
intValue
();
m
.
appendReplacement
(
buf
,
Matcher
.
quoteReplacement
(
chr
(
decimal
)));
}
m
.
appendTail
(
buf
);
s
=
buf
.
toString
();
buf
=
new
StringBuffer
();
m
=
P_ENCODE
.
matcher
(
s
);
while
(
m
.
find
())
{
final
String
match
=
m
.
group
(
1
);
final
int
decimal
=
Integer
.
valueOf
(
match
,
16
).
intValue
();
m
.
appendReplacement
(
buf
,
Matcher
.
quoteReplacement
(
chr
(
decimal
)));
}
m
.
appendTail
(
buf
);
s
=
buf
.
toString
();
s
=
validateEntities
(
s
);
return
s
;
}
private
String
validateEntities
(
final
String
s
)
{
StringBuffer
buf
=
new
StringBuffer
();
// validate entities throughout the string
Matcher
m
=
P_VALID_ENTITIES
.
matcher
(
s
);
while
(
m
.
find
())
{
final
String
one
=
m
.
group
(
1
);
//([^&;]*)
final
String
two
=
m
.
group
(
2
);
//(?=(;|&|$))
m
.
appendReplacement
(
buf
,
Matcher
.
quoteReplacement
(
checkEntity
(
one
,
two
)));
}
m
.
appendTail
(
buf
);
return
encodeQuotes
(
buf
.
toString
());
}
private
String
encodeQuotes
(
final
String
s
){
if
(
encodeQuotes
){
StringBuffer
buf
=
new
StringBuffer
();
Matcher
m
=
P_VALID_QUOTES
.
matcher
(
s
);
while
(
m
.
find
())
{
final
String
one
=
m
.
group
(
1
);
//(>|^)
final
String
two
=
m
.
group
(
2
);
//([^<]+?)
final
String
three
=
m
.
group
(
3
);
//(<|$)
m
.
appendReplacement
(
buf
,
Matcher
.
quoteReplacement
(
one
+
regexReplace
(
P_QUOTE
,
"""
,
two
)
+
three
));
}
m
.
appendTail
(
buf
);
return
buf
.
toString
();
}
else
{
return
s
;
}
}
private
String
checkEntity
(
final
String
preamble
,
final
String
term
)
{
return
";"
.
equals
(
term
)
&&
isValidEntity
(
preamble
)
?
'&'
+
preamble
:
"&"
+
preamble
;
}
private
boolean
isValidEntity
(
final
String
entity
)
{
return
inArray
(
entity
,
vAllowedEntities
);
}
private
static
boolean
inArray
(
final
String
s
,
final
String
[]
array
)
{
for
(
String
item
:
array
)
{
if
(
item
!=
null
&&
item
.
equals
(
s
))
{
return
true
;
}
}
return
false
;
}
private
boolean
allowed
(
final
String
name
)
{
return
(
vAllowed
.
isEmpty
()
||
vAllowed
.
containsKey
(
name
))
&&
!
inArray
(
name
,
vDisallowed
);
}
private
boolean
allowedAttribute
(
final
String
name
,
final
String
paramName
)
{
return
allowed
(
name
)
&&
(
vAllowed
.
isEmpty
()
||
vAllowed
.
get
(
name
).
contains
(
paramName
));
}
}
src/main/java/com/baosight/hpjx/xss/XssFilter.java
0 → 100644
View file @
0738d0c9
package
com
.
baosight
.
hpjx
.
xss
;
import
com.baosight.hpjx.util.StringUtils
;
import
java.io.IOException
;
import
java.util.ArrayList
;
import
java.util.List
;
import
javax.servlet.Filter
;
import
javax.servlet.FilterChain
;
import
javax.servlet.FilterConfig
;
import
javax.servlet.ServletException
;
import
javax.servlet.ServletRequest
;
import
javax.servlet.ServletResponse
;
import
javax.servlet.http.HttpServletRequest
;
/**
* xss过滤
*/
public
class
XssFilter
implements
Filter
{
//不拦截的地址
private
List
<
String
>
excludedList
=
new
ArrayList
<
String
>();
@Override
public
void
init
(
FilterConfig
config
)
throws
ServletException
{
/*
* 这里只处理了需要拦截的url地址,如果想不拦截某个字段,比如富文本字段,
* 需要自己在XssHttpServletRequestWrapper类中去添加逻辑
*/
excludedList
.
add
(
"/service/HP*/*"
);
}
@Override
public
void
doFilter
(
ServletRequest
request
,
ServletResponse
response
,
FilterChain
chain
)
throws
IOException
,
ServletException
{
XssHttpServletRequestWrapper
xssRequest
=
new
XssHttpServletRequestWrapper
(
(
HttpServletRequest
)
request
);
String
url
=
xssRequest
.
getServletPath
();
if
(
isExcluded
(
url
)){
chain
.
doFilter
(
request
,
response
);
}
else
{
//使用XSS过滤
chain
.
doFilter
(
xssRequest
,
response
);
}
}
@Override
public
void
destroy
()
{
}
/**
* 是否不拦截
* @param url 请求地址
* @return true不拦截,false拦截
*/
private
boolean
isExcluded
(
String
url
){
// if(StringUtils.isBlank(url)){
// return false;
// }
if
(!
StringUtils
.
matches
(
url
,
excludedList
)){
return
true
;
}
// for (String excluded : excludedList) {
// if(!url.contains(excluded)){
// return true;
// }
// }
return
false
;
}
}
src/main/java/com/baosight/hpjx/xss/XssHttpServletRequestWrapper.java
0 → 100644
View file @
0738d0c9
package
com
.
baosight
.
hpjx
.
xss
;
import
org.apache.commons.lang3.StringEscapeUtils
;
import
org.apache.commons.lang3.StringUtils
;
import
javax.servlet.http.HttpServletRequest
;
import
javax.servlet.http.HttpServletRequestWrapper
;
import
java.util.LinkedHashMap
;
import
java.util.Map
;
import
java.io.ByteArrayInputStream
;
import
java.io.IOException
;
import
javax.servlet.ReadListener
;
import
javax.servlet.ServletInputStream
;
import
org.apache.commons.io.IOUtils
;
import
org.springframework.http.HttpHeaders
;
import
org.springframework.http.MediaType
;
public
class
XssHttpServletRequestWrapper
extends
HttpServletRequestWrapper
{
// 没被包装过的HttpServletRequest(特殊场景,需求自己过滤)
HttpServletRequest
orgRequest
;
// html过滤
private
final
static
HTMLFilter
htmlFilter
=
new
HTMLFilter
();
public
XssHttpServletRequestWrapper
(
HttpServletRequest
request
)
{
super
(
request
);
orgRequest
=
request
;
}
/**
* 过滤json参数
*/
@Override
public
ServletInputStream
getInputStream
()
throws
IOException
{
String
contentType
=
super
.
getHeader
(
HttpHeaders
.
CONTENT_TYPE
);
//非json类型,直接返回
if
(!(
MediaType
.
APPLICATION_JSON_VALUE
.
equalsIgnoreCase
(
contentType
)
||
MediaType
.
APPLICATION_JSON_UTF8_VALUE
.
equalsIgnoreCase
(
contentType
))){
return
super
.
getInputStream
();
}
//为空,直接返回
String
json
=
IOUtils
.
toString
(
super
.
getInputStream
(),
"utf-8"
);
if
(
StringUtils
.
isBlank
(
json
))
{
return
super
.
getInputStream
();
}
//xss过滤
json
=
xssEncode
(
json
);
json
=
StringEscapeUtils
.
unescapeHtml4
(
json
);
final
ByteArrayInputStream
bis
=
new
ByteArrayInputStream
(
json
.
getBytes
(
"utf-8"
));
return
new
ServletInputStream
()
{
@Override
public
boolean
isFinished
()
{
return
true
;
}
@Override
public
boolean
isReady
()
{
return
true
;
}
@Override
public
void
setReadListener
(
ReadListener
readListener
)
{
}
@Override
public
int
read
()
throws
IOException
{
return
bis
.
read
();
}
};
}
@Override
public
String
getParameter
(
String
name
)
{
String
value
=
super
.
getParameter
(
xssEncode
(
name
));
if
(
StringUtils
.
isNotBlank
(
value
))
{
value
=
xssEncode
(
value
);
}
return
StringEscapeUtils
.
unescapeHtml4
(
value
);
}
@Override
public
String
[]
getParameterValues
(
String
name
)
{
String
[]
parameters
=
super
.
getParameterValues
(
name
);
if
(
parameters
==
null
||
parameters
.
length
==
0
)
{
return
null
;
}
for
(
int
i
=
0
;
i
<
parameters
.
length
;
i
++)
{
parameters
[
i
]
=
xssEncode
(
parameters
[
i
]);
parameters
[
i
]
=
StringEscapeUtils
.
unescapeHtml4
(
parameters
[
i
]);
}
return
parameters
;
}
@Override
public
Map
<
String
,
String
[]>
getParameterMap
()
{
Map
<
String
,
String
[]>
map
=
new
LinkedHashMap
<>();
Map
<
String
,
String
[]>
parameters
=
super
.
getParameterMap
();
for
(
String
key
:
parameters
.
keySet
())
{
String
[]
values
=
parameters
.
get
(
key
);
for
(
int
i
=
0
;
i
<
values
.
length
;
i
++)
{
values
[
i
]
=
xssEncode
(
values
[
i
]);
values
[
i
]
=
StringEscapeUtils
.
unescapeHtml4
(
values
[
i
]);
}
map
.
put
(
key
,
values
);
}
return
map
;
}
@Override
public
String
getHeader
(
String
name
)
{
String
value
=
super
.
getHeader
(
xssEncode
(
name
));
if
(
StringUtils
.
isNotBlank
(
value
))
{
value
=
xssEncode
(
value
);
}
return
StringEscapeUtils
.
unescapeHtml4
(
value
);
}
private
String
xssEncode
(
String
input
)
{
return
htmlFilter
.
filter
(
input
);
}
/**
* 获取最原始的request
*/
public
HttpServletRequest
getOrgRequest
()
{
return
orgRequest
;
}
/**
* 获取最原始的request
*/
public
static
HttpServletRequest
getOrgRequest
(
HttpServletRequest
request
)
{
if
(
request
instanceof
XssHttpServletRequestWrapper
)
{
return
((
XssHttpServletRequestWrapper
)
request
).
getOrgRequest
();
}
return
request
;
}
}
src/main/webapp/HP/SC/HPSC003.js
View file @
0738d0c9
...
@@ -135,87 +135,87 @@ function showUploadFile(id) {
...
@@ -135,87 +135,87 @@ function showUploadFile(id) {
});
});
}
}
function
check
(
id
,
auditStatus
,
planInfoNo
)
{
function
check
(
id
,
auditStatus
,
planInfoNo
)
{
const
inEiInfo
=
new
EiInfo
();
// const inEiInfo = new EiInfo();
inEiInfo
.
set
(
"id"
,
id
);
// inEiInfo.set("id", id);
inEiInfo
.
set
(
"planInfoNo"
,
planInfoNo
);
// inEiInfo.set("planInfoNo",planInfoNo);
//先判断本身是否填写
// //先判断本身是否填写
EiCommunicator
.
send
(
'HPSC003'
,
'getInfo'
,
inEiInfo
,
{
// EiCommunicator.send('HPSC003', 'getInfo', inEiInfo, {
onSuccess
(
ei
)
{
// onSuccess(ei) {
var
model
=
ei
.
get
(
"model"
);
// var model=ei.get("model");
if
(
!
(
model
.
planCompletionDate
).
trim
())
{
// if(!(model.planCompletionDate).trim()) {
NotificationUtil
(
"提交失败!原因:基本信息中计划完成日期未填写"
,
"error"
);
// NotificationUtil("提交失败!原因:基本信息中计划完成日期未填写", "error");
return
;
// return;
}
else
{
// } else {
//提交
// //提交
//提交前先判断明细信息中的计划开始和计划结束时间是否都已经填写,只有填写了之后才能进行提交
// //提交前先判断明细信息中的计划开始和计划结束时间是否都已经填写,只有填写了之后才能进行提交
if
(
auditStatus
==
1
)
{
// if (auditStatus == 1) {
EiCommunicator
.
send
(
'HPSC004'
,
'inspectDetail'
,
inEiInfo
,
{
// EiCommunicator.send('HPSC004', 'inspectDetail', inEiInfo, {
onSuccess
(
ei
)
{
// onSuccess(ei) {
var
list
=
ei
.
get
(
"list"
);
// var list=ei.get("list");
if
(
list
)
{
// if(list) {
var
count
=
list
[
0
];
// var count = list[0];
if
(
count
>
0
)
{
// if (count > 0) {
NotificationUtil
(
"提交失败!原因:明细信息中有未填写的计划开始时间或计划结束时间"
,
"error"
);
// NotificationUtil("提交失败!原因:明细信息中有未填写的计划开始时间或计划结束时间", "error");
}
else
{
// } else {
EiCommunicator
.
send
(
'HPSC004'
,
'queryDetail'
,
inEiInfo
,{
// EiCommunicator.send('HPSC004','queryDetail',inEiInfo,{
onSuccess
(
ei
){
// onSuccess(ei){
var
rows
=
ei
.
blocks
.
detail
.
rows
;
// var rows = ei.blocks.detail.rows;
var
res
=
check_time
(
model
,
rows
);
// var res = check_time(model,rows);
if
(
!
res
){
// if (!res){
NotificationUtil
(
"计划结束时间应该大于计划开始时间!"
,
"error"
);
// NotificationUtil("计划结束时间应该大于计划开始时间!", "error");
}
// }
else
{
// else {
// 提交通过,生成
// // 提交通过,生成
EiCommunicator
.
send
(
'HPSC003'
,
'submitPlan'
,
inEiInfo
,
{
// EiCommunicator.send('HPSC003', 'submitPlan', inEiInfo, {
onSuccess
(
response
)
{
// onSuccess(response) {
NotificationUtil
(
response
.
msg
);
// NotificationUtil(response.msg);
console
.
log
(
response
)
// console.log(response)
autoProductionschedul
(
response
.
get
(
'planInfoNo'
));
// autoProductionschedul(response.get('planInfoNo'));
resultGrid
.
dataSource
.
page
(
1
);
// resultGrid.dataSource.page(1);
},
// },
onFail
(
errorMessage
,
status
,
e
)
{
// onFail(errorMessage, status, e) {
NotificationUtil
(
"执行失败!"
,
"error"
);
// NotificationUtil("执行失败!", "error");
}
// }
},
// },
{
// {
async
:
false
// async: false
}
// }
);
// );
}
// }
//
//
// }
// })
//
// }
// } else {
// NotificationUtil("提交失败!未找到明细信息", "error");
// }
// },
// onFail(errorMessage, status, e) {
// NotificationUtil("执行失败!", "error");
// }
// },
// {
// async: false
// }
// );
// } else {
// // 撤回
//
// }
// }
// },
// onFail(errorMessage, status, e) {
// NotificationUtil("执行失败!", "error");
// }
// },
// {
// async: false
// }
// );
autoProductionschedul
(
'SCJH24030700006'
);
}
})
}
}
else
{
NotificationUtil
(
"提交失败!未找到明细信息"
,
"error"
);
}
},
onFail
(
errorMessage
,
status
,
e
)
{
NotificationUtil
(
"执行失败!"
,
"error"
);
}
},
{
async
:
false
}
);
}
else
{
// 撤回
}
}
},
onFail
(
errorMessage
,
status
,
e
)
{
NotificationUtil
(
"执行失败!"
,
"error"
);
}
},
{
async
:
false
}
);
// autoProductionschedul('SCJH24030700006');
}
}
/**
/**
...
@@ -228,7 +228,7 @@ let autoProductionschedul = function (planInfoNo) {
...
@@ -228,7 +228,7 @@ let autoProductionschedul = function (planInfoNo) {
href
:
"HPSC003A?methodName=initLoad&inqu_status-0-planInfoNo="
+
planInfoNo
,
href
:
"HPSC003A?methodName=initLoad&inqu_status-0-planInfoNo="
+
planInfoNo
,
title
:
"<div style='text-align: center;'>自动排产</div>"
,
title
:
"<div style='text-align: center;'>自动排产</div>"
,
width
:
"30%"
,
width
:
"30%"
,
height
:
"
8
0%"
,
height
:
"
4
0%"
,
callbackName
:
autoProductionschedulCallback
callbackName
:
autoProductionschedulCallback
});
});
}
}
...
@@ -242,10 +242,12 @@ function autoProductionschedulCallback (factoryCode,planInfoNo) {
...
@@ -242,10 +242,12 @@ function autoProductionschedulCallback (factoryCode,planInfoNo) {
href
:
"HPSC003B?methodName=initLoad&inqu_status-0-planInfoNo="
+
planInfoNo
+
href
:
"HPSC003B?methodName=initLoad&inqu_status-0-planInfoNo="
+
planInfoNo
+
'&inqu_status-0-factoryCode='
+
factoryCode
,
'&inqu_status-0-factoryCode='
+
factoryCode
,
title
:
"<div style='text-align: center;'>自动排产</div>"
,
title
:
"<div style='text-align: center;'>自动排产</div>"
,
// width: "80%",
width
:
"80%"
,
// height: "80%",
height
:
"80%"
,
dispaly
:
"flex"
,
callbackName
:
autoProductionschedulCallback1
callbackName
:
autoProductionschedulCallback1
});
});
$
(
"#JSColorboxWin"
).
css
({
"height"
:
"100%"
})
}
else
{
}
else
{
message
(
"生产计划单号不能为空!"
);
message
(
"生产计划单号不能为空!"
);
return
;
return
;
...
...
src/main/webapp/HP/SC/HPSC003B.js
View file @
0738d0c9
$
(
function
()
{
$
(
function
()
{
IPLATUI
.
EFGrid
=
{
IPLATUI
.
EFGrid
=
{
"result"
:
{
"result"
:
{
toolbarConfig
:
{
toolbarConfig
:
{
hidden
:
true
,
// true时,不显示功能按钮,但保留setting导出按钮
hidden
:
true
,
// true时,不显示功能按钮,但保留setting导出按钮
},
},
...
@@ -18,6 +18,53 @@ $(function () {
...
@@ -18,6 +18,53 @@ $(function () {
}
}
}
}
/**
* 取消
*/
$
(
'#cancel'
).
on
(
'click'
,
function
()
{
// 关闭弹窗
parent
.
JSColorbox
.
close
();
})
/**
* 确认
*/
$
(
'#confirm'
).
on
(
'click'
,
function
()
{
let
allRows
=
new
Array
();
allRows
=
resultGrid
.
getDataItems
();
console
.
log
(
allRows
);
if
(
allRows
.
length
>
0
)
{
const
inEiInfo
=
new
EiInfo
();
$
.
each
(
allRows
,
function
(
index
,
item
)
{
inEiInfo
.
set
(
"result-"
+
index
+
"-id"
,
item
[
"id"
])
inEiInfo
.
set
(
"result-"
+
index
+
"-prodOrderNo"
,
item
[
"prodOrderNo"
])
inEiInfo
.
set
(
"result-"
+
index
+
"-factoryName"
,
item
[
"factoryName"
])
inEiInfo
.
set
(
"result-"
+
index
+
"-factoryCode"
,
item
[
"factoryCode"
])
inEiInfo
.
set
(
"result-"
+
index
+
"-orgName"
,
item
[
"orgName"
])
inEiInfo
.
set
(
"result-"
+
index
+
"-orgNo"
,
item
[
"orgNo"
])
})
EiCommunicator
.
send
(
'HPSC003B'
,
'autoGenerateTask'
,
inEiInfo
,
{
onSuccess
(
response
)
{
NotificationUtil
(
response
.
msg
);
// 关闭弹窗
parent
.
JSColorbox
.
close
();
query
();
},
onFail
(
errorMessage
,
status
,
e
)
{
NotificationUtil
(
"执行失败!"
,
"error"
);
}
},
{
async
:
false
}
);
}
else
{
message
(
"没有可以生成的计划!"
);
return
;
}
})
});
});
...
@@ -25,14 +72,15 @@ $(function () {
...
@@ -25,14 +72,15 @@ $(function () {
* 查询
* 查询
*/
*/
function
query
()
{
function
query
()
{
resultGrid
.
dataSource
.
page
(
1
);
resultGrid
.
dataSource
.
page
(
1
);
}
}
function
deleteRow
(
rowNo
)
{
function
deleteRow
(
rowNo
)
{
resultGrid
.
removeRows
([
rowNo
]);
// 刷新行号
resultGrid
.
removeRows
([
rowNo
]);
// 刷新行号
refreshRowNo
();
refreshRowNo
();
}
}
let
refreshRowNo
=
function
()
{
let
refreshRowNo
=
function
()
{
let
allRows
=
resultGrid
.
getDataItems
();
let
allRows
=
resultGrid
.
getDataItems
();
for
(
let
i
=
0
;
i
<
allRows
.
length
;
i
++
)
{
for
(
let
i
=
0
;
i
<
allRows
.
length
;
i
++
)
{
resultGrid
.
setCellValue
(
i
,
"rowNo"
,
i
);
resultGrid
.
setCellValue
(
i
,
"rowNo"
,
i
);
...
@@ -43,17 +91,4 @@ $(window).load(function () {
...
@@ -43,17 +91,4 @@ $(window).load(function () {
refreshRowNo
();
refreshRowNo
();
});
});
/**
* 取消
*/
$
(
'#cancel'
).
on
(
'click'
,
function
()
{
// 关闭弹窗
parent
.
JSColorbox
.
close
();
})
/**
* 确认
*/
$
(
'#confirm'
).
on
(
'click'
,
function
()
{
})
src/main/webapp/HP/SC/HPSC003B.jsp
View file @
0738d0c9
...
@@ -10,8 +10,9 @@
...
@@ -10,8 +10,9 @@
<EF:EFRegion
id=
"result"
title=
"记录集"
>
<EF:EFRegion
id=
"result"
title=
"记录集"
>
<EF:EFGrid
blockId=
"result"
autoDraw=
"override"
>
<EF:EFGrid
blockId=
"result"
autoDraw=
"override"
>
<EF:EFColumn
ename=
"operator"
cname=
"操作"
locked=
"true"
enable=
"false"
width=
"80"
align=
"center"
/>
<EF:EFColumn
ename=
"operator"
cname=
"操作"
locked=
"true"
enable=
"false"
width=
"80"
align=
"center"
/>
<EF:EFColumn
ename=
"id"
cname=
"主键"
hidden=
"true"
/>
<EF:EFColumn
ename=
"rowNo"
cname=
"行号"
hidden=
"true"
/>
<EF:EFColumn
ename=
"rowNo"
cname=
"行号"
hidden=
"true"
/>
<EF:EFColumn
ename=
"id"
cname=
"主键"
hidden=
"true"
/>
<EF:EFColumn
ename=
"prodOrderNo"
cname=
"生产订单号"
hidden=
"true"
/>
<EF:EFColumn
ename=
"projName"
cname=
"项目名称"
enable=
"false"
width=
"140"
align=
"center"
/>
<EF:EFColumn
ename=
"projName"
cname=
"项目名称"
enable=
"false"
width=
"140"
align=
"center"
/>
<EF:EFColumn
ename=
"prdtName"
cname=
"部件名称"
enable=
"false"
width=
"100"
align=
"center"
/>
<EF:EFColumn
ename=
"prdtName"
cname=
"部件名称"
enable=
"false"
width=
"100"
align=
"center"
/>
<EF:EFColumn
ename=
"partName"
cname=
"零件名称"
enable=
"false"
width=
"100"
align=
"center"
/>
<EF:EFColumn
ename=
"partName"
cname=
"零件名称"
enable=
"false"
width=
"100"
align=
"center"
/>
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment