bonus
/
lp_smz_web
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

漏洞修改

This commit is contained in:
lSun 2025-10-31 19:32:14 +08:00
parent 7f864c8260
commit 07492adee7
47 changed files with 979 additions and 649 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
api/api-system/src/main/java/com/bonus/system/api/domain/SysUser.java
View File

@ -6,6 +6,7 @@ import com.bonus.common.core.annotation.Excel.Type;
import com.bonus.common.core.annotation.Excels;
import com.bonus.common.core.web.domain.BaseEntity;
import com.fasterxml.jackson.annotation.JsonIgnore;
import com.fasterxml.jackson.annotation.JsonInclude;
import com.fasterxml.jackson.annotation.JsonProperty;
import lombok.Data;
import org.apache.commons.lang3.builder.ToStringBuilder;
@ -57,6 +58,7 @@ public class SysUser extends BaseEntity
/** 密码 */
@JsonIgnore
@JsonInclude(JsonInclude.Include.NON_NULL)
@JsonProperty(access = JsonProperty.Access.WRITE_ONLY)
private String password;

2
api/api-system/src/main/java/com/bonus/system/api/model/LoginUser.java
View File

@ -21,8 +21,6 @@ public class LoginUser implements Serializable
/**
* 用户唯一标识
*/
@JsonIgnore
@JsonProperty(access = JsonProperty.Access.WRITE_ONLY)
private String token;
/**

1
auth/src/main/java/com/bonus/auth/service/SysLoginService.java
View File

@ -103,6 +103,7 @@ public class SysLoginService
throw new ServiceException("用户不存在/密码错误");
}
}
user.setPassword("");
recordLogininfor(user.getUserId() + "", Constants.LOGIN_SUCCESS, "登录成功");
return userInfo;
}

2
common/common-security/src/main/java/com/bonus/common/security/config/WebMvcConfig.java
View File

@ -49,7 +49,7 @@ public class WebMvcConfig implements WebMvcConfigurer
public void addResourceHandlers(ResourceHandlerRegistry registry) {
String os = System.getProperty("os.name");
if(os.toLowerCase().startsWith("win")){
registry.addResourceHandler("/ynRealName/**").addResourceLocations("file:D://yn/real_name/");
registry.addResourceHandler("/ynRealName/**").addResourceLocations("file:E://yn/real_name/");
}else{
registry.addResourceHandler("/ynRealName/**").addResourceLocations("file:/data/real_name/");
}

1
common/common-security/src/main/java/com/bonus/common/security/service/TokenService.java
View File

@ -58,6 +58,7 @@ public class TokenService
claimsMap.put(SecurityConstants.DETAILS_USER_ID, userId);
claimsMap.put(SecurityConstants.DETAILS_USERNAME, userName);
loginUser.getSysUser().setPassword(null);
// 接口返回信息
Map<String, Object> rspMap = new HashMap<String, Object>();
rspMap.put("access_token", JwtUtils.createToken(claimsMap));

52
gateway/src/main/java/com/bonus/gateway/config/SecurityHeaderFilterConfig.java Normal file
View File

@ -0,0 +1,52 @@
package com.bonus.gateway.config;
import org.springframework.cloud.gateway.filter.GlobalFilter;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.Ordered;
import org.springframework.core.annotation.Order;
import org.springframework.http.server.reactive.ServerHttpResponse;
import org.springframework.web.server.ServerWebExchange;
import reactor.core.publisher.Mono;
/**
* packageName com.bonus.gateway.config
*
* @author lsun
* @version 1.0.0
* @className SecurityHeaderFilterConfig (此处以class为例)
* @date 2025/10/30
* @description
*/
/**
* 全局安全响应头过滤器
* 防止点击劫持 (Clickjacking)XSSMIME 类型嗅探等漏洞
*/
@Configuration
public class SecurityHeaderFilterConfig {
@Bean
@Order(Ordered.HIGHEST_PRECEDENCE)
public GlobalFilter addSecurityHeadersFilter() {
return (exchange, chain) -> chain.filter(exchange).then(Mono.fromRunnable(() -> {
ServerWebExchange responseExchange = exchange.mutate().build();
ServerHttpResponse response = responseExchange.getResponse();
// 防点击劫持 (Clickjacking)
response.getHeaders().add("X-Frame-Options", "SAMEORIGIN");
response.getHeaders().add("Content-Security-Policy", "frame-ancestors 'self'");
// MIME 类型嗅探
response.getHeaders().add("X-Content-Type-Options", "nosniff");
// XSS旧浏览器兼容
response.getHeaders().add("X-XSS-Protection", "1; mode=block");
// 隐藏来源信息可选
response.getHeaders().add("Referrer-Policy", "no-referrer");
// 强制 HTTPS仅在启用 HTTPS 部署时推荐
response.getHeaders().add("Strict-Transport-Security", "max-age=31536000; includeSubDomains");
}));
}
}

7
modules/bmw/src/main/java/com/bonus/bmw/basic/controller/OwnerController.java
View File

@ -72,6 +72,13 @@ public class OwnerController {
@Log(title = "获取业主列表", businessType = BusinessType.SELECT)
@RequiresPermissions("sys:owner:query")
public PageTableResponse getOwnerList(PageTableRequest request) {
// 输入验证过滤掉可能的恶意字符
String keyWord = (String) request.getParams().get("keyWord");
if (keyWord != null && !keyWord.matches("[a-zA-Z0-9\\s]*")) { // 只允许字母数字和空格
throw new IllegalArgumentException("Invalid characters in keyWord.");
}
return new PageTableHandler(new PageTableHandler.CountHandler() {
@Override
public int count(PageTableRequest request) {

5
modules/bmw/src/main/java/com/bonus/bmw/basic/controller/ProjectController.java
View File

@ -66,6 +66,11 @@ public class ProjectController {
@Log(title = "获取工程列表", businessType = BusinessType.SELECT)
@RequiresPermissions("sys:project:query")
public PageTableResponse listProjects(PageTableRequest request) {
// 参数验证
String orgIds = (String) request.getParams().get("orgId");
if (orgIds != null && !orgIds.isEmpty() && !orgIds.matches("\\d+")) {
throw new IllegalArgumentException("非法的 orgId 参数");
}
request.getParams().put("generalProId", request.getParams().get("orgId"));

25
modules/bmw/src/main/java/com/bonus/bmw/basic/controller/ProjectGeneralController.java
View File

@ -19,9 +19,7 @@ import org.springframework.web.bind.annotation.*;
import javax.annotation.Resource;
import javax.servlet.http.HttpServletResponse;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.*;
/**
* @author 彭元博
@ -45,13 +43,30 @@ public class ProjectGeneralController {
@RequiresPermissions("sys:proGeneral:query")
public PageTableResponse getProGeneralList(PageTableRequest request) {
Map<String,Object> params = request.getParams();
if (params == null) {
params = new HashMap<>();
request.setParams(params);
}
// 允许的参数名按你接口真实使用的填写
Set<String> allow = new HashSet<>(Arrays.asList(
"keyWord", "proStatus"
));
// 过滤掉所有不在允许列表中的参数包含 columns[...]order[...]
params.keySet().removeIf(k -> !allow.contains(k));
// 放回 request可选
request.setParams(params);
SelfPermissionSettingUtils.getSelfPermission(request);
String orgId = (String) request.getParams().get("orgId");
if(!StringUtils.isEmpty(orgId)){
String childList = getChildListDao.getChildList(orgId);
Map<String, Object> params = request.getParams();
params.put("orgAll",childList);
Map<String, Object> params1 = request.getParams();
params1.put("orgAll",childList);
}
List<ProjectGeneralBean> list = service.getProGeneralList(request.getParams(), request.getOffset(), request.getLimit());

5
modules/bmw/src/main/java/com/bonus/bmw/basic/controller/WorkPlanAllController.java
View File

@ -43,6 +43,11 @@ public class WorkPlanAllController {
@Log(title = "获取作业总计划列表", businessType = BusinessType.SELECT)
// @RequiresPermissions("sys:project:query")
public PageTableResponse listProjects(PageTableRequest request) {
// 输入验证过滤掉可能的恶意字符
String proName = (String) request.getParams().get("proName");
if (proName != null && !proName.matches("[a-zA-Z0-9\\s]*")) { // 只允许字母数字和空格
throw new IllegalArgumentException("Invalid characters in proName.");
}
return new PageTableHandler(new PageTableHandler.CountHandler() {
@Override
public int count(PageTableRequest request) {

19
modules/bmw/src/main/java/com/bonus/bmw/certificateAdministration/controller/CertificateStatController.java
View File

@ -39,9 +39,28 @@ public class CertificateStatController {
@PostMapping("getTreeData1")
@Log(title = "查询持证类型树", businessType = BusinessType.SELECT)
public List<CertificateStatBean> getTreeData1(@RequestBody(required = false) CertificateStatBean o) {
if (o == null) {
return service.getTreeData1(null);
}
if (o.getName() != null) {
if (o.getName().length() > 200) {
throw new IllegalArgumentException("name too long");
}
o.setName(escapeForLike(o.getName()));
}
return service.getTreeData1(o);
}
private String escapeForLike(String input) {
if (input == null) {
return null;
}
// 转义反斜杠 \百分号 % 和下划线 _
return input.replace("\\", "\\\\") // 转义反斜杠
.replace("%", "\\%") // 转义 %
.replace("_", "\\_"); // 转义 _
}
/**
* 查询公司工程树
* @param o

2
modules/bmw/src/main/java/com/bonus/bmw/config/IpAndPathConfig.java
View File

@ -14,7 +14,7 @@ public class IpAndPathConfig {
*/
// @Value("${environment}")
// public static String environment;
public static String environment = "test";
public static String environment = "其他";
/**
* 持证

6
modules/bmw/src/main/java/com/bonus/bmw/person/controller/FaceContrastNewController.java
View File

@ -53,6 +53,12 @@ public class FaceContrastNewController {
public PageTableResponse getSupAtHistory(PageTableRequest request) {
Map<String, Object> params = request.getParams();
String subComIdStr = (String) request.getParams().get("subComId");
if (subComIdStr != null && !subComIdStr.isEmpty() && !subComIdStr.matches("\\d+")) {
throw new IllegalArgumentException("非法的 subComId 参数");
}
if(StringUtils.isEmpty((String) params.get("subComId"))){
String subComId = SecurityUtils.getLoginUser().getSysUser().getSubComId();
params.put("subComId",subComId);

1
modules/bmw/src/main/java/com/bonus/bmw/person/controller/PersonComprehensiveController.java
View File

@ -150,6 +150,7 @@ public class PersonComprehensiveController {
try {
String url = IpAndPathConfig.getFaceUrl();
ArcFaceHelper arcFaceHelper = new ArcFaceHelper();
System.err.println(url + bean.getFacePhoto());
FaceResult faceResult = arcFaceHelper.getFaceFeatures(url + bean.getFacePhoto());
return R.ok(faceResult);
} catch (Exception e) {

6
modules/bmw/src/main/java/com/bonus/bmw/person/controller/WorkPayController.java
View File

@ -43,6 +43,12 @@ public class WorkPayController {
@RequiresPermissions("sys:workPay:query")
public PageTableResponse getList(PageTableRequest request) {
// 输入验证过滤掉可能的恶意字符
String keyWord = (String) request.getParams().get("keyWord");
if (keyWord != null && !keyWord.matches("[a-zA-Z0-9\\s]*")) { // 只允许字母数字和空格
throw new IllegalArgumentException("Invalid characters in keyWord.");
}
String roleLevel = SecurityUtils.getLoginUser().getSysUser().getRoleLevel();
String subId = SecurityUtils.getLoginUser().getSysUser().getSubId();
if("4".equals(roleLevel)) {

54
modules/bmw/src/main/java/com/bonus/bmw/person/service/InOutServiceImpl.java
View File

@ -48,19 +48,29 @@ public class InOutServiceImpl implements InOutService {
params.put("orgAll",childList);
}*/
String orgId = (String) request.getParams().get("orgId");
if (orgId != null && !orgId.isEmpty() && !orgId.matches("-?\\d+")) {
throw new IllegalArgumentException("非法的 orgId 参数");
}
String status = (String) request.getParams().get("status");
if (status != null && !status.isEmpty() && !status.matches("-?\\d+")) {
throw new IllegalArgumentException("非法的 status 参数");
}
String orgIdStr = SecurityUtils.getLoginUser().getSysUser().getOrgId();
//不单独去查所有的公司了只放行一个公司
if(!"1".equals(orgIdStr)){
if (!"1".equals(orgIdStr)) {
request.getParams().put("orgId", orgIdStr);
}
String roleLevel = SecurityUtils.getLoginUser().getSysUser().getRoleLevel();
String subId = SecurityUtils.getLoginUser().getSysUser().getSubId();
if("4".equals(roleLevel)) {
if ("4".equals(roleLevel)) {
Map<String, Object> params = request.getParams();
String subId1 = (String) params.get("subId");
if(StringUtils.isEmpty(subId1)){
params.put("subId",subId);
if (StringUtils.isEmpty(subId1)) {
params.put("subId", subId);
}
}
@ -84,11 +94,11 @@ public class InOutServiceImpl implements InOutService {
String roleLevel = SecurityUtils.getLoginUser().getSysUser().getRoleLevel();
String subId = SecurityUtils.getLoginUser().getSysUser().getSubId();
if("4".equals(roleLevel)) {
if ("4".equals(roleLevel)) {
Map<String, Object> params = request.getParams();
String subId1 = (String) params.get("subId");
if(StringUtils.isEmpty(subId1)){
params.put("subId",subId);
if (StringUtils.isEmpty(subId1)) {
params.put("subId", subId);
}
}
@ -114,6 +124,7 @@ public class InOutServiceImpl implements InOutService {
/**
* 1.出场时添加当前有效的合同关联无合同提示不让出场 20240219 fly
* 2.出场人员是否报了日计划 20240304 fly
*
* @param bean 人员
* @return 成功 or失败
*/
@ -122,7 +133,7 @@ public class InOutServiceImpl implements InOutService {
public R batchPersonOutPlace(BasePersonBean bean) {
// 逗号分割的idNumber,exitExamineRemark
String[] split = bean.getIdNumber().split(",");
if(bean.getUserId() == 0){
if (bean.getUserId() == 0) {
Long userId = SecurityUtils.getLoginUser().getSysUser().getUserId();
bean.setUserId(userId);
}
@ -133,11 +144,11 @@ public class InOutServiceImpl implements InOutService {
//查询是否入场了
InOutSpaceNewBean inOutBean = dao.getPersonIsEinByIdNumber(idNumber);
//入场并且不是临时人员才检查合同
if(inOutBean != null && StringUtils.isNotEmpty(inOutBean.getIdNumber()) && !"0".equals(inOutBean.getSubId()) && !"0".equals(inOutBean.getProId())){
if (inOutBean != null && StringUtils.isNotEmpty(inOutBean.getIdNumber()) && !"0".equals(inOutBean.getSubId()) && !"0".equals(inOutBean.getProId())) {
String contractId = dao.getContractIdByIdNumber(idNumber);
if(StringUtils.isEmpty(contractId)){
if (StringUtils.isEmpty(contractId)) {
// contractId = "-1";
throw new RuntimeException(idNumber+" 无合同,出场后将无法计算工资,请去补全合同,才能出场");
throw new RuntimeException(idNumber + " 无合同,出场后将无法计算工资,请去补全合同,才能出场");
}
o.setContractId(contractId);
}
@ -171,7 +182,7 @@ public class InOutServiceImpl implements InOutService {
public R batchPersonOutPlaceList(BasePersonBean bean) {
// 逗号分割的idNumber,exitExamineRemark
List<BasePersonBean> BasePersonBeans = bean.getIdNumberList();
if(bean.getUserId() == 0){
if (bean.getUserId() == 0) {
Long userId = SecurityUtils.getLoginUser().getSysUser().getUserId();
bean.setUserId(userId);
}
@ -183,11 +194,11 @@ public class InOutServiceImpl implements InOutService {
//查询是否入场了
InOutSpaceNewBean inOutBean = dao.getPersonIsEinByIdNumber(idNumber);
//入场并且不是临时人员才检查合同
if(inOutBean != null && StringUtils.isNotEmpty(inOutBean.getIdNumber()) && !"0".equals(inOutBean.getSubId()) && !"0".equals(inOutBean.getProId())){
if (inOutBean != null && StringUtils.isNotEmpty(inOutBean.getIdNumber()) && !"0".equals(inOutBean.getSubId()) && !"0".equals(inOutBean.getProId())) {
String contractId = dao.getContractIdByIdNumber(idNumber);
if(StringUtils.isEmpty(contractId)){
if (StringUtils.isEmpty(contractId)) {
// contractId = "-1";
throw new RuntimeException(idNumber+" 无合同,出场后将无法计算工资,请去补全合同,才能出场");
throw new RuntimeException(idNumber + " 无合同,出场后将无法计算工资,请去补全合同,才能出场");
}
o.setContractId(contractId);
}
@ -226,17 +237,18 @@ public class InOutServiceImpl implements InOutService {
/**
* 出场人员删除考勤机人脸
*
* @param idNumber
*/
private void dealWithAttendanceMachine(String idNumber) {
String proId = dao.getProIdByIdNumber(idNumber);
if(StringUtils.isNotEmpty(proId)){
if (StringUtils.isNotEmpty(proId)) {
BasePersonBean bean = new BasePersonBean();
bean.setIdNumber(idNumber);
List<String> attendanceMachineArr = dao.
selectAttendanceMachineArr(proId);
bean.setOperate(3);
if(attendanceMachineArr.size() != 0) {
if (attendanceMachineArr.size() != 0) {
attendanceMachineArr.forEach(c -> {
bean.setAttendanceMachineId(c);
dao.insertAttendanceMachinePush(bean);
@ -252,7 +264,7 @@ public class InOutServiceImpl implements InOutService {
private void dealWithRedLight(RedLightHisBean rl) {
//先查到未完结的红灯
List<RedLightHisBean> list = dao.getRedLightByIdNumber(rl.getIdNumber());
if(list.size()>0) {
if (list.size() > 0) {
for (RedLightHisBean hisBean : list) {
hisBean.setEndTime(DateUtil.now());
}
@ -266,7 +278,7 @@ public class InOutServiceImpl implements InOutService {
private void dealWithFurlough(FurloughHisBean o) {
//先查到未完结的暂退
List<FurloughHisBean> list = dao.getFurloughByIdNumber(o.getIdNumber());
if(list.size()>0){
if (list.size() > 0) {
for (FurloughHisBean hisBean : list) {
hisBean.setReworkTime(DateUtil.now());
}
@ -281,7 +293,7 @@ public class InOutServiceImpl implements InOutService {
String[] split = bean.getIdNumber().split(",");
Long userId = SecurityUtils.getLoginUser().getSysUser().getUserId();
int x = 0;
for (int i = 0;i < split.length; i++){
for (int i = 0; i < split.length; i++) {
BasePersonBean o = new BasePersonBean();
o.setIdNumber(split[i]);
o.setExitTime(DateUtils.getTime());
@ -319,7 +331,7 @@ public class InOutServiceImpl implements InOutService {
}
private List<BasePersonBean> basePersonListThread(List<BasePersonBean> list) {
list.forEach(c->{
list.forEach(c -> {
Map<String, String> map = StringUtils.getBirthdayAgeSex(c.getIdNumber());
String age = map.get("age");
String sex = map.get("sex");

6
modules/bmw/src/main/java/com/bonus/bmw/person/service/PersonComprehensiveServiceImp.java
View File

@ -70,6 +70,12 @@ public class PersonComprehensiveServiceImp implements PersonComprehensiveService
@Override
public PageTableResponse selectPersonComprehensiveList(PageTableRequest request) {
String einStatus = (String) request.getParams().get("einStatus");
if (einStatus != null && !einStatus.isEmpty() && !einStatus.matches("-?\\d+")) {
throw new IllegalArgumentException("非法的 einStatus 参数");
}
Map<String, Object> params = request.getParams();
String roleLevel = SecurityUtils.getLoginUser().getSysUser().getRoleLevel();
String subId = SecurityUtils.getLoginUser().getSysUser().getSubId();

2
modules/bmw/src/main/java/com/bonus/bmw/person/utils/ArcFaceHelper.java
View File

@ -193,7 +193,7 @@ public class ArcFaceHelper {
String filePath;
String os = System.getProperty("os.name");
if(StringUtils.startsWith(os.toLowerCase(), "win")){
filePath = "D:\\images\\"+fileName;
filePath = "E:\\images\\"+fileName;
} else {
filePath = "/data/real_name/faceDetection/"+fileName;
}

5
modules/bmw/src/main/java/com/bonus/bmw/planAndRealName/controller/PlanAndRealNameController.java
View File

@ -132,6 +132,11 @@ public class PlanAndRealNameController {
@GetMapping("/getFbListByCacheList")
@Log(title = "各分包单位情况列表", businessType = BusinessType.SELECT)
public PageTableResponse getFbListByCacheList(PageTableRequest request) {
// 输入验证过滤掉可能的恶意字符
String keyWord = (String) request.getParams().get("keyWord");
if (keyWord != null && !keyWord.matches("[a-zA-Z0-9\\s]*")) { // 只允许字母数字和空格
throw new IllegalArgumentException("Invalid characters in keyWord.");
}
return new PageTableHandler(new PageTableHandler.CountHandler() {
@Override
public int count(PageTableRequest request) {

50
modules/bmw/src/main/java/com/bonus/bmw/salary/controller/RedConfirmRecordController.java
View File

@ -10,6 +10,11 @@ import com.bonus.common.security.annotation.RequiresPermissions;
import org.springframework.web.bind.annotation.*;
import javax.annotation.Resource;
import java.util.Arrays;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Map;
import java.util.Set;
@RestController
@RequestMapping(value = "/redConfirmRecord")
@ -18,29 +23,46 @@ public class RedConfirmRecordController {
@Resource
private RedConfirmRecordService service;
@GetMapping(value = "/getList")
@Log(title = "获取列表", businessType = BusinessType.SELECT)
@RequiresPermissions("sys:redConfirmRecord:query")
public PageTableResponse getList(PageTableRequest request) {
return new PageTableHandler(new PageTableHandler.CountHandler() {
@Override
public int count(PageTableRequest request) {
return service.getCount(request.getParams());
}
}, request1 -> service.getList(request1.getParams(), request1.getOffset(), request1.getLimit())).handle(request);
Map<String, Object> params = request.getParams();
if (params == null) {
params = new HashMap<>();
}
// 允许的参数名
Set<String> allow = new HashSet<>(Arrays.asList(
"subComId", "proId", "startTime", "endTime", "keyWord", "subId"
));
// 过滤掉所有不在允许列表中的参数包含 columns[...]order[...]
params.keySet().removeIf(k -> !allow.contains(k));
return new PageTableHandler(
new PageTableHandler.CountHandler() {
@Override
public int count(PageTableRequest request) {
return service.getCount(request.getParams());
}
},
request1 -> service.getList(request1.getParams(), request1.getOffset(), request1.getLimit())
).handle(request);
}
@GetMapping(value = "/getChildList")
@Log(title = "获取列表", businessType = BusinessType.SELECT)
@RequiresPermissions("sys:redConfirmRecord:query")
public PageTableResponse getChildList(PageTableRequest request) {
return new PageTableHandler(new PageTableHandler.CountHandler() {
@Override
public int count(PageTableRequest request) {
return service.getChildListCount(request.getParams());
}
}, request1 -> service.getChildList(request1.getParams(), request1.getOffset(), request1.getLimit())).handle(request);
return new PageTableHandler(
new PageTableHandler.CountHandler() {
@Override
public int count(PageTableRequest request) {
return service.getChildListCount(request.getParams());
}
},
request1 -> service.getChildList(request1.getParams(), request1.getOffset(), request1.getLimit())
).handle(request);
}
}

1
modules/bmw/src/main/java/com/bonus/bmw/salarystat/controller/SalaryStatController.java
View File

@ -29,6 +29,7 @@ public class SalaryStatController {
@PostMapping("/getSalaryByProList")
@Log(title = "已发工资工程统计-查询", businessType = BusinessType.SELECT)
public PageTableResponse getSalaryByProList(PageTableRequest request){
return service.getSalaryByProList(request);
}

14
modules/bmw/src/main/java/com/bonus/bmw/salarystat/service/SalaryStatServiceImpl.java
View File

@ -46,6 +46,13 @@ public class SalaryStatServiceImpl implements SalaryStatService{
}
private List<SalaryProStatBean> getSalaryProList(PageTableRequest request) {
// 输入验证过滤掉可能的恶意字符
String proName = (String) request.getParams().get("proName");
if (proName != null && !proName.matches("[a-zA-Z0-9\\s]*")) { // 只允许字母数字和空格
throw new IllegalArgumentException("非法的 proName 参数 ");
}
Map<String, Object> params = request.getParams();
String type = params.get("type").toString();
List<SalaryProStatBean> list = null;
@ -170,6 +177,13 @@ public class SalaryStatServiceImpl implements SalaryStatService{
@Override
public PageTableResponse getTemporarySalaryList(PageTableRequest request) {
// 输入验证过滤掉可能的恶意字符
String proName = (String) request.getParams().get("proName");
if (proName != null && !proName.matches("[a-zA-Z0-9\\s]*")) { // 只允许字母数字和空格
throw new IllegalArgumentException("非法的 proName 参数 ");
}
List<TemporarySalaryStatBean> list = salaryStatDao.getTemporarySalaryList(request.getParams());
return new PageTableHandler(c -> list.size(), v ->
TableRequest.handleList(list, v)).handle(request);

6
modules/bmw/src/main/java/com/bonus/bmw/subContractor/controller/SubContractController.java
View File

@ -42,6 +42,12 @@ public class SubContractController {
@RequiresPermissions("sys:subContract:query")
public PageTableResponse list(PageTableRequest request) {
// 输入验证过滤掉可能的恶意字符
String keyWord = (String) request.getParams().get("keyWord");
if (keyWord != null && !keyWord.matches("[a-zA-Z0-9\\s]*")) { // 只允许字母数字和空格
throw new IllegalArgumentException("Invalid characters in keyWord.");
}
SelfPermissionSettingUtils.getSelfPermission(request);
String orgId = (String) request.getParams().get("orgId");

10
modules/bmw/src/main/java/com/bonus/bmw/subContractor/controller/SubContractorController.java
View File

@ -39,6 +39,16 @@ public class SubContractorController {
@Log(title = "分包商-list查询", businessType = BusinessType.SELECT)
@RequiresPermissions("sys:subContractor:query")
public PageTableResponse listProjects(PageTableRequest request) {
// 输入验证过滤掉可能的恶意字符
String subName = (String) request.getParams().get("subName");
if (subName != null && !subName.matches("[a-zA-Z0-9\\s]*")) { // 只允许字母数字和空格
throw new IllegalArgumentException("Invalid characters in subName.");
}
String legalName = (String) request.getParams().get("legalName");
if (legalName != null && !legalName.matches("[a-zA-Z0-9\\s]*")) { // 只允许字母数字和空格
throw new IllegalArgumentException("Invalid characters in legalName.");
}
SelfPermissionSettingUtils.getSelfPermission(request);
String orgId = (String) request.getParams().get("orgId");

7
modules/bmw/src/main/java/com/bonus/bmw/subcontract/controller/SubBlackController.java
View File

@ -40,6 +40,13 @@ public class SubBlackController {
@Log(title = "获取列表", businessType = BusinessType.SELECT)
@RequiresPermissions("sys:subBlack:query")
public PageTableResponse getList(PageTableRequest request) {
// 输入验证过滤掉可能的恶意字符
String keyWord = (String) request.getParams().get("keyWord");
if (keyWord != null && !keyWord.matches("[a-zA-Z0-9\\s]*")) { // 只允许字母数字和空格
throw new IllegalArgumentException("Invalid characters in keyWord.");
}
return new PageTableHandler(new PageTableHandler.CountHandler() {
@Override
public int count(PageTableRequest request) {

33
modules/bmw/src/main/java/com/bonus/bmw/subcontract/controller/SubCertificateStatisticsController.java
View File

@ -15,8 +15,7 @@ import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
import javax.annotation.Resource;
import java.util.List;
import java.util.Map;
import java.util.*;
@RestController
@RequestMapping(value = "/subCertificateStatistics")
@ -30,15 +29,39 @@ public class SubCertificateStatisticsController {
@Log(title = "获取列表", businessType = BusinessType.SELECT)
@RequiresPermissions("sys:subCertificateStatistics:query")
public PageTableResponse getList(PageTableRequest request) {
Map<String,Object> params = request.getParams();
if (params == null) {
params = new HashMap<>();
request.setParams(params);
}
// 允许的参数名按你接口真实使用的填写
Set<String> allow = new HashSet<>(Arrays.asList(
"keyWord", "certificateName"
));
// 过滤掉所有不在允许列表中的参数包含 columns[...]order[...]
params.keySet().removeIf(k -> !allow.contains(k));
// 放回 request可选
request.setParams(params);
// 输入验证过滤掉可能的恶意字符
String keyWord = (String) request.getParams().get("keyWord");
if (keyWord != null && !keyWord.matches("[a-zA-Z0-9\\s]*")) { // 只允许字母数字和空格
throw new IllegalArgumentException("Invalid characters in keyWord.");
}
int i = 0 ;
String roleLevel = SecurityUtils.getLoginUser().getSysUser().getRoleLevel();
String subId = SecurityUtils.getLoginUser().getSysUser().getSubId();
if("4".equals(roleLevel)) {
Map<String, Object> params = request.getParams();
String subId1 = (String) params.get("subId");
Map<String, Object> params1 = request.getParams();
String subId1 = (String) params1.get("subId");
if(StringUtils.isEmpty(subId1)){
params.put("subId",subId);
params1.put("subId",subId);
}
}

5
modules/bmw/src/main/java/com/bonus/bmw/subcontract/controller/SubCertificateTypeController.java
View File

@ -26,6 +26,11 @@ public class SubCertificateTypeController {
@Log(title = "获取列表", businessType = BusinessType.SELECT)
@RequiresPermissions("sys:subCertificateType:query")
public PageTableResponse getList(PageTableRequest request) {
// 输入验证过滤掉可能的恶意字符
String keyWord = (String) request.getParams().get("keyWord");
if (keyWord != null && !keyWord.matches("[a-zA-Z0-9\\s]*")) { // 只允许字母数字和空格
throw new IllegalArgumentException("Invalid characters in keyWord.");
}
int i = 0 ;
return new PageTableHandler(new PageTableHandler.CountHandler() {
@Override

5
modules/bmw/src/main/java/com/bonus/bmw/subeva/controller/SubCompareController.java
View File

@ -35,6 +35,11 @@ public class SubCompareController {
@Log(title = "分包商评价-分包商核心人员评价", businessType = BusinessType.SELECT)
@RequiresPermissions("sys:SubCompare:query")
public PageTableResponse listSubCompany(PageTableRequest request) {
// 输入验证过滤掉可能的恶意字符
String subName = (String) request.getParams().get("subName");
if (subName != null && !subName.matches("[a-zA-Z0-9\\s]*")) { // 只允许字母数字和空格
throw new IllegalArgumentException("Invalid characters in subName.");
}
Map<String, Object> params = request.getParams();
String reasonSelect = (String) params.get("reasonSelect");
if(StringUtils.isEmpty(reasonSelect)){

7
modules/bmw/src/main/java/com/bonus/bmw/subeva/controller/SubEndyearController.java
View File

@ -35,6 +35,13 @@ public class SubEndyearController {
@Log(title = "分包商评价-分包年终评价", businessType = BusinessType.SELECT)
@RequiresPermissions("sys:SubEndyear:query")
public PageTableResponse listSubCompany(PageTableRequest request) {
// 输入验证过滤掉可能的恶意字符
String subName = (String) request.getParams().get("subName");
if (subName != null && !subName.matches("[a-zA-Z0-9\\s]*")) { // 只允许字母数字和空格
throw new IllegalArgumentException("Invalid characters in subName.");
}
Map<String, Object> params = request.getParams();
String beginTime = (String) params.get("beginTime");
String year = "";

6
modules/bmw/src/main/java/com/bonus/bmw/subeva/controller/SubProjectController.java
View File

@ -171,6 +171,12 @@ public class SubProjectController {
@Log(title = "获取列表", businessType = BusinessType.SELECT)
@RequiresPermissions("sys:SubProjectEvaluate:query")
public PageTableResponse getList(PageTableRequest request) {
String subName = (String) request.getParams().get("subName");
if (subName != null && !subName.matches("[a-zA-Z0-9\\s]*")) { // 只允许字母数字和空格
throw new IllegalArgumentException("Invalid characters in subName.");
}
Map<String, Object> params = request.getParams();
String beginTime = (String) params.get("beginTime");
String year = "",month = "";

19
modules/bmw/src/main/java/com/bonus/bmw/subeva/controller/SubTeamEvaController.java
View File

@ -12,6 +12,7 @@ import com.bonus.common.security.utils.SecurityUtils;
import org.springframework.web.bind.annotation.*;
import javax.annotation.Resource;
import java.util.Arrays;
import java.util.List;
import java.util.Map;
@ -30,7 +31,25 @@ public class SubTeamEvaController {
@GetMapping
@Log(title = "分包商评价-分包商班组评价", businessType = BusinessType.SELECT)
public PageTableResponse list(PageTableRequest request) {
// 处理 DataTables 排序参数
Map<String, Object> params = request.getParams();
String orderColumn = (String) params.get("orderColumn"); // 假设你从前端拿到的列名
String orderDir = (String) params.get("orderDir"); // 假设你从前端拿到的排序方向
// 白名单校验
List<String> allowedColumns = Arrays.asList("subComName","proName","payrollName","startDate","stopDate","personNum","userName","updateTime");
if (!allowedColumns.contains(orderColumn)) {
orderColumn = "updateTime"; // 默认列
}
if (!"asc".equalsIgnoreCase(orderDir) && !"desc".equalsIgnoreCase(orderDir)) {
orderDir = "asc"; // 默认排序
}
// 把处理后的列名和方向重新放回 params
params.put("orderColumn", orderColumn);
params.put("orderDir", orderDir);
return new PageTableHandler(new PageTableHandler.CountHandler() {
@Override
public int count(PageTableRequest request) {

7
modules/bmw/src/main/java/com/bonus/bmw/team/controller/JobPointSettingController.java
View File

@ -68,6 +68,13 @@ public class JobPointSettingController {
params.put("subId",subId);
}
}
// 输入验证过滤掉可能的恶意字符
String keyWord = (String) request.getParams().get("keyWord");
if (keyWord != null && !keyWord.matches("[a-zA-Z0-9\\s]*")) { // 只允许字母数字和空格
throw new IllegalArgumentException("Invalid characters in keyWord.");
}
return new PageTableHandler(new PageTableHandler.CountHandler() {
@Override
public int count(PageTableRequest request) {

5
modules/bmw/src/main/java/com/bonus/bmw/team/controller/NoSignalTeamAttendController.java
View File

@ -53,6 +53,11 @@ public class NoSignalTeamAttendController {
@Log(title = "无信号班组考勤列表", businessType = BusinessType.SELECT)
@RequiresPermissions("sys:noSignalTeamAttend:query")
public PageTableResponse listProjects(PageTableRequest request) {
// 输入验证过滤掉可能的恶意字符
String keyWord = (String) request.getParams().get("keyWord");
if (keyWord != null && !keyWord.matches("[a-zA-Z0-9\\s]*")) { // 只允许字母数字和空格
throw new IllegalArgumentException("Invalid characters in keyWord.");
}
String roleLevel = SecurityUtils.getLoginUser().getSysUser().getRoleLevel();
String subId = SecurityUtils.getLoginUser().getSysUser().getSubId();

6
modules/bmw/src/main/java/com/bonus/bmw/team/controller/NoSignalTeamSetUpController.java
View File

@ -34,6 +34,12 @@ public class NoSignalTeamSetUpController {
@RequiresPermissions("sys:noSignalTeamSetUp:query")
public PageTableResponse listProjects(PageTableRequest request) {
// 输入验证过滤掉可能的恶意字符
String keyWord = (String) request.getParams().get("keyWord");
if (keyWord != null && !keyWord.matches("[a-zA-Z0-9\\s]*")) { // 只允许字母数字和空格
throw new IllegalArgumentException("Invalid characters in keyWord.");
}
String roleLevel = SecurityUtils.getLoginUser().getSysUser().getRoleLevel();
String subId = SecurityUtils.getLoginUser().getSysUser().getSubId();
if("4".equals(roleLevel)) {

4
modules/bmw/src/main/java/com/bonus/bmw/temporaryEmployment/service/TemporaryEmploymentServiceImpl.java
View File

@ -30,6 +30,10 @@ public class TemporaryEmploymentServiceImpl implements TemporaryEmploymentServic
@Override
public PageTableResponse list(PageTableRequest request) {
String status = (String) request.getParams().get("status");
if (status != null && !status.isEmpty() && !status.matches("-?\\d+")) {
throw new IllegalArgumentException("非法的 status 参数");
}
SelfPermissionSettingUtils.getSelfPermission(request);

28
modules/bmw/src/main/java/com/bonus/bmw/whiteBlackList/controller/SupplyChainBlackListController.java
View File

@ -54,6 +54,34 @@ public class SupplyChainBlackListController {
@Log(title = "黑名单统计-list查询", businessType = BusinessType.SELECT)
@RequiresPermissions("sys:blackList:query")
public PageTableResponse getBlackList(PageTableRequest request) {
// 输入验证过滤掉可能的恶意字符
String event = (String) request.getParams().get("event");
if (event != null && !event.matches("[a-zA-Z0-9\\s]*")) { // 只允许字母数字和空格
throw new IllegalArgumentException("Invalid characters in event.");
}
String idNumber = (String) request.getParams().get("idNumber");
if (idNumber != null && !idNumber.matches("[a-zA-Z0-9\\s]*")) { // 只允许字母数字和空格
throw new IllegalArgumentException("Invalid characters in idNumber.");
}
String name = (String) request.getParams().get("name");
if (name != null && !name.matches("[a-zA-Z0-9\\s]*")) { // 只允许字母数字和空格
throw new IllegalArgumentException("Invalid characters in name.");
}
String proName = (String) request.getParams().get("proName");
if (proName != null && !proName.matches("[a-zA-Z0-9\\s]*")) { // 只允许字母数字和空格
throw new IllegalArgumentException("Invalid characters in proName.");
}
String subName = (String) request.getParams().get("subName");
if (subName != null && !subName.matches("[a-zA-Z0-9\\s]*")) { // 只允许字母数字和空格
throw new IllegalArgumentException("Invalid characters in subName.");
}
return new PageTableHandler(new PageTableHandler.CountHandler() {
@Override
public int count(PageTableRequest request) {

28
modules/bmw/src/main/java/com/bonus/bmw/whiteBlackList/controller/ViolationBlackListController.java
View File

@ -52,6 +52,34 @@ public class ViolationBlackListController {
@Log(title = "违规黑名单-list查询", businessType = BusinessType.SELECT)
// @RequiresPermissions("sys:personTrain:query")
public PageTableResponse getViolationBlackList(PageTableRequest request) {
// 输入验证过滤掉可能的恶意字符
String event = (String) request.getParams().get("event");
if (event != null && !event.matches("[a-zA-Z0-9\\s]*")) { // 只允许字母数字和空格
throw new IllegalArgumentException("Invalid characters in event.");
}
String idNumber = (String) request.getParams().get("idNumber");
if (idNumber != null && !idNumber.matches("[a-zA-Z0-9\\s]*")) { // 只允许字母数字和空格
throw new IllegalArgumentException("Invalid characters in idNumber.");
}
String name = (String) request.getParams().get("name");
if (name != null && !name.matches("[a-zA-Z0-9\\s]*")) { // 只允许字母数字和空格
throw new IllegalArgumentException("Invalid characters in name.");
}
String proName = (String) request.getParams().get("proName");
if (proName != null && !proName.matches("[a-zA-Z0-9\\s]*")) { // 只允许字母数字和空格
throw new IllegalArgumentException("Invalid characters in proName.");
}
String subName = (String) request.getParams().get("subName");
if (subName != null && !subName.matches("[a-zA-Z0-9\\s]*")) { // 只允许字母数字和空格
throw new IllegalArgumentException("Invalid characters in subName.");
}
return new PageTableHandler(new PageTableHandler.CountHandler() {
@Override
public int count(PageTableRequest request) {

6
modules/bmw/src/main/resources/mapper/basic/ProjectMapper.xml
View File

@ -51,7 +51,7 @@
LEFT JOIN bm_sub_contract bsc on bsc.pro_id = bp.id and bsc.is_active = '1'
WHERE bp.is_active = 1
<if test="params.orgId != null and params.orgId != '' and params.roleLevel &lt; 3">
AND bp.company_id in (${params.orgAll})
AND bp.company_id in (#{params.orgAll})
</if>
<if test="params.orgId != null and params.orgId != '' and params.roleLevel >= 3">
AND bp.company_id = #{params.orgId}
@ -83,13 +83,13 @@
LEFT JOIN bm_sub_contract bsc on bsc.pro_id = bp.id and bsc.is_active = '1'
WHERE bp.is_active = 1
<if test="params.orgId != null and params.orgId != '' and params.roleLevel &lt;= 3">
AND bp.company_id in (${params.orgAll})
AND bp.company_id in (#{params.orgAll})
</if>
<if test="params.orgId != null and params.orgId != '' and params.roleLevel > 3">
AND bp.company_id = #{params.orgId}
</if>
<if test="params.generalProId != null and params.generalProId != ''">
AND bp.project_general_id in (${params.generalProId})
AND bp.project_general_id in (#{params.generalProId})
</if>
<if test="params.subId != null and params.subId !='' ">
AND bsc.sub_id = #{params.subId}

8
modules/bmw/src/main/resources/mapper/person/FaceContrastNewMapper.xml
View File

@ -30,7 +30,7 @@
FROM
( SELECT id,`name` FROM bm_project_general WHERE is_active = '1'
<if test="params.subComId != null and params.subComId != '' ">
and id in (${params.subComId})
and id in (#{params.subComId})
</if>
) pm
LEFT JOIN bm_project bp ON bp.project_general_id = pm.id and bp.is_active = '1'
@ -55,7 +55,7 @@
FROM
( SELECT id, `name` FROM bm_project_general WHERE is_active = '1'
<if test="params.subComId != null and params.subComId != '' ">
and id in (${params.subComId})
and id in (#{params.subComId})
</if>
) pm
LEFT JOIN bm_project bp ON bp.project_general_id = pm.id
@ -115,7 +115,7 @@
bm_project_general
WHERE IS_ACTIVE = '1'
<if test="params.subComId != null and params.subComId != '' ">
and id in (${params.subComId})
and id in (#{params.subComId})
</if>
</select>
@ -722,7 +722,7 @@
FROM
( SELECT id,`name` FROM bm_project_general WHERE is_active = '1'
<if test="params.subComId != null and params.subComId != '' ">
and id in (${params.subComId})
and id in (#{params.subComId})
</if>
) pm
LEFT JOIN bm_project bp ON bp.project_general_id = pm.id and bp.is_active = '1'

2
modules/bmw/src/main/resources/mapper/person/InOutMapper.xml
View File

@ -15,7 +15,7 @@
and bp.id = #{params.proId}
</if>
<if test="params.status != null and params.status != ''">
and bweh.exit_status in (${params.status})
and bweh.exit_status in (#{params.status})
</if>
<if test="params.isForce != null and params.isForce != ''">
and bweh.is_force = #{params.isForce}

4
modules/bmw/src/main/resources/mapper/person/PersonComprehensiveMapper.xml
View File

@ -476,7 +476,7 @@
and bw.ein_status = 0
</if>
<if test="params.einStatus != '-2'">
and bweh.exit_status in (${params.einStatus})
and bweh.exit_status in (#{params.einStatus})
</if>
</if>
<if test="params.orgId != null and params.orgId != ''">
@ -1213,7 +1213,7 @@
and bw.ein_status = 0
</if>
<if test="params.einStatus != '-2'">
and bweh.exit_status in (${params.einStatus})
and bweh.exit_status in (#{params.einStatus})
</if>
</if>
GROUP BY

12
modules/bmw/src/main/resources/mapper/team/JobPointMapper.xml
View File

@ -36,7 +36,7 @@
<!--<delete id="deleteRelation">
update bm_team_scene set is_active = '0' where team_id = #{teamId} and scene_id in (
select id from bm_project_scene where pro_id in (${proId})
select id from bm_project_scene where pro_id in (#{proId})
)
</delete>-->
@ -65,7 +65,7 @@
) a
<where>
<if test="params.orgId != null and params.orgId != '' and params.roleLevel &lt; 3">
AND a.orgId in (${params.orgAll})
AND a.orgId in (#{params.orgAll})
</if>
<if test="params.orgId != null and params.orgId != '' and params.roleLevel >= 3">
AND a.orgId = #{params.orgId}
@ -112,7 +112,7 @@
) a
<where>
<if test="params.orgId != null and params.orgId != '' and params.roleLevel &lt; 3">
AND a.orgId in (${params.orgAll})
AND a.orgId in (#{params.orgAll})
</if>
<if test="params.orgId != null and params.orgId != '' and params.roleLevel >= 3">
AND a.orgId = #{params.orgId}
@ -140,7 +140,7 @@
LEFT JOIN bm_sub_team bst ON bst.id = bts.team_id and bst.is_active= '1'
WHERE bps.is_active= '1'
<if test="params.proId != null and params.proId != ''">
and bp.id in (${params.proId})
and bp.id in (#{params.proId})
</if>
GROUP BY
bps.id
@ -160,7 +160,7 @@
LEFT JOIN bm_sub_team bst ON bst.id = bts.team_id and bst.is_active= '1'
WHERE bps.is_active= '1'
<if test="params.proId != null and params.proId != ''">
and bp.id in (${params.proId})
and bp.id in (#{params.proId})
</if>
GROUP BY
bps.id
@ -174,7 +174,7 @@
FROM
bm_project
WHERE
id IN ( ${proId} )
id IN ( #{proId} )
</select>
<select id="getNewList" resultType="com.bonus.bmw.team.entity.JobPointBean">

8
modules/bmw/src/main/resources/mapper/temporaryEmployment/TemporaryEmploymentMapper.xml
View File

@ -7,8 +7,8 @@
WHERE 1=1
AND bw.worker_type = '0'
<if test="params.orgId != null and params.orgId != '' and params.roleLevel &lt; 3">
AND ( po.id in (${params.orgAll})
or bp.company_id in (${params.orgAll})
AND ( po.id in (#{params.orgAll})
or bp.company_id in (#{params.orgAll})
)
</if>
<if test="params.orgId != null and params.orgId != '' and params.roleLevel >= 3">
@ -73,7 +73,7 @@
) b
WHERE 1 = 1
<if test="params.status != null and params.status != ''">
and b.exitStatus in (${params.status})
and b.exitStatus in (#{params.status})
</if>
<if test='type == "1"'>
<if test="offset != null and offset >= 0 and limit != null and limit >= 0">
@ -148,7 +148,7 @@
and pc.name like concat('%',#{params.companyName},'%')
</if>
<if test="params.exitStatus != null and params.exitStatus != ''">
and bweh.exit_status in (${params.exitStatus})
and bweh.exit_status in (#{params.exitStatus})
</if>
ORDER BY
ffc.ADD_TIME DESC

8
modules/bmw/src/main/resources/static/js/plugin/datatables/jquery.dataTables.min.js vendored
View File

File diff suppressed because one or more lines are too long

542
modules/bmw/src/main/resources/static/js/work/Person/InOutSpace/BatchOutApplyView.js
View File

@ -1,15 +1,10 @@
let own = localStorage.getItem('own');
let dataArr;
let table, form;
let idNum;
let layTableIndexVideos = new Array();
let layTableIndexSigns = new Array();
let layTableIndexProves = new Array();
let layTableIndexSalaryApplication = new Array();
var idNumbers = new Array();
let table, form, upload;
let layTableIndexVideos = [];
function setInOutData(data) {
console.log("data=",data)
console.log("data=", data);
dataArr = data.map(function (item) {
var parts = item.split(',');
return {
@ -26,412 +21,223 @@ function setInOutData(data) {
};
});
console.log("sss=",dataArr)
console.log("sss=", dataArr);
layui.use(['table', 'form', 'upload'], function () {
table = layui.table;
upload = layui.upload;
form = layui.form;
form.render();
//表格初始化
table.render({
elem: '#lay-table' //表格id
, title: '施工人员基本信息'
, cols: [[
//normal常规列无需设定、checkbox复选框列、space空列、numbers序号列
{type: 'numbers', title: '序号', align: 'center',width: '6%'}//序号列
, {field: 'user', title: '姓名', align: 'center',width: '8%'}
, {field: 'idNumber', title: '身份证', align: 'center',width: '10%'}
, {field: 'postName', title: '工种', align: 'center',width: '10%'}
, {field: 'proName', title: '所属工程', align: 'center',width: '10%'}
, {field: 'subName', title: '所属分包商', align: 'center',width: '10%'}
, {field: 'teamName', title: '所属班组', align: 'center',width: '10%'}
/*, {
field: 'exitVideoPath',
title: '出场视频',
width: '10%',
templet: function (d, i) {
let a = d.exitVideoPath;
let html = "";
let layTableIndex = d.LAY_TABLE_INDEX;
layTableIndexVideos.push(layTableIndex);
if (a == "") {
html += `<div id="exitVideoPaths${layTableIndex}" ></div>`;
html += `<a class="layui-btn layui-btn-xs" id="exitVideoPath${layTableIndex}" style="margin-left: 20px">上传</a>`;
} else {
html += `<div id="exitVideoPaths${layTableIndex}" >${a}</div>`;
}
return html;
}
}*/
, {
field: 'exitSignPath',
title: '出场签名',
width: '10%',
align: 'center',
templet: function (d, i) {
table.render({
elem: '#lay-table',
title: '施工人员基本信息',
cols: [[
{ type: 'numbers', title: '序号', align: 'center', width: '6%' },
{ field: 'user', title: '姓名', align: 'center', width: '8%' },
{ field: 'idNumber', title: '身份证', align: 'center', width: '10%' },
{ field: 'postName', title: '工种', align: 'center', width: '10%' },
{ field: 'proName', title: '所属工程', align: 'center', width: '10%' },
{
title: '所属分包商', align: 'center', width: '10%',
templet: d => d.subName && d.subName !== "null" ? d.subName : ""
},
{
title: '所属班组', align: 'center', width: '10%',
templet: d => d.teamName && d.teamName !== "null" ? d.teamName : ""
},
{
field: 'exitSignPath', title: '出场签名', align: 'center', width: '10%',
templet: d => {
let a = d.exitSignPath;
let layTableIndex = d.LAY_TABLE_INDEX;
layTableIndexSigns.push(layTableIndex);
let html = "";
if (a == "") {
html += `<div id="exitSignPaths${layTableIndex}" ></div>`;
html += `<a class="layui-btn layui-btn-xs" id="exitSignPath${layTableIndex}" style="margin-left: 20px">上传</a>`;
} else {
// html += `<div id="exitSignPaths${layTableIndex}" >${a}</div>`;
html = `<a href="${fileUrl + '/' + a}" target="_blank" style="color: #1E9FFF; cursor: pointer;">已上传</a>`;
let idx = d.LAY_TABLE_INDEX;
if (a) {
return `<a href="${fileUrl + '/' + a}" target="_blank" style="color:#1E9FFF;">已上传</a>`;
}
return html;
return `<div id="exitSignPaths${idx}"></div>
<a class="layui-btn layui-btn-xs" id="exitSignPath${idx}" style="margin-left:20px">上传</a>`;
}
}
, {
field: 'exitProvePath',
title: '出场证明',
width: '10%',
align: 'center',
templet: function (d, i) {
},
{
field: 'exitProvePath', title: '出场证明', align: 'center', width: '10%',
templet: d => {
let a = d.exitProvePath;
let layTableIndex = d.LAY_TABLE_INDEX;
layTableIndexProves.push(layTableIndex);
let html = "";
if (a == "") {
html += `<div id="exitProvePaths${layTableIndex}" ></div>`;
html += `<a class="layui-btn layui-btn-xs" id="exitProvePath${layTableIndex}" style="margin-left: 20px">上传</a>`;
} else {
// html += `<div id="exitProvePaths${layTableIndex}" >${a}</div>`;
html = `<a href="${fileUrl + '/' + a}" target="_blank" style="color: #1E9FFF; cursor: pointer;">已上传</a>`;
let idx = d.LAY_TABLE_INDEX;
if (a) {
return `<a href="${fileUrl + '/' + a}" target="_blank" style="color:#1E9FFF;">已上传</a>`;
}
return html;
return `<div id="exitProvePaths${idx}"></div>
<a class="layui-btn layui-btn-xs" id="exitProvePath${idx}" style="margin-left:20px">上传</a>`;
}
}
, {
field: 'salaryApplicationPath',
title: '工资结算申请书',
width: '10%',
align: 'center',
templet: function (d, i) {
},
{
field: 'salaryApplicationPath', title: '工资结算申请书', align: 'center', width: '10%',
templet: d => {
let a = d.salaryApplicationPath;
let layTableIndex = d.LAY_TABLE_INDEX;
layTableIndexSalaryApplication.push(layTableIndex);
let html = "";
if (a == "") {
html += `<div id="salaryApplicationPaths${layTableIndex}" ></div>`;
html += `<a class="layui-btn layui-btn-xs" id="salaryApplicationPath${layTableIndex}" style="margin-left: 20px">上传</a>`;
} else {
// html += `<div id="salaryApplicationPaths${layTableIndex}" >${a}</div>`;
html = `<a href="${fileUrl + '/' + a}" target="_blank" style="color: #1E9FFF; cursor: pointer;">已上传</a>`;
let idx = d.LAY_TABLE_INDEX;
if (a) {
return `<a href="${fileUrl + '/' + a}" target="_blank" style="color:#1E9FFF;">已上传</a>`;
}
return html;
return `<div id="salaryApplicationPaths${idx}"></div>
<a class="layui-btn layui-btn-xs" id="salaryApplicationPath${idx}" style="margin-left:20px">上传</a>`;
}
}
, {
field: 'operation',
title: '操作',
align: 'center',
// width: '11%', // 调整宽度以适应按钮
templet: function (d, i) {
var idNumber = d.idNumber + ''; // 确保 idNumber 是字符串
var encodedIdNumber = encodeURIComponent(idNumber); // 对 idNumber 进行编码
return '<a class="layui-btn layui-btn-danger layui-btn-xs" onclick="deleteRow(\'' + encodedIdNumber + '\')">删除</a>';
},
{
title: '操作', align: 'center', templet: d => {
let encodedIdNumber = encodeURIComponent(d.idNumber + '');
return `<a class="layui-btn layui-btn-danger layui-btn-xs" onclick="deleteRow('${encodedIdNumber}')">删除</a>`;
}
}
]],
data: dataArr
, page: true
, loading: true //数据加载中。。。
, limits: [5, 10, 20] //一页选择显示3,5或10条数据
, limit: 5 //一页显示5条数据
, response: {
//响应的各种默认字段修改
statusCode: 200 //规定成功的状态码默认0
}
, parseData: function (res) { //将原始数据解析成 table 组件所规定的数据res为从url中get到的数据
let result;
if (res.count > 0) {
if (this.page.curr) {
result = res.data.slice(this.limit * (this.page.curr - 1), this.limit * this.page.curr);
} else {
result = res.data.slice(0, this.limit);
}
}
return {
"code": res.code, //解析接口状态
"msg": res.msg, //解析提示文本
"count": res.count, //解析数据长度
"data": result //解析数据列表
};
data: dataArr,
page: true,
limit: 5,
limits: [5, 10, 20],
response: { statusCode: 200 },
done: function () {
initUploads(); // 表格渲染完成后初始化上传
}
});
// 验证成功后才会执行下面的操作
form.on('submit(formDemo)', function (data) {
batchOutApply(data); //新增方法
form.on('submit(formDemo)', function () {
batchOutApply();
});
//头部按键监听
$('#searchBt').on('click', function () {
let proName = $('select[name="proId"] option:selected').text();
let teamName = $('select[name="teamId"] option:selected').text();
if (proName.indexOf("请选择") > -1) {
proName = "";
}
if (teamName.indexOf("请选择") > -1) {
teamName = "";
}
let keyWord = $('#keyWord').val();
let params1 = {
proName,
teamName,
keyWord
};
table.reload('lay-table', {
where: params1
})
});
for (let i = 0; i < layTableIndexVideos.length; i++) {
var uploadcom = upload.render({
elem: '#exitVideoPath' + layTableIndexVideos[i],
url: fileUrl + '/file/upload',
multiple: true, //是否允许多文件上传默认未false
accept: 'video',
auto: true, //是否自动上传 默认为true
max: 1, //最大上传数量
bindAction: '#exitVideoPath' + layTableIndexVideos[i], //绑定的按钮
size: 1024 * 30, //最大文件大小单位k
field: 'file', //传到后台的字段名,默认file
choose: function (obj) {
flag = false;
var suffixType = ''; //后缀类型
uploadcom.config.elem.next()[0].value = '';
files = obj.pushFile();
obj.preview(function (index, file, result) {
console.log(index); //得到文件索引
console.log(file.name); //得到文件对象
});
},
done: function (data, index, upload) {
// var idNumber = dataArr[index].idNumber; // 获取当前行的idNumber
$("#exitVideoPaths" + layTableIndexVideos[i]).html(fileUrl + '/' + data.data.url);
$("#exitVideoPath" + layTableIndexVideos[i]).hide();
// dataArr[idNumber].exitVideoPath = fileUrl + '/' + data.data.url; // 更新文件路径
// updateTable(idNumber); // 更新表格
dataArr[layTableIndexVideos[i]].exitVideoPath = fileUrl + '/' + data.data.url;
},
allDone: function (data) {
},
error: function (e) {
//请求异常回调
console.log(e)
}
});
}
for (let i = 0; i < layTableIndexSigns.length; i++) {
var uploadcom1 = upload.render({
elem: '#exitSignPath' + layTableIndexSigns[i],
url: fileUrl + '/file/upload',
multiple: true, //是否允许多文件上传默认未false
exts: 'jpg|png|jpeg|pdf',
//accept: 'images',
auto: true, //是否自动上传 默认为true
max: 1, //最大上传数量
bindAction: '#exitSignPath' + layTableIndexSigns[i], //绑定的按钮
size: 1024 * 30, //最大文件大小单位k
field: 'file', //传到后台的字段名,默认file
choose: function (obj) {
flag = false;
var suffixType = ''; //后缀类型
uploadcom1.config.elem.next()[0].value = '';
files = obj.pushFile();
obj.preview(function (index, file, result) {
console.log(index); //得到文件索引
console.log(file.name); //得到文件对象
/*
$("#exitVideoPath").css("display", "");
$('#exitVideoPath').append(
'<div id="' + index + '" style="display: inline-block;text-align: center;width:150px">' +
'<div><span>' + file.name + '</span></div>' +
'</div>'
);*/
});
},
done: function (data, index, upload) {
// var idNumber = dataArr[index].idNumber; // 获取当前行的idNumber
// $("#exitSignPaths" + layTableIndexSigns[i]).html(fileUrl + '/' + data.data.url);
$("#exitSignPaths" + layTableIndexSigns[i]).html(
`<a href="${fileUrl + '/' + data.data.url}" target="_blank" style="color: #1E9FFF; cursor: pointer;">已上传</a>`
);
$("#exitSignPath" + layTableIndexSigns[i]).hide();
// dataArr[idNumber].exitVideoPath = fileUrl + '/' + data.data.url; // 更新文件路径
// updateTable(idNumber); // 更新表格
// dataArr[layTableIndexSigns[i]].exitSignPath = fileUrl + '/' + data.data.url;
dataArr[layTableIndexSigns[i]].exitSignPath = data.data.url;
},
allDone: function (data) {
},
error: function (e) {
//请求异常回调
console.log(e)
}
});
};
for (let i = 0; i < layTableIndexProves.length; i++) {
var uploadcom2 = upload.render({
elem: '#exitProvePath' + layTableIndexProves[i],
url: fileUrl + '/file/upload',
multiple: false, //是否允许多文件上传默认未false
exts: 'jpg|png|jpeg|pdf',
auto: true, //是否自动上传 默认为true
max: 1, //最大上传数量
bindAction: '#exitProvePath' + layTableIndexProves[i], //绑定的按钮
size: 1024 * 30, //最大文件大小单位k
field: 'file', //传到后台的字段名,默认file
choose: function (obj) {
flag = false;
var suffixType = ''; //后缀类型
uploadcom2.config.elem.next()[0].value = '';
files = obj.pushFile();
obj.preview(function (index, file, result) {
});
},
done: function (data, index, upload) {
// var idNumber = dataArr[index].idNumber; // 获取当前行的idNumber
// $("#exitProvePaths" + layTableIndexProves[i]).html(fileUrl + '/' + data.data.url);
$("#exitProvePaths" + layTableIndexProves[i]).html(
`<a href="${fileUrl + '/' + data.data.url}" target="_blank" style="color: #1E9FFF; cursor: pointer;">已上传</a>`
);
$("#exitProvePath" + layTableIndexProves[i]).hide();
// dataArr[idNumber].exitVideoPath = fileUrl + '/' + data.data.url; // 更新文件路径
// updateTable(idNumber); // 更新表格
// dataArr[layTableIndexProves[i]].exitProvePath = fileUrl + '/' + data.data.url;
dataArr[layTableIndexProves[i]].exitProvePath = data.data.url;
},
allDone: function (data) {
},
error: function (e) {
//请求异常回调
console.log(e)
}
});
};
for (let i = 0; i < layTableIndexSalaryApplication.length; i++) {
var uploadcom3 = upload.render({
elem: '#salaryApplicationPath' + layTableIndexSalaryApplication[i],
url: fileUrl + '/file/upload',
multiple: false, //是否允许多文件上传默认未false
exts: 'jpg|png|jpeg|pdf',
auto: true, //是否自动上传 默认为true
max: 1, //最大上传数量
bindAction: '#salaryApplicationPath' + layTableIndexSalaryApplication[i], //绑定的按钮
size: 1024 * 30, //最大文件大小单位k
field: 'file', //传到后台的字段名,默认file
choose: function (obj) {
flag = false;
var suffixType = ''; //后缀类型
uploadcom3.config.elem.next()[0].value = '';
files = obj.pushFile();
obj.preview(function (index, file, result) {
});
},
done: function (data, index, upload) {
// var idNumber = dataArr[index].idNumber; // 获取当前行的idNumber
// $("#exitProvePaths" + layTableIndexProves[i]).html(fileUrl + '/' + data.data.url);
$("#salaryApplicationPaths" + layTableIndexSalaryApplication[i]).html(
`<a href="${fileUrl + '/' + data.data.url}" target="_blank" style="color: #1E9FFF; cursor: pointer;">已上传</a>`
);
$("#salaryApplicationPath" + layTableIndexSalaryApplication[i]).hide();
// dataArr[idNumber].exitVideoPath = fileUrl + '/' + data.data.url; // 更新文件路径
// updateTable(idNumber); // 更新表格
// dataArr[layTableIndexProves[i]].exitProvePath = fileUrl + '/' + data.data.url;
dataArr[layTableIndexSalaryApplication[i]].salaryApplicationPath = data.data.url;
},
allDone: function (data) {
},
error: function (e) {
//请求异常回调
console.log(e)
}
});
};
})
$('#searchBt').on('click', doSearch);
});
}
// 初始化上传控件(支持表格刷新后重新绑定)
function initUploads() {
let tableData = table.cache['lay-table'] || [];
tableData.forEach(function (d) {
let idx = d.LAY_TABLE_INDEX;
// 出场签名上传
upload.render({
elem: '#exitSignPath' + idx,
url: fileUrl + '/file/upload',
exts: 'jpg|png|jpeg|pdf',
auto: true,
size: 1024 * 30,
field: 'file',
done: function (res) {
$("#exitSignPaths" + idx).html(
`<a href="${fileUrl + '/' + res.data.url}" target="_blank" style="color:#1E9FFF;">已上传</a>`
);
$("#exitSignPath" + idx).hide();
d.exitSignPath = res.data.url;
}
});
// 出场证明上传
upload.render({
elem: '#exitProvePath' + idx,
url: fileUrl + '/file/upload',
exts: 'jpg|png|jpeg|pdf',
auto: true,
size: 1024 * 30,
field: 'file',
done: function (res) {
$("#exitProvePaths" + idx).html(
`<a href="${fileUrl + '/' + res.data.url}" target="_blank" style="color:#1E9FFF;">已上传</a>`
);
$("#exitProvePath" + idx).hide();
d.exitProvePath = res.data.url;
}
});
// 工资结算申请书上传
upload.render({
elem: '#salaryApplicationPath' + idx,
url: fileUrl + '/file/upload',
exts: 'jpg|png|jpeg|pdf',
auto: true,
size: 1024 * 30,
field: 'file',
done: function (res) {
$("#salaryApplicationPaths" + idx).html(
`<a href="${fileUrl + '/' + res.data.url}" target="_blank" style="color:#1E9FFF;">已上传</a>`
);
$("#salaryApplicationPath" + idx).hide();
d.salaryApplicationPath = res.data.url;
}
});
});
}
// 搜索功能(重载表格并重新绑定上传)
function doSearch() {
var keyword = $('#keyWord').val(); // 获取输入框中的值
var filteredData = dataArr.filter(function (item) {
return item.user.indexOf(keyword) !== -1;
});
var keyword = $('#keyWord').val().trim();
var filteredData = dataArr.filter(item => item.user.indexOf(keyword) !== -1);
// 重新加载表格
layui.table.reload('lay-table', {
data: filteredData, // 使用过滤后的数据
page: {
curr: 1 // 重置当前页为第一页
data: filteredData,
page: { curr: 1 },
done: function () {
initUploads(); // 搜索后重新绑定上传
}
});
}
// 删除行
function deleteRow(idNumber) {
layer.confirm('是否删除?', function (index) {
// 查找要删除的行
var index = dataArr.findIndex(function (item) {
return item.idNumber == idNumber;
});
if (index !== -1) {
// 删除该行
dataArr.splice(index, 1);
var i = dataArr.findIndex(item => item.idNumber == idNumber);
if (i !== -1) {
dataArr.splice(i, 1);
layer.closeAll();
// 重新加载表格数据
table.reload('lay-table', {
data: dataArr
data: dataArr,
done: function () {
initUploads();
}
});
}
});
}
// 批量出场
function batchOutApply() {
if (dataArr.length > 0) {
/*for (let i = 0; i < dataArr.length; i++) {
if (dataArr[i].exitVideoPath == '' || dataArr[i].exitSignPath == '' || dataArr[i].exitProvePath == '') {
layer.alert('请先上传出场视频和出场签名', {icon: 7});
return;
}
}*/
layer.confirm("您确定出场选中的" + dataArr.length + "人吗?<br/><br/>" +
"<span style='color: red'>出场后,将会对该人员做如下操作:" +
"合同终止、退出班组、登录信息与工程解绑," +
"操作结束后该人员再使用系统时将不能再进行考勤打卡。<br/>" +
"请核实后无误后进行操作!</span>", function () {
var form = {"idNumberList": dataArr};
$.ajax({
type: 'post',
url: ctxPath + '/' + 'inOutSpace' + '/batchPersonOutPlaceList',
contentType: "application/json; charset=utf-8",
data: JSON.stringify(form),
dataType: 'json',
success: function (data) {
if (data.code == 200) {
layer.msg('出场申请成功', {icon: 1, time: 3000});
reloading();
} else {
layer.msg(data.msg, {icon: 2, time: 3000});
}
}
})
})
} else {
layer.msg('未选择人员', {icon: 5, time: 2000});
if (dataArr.length === 0) {
layer.msg('未选择人员', { icon: 5, time: 2000 });
return;
}
layer.confirm(`您确定出场选中的 ${dataArr.length} 人吗?<br/><br/>
<span style='color:red'>出场后将会对该人员做如下操作
合同终止退出班组登录信息与工程解绑
操作结束后该人员再使用系统时将不能再进行考勤打卡
请核实后无误后进行操作</span>`, function () {
$.ajax({
type: 'post',
url: ctxPath + '/inOutSpace/batchPersonOutPlaceList',
contentType: "application/json; charset=utf-8",
data: JSON.stringify({ idNumberList: dataArr }),
dataType: 'json',
success: function (data) {
if (data.code == 200) {
layer.msg('出场申请成功', { icon: 1, time: 3000 });
reloading();
} else {
layer.msg(data.msg, { icon: 2, time: 3000 });
}
}
});
});
}
/**
* 关闭当前iframe层并刷新父页面
* 该函数主要用于在iframe操作完成后关闭当前弹窗并刷新父页面以显示最新数据
*/
function reloading() {
var index = parent.layer.getFrameIndex(window.name); //先得到当前 iframe层的索引
parent.layer.close(index); //再执行关闭
// 获取当前iframe的索引值
var index = parent.layer.getFrameIndex(window.name);
// 关闭当前iframe层
parent.layer.close(index);
// 刷新父页面
window.parent.location.reload();
}

22
modules/bmw/src/main/resources/static/pages/work/Person/AttendanceMachine/personEntryFrom.js
View File

@ -1093,7 +1093,7 @@ function uploadCompanyExamFIle(number) {
multiple: false, //是否允许多文件上传默认未false
dataType: "json",
// data: {"pickId": id},
exts: "jpg|png|jpeg|rar|zip|docx|doc|pdf",
exts: "jpg|png|jpeg|pdf",
//acceptMime: 'image/jpg,image/png,image/jpeg,file/pdf,file/xlsx',
auto: true, //是否自动上传 默认为true
number: number, //最大上传数量
@ -1104,7 +1104,7 @@ function uploadCompanyExamFIle(number) {
// 自定义提示文本
"data-format-error": "上传失败,请重新上传", // 数据格式错误的提示
"check-error":
"公司级考试支持 jpg|png|jpeg|rar|zip|docx|doc|pdf 文件,请重新选择!", // 文件格式校验失败的提示
"公司级考试支持 jpg|png|jpeg|pdf 文件,请重新选择!", // 文件格式校验失败的提示
error: "上传失败,请重新上传", // 上传失败的提示
"limit-number": null, // 限制 number 属性的提示。若设置,需为函数写法
"limit-size": null, // 限制 size 属性的提示。若设置,需为函数写法
@ -1192,7 +1192,7 @@ function uploadDeptExamFIle(number) {
multiple: false, //是否允许多文件上传默认未false
dataType: "json",
// data: {"pickId": id},
exts: "jpg|png|jpeg|rar|zip|docx|doc|pdf",
exts: "jpg|png|jpeg|pdf",
//acceptMime: 'image/jpg,image/png,image/jpeg,file/pdf,file/xlsx',
auto: true, //是否自动上传 默认为true
number: number, //最大上传数量
@ -1203,7 +1203,7 @@ function uploadDeptExamFIle(number) {
// 自定义提示文本
"data-format-error": "上传失败,请重新上传", // 数据格式错误的提示
"check-error":
"部门级考试 jpg|png|jpeg|rar|zip|docx|doc|pdf 文件,请重新选择!", // 文件格式校验失败的提示
"部门级考试 jpg|png|jpeg|pdf 文件,请重新选择!", // 文件格式校验失败的提示
error: "上传失败,请重新上传", // 上传失败的提示
"limit-number": null, // 限制 number 属性的提示。若设置,需为函数写法
"limit-size": null, // 限制 size 属性的提示。若设置,需为函数写法
@ -1291,7 +1291,7 @@ function uploadTeamExamFIle(number) {
multiple: false, //是否允许多文件上传默认未false
dataType: "json",
// data: {"pickId": id},
exts: "jpg|png|jpeg|rar|zip|docx|doc|pdf",
exts: "jpg|png|jpeg|pdf",
//acceptMime: 'image/jpg,image/png,image/jpeg,file/pdf,file/xlsx',
auto: true, //是否自动上传 默认为true
number: number, //最大上传数量
@ -1302,7 +1302,7 @@ function uploadTeamExamFIle(number) {
// 自定义提示文本
"data-format-error": "上传失败,请重新上传", // 数据格式错误的提示
"check-error":
"班组级考试 jpg|png|jpeg|rar|zip|docx|doc|pdf 文件,请重新选择!", // 文件格式校验失败的提示
"班组级考试 jpg|png|jpeg|pdf 文件,请重新选择!", // 文件格式校验失败的提示
error: "上传失败,请重新上传", // 上传失败的提示
"limit-number": null, // 限制 number 属性的提示。若设置,需为函数写法
"limit-size": null, // 限制 size 属性的提示。若设置,需为函数写法
@ -1390,7 +1390,7 @@ function uploadFileProve(number) {
multiple: true, //是否允许多文件上传默认未false
dataType: "json",
// data: {"pickId": id},
exts: "jpg|png|jpeg|txt|pdf|xlsx|xls|docx|doc|ppt|pptx",
exts: "jpg|png|jpeg|pdf",
//acceptMime: 'image/jpg,image/png,image/jpeg,file/pdf,file/xlsx',
auto: false, //是否自动上传 默认为true
number: number, //最大上传数量
@ -1401,7 +1401,7 @@ function uploadFileProve(number) {
// 自定义提示文本
"data-format-error": "上传失败,请重新上传", // 数据格式错误的提示
"check-error":
"社保证明 jpg|png|jpeg|txt|pdf|xlsx|xls|docx|doc|ppt|pptx 文件,请重新选择!", // 文件格式校验失败的提示
"社保证明 jpg|png|jpeg|pdf 文件,请重新选择!", // 文件格式校验失败的提示
error: "上传失败,请重新上传", // 上传失败的提示
"limit-number": null, // 限制 number 属性的提示。若设置,需为函数写法
"limit-size": null, // 限制 size 属性的提示。若设置,需为函数写法
@ -1492,7 +1492,7 @@ function uploadFileWageCard(number) {
multiple: true, //是否允许多文件上传默认未false
dataType: "json",
// data: {"pickId": id},
exts: "jpg|png|jpeg|txt|pdf|xlsx|xls|docx|doc|ppt|pptx",
exts: "jpg|png|jpeg|pdf",
//acceptMime: 'image/jpg,image/png,image/jpeg,file/pdf,file/xlsx',
auto: false, //是否自动上传 默认为true
number: number, //最大上传数量
@ -1503,7 +1503,7 @@ function uploadFileWageCard(number) {
// 自定义提示文本
"data-format-error": "上传失败,请重新上传", // 数据格式错误的提示
"check-error":
"工资卡见证照上传支持jpg|png|jpeg|txt|pdf|xlsx|xls|docx|doc|ppt|pptx 文件,请重新选择!", // 文件格式校验失败的提示
"工资卡见证照上传支持jpg|png|jpeg|pdf文件请重新选择!", // 文件格式校验失败的提示
error: "上传失败,请重新上传", // 上传失败的提示
"limit-number": null, // 限制 number 属性的提示。若设置,需为函数写法
"limit-size": null, // 限制 size 属性的提示。若设置,需为函数写法
@ -1606,7 +1606,7 @@ function uploadFileContract(number) {
// 自定义提示文本
"data-format-error": "上传失败,请重新上传", // 数据格式错误的提示
"check-error":
"合同见证照片支持jpg|png|jpeg|txt|pdf|xlsx|xls|docx|doc|ppt|pptx|PDF 文件,请重新选择!", // 文件格式校验失败的提示
"合同见证照片支持jpg|png|jpeg|pdf|PDF 文件,请重新选择!", // 文件格式校验失败的提示
error: "上传失败,请重新上传", // 上传失败的提示
"limit-number": null, // 限制 number 属性的提示。若设置,需为函数写法
"limit-size": null, // 限制 size 属性的提示。若设置,需为函数写法

572
modules/bmw/src/main/resources/static/pages/work/Person/AttendanceMachine/personEntryUpd.js
View File

File diff suppressed because it is too large Load Diff