From 3d5e548b2ba95ba930b79dc1f9911d3af6b96f5c Mon Sep 17 00:00:00 2001 From: "adel.ka" Date: Fri, 24 Oct 2025 09:30:08 +0300 Subject: [PATCH 1/8] SUPPORT-9497: ogrn check --- .../ervu_lkrp_ul/db_beans/public_/Keys.java | 10 +- .../ervu_lkrp_ul/db_beans/public_/Public.java | 15 +- .../ervu_lkrp_ul/db_beans/public_/Tables.java | 12 +- .../db_beans/public_/tables/Files.java | 239 ------ .../public_/tables/InteractionLog.java | 5 + .../db_beans/public_/tables/OkopfRecords.java | 7 - .../db_beans/public_/tables/OrgOkved.java | 244 ------ .../public_/tables/OrganizationAllowed.java | 226 ++++++ .../public_/tables/records/FilesRecord.java | 109 --- .../tables/records/InteractionLogRecord.java | 17 +- .../tables/records/OrgOkvedRecord.java | 124 --- .../records/OrganizationAllowedRecord.java | 81 ++ .../ervu/dao/OrganizationAccessDao.java | 25 + .../ervu/security/SecurityConstants.java | 2 + .../esia/service/EsiaAuthService.java | 16 +- .../webbpm/jwt/JwtAuthenticationProvider.java | 9 +- .../webbpm/jwt/helper/SecurityHelper.java | 21 +- .../ervu/security/webbpm/jwt/model/Token.java | 9 +- .../webbpm/jwt/service/JwtTokenService.java | 12 +- .../ervu/service/UploadAccessService.java | 32 + .../2025-10-24-add-org-allowed-table.xml | 14 + .../config/v_1.0/changelog-v_1.0.xml | 1 + frontend/src/ts/ervu/FileUploadChecker.ts | 17 + .../Личный кабинет юр лица.page | 713 +++++++++++++++++- 24 files changed, 1196 insertions(+), 764 deletions(-) delete mode 100644 backend/src/main/java/ervu_lkrp_ul/ervu_lkrp_ul/db_beans/public_/tables/Files.java delete mode 100644 backend/src/main/java/ervu_lkrp_ul/ervu_lkrp_ul/db_beans/public_/tables/OrgOkved.java create mode 100644 backend/src/main/java/ervu_lkrp_ul/ervu_lkrp_ul/db_beans/public_/tables/OrganizationAllowed.java delete mode 100644 backend/src/main/java/ervu_lkrp_ul/ervu_lkrp_ul/db_beans/public_/tables/records/FilesRecord.java delete mode 100644 backend/src/main/java/ervu_lkrp_ul/ervu_lkrp_ul/db_beans/public_/tables/records/OrgOkvedRecord.java create mode 100644 backend/src/main/java/ervu_lkrp_ul/ervu_lkrp_ul/db_beans/public_/tables/records/OrganizationAllowedRecord.java create mode 100644 backend/src/main/java/ru/micord/ervu/dao/OrganizationAccessDao.java create mode 100644 backend/src/main/java/ru/micord/ervu/service/UploadAccessService.java create mode 100644 backend/src/main/resources/config/v_1.0/2025-10-24-add-org-allowed-table.xml create mode 100644 frontend/src/ts/ervu/FileUploadChecker.ts diff --git a/backend/src/main/java/ervu_lkrp_ul/ervu_lkrp_ul/db_beans/public_/Keys.java b/backend/src/main/java/ervu_lkrp_ul/ervu_lkrp_ul/db_beans/public_/Keys.java index 88de130b..35aa099d 100644 --- a/backend/src/main/java/ervu_lkrp_ul/ervu_lkrp_ul/db_beans/public_/Keys.java +++ b/backend/src/main/java/ervu_lkrp_ul/ervu_lkrp_ul/db_beans/public_/Keys.java @@ -5,14 +5,12 @@ package ervu_lkrp_ul.ervu_lkrp_ul.db_beans.public_; import ervu_lkrp_ul.ervu_lkrp_ul.db_beans.public_.tables.Databasechangeloglock; -import ervu_lkrp_ul.ervu_lkrp_ul.db_beans.public_.tables.Files; import ervu_lkrp_ul.ervu_lkrp_ul.db_beans.public_.tables.OkopfRecords; -import ervu_lkrp_ul.ervu_lkrp_ul.db_beans.public_.tables.OrgOkved; +import ervu_lkrp_ul.ervu_lkrp_ul.db_beans.public_.tables.OrganizationAllowed; import ervu_lkrp_ul.ervu_lkrp_ul.db_beans.public_.tables.Shedlock; import ervu_lkrp_ul.ervu_lkrp_ul.db_beans.public_.tables.records.DatabasechangeloglockRecord; -import ervu_lkrp_ul.ervu_lkrp_ul.db_beans.public_.tables.records.FilesRecord; import ervu_lkrp_ul.ervu_lkrp_ul.db_beans.public_.tables.records.OkopfRecordsRecord; -import ervu_lkrp_ul.ervu_lkrp_ul.db_beans.public_.tables.records.OrgOkvedRecord; +import ervu_lkrp_ul.ervu_lkrp_ul.db_beans.public_.tables.records.OrganizationAllowedRecord; import ervu_lkrp_ul.ervu_lkrp_ul.db_beans.public_.tables.records.ShedlockRecord; import org.jooq.TableField; @@ -33,9 +31,7 @@ public class Keys { // ------------------------------------------------------------------------- public static final UniqueKey DATABASECHANGELOGLOCK_PKEY = Internal.createUniqueKey(Databasechangeloglock.DATABASECHANGELOGLOCK, DSL.name("databasechangeloglock_pkey"), new TableField[] { Databasechangeloglock.DATABASECHANGELOGLOCK.ID }, true); - public static final UniqueKey FILES_PKEY = Internal.createUniqueKey(Files.FILES, DSL.name("files_pkey"), new TableField[] { Files.FILES.FILE_ID }, true); - public static final UniqueKey OKOPF_RECORDS_NAME_KEY = Internal.createUniqueKey(OkopfRecords.OKOPF_RECORDS, DSL.name("okopf_records_name_key"), new TableField[] { OkopfRecords.OKOPF_RECORDS.NAME }, true); public static final UniqueKey OKOPF_RECORDS_PKEY = Internal.createUniqueKey(OkopfRecords.OKOPF_RECORDS, DSL.name("okopf_records_pkey"), new TableField[] { OkopfRecords.OKOPF_RECORDS.OKOPF_RECORDS_ID }, true); - public static final UniqueKey ORG_OKVED_PKEY = Internal.createUniqueKey(OrgOkved.ORG_OKVED, DSL.name("org_okved_pkey"), new TableField[] { OrgOkved.ORG_OKVED.ID }, true); + public static final UniqueKey ORGANIZATION_ALLOWED_PKEY = Internal.createUniqueKey(OrganizationAllowed.ORGANIZATION_ALLOWED, DSL.name("organization_allowed_pkey"), new TableField[] { OrganizationAllowed.ORGANIZATION_ALLOWED.OGRN }, true); public static final UniqueKey SHEDLOCK_PK = Internal.createUniqueKey(Shedlock.SHEDLOCK, DSL.name("shedlock_pk"), new TableField[] { Shedlock.SHEDLOCK.NAME }, true); } diff --git a/backend/src/main/java/ervu_lkrp_ul/ervu_lkrp_ul/db_beans/public_/Public.java b/backend/src/main/java/ervu_lkrp_ul/ervu_lkrp_ul/db_beans/public_/Public.java index c622294d..5d20db39 100644 --- a/backend/src/main/java/ervu_lkrp_ul/ervu_lkrp_ul/db_beans/public_/Public.java +++ b/backend/src/main/java/ervu_lkrp_ul/ervu_lkrp_ul/db_beans/public_/Public.java @@ -7,10 +7,9 @@ package ervu_lkrp_ul.ervu_lkrp_ul.db_beans.public_; import ervu_lkrp_ul.ervu_lkrp_ul.db_beans.DefaultCatalog; import ervu_lkrp_ul.ervu_lkrp_ul.db_beans.public_.tables.Databasechangelog; import ervu_lkrp_ul.ervu_lkrp_ul.db_beans.public_.tables.Databasechangeloglock; -import ervu_lkrp_ul.ervu_lkrp_ul.db_beans.public_.tables.Files; import ervu_lkrp_ul.ervu_lkrp_ul.db_beans.public_.tables.InteractionLog; import ervu_lkrp_ul.ervu_lkrp_ul.db_beans.public_.tables.OkopfRecords; -import ervu_lkrp_ul.ervu_lkrp_ul.db_beans.public_.tables.OrgOkved; +import ervu_lkrp_ul.ervu_lkrp_ul.db_beans.public_.tables.OrganizationAllowed; import ervu_lkrp_ul.ervu_lkrp_ul.db_beans.public_.tables.Shedlock; import java.util.Arrays; @@ -44,11 +43,6 @@ public class Public extends SchemaImpl { */ public final Databasechangeloglock DATABASECHANGELOGLOCK = Databasechangeloglock.DATABASECHANGELOGLOCK; - /** - * The table public.files. - */ - public final Files FILES = Files.FILES; - /** * The table public.interaction_log. */ @@ -60,9 +54,9 @@ public class Public extends SchemaImpl { public final OkopfRecords OKOPF_RECORDS = OkopfRecords.OKOPF_RECORDS; /** - * The table public.org_okved. + * The table public.organization_allowed. */ - public final OrgOkved ORG_OKVED = OrgOkved.ORG_OKVED; + public final OrganizationAllowed ORGANIZATION_ALLOWED = OrganizationAllowed.ORGANIZATION_ALLOWED; /** * The table public.shedlock. @@ -87,10 +81,9 @@ public class Public extends SchemaImpl { return Arrays.asList( Databasechangelog.DATABASECHANGELOG, Databasechangeloglock.DATABASECHANGELOGLOCK, - Files.FILES, InteractionLog.INTERACTION_LOG, OkopfRecords.OKOPF_RECORDS, - OrgOkved.ORG_OKVED, + OrganizationAllowed.ORGANIZATION_ALLOWED, Shedlock.SHEDLOCK ); } diff --git a/backend/src/main/java/ervu_lkrp_ul/ervu_lkrp_ul/db_beans/public_/Tables.java b/backend/src/main/java/ervu_lkrp_ul/ervu_lkrp_ul/db_beans/public_/Tables.java index d35dfe07..37305e26 100644 --- a/backend/src/main/java/ervu_lkrp_ul/ervu_lkrp_ul/db_beans/public_/Tables.java +++ b/backend/src/main/java/ervu_lkrp_ul/ervu_lkrp_ul/db_beans/public_/Tables.java @@ -6,10 +6,9 @@ package ervu_lkrp_ul.ervu_lkrp_ul.db_beans.public_; import ervu_lkrp_ul.ervu_lkrp_ul.db_beans.public_.tables.Databasechangelog; import ervu_lkrp_ul.ervu_lkrp_ul.db_beans.public_.tables.Databasechangeloglock; -import ervu_lkrp_ul.ervu_lkrp_ul.db_beans.public_.tables.Files; import ervu_lkrp_ul.ervu_lkrp_ul.db_beans.public_.tables.InteractionLog; import ervu_lkrp_ul.ervu_lkrp_ul.db_beans.public_.tables.OkopfRecords; -import ervu_lkrp_ul.ervu_lkrp_ul.db_beans.public_.tables.OrgOkved; +import ervu_lkrp_ul.ervu_lkrp_ul.db_beans.public_.tables.OrganizationAllowed; import ervu_lkrp_ul.ervu_lkrp_ul.db_beans.public_.tables.Shedlock; @@ -29,11 +28,6 @@ public class Tables { */ public static final Databasechangeloglock DATABASECHANGELOGLOCK = Databasechangeloglock.DATABASECHANGELOGLOCK; - /** - * The table public.files. - */ - public static final Files FILES = Files.FILES; - /** * The table public.interaction_log. */ @@ -45,9 +39,9 @@ public class Tables { public static final OkopfRecords OKOPF_RECORDS = OkopfRecords.OKOPF_RECORDS; /** - * The table public.org_okved. + * The table public.organization_allowed. */ - public static final OrgOkved ORG_OKVED = OrgOkved.ORG_OKVED; + public static final OrganizationAllowed ORGANIZATION_ALLOWED = OrganizationAllowed.ORGANIZATION_ALLOWED; /** * The table public.shedlock. diff --git a/backend/src/main/java/ervu_lkrp_ul/ervu_lkrp_ul/db_beans/public_/tables/Files.java b/backend/src/main/java/ervu_lkrp_ul/ervu_lkrp_ul/db_beans/public_/tables/Files.java deleted file mode 100644 index 50a0e23a..00000000 --- a/backend/src/main/java/ervu_lkrp_ul/ervu_lkrp_ul/db_beans/public_/tables/Files.java +++ /dev/null @@ -1,239 +0,0 @@ -/* - * This file is generated by jOOQ. - */ -package ervu_lkrp_ul.ervu_lkrp_ul.db_beans.public_.tables; - - -import ervu_lkrp_ul.ervu_lkrp_ul.db_beans.public_.Keys; -import ervu_lkrp_ul.ervu_lkrp_ul.db_beans.public_.Public; -import ervu_lkrp_ul.ervu_lkrp_ul.db_beans.public_.tables.records.FilesRecord; - -import java.util.Collection; - -import org.jooq.Condition; -import org.jooq.Field; -import org.jooq.Identity; -import org.jooq.Name; -import org.jooq.PlainSQL; -import org.jooq.QueryPart; -import org.jooq.SQL; -import org.jooq.Schema; -import org.jooq.Select; -import org.jooq.Stringly; -import org.jooq.Table; -import org.jooq.TableField; -import org.jooq.TableOptions; -import org.jooq.UniqueKey; -import org.jooq.impl.DSL; -import org.jooq.impl.SQLDataType; -import org.jooq.impl.TableImpl; - - -/** - * This class is generated by jOOQ. - */ -@SuppressWarnings({ "all", "unchecked", "rawtypes" }) -public class Files extends TableImpl { - - private static final long serialVersionUID = 1L; - - /** - * The reference instance of public.files - */ - public static final Files FILES = new Files(); - - /** - * The class holding records for this type - */ - @Override - public Class getRecordType() { - return FilesRecord.class; - } - - /** - * The column public.files.file_id. - */ - public final TableField FILE_ID = createField(DSL.name("file_id"), SQLDataType.BIGINT.nullable(false).identity(true), this, ""); - - /** - * The column public.files.file. - */ - public final TableField FILE = createField(DSL.name("file"), SQLDataType.BLOB, this, ""); - - /** - * The column public.files.file_name. - */ - public final TableField FILE_NAME = createField(DSL.name("file_name"), SQLDataType.VARCHAR(10000), this, ""); - - /** - * The column public.files.interaction_log_id. - */ - public final TableField INTERACTION_LOG_ID = createField(DSL.name("interaction_log_id"), SQLDataType.BIGINT, this, ""); - - private Files(Name alias, Table aliased) { - this(alias, aliased, (Field[]) null, null); - } - - private Files(Name alias, Table aliased, Field[] parameters, Condition where) { - super(alias, null, aliased, parameters, DSL.comment(""), TableOptions.table(), where); - } - - /** - * Create an aliased public.files table reference - */ - public Files(String alias) { - this(DSL.name(alias), FILES); - } - - /** - * Create an aliased public.files table reference - */ - public Files(Name alias) { - this(alias, FILES); - } - - /** - * Create a public.files table reference - */ - public Files() { - this(DSL.name("files"), null); - } - - @Override - public Schema getSchema() { - return aliased() ? null : Public.PUBLIC; - } - - @Override - public Identity getIdentity() { - return (Identity) super.getIdentity(); - } - - @Override - public UniqueKey getPrimaryKey() { - return Keys.FILES_PKEY; - } - - @Override - public Files as(String alias) { - return new Files(DSL.name(alias), this); - } - - @Override - public Files as(Name alias) { - return new Files(alias, this); - } - - @Override - public Files as(Table alias) { - return new Files(alias.getQualifiedName(), this); - } - - /** - * Rename this table - */ - @Override - public Files rename(String name) { - return new Files(DSL.name(name), null); - } - - /** - * Rename this table - */ - @Override - public Files rename(Name name) { - return new Files(name, null); - } - - /** - * Rename this table - */ - @Override - public Files rename(Table name) { - return new Files(name.getQualifiedName(), null); - } - - /** - * Create an inline derived table from this table - */ - @Override - public Files where(Condition condition) { - return new Files(getQualifiedName(), aliased() ? this : null, null, condition); - } - - /** - * Create an inline derived table from this table - */ - @Override - public Files where(Collection conditions) { - return where(DSL.and(conditions)); - } - - /** - * Create an inline derived table from this table - */ - @Override - public Files where(Condition... conditions) { - return where(DSL.and(conditions)); - } - - /** - * Create an inline derived table from this table - */ - @Override - public Files where(Field condition) { - return where(DSL.condition(condition)); - } - - /** - * Create an inline derived table from this table - */ - @Override - @PlainSQL - public Files where(SQL condition) { - return where(DSL.condition(condition)); - } - - /** - * Create an inline derived table from this table - */ - @Override - @PlainSQL - public Files where(@Stringly.SQL String condition) { - return where(DSL.condition(condition)); - } - - /** - * Create an inline derived table from this table - */ - @Override - @PlainSQL - public Files where(@Stringly.SQL String condition, Object... binds) { - return where(DSL.condition(condition, binds)); - } - - /** - * Create an inline derived table from this table - */ - @Override - @PlainSQL - public Files where(@Stringly.SQL String condition, QueryPart... parts) { - return where(DSL.condition(condition, parts)); - } - - /** - * Create an inline derived table from this table - */ - @Override - public Files whereExists(Select select) { - return where(DSL.exists(select)); - } - - /** - * Create an inline derived table from this table - */ - @Override - public Files whereNotExists(Select select) { - return where(DSL.notExists(select)); - } -} diff --git a/backend/src/main/java/ervu_lkrp_ul/ervu_lkrp_ul/db_beans/public_/tables/InteractionLog.java b/backend/src/main/java/ervu_lkrp_ul/ervu_lkrp_ul/db_beans/public_/tables/InteractionLog.java index afd65e42..fb2043b6 100644 --- a/backend/src/main/java/ervu_lkrp_ul/ervu_lkrp_ul/db_beans/public_/tables/InteractionLog.java +++ b/backend/src/main/java/ervu_lkrp_ul/ervu_lkrp_ul/db_beans/public_/tables/InteractionLog.java @@ -99,6 +99,11 @@ public class InteractionLog extends TableImpl { */ public final TableField ERVU_ID = createField(DSL.name("ervu_id"), SQLDataType.VARCHAR(36), this, ""); + /** + * The column public.interaction_log.offset. + */ + public final TableField OFFSET = createField(DSL.name("offset"), SQLDataType.VARCHAR(10), this, ""); + private InteractionLog(Name alias, Table aliased) { this(alias, aliased, (Field[]) null, null); } diff --git a/backend/src/main/java/ervu_lkrp_ul/ervu_lkrp_ul/db_beans/public_/tables/OkopfRecords.java b/backend/src/main/java/ervu_lkrp_ul/ervu_lkrp_ul/db_beans/public_/tables/OkopfRecords.java index 7f2e0bfe..e9671919 100644 --- a/backend/src/main/java/ervu_lkrp_ul/ervu_lkrp_ul/db_beans/public_/tables/OkopfRecords.java +++ b/backend/src/main/java/ervu_lkrp_ul/ervu_lkrp_ul/db_beans/public_/tables/OkopfRecords.java @@ -8,9 +8,7 @@ import ervu_lkrp_ul.ervu_lkrp_ul.db_beans.public_.Keys; import ervu_lkrp_ul.ervu_lkrp_ul.db_beans.public_.Public; import ervu_lkrp_ul.ervu_lkrp_ul.db_beans.public_.tables.records.OkopfRecordsRecord; -import java.util.Arrays; import java.util.Collection; -import java.util.List; import org.jooq.Condition; import org.jooq.Field; @@ -105,11 +103,6 @@ public class OkopfRecords extends TableImpl { return Keys.OKOPF_RECORDS_PKEY; } - @Override - public List> getUniqueKeys() { - return Arrays.asList(Keys.OKOPF_RECORDS_NAME_KEY); - } - @Override public OkopfRecords as(String alias) { return new OkopfRecords(DSL.name(alias), this); diff --git a/backend/src/main/java/ervu_lkrp_ul/ervu_lkrp_ul/db_beans/public_/tables/OrgOkved.java b/backend/src/main/java/ervu_lkrp_ul/ervu_lkrp_ul/db_beans/public_/tables/OrgOkved.java deleted file mode 100644 index ba8d15a1..00000000 --- a/backend/src/main/java/ervu_lkrp_ul/ervu_lkrp_ul/db_beans/public_/tables/OrgOkved.java +++ /dev/null @@ -1,244 +0,0 @@ -/* - * This file is generated by jOOQ. - */ -package ervu_lkrp_ul.ervu_lkrp_ul.db_beans.public_.tables; - - -import ervu_lkrp_ul.ervu_lkrp_ul.db_beans.public_.Keys; -import ervu_lkrp_ul.ervu_lkrp_ul.db_beans.public_.Public; -import ervu_lkrp_ul.ervu_lkrp_ul.db_beans.public_.tables.records.OrgOkvedRecord; - -import java.util.Collection; - -import org.jooq.Condition; -import org.jooq.Field; -import org.jooq.Identity; -import org.jooq.Name; -import org.jooq.PlainSQL; -import org.jooq.QueryPart; -import org.jooq.SQL; -import org.jooq.Schema; -import org.jooq.Select; -import org.jooq.Stringly; -import org.jooq.Table; -import org.jooq.TableField; -import org.jooq.TableOptions; -import org.jooq.UniqueKey; -import org.jooq.impl.DSL; -import org.jooq.impl.SQLDataType; -import org.jooq.impl.TableImpl; - - -/** - * This class is generated by jOOQ. - */ -@SuppressWarnings({ "all", "unchecked", "rawtypes" }) -public class OrgOkved extends TableImpl { - - private static final long serialVersionUID = 1L; - - /** - * The reference instance of public.org_okved - */ - public static final OrgOkved ORG_OKVED = new OrgOkved(); - - /** - * The class holding records for this type - */ - @Override - public Class getRecordType() { - return OrgOkvedRecord.class; - } - - /** - * The column public.org_okved.id. - */ - public final TableField ID = createField(DSL.name("id"), SQLDataType.BIGINT.nullable(false).identity(true), this, ""); - - /** - * The column public.org_okved.code. - */ - public final TableField CODE = createField(DSL.name("code"), SQLDataType.VARCHAR(7), this, ""); - - /** - * The column public.org_okved.okved. - */ - public final TableField OKVED = createField(DSL.name("okved"), SQLDataType.CLOB, this, ""); - - /** - * The column public.org_okved.organization. - */ - public final TableField ORGANIZATION = createField(DSL.name("organization"), SQLDataType.CLOB, this, ""); - - /** - * The column public.org_okved.main_okved. - */ - public final TableField MAIN_OKVED = createField(DSL.name("main_okved"), SQLDataType.BOOLEAN, this, ""); - - private OrgOkved(Name alias, Table aliased) { - this(alias, aliased, (Field[]) null, null); - } - - private OrgOkved(Name alias, Table aliased, Field[] parameters, Condition where) { - super(alias, null, aliased, parameters, DSL.comment(""), TableOptions.table(), where); - } - - /** - * Create an aliased public.org_okved table reference - */ - public OrgOkved(String alias) { - this(DSL.name(alias), ORG_OKVED); - } - - /** - * Create an aliased public.org_okved table reference - */ - public OrgOkved(Name alias) { - this(alias, ORG_OKVED); - } - - /** - * Create a public.org_okved table reference - */ - public OrgOkved() { - this(DSL.name("org_okved"), null); - } - - @Override - public Schema getSchema() { - return aliased() ? null : Public.PUBLIC; - } - - @Override - public Identity getIdentity() { - return (Identity) super.getIdentity(); - } - - @Override - public UniqueKey getPrimaryKey() { - return Keys.ORG_OKVED_PKEY; - } - - @Override - public OrgOkved as(String alias) { - return new OrgOkved(DSL.name(alias), this); - } - - @Override - public OrgOkved as(Name alias) { - return new OrgOkved(alias, this); - } - - @Override - public OrgOkved as(Table alias) { - return new OrgOkved(alias.getQualifiedName(), this); - } - - /** - * Rename this table - */ - @Override - public OrgOkved rename(String name) { - return new OrgOkved(DSL.name(name), null); - } - - /** - * Rename this table - */ - @Override - public OrgOkved rename(Name name) { - return new OrgOkved(name, null); - } - - /** - * Rename this table - */ - @Override - public OrgOkved rename(Table name) { - return new OrgOkved(name.getQualifiedName(), null); - } - - /** - * Create an inline derived table from this table - */ - @Override - public OrgOkved where(Condition condition) { - return new OrgOkved(getQualifiedName(), aliased() ? this : null, null, condition); - } - - /** - * Create an inline derived table from this table - */ - @Override - public OrgOkved where(Collection conditions) { - return where(DSL.and(conditions)); - } - - /** - * Create an inline derived table from this table - */ - @Override - public OrgOkved where(Condition... conditions) { - return where(DSL.and(conditions)); - } - - /** - * Create an inline derived table from this table - */ - @Override - public OrgOkved where(Field condition) { - return where(DSL.condition(condition)); - } - - /** - * Create an inline derived table from this table - */ - @Override - @PlainSQL - public OrgOkved where(SQL condition) { - return where(DSL.condition(condition)); - } - - /** - * Create an inline derived table from this table - */ - @Override - @PlainSQL - public OrgOkved where(@Stringly.SQL String condition) { - return where(DSL.condition(condition)); - } - - /** - * Create an inline derived table from this table - */ - @Override - @PlainSQL - public OrgOkved where(@Stringly.SQL String condition, Object... binds) { - return where(DSL.condition(condition, binds)); - } - - /** - * Create an inline derived table from this table - */ - @Override - @PlainSQL - public OrgOkved where(@Stringly.SQL String condition, QueryPart... parts) { - return where(DSL.condition(condition, parts)); - } - - /** - * Create an inline derived table from this table - */ - @Override - public OrgOkved whereExists(Select select) { - return where(DSL.exists(select)); - } - - /** - * Create an inline derived table from this table - */ - @Override - public OrgOkved whereNotExists(Select select) { - return where(DSL.notExists(select)); - } -} diff --git a/backend/src/main/java/ervu_lkrp_ul/ervu_lkrp_ul/db_beans/public_/tables/OrganizationAllowed.java b/backend/src/main/java/ervu_lkrp_ul/ervu_lkrp_ul/db_beans/public_/tables/OrganizationAllowed.java new file mode 100644 index 00000000..35e9e2d2 --- /dev/null +++ b/backend/src/main/java/ervu_lkrp_ul/ervu_lkrp_ul/db_beans/public_/tables/OrganizationAllowed.java @@ -0,0 +1,226 @@ +/* + * This file is generated by jOOQ. + */ +package ervu_lkrp_ul.ervu_lkrp_ul.db_beans.public_.tables; + + +import ervu_lkrp_ul.ervu_lkrp_ul.db_beans.public_.Keys; +import ervu_lkrp_ul.ervu_lkrp_ul.db_beans.public_.Public; +import ervu_lkrp_ul.ervu_lkrp_ul.db_beans.public_.tables.records.OrganizationAllowedRecord; + +import java.sql.Timestamp; +import java.util.Collection; + +import org.jooq.Condition; +import org.jooq.Field; +import org.jooq.Name; +import org.jooq.PlainSQL; +import org.jooq.QueryPart; +import org.jooq.SQL; +import org.jooq.Schema; +import org.jooq.Select; +import org.jooq.Stringly; +import org.jooq.Table; +import org.jooq.TableField; +import org.jooq.TableOptions; +import org.jooq.UniqueKey; +import org.jooq.impl.DSL; +import org.jooq.impl.SQLDataType; +import org.jooq.impl.TableImpl; + + +/** + * This class is generated by jOOQ. + */ +@SuppressWarnings({ "all", "unchecked", "rawtypes" }) +public class OrganizationAllowed extends TableImpl { + + private static final long serialVersionUID = 1L; + + /** + * The reference instance of public.organization_allowed + */ + public static final OrganizationAllowed ORGANIZATION_ALLOWED = new OrganizationAllowed(); + + /** + * The class holding records for this type + */ + @Override + public Class getRecordType() { + return OrganizationAllowedRecord.class; + } + + /** + * The column public.organization_allowed.ogrn. + */ + public final TableField OGRN = createField(DSL.name("ogrn"), SQLDataType.VARCHAR(15).nullable(false), this, ""); + + /** + * The column public.organization_allowed.created_at. + */ + public final TableField CREATED_AT = createField(DSL.name("created_at"), SQLDataType.TIMESTAMP(0).defaultValue(DSL.field(DSL.raw("CURRENT_TIMESTAMP"), SQLDataType.TIMESTAMP)), this, ""); + + private OrganizationAllowed(Name alias, Table aliased) { + this(alias, aliased, (Field[]) null, null); + } + + private OrganizationAllowed(Name alias, Table aliased, Field[] parameters, Condition where) { + super(alias, null, aliased, parameters, DSL.comment(""), TableOptions.table(), where); + } + + /** + * Create an aliased public.organization_allowed table + * reference + */ + public OrganizationAllowed(String alias) { + this(DSL.name(alias), ORGANIZATION_ALLOWED); + } + + /** + * Create an aliased public.organization_allowed table + * reference + */ + public OrganizationAllowed(Name alias) { + this(alias, ORGANIZATION_ALLOWED); + } + + /** + * Create a public.organization_allowed table reference + */ + public OrganizationAllowed() { + this(DSL.name("organization_allowed"), null); + } + + @Override + public Schema getSchema() { + return aliased() ? null : Public.PUBLIC; + } + + @Override + public UniqueKey getPrimaryKey() { + return Keys.ORGANIZATION_ALLOWED_PKEY; + } + + @Override + public OrganizationAllowed as(String alias) { + return new OrganizationAllowed(DSL.name(alias), this); + } + + @Override + public OrganizationAllowed as(Name alias) { + return new OrganizationAllowed(alias, this); + } + + @Override + public OrganizationAllowed as(Table alias) { + return new OrganizationAllowed(alias.getQualifiedName(), this); + } + + /** + * Rename this table + */ + @Override + public OrganizationAllowed rename(String name) { + return new OrganizationAllowed(DSL.name(name), null); + } + + /** + * Rename this table + */ + @Override + public OrganizationAllowed rename(Name name) { + return new OrganizationAllowed(name, null); + } + + /** + * Rename this table + */ + @Override + public OrganizationAllowed rename(Table name) { + return new OrganizationAllowed(name.getQualifiedName(), null); + } + + /** + * Create an inline derived table from this table + */ + @Override + public OrganizationAllowed where(Condition condition) { + return new OrganizationAllowed(getQualifiedName(), aliased() ? this : null, null, condition); + } + + /** + * Create an inline derived table from this table + */ + @Override + public OrganizationAllowed where(Collection conditions) { + return where(DSL.and(conditions)); + } + + /** + * Create an inline derived table from this table + */ + @Override + public OrganizationAllowed where(Condition... conditions) { + return where(DSL.and(conditions)); + } + + /** + * Create an inline derived table from this table + */ + @Override + public OrganizationAllowed where(Field condition) { + return where(DSL.condition(condition)); + } + + /** + * Create an inline derived table from this table + */ + @Override + @PlainSQL + public OrganizationAllowed where(SQL condition) { + return where(DSL.condition(condition)); + } + + /** + * Create an inline derived table from this table + */ + @Override + @PlainSQL + public OrganizationAllowed where(@Stringly.SQL String condition) { + return where(DSL.condition(condition)); + } + + /** + * Create an inline derived table from this table + */ + @Override + @PlainSQL + public OrganizationAllowed where(@Stringly.SQL String condition, Object... binds) { + return where(DSL.condition(condition, binds)); + } + + /** + * Create an inline derived table from this table + */ + @Override + @PlainSQL + public OrganizationAllowed where(@Stringly.SQL String condition, QueryPart... parts) { + return where(DSL.condition(condition, parts)); + } + + /** + * Create an inline derived table from this table + */ + @Override + public OrganizationAllowed whereExists(Select select) { + return where(DSL.exists(select)); + } + + /** + * Create an inline derived table from this table + */ + @Override + public OrganizationAllowed whereNotExists(Select select) { + return where(DSL.notExists(select)); + } +} diff --git a/backend/src/main/java/ervu_lkrp_ul/ervu_lkrp_ul/db_beans/public_/tables/records/FilesRecord.java b/backend/src/main/java/ervu_lkrp_ul/ervu_lkrp_ul/db_beans/public_/tables/records/FilesRecord.java deleted file mode 100644 index 504b1ec2..00000000 --- a/backend/src/main/java/ervu_lkrp_ul/ervu_lkrp_ul/db_beans/public_/tables/records/FilesRecord.java +++ /dev/null @@ -1,109 +0,0 @@ -/* - * This file is generated by jOOQ. - */ -package ervu_lkrp_ul.ervu_lkrp_ul.db_beans.public_.tables.records; - - -import ervu_lkrp_ul.ervu_lkrp_ul.db_beans.public_.tables.Files; - -import org.jooq.Record1; -import org.jooq.impl.UpdatableRecordImpl; - - -/** - * This class is generated by jOOQ. - */ -@SuppressWarnings({ "all", "unchecked", "rawtypes" }) -public class FilesRecord extends UpdatableRecordImpl { - - private static final long serialVersionUID = 1L; - - /** - * Setter for public.files.file_id. - */ - public void setFileId(Long value) { - set(0, value); - } - - /** - * Getter for public.files.file_id. - */ - public Long getFileId() { - return (Long) get(0); - } - - /** - * Setter for public.files.file. - */ - public void setFile(byte[] value) { - set(1, value); - } - - /** - * Getter for public.files.file. - */ - public byte[] getFile() { - return (byte[]) get(1); - } - - /** - * Setter for public.files.file_name. - */ - public void setFileName(String value) { - set(2, value); - } - - /** - * Getter for public.files.file_name. - */ - public String getFileName() { - return (String) get(2); - } - - /** - * Setter for public.files.interaction_log_id. - */ - public void setInteractionLogId(Long value) { - set(3, value); - } - - /** - * Getter for public.files.interaction_log_id. - */ - public Long getInteractionLogId() { - return (Long) get(3); - } - - // ------------------------------------------------------------------------- - // Primary key information - // ------------------------------------------------------------------------- - - @Override - public Record1 key() { - return (Record1) super.key(); - } - - // ------------------------------------------------------------------------- - // Constructors - // ------------------------------------------------------------------------- - - /** - * Create a detached FilesRecord - */ - public FilesRecord() { - super(Files.FILES); - } - - /** - * Create a detached, initialised FilesRecord - */ - public FilesRecord(Long fileId, byte[] file, String fileName, Long interactionLogId) { - super(Files.FILES); - - setFileId(fileId); - setFile(file); - setFileName(fileName); - setInteractionLogId(interactionLogId); - resetChangedOnNotNull(); - } -} diff --git a/backend/src/main/java/ervu_lkrp_ul/ervu_lkrp_ul/db_beans/public_/tables/records/InteractionLogRecord.java b/backend/src/main/java/ervu_lkrp_ul/ervu_lkrp_ul/db_beans/public_/tables/records/InteractionLogRecord.java index a0d6ee23..3ae205b8 100644 --- a/backend/src/main/java/ervu_lkrp_ul/ervu_lkrp_ul/db_beans/public_/tables/records/InteractionLogRecord.java +++ b/backend/src/main/java/ervu_lkrp_ul/ervu_lkrp_ul/db_beans/public_/tables/records/InteractionLogRecord.java @@ -159,6 +159,20 @@ public class InteractionLogRecord extends TableRecordImpl return (String) get(9); } + /** + * Setter for public.interaction_log.offset. + */ + public void setOffset(String value) { + set(10, value); + } + + /** + * Getter for public.interaction_log.offset. + */ + public String getOffset() { + return (String) get(10); + } + // ------------------------------------------------------------------------- // Constructors // ------------------------------------------------------------------------- @@ -173,7 +187,7 @@ public class InteractionLogRecord extends TableRecordImpl /** * Create a detached, initialised InteractionLogRecord */ - public InteractionLogRecord(Long id, Timestamp sentDate, String form, String sender, String status, String fileName, Integer recordsSent, Integer recordsAccepted, String fileId, String ervuId) { + public InteractionLogRecord(Long id, Timestamp sentDate, String form, String sender, String status, String fileName, Integer recordsSent, Integer recordsAccepted, String fileId, String ervuId, String offset) { super(InteractionLog.INTERACTION_LOG); setId(id); @@ -186,6 +200,7 @@ public class InteractionLogRecord extends TableRecordImpl setRecordsAccepted(recordsAccepted); setFileId(fileId); setErvuId(ervuId); + setOffset(offset); resetChangedOnNotNull(); } } diff --git a/backend/src/main/java/ervu_lkrp_ul/ervu_lkrp_ul/db_beans/public_/tables/records/OrgOkvedRecord.java b/backend/src/main/java/ervu_lkrp_ul/ervu_lkrp_ul/db_beans/public_/tables/records/OrgOkvedRecord.java deleted file mode 100644 index 7570d690..00000000 --- a/backend/src/main/java/ervu_lkrp_ul/ervu_lkrp_ul/db_beans/public_/tables/records/OrgOkvedRecord.java +++ /dev/null @@ -1,124 +0,0 @@ -/* - * This file is generated by jOOQ. - */ -package ervu_lkrp_ul.ervu_lkrp_ul.db_beans.public_.tables.records; - - -import ervu_lkrp_ul.ervu_lkrp_ul.db_beans.public_.tables.OrgOkved; - -import org.jooq.Record1; -import org.jooq.impl.UpdatableRecordImpl; - - -/** - * This class is generated by jOOQ. - */ -@SuppressWarnings({ "all", "unchecked", "rawtypes" }) -public class OrgOkvedRecord extends UpdatableRecordImpl { - - private static final long serialVersionUID = 1L; - - /** - * Setter for public.org_okved.id. - */ - public void setId(Long value) { - set(0, value); - } - - /** - * Getter for public.org_okved.id. - */ - public Long getId() { - return (Long) get(0); - } - - /** - * Setter for public.org_okved.code. - */ - public void setCode(String value) { - set(1, value); - } - - /** - * Getter for public.org_okved.code. - */ - public String getCode() { - return (String) get(1); - } - - /** - * Setter for public.org_okved.okved. - */ - public void setOkved(String value) { - set(2, value); - } - - /** - * Getter for public.org_okved.okved. - */ - public String getOkved() { - return (String) get(2); - } - - /** - * Setter for public.org_okved.organization. - */ - public void setOrganization(String value) { - set(3, value); - } - - /** - * Getter for public.org_okved.organization. - */ - public String getOrganization() { - return (String) get(3); - } - - /** - * Setter for public.org_okved.main_okved. - */ - public void setMainOkved(Boolean value) { - set(4, value); - } - - /** - * Getter for public.org_okved.main_okved. - */ - public Boolean getMainOkved() { - return (Boolean) get(4); - } - - // ------------------------------------------------------------------------- - // Primary key information - // ------------------------------------------------------------------------- - - @Override - public Record1 key() { - return (Record1) super.key(); - } - - // ------------------------------------------------------------------------- - // Constructors - // ------------------------------------------------------------------------- - - /** - * Create a detached OrgOkvedRecord - */ - public OrgOkvedRecord() { - super(OrgOkved.ORG_OKVED); - } - - /** - * Create a detached, initialised OrgOkvedRecord - */ - public OrgOkvedRecord(Long id, String code, String okved, String organization, Boolean mainOkved) { - super(OrgOkved.ORG_OKVED); - - setId(id); - setCode(code); - setOkved(okved); - setOrganization(organization); - setMainOkved(mainOkved); - resetChangedOnNotNull(); - } -} diff --git a/backend/src/main/java/ervu_lkrp_ul/ervu_lkrp_ul/db_beans/public_/tables/records/OrganizationAllowedRecord.java b/backend/src/main/java/ervu_lkrp_ul/ervu_lkrp_ul/db_beans/public_/tables/records/OrganizationAllowedRecord.java new file mode 100644 index 00000000..13f6027d --- /dev/null +++ b/backend/src/main/java/ervu_lkrp_ul/ervu_lkrp_ul/db_beans/public_/tables/records/OrganizationAllowedRecord.java @@ -0,0 +1,81 @@ +/* + * This file is generated by jOOQ. + */ +package ervu_lkrp_ul.ervu_lkrp_ul.db_beans.public_.tables.records; + + +import ervu_lkrp_ul.ervu_lkrp_ul.db_beans.public_.tables.OrganizationAllowed; + +import java.sql.Timestamp; + +import org.jooq.Record1; +import org.jooq.impl.UpdatableRecordImpl; + + +/** + * This class is generated by jOOQ. + */ +@SuppressWarnings({ "all", "unchecked", "rawtypes" }) +public class OrganizationAllowedRecord extends UpdatableRecordImpl { + + private static final long serialVersionUID = 1L; + + /** + * Setter for public.organization_allowed.ogrn. + */ + public void setOgrn(String value) { + set(0, value); + } + + /** + * Getter for public.organization_allowed.ogrn. + */ + public String getOgrn() { + return (String) get(0); + } + + /** + * Setter for public.organization_allowed.created_at. + */ + public void setCreatedAt(Timestamp value) { + set(1, value); + } + + /** + * Getter for public.organization_allowed.created_at. + */ + public Timestamp getCreatedAt() { + return (Timestamp) get(1); + } + + // ------------------------------------------------------------------------- + // Primary key information + // ------------------------------------------------------------------------- + + @Override + public Record1 key() { + return (Record1) super.key(); + } + + // ------------------------------------------------------------------------- + // Constructors + // ------------------------------------------------------------------------- + + /** + * Create a detached OrganizationAllowedRecord + */ + public OrganizationAllowedRecord() { + super(OrganizationAllowed.ORGANIZATION_ALLOWED); + } + + /** + * Create a detached, initialised OrganizationAllowedRecord + */ + public OrganizationAllowedRecord(String ogrn, Timestamp createdAt) { + super(OrganizationAllowed.ORGANIZATION_ALLOWED); + + setOgrn(ogrn); + setCreatedAt(createdAt); + resetChangedOnNotNull(); + } +} diff --git a/backend/src/main/java/ru/micord/ervu/dao/OrganizationAccessDao.java b/backend/src/main/java/ru/micord/ervu/dao/OrganizationAccessDao.java new file mode 100644 index 00000000..c8843fba --- /dev/null +++ b/backend/src/main/java/ru/micord/ervu/dao/OrganizationAccessDao.java @@ -0,0 +1,25 @@ +package ru.micord.ervu.dao; + +import ervu_lkrp_ul.ervu_lkrp_ul.db_beans.public_.tables.OrganizationAllowed; +import org.jooq.DSLContext; + +import org.springframework.stereotype.Repository; + +/** + * @author Adel Kalimullin + */ +@Repository +public class OrganizationAccessDao { + private final DSLContext dsl; + + public OrganizationAccessDao(DSLContext dsl) { + this.dsl = dsl; + } + + public boolean existsByOgrn(String ogrn) { + return dsl.fetchExists( + dsl.selectFrom(OrganizationAllowed.ORGANIZATION_ALLOWED) + .where(OrganizationAllowed.ORGANIZATION_ALLOWED.OGRN.eq(ogrn)) + ); + } +} diff --git a/backend/src/main/java/ru/micord/ervu/security/SecurityConstants.java b/backend/src/main/java/ru/micord/ervu/security/SecurityConstants.java index bc77f591..d04446d4 100644 --- a/backend/src/main/java/ru/micord/ervu/security/SecurityConstants.java +++ b/backend/src/main/java/ru/micord/ervu/security/SecurityConstants.java @@ -6,4 +6,6 @@ public class SecurityConstants { public static final String AUTH_MARKER = "webbpm.ervu-lkrp-ul"; public static final String PRNS_UUID = "prns_uuid_ul"; public static final String STICKY_SESSION = "stickysession"; + public static final String UPLOAD_ALLOWED_MARKER = "upload_allowed"; + public static final String EMPLOYEE_DOCUMENT_PATH = "/employee/document"; } diff --git a/backend/src/main/java/ru/micord/ervu/security/esia/service/EsiaAuthService.java b/backend/src/main/java/ru/micord/ervu/security/esia/service/EsiaAuthService.java index a9f403db..7929dcca 100644 --- a/backend/src/main/java/ru/micord/ervu/security/esia/service/EsiaAuthService.java +++ b/backend/src/main/java/ru/micord/ervu/security/esia/service/EsiaAuthService.java @@ -62,6 +62,7 @@ import ru.micord.ervu.security.webbpm.jwt.JwtAuthentication; import ru.micord.ervu.security.webbpm.jwt.helper.SecurityHelper; import ru.micord.ervu.security.webbpm.jwt.service.JwtTokenService; import ru.micord.ervu.security.webbpm.jwt.model.Token; +import ru.micord.ervu.service.UploadAccessService; import ru.cg.webbpm.modules.core.runtime.api.LocalizedException; import ru.cg.webbpm.modules.core.runtime.api.MessageBundleUtils; @@ -93,6 +94,8 @@ public class EsiaAuthService { private SecurityHelper securityHelper; @Autowired private AuditService auditService; + @Autowired + private UploadAccessService uploadAccessService; @Value("${ervu.kafka.org.reply.topic}") private String requestReplyTopic; @@ -191,6 +194,7 @@ public class EsiaAuthService { String prnOid = null; Long expiresIn = null; boolean hasRole = false; + boolean fileUploadAllowed = false; long timeSignSecret = 0, timeRequestAccessToken = 0, timeVerifySecret = 0; verifyStateFromCookie(request, state, response); try { @@ -280,6 +284,7 @@ public class EsiaAuthService { try { orgInfo = getOrgInfo(esiaAccessTokenStr); hasRole = ulDataService.checkRole(esiaAccessTokenStr); + fileUploadAllowed = uploadAccessService.canUploadFiles(orgInfo.getOgrn()); ervuId = getErvuId(prnOid, orgInfo); if (!hasRole) { LOGGER.error("The user with id = " + prnOid + " does not have the required role"); @@ -298,7 +303,7 @@ public class EsiaAuthService { auditService.processAuthEvent(request, orgInfo, prnOid, status, AuditConstants.LOGIN_EVENT_TYPE); } - createTokenAndAddCookie(response, prnOid, ervuId, hasRole , expiresIn); + createTokenAndAddCookie(response, prnOid, ervuId, hasRole, fileUploadAllowed, expiresIn); } } @@ -371,8 +376,9 @@ public class EsiaAuthService { EsiaAuthInfoStore.addAccessToken(prnOid, esiaAccessTokenStr, expiresIn); EsiaAuthInfoStore.addRefreshToken(prnOid, esiaNewRefreshToken, expiresIn); OrgInfo orgInfo = getOrgInfo(esiaAccessTokenStr); + boolean fileUploadAllowed = uploadAccessService.canUploadFiles(orgInfo.getOgrn()); String ervuId = getErvuId(prnOid, orgInfo); - createTokenAndAddCookie(response, esiaAccessToken.getSbjId(), ervuId, true, expiresIn); + createTokenAndAddCookie(response, esiaAccessToken.getSbjId(), ervuId, true, fileUploadAllowed, expiresIn); } catch (EsiaException | IOException | InterruptedException e) { throw new EsiaException(e); @@ -548,9 +554,9 @@ public class EsiaAuthService { } private void createTokenAndAddCookie(HttpServletResponse response, String userId, String ervuId, - Boolean hasRole, Long expiresIn) { - Token token = jwtTokenService.createAccessToken(userId, expiresIn, ervuId, hasRole); - securityHelper.addAccessCookies(response, token.getValue(), expiresIn.intValue()); + Boolean hasRole, Boolean fileUploadAllowed, Long expiresIn) { + Token token = jwtTokenService.createAccessToken(userId, expiresIn, ervuId, hasRole, fileUploadAllowed); + securityHelper.addAccessCookies(response, token.getValue(), expiresIn.intValue(), fileUploadAllowed); UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = new UsernamePasswordAuthenticationToken(token.getUserAccountId(), null); SecurityContext context = SecurityContextHolder.createEmptyContext(); diff --git a/backend/src/main/java/ru/micord/ervu/security/webbpm/jwt/JwtAuthenticationProvider.java b/backend/src/main/java/ru/micord/ervu/security/webbpm/jwt/JwtAuthenticationProvider.java index 8e81e753..ff280904 100644 --- a/backend/src/main/java/ru/micord/ervu/security/webbpm/jwt/JwtAuthenticationProvider.java +++ b/backend/src/main/java/ru/micord/ervu/security/webbpm/jwt/JwtAuthenticationProvider.java @@ -6,6 +6,7 @@ import javax.servlet.http.HttpServletRequest; import io.jsonwebtoken.ExpiredJwtException; import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.security.access.AccessDeniedException; import org.springframework.security.authentication.AuthenticationProvider; import org.springframework.security.authentication.BadCredentialsException; import org.springframework.security.authentication.CredentialsExpiredException; @@ -19,10 +20,10 @@ import ru.micord.ervu.security.webbpm.jwt.model.Token; import ru.micord.ervu.security.webbpm.jwt.service.JwtTokenService; import static org.springframework.web.context.request.RequestAttributes.REFERENCE_REQUEST; +import static ru.micord.ervu.security.SecurityConstants.EMPLOYEE_DOCUMENT_PATH; @Component public class JwtAuthenticationProvider implements AuthenticationProvider { - private final JwtTokenService jwtTokenService; @Autowired @@ -56,6 +57,12 @@ public class JwtAuthenticationProvider implements AuthenticationProvider { } if (jwtTokenService.isValid(token) && token.getHasRole()) { + String requestPath = request.getRequestURI(); + if (EMPLOYEE_DOCUMENT_PATH.equals(requestPath) && + Boolean.FALSE.equals(token.isFileUploadAllowed())) { + throw new AccessDeniedException("File upload is not allowed for this organization"); + } + UsernamePasswordAuthenticationToken pwdToken = UsernamePasswordAuthenticationToken.authenticated(token.getUserAccountId(), null, Collections.emptyList() diff --git a/backend/src/main/java/ru/micord/ervu/security/webbpm/jwt/helper/SecurityHelper.java b/backend/src/main/java/ru/micord/ervu/security/webbpm/jwt/helper/SecurityHelper.java index bc697581..649ab86b 100644 --- a/backend/src/main/java/ru/micord/ervu/security/webbpm/jwt/helper/SecurityHelper.java +++ b/backend/src/main/java/ru/micord/ervu/security/webbpm/jwt/helper/SecurityHelper.java @@ -17,6 +17,7 @@ import static org.springframework.web.context.request.RequestAttributes.REFERENC import static ru.micord.ervu.security.SecurityConstants.AUTH_MARKER; import static ru.micord.ervu.security.SecurityConstants.AUTH_TOKEN; import static ru.micord.ervu.security.SecurityConstants.PRNS_UUID; +import static ru.micord.ervu.security.SecurityConstants.UPLOAD_ALLOWED_MARKER; public final class SecurityHelper { @Value("${cookie.path:#{null}}") @@ -45,6 +46,14 @@ public final class SecurityHelper { .httpOnly(false) .build(); addResponseCookie(response, emptyAuthMarker); + + ResponseCookie emptyUploadAllowed = createCookie(UPLOAD_ALLOWED_MARKER, null, "/") + .maxAge(0) + .secure(false) + .httpOnly(false) + .build(); + addResponseCookie(response, emptyUploadAllowed); + clearCookie(response, PRNS_UUID, accessCookiePath); } @@ -52,7 +61,8 @@ public final class SecurityHelper { response.addHeader(HttpHeaders.SET_COOKIE, cookie.toString()); } - public void addAccessCookies(HttpServletResponse response, String cookieValue, int expiry) { + public void addAccessCookies(HttpServletResponse response, String cookieValue, int expiry, + Boolean fileUploadAllowed) { ResponseCookie authTokenCookie = createCookie(AUTH_TOKEN, cookieValue, accessCookiePath) .maxAge(expiry) .build(); @@ -64,6 +74,15 @@ public final class SecurityHelper { .httpOnly(false) .build(); addResponseCookie(response, authMarker); + + if (fileUploadAllowed) { + ResponseCookie uploadAllowedCookie = createCookie(UPLOAD_ALLOWED_MARKER, "true", "/") + .maxAge(expiry) + .secure(false) + .httpOnly(false) + .build(); + addResponseCookie(response, uploadAllowedCookie); + } } public ResponseCookie.ResponseCookieBuilder createCookie(String name, String value, String path) { diff --git a/backend/src/main/java/ru/micord/ervu/security/webbpm/jwt/model/Token.java b/backend/src/main/java/ru/micord/ervu/security/webbpm/jwt/model/Token.java index c64413ed..9e9b5374 100644 --- a/backend/src/main/java/ru/micord/ervu/security/webbpm/jwt/model/Token.java +++ b/backend/src/main/java/ru/micord/ervu/security/webbpm/jwt/model/Token.java @@ -8,13 +8,16 @@ public class Token { private final Date expirationDate; private final String value; private final Boolean hasRole; + private final Boolean fileUploadAllowed; - public Token(String userAccountId, String issuer, Date expirationDate, String value, Boolean hasRole) { + public Token(String userAccountId, String issuer, Date expirationDate, String value, Boolean hasRole, + Boolean fileUploadAllowed) { this.userAccountId = userAccountId; this.issuer = issuer; this.expirationDate = expirationDate; this.value = value; this.hasRole = hasRole; + this.fileUploadAllowed = fileUploadAllowed; } public String getUserAccountId() { @@ -40,4 +43,8 @@ public class Token { public Boolean getHasRole() { return hasRole; } + + public Boolean isFileUploadAllowed() { + return fileUploadAllowed; + } } diff --git a/backend/src/main/java/ru/micord/ervu/security/webbpm/jwt/service/JwtTokenService.java b/backend/src/main/java/ru/micord/ervu/security/webbpm/jwt/service/JwtTokenService.java index 75b1eabe..386f1063 100644 --- a/backend/src/main/java/ru/micord/ervu/security/webbpm/jwt/service/JwtTokenService.java +++ b/backend/src/main/java/ru/micord/ervu/security/webbpm/jwt/service/JwtTokenService.java @@ -43,8 +43,7 @@ public class JwtTokenService { this.signingKey = Keys.hmacShaKeyFor(encodedKey); } - public Token createAccessToken(String userAccountId, Long expiresIn, String ervuId, Boolean hasRole) { - + public Token createAccessToken(String userAccountId, Long expiresIn, String ervuId, Boolean hasRole, Boolean fileUploadAllowed) { Date expirationDate = new Date(System.currentTimeMillis() + 1000L * expiresIn); String value = Jwts.builder() .setSubject(userAccountId + ":" + ervuId) @@ -52,9 +51,12 @@ public class JwtTokenService { .setIssuedAt(new Date(System.currentTimeMillis())) .setExpiration(expirationDate) .claim("hasRole", hasRole) + .claim("fileUploadAllowed", fileUploadAllowed) .signWith(signingKey) .compact(); - return new Token(userAccountId + ":" + ervuId, tokenIssuerName, expirationDate, value, hasRole); + return new Token(userAccountId + ":" + ervuId, tokenIssuerName, expirationDate, value, hasRole, + fileUploadAllowed + ); } public boolean isValid(Token token) { @@ -77,7 +79,9 @@ public class JwtTokenService { .parseClaimsJws(token) .getBody(); - return new Token(claims.getSubject(), claims.getIssuer(), claims.getExpiration(), token, claims.get("hasRole", Boolean.class)); + return new Token(claims.getSubject(), claims.getIssuer(), claims.getExpiration(), token, + claims.get("hasRole", Boolean.class), claims.get("fileUploadAllowed", Boolean.class) + ); } public String getAccessToken(HttpServletRequest request) { diff --git a/backend/src/main/java/ru/micord/ervu/service/UploadAccessService.java b/backend/src/main/java/ru/micord/ervu/service/UploadAccessService.java new file mode 100644 index 00000000..e02495b4 --- /dev/null +++ b/backend/src/main/java/ru/micord/ervu/service/UploadAccessService.java @@ -0,0 +1,32 @@ +package ru.micord.ervu.service; + +import org.springframework.beans.factory.annotation.Value; +import org.springframework.stereotype.Service; +import org.springframework.util.StringUtils; +import ru.micord.ervu.dao.OrganizationAccessDao; + + +/** + * @author Adel Kalimullin + */ +@Service +public class UploadAccessService { + private final OrganizationAccessDao organizationAccessDao; + private final boolean ogrnCheckEnabled; + + public UploadAccessService( + OrganizationAccessDao organizationAccessDao, + @Value("${file.upload.ogrn_check.enabled:false}") boolean ogrnCheckEnabled + ) { + this.organizationAccessDao = organizationAccessDao; + this.ogrnCheckEnabled = ogrnCheckEnabled; + } + + public boolean canUploadFiles(String ogrn) { + if (!ogrnCheckEnabled) { + return true; + } + + return StringUtils.hasText(ogrn) && organizationAccessDao.existsByOgrn(ogrn); + } +} diff --git a/backend/src/main/resources/config/v_1.0/2025-10-24-add-org-allowed-table.xml b/backend/src/main/resources/config/v_1.0/2025-10-24-add-org-allowed-table.xml new file mode 100644 index 00000000..97e102d6 --- /dev/null +++ b/backend/src/main/resources/config/v_1.0/2025-10-24-add-org-allowed-table.xml @@ -0,0 +1,14 @@ + + + + + Create table for organizations allowed to upload files + + + + + + + + + diff --git a/backend/src/main/resources/config/v_1.0/changelog-v_1.0.xml b/backend/src/main/resources/config/v_1.0/changelog-v_1.0.xml index 21dee61d..ae476ae2 100644 --- a/backend/src/main/resources/config/v_1.0/changelog-v_1.0.xml +++ b/backend/src/main/resources/config/v_1.0/changelog-v_1.0.xml @@ -8,5 +8,6 @@ + \ No newline at end of file diff --git a/frontend/src/ts/ervu/FileUploadChecker.ts b/frontend/src/ts/ervu/FileUploadChecker.ts new file mode 100644 index 00000000..f8ea59f7 --- /dev/null +++ b/frontend/src/ts/ervu/FileUploadChecker.ts @@ -0,0 +1,17 @@ +import {Behavior, Visible} from "@webbpm/base-package"; +import {CookieService} from "ngx-cookie"; + +export class FileUploadChecker extends Behavior { + private cookieService: CookieService; + + + initialize() { + this.cookieService = this.injector.get(CookieService); + } + + + @Visible() + public fileUploadAllowed(): boolean { + return this.cookieService.get("upload_allowed") != null; + } +} \ No newline at end of file diff --git a/resources/src/main/resources/business-model/Личный кабинет юр лица.page b/resources/src/main/resources/business-model/Личный кабинет юр лица.page index eb8f7f58..bf1ec2fc 100644 --- a/resources/src/main/resources/business-model/Личный кабинет юр лица.page +++ b/resources/src/main/resources/business-model/Личный кабинет юр лица.page @@ -172,6 +172,14 @@ + + + FileUploadChecker + ervu + + true + true + 9d1b5af1-0b8f-4b1b-b9a5-c2e6acf72d91 829f09dd-e33f-4b1f-90ea-16994e373d7e @@ -887,6 +895,7 @@ 1a3543a3-3797-4d65-8319-d88e8ccd34e1 Диалог - выбор файла и отправка true + false false @@ -913,6 +922,30 @@ elseActions + + + + + behavior + + {"objectId":"93a1b29d-c3c8-4300-a063-44720562dff3","packageName":"component","className":"Dialog","type":"TS"} + + + + method + + "show" + + + + value + + null + + + + + @@ -943,6 +976,79 @@ ifCondition + + conditions + + + + + + _isGroupSelected + + false + + + + one + + + + conditionFirstPart + + + + objectValue + + + + behavior + + {"objectId":"4e49112c-ab94-49d7-b070-a69609516251","packageName":"ervu","className":"FileUploadChecker","type":"TS"} + + + + method + + "fileUploadAllowed" + + + + + + + + + + conditionSecondPart + + + + staticValue + + + boolean + + +true + + + + + + + operation + + "EQUALS" + + + + + + + + + + logicalOperation @@ -4476,6 +4582,35 @@ false + + elseActions + + + + + + behavior + + {"objectId":"93a1b29d-c3c8-4300-a063-44720562dff3","packageName":"component","className":"Dialog","type":"TS"} + + + + method + + "show" + + + + value + + null + + + + + + + eventRefs @@ -4503,6 +4638,79 @@ ifCondition + + conditions + + + + + + _isGroupSelected + + false + + + + one + + + + conditionFirstPart + + + + objectValue + + + + behavior + + {"objectId":"4e49112c-ab94-49d7-b070-a69609516251","packageName":"ervu","className":"FileUploadChecker","type":"TS"} + + + + method + + "fileUploadAllowed" + + + + + + + + + + conditionSecondPart + + + + staticValue + + + boolean + + +true + + + + + + + operation + + "EQUALS" + + + + + + + + + + logicalOperation @@ -7839,6 +8047,30 @@ elseActions + + + + + behavior + + {"objectId":"93a1b29d-c3c8-4300-a063-44720562dff3","packageName":"component","className":"Dialog","type":"TS"} + + + + method + + "show" + + + + value + + null + + + + + @@ -7869,6 +8101,79 @@ ifCondition + + conditions + + + + + + _isGroupSelected + + false + + + + one + + + + conditionFirstPart + + + + objectValue + + + + behavior + + {"objectId":"4e49112c-ab94-49d7-b070-a69609516251","packageName":"ervu","className":"FileUploadChecker","type":"TS"} + + + + method + + "fileUploadAllowed" + + + + + + + + + + conditionSecondPart + + + + staticValue + + + boolean + + +true + + + + + + + operation + + "EQUALS" + + + + + + + + + + logicalOperation @@ -11323,6 +11628,35 @@ false + + elseActions + + + + + + behavior + + {"objectId":"93a1b29d-c3c8-4300-a063-44720562dff3","packageName":"component","className":"Dialog","type":"TS"} + + + + method + + "show" + + + + value + + null + + + + + + + eventRefs @@ -11350,6 +11684,79 @@ ifCondition + + conditions + + + + + + _isGroupSelected + + false + + + + one + + + + conditionFirstPart + + + + objectValue + + + + behavior + + {"objectId":"4e49112c-ab94-49d7-b070-a69609516251","packageName":"ervu","className":"FileUploadChecker","type":"TS"} + + + + method + + "fileUploadAllowed" + + + + + + + + + + conditionSecondPart + + + + staticValue + + + boolean + + +true + + + + + + + operation + + "EQUALS" + + + + + + + + + + logicalOperation @@ -14126,7 +14533,6 @@ 991237d3-8cb9-48af-8501-030a3c8c6cfc Группа полей true - false false @@ -14873,6 +15279,35 @@ false + + elseActions + + + + + + behavior + + {"objectId":"93a1b29d-c3c8-4300-a063-44720562dff3","packageName":"component","className":"Dialog","type":"TS"} + + + + method + + "show" + + + + value + + null + + + + + + + eventRefs @@ -14900,6 +15335,79 @@ ifCondition + + conditions + + + + + + _isGroupSelected + + false + + + + one + + + + conditionFirstPart + + + + objectValue + + + + behavior + + {"objectId":"4e49112c-ab94-49d7-b070-a69609516251","packageName":"ervu","className":"FileUploadChecker","type":"TS"} + + + + method + + "fileUploadAllowed" + + + + + + + + + + conditionSecondPart + + + + staticValue + + + boolean + + +true + + + + + + + operation + + "EQUALS" + + + + + + + + + + logicalOperation @@ -18327,4 +18835,207 @@ + + 86f297f1-ab3d-40e0-ac2f-89cc944b7f0a + 93a1b29d-c3c8-4300-a063-44720562dff3 + Диалог- временное решение для загрузки файла + true + false + + + + closable + + false + + + + cssClasses + + + +"align-center" + + + + +"win-error" + + + + + + + + + + + + 98594cec-0a9b-4cef-af09-e1b71cb2ad9e + d6e0aa92-78ed-470e-8a98-9cce3f30efe5 + Обработка событий-show dialog + false + true + + + 9d1b5af1-0b8f-4b1b-b9a5-c2e6acf72d91 + 03e9410a-8d47-4a74-b0c3-cfb8900004f1 + Вертикальный контейнер + true + false + + + + + + + ba24d307-0b91-4299-ba82-9d0b52384ff2 + 8e234aed-6ad7-4e00-834f-e043f2d29c55 + Текст + false + false + + + + collectible + +false + + + + initialValue + +"Система находится в опытной эксплуатации. Функция загрузки данных от организаций будет доступна позднее." + + + + + + + + + false + + + + fd7e47b9-dce1-4d14-9f3a-580c79f59579 + b32b3411-2032-4713-8c5c-67cb114ad231 + Кнопка + false + true + + + + 9d1b5af1-0b8f-4b1b-b9a5-c2e6acf72d91 + b28dce91-46cb-46fe-a309-ccc2ace6cb34 + Вертикальный контейнер + true + false + + + + + + + 98594cec-0a9b-4cef-af09-e1b71cb2ad9e + 14c11640-a5b2-4aea-a6a7-4b1ff334de7c + Обработка событий-close dialog + false + false + + + + eventRefs + + + + + + behavior + + {"objectId":"b32b3411-2032-4713-8c5c-67cb114ad231","packageName":"component.button","className":"Button","type":"TS"} + + + + propertyName + + "successActionEvent" + + + + + + + + + ifCondition + + + + logicalOperation + + null + + + + + + + thenActions + + + + + + behavior + + {"objectId":"93a1b29d-c3c8-4300-a063-44720562dff3","packageName":"component","className":"Dialog","type":"TS"} + + + + method + + "hide" + + + + value + + null + + + + + + + + + + + + fd7e47b9-dce1-4d14-9f3a-580c79f59579 + b32b3411-2032-4713-8c5c-67cb114ad231 + Кнопка + false + false + + + + caption + +"Закрыть" + + + + + + + d7d54cfb-26b5-4dba-b56f-b6247183c24d + f6703dc0-c93c-4d28-adb7-a04faf79a920 + Горизонтальный контейнер + true + true + + + From 4bd2c7787e159555f4252ebd70bac47ca97ab356 Mon Sep 17 00:00:00 2001 From: "adel.ka" Date: Fri, 24 Oct 2025 11:44:52 +0300 Subject: [PATCH 2/8] SUPPORT-9497: fix --- .../ervu_lkrp_ul/db_beans/public_/Keys.java | 3 +- .../public_/tables/OrganizationAllowed.java | 24 ++++++++--- .../records/OrganizationAllowedRecord.java | 40 +++++++++---------- .../ervu/service/UploadAccessService.java | 2 +- .../2025-10-24-add-org-allowed-table.xml | 5 ++- 5 files changed, 43 insertions(+), 31 deletions(-) diff --git a/backend/src/main/java/ervu_lkrp_ul/ervu_lkrp_ul/db_beans/public_/Keys.java b/backend/src/main/java/ervu_lkrp_ul/ervu_lkrp_ul/db_beans/public_/Keys.java index 35aa099d..b3d35c9c 100644 --- a/backend/src/main/java/ervu_lkrp_ul/ervu_lkrp_ul/db_beans/public_/Keys.java +++ b/backend/src/main/java/ervu_lkrp_ul/ervu_lkrp_ul/db_beans/public_/Keys.java @@ -32,6 +32,7 @@ public class Keys { public static final UniqueKey DATABASECHANGELOGLOCK_PKEY = Internal.createUniqueKey(Databasechangeloglock.DATABASECHANGELOGLOCK, DSL.name("databasechangeloglock_pkey"), new TableField[] { Databasechangeloglock.DATABASECHANGELOGLOCK.ID }, true); public static final UniqueKey OKOPF_RECORDS_PKEY = Internal.createUniqueKey(OkopfRecords.OKOPF_RECORDS, DSL.name("okopf_records_pkey"), new TableField[] { OkopfRecords.OKOPF_RECORDS.OKOPF_RECORDS_ID }, true); - public static final UniqueKey ORGANIZATION_ALLOWED_PKEY = Internal.createUniqueKey(OrganizationAllowed.ORGANIZATION_ALLOWED, DSL.name("organization_allowed_pkey"), new TableField[] { OrganizationAllowed.ORGANIZATION_ALLOWED.OGRN }, true); + public static final UniqueKey ORGANIZATION_ALLOWED_OGRN_KEY = Internal.createUniqueKey(OrganizationAllowed.ORGANIZATION_ALLOWED, DSL.name("organization_allowed_ogrn_key"), new TableField[] { OrganizationAllowed.ORGANIZATION_ALLOWED.OGRN }, true); + public static final UniqueKey ORGANIZATION_ALLOWED_PKEY = Internal.createUniqueKey(OrganizationAllowed.ORGANIZATION_ALLOWED, DSL.name("organization_allowed_pkey"), new TableField[] { OrganizationAllowed.ORGANIZATION_ALLOWED.ID }, true); public static final UniqueKey SHEDLOCK_PK = Internal.createUniqueKey(Shedlock.SHEDLOCK, DSL.name("shedlock_pk"), new TableField[] { Shedlock.SHEDLOCK.NAME }, true); } diff --git a/backend/src/main/java/ervu_lkrp_ul/ervu_lkrp_ul/db_beans/public_/tables/OrganizationAllowed.java b/backend/src/main/java/ervu_lkrp_ul/ervu_lkrp_ul/db_beans/public_/tables/OrganizationAllowed.java index 35e9e2d2..dab42347 100644 --- a/backend/src/main/java/ervu_lkrp_ul/ervu_lkrp_ul/db_beans/public_/tables/OrganizationAllowed.java +++ b/backend/src/main/java/ervu_lkrp_ul/ervu_lkrp_ul/db_beans/public_/tables/OrganizationAllowed.java @@ -8,11 +8,13 @@ import ervu_lkrp_ul.ervu_lkrp_ul.db_beans.public_.Keys; import ervu_lkrp_ul.ervu_lkrp_ul.db_beans.public_.Public; import ervu_lkrp_ul.ervu_lkrp_ul.db_beans.public_.tables.records.OrganizationAllowedRecord; -import java.sql.Timestamp; +import java.util.Arrays; import java.util.Collection; +import java.util.List; import org.jooq.Condition; import org.jooq.Field; +import org.jooq.Identity; import org.jooq.Name; import org.jooq.PlainSQL; import org.jooq.QueryPart; @@ -50,16 +52,16 @@ public class OrganizationAllowed extends TableImpl { return OrganizationAllowedRecord.class; } + /** + * The column public.organization_allowed.id. + */ + public final TableField ID = createField(DSL.name("id"), SQLDataType.BIGINT.nullable(false).identity(true), this, ""); + /** * The column public.organization_allowed.ogrn. */ public final TableField OGRN = createField(DSL.name("ogrn"), SQLDataType.VARCHAR(15).nullable(false), this, ""); - /** - * The column public.organization_allowed.created_at. - */ - public final TableField CREATED_AT = createField(DSL.name("created_at"), SQLDataType.TIMESTAMP(0).defaultValue(DSL.field(DSL.raw("CURRENT_TIMESTAMP"), SQLDataType.TIMESTAMP)), this, ""); - private OrganizationAllowed(Name alias, Table aliased) { this(alias, aliased, (Field[]) null, null); } @@ -96,11 +98,21 @@ public class OrganizationAllowed extends TableImpl { return aliased() ? null : Public.PUBLIC; } + @Override + public Identity getIdentity() { + return (Identity) super.getIdentity(); + } + @Override public UniqueKey getPrimaryKey() { return Keys.ORGANIZATION_ALLOWED_PKEY; } + @Override + public List> getUniqueKeys() { + return Arrays.asList(Keys.ORGANIZATION_ALLOWED_OGRN_KEY); + } + @Override public OrganizationAllowed as(String alias) { return new OrganizationAllowed(DSL.name(alias), this); diff --git a/backend/src/main/java/ervu_lkrp_ul/ervu_lkrp_ul/db_beans/public_/tables/records/OrganizationAllowedRecord.java b/backend/src/main/java/ervu_lkrp_ul/ervu_lkrp_ul/db_beans/public_/tables/records/OrganizationAllowedRecord.java index 13f6027d..fa6a7d54 100644 --- a/backend/src/main/java/ervu_lkrp_ul/ervu_lkrp_ul/db_beans/public_/tables/records/OrganizationAllowedRecord.java +++ b/backend/src/main/java/ervu_lkrp_ul/ervu_lkrp_ul/db_beans/public_/tables/records/OrganizationAllowedRecord.java @@ -6,8 +6,6 @@ package ervu_lkrp_ul.ervu_lkrp_ul.db_beans.public_.tables.records; import ervu_lkrp_ul.ervu_lkrp_ul.db_beans.public_.tables.OrganizationAllowed; -import java.sql.Timestamp; - import org.jooq.Record1; import org.jooq.impl.UpdatableRecordImpl; @@ -20,32 +18,32 @@ public class OrganizationAllowedRecord extends UpdatableRecordImplpublic.organization_allowed.id. + */ + public void setId(Long value) { + set(0, value); + } + + /** + * Getter for public.organization_allowed.id. + */ + public Long getId() { + return (Long) get(0); + } + /** * Setter for public.organization_allowed.ogrn. */ public void setOgrn(String value) { - set(0, value); + set(1, value); } /** * Getter for public.organization_allowed.ogrn. */ public String getOgrn() { - return (String) get(0); - } - - /** - * Setter for public.organization_allowed.created_at. - */ - public void setCreatedAt(Timestamp value) { - set(1, value); - } - - /** - * Getter for public.organization_allowed.created_at. - */ - public Timestamp getCreatedAt() { - return (Timestamp) get(1); + return (String) get(1); } // ------------------------------------------------------------------------- @@ -53,7 +51,7 @@ public class OrganizationAllowedRecord extends UpdatableRecordImpl key() { + public Record1 key() { return (Record1) super.key(); } @@ -71,11 +69,11 @@ public class OrganizationAllowedRecord extends UpdatableRecordImpl Create table for organizations allowed to upload files - + - + + From 8b80fef58a3cf8dc2af46b44586d4157653d6560 Mon Sep 17 00:00:00 2001 From: "adel.ka" Date: Fri, 24 Oct 2025 11:47:33 +0300 Subject: [PATCH 3/8] SUPPORT-9497: fixes --- .../main/java/ru/micord/ervu/service/UploadAccessService.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/backend/src/main/java/ru/micord/ervu/service/UploadAccessService.java b/backend/src/main/java/ru/micord/ervu/service/UploadAccessService.java index 0ccac71c..94060ee1 100644 --- a/backend/src/main/java/ru/micord/ervu/service/UploadAccessService.java +++ b/backend/src/main/java/ru/micord/ervu/service/UploadAccessService.java @@ -16,7 +16,7 @@ public class UploadAccessService { public UploadAccessService( OrganizationAccessDao organizationAccessDao, - @Value("${file.ogrn.check.enabled:false}") boolean ogrnCheckEnabled + @Value("${file.upload.ogrn.check.enabled:false}") boolean ogrnCheckEnabled ) { this.organizationAccessDao = organizationAccessDao; this.ogrnCheckEnabled = ogrnCheckEnabled; From 30ae19cb94ee847edd2937c0fbed9727bcc37d28 Mon Sep 17 00:00:00 2001 From: "adel.ka" Date: Fri, 24 Oct 2025 11:49:34 +0300 Subject: [PATCH 4/8] SUPPORT-9497: fixes --- .../main/java/ru/micord/ervu/service/UploadAccessService.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/backend/src/main/java/ru/micord/ervu/service/UploadAccessService.java b/backend/src/main/java/ru/micord/ervu/service/UploadAccessService.java index 94060ee1..b01b74ff 100644 --- a/backend/src/main/java/ru/micord/ervu/service/UploadAccessService.java +++ b/backend/src/main/java/ru/micord/ervu/service/UploadAccessService.java @@ -16,7 +16,7 @@ public class UploadAccessService { public UploadAccessService( OrganizationAccessDao organizationAccessDao, - @Value("${file.upload.ogrn.check.enabled:false}") boolean ogrnCheckEnabled + @Value("${ervu.file.upload.ogrn.check.enabled:false}") boolean ogrnCheckEnabled ) { this.organizationAccessDao = organizationAccessDao; this.ogrnCheckEnabled = ogrnCheckEnabled; From f2788e1d5e5bf4bdba43ed23ab1f158187674f96 Mon Sep 17 00:00:00 2001 From: "adel.ka" Date: Fri, 24 Oct 2025 11:52:18 +0300 Subject: [PATCH 5/8] SUPPORT-9497: refactor --- frontend/src/ts/ervu/FileUploadChecker.ts | 2 -- 1 file changed, 2 deletions(-) diff --git a/frontend/src/ts/ervu/FileUploadChecker.ts b/frontend/src/ts/ervu/FileUploadChecker.ts index f8ea59f7..c9aecade 100644 --- a/frontend/src/ts/ervu/FileUploadChecker.ts +++ b/frontend/src/ts/ervu/FileUploadChecker.ts @@ -4,12 +4,10 @@ import {CookieService} from "ngx-cookie"; export class FileUploadChecker extends Behavior { private cookieService: CookieService; - initialize() { this.cookieService = this.injector.get(CookieService); } - @Visible() public fileUploadAllowed(): boolean { return this.cookieService.get("upload_allowed") != null; From d9c9c767813288254ca0c232c769f7d0217da17a Mon Sep 17 00:00:00 2001 From: "adel.ka" Date: Fri, 24 Oct 2025 11:57:29 +0300 Subject: [PATCH 6/8] =?UTF-8?q?SUPPORT-9497:=20=D0=B4=D0=BE=D0=B1=D0=B0?= =?UTF-8?q?=D0=B2=D0=B8=D0=BB=20=D0=B8=D0=BD=D1=84=D1=83=20=D0=B2=20config?= =?UTF-8?q?.md?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- config.md | 1 + 1 file changed, 1 insertion(+) diff --git a/config.md b/config.md index ab43a8bf..c094315c 100644 --- a/config.md +++ b/config.md @@ -135,3 +135,4 @@ - `ERVU_FILE_UPLOAD_MAX_FILE_SIZE` - определяет максимальный размер загружаемого файла в байтах. Указывает предел размера для каждого индивидуального файла, который может быть загружен. Если файл превышает этот размер, загрузка будет прервана, и может быть вызвано исключение. - `ERVU_FILE_UPLOAD_MAX_REQUEST_SIZE` - устанавливает максимальный общий размер всех файлов в одном многозадачном запросе в байтах. Это ограничение на весь запрос, включающий данные и файлы. Если общий размер запроса превышает этот параметр, загрузка файлов будет остановлена. - `ERVU_FILE_UPLOAD_FILE_SIZE_THRESHOLD` - указывает размер (в байтах), при достижении которого файл будет записан во временное хранилище на диск. Это позволяет улучшить производительность, исключая непосредственную запись мелких файлов на диск, если они не превышают указанного порога. Файлы, меньшие этого значения, могут быть сохранены в памяти. +- `ERVU_FILE_UPLOAD_OGRN_CHECK_ENABLED` - флаг активации проверки ОГРН организаций при загрузке файлов From 417d8d05dd84c12cbb71bb9cc28b06681ee19192 Mon Sep 17 00:00:00 2001 From: "adel.ka" Date: Fri, 24 Oct 2025 12:38:18 +0300 Subject: [PATCH 7/8] SUPPORT-9497: fix from review --- .../main/java/ru/micord/ervu/service/UploadAccessService.java | 2 +- .../config/v_1.0/2025-10-24-add-org-allowed-table.xml | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/backend/src/main/java/ru/micord/ervu/service/UploadAccessService.java b/backend/src/main/java/ru/micord/ervu/service/UploadAccessService.java index b01b74ff..eda29988 100644 --- a/backend/src/main/java/ru/micord/ervu/service/UploadAccessService.java +++ b/backend/src/main/java/ru/micord/ervu/service/UploadAccessService.java @@ -17,7 +17,7 @@ public class UploadAccessService { public UploadAccessService( OrganizationAccessDao organizationAccessDao, @Value("${ervu.file.upload.ogrn.check.enabled:false}") boolean ogrnCheckEnabled - ) { + ) { this.organizationAccessDao = organizationAccessDao; this.ogrnCheckEnabled = ogrnCheckEnabled; } diff --git a/backend/src/main/resources/config/v_1.0/2025-10-24-add-org-allowed-table.xml b/backend/src/main/resources/config/v_1.0/2025-10-24-add-org-allowed-table.xml index 464afe53..98baa9b1 100644 --- a/backend/src/main/resources/config/v_1.0/2025-10-24-add-org-allowed-table.xml +++ b/backend/src/main/resources/config/v_1.0/2025-10-24-add-org-allowed-table.xml @@ -5,10 +5,10 @@ Create table for organizations allowed to upload files - + - + From ef451c2f583cdebc325b1ddaca44f99496f381d9 Mon Sep 17 00:00:00 2001 From: "adel.ka" Date: Fri, 24 Oct 2025 12:41:55 +0300 Subject: [PATCH 8/8] SUPPORT-9497: fix from review --- .../java/ervu_lkrp_ul/ervu_lkrp_ul/db_beans/public_/Keys.java | 4 ++-- .../db_beans/public_/tables/OrganizationAllowed.java | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/backend/src/main/java/ervu_lkrp_ul/ervu_lkrp_ul/db_beans/public_/Keys.java b/backend/src/main/java/ervu_lkrp_ul/ervu_lkrp_ul/db_beans/public_/Keys.java index b3d35c9c..4475979f 100644 --- a/backend/src/main/java/ervu_lkrp_ul/ervu_lkrp_ul/db_beans/public_/Keys.java +++ b/backend/src/main/java/ervu_lkrp_ul/ervu_lkrp_ul/db_beans/public_/Keys.java @@ -32,7 +32,7 @@ public class Keys { public static final UniqueKey DATABASECHANGELOGLOCK_PKEY = Internal.createUniqueKey(Databasechangeloglock.DATABASECHANGELOGLOCK, DSL.name("databasechangeloglock_pkey"), new TableField[] { Databasechangeloglock.DATABASECHANGELOGLOCK.ID }, true); public static final UniqueKey OKOPF_RECORDS_PKEY = Internal.createUniqueKey(OkopfRecords.OKOPF_RECORDS, DSL.name("okopf_records_pkey"), new TableField[] { OkopfRecords.OKOPF_RECORDS.OKOPF_RECORDS_ID }, true); - public static final UniqueKey ORGANIZATION_ALLOWED_OGRN_KEY = Internal.createUniqueKey(OrganizationAllowed.ORGANIZATION_ALLOWED, DSL.name("organization_allowed_ogrn_key"), new TableField[] { OrganizationAllowed.ORGANIZATION_ALLOWED.OGRN }, true); - public static final UniqueKey ORGANIZATION_ALLOWED_PKEY = Internal.createUniqueKey(OrganizationAllowed.ORGANIZATION_ALLOWED, DSL.name("organization_allowed_pkey"), new TableField[] { OrganizationAllowed.ORGANIZATION_ALLOWED.ID }, true); + public static final UniqueKey PK_ORGANIZATION_ALLOWED = Internal.createUniqueKey(OrganizationAllowed.ORGANIZATION_ALLOWED, DSL.name("pk_organization_allowed"), new TableField[] { OrganizationAllowed.ORGANIZATION_ALLOWED.ID }, true); + public static final UniqueKey UNI_ORGANIZATION_ALLOWED_OGRN = Internal.createUniqueKey(OrganizationAllowed.ORGANIZATION_ALLOWED, DSL.name("uni_organization_allowed_ogrn"), new TableField[] { OrganizationAllowed.ORGANIZATION_ALLOWED.OGRN }, true); public static final UniqueKey SHEDLOCK_PK = Internal.createUniqueKey(Shedlock.SHEDLOCK, DSL.name("shedlock_pk"), new TableField[] { Shedlock.SHEDLOCK.NAME }, true); } diff --git a/backend/src/main/java/ervu_lkrp_ul/ervu_lkrp_ul/db_beans/public_/tables/OrganizationAllowed.java b/backend/src/main/java/ervu_lkrp_ul/ervu_lkrp_ul/db_beans/public_/tables/OrganizationAllowed.java index dab42347..7b19fde0 100644 --- a/backend/src/main/java/ervu_lkrp_ul/ervu_lkrp_ul/db_beans/public_/tables/OrganizationAllowed.java +++ b/backend/src/main/java/ervu_lkrp_ul/ervu_lkrp_ul/db_beans/public_/tables/OrganizationAllowed.java @@ -105,12 +105,12 @@ public class OrganizationAllowed extends TableImpl { @Override public UniqueKey getPrimaryKey() { - return Keys.ORGANIZATION_ALLOWED_PKEY; + return Keys.PK_ORGANIZATION_ALLOWED; } @Override public List> getUniqueKeys() { - return Arrays.asList(Keys.ORGANIZATION_ALLOWED_OGRN_KEY); + return Arrays.asList(Keys.UNI_ORGANIZATION_ALLOWED_OGRN); } @Override