mirror of
https://github.com/jeecgboot/JeecgBoot.git
synced 2026-02-02 00:25:22 +08:00
【jeecgboot 3.7.0里程碑版本发布——合并springboot3sas分支】
Merge remote-tracking branch 'origin/springboot3' into springboot3_sas # Conflicts: # .gitignore # db/tables_nacos.sql # jeecg-boot-base-core/pom.xml # jeecg-boot-base-core/src/main/java/org/jeecg/common/aspect/AutoLogAspect.java # jeecg-boot-base-core/src/main/java/org/jeecg/common/exception/JeecgBootExceptionHandler.java # jeecg-boot-base-core/src/main/java/org/jeecg/config/DruidWallConfigRegister.java # jeecg-boot-base-core/src/main/java/org/jeecg/config/shiro/ShiroConfig.java # jeecg-boot-base-core/src/main/java/org/jeecg/config/shiro/ShiroRealm.java # jeecg-boot-base-core/src/main/java/org/jeecg/config/shiro/filters/JwtFilter.java # jeecg-boot-base-core/src/main/java/org/jeecg/modules/base/service/impl/BaseCommonServiceImpl.java # jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/LoginController.java # jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysAnnouncementController.java # jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysDepartController.java # jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysDepartRoleController.java # jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysDictController.java # jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysPermissionController.java # jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysTableWhiteListController.java # jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysTenantController.java # jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/SysUserController.java # jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/service/impl/SysAnnouncementServiceImpl.java # jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/service/impl/SysDepartServiceImpl.java # jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/service/impl/SysTenantPackServiceImpl.java # jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/service/impl/SysTenantServiceImpl.java # jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/service/impl/SysUserDepartServiceImpl.java # jeecg-module-system/jeecg-system-start/src/main/resources/application-dev.yml # jeecg-module-system/jeecg-system-start/src/main/resources/application-prod.yml # jeecg-module-system/jeecg-system-start/src/main/resources/application-test.yml # pom.xml
This commit is contained in:
JEECG
@ -4,7 +4,7 @@
|
||||
<parent>
|
||||
<groupId>org.jeecgframework.boot</groupId>
|
||||
<artifactId>jeecg-boot-parent</artifactId>
|
||||
<version>3.6.1</version>
|
||||
<version>3.7.0</version>
|
||||
</parent>
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<artifactId>jeecg-boot-base-core</artifactId>
|
||||
@ -96,7 +96,7 @@
|
||||
<dependency>
|
||||
<groupId>commons-io</groupId>
|
||||
<artifactId>commons-io</artifactId>
|
||||
<version>${commons.version}</version>
|
||||
<version>${commons-io.version}</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>commons-lang</groupId>
|
||||
@ -159,6 +159,25 @@
|
||||
<version>${postgresql.version}</version>
|
||||
<scope>runtime</scope>
|
||||
</dependency>
|
||||
<!--人大金仓驱动 版本号V008R006C005B0013 -->
|
||||
<dependency>
|
||||
<groupId>org.jeecgframework</groupId>
|
||||
<artifactId>kingbase8</artifactId>
|
||||
<version>${kingbase8.version}</version>
|
||||
<scope>runtime</scope>
|
||||
</dependency>
|
||||
<!--达梦数据库驱动 版本号1-3-26-2023.07.26-197096-20046-ENT -->
|
||||
<dependency>
|
||||
<groupId>com.dameng</groupId>
|
||||
<artifactId>Dm8JdbcDriver18</artifactId>
|
||||
<version>${dm8.version}</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>com.dameng</groupId>
|
||||
<artifactId>DmDialect-for-hibernate5.0</artifactId>
|
||||
<version>${dm8.version}</version>
|
||||
</dependency>
|
||||
|
||||
|
||||
<!-- Quartz定时任务 -->
|
||||
<dependency>
|
||||
@ -281,6 +300,11 @@
|
||||
<groupId>cn.hutool</groupId>
|
||||
<artifactId>hutool-crypto</artifactId>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
|
||||
<!-- chatgpt -->
|
||||
<dependency>
|
||||
<groupId>org.jeecgframework.boot</groupId>
|
||||
<artifactId>jeecg-boot-starter3-chatgpt</artifactId>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
</project>
|
||||
@ -19,14 +19,21 @@ public interface CommonAPI {
|
||||
* @return
|
||||
*/
|
||||
Set<String> queryUserRoles(String username);
|
||||
|
||||
/**
|
||||
* 1查询用户角色信息
|
||||
* @param userId
|
||||
* @return
|
||||
*/
|
||||
Set<String> queryUserRolesById(String userId);
|
||||
|
||||
|
||||
/**
|
||||
* 2查询用户权限信息
|
||||
* @param username
|
||||
* @param userId
|
||||
* @return
|
||||
*/
|
||||
Set<String> queryUserAuths(String username);
|
||||
Set<String> queryUserAuths(String userId);
|
||||
|
||||
/**
|
||||
* 3根据 id 查询数据库中存储的 DynamicDataSourceModel
|
||||
@ -50,6 +57,13 @@ public interface CommonAPI {
|
||||
* @return
|
||||
*/
|
||||
public LoginUser getUserByName(String username);
|
||||
|
||||
/**
|
||||
* 5根据用户账号查询用户Id
|
||||
* @param username
|
||||
* @return
|
||||
*/
|
||||
public String getUserIdByName(String username);
|
||||
|
||||
/**
|
||||
* 5根据用户手机号查询用户信息
|
||||
@ -125,15 +139,18 @@ public interface CommonAPI {
|
||||
*/
|
||||
Map<String, List<DictModel>> translateManyDict(String dictCodes, String keys);
|
||||
|
||||
//update-begin---author:chenrui ---date:20231221 for:[issues/#5643]解决分布式下表字典跨库无法查询问题------------
|
||||
/**
|
||||
* 15 字典表的 翻译,可批量
|
||||
* @param table
|
||||
* @param text
|
||||
* @param code
|
||||
* @param keys 多个用逗号分割
|
||||
* @param dataSource 数据源
|
||||
* @return
|
||||
*/
|
||||
List<DictModel> translateDictFromTableByKeys(String table, String text, String code, String keys);
|
||||
List<DictModel> translateDictFromTableByKeys(String table, String text, String code, String keys, String dataSource);
|
||||
//update-end---author:chenrui ---date:20231221 for:[issues/#5643]解决分布式下表字典跨库无法查询问题------------
|
||||
|
||||
/**
|
||||
* 登录加载系统字典
|
||||
|
||||
@ -17,6 +17,8 @@ public class DataLogDTO {
|
||||
|
||||
private String type;
|
||||
|
||||
private String createName;
|
||||
|
||||
public DataLogDTO(){
|
||||
|
||||
}
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
package org.jeecg.common.api.dto;
|
||||
import lombok.Data;
|
||||
import org.jeecg.common.aspect.annotation.Dict;
|
||||
import org.jeecg.common.system.vo.LoginUser;
|
||||
import java.io.Serializable;
|
||||
import java.util.Date;
|
||||
@ -55,6 +56,11 @@ public class LogDTO implements Serializable {
|
||||
*/
|
||||
private Integer tenantId;
|
||||
|
||||
/**
|
||||
* 客户终端类型 pc:电脑端 app:手机端 h5:移动网页端
|
||||
*/
|
||||
private String clientType;
|
||||
|
||||
public LogDTO(){
|
||||
|
||||
}
|
||||
|
||||
@ -30,6 +30,13 @@ public class OnlineAuthDTO implements Serializable {
|
||||
*/
|
||||
private String onlineFormUrl;
|
||||
|
||||
//update-begin---author:chenrui ---date:20240123 for:[QQYUN-7992]【online】工单申请下的online表单,未配置online表单开发菜单,操作报错无权限------------
|
||||
/**
|
||||
* online工单的地址
|
||||
*/
|
||||
private String onlineWorkOrderUrl;
|
||||
//update-end---author:chenrui ---date:20240123 for:[QQYUN-7992]【online】工单申请下的online表单,未配置online表单开发菜单,操作报错无权限------------
|
||||
|
||||
public OnlineAuthDTO(){
|
||||
|
||||
}
|
||||
|
||||
@ -3,6 +3,7 @@ package org.jeecg.common.aspect;
|
||||
import com.alibaba.fastjson.JSON;
|
||||
import com.alibaba.fastjson.JSONObject;
|
||||
import com.alibaba.fastjson.serializer.PropertyFilter;
|
||||
import org.apache.shiro.SecurityUtils;
|
||||
import org.aspectj.lang.JoinPoint;
|
||||
import org.aspectj.lang.ProceedingJoinPoint;
|
||||
import org.aspectj.lang.annotation.Around;
|
||||
@ -21,7 +22,7 @@ import org.jeecg.common.system.vo.LoginUser;
|
||||
import org.jeecg.common.util.IpUtils;
|
||||
import org.jeecg.common.util.SpringContextUtils;
|
||||
import org.jeecg.common.util.oConvertUtils;
|
||||
import org.springframework.core.LocalVariableTableParameterNameDiscoverer;
|
||||
import org.springframework.core.StandardReflectionParameterNameDiscoverer;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.stereotype.Component;
|
||||
import org.springframework.validation.BindingResult;
|
||||
@ -174,7 +175,7 @@ public class AutoLogAspect {
|
||||
// 请求的方法参数值
|
||||
Object[] args = joinPoint.getArgs();
|
||||
// 请求的方法参数名称
|
||||
LocalVariableTableParameterNameDiscoverer u = new LocalVariableTableParameterNameDiscoverer();
|
||||
StandardReflectionParameterNameDiscoverer u=new StandardReflectionParameterNameDiscoverer();
|
||||
String[] paramNames = u.getParameterNames(method);
|
||||
if (args != null && paramNames != null) {
|
||||
for (int i = 0; i < args.length; i++) {
|
||||
|
||||
@ -52,7 +52,9 @@ public class DictAspect {
|
||||
/**
|
||||
* 定义切点Pointcut
|
||||
*/
|
||||
@Pointcut("execution(public * org.jeecg.modules..*.*Controller.*(..)) || @annotation(org.jeecg.common.aspect.annotation.AutoDict)")
|
||||
@Pointcut("(@within(org.springframework.web.bind.annotation.RestController) || " +
|
||||
"@within(org.springframework.stereotype.Controller) || @annotation(org.jeecg.common.aspect.annotation.AutoDict)) " +
|
||||
"&& execution(public org.jeecg.common.api.vo.Result org.jeecg..*.*(..))")
|
||||
public void excudeService() {
|
||||
}
|
||||
|
||||
@ -92,7 +94,8 @@ public class DictAspect {
|
||||
* @param result
|
||||
*/
|
||||
private Object parseDictText(Object result) {
|
||||
if (result instanceof Result) {
|
||||
//if (result instanceof Result) {
|
||||
if (true) {
|
||||
if (((Result) result).getResult() instanceof IPage) {
|
||||
List<JSONObject> items = new ArrayList<>();
|
||||
|
||||
@ -140,11 +143,15 @@ public class DictAspect {
|
||||
String code = field.getAnnotation(Dict.class).dicCode();
|
||||
String text = field.getAnnotation(Dict.class).dicText();
|
||||
String table = field.getAnnotation(Dict.class).dictTable();
|
||||
|
||||
//update-begin---author:chenrui ---date:20231221 for:[issues/#5643]解决分布式下表字典跨库无法查询问题------------
|
||||
String dataSource = field.getAnnotation(Dict.class).ds();
|
||||
//update-end---author:chenrui ---date:20231221 for:[issues/#5643]解决分布式下表字典跨库无法查询问题------------
|
||||
List<String> dataList;
|
||||
String dictCode = code;
|
||||
if (!StringUtils.isEmpty(table)) {
|
||||
dictCode = String.format("%s,%s,%s", table, text, code);
|
||||
//update-begin---author:chenrui ---date:20231221 for:[issues/#5643]解决分布式下表字典跨库无法查询问题------------
|
||||
dictCode = String.format("%s,%s,%s,%s", table, text, code, dataSource);
|
||||
//update-end---author:chenrui ---date:20231221 for:[issues/#5643]解决分布式下表字典跨库无法查询问题------------
|
||||
}
|
||||
dataList = dataListMap.computeIfAbsent(dictCode, k -> new ArrayList<>());
|
||||
this.listAddAllDeduplicate(dataList, Arrays.asList(value.split(",")));
|
||||
@ -169,10 +176,15 @@ public class DictAspect {
|
||||
String code = field.getAnnotation(Dict.class).dicCode();
|
||||
String text = field.getAnnotation(Dict.class).dicText();
|
||||
String table = field.getAnnotation(Dict.class).dictTable();
|
||||
|
||||
//update-begin---author:chenrui ---date:20231221 for:[issues/#5643]解决分布式下表字典跨库无法查询问题------------
|
||||
// 自定义的字典表数据源
|
||||
String dataSource = field.getAnnotation(Dict.class).ds();
|
||||
//update-end---author:chenrui ---date:20231221 for:[issues/#5643]解决分布式下表字典跨库无法查询问题------------
|
||||
String fieldDictCode = code;
|
||||
if (!StringUtils.isEmpty(table)) {
|
||||
fieldDictCode = String.format("%s,%s,%s", table, text, code);
|
||||
//update-begin---author:chenrui ---date:20231221 for:[issues/#5643]解决分布式下表字典跨库无法查询问题------------
|
||||
fieldDictCode = String.format("%s,%s,%s,%s", table, text, code, dataSource);
|
||||
//update-end---author:chenrui ---date:20231221 for:[issues/#5643]解决分布式下表字典跨库无法查询问题------------
|
||||
}
|
||||
|
||||
String value = record.getString(field.getName());
|
||||
@ -274,9 +286,25 @@ public class DictAspect {
|
||||
String[] arr = dictCode.split(",");
|
||||
String table = arr[0], text = arr[1], code = arr[2];
|
||||
String values = String.join(",", needTranslDataTable);
|
||||
//update-begin---author:chenrui ---date:20231221 for:[issues/#5643]解决分布式下表字典跨库无法查询问题------------
|
||||
// 自定义的数据源
|
||||
String dataSource = null;
|
||||
if (arr.length > 3) {
|
||||
dataSource = arr[3];
|
||||
}
|
||||
//update-end---author:chenrui ---date:20231221 for:[issues/#5643]解决分布式下表字典跨库无法查询问题------------
|
||||
log.debug("translateDictFromTableByKeys.dictCode:" + dictCode);
|
||||
log.debug("translateDictFromTableByKeys.values:" + values);
|
||||
List<DictModel> texts = commonApi.translateDictFromTableByKeys(table, text, code, values);
|
||||
//update-begin---author:chenrui ---date:20231221 for:[issues/#5643]解决分布式下表字典跨库无法查询问题------------
|
||||
|
||||
//update-begin---author:wangshuai---date:2024-01-09---for:微服务下为空报错没有参数需要传递空字符串---
|
||||
if(null == dataSource){
|
||||
dataSource = "";
|
||||
}
|
||||
//update-end---author:wangshuai---date:2024-01-09---for:微服务下为空报错没有参数需要传递空字符串---
|
||||
|
||||
List<DictModel> texts = commonApi.translateDictFromTableByKeys(table, text, code, values, dataSource);
|
||||
//update-end---author:chenrui ---date:20231221 for:[issues/#5643]解决分布式下表字典跨库无法查询问题------------
|
||||
log.debug("translateDictFromTableByKeys.result:" + texts);
|
||||
List<DictModel> list = translText.computeIfAbsent(dictCode, k -> new ArrayList<>());
|
||||
list.addAll(texts);
|
||||
|
||||
@ -39,4 +39,16 @@ public @interface Dict {
|
||||
* @return 返回类型: String
|
||||
*/
|
||||
String dictTable() default "";
|
||||
|
||||
|
||||
//update-begin---author:chenrui ---date:20231221 for:[issues/#5643]解决分布式下表字典跨库无法查询问题------------
|
||||
/**
|
||||
* 方法描述: 数据字典表所在数据源名称
|
||||
* 作 者: chenrui
|
||||
* 日 期: 2023年12月20日-下午4:58
|
||||
*
|
||||
* @return 返回类型: String
|
||||
*/
|
||||
String ds() default "";
|
||||
//update-end---author:chenrui ---date:20231221 for:[issues/#5643]解决分布式下表字典跨库无法查询问题------------
|
||||
}
|
||||
|
||||
@ -36,6 +36,16 @@ public interface CommonConstant {
|
||||
*/
|
||||
int LOG_TYPE_2 = 2;
|
||||
|
||||
/**
|
||||
* 系统日志类型: 租户操作日志
|
||||
*/
|
||||
int LOG_TYPE_3 = 3;
|
||||
|
||||
/**
|
||||
* 系统日志类型: 异常
|
||||
*/
|
||||
int LOG_TYPE_4 = 4;
|
||||
|
||||
/**
|
||||
* 操作日志类型: 查询
|
||||
*/
|
||||
@ -69,6 +79,8 @@ public interface CommonConstant {
|
||||
|
||||
/** {@code 500 Server Error} (HTTP/1.0 - RFC 1945) */
|
||||
Integer SC_INTERNAL_SERVER_ERROR_500 = 500;
|
||||
/** {@code 404 Not Found} (HTTP/1.0 - RFC 1945) */
|
||||
Integer SC_INTERNAL_NOT_FOUND_404 = 404;
|
||||
/** {@code 200 OK} (HTTP/1.0 - RFC 1945) */
|
||||
Integer SC_OK_200 = 200;
|
||||
|
||||
@ -284,6 +296,10 @@ public interface CommonConstant {
|
||||
* 在线聊天 用户好友缓存前缀
|
||||
*/
|
||||
String IM_PREFIX_USER_FRIEND_CACHE = "sys:cache:im:im_prefix_user_friend_";
|
||||
/**
|
||||
* 缓存用户id与用户名关系
|
||||
*/
|
||||
String SYS_USER_ID_MAPPING_CACHE = "sys:cache:user:id_mapping";
|
||||
|
||||
/**
|
||||
* 考勤补卡业务状态 (1:同意 2:不同意)
|
||||
@ -375,6 +391,8 @@ public interface CommonConstant {
|
||||
/**前端vue3版本Header参数名*/
|
||||
String VERSION="X-Version";
|
||||
|
||||
String VERSION_V3 = "v3";
|
||||
|
||||
/**存储在线程变量里的动态表名*/
|
||||
String DYNAMIC_TABLE_NAME="DYNAMIC_TABLE_NAME";
|
||||
/**
|
||||
@ -573,4 +591,30 @@ public interface CommonConstant {
|
||||
public static final String SAAS_MODE_TENANT = "tenant";
|
||||
//update-end---author:scott ---date::2023-09-10 for:积木报表常量----
|
||||
|
||||
//update-begin---author:wangshuai---date:2024-04-07---for:修改手机号常量---
|
||||
/**
|
||||
* 修改手机号短信验证码redis-key的前缀
|
||||
*/
|
||||
String CHANGE_PHONE_REDIS_KEY_PRE = "sys:cache:phone:change_phone_msg:";
|
||||
|
||||
/**
|
||||
* 缓存用户最后一次收到消息通知的时间 KEY
|
||||
*/
|
||||
String CACHE_KEY_USER_LAST_ANNOUNT_TIME_1HOUR = "sys:cache:userinfo:user_last_annount_time::%s";
|
||||
|
||||
/**
|
||||
* 验证原手机号
|
||||
*/
|
||||
String VERIFY_ORIGINAL_PHONE = "verifyOriginalPhone";
|
||||
|
||||
/**
|
||||
* 修改手机号
|
||||
*/
|
||||
String UPDATE_PHONE = "updatePhone";
|
||||
//update-end---author:wangshuai---date:2024-04-07---for:修改手机号常量---
|
||||
|
||||
/**
|
||||
* 修改手机号验证码请求次数超出
|
||||
*/
|
||||
Integer PHONE_SMS_FAIL_CODE = 40002;
|
||||
}
|
||||
|
||||
@ -17,6 +17,9 @@ public interface DataBaseConstant {
|
||||
|
||||
/**postgreSQL达梦数据库*/
|
||||
public static final String DB_TYPE_POSTGRESQL = "POSTGRESQL";
|
||||
|
||||
/**人大金仓数据库*/
|
||||
public static final String DB_TYPE_KINGBASEES = "KINGBASEES";
|
||||
|
||||
/**sqlserver数据库*/
|
||||
public static final String DB_TYPE_SQLSERVER = "SQLSERVER";
|
||||
@ -55,6 +58,22 @@ public interface DataBaseConstant {
|
||||
* 数据-所属机构编码
|
||||
*/
|
||||
public static final String SYS_MULTI_ORG_CODE_TABLE = "sys_multi_org_code";
|
||||
/**
|
||||
* 数据-所属机构ID
|
||||
*/
|
||||
public static final String SYS_ORG_ID = "sysOrgId";
|
||||
/**
|
||||
* 数据-所属机构ID
|
||||
*/
|
||||
public static final String SYS_ORG_ID_TABLE = "sys_org_id";
|
||||
/**
|
||||
* 数据-所属角色code(多个逗号分割)
|
||||
*/
|
||||
public static final String SYS_ROLE_CODE = "sysRoleCode";
|
||||
/**
|
||||
* 数据-所属角色code(多个逗号分割)
|
||||
*/
|
||||
public static final String SYS_ROLE_CODE_TABLE = "sys_role_code";
|
||||
/**
|
||||
* 数据-系统用户编码(对应登录用户账号)
|
||||
*/
|
||||
@ -63,7 +82,14 @@ public interface DataBaseConstant {
|
||||
* 数据-系统用户编码(对应登录用户账号)
|
||||
*/
|
||||
public static final String SYS_USER_CODE_TABLE = "sys_user_code";
|
||||
|
||||
/**
|
||||
* 登录用户ID
|
||||
*/
|
||||
public static final String SYS_USER_ID = "sysUserId";
|
||||
/**
|
||||
* 登录用户ID
|
||||
*/
|
||||
public static final String SYS_USER_ID_TABLE = "sys_user_id";
|
||||
/**
|
||||
* 登录用户真实姓名
|
||||
*/
|
||||
|
||||
@ -34,17 +34,22 @@ public interface ServiceNameConstants {
|
||||
*/
|
||||
String SERVICE_DEMO = "jeecg-demo";
|
||||
/**
|
||||
* 微服务名:online在线模块
|
||||
* 微服务名:joa模块
|
||||
*/
|
||||
String SERVICE_ONLINE = "jeecg-online";
|
||||
/**
|
||||
* 微服务名:OA模块
|
||||
*/
|
||||
String SERVICE_EOA = "jeecg-eoa";
|
||||
/**
|
||||
* 微服务名:表单设计模块
|
||||
*/
|
||||
String SERVICE_FORM = "jeecg-desform";
|
||||
String SERVICE_JOA = "jeecg-joa";
|
||||
|
||||
// /**
|
||||
// * 微服务名:online在线模块
|
||||
// */
|
||||
// String SERVICE_ONLINE = "jeecg-online";
|
||||
// /**
|
||||
// * 微服务名:OA模块
|
||||
// */
|
||||
// String SERVICE_EOA = "jeecg-eoa";
|
||||
// /**
|
||||
// * 微服务名:表单设计模块
|
||||
// */
|
||||
// String SERVICE_FORM = "jeecg-desform";
|
||||
|
||||
/**
|
||||
* gateway通过header传递根路径 basePath
|
||||
|
||||
@ -23,7 +23,7 @@ public enum CgformEnum {
|
||||
/**
|
||||
* 多表(jvxe风格)
|
||||
* */
|
||||
JVXE_TABLE(2, "jvxe", "/jeecg/code-template-online", "jvxe.onetomany", "JVXE风格" ,new String[]{"vue3","vue","vue3Native"}),
|
||||
JVXE_TABLE(2, "jvxe", "/jeecg/code-template-online", "jvxe.onetomany", "默认风格" ,new String[]{"vue3","vue","vue3Native"}),
|
||||
|
||||
/**
|
||||
* 多表 (erp风格)
|
||||
|
||||
@ -0,0 +1,23 @@
|
||||
package org.jeecg.common.constant.enums;
|
||||
|
||||
/**
|
||||
* 客户终端类型
|
||||
*/
|
||||
public enum ClientTerminalTypeEnum {
|
||||
|
||||
PC("pc", "电脑终端"),
|
||||
H5("h5", "移动网页端"),
|
||||
APP("app", "手机app端");
|
||||
|
||||
private String key;
|
||||
private String text;
|
||||
|
||||
ClientTerminalTypeEnum(String value, String text) {
|
||||
this.key = value;
|
||||
this.text = text;
|
||||
}
|
||||
|
||||
public String getKey() {
|
||||
return this.key;
|
||||
}
|
||||
}
|
||||
@ -0,0 +1,27 @@
|
||||
package org.jeecg.common.constant.enums;
|
||||
|
||||
/**
|
||||
* 日期预设范围枚举
|
||||
*/
|
||||
public enum DateRangeEnum {
|
||||
// 今天
|
||||
TODAY,
|
||||
// 昨天
|
||||
YESTERDAY,
|
||||
// 明天
|
||||
TOMORROW,
|
||||
// 本周
|
||||
THIS_WEEK,
|
||||
// 上周
|
||||
LAST_WEEK,
|
||||
// 下周
|
||||
NEXT_WEEK,
|
||||
// 过去七天
|
||||
LAST_7_DAYS,
|
||||
// 本月
|
||||
THIS_MONTH,
|
||||
// 上月
|
||||
LAST_MONTH,
|
||||
// 下月
|
||||
NEXT_MONTH,
|
||||
}
|
||||
@ -12,6 +12,8 @@ public enum DySmsEnum {
|
||||
LOGIN_TEMPLATE_CODE("SMS_175435174","敲敲云","code"),
|
||||
/**忘记密码短信模板编码*/
|
||||
FORGET_PASSWORD_TEMPLATE_CODE("SMS_175435174","敲敲云","code"),
|
||||
/**修改密码短信模板编码*/
|
||||
CHANGE_PASSWORD_TEMPLATE_CODE("SMS_465391221","敲敲云","code"),
|
||||
/**注册账号短信模板编码*/
|
||||
REGISTER_TEMPLATE_CODE("SMS_175430166","敲敲云","code"),
|
||||
/**会议通知*/
|
||||
|
||||
@ -13,12 +13,16 @@ import java.util.List;
|
||||
public enum RoleIndexConfigEnum {
|
||||
|
||||
/**首页自定义 admin*/
|
||||
ADMIN("admin", "dashboard/Analysis"),
|
||||
// ADMIN("admin", "dashboard/Analysis"),
|
||||
//TEST("test", "dashboard/IndexChart"),
|
||||
/**首页自定义 hr*/
|
||||
HR("hr", "dashboard/IndexBdc");
|
||||
// HR("hr", "dashboard/IndexBdc");
|
||||
|
||||
//DM("dm", "dashboard/IndexTask"),
|
||||
|
||||
// 注:此值仅为防止报错,无任何实际意义
|
||||
ROLE_INDEX_CONFIG_ENUM("RoleIndexConfigEnumDefault", "dashboard/Analysis");
|
||||
|
||||
/**
|
||||
* 角色编码
|
||||
*/
|
||||
|
||||
@ -0,0 +1,87 @@
|
||||
package org.jeecg.common.desensitization;
|
||||
|
||||
import com.fasterxml.jackson.core.JsonGenerator;
|
||||
import com.fasterxml.jackson.databind.BeanProperty;
|
||||
import com.fasterxml.jackson.databind.JsonMappingException;
|
||||
import com.fasterxml.jackson.databind.JsonSerializer;
|
||||
import com.fasterxml.jackson.databind.SerializerProvider;
|
||||
import com.fasterxml.jackson.databind.ser.ContextualSerializer;
|
||||
import lombok.AllArgsConstructor;
|
||||
import lombok.NoArgsConstructor;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.jeecg.common.desensitization.annotation.Sensitive;
|
||||
import org.jeecg.common.desensitization.enums.SensitiveEnum;
|
||||
import org.jeecg.common.desensitization.util.SensitiveInfoUtil;
|
||||
import org.jeecg.common.util.encryption.AesEncryptUtil;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.util.Objects;
|
||||
|
||||
/**
|
||||
* @author eightmonth@qq.com
|
||||
* @date 2024/6/19 10:43
|
||||
*/
|
||||
@NoArgsConstructor
|
||||
@AllArgsConstructor
|
||||
@Slf4j
|
||||
public class SensitiveSerialize extends JsonSerializer<String> implements ContextualSerializer {
|
||||
|
||||
private SensitiveEnum type;
|
||||
|
||||
@Override
|
||||
public void serialize(String data, JsonGenerator jsonGenerator, SerializerProvider serializerProvider) throws IOException {
|
||||
switch (type){
|
||||
case ENCODE:
|
||||
try {
|
||||
jsonGenerator.writeString(AesEncryptUtil.encrypt(data));
|
||||
} catch (Exception exception) {
|
||||
log.error("数据加密错误", exception.getMessage());
|
||||
jsonGenerator.writeString(data);
|
||||
}
|
||||
break;
|
||||
case CHINESE_NAME:
|
||||
jsonGenerator.writeString(SensitiveInfoUtil.chineseName(data));
|
||||
break;
|
||||
case ID_CARD:
|
||||
jsonGenerator.writeString(SensitiveInfoUtil.idCardNum(data));
|
||||
break;
|
||||
case FIXED_PHONE:
|
||||
jsonGenerator.writeString(SensitiveInfoUtil.fixedPhone(data));
|
||||
break;
|
||||
case MOBILE_PHONE:
|
||||
jsonGenerator.writeString(SensitiveInfoUtil.mobilePhone(data));
|
||||
break;
|
||||
case ADDRESS:
|
||||
jsonGenerator.writeString(SensitiveInfoUtil.address(data, 3));
|
||||
break;
|
||||
case EMAIL:
|
||||
jsonGenerator.writeString(SensitiveInfoUtil.email(data));
|
||||
break;
|
||||
case BANK_CARD:
|
||||
jsonGenerator.writeString(SensitiveInfoUtil.bankCard(data));
|
||||
break;
|
||||
case CNAPS_CODE:
|
||||
jsonGenerator.writeString(SensitiveInfoUtil.cnapsCode(data));
|
||||
break;
|
||||
default:
|
||||
jsonGenerator.writeString(data);
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
public JsonSerializer<?> createContextual(SerializerProvider serializerProvider, BeanProperty beanProperty) throws JsonMappingException {
|
||||
if (beanProperty != null) {
|
||||
if (Objects.equals(beanProperty.getType().getRawClass(), String.class)) {
|
||||
Sensitive sensitive = beanProperty.getAnnotation(Sensitive.class);
|
||||
if (sensitive == null) {
|
||||
sensitive = beanProperty.getContextAnnotation(Sensitive.class);
|
||||
}
|
||||
if (sensitive != null) {
|
||||
return new SensitiveSerialize(sensitive.type());
|
||||
}
|
||||
}
|
||||
return serializerProvider.findValueSerializer(beanProperty.getType(), beanProperty);
|
||||
}
|
||||
return serializerProvider.findNullValueSerializer(null);
|
||||
}
|
||||
}
|
||||
@ -0,0 +1,26 @@
|
||||
package org.jeecg.common.desensitization.annotation;
|
||||
|
||||
|
||||
import com.fasterxml.jackson.annotation.JacksonAnnotationsInside;
|
||||
import com.fasterxml.jackson.databind.annotation.JsonSerialize;
|
||||
import org.jeecg.common.desensitization.SensitiveSerialize;
|
||||
import org.jeecg.common.desensitization.enums.SensitiveEnum;
|
||||
|
||||
import java.lang.annotation.*;
|
||||
|
||||
/**
|
||||
* 在字段上定义 标识字段存储的信息是敏感的
|
||||
*/
|
||||
@Documented
|
||||
@Retention(RetentionPolicy.RUNTIME)
|
||||
@Target(ElementType.FIELD)
|
||||
@JacksonAnnotationsInside
|
||||
@JsonSerialize(using = SensitiveSerialize.class)
|
||||
public @interface Sensitive {
|
||||
|
||||
/**
|
||||
* 不同类型处理不同
|
||||
* @return
|
||||
*/
|
||||
SensitiveEnum type() default SensitiveEnum.ENCODE;
|
||||
}
|
||||
@ -198,7 +198,7 @@ public class SensitiveInfoUtil {
|
||||
* @param fullName 全名
|
||||
* @return <例子:李**>
|
||||
*/
|
||||
private static String chineseName(String fullName) {
|
||||
public static String chineseName(String fullName) {
|
||||
if (oConvertUtils.isEmpty(fullName)) {
|
||||
return "";
|
||||
}
|
||||
@ -211,7 +211,7 @@ public class SensitiveInfoUtil {
|
||||
* @param firstName 名
|
||||
* @return <例子:李**>
|
||||
*/
|
||||
private static String chineseName(String familyName, String firstName) {
|
||||
public static String chineseName(String familyName, String firstName) {
|
||||
if (oConvertUtils.isEmpty(familyName) || oConvertUtils.isEmpty(firstName)) {
|
||||
return "";
|
||||
}
|
||||
@ -223,7 +223,7 @@ public class SensitiveInfoUtil {
|
||||
* @param id 身份证号
|
||||
* @return <例子:*************5762>
|
||||
*/
|
||||
private static String idCardNum(String id) {
|
||||
public static String idCardNum(String id) {
|
||||
if (oConvertUtils.isEmpty(id)) {
|
||||
return "";
|
||||
}
|
||||
@ -236,7 +236,7 @@ public class SensitiveInfoUtil {
|
||||
* @param num 固定电话
|
||||
* @return <例子:****1234>
|
||||
*/
|
||||
private static String fixedPhone(String num) {
|
||||
public static String fixedPhone(String num) {
|
||||
if (oConvertUtils.isEmpty(num)) {
|
||||
return "";
|
||||
}
|
||||
@ -248,7 +248,7 @@ public class SensitiveInfoUtil {
|
||||
* @param num 手机号码
|
||||
* @return <例子:138******1234>
|
||||
*/
|
||||
private static String mobilePhone(String num) {
|
||||
public static String mobilePhone(String num) {
|
||||
if (oConvertUtils.isEmpty(num)) {
|
||||
return "";
|
||||
}
|
||||
@ -265,7 +265,7 @@ public class SensitiveInfoUtil {
|
||||
* @param sensitiveSize 敏感信息长度
|
||||
* @return <例子:北京市海淀区****>
|
||||
*/
|
||||
private static String address(String address, int sensitiveSize) {
|
||||
public static String address(String address, int sensitiveSize) {
|
||||
if (oConvertUtils.isEmpty(address)) {
|
||||
return "";
|
||||
}
|
||||
@ -281,7 +281,7 @@ public class SensitiveInfoUtil {
|
||||
* @param email 电子邮箱
|
||||
* @return <例子:g**@163.com>
|
||||
*/
|
||||
private static String email(String email) {
|
||||
public static String email(String email) {
|
||||
if (oConvertUtils.isEmpty(email)) {
|
||||
return "";
|
||||
}
|
||||
@ -300,7 +300,7 @@ public class SensitiveInfoUtil {
|
||||
* @param cardNum 银行卡号
|
||||
* @return <例子:6222600**********1234>
|
||||
*/
|
||||
private static String bankCard(String cardNum) {
|
||||
public static String bankCard(String cardNum) {
|
||||
if (oConvertUtils.isEmpty(cardNum)) {
|
||||
return "";
|
||||
}
|
||||
@ -312,7 +312,7 @@ public class SensitiveInfoUtil {
|
||||
* @param code 公司开户银行联号
|
||||
* @return <例子:12********>
|
||||
*/
|
||||
private static String cnapsCode(String code) {
|
||||
public static String cnapsCode(String code) {
|
||||
if (oConvertUtils.isEmpty(code)) {
|
||||
return "";
|
||||
}
|
||||
@ -326,7 +326,7 @@ public class SensitiveInfoUtil {
|
||||
* @param reservedLength 保留长度
|
||||
* @return 格式化后的字符串
|
||||
*/
|
||||
private static String formatRight(String str, int reservedLength){
|
||||
public static String formatRight(String str, int reservedLength){
|
||||
String name = str.substring(0, reservedLength);
|
||||
String stars = String.join("", Collections.nCopies(str.length()-reservedLength, "*"));
|
||||
return name + stars;
|
||||
@ -338,7 +338,7 @@ public class SensitiveInfoUtil {
|
||||
* @param reservedLength 保留长度
|
||||
* @return 格式化后的字符串
|
||||
*/
|
||||
private static String formatLeft(String str, int reservedLength){
|
||||
public static String formatLeft(String str, int reservedLength){
|
||||
int len = str.length();
|
||||
String show = str.substring(len-reservedLength);
|
||||
String stars = String.join("", Collections.nCopies(len-reservedLength, "*"));
|
||||
@ -352,7 +352,7 @@ public class SensitiveInfoUtil {
|
||||
* @param endLen 结尾保留长度
|
||||
* @return 格式化后的字符串
|
||||
*/
|
||||
private static String formatBetween(String str, int beginLen, int endLen){
|
||||
public static String formatBetween(String str, int beginLen, int endLen){
|
||||
int len = str.length();
|
||||
String begin = str.substring(0, beginLen);
|
||||
String end = str.substring(len-endLen);
|
||||
|
||||
@ -0,0 +1,40 @@
|
||||
package org.jeecg.common.exception;
|
||||
|
||||
import org.jeecg.common.constant.CommonConstant;
|
||||
|
||||
/**
|
||||
* @Description: 业务提醒异常(用于操作业务提醒)
|
||||
* @date: 2024-04-26
|
||||
* @author: scott
|
||||
*/
|
||||
public class JeecgBootBizTipException extends RuntimeException {
|
||||
private static final long serialVersionUID = 1L;
|
||||
|
||||
/**
|
||||
* 返回给前端的错误code
|
||||
*/
|
||||
private int errCode = CommonConstant.SC_INTERNAL_SERVER_ERROR_500;
|
||||
|
||||
public JeecgBootBizTipException(String message){
|
||||
super(message);
|
||||
}
|
||||
|
||||
public JeecgBootBizTipException(String message, int errCode){
|
||||
super(message);
|
||||
this.errCode = errCode;
|
||||
}
|
||||
|
||||
public int getErrCode() {
|
||||
return errCode;
|
||||
}
|
||||
|
||||
public JeecgBootBizTipException(Throwable cause)
|
||||
{
|
||||
super(cause);
|
||||
}
|
||||
|
||||
public JeecgBootBizTipException(String message, Throwable cause)
|
||||
{
|
||||
super(message,cause);
|
||||
}
|
||||
}
|
||||
@ -1,5 +1,7 @@
|
||||
package org.jeecg.common.exception;
|
||||
|
||||
import org.jeecg.common.constant.CommonConstant;
|
||||
|
||||
/**
|
||||
* @Description: jeecg-boot自定义异常
|
||||
* @author: jeecg-boot
|
||||
@ -7,10 +9,24 @@ package org.jeecg.common.exception;
|
||||
public class JeecgBootException extends RuntimeException {
|
||||
private static final long serialVersionUID = 1L;
|
||||
|
||||
/**
|
||||
* 返回给前端的错误code
|
||||
*/
|
||||
private int errCode = CommonConstant.SC_INTERNAL_SERVER_ERROR_500;
|
||||
|
||||
public JeecgBootException(String message){
|
||||
super(message);
|
||||
}
|
||||
|
||||
|
||||
public JeecgBootException(String message, int errCode){
|
||||
super(message);
|
||||
this.errCode = errCode;
|
||||
}
|
||||
|
||||
public int getErrCode() {
|
||||
return errCode;
|
||||
}
|
||||
|
||||
public JeecgBootException(Throwable cause)
|
||||
{
|
||||
super(cause);
|
||||
|
||||
@ -1,23 +1,39 @@
|
||||
package org.jeecg.common.exception;
|
||||
|
||||
import cn.hutool.core.util.ObjectUtil;
|
||||
import jakarta.annotation.Resource;
|
||||
import jakarta.servlet.http.HttpServletRequest;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.apache.commons.lang3.exception.ExceptionUtils;
|
||||
import org.apache.shiro.SecurityUtils;
|
||||
import org.jeecg.common.api.dto.LogDTO;
|
||||
import org.jeecg.common.api.vo.Result;
|
||||
import org.jeecg.common.constant.CommonConstant;
|
||||
import org.jeecg.common.constant.enums.ClientTerminalTypeEnum;
|
||||
import org.jeecg.common.enums.SentinelErrorInfoEnum;
|
||||
import org.jeecg.common.system.vo.LoginUser;
|
||||
import org.jeecg.common.util.BrowserUtils;
|
||||
import org.jeecg.common.util.IpUtils;
|
||||
import org.jeecg.common.util.SpringContextUtils;
|
||||
import org.jeecg.common.util.oConvertUtils;
|
||||
import org.jeecg.modules.base.service.BaseCommonService;
|
||||
import org.springframework.beans.BeansException;
|
||||
import org.springframework.dao.DataIntegrityViolationException;
|
||||
import org.springframework.dao.DuplicateKeyException;
|
||||
import org.springframework.data.redis.connection.PoolException;
|
||||
import org.springframework.http.HttpStatus;
|
||||
import org.springframework.security.access.AccessDeniedException;
|
||||
import org.springframework.security.core.AuthenticationException;
|
||||
import org.springframework.util.CollectionUtils;
|
||||
import org.springframework.web.HttpRequestMethodNotSupportedException;
|
||||
import org.springframework.web.bind.annotation.ExceptionHandler;
|
||||
import org.springframework.web.bind.annotation.ResponseBody;
|
||||
import org.springframework.web.bind.annotation.ResponseStatus;
|
||||
import org.springframework.web.bind.annotation.RestControllerAdvice;
|
||||
import org.springframework.web.multipart.MaxUploadSizeExceededException;
|
||||
import org.springframework.web.servlet.NoHandlerFoundException;
|
||||
|
||||
import java.util.Map;
|
||||
|
||||
/**
|
||||
* 异常处理器
|
||||
*
|
||||
@ -27,7 +43,10 @@ import org.springframework.web.servlet.NoHandlerFoundException;
|
||||
@RestControllerAdvice
|
||||
@Slf4j
|
||||
public class JeecgBootExceptionHandler {
|
||||
|
||||
|
||||
@Resource
|
||||
BaseCommonService baseCommonService;
|
||||
|
||||
/**
|
||||
* 验证码错误异常
|
||||
*/
|
||||
@ -52,7 +71,17 @@ public class JeecgBootExceptionHandler {
|
||||
@ExceptionHandler(JeecgBootException.class)
|
||||
public Result<?> handleJeecgBootException(JeecgBootException e){
|
||||
log.error(e.getMessage(), e);
|
||||
return Result.error(e.getMessage());
|
||||
addSysLog(e);
|
||||
return Result.error(e.getErrCode(), e.getMessage());
|
||||
}
|
||||
|
||||
/**
|
||||
* 处理自定义异常
|
||||
*/
|
||||
@ExceptionHandler(JeecgBootBizTipException.class)
|
||||
public Result<?> handleJeecgBootBizTipException(JeecgBootBizTipException e){
|
||||
log.error(e.getMessage());
|
||||
return Result.error(e.getErrCode(), e.getMessage());
|
||||
}
|
||||
|
||||
/**
|
||||
@ -61,6 +90,7 @@ public class JeecgBootExceptionHandler {
|
||||
@ExceptionHandler(JeecgCloudException.class)
|
||||
public Result<?> handleJeecgCloudException(JeecgCloudException e){
|
||||
log.error(e.getMessage(), e);
|
||||
addSysLog(e);
|
||||
return Result.error(e.getMessage());
|
||||
}
|
||||
|
||||
@ -71,24 +101,28 @@ public class JeecgBootExceptionHandler {
|
||||
@ResponseStatus(HttpStatus.UNAUTHORIZED)
|
||||
public Result<?> handleJeecgBoot401Exception(JeecgBoot401Exception e){
|
||||
log.error(e.getMessage(), e);
|
||||
addSysLog(e);
|
||||
return new Result(401,e.getMessage());
|
||||
}
|
||||
|
||||
@ExceptionHandler(NoHandlerFoundException.class)
|
||||
public Result<?> handlerNoFoundException(Exception e) {
|
||||
log.error(e.getMessage(), e);
|
||||
addSysLog(e);
|
||||
return Result.error(404, "路径不存在,请检查路径是否正确");
|
||||
}
|
||||
|
||||
@ExceptionHandler(DuplicateKeyException.class)
|
||||
public Result<?> handleDuplicateKeyException(DuplicateKeyException e){
|
||||
log.error(e.getMessage(), e);
|
||||
addSysLog(e);
|
||||
return Result.error("数据库中已存在该记录");
|
||||
}
|
||||
|
||||
@ExceptionHandler(AccessDeniedException.class)
|
||||
public Result<?> handleAuthorizationException(AccessDeniedException e){
|
||||
return Result.noauth("没有权限,请联系管理员授权");
|
||||
@ExceptionHandler(AccessDeniedException.class)
|
||||
public Result<?> handleAuthorizationException(AccessDeniedException e){
|
||||
log.error(e.getMessage(), e);
|
||||
return Result.noauth("没有权限,请联系管理员授权,后刷新缓存!");
|
||||
}
|
||||
|
||||
@ExceptionHandler(Exception.class)
|
||||
@ -101,6 +135,7 @@ public class JeecgBootExceptionHandler {
|
||||
return Result.error(errorInfoEnum.getError());
|
||||
}
|
||||
//update-end---author:zyf ---date:20220411 for:处理Sentinel限流自定义异常
|
||||
addSysLog(e);
|
||||
return Result.error("操作失败,"+e.getMessage());
|
||||
}
|
||||
|
||||
@ -125,6 +160,7 @@ public class JeecgBootExceptionHandler {
|
||||
}
|
||||
log.error(sb.toString(), e);
|
||||
//return Result.error("没有权限,请联系管理员授权");
|
||||
addSysLog(e);
|
||||
return Result.error(405,sb.toString());
|
||||
}
|
||||
|
||||
@ -134,12 +170,14 @@ public class JeecgBootExceptionHandler {
|
||||
@ExceptionHandler(MaxUploadSizeExceededException.class)
|
||||
public Result<?> handleMaxUploadSizeExceededException(MaxUploadSizeExceededException e) {
|
||||
log.error(e.getMessage(), e);
|
||||
addSysLog(e);
|
||||
return Result.error("文件大小超出10MB限制, 请压缩或降低文件质量! ");
|
||||
}
|
||||
|
||||
@ExceptionHandler(DataIntegrityViolationException.class)
|
||||
public Result<?> handleDataIntegrityViolationException(DataIntegrityViolationException e) {
|
||||
log.error(e.getMessage(), e);
|
||||
addSysLog(e);
|
||||
//【issues/3624】数据库执行异常handleDataIntegrityViolationException提示有误 #3624
|
||||
return Result.error("执行数据库异常,违反了完整性例如:违反惟一约束、违反非空限制、字段内容超出长度等");
|
||||
}
|
||||
@ -147,6 +185,7 @@ public class JeecgBootExceptionHandler {
|
||||
@ExceptionHandler(PoolException.class)
|
||||
public Result<?> handlePoolException(PoolException e) {
|
||||
log.error(e.getMessage(), e);
|
||||
addSysLog(e);
|
||||
return Result.error("Redis 连接异常!");
|
||||
}
|
||||
|
||||
@ -167,7 +206,57 @@ public class JeecgBootExceptionHandler {
|
||||
log.error("校验失败,存在SQL注入风险!{}", msg);
|
||||
return Result.error("校验失败,存在SQL注入风险!");
|
||||
}
|
||||
addSysLog(exception);
|
||||
return Result.error("校验失败,存在SQL注入风险!" + msg);
|
||||
}
|
||||
|
||||
//update-begin---author:chenrui ---date:20240423 for:[QQYUN-8732]把错误的日志都抓取了 方便后续处理,单独弄个日志类型------------
|
||||
/**
|
||||
* 添加异常新系统日志
|
||||
* @param e 异常
|
||||
* @author chenrui
|
||||
* @date 2024/4/22 17:16
|
||||
*/
|
||||
private void addSysLog(Throwable e) {
|
||||
LogDTO log = new LogDTO();
|
||||
log.setLogType(CommonConstant.LOG_TYPE_4);
|
||||
log.setLogContent(e.getClass().getName()+":"+e.getMessage());
|
||||
log.setRequestParam(ExceptionUtils.getStackTrace(e));
|
||||
//获取request
|
||||
HttpServletRequest request = null;
|
||||
try {
|
||||
request = SpringContextUtils.getHttpServletRequest();
|
||||
} catch (NullPointerException | BeansException ignored) {
|
||||
}
|
||||
if (null != request) {
|
||||
//请求的参数
|
||||
Map<String, String[]> parameterMap = request.getParameterMap();
|
||||
if(!CollectionUtils.isEmpty(parameterMap)){
|
||||
log.setMethod(oConvertUtils.mapToString(request.getParameterMap()));
|
||||
}
|
||||
// 请求地址
|
||||
log.setRequestUrl(request.getRequestURI());
|
||||
//设置IP地址
|
||||
log.setIp(IpUtils.getIpAddr(request));
|
||||
//设置客户端
|
||||
if(BrowserUtils.isDesktop(request)){
|
||||
log.setClientType(ClientTerminalTypeEnum.PC.getKey());
|
||||
}else{
|
||||
log.setClientType(ClientTerminalTypeEnum.APP.getKey());
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
//获取登录用户信息
|
||||
LoginUser sysUser = (LoginUser) SecurityUtils.getSubject().getPrincipal();
|
||||
if(sysUser!=null){
|
||||
log.setUserid(sysUser.getUsername());
|
||||
log.setUsername(sysUser.getRealname());
|
||||
|
||||
}
|
||||
|
||||
baseCommonService.addLog(log);
|
||||
}
|
||||
//update-end---author:chenrui ---date:20240423 for:[QQYUN-8732]把错误的日志都抓取了 方便后续处理,单独弄个日志类型------------
|
||||
|
||||
}
|
||||
|
||||
@ -0,0 +1,19 @@
|
||||
package org.jeecg.common.system.enhance;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
/**
|
||||
* 用户增强
|
||||
*/
|
||||
public interface UserFilterEnhance {
|
||||
|
||||
/**
|
||||
* 获取用户id
|
||||
* @param loginUserId 当前登录的用户id
|
||||
*
|
||||
* @return List<String> 返回多个用户id
|
||||
*/
|
||||
default List<String> getUserIds(String loginUserId) {
|
||||
return null;
|
||||
}
|
||||
}
|
||||
@ -2,7 +2,6 @@ package org.jeecg.common.system.query;
|
||||
|
||||
import java.beans.PropertyDescriptor;
|
||||
import java.io.UnsupportedEncodingException;
|
||||
import java.lang.reflect.Field;
|
||||
import java.math.BigDecimal;
|
||||
import java.net.URLDecoder;
|
||||
import java.text.ParseException;
|
||||
@ -15,7 +14,6 @@ import java.util.stream.Collectors;
|
||||
import org.apache.commons.beanutils.PropertyUtils;
|
||||
import org.jeecg.common.constant.CommonConstant;
|
||||
import org.jeecg.common.constant.DataBaseConstant;
|
||||
import org.jeecg.common.constant.SymbolConstant;
|
||||
import org.jeecg.common.exception.JeecgBootException;
|
||||
import org.jeecg.common.system.util.JeecgDataAutorUtils;
|
||||
import org.jeecg.common.system.util.JwtUtil;
|
||||
@ -25,7 +23,6 @@ import org.jeecg.common.util.*;
|
||||
import org.springframework.util.NumberUtils;
|
||||
|
||||
import com.alibaba.fastjson.JSON;
|
||||
import com.baomidou.mybatisplus.annotation.TableField;
|
||||
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
|
||||
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
@ -94,10 +91,27 @@ public class QueryGenerator {
|
||||
public static <T> QueryWrapper<T> initQueryWrapper(T searchObj,Map<String, String[]> parameterMap){
|
||||
long start = System.currentTimeMillis();
|
||||
QueryWrapper<T> queryWrapper = new QueryWrapper<T>();
|
||||
installMplus(queryWrapper, searchObj, parameterMap);
|
||||
installMplus(queryWrapper, searchObj, parameterMap, null);
|
||||
log.debug("---查询条件构造器初始化完成,耗时:"+(System.currentTimeMillis()-start)+"毫秒----");
|
||||
return queryWrapper;
|
||||
}
|
||||
|
||||
//update-begin---author:chenrui ---date:20240527 for:[TV360X-378]增加自定义字段查询规则功能------------
|
||||
/**
|
||||
* 获取查询条件构造器QueryWrapper实例 通用查询条件已被封装完成
|
||||
* @param searchObj 查询实体
|
||||
* @param parameterMap request.getParameterMap()
|
||||
* @param customRuleMap 自定义字段查询规则 {field:QueryRuleEnum}
|
||||
* @return QueryWrapper实例
|
||||
*/
|
||||
public static <T> QueryWrapper<T> initQueryWrapper(T searchObj,Map<String, String[]> parameterMap, Map<String, QueryRuleEnum> customRuleMap){
|
||||
long start = System.currentTimeMillis();
|
||||
QueryWrapper<T> queryWrapper = new QueryWrapper<T>();
|
||||
installMplus(queryWrapper, searchObj, parameterMap, customRuleMap);
|
||||
log.debug("---查询条件构造器初始化完成,耗时:"+(System.currentTimeMillis()-start)+"毫秒----");
|
||||
return queryWrapper;
|
||||
}
|
||||
//update-end---author:chenrui ---date:20240527 for:[TV360X-378]增加自定义字段查询规则功能------------
|
||||
|
||||
/**
|
||||
* 组装Mybatis Plus 查询条件
|
||||
@ -108,8 +122,7 @@ public class QueryGenerator {
|
||||
* <br>正确示例:QueryWrapper<JeecgDemo> queryWrapper = new QueryWrapper<JeecgDemo>();
|
||||
* <br>3.也可以不使用这个方法直接调用 {@link #initQueryWrapper}直接获取实例
|
||||
*/
|
||||
private static void installMplus(QueryWrapper<?> queryWrapper,Object searchObj,Map<String, String[]> parameterMap) {
|
||||
|
||||
private static void installMplus(QueryWrapper<?> queryWrapper, Object searchObj, Map<String, String[]> parameterMap, Map<String, QueryRuleEnum> customRuleMap) {
|
||||
/*
|
||||
* 注意:权限查询由前端配置数据规则 当一个人有多个所属部门时候 可以在规则配置包含条件 orgCode 包含 #{sys_org_code}
|
||||
但是不支持在自定义SQL中写orgCode in #{sys_org_code}
|
||||
@ -174,8 +187,16 @@ public class QueryGenerator {
|
||||
queryWrapper.and(j -> j.like(field,vals[0]));
|
||||
}
|
||||
}else {
|
||||
//根据参数值带什么关键字符串判断走什么类型的查询
|
||||
QueryRuleEnum rule = convert2Rule(value);
|
||||
//update-begin---author:chenrui ---date:20240527 for:[TV360X-378]增加自定义字段查询规则功能------------
|
||||
QueryRuleEnum rule;
|
||||
if(null != customRuleMap && customRuleMap.containsKey(name)) {
|
||||
// 有自定义规则,使用自定义规则.
|
||||
rule = customRuleMap.get(name);
|
||||
}else {
|
||||
//根据参数值带什么关键字符串判断走什么类型的查询
|
||||
rule = convert2Rule(value);
|
||||
}
|
||||
//update-end---author:chenrui ---date:20240527 for:[TV360X-378]增加自定义字段查询规则功能------------
|
||||
value = replaceValue(rule,value);
|
||||
// add -begin 添加判断为字符串时设为全模糊查询
|
||||
//if( (rule==null || QueryRuleEnum.EQ.equals(rule)) && "class java.lang.String".equals(type)) {
|
||||
@ -274,7 +295,7 @@ public class QueryGenerator {
|
||||
//update-end-author:scott date:2022-10-10 for:【jeecg-boot/issues/I5FJU6】doMultiFieldsOrder() 多字段排序方法存在问题
|
||||
|
||||
//SQL注入check
|
||||
SqlInjectionUtil.filterContent(column);
|
||||
SqlInjectionUtil.filterContentMulti(column);
|
||||
|
||||
//update-begin--Author:scott Date:20210531 for:36 多条件排序无效问题修正-------
|
||||
// 排序规则修改
|
||||
@ -678,9 +699,40 @@ public class QueryGenerator {
|
||||
case LEFT_LIKE:
|
||||
queryWrapper.likeLeft(name, value);
|
||||
break;
|
||||
case NOT_LEFT_LIKE:
|
||||
queryWrapper.notLikeLeft(name, value);
|
||||
break;
|
||||
case RIGHT_LIKE:
|
||||
queryWrapper.likeRight(name, value);
|
||||
break;
|
||||
case NOT_RIGHT_LIKE:
|
||||
queryWrapper.notLikeRight(name, value);
|
||||
break;
|
||||
//update-begin---author:chenrui ---date:20240527 for:[TV360X-378]下拉多框根据条件查询不出来:增加自定义字段查询规则功能------------
|
||||
case LIKE_WITH_OR:
|
||||
final String nameFinal = name;
|
||||
Object[] vals;
|
||||
if (value instanceof String) {
|
||||
vals = value.toString().split(COMMA);
|
||||
} else if (value instanceof String[]) {
|
||||
vals = (Object[]) value;
|
||||
}
|
||||
//update-begin-author:taoyan date:20200909 for:【bug】in 类型多值查询 不适配postgresql #1671
|
||||
else if (value.getClass().isArray()) {
|
||||
vals = (Object[]) value;
|
||||
} else {
|
||||
vals = new Object[]{value};
|
||||
}
|
||||
queryWrapper.and(j -> {
|
||||
log.info("---查询过滤器,Query规则---field:{}, rule:{}, value:{}", nameFinal, "like", vals[0]);
|
||||
j = j.like(nameFinal, vals[0]);
|
||||
for (int k = 1; k < vals.length; k++) {
|
||||
j = j.or().like(nameFinal, vals[k]);
|
||||
log.info("---查询过滤器,Query规则 .or()---field:{}, rule:{}, value:{}", nameFinal, "like", vals[k]);
|
||||
}
|
||||
});
|
||||
break;
|
||||
//update-end---author:chenrui ---date:20240527 for:[TV360X-378]下拉多框根据条件查询不出来:增加自定义字段查询规则功能------------
|
||||
default:
|
||||
log.info("--查询规则未匹配到---");
|
||||
break;
|
||||
@ -856,7 +908,9 @@ public class QueryGenerator {
|
||||
Class propType = origDescriptors[i].getPropertyType();
|
||||
boolean isString = propType.equals(String.class);
|
||||
Object value;
|
||||
if(isString) {
|
||||
//update-begin---author:chenrui ---date:20240527 for:[TV360X-539]数据权限,配置日期等于条件时后端报转换错误------------
|
||||
if(isString || Date.class.equals(propType)) {
|
||||
//update-end---author:chenrui ---date:20240527 for:[TV360X-539]数据权限,配置日期等于条件时后端报转换错误------------
|
||||
value = converRuleValue(dataRule.getRuleValue());
|
||||
}else {
|
||||
value = NumberUtils.parseNumber(dataRule.getRuleValue(),propType);
|
||||
|
||||
@ -33,12 +33,21 @@ public enum QueryRuleEnum {
|
||||
RIGHT_LIKE("RIGHT_LIKE","right_like","右模糊"),
|
||||
/**查询规则 带加号等于*/
|
||||
EQ_WITH_ADD("EQWITHADD","eq_with_add","带加号等于"),
|
||||
/**查询规则 多词模糊匹配*/
|
||||
/**查询规则 多词模糊匹配(and)*/
|
||||
LIKE_WITH_AND("LIKEWITHAND","like_with_and","多词模糊匹配————暂时未用上"),
|
||||
/**查询规则 多词模糊匹配(or)*/
|
||||
LIKE_WITH_OR("LIKEWITHOR","like_with_or","多词模糊匹配(or)"),
|
||||
/**查询规则 自定义SQL片段*/
|
||||
SQL_RULES("USE_SQL_RULES","ext","自定义SQL片段"),
|
||||
|
||||
|
||||
/** 查询工作表 */
|
||||
LINKAGE("LINKAGE","linkage","查询工作表"),
|
||||
|
||||
// ------- 当前表单设计器内专用 -------
|
||||
/**查询规则 不以…结尾*/
|
||||
NOT_LEFT_LIKE("NOT_LEFT_LIKE","not_left_like","不以…结尾"),
|
||||
/**查询规则 不以…开头*/
|
||||
NOT_RIGHT_LIKE("NOT_RIGHT_LIKE","not_right_like","不以…开头"),
|
||||
/** 值为空 */
|
||||
EMPTY("EMPTY","empty","值为空"),
|
||||
/** 值不为空 */
|
||||
@ -49,7 +58,10 @@ public enum QueryRuleEnum {
|
||||
ELE_MATCH("ELE_MATCH","elemMatch","多词匹配"),
|
||||
/**查询规则 范围查询*/
|
||||
RANGE("RANGE","range","范围查询"),
|
||||
NOT_RANGE("NOT_RANGE","not_range","不在范围查询");
|
||||
/**查询规则 不在范围内查询*/
|
||||
NOT_RANGE("NOT_RANGE","not_range","不在范围查询"),
|
||||
/** 自定义mongodb查询语句 */
|
||||
CUSTOM_MONGODB("CUSTOM_MONGODB","custom_mongodb","自定义mongodb查询语句");
|
||||
// ------- 当前表单设计器内专用 -------
|
||||
|
||||
private String value;
|
||||
|
||||
@ -252,6 +252,16 @@ public class JwtUtil {
|
||||
returnValue = user.getSysUserCode();
|
||||
}
|
||||
}
|
||||
|
||||
// 替换为系统登录用户ID
|
||||
else if (key.equals(DataBaseConstant.SYS_USER_ID) || key.equalsIgnoreCase(DataBaseConstant.SYS_USER_ID_TABLE)) {
|
||||
if(user==null) {
|
||||
returnValue = sysUser.getId();
|
||||
}else {
|
||||
returnValue = user.getSysUserId();
|
||||
}
|
||||
}
|
||||
|
||||
//替换为系统登录用户真实名字
|
||||
else if (key.equals(DataBaseConstant.SYS_USER_NAME)|| key.toLowerCase().equals(DataBaseConstant.SYS_USER_NAME_TABLE)) {
|
||||
if(user==null) {
|
||||
@ -269,6 +279,16 @@ public class JwtUtil {
|
||||
returnValue = user.getSysOrgCode();
|
||||
}
|
||||
}
|
||||
|
||||
// 替换为系统用户登录所使用的机构ID
|
||||
else if (key.equals(DataBaseConstant.SYS_ORG_ID) || key.equalsIgnoreCase(DataBaseConstant.SYS_ORG_ID_TABLE)) {
|
||||
if (user == null) {
|
||||
returnValue = sysUser.getOrgId();
|
||||
} else {
|
||||
returnValue = user.getSysOrgId();
|
||||
}
|
||||
}
|
||||
|
||||
//替换为系统用户所拥有的所有机构编码
|
||||
else if (key.equals(DataBaseConstant.SYS_MULTI_ORG_CODE)|| key.toLowerCase().equals(DataBaseConstant.SYS_MULTI_ORG_CODE_TABLE)) {
|
||||
if(user==null){
|
||||
@ -282,6 +302,16 @@ public class JwtUtil {
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// 替换为当前登录用户的角色code(多个逗号分割)
|
||||
else if (key.equals(DataBaseConstant.SYS_ROLE_CODE) || key.equalsIgnoreCase(DataBaseConstant.SYS_ROLE_CODE_TABLE)) {
|
||||
if (user == null) {
|
||||
returnValue = sysUser.getRoleCode();
|
||||
} else {
|
||||
returnValue = user.getSysRoleCode();
|
||||
}
|
||||
}
|
||||
|
||||
//update-begin-author:taoyan date:20210330 for:多租户ID作为系统变量
|
||||
else if (key.equals(TenantConstant.TENANT_ID) || key.toLowerCase().equals(TenantConstant.TENANT_ID_TABLE)){
|
||||
try {
|
||||
|
||||
@ -3,7 +3,9 @@ package org.jeecg.common.system.util;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.jeecg.common.system.annotation.EnumDict;
|
||||
import org.jeecg.common.system.vo.DictModel;
|
||||
import org.jeecg.common.util.SpringContextUtils;
|
||||
import org.jeecg.common.util.oConvertUtils;
|
||||
import org.springframework.beans.factory.NoSuchBeanDefinitionException;
|
||||
import org.springframework.core.io.Resource;
|
||||
import org.springframework.core.io.support.PathMatchingResourcePatternResolver;
|
||||
import org.springframework.core.io.support.ResourcePatternResolver;
|
||||
@ -114,4 +116,21 @@ public class ResourceUtil {
|
||||
return map;
|
||||
}
|
||||
|
||||
/**
|
||||
* 获取实现类
|
||||
*
|
||||
* @param classPath
|
||||
*/
|
||||
public static Object getImplementationClass(String classPath){
|
||||
try {
|
||||
Class<?> aClass = Class.forName(classPath);
|
||||
return SpringContextUtils.getBean(aClass);
|
||||
} catch (ClassNotFoundException e) {
|
||||
log.error("类没有找到",e);
|
||||
return null;
|
||||
} catch (NoSuchBeanDefinitionException e){
|
||||
log.error(classPath + "没有实现",e);
|
||||
return null;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -58,6 +58,17 @@ public class LoginUser implements Serializable {
|
||||
*/
|
||||
@SensitiveField
|
||||
private String orgCode;
|
||||
/**
|
||||
* 当前登录部门id
|
||||
*/
|
||||
@SensitiveField
|
||||
private String orgId;
|
||||
/**
|
||||
* 当前登录角色code(多个逗号分割)
|
||||
*/
|
||||
@SensitiveField
|
||||
private String roleCode;
|
||||
|
||||
/**
|
||||
* 头像
|
||||
*/
|
||||
|
||||
@ -19,6 +19,8 @@ public class SysFilesModel {
|
||||
private String storeType;
|
||||
/**文件大小(kb)*/
|
||||
private Double fileSize;
|
||||
/**租户id*/
|
||||
private String tenantId;
|
||||
|
||||
public String getId() {
|
||||
return id;
|
||||
@ -67,4 +69,12 @@ public class SysFilesModel {
|
||||
public void setFileSize(Double fileSize) {
|
||||
this.fileSize = fileSize;
|
||||
}
|
||||
|
||||
public String getTenantId() {
|
||||
return tenantId;
|
||||
}
|
||||
|
||||
public void setTenantId(String tenantId) {
|
||||
this.tenantId = tenantId;
|
||||
}
|
||||
}
|
||||
@ -9,17 +9,29 @@ import org.jeecg.common.util.DateUtils;
|
||||
* @author: jeecg-boot
|
||||
*/
|
||||
public class SysUserCacheInfo {
|
||||
|
||||
|
||||
private String sysUserId;
|
||||
|
||||
private String sysUserCode;
|
||||
|
||||
private String sysUserName;
|
||||
|
||||
private String sysOrgCode;
|
||||
|
||||
|
||||
/**
|
||||
* 当前用户部门ID
|
||||
*/
|
||||
private String sysOrgId;
|
||||
|
||||
private List<String> sysMultiOrgCode;
|
||||
|
||||
private boolean oneDepart;
|
||||
|
||||
|
||||
/**
|
||||
* 当前用户角色code(多个逗号分割)
|
||||
*/
|
||||
private String sysRoleCode;
|
||||
|
||||
public boolean isOneDepart() {
|
||||
return oneDepart;
|
||||
}
|
||||
@ -68,4 +80,27 @@ public class SysUserCacheInfo {
|
||||
this.sysMultiOrgCode = sysMultiOrgCode;
|
||||
}
|
||||
|
||||
public String getSysUserId() {
|
||||
return sysUserId;
|
||||
}
|
||||
|
||||
public void setSysUserId(String sysUserId) {
|
||||
this.sysUserId = sysUserId;
|
||||
}
|
||||
|
||||
public String getSysOrgId() {
|
||||
return sysOrgId;
|
||||
}
|
||||
|
||||
public void setSysOrgId(String sysOrgId) {
|
||||
this.sysOrgId = sysOrgId;
|
||||
}
|
||||
|
||||
public String getSysRoleCode() {
|
||||
return sysRoleCode;
|
||||
}
|
||||
|
||||
public void setSysRoleCode(String sysRoleCode) {
|
||||
this.sysRoleCode = sysRoleCode;
|
||||
}
|
||||
}
|
||||
|
||||
@ -28,7 +28,9 @@ import java.io.InputStream;
|
||||
import java.sql.Connection;
|
||||
import java.sql.DatabaseMetaData;
|
||||
import java.sql.SQLException;
|
||||
import java.util.*;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.Set;
|
||||
import java.util.regex.Matcher;
|
||||
import java.util.regex.Pattern;
|
||||
|
||||
@ -302,7 +304,7 @@ public class CommonUtils {
|
||||
DB_TYPE = DataBaseConstant.DB_TYPE_ORACLE;
|
||||
}else if(dbType.indexOf(DataBaseConstant.DB_TYPE_SQLSERVER)>=0||dbType.indexOf(sqlserver)>=0) {
|
||||
DB_TYPE = DataBaseConstant.DB_TYPE_SQLSERVER;
|
||||
}else if(dbType.indexOf(DataBaseConstant.DB_TYPE_POSTGRESQL)>=0) {
|
||||
}else if(dbType.indexOf(DataBaseConstant.DB_TYPE_POSTGRESQL)>=0 || dbType.indexOf(DataBaseConstant.DB_TYPE_KINGBASEES)>=0) {
|
||||
DB_TYPE = DataBaseConstant.DB_TYPE_POSTGRESQL;
|
||||
}else if(dbType.indexOf(DataBaseConstant.DB_TYPE_MARIADB)>=0) {
|
||||
DB_TYPE = DataBaseConstant.DB_TYPE_MARIADB;
|
||||
@ -346,8 +348,11 @@ public class CommonUtils {
|
||||
|
||||
//返回 host domain
|
||||
String baseDomainPath = null;
|
||||
int length = 80;
|
||||
if(length == serverPort){
|
||||
//update-begin---author:wangshuai---date:2024-03-15---for:【QQYUN-8561】企业微信登陆请求接口设置上下文不一致,导致接口404---
|
||||
int httpPort = 80;
|
||||
int httpsPort = 443;
|
||||
if(httpPort == serverPort || httpsPort == serverPort){
|
||||
//update-end---author:wangshuai---date:2024-03-15---for:【QQYUN-8561】企业微信登陆请求接口设置上下文不一致,导致接口404---~
|
||||
baseDomainPath = scheme + "://" + serverName + contextPath ;
|
||||
}else{
|
||||
baseDomainPath = scheme + "://" + serverName + ":" + serverPort + contextPath ;
|
||||
@ -467,4 +472,19 @@ public class CommonUtils {
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
/**
|
||||
* 输出info日志,会捕获异常,防止因为日志问题导致程序异常
|
||||
*
|
||||
* @param msg
|
||||
* @param objects
|
||||
*/
|
||||
public static void logInfo(String msg, Object... objects) {
|
||||
try {
|
||||
log.info(msg, objects);
|
||||
} catch (Exception e) {
|
||||
log.warn("{} —— {}", msg, e.getMessage());
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
@ -0,0 +1,242 @@
|
||||
package org.jeecg.common.util;
|
||||
|
||||
import cn.hutool.core.date.DateUtil;
|
||||
import org.jeecg.common.constant.enums.DateRangeEnum;
|
||||
|
||||
import java.util.Calendar;
|
||||
import java.util.Date;
|
||||
|
||||
/**
|
||||
* 日期范围工具类
|
||||
*
|
||||
* @author scott
|
||||
* @date 20230801
|
||||
*/
|
||||
public class DateRangeUtils {
|
||||
|
||||
/**
|
||||
* 根据日期范围枚举获取日期范围
|
||||
*
|
||||
* @param rangeEnum
|
||||
* @return Date[]
|
||||
*/
|
||||
public static Date[] getDateRangeByEnum(DateRangeEnum rangeEnum) {
|
||||
if (rangeEnum == null) {
|
||||
return null;
|
||||
}
|
||||
Date[] ranges = new Date[2];
|
||||
switch (rangeEnum) {
|
||||
case TODAY:
|
||||
ranges[0] = getTodayStartTime();
|
||||
ranges[1] = getTodayEndTime();
|
||||
break;
|
||||
case YESTERDAY:
|
||||
ranges[0] = getYesterdayStartTime();
|
||||
ranges[1] = getYesterdayEndTime();
|
||||
break;
|
||||
case TOMORROW:
|
||||
ranges[0] = getTomorrowStartTime();
|
||||
ranges[1] = getTomorrowEndTime();
|
||||
break;
|
||||
case THIS_WEEK:
|
||||
ranges[0] = getThisWeekStartDay();
|
||||
ranges[1] = getThisWeekEndDay();
|
||||
break;
|
||||
case LAST_WEEK:
|
||||
ranges[0] = getLastWeekStartDay();
|
||||
ranges[1] = getLastWeekEndDay();
|
||||
break;
|
||||
case NEXT_WEEK:
|
||||
ranges[0] = getNextWeekStartDay();
|
||||
ranges[1] = getNextWeekEndDay();
|
||||
break;
|
||||
case LAST_7_DAYS:
|
||||
ranges[0] = getLast7DaysStartTime();
|
||||
ranges[1] = getLast7DaysEndTime();
|
||||
break;
|
||||
case THIS_MONTH:
|
||||
ranges[0] = getThisMonthStartDay();
|
||||
ranges[1] = getThisMonthEndDay();
|
||||
break;
|
||||
case LAST_MONTH:
|
||||
ranges[0] = getLastMonthStartDay();
|
||||
ranges[1] = getLastMonthEndDay();
|
||||
break;
|
||||
case NEXT_MONTH:
|
||||
ranges[0] = getNextMonthStartDay();
|
||||
ranges[1] = getNextMonthEndDay();
|
||||
break;
|
||||
default:
|
||||
return null;
|
||||
}
|
||||
return ranges;
|
||||
}
|
||||
|
||||
/**
|
||||
* 获得下月第一天 周日 00:00:00
|
||||
*/
|
||||
public static Date getNextMonthStartDay() {
|
||||
return DateUtil.beginOfMonth(DateUtil.nextMonth());
|
||||
}
|
||||
|
||||
/**
|
||||
* 获得下月最后一天 23:59:59
|
||||
*/
|
||||
public static Date getNextMonthEndDay() {
|
||||
return DateUtil.endOfMonth(DateUtil.nextMonth());
|
||||
}
|
||||
|
||||
/**
|
||||
* 获得本月第一天 周日 00:00:00
|
||||
*/
|
||||
public static Date getThisMonthStartDay() {
|
||||
return DateUtil.beginOfMonth(DateUtil.date());
|
||||
}
|
||||
|
||||
/**
|
||||
* 获得本月最后一天 23:59:59
|
||||
*/
|
||||
public static Date getThisMonthEndDay() {
|
||||
return DateUtil.endOfMonth(DateUtil.date());
|
||||
}
|
||||
|
||||
/**
|
||||
* 获得上月第一天 周日 00:00:00
|
||||
*/
|
||||
public static Date getLastMonthStartDay() {
|
||||
return DateUtil.beginOfMonth(DateUtil.lastMonth());
|
||||
}
|
||||
|
||||
/**
|
||||
* 获得上月最后一天 23:59:59
|
||||
*/
|
||||
public static Date getLastMonthEndDay() {
|
||||
return DateUtil.endOfMonth(DateUtil.lastMonth());
|
||||
}
|
||||
|
||||
/**
|
||||
* 获得上周第一天 周一 00:00:00
|
||||
*/
|
||||
public static Date getLastWeekStartDay() {
|
||||
return DateUtil.beginOfWeek(DateUtil.lastWeek());
|
||||
}
|
||||
|
||||
/**
|
||||
* 获得上周最后一天 周日 23:59:59
|
||||
*/
|
||||
public static Date getLastWeekEndDay() {
|
||||
return DateUtil.endOfWeek(DateUtil.lastWeek());
|
||||
}
|
||||
|
||||
/**
|
||||
* 获得本周第一天 周一 00:00:00
|
||||
*/
|
||||
public static Date getThisWeekStartDay() {
|
||||
Date today = new Date();
|
||||
return DateUtil.beginOfWeek(today);
|
||||
}
|
||||
|
||||
/**
|
||||
* 获得本周最后一天 周日 23:59:59
|
||||
*/
|
||||
public static Date getThisWeekEndDay() {
|
||||
Date today = new Date();
|
||||
return DateUtil.endOfWeek(today);
|
||||
}
|
||||
|
||||
/**
|
||||
* 获得下周第一天 周一 00:00:00
|
||||
*/
|
||||
public static Date getNextWeekStartDay() {
|
||||
return DateUtil.beginOfWeek(DateUtil.nextWeek());
|
||||
}
|
||||
|
||||
/**
|
||||
* 获得下周最后一天 周日 23:59:59
|
||||
*/
|
||||
public static Date getNextWeekEndDay() {
|
||||
return DateUtil.endOfWeek(DateUtil.nextWeek());
|
||||
}
|
||||
|
||||
/**
|
||||
* 过去七天开始时间(不含今天)
|
||||
*
|
||||
* @return
|
||||
*/
|
||||
public static Date getLast7DaysStartTime() {
|
||||
Calendar calendar = Calendar.getInstance();
|
||||
calendar.setTime(new Date());
|
||||
calendar.add(Calendar.DATE, -7);
|
||||
return DateUtil.beginOfDay(calendar.getTime());
|
||||
}
|
||||
|
||||
/**
|
||||
* 过去七天结束时间(不含今天)
|
||||
*
|
||||
* @return
|
||||
*/
|
||||
public static Date getLast7DaysEndTime() {
|
||||
Calendar calendar = Calendar.getInstance();
|
||||
calendar.setTime(getLast7DaysStartTime());
|
||||
calendar.add(Calendar.DATE, 6);
|
||||
return DateUtil.endOfDay(calendar.getTime());
|
||||
}
|
||||
|
||||
/**
|
||||
* 昨天开始时间
|
||||
*
|
||||
* @return
|
||||
*/
|
||||
public static Date getYesterdayStartTime() {
|
||||
Calendar calendar = Calendar.getInstance();
|
||||
calendar.setTime(new Date());
|
||||
calendar.add(Calendar.DATE, -1);
|
||||
return DateUtil.beginOfDay(calendar.getTime());
|
||||
}
|
||||
|
||||
/**
|
||||
* 昨天结束时间
|
||||
*
|
||||
* @return
|
||||
*/
|
||||
public static Date getYesterdayEndTime() {
|
||||
return DateUtil.endOfDay(getYesterdayStartTime());
|
||||
}
|
||||
|
||||
/**
|
||||
* 明天开始时间
|
||||
*
|
||||
* @return
|
||||
*/
|
||||
public static Date getTomorrowStartTime() {
|
||||
return DateUtil.beginOfDay(DateUtil.tomorrow());
|
||||
}
|
||||
|
||||
/**
|
||||
* 明天结束时间
|
||||
*
|
||||
* @return
|
||||
*/
|
||||
public static Date getTomorrowEndTime() {
|
||||
return DateUtil.endOfDay(DateUtil.tomorrow());
|
||||
}
|
||||
|
||||
/**
|
||||
* 今天开始时间
|
||||
*
|
||||
* @return
|
||||
*/
|
||||
public static Date getTodayStartTime() {
|
||||
return DateUtil.beginOfDay(new Date());
|
||||
}
|
||||
|
||||
/**
|
||||
* 今天结束时间
|
||||
*
|
||||
* @return
|
||||
*/
|
||||
public static Date getTodayEndTime() {
|
||||
return DateUtil.endOfDay(new Date());
|
||||
}
|
||||
|
||||
}
|
||||
@ -8,6 +8,11 @@ import java.sql.Timestamp;
|
||||
import java.text.DateFormat;
|
||||
import java.text.ParseException;
|
||||
import java.text.SimpleDateFormat;
|
||||
import java.time.Duration;
|
||||
import java.time.LocalDate;
|
||||
import java.time.LocalDateTime;
|
||||
import java.time.ZoneId;
|
||||
import java.time.temporal.ChronoUnit;
|
||||
import java.util.Calendar;
|
||||
import java.util.Date;
|
||||
import java.util.GregorianCalendar;
|
||||
@ -116,6 +121,17 @@ public class DateUtils extends PropertyEditorSupport {
|
||||
public static Date getDate() {
|
||||
return new Date();
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* 当前日期
|
||||
*
|
||||
* @return 系统当前日期(不带时分秒)
|
||||
*/
|
||||
public static LocalDate getLocalDate() {
|
||||
LocalDate today = LocalDate.now();
|
||||
return today;
|
||||
}
|
||||
|
||||
/**
|
||||
* 指定毫秒数表示的日期
|
||||
@ -704,6 +720,44 @@ public class DateUtils extends PropertyEditorSupport {
|
||||
return isSameMonth && calendar1.get(Calendar.DAY_OF_MONTH) == calendar2.get(Calendar.DAY_OF_MONTH);
|
||||
}
|
||||
|
||||
/**
|
||||
* 计算与当前日期的时间差
|
||||
*
|
||||
* @param targetDate
|
||||
* @return
|
||||
*/
|
||||
public static long calculateTimeDifference(Date targetDate) {
|
||||
// 获取当前时间
|
||||
LocalDateTime currentTime = LocalDateTime.now();
|
||||
|
||||
// 将java.util.Date转换为java.time.LocalDateTime
|
||||
LocalDateTime convertedTargetDate = targetDate.toInstant().atZone(ZoneId.systemDefault()).toLocalDateTime();
|
||||
|
||||
// 计算时间差
|
||||
Duration duration = Duration.between(currentTime, convertedTargetDate);
|
||||
|
||||
// 获取时间差的毫秒数
|
||||
long timeDifferenceInMillis = duration.toMillis();
|
||||
|
||||
return timeDifferenceInMillis;
|
||||
}
|
||||
|
||||
/**
|
||||
* 计算与当前日期的日期天数差
|
||||
*
|
||||
* @param targetDate
|
||||
* @return
|
||||
*/
|
||||
public static long calculateDaysDifference(Date targetDate) {
|
||||
// 获取当前日期
|
||||
LocalDate currentDate = LocalDate.now();
|
||||
// 将java.util.Date转换为java.time.LocalDate
|
||||
LocalDate convertedTargetDate = targetDate.toInstant().atZone(ZoneId.systemDefault()).toLocalDate();
|
||||
// 计算日期差
|
||||
long daysDifference = ChronoUnit.DAYS.between(currentDate, convertedTargetDate);
|
||||
return daysDifference;
|
||||
}
|
||||
|
||||
/**
|
||||
* 判断两个时间是否是同一周
|
||||
*
|
||||
|
||||
@ -62,8 +62,8 @@ public class DySmsHelper {
|
||||
|
||||
//update-begin-author:taoyan date:20200811 for:配置类数据获取
|
||||
StaticConfig staticConfig = SpringContextUtils.getBean(StaticConfig.class);
|
||||
logger.info("阿里大鱼短信秘钥 accessKeyId:" + staticConfig.getAccessKeyId());
|
||||
logger.info("阿里大鱼短信秘钥 accessKeySecret:"+ staticConfig.getAccessKeySecret());
|
||||
//logger.info("阿里大鱼短信秘钥 accessKeyId:" + staticConfig.getAccessKeyId());
|
||||
//logger.info("阿里大鱼短信秘钥 accessKeySecret:"+ staticConfig.getAccessKeySecret());
|
||||
setAccessKeyId(staticConfig.getAccessKeyId());
|
||||
setAccessKeySecret(staticConfig.getAccessKeySecret());
|
||||
//update-end-author:taoyan date:20200811 for:配置类数据获取
|
||||
|
||||
@ -0,0 +1,96 @@
|
||||
package org.jeecg.common.util;
|
||||
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
|
||||
import java.util.concurrent.ConcurrentHashMap;
|
||||
|
||||
/**
|
||||
* 防止刷短信接口(只针对绑定手机号模板:SMS_175430166)
|
||||
*
|
||||
* 1、同一IP,1分钟内发短信不允许超过5次(每一分钟重置每个IP请求次数)
|
||||
* 2、同一IP,1分钟内发短信超过20次,进入黑名单,不让使用短信接口
|
||||
*
|
||||
* 3、短信接口加签和时间戳
|
||||
* 涉及接口:
|
||||
* /sys/sms
|
||||
* /desform/api/sendVerifyCode
|
||||
* /sys/sendChangePwdSms
|
||||
*/
|
||||
@Slf4j
|
||||
public class DySmsLimit {
|
||||
|
||||
// 1分钟内最大发短信数量(单一IP)
|
||||
private static final int MAX_MESSAGE_PER_MINUTE = 5;
|
||||
// 1分钟
|
||||
private static final int MILLIS_PER_MINUTE = 60000;
|
||||
// 一分钟内报警线最大短信数量,超了进黑名单(单一IP)
|
||||
private static final int MAX_TOTAL_MESSAGE_PER_MINUTE = 20;
|
||||
|
||||
private static ConcurrentHashMap<String, Long> ipLastRequestTime = new ConcurrentHashMap<>();
|
||||
private static ConcurrentHashMap<String, Integer> ipRequestCount = new ConcurrentHashMap<>();
|
||||
private static ConcurrentHashMap<String, Boolean> ipBlacklist = new ConcurrentHashMap<>();
|
||||
|
||||
/**
|
||||
* @param ip 请求发短信的IP地址
|
||||
* @return
|
||||
*/
|
||||
public static boolean canSendSms(String ip) {
|
||||
long currentTime = System.currentTimeMillis();
|
||||
long lastRequestTime = ipLastRequestTime.getOrDefault(ip, 0L);
|
||||
int requestCount = ipRequestCount.getOrDefault(ip, 0);
|
||||
log.info("IP:{}, Msg requestCount:{} ", ip, requestCount);
|
||||
|
||||
if (ipBlacklist.getOrDefault(ip, false)) {
|
||||
// 如果IP在黑名单中,则禁止发送短信
|
||||
log.error("IP:{}, 进入黑名单,禁止发送请求短信!", ip);
|
||||
return false;
|
||||
}
|
||||
|
||||
if (currentTime - lastRequestTime >= MILLIS_PER_MINUTE) {
|
||||
// 如果距离上次请求已经超过一分钟,则重置计数
|
||||
ipRequestCount.put(ip, 1);
|
||||
ipLastRequestTime.put(ip, currentTime);
|
||||
return true;
|
||||
} else {
|
||||
// 如果距离上次请求不到一分钟
|
||||
ipRequestCount.put(ip, requestCount + 1);
|
||||
if (requestCount < MAX_MESSAGE_PER_MINUTE) {
|
||||
// 如果请求次数小于5次,允许发送短信
|
||||
return true;
|
||||
} else if (requestCount >= MAX_TOTAL_MESSAGE_PER_MINUTE) {
|
||||
// 如果请求次数超过报警线短信数量,将IP加入黑名单
|
||||
ipBlacklist.put(ip, true);
|
||||
return false;
|
||||
} else {
|
||||
log.error("IP:{}, 1分钟内请求短信超过5次,请稍后重试!", ip);
|
||||
return false;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* 图片二维码验证成功之后清空数量
|
||||
*
|
||||
* @param ip IP地址
|
||||
*/
|
||||
public static void clearSendSmsCount(String ip) {
|
||||
long currentTime = System.currentTimeMillis();
|
||||
ipRequestCount.put(ip, 0);
|
||||
ipLastRequestTime.put(ip, currentTime);
|
||||
}
|
||||
|
||||
// public static void main(String[] args) {
|
||||
// String ip = "192.168.1.1";
|
||||
// for (int i = 1; i < 50; i++) {
|
||||
// if (canSendSms(ip)) {
|
||||
// System.out.println("Send SMS successfully");
|
||||
// } else {
|
||||
// //System.out.println("Exceed SMS limit for IP " + ip);
|
||||
// }
|
||||
// }
|
||||
//
|
||||
// System.out.println(ipLastRequestTime);
|
||||
// System.out.println(ipRequestCount);
|
||||
// System.out.println(ipBlacklist);
|
||||
// }
|
||||
}
|
||||
@ -7,6 +7,11 @@ import org.jeecg.common.constant.CommonConstant;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
|
||||
import java.net.InetAddress;
|
||||
import java.net.UnknownHostException;
|
||||
import java.util.regex.Matcher;
|
||||
import java.util.regex.Pattern;
|
||||
|
||||
/**
|
||||
* IP地址
|
||||
*
|
||||
@ -45,15 +50,52 @@ public class IpUtils {
|
||||
} catch (Exception e) {
|
||||
logger.error("IPUtils ERROR ", e);
|
||||
}
|
||||
|
||||
// //使用代理,则获取第一个IP地址
|
||||
// if(StringUtils.isEmpty(ip) && ip.length() > 15) {
|
||||
// if(ip.indexOf(",") > 0) {
|
||||
// ip = ip.substring(0, ip.indexOf(","));
|
||||
// }
|
||||
// }
|
||||
|
||||
//logger.info("获取客户端 ip:{} ", ip);
|
||||
// 使用代理,则获取第一个IP地址
|
||||
if (StringUtils.isNotEmpty(ip) && ip.length() > 15) {
|
||||
if (ip.indexOf(",") > 0) {
|
||||
//ip = ip.substring(0, ip.indexOf(","));
|
||||
String[] ipAddresses = ip.split(",");
|
||||
for (String ipAddress : ipAddresses) {
|
||||
ipAddress = ipAddress.trim();
|
||||
if (isValidIpAddress(ipAddress)) {
|
||||
return ipAddress;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return ip;
|
||||
}
|
||||
|
||||
|
||||
|
||||
/**
|
||||
* 判断是否是IP格式
|
||||
* @param ipAddress
|
||||
* @return
|
||||
*/
|
||||
public static boolean isValidIpAddress(String ipAddress) {
|
||||
String ipPattern = "^((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$";
|
||||
Pattern pattern = Pattern.compile(ipPattern);
|
||||
Matcher matcher = pattern.matcher(ipAddress);
|
||||
return matcher.matches();
|
||||
}
|
||||
|
||||
/**
|
||||
* 获取服务器上的ip
|
||||
* @return
|
||||
*/
|
||||
public static String getServerIp(){
|
||||
InetAddress inetAddress = null;
|
||||
try {
|
||||
inetAddress = InetAddress.getLocalHost();
|
||||
String ipAddress = inetAddress.getHostAddress();
|
||||
//System.out.println("IP地址: " + ipAddress);
|
||||
return ipAddress;
|
||||
} catch (UnknownHostException e) {
|
||||
logger.error("获取ip地址失败", e);
|
||||
}
|
||||
return "";
|
||||
}
|
||||
}
|
||||
|
||||
@ -29,6 +29,17 @@ public class SqlInjectionUtil {
|
||||
* 字典专用—sql注入关键词
|
||||
*/
|
||||
private static String specialDictSqlXssStr = "exec |peformance_schema|information_schema|extractvalue|updatexml|geohash|gtid_subset|gtid_subtract|insert |select |delete |update |drop |count |chr |mid |master |truncate |char |declare |;|+|--";
|
||||
/**
|
||||
* 完整匹配的key,不需要考虑前空格
|
||||
*/
|
||||
private static List<String> FULL_MATCHING_KEYWRODS = new ArrayList<>();
|
||||
static {
|
||||
FULL_MATCHING_KEYWRODS.add(";");
|
||||
FULL_MATCHING_KEYWRODS.add("+");
|
||||
FULL_MATCHING_KEYWRODS.add("--");
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* sql注入风险的 正则关键字
|
||||
*
|
||||
@ -50,6 +61,8 @@ public class SqlInjectionUtil {
|
||||
* sql注释的正则
|
||||
*/
|
||||
private final static Pattern SQL_ANNOTATION = Pattern.compile("/\\*[\\s\\S]*\\*/");
|
||||
private final static String SQL_ANNOTATION2 = "--";
|
||||
|
||||
/**
|
||||
* sql注入提示语
|
||||
*/
|
||||
@ -62,7 +75,7 @@ public class SqlInjectionUtil {
|
||||
* sql注入过滤处理,遇到注入关键字抛异常
|
||||
* @param values
|
||||
*/
|
||||
public static void filterContent(String... values) {
|
||||
public static void filterContentMulti(String... values) {
|
||||
filterContent(values, null);
|
||||
}
|
||||
|
||||
@ -128,7 +141,13 @@ public class SqlInjectionUtil {
|
||||
if (sql.startsWith(keyword.trim())) {
|
||||
return true;
|
||||
} else if (sql.contains(keyword)) {
|
||||
if (sql.contains(" " + keyword)) {
|
||||
// 需要匹配的,sql注入关键词
|
||||
String matchingText = " " + keyword;
|
||||
if(FULL_MATCHING_KEYWRODS.contains(keyword)){
|
||||
matchingText = keyword;
|
||||
}
|
||||
|
||||
if (sql.contains(matchingText)) {
|
||||
return true;
|
||||
} else {
|
||||
String regularStr = "\\s+\\S+" + keyword;
|
||||
@ -244,6 +263,13 @@ public class SqlInjectionUtil {
|
||||
* @return
|
||||
*/
|
||||
public static void checkSqlAnnotation(String str){
|
||||
if(str.contains(SQL_ANNOTATION2)){
|
||||
String error = "请注意,SQL中不允许含注释,有安全风险!";
|
||||
log.error(error);
|
||||
throw new RuntimeException(error);
|
||||
}
|
||||
|
||||
|
||||
Matcher matcher = SQL_ANNOTATION.matcher(str);
|
||||
if(matcher.find()){
|
||||
String error = "请注意,值可能存在SQL注入风险---> \\*.*\\";
|
||||
@ -260,12 +286,20 @@ public class SqlInjectionUtil {
|
||||
*
|
||||
* @param table
|
||||
*/
|
||||
private static Pattern tableNamePattern = Pattern.compile("^[a-zA-Z][a-zA-Z0-9_]{0,63}$");
|
||||
private static Pattern tableNamePattern = Pattern.compile("^[a-zA-Z][a-zA-Z0-9_\\$]{0,63}$");
|
||||
public static String getSqlInjectTableName(String table) {
|
||||
if(oConvertUtils.isEmpty(table)){
|
||||
return table;
|
||||
}
|
||||
|
||||
|
||||
//update-begin---author:scott ---date:2024-05-28 for:表单设计器列表翻译存在表名带条件,导致翻译出问题----
|
||||
int index = table.toLowerCase().indexOf(" where ");
|
||||
if (index != -1) {
|
||||
table = table.substring(0, index);
|
||||
log.info("截掉where之后的新表名:" + table);
|
||||
}
|
||||
//update-end---author:scott ---date::2024-05-28 for:表单设计器列表翻译存在表名带条件,导致翻译出问题----
|
||||
|
||||
table = table.trim();
|
||||
/**
|
||||
* 检验表名是否合法
|
||||
@ -282,7 +316,7 @@ public class SqlInjectionUtil {
|
||||
}
|
||||
|
||||
//进一步验证是否存在SQL注入风险
|
||||
filterContent(table);
|
||||
filterContentMulti(table);
|
||||
return table;
|
||||
}
|
||||
|
||||
@ -319,7 +353,7 @@ public class SqlInjectionUtil {
|
||||
}
|
||||
|
||||
//进一步验证是否存在SQL注入风险
|
||||
filterContent(field);
|
||||
filterContentMulti(field);
|
||||
return field;
|
||||
}
|
||||
|
||||
|
||||
@ -34,6 +34,10 @@ public class TokenUtils {
|
||||
* @return
|
||||
*/
|
||||
public static String getTokenByRequest(HttpServletRequest request) {
|
||||
if (request == null) {
|
||||
return null;
|
||||
}
|
||||
|
||||
String token = request.getParameter("token");
|
||||
if (token == null) {
|
||||
token = request.getHeader("X-Access-Token");
|
||||
|
||||
@ -38,6 +38,11 @@ public class DynamicDBUtil {
|
||||
|
||||
String driverClassName = dbSource.getDbDriver();
|
||||
String url = dbSource.getDbUrl();
|
||||
// url配置成 “123” 会触发Druid死循环,一直去重复尝试连接
|
||||
if (oConvertUtils.isEmpty(url) || !url.toLowerCase().startsWith("jdbc:")) {
|
||||
throw new JeecgBootException("数据源URL配置格式不正确!");
|
||||
}
|
||||
|
||||
String dbUser = dbSource.getDbUsername();
|
||||
String dbPassword = dbSource.getDbPassword();
|
||||
dataSource.setDriverClassName(driverClassName);
|
||||
@ -47,6 +52,8 @@ public class DynamicDBUtil {
|
||||
dataSource.setTestOnBorrow(false);
|
||||
dataSource.setTestOnReturn(false);
|
||||
dataSource.setBreakAfterAcquireFailure(true);
|
||||
//设置超时时间60秒
|
||||
dataSource.setLoginTimeout(60);
|
||||
dataSource.setConnectionErrorRetryAttempts(0);
|
||||
dataSource.setUsername(dbUser);
|
||||
dataSource.setMaxWait(30000);
|
||||
|
||||
@ -61,6 +61,10 @@ public class SsrfFileTypeFilter {
|
||||
FILE_TYPE_WHITE_LIST.add("7z");
|
||||
FILE_TYPE_WHITE_LIST.add("tar");
|
||||
|
||||
//app文件后缀
|
||||
FILE_TYPE_WHITE_LIST.add("apk");
|
||||
FILE_TYPE_WHITE_LIST.add("wgt");
|
||||
|
||||
//设置禁止文件的头部标记
|
||||
FILE_TYPE_MAP.put("3c25402070616765206c", "jsp");
|
||||
FILE_TYPE_MAP.put("3c3f7068700a0a2f2a2a0a202a205048", "php");
|
||||
|
||||
@ -2,7 +2,9 @@ package org.jeecg.common.util;
|
||||
|
||||
import com.alibaba.fastjson.JSONArray;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.apache.commons.codec.binary.Base64;
|
||||
import org.apache.commons.io.IOUtils;
|
||||
import org.apache.commons.lang3.StringUtils;
|
||||
import org.jeecg.common.constant.CommonConstant;
|
||||
import org.jeecg.common.constant.SymbolConstant;
|
||||
import org.springframework.beans.BeanUtils;
|
||||
@ -14,10 +16,7 @@ import java.io.UnsupportedEncodingException;
|
||||
import java.lang.reflect.Field;
|
||||
import java.math.BigDecimal;
|
||||
import java.math.BigInteger;
|
||||
import java.net.InetAddress;
|
||||
import java.net.NetworkInterface;
|
||||
import java.net.SocketException;
|
||||
import java.net.UnknownHostException;
|
||||
import java.net.*;
|
||||
import java.sql.Date;
|
||||
import java.util.*;
|
||||
import java.util.regex.Matcher;
|
||||
@ -50,6 +49,27 @@ public class oConvertUtils {
|
||||
return (false);
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* 返回decode解密字符串
|
||||
*
|
||||
* @param inStr
|
||||
* @return
|
||||
*/
|
||||
public static String decodeString(String inStr) {
|
||||
if (oConvertUtils.isEmpty(inStr)) {
|
||||
return null;
|
||||
}
|
||||
|
||||
try {
|
||||
inStr = URLDecoder.decode(inStr, "UTF-8");
|
||||
} catch (Exception e) {
|
||||
// 解决:URLDecoder: Illegal hex characters in escape (%) pattern - For input string: "自动"
|
||||
//e.printStackTrace();
|
||||
}
|
||||
return inStr;
|
||||
}
|
||||
|
||||
public static String decode(String strIn, String sourceCode, String targetCode) {
|
||||
String temp = code2code(strIn, sourceCode, targetCode);
|
||||
return temp;
|
||||
@ -238,6 +258,20 @@ public class oConvertUtils {
|
||||
return (String.valueOf(i));
|
||||
}
|
||||
|
||||
/**
|
||||
* 返回常规字符串(只保留字符串中的数字、字母、中文)
|
||||
*
|
||||
* @param input
|
||||
* @return
|
||||
*/
|
||||
public static String getNormalString(String input) {
|
||||
if (oConvertUtils.isEmpty(input)) {
|
||||
return null;
|
||||
}
|
||||
String result = input.replaceAll("[^0-9a-zA-Z\\u4e00-\\u9fa5]", "");
|
||||
return result;
|
||||
}
|
||||
|
||||
public static String getString(String s, String defval) {
|
||||
if (isEmpty(s)) {
|
||||
return (defval);
|
||||
@ -287,6 +321,22 @@ public class oConvertUtils {
|
||||
return (clazz.equals(String.class) || clazz.equals(Integer.class) || clazz.equals(Byte.class) || clazz.equals(Long.class) || clazz.equals(Double.class) || clazz.equals(Float.class) || clazz.equals(Character.class) || clazz.equals(Short.class) || clazz.equals(BigDecimal.class) || clazz.equals(BigInteger.class) || clazz.equals(Boolean.class) || clazz.equals(Date.class) || clazz.isPrimitive());
|
||||
}
|
||||
|
||||
/**
|
||||
* 解码base64
|
||||
*
|
||||
* @param base64Str base64字符串
|
||||
* @return 被加密后的字符串
|
||||
*/
|
||||
public static String decodeBase64Str(String base64Str) {
|
||||
byte[] byteContent = Base64.decodeBase64(base64Str);
|
||||
if (byteContent == null) {
|
||||
return null;
|
||||
}
|
||||
String decodedString = new String(byteContent);
|
||||
return decodedString;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* @param request
|
||||
* IP
|
||||
@ -750,6 +800,16 @@ public class oConvertUtils {
|
||||
}
|
||||
return obj.getClass().isArray();
|
||||
}
|
||||
|
||||
/**
|
||||
* 获取集合的大小
|
||||
*
|
||||
* @param collection
|
||||
* @return
|
||||
*/
|
||||
public static int getCollectionSize(Collection<?> collection) {
|
||||
return collection != null ? collection.size() : 0;
|
||||
}
|
||||
|
||||
/**
|
||||
* 判断两个数组是否相等(数组元素不分顺序)
|
||||
@ -941,5 +1001,32 @@ public class oConvertUtils {
|
||||
}
|
||||
return count;
|
||||
}
|
||||
|
||||
/**
|
||||
* map转str
|
||||
*
|
||||
* @param map
|
||||
* @return
|
||||
*/
|
||||
public static String mapToString(Map<String, String[]> map) {
|
||||
if (map == null || map.size() == 0) {
|
||||
return null;
|
||||
}
|
||||
|
||||
StringBuilder sb = new StringBuilder();
|
||||
for (Map.Entry<String, String[]> entry : map.entrySet()) {
|
||||
String key = entry.getKey();
|
||||
String[] values = entry.getValue();
|
||||
sb.append(key).append("=");
|
||||
sb.append(values != null ? StringUtils.join(values, ",") : "");
|
||||
sb.append("&");
|
||||
}
|
||||
|
||||
String result = sb.toString();
|
||||
if (result.endsWith("&")) {
|
||||
result = result.substring(0, sb.length() - 1);
|
||||
}
|
||||
return result;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@ -1,55 +1,6 @@
|
||||
package org.jeecg.common.util.sqlInjection.parse;
|
||||
|
||||
import net.sf.jsqlparser.expression.AllValue;
|
||||
import net.sf.jsqlparser.expression.AnalyticExpression;
|
||||
import net.sf.jsqlparser.expression.AnyComparisonExpression;
|
||||
import net.sf.jsqlparser.expression.ArrayConstructor;
|
||||
import net.sf.jsqlparser.expression.ArrayExpression;
|
||||
import net.sf.jsqlparser.expression.BinaryExpression;
|
||||
import net.sf.jsqlparser.expression.CaseExpression;
|
||||
import net.sf.jsqlparser.expression.CastExpression;
|
||||
import net.sf.jsqlparser.expression.CollateExpression;
|
||||
import net.sf.jsqlparser.expression.ConnectByRootOperator;
|
||||
import net.sf.jsqlparser.expression.DateTimeLiteralExpression;
|
||||
import net.sf.jsqlparser.expression.DateValue;
|
||||
import net.sf.jsqlparser.expression.DoubleValue;
|
||||
import net.sf.jsqlparser.expression.Expression;
|
||||
import net.sf.jsqlparser.expression.ExpressionVisitor;
|
||||
import net.sf.jsqlparser.expression.ExtractExpression;
|
||||
import net.sf.jsqlparser.expression.Function;
|
||||
import net.sf.jsqlparser.expression.HexValue;
|
||||
import net.sf.jsqlparser.expression.IntervalExpression;
|
||||
import net.sf.jsqlparser.expression.JdbcNamedParameter;
|
||||
import net.sf.jsqlparser.expression.JdbcParameter;
|
||||
import net.sf.jsqlparser.expression.JsonAggregateFunction;
|
||||
import net.sf.jsqlparser.expression.JsonExpression;
|
||||
import net.sf.jsqlparser.expression.JsonFunction;
|
||||
import net.sf.jsqlparser.expression.JsonFunctionExpression;
|
||||
import net.sf.jsqlparser.expression.KeepExpression;
|
||||
import net.sf.jsqlparser.expression.LongValue;
|
||||
import net.sf.jsqlparser.expression.MySQLGroupConcat;
|
||||
import net.sf.jsqlparser.expression.NextValExpression;
|
||||
import net.sf.jsqlparser.expression.NotExpression;
|
||||
import net.sf.jsqlparser.expression.NullValue;
|
||||
import net.sf.jsqlparser.expression.NumericBind;
|
||||
import net.sf.jsqlparser.expression.OracleHierarchicalExpression;
|
||||
import net.sf.jsqlparser.expression.OracleHint;
|
||||
import net.sf.jsqlparser.expression.OracleNamedFunctionParameter;
|
||||
import net.sf.jsqlparser.expression.Parenthesis;
|
||||
import net.sf.jsqlparser.expression.RowConstructor;
|
||||
import net.sf.jsqlparser.expression.RowGetExpression;
|
||||
import net.sf.jsqlparser.expression.SignedExpression;
|
||||
import net.sf.jsqlparser.expression.StringValue;
|
||||
import net.sf.jsqlparser.expression.TimeKeyExpression;
|
||||
import net.sf.jsqlparser.expression.TimeValue;
|
||||
import net.sf.jsqlparser.expression.TimestampValue;
|
||||
import net.sf.jsqlparser.expression.TimezoneExpression;
|
||||
import net.sf.jsqlparser.expression.TryCastExpression;
|
||||
import net.sf.jsqlparser.expression.UserVariable;
|
||||
import net.sf.jsqlparser.expression.ValueListExpression;
|
||||
import net.sf.jsqlparser.expression.VariableAssignment;
|
||||
import net.sf.jsqlparser.expression.WhenClause;
|
||||
import net.sf.jsqlparser.expression.XMLSerializeExpr;
|
||||
import net.sf.jsqlparser.expression.*;
|
||||
import net.sf.jsqlparser.expression.operators.arithmetic.Addition;
|
||||
import net.sf.jsqlparser.expression.operators.arithmetic.BitwiseAnd;
|
||||
import net.sf.jsqlparser.expression.operators.arithmetic.BitwiseLeftShift;
|
||||
@ -215,6 +166,23 @@ public class ConstAnalyzer implements ExpressionVisitor, ItemsListVisitor {
|
||||
expr.getBetweenExpressionEnd().accept(this);
|
||||
}
|
||||
|
||||
/**
|
||||
* 用于处理 OverlapsCondition 类型的表达式
|
||||
* @param overlapsCondition
|
||||
*/
|
||||
@Override
|
||||
public void visit(OverlapsCondition overlapsCondition) {
|
||||
constFlag.set(false);
|
||||
}
|
||||
/**
|
||||
* 用于处理 SafeCastExpression 类型的表达式。
|
||||
* @param safeCastExpression
|
||||
*/
|
||||
@Override
|
||||
public void visit(SafeCastExpression safeCastExpression) {
|
||||
constFlag.set(false);
|
||||
}
|
||||
|
||||
@Override
|
||||
public void visit(EqualsTo expr) {
|
||||
visitBinaryExpression(expr);
|
||||
|
||||
@ -13,6 +13,9 @@ import java.util.Map;
|
||||
|
||||
/**
|
||||
* @author eightmonth@qq.com
|
||||
* 启动程序修改DruidWallConfig配置
|
||||
* 允许SELECT语句的WHERE子句是一个永真条件
|
||||
* @author eightmonth
|
||||
* @date 2024/4/8 11:37
|
||||
*/
|
||||
public class DruidWallConfigRegister implements SpringApplicationRunListener {
|
||||
@ -44,4 +47,4 @@ public class DruidWallConfigRegister implements SpringApplicationRunListener {
|
||||
|
||||
propertySources.addLast(propertySource);
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -10,20 +10,21 @@ import com.fasterxml.jackson.datatype.jsr310.deser.LocalTimeDeserializer;
|
||||
import com.fasterxml.jackson.datatype.jsr310.ser.LocalDateSerializer;
|
||||
import com.fasterxml.jackson.datatype.jsr310.ser.LocalDateTimeSerializer;
|
||||
import com.fasterxml.jackson.datatype.jsr310.ser.LocalTimeSerializer;
|
||||
import io.micrometer.core.instrument.MeterRegistry;
|
||||
import io.micrometer.prometheus.PrometheusMeterRegistry;
|
||||
import jakarta.annotation.Resource;
|
||||
import org.springframework.beans.factory.InitializingBean;
|
||||
import org.springframework.beans.factory.ObjectProvider;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.beans.factory.annotation.Value;
|
||||
import org.springframework.beans.factory.config.BeanPostProcessor;
|
||||
import org.springframework.boot.actuate.autoconfigure.metrics.MeterRegistryCustomizer;
|
||||
import org.springframework.boot.actuate.web.exchanges.InMemoryHttpExchangeRepository;
|
||||
import org.springframework.boot.autoconfigure.jackson.JacksonProperties;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Conditional;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.context.annotation.Primary;
|
||||
import org.springframework.http.converter.HttpMessageConverter;
|
||||
import org.springframework.http.converter.json.Jackson2ObjectMapperBuilder;
|
||||
import org.springframework.http.converter.json.MappingJackson2HttpMessageConverter;
|
||||
import org.springframework.web.cors.CorsConfiguration;
|
||||
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
|
||||
@ -39,6 +40,7 @@ import java.time.LocalDateTime;
|
||||
import java.time.LocalTime;
|
||||
import java.time.format.DateTimeFormatter;
|
||||
import java.util.List;
|
||||
import java.util.Objects;
|
||||
|
||||
/**
|
||||
* Spring Boot 2.0 解决跨域问题
|
||||
@ -57,6 +59,11 @@ public class WebMvcConfiguration implements WebMvcConfigurer {
|
||||
@Autowired(required = false)
|
||||
private PrometheusMeterRegistry prometheusMeterRegistry;
|
||||
|
||||
@Autowired
|
||||
private ObjectProvider<Jackson2ObjectMapperBuilder> builderProvider;
|
||||
@Autowired
|
||||
private JacksonProperties jacksonProperties;
|
||||
|
||||
/**
|
||||
* 静态资源的配置 - 使得可以从磁盘中读取 Html、图片、视频、音频等
|
||||
*/
|
||||
@ -109,6 +116,10 @@ public class WebMvcConfiguration implements WebMvcConfigurer {
|
||||
@Primary
|
||||
public ObjectMapper objectMapper() {
|
||||
ObjectMapper objectMapper = new ObjectMapper();
|
||||
// 继承spring jackson 默认机制
|
||||
if (Objects.nonNull(builderProvider.getIfAvailable())) {
|
||||
objectMapper = builderProvider.getIfAvailable().createXmlMapper(false).build();
|
||||
}
|
||||
//处理bigDecimal
|
||||
objectMapper.enable(JsonGenerator.Feature.WRITE_BIGDECIMAL_AS_PLAIN);
|
||||
objectMapper.enable(DeserializationFeature.USE_BIG_DECIMAL_FOR_FLOATS);
|
||||
@ -117,8 +128,10 @@ public class WebMvcConfiguration implements WebMvcConfigurer {
|
||||
objectMapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false);
|
||||
objectMapper.configure(DeserializationFeature.FAIL_ON_NULL_FOR_PRIMITIVES, false);
|
||||
objectMapper.configure(DeserializationFeature.FAIL_ON_NULL_CREATOR_PROPERTIES, false);
|
||||
//默认的处理日期时间格式
|
||||
objectMapper.setDateFormat(new SimpleDateFormat("yyyy-MM-dd HH:mm:ss"));
|
||||
//默认的处理日期时间格式,接受通过spring.jackson.date-format配置格式化模式
|
||||
if (Objects.isNull(jacksonProperties.getDateFormat())) {
|
||||
objectMapper.setDateFormat(new SimpleDateFormat("yyyy-MM-dd HH:mm:ss"));
|
||||
}
|
||||
JavaTimeModule javaTimeModule = new JavaTimeModule();
|
||||
javaTimeModule.addSerializer(LocalDateTime.class, new LocalDateTimeSerializer(DateTimeFormatter.ofPattern("yyyy-MM-dd HH:mm:ss")));
|
||||
javaTimeModule.addSerializer(LocalDate.class, new LocalDateSerializer(DateTimeFormatter.ofPattern("yyyy-MM-dd")));
|
||||
@ -130,17 +143,17 @@ public class WebMvcConfiguration implements WebMvcConfigurer {
|
||||
return objectMapper;
|
||||
}
|
||||
|
||||
/**
|
||||
* SpringBootAdmin的Httptrace不见了
|
||||
* https://blog.csdn.net/u013810234/article/details/110097201
|
||||
*/
|
||||
@Bean
|
||||
public InMemoryHttpExchangeRepository getInMemoryHttpTrace(){
|
||||
InMemoryHttpExchangeRepository repository = new InMemoryHttpExchangeRepository();
|
||||
// 默认保存1000条http请求记录
|
||||
repository.setCapacity(1000);
|
||||
return repository;
|
||||
}
|
||||
// /**
|
||||
// * SpringBootAdmin的Httptrace不见了
|
||||
// * https://blog.csdn.net/u013810234/article/details/110097201
|
||||
// */
|
||||
// @Bean
|
||||
// public InMemoryHttpExchangeRepository getInMemoryHttpTrace(){
|
||||
// InMemoryHttpExchangeRepository repository = new InMemoryHttpExchangeRepository();
|
||||
// // 默认保存1000条http请求记录
|
||||
// repository.setCapacity(1000);
|
||||
// return repository;
|
||||
// }
|
||||
|
||||
|
||||
/**
|
||||
|
||||
@ -31,7 +31,7 @@ public class WebSocketConfig {
|
||||
FilterRegistrationBean bean = new FilterRegistrationBean();
|
||||
bean.setFilter(websocketFilter());
|
||||
//TODO 临时注释掉,测试下线上socket总断的问题
|
||||
bean.addUrlPatterns("/websocket/*","/eoaSocket/*","/eoaNewChatSocket/*", "/newsWebsocket/*", "/vxeSocket/*");
|
||||
bean.addUrlPatterns("/taskCountSocket/*", "/websocket/*","/eoaSocket/*","/eoaNewChatSocket/*", "/newsWebsocket/*", "/vxeSocket/*");
|
||||
return bean;
|
||||
}
|
||||
|
||||
|
||||
@ -68,7 +68,7 @@ public class LowCodeModeInterceptor implements HandlerInterceptor {
|
||||
if (loginUser == null) {
|
||||
loginUser = commonAPI.getUserByName(JwtUtil.getUserNameByToken(SpringContextUtils.getHttpServletRequest()));
|
||||
//当前登录人拥有的角色
|
||||
hasRoles = commonAPI.queryUserRoles(loginUser.getUsername());
|
||||
hasRoles = commonAPI.queryUserRolesById(loginUser.getId());
|
||||
}
|
||||
|
||||
log.info("get loginUser info: {}", loginUser);
|
||||
|
||||
@ -9,6 +9,8 @@ import org.apache.ibatis.plugin.*;
|
||||
import org.jeecg.common.config.TenantContext;
|
||||
import org.jeecg.common.constant.TenantConstant;
|
||||
import org.jeecg.common.system.vo.LoginUser;
|
||||
import org.jeecg.common.util.SpringContextUtils;
|
||||
import org.jeecg.common.util.TokenUtils;
|
||||
import org.jeecg.common.util.oConvertUtils;
|
||||
import org.jeecg.config.security.utils.SecureUtil;
|
||||
import org.springframework.stereotype.Component;
|
||||
@ -94,7 +96,24 @@ public class MybatisInterceptor implements Interceptor {
|
||||
field.setAccessible(false);
|
||||
if (localTenantId == null) {
|
||||
field.setAccessible(true);
|
||||
field.set(parameter, oConvertUtils.getInt(TenantContext.getTenant(),0));
|
||||
|
||||
String tenantId = TenantContext.getTenant();
|
||||
//如果通过线程获取租户ID为空,则通过当前请求的request获取租户(shiro排除拦截器的请求会获取不到租户ID)
|
||||
if(oConvertUtils.isEmpty(tenantId) && MybatisPlusSaasConfig.OPEN_SYSTEM_TENANT_CONTROL){
|
||||
try {
|
||||
tenantId = TokenUtils.getTenantIdByRequest(SpringContextUtils.getHttpServletRequest());
|
||||
} catch (Exception e) {
|
||||
//e.printStackTrace();
|
||||
}
|
||||
}
|
||||
|
||||
if (field.getType().equals(String.class)) {
|
||||
// 字段类型为String
|
||||
field.set(parameter, tenantId);
|
||||
} else {
|
||||
// 字段类型不是String
|
||||
field.set(parameter, oConvertUtils.getInt(tenantId, 0));
|
||||
}
|
||||
field.setAccessible(false);
|
||||
}
|
||||
}
|
||||
|
||||
@ -30,7 +30,7 @@ import net.sf.jsqlparser.expression.LongValue;
|
||||
*
|
||||
*/
|
||||
@Configuration
|
||||
@MapperScan(value={"org.jeecg.modules.**.mapper*"})
|
||||
@MapperScan(value={"org.jeecg.**.mapper*"})
|
||||
public class MybatisPlusSaasConfig {
|
||||
|
||||
/**
|
||||
|
||||
@ -41,13 +41,13 @@ public class JeecgPermissionService {
|
||||
}
|
||||
LoginUser loginUser = SecureUtil.currentUser();
|
||||
|
||||
Object cache = redisUtil.get(buildKey("permission", loginUser.getUsername()));
|
||||
Object cache = redisUtil.get(buildKey("permission", loginUser.getId()));
|
||||
Set<String> permissionList;
|
||||
if (Objects.nonNull(cache)) {
|
||||
permissionList = (Set<String>) cache;
|
||||
} else {
|
||||
permissionList = commonAPI.queryUserAuths(loginUser.getUsername());
|
||||
redisUtil.set(buildKey("permission", loginUser.getUsername()), permissionList);
|
||||
permissionList = commonAPI.queryUserAuths(loginUser.getId());
|
||||
redisUtil.set(buildKey("permission", loginUser.getId()), permissionList);
|
||||
}
|
||||
|
||||
boolean pass = permissionList.stream().filter(StringUtils::hasText)
|
||||
|
||||
@ -0,0 +1,18 @@
|
||||
package org.jeecg.config.shiro;
|
||||
|
||||
import java.lang.annotation.ElementType;
|
||||
import java.lang.annotation.Retention;
|
||||
import java.lang.annotation.RetentionPolicy;
|
||||
import java.lang.annotation.Target;
|
||||
|
||||
/**
|
||||
* 免Token认证注解
|
||||
*
|
||||
* 认证系统结合spring MVC的@RequestMapping获取请求路径进行免登录配置
|
||||
* @author eightmonth
|
||||
* @date 2024/2/28 9:58
|
||||
*/
|
||||
@Target(ElementType.METHOD)
|
||||
@Retention(RetentionPolicy.RUNTIME)
|
||||
public @interface IgnoreAuth {
|
||||
}
|
||||
@ -0,0 +1,113 @@
|
||||
package org.jeecg.config.shiro.ignore;
|
||||
|
||||
import lombok.AllArgsConstructor;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.jeecg.config.shiro.IgnoreAuth;
|
||||
import org.springframework.aop.framework.Advised;
|
||||
import org.springframework.context.ApplicationContext;
|
||||
import org.springframework.context.ApplicationListener;
|
||||
import org.springframework.context.event.ContextRefreshedEvent;
|
||||
import org.springframework.stereotype.Component;
|
||||
import org.springframework.util.CollectionUtils;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
|
||||
import java.lang.reflect.Method;
|
||||
import java.util.*;
|
||||
|
||||
/**
|
||||
* 在spring boot初始化时,根据@RestController注解获取当前spring容器中的bean
|
||||
* @author eightmonth
|
||||
* @date 2024/4/18 11:35
|
||||
*/
|
||||
@Slf4j
|
||||
@Component
|
||||
@AllArgsConstructor
|
||||
public class IgnoreAuthPostProcessor implements ApplicationListener<ContextRefreshedEvent> {
|
||||
|
||||
private ApplicationContext applicationContext;
|
||||
|
||||
@Override
|
||||
public void onApplicationEvent(ContextRefreshedEvent event) {
|
||||
long startTime = System.currentTimeMillis();
|
||||
|
||||
List<String> ignoreAuthUrls = new ArrayList<>();
|
||||
if (event.getApplicationContext().getParent() == null) {
|
||||
// 只处理根应用上下文的事件,避免在子上下文中重复处理
|
||||
Map<String, Object> restControllers = applicationContext.getBeansWithAnnotation(RestController.class);
|
||||
for (Object restController : restControllers.values()) {
|
||||
// 如 online系统的controller并不是spring 默认生成
|
||||
if (restController instanceof Advised) {
|
||||
ignoreAuthUrls.addAll(postProcessRestController(restController));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
log.info("Init Token ignoreAuthUrls Config [ 集合 ] :{}", ignoreAuthUrls);
|
||||
if (!CollectionUtils.isEmpty(ignoreAuthUrls)) {
|
||||
InMemoryIgnoreAuth.set(ignoreAuthUrls);
|
||||
}
|
||||
|
||||
// 计算方法的耗时
|
||||
long endTime = System.currentTimeMillis();
|
||||
long elapsedTime = endTime - startTime;
|
||||
log.info("Init Token ignoreAuthUrls Config [ 耗时 ] :" + elapsedTime + "毫秒");
|
||||
}
|
||||
|
||||
private List<String> postProcessRestController(Object restController) {
|
||||
List<String> ignoreAuthUrls = new ArrayList<>();
|
||||
Class<?> clazz = ((Advised) restController).getTargetClass();
|
||||
RequestMapping base = clazz.getAnnotation(RequestMapping.class);
|
||||
String[] baseUrl = Objects.nonNull(base) ? base.value() : new String[]{};
|
||||
Method[] methods = clazz.getDeclaredMethods();
|
||||
|
||||
for (Method method : methods) {
|
||||
if (method.isAnnotationPresent(IgnoreAuth.class) && method.isAnnotationPresent(RequestMapping.class)) {
|
||||
RequestMapping requestMapping = method.getAnnotation(RequestMapping.class);
|
||||
String[] uri = requestMapping.value();
|
||||
ignoreAuthUrls.addAll(rebuildUrl(baseUrl, uri));
|
||||
} else if (method.isAnnotationPresent(IgnoreAuth.class) && method.isAnnotationPresent(GetMapping.class)) {
|
||||
GetMapping requestMapping = method.getAnnotation(GetMapping.class);
|
||||
String[] uri = requestMapping.value();
|
||||
ignoreAuthUrls.addAll(rebuildUrl(baseUrl, uri));
|
||||
} else if (method.isAnnotationPresent(IgnoreAuth.class) && method.isAnnotationPresent(PostMapping.class)) {
|
||||
PostMapping requestMapping = method.getAnnotation(PostMapping.class);
|
||||
String[] uri = requestMapping.value();
|
||||
ignoreAuthUrls.addAll(rebuildUrl(baseUrl, uri));
|
||||
} else if (method.isAnnotationPresent(IgnoreAuth.class) && method.isAnnotationPresent(PutMapping.class)) {
|
||||
PutMapping requestMapping = method.getAnnotation(PutMapping.class);
|
||||
String[] uri = requestMapping.value();
|
||||
ignoreAuthUrls.addAll(rebuildUrl(baseUrl, uri));
|
||||
} else if (method.isAnnotationPresent(IgnoreAuth.class) && method.isAnnotationPresent(DeleteMapping.class)) {
|
||||
DeleteMapping requestMapping = method.getAnnotation(DeleteMapping.class);
|
||||
String[] uri = requestMapping.value();
|
||||
ignoreAuthUrls.addAll(rebuildUrl(baseUrl, uri));
|
||||
} else if (method.isAnnotationPresent(IgnoreAuth.class) && method.isAnnotationPresent(PatchMapping.class)) {
|
||||
PatchMapping requestMapping = method.getAnnotation(PatchMapping.class);
|
||||
String[] uri = requestMapping.value();
|
||||
ignoreAuthUrls.addAll(rebuildUrl(baseUrl, uri));
|
||||
}
|
||||
}
|
||||
|
||||
return ignoreAuthUrls;
|
||||
}
|
||||
|
||||
private List<String> rebuildUrl(String[] bases, String[] uris) {
|
||||
List<String> urls = new ArrayList<>();
|
||||
if (bases.length > 0) {
|
||||
for (String base : bases) {
|
||||
for (String uri : uris) {
|
||||
urls.add(prefix(base) + prefix(uri));
|
||||
}
|
||||
}
|
||||
} else {
|
||||
Arrays.stream(uris).forEach(uri -> {
|
||||
urls.add(prefix(uri));
|
||||
});
|
||||
}
|
||||
return urls;
|
||||
}
|
||||
|
||||
private String prefix(String seg) {
|
||||
return seg.startsWith("/") ? seg : "/"+seg;
|
||||
}
|
||||
}
|
||||
@ -0,0 +1,38 @@
|
||||
package org.jeecg.config.shiro.ignore;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
|
||||
/**
|
||||
* 使用内存存储通过@IgnoreAuth注解的url,配合JwtFilter进行免登录校验
|
||||
* PS:无法使用ThreadLocal进行存储,因为ThreadLocal装载时,JwtFilter已经初始化完毕,导致该类获取ThreadLocal为空
|
||||
* @author eightmonth
|
||||
* @date 2024/4/18 15:02
|
||||
*/
|
||||
public class InMemoryIgnoreAuth {
|
||||
private static final List<String> IGNORE_AUTH_LIST = new ArrayList<>();
|
||||
|
||||
public InMemoryIgnoreAuth() {}
|
||||
|
||||
public static void set(List<String> list) {
|
||||
IGNORE_AUTH_LIST.addAll(list);
|
||||
}
|
||||
|
||||
public static List<String> get() {
|
||||
return IGNORE_AUTH_LIST;
|
||||
}
|
||||
|
||||
public static void clear() {
|
||||
IGNORE_AUTH_LIST.clear();
|
||||
}
|
||||
|
||||
public static boolean contains(String url) {
|
||||
for (String ignoreAuth : IGNORE_AUTH_LIST) {
|
||||
if (url.endsWith(ignoreAuth)) {
|
||||
return true;
|
||||
}
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
}
|
||||
@ -59,7 +59,8 @@ public class HttpUtils {
|
||||
// 获取URL上的参数
|
||||
Map<String, String> urlParams = getUrlParams(request);
|
||||
for (Map.Entry entry : urlParams.entrySet()) {
|
||||
result.put((String)entry.getKey(), (String)entry.getValue());
|
||||
//不能直接转成String,否则会有类型转换错误
|
||||
result.put((String)entry.getKey(), String.valueOf(entry.getValue()));
|
||||
}
|
||||
Map<String, String> allRequestParam = new HashMap<>(16);
|
||||
// get请求不需要拿body参数
|
||||
@ -69,7 +70,8 @@ public class HttpUtils {
|
||||
// 将URL的参数和body参数进行合并
|
||||
if (allRequestParam != null) {
|
||||
for (Map.Entry entry : allRequestParam.entrySet()) {
|
||||
result.put((String)entry.getKey(), (String)entry.getValue());
|
||||
//不能直接转成String,否则会有类型转换错误
|
||||
result.put((String)entry.getKey(), String.valueOf(entry.getValue()));
|
||||
}
|
||||
}
|
||||
return result;
|
||||
@ -172,7 +174,11 @@ public class HttpUtils {
|
||||
String[] params = param.split("&");
|
||||
for (String s : params) {
|
||||
int index = s.indexOf("=");
|
||||
result.put(s.substring(0, index), s.substring(index + 1));
|
||||
//update-begin---author:chenrui ---date:20240222 for:[issues/5879]数据查询传ds=“”造成的异常------------
|
||||
if (index != -1) {
|
||||
result.put(s.substring(0, index), s.substring(index + 1));
|
||||
}
|
||||
//update-end---author:chenrui ---date:20240222 for:[issues/5879]数据查询传ds=“”造成的异常------------
|
||||
}
|
||||
return result;
|
||||
}
|
||||
@ -196,7 +202,11 @@ public class HttpUtils {
|
||||
String[] params = param.split("&");
|
||||
for (String s : params) {
|
||||
int index = s.indexOf("=");
|
||||
result.put(s.substring(0, index), s.substring(index + 1));
|
||||
//update-begin---author:chenrui ---date:20240222 for:[issues/5879]数据查询传ds=“”造成的异常------------
|
||||
if (index != -1) {
|
||||
result.put(s.substring(0, index), s.substring(index + 1));
|
||||
}
|
||||
//update-end---author:chenrui ---date:20240222 for:[issues/5879]数据查询传ds=“”造成的异常------------
|
||||
}
|
||||
return result;
|
||||
}
|
||||
|
||||
@ -35,4 +35,5 @@ public class Firewall {
|
||||
public void setLowCodeMode(String lowCodeMode) {
|
||||
this.lowCodeMode = lowCodeMode;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@ -4,7 +4,7 @@
|
||||
|
||||
<!-- 保存日志11 -->
|
||||
<insert id="saveLog" parameterType="Object">
|
||||
insert into sys_log (id, log_type, log_content, method, operate_type, request_url, request_type, request_param, ip, userid, username, cost_time, create_time,create_by, tenant_id)
|
||||
insert into sys_log (id, log_type, log_content, method, operate_type, request_url, request_type, request_param, ip, userid, username, cost_time, create_time,create_by, tenant_id, client_type)
|
||||
values(
|
||||
#{dto.id,jdbcType=VARCHAR},
|
||||
#{dto.logType,jdbcType=INTEGER},
|
||||
@ -20,7 +20,8 @@
|
||||
#{dto.costTime,jdbcType=BIGINT},
|
||||
#{dto.createTime,jdbcType=TIMESTAMP},
|
||||
#{dto.createBy,jdbcType=VARCHAR},
|
||||
#{dto.tenantId,jdbcType=INTEGER}
|
||||
#{dto.tenantId,jdbcType=INTEGER},
|
||||
#{dto.clientType,jdbcType=VARCHAR}
|
||||
)
|
||||
</insert>
|
||||
|
||||
|
||||
@ -3,6 +3,8 @@ package org.jeecg.modules.base.service.impl;
|
||||
import com.baomidou.mybatisplus.core.toolkit.IdWorker;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.jeecg.common.api.dto.LogDTO;
|
||||
import org.jeecg.common.constant.enums.ClientTerminalTypeEnum;
|
||||
import org.jeecg.common.util.BrowserUtils;
|
||||
import org.jeecg.config.security.utils.SecureUtil;
|
||||
import org.jeecg.modules.base.mapper.BaseCommonMapper;
|
||||
import org.jeecg.modules.base.service.BaseCommonService;
|
||||
@ -55,6 +57,17 @@ public class BaseCommonServiceImpl implements BaseCommonService {
|
||||
HttpServletRequest request = SpringContextUtils.getHttpServletRequest();
|
||||
//设置IP地址
|
||||
sysLog.setIp(IpUtils.getIpAddr(request));
|
||||
|
||||
try {
|
||||
//设置客户端
|
||||
if(BrowserUtils.isDesktop(request)){
|
||||
sysLog.setClientType(ClientTerminalTypeEnum.PC.getKey());
|
||||
}else{
|
||||
sysLog.setClientType(ClientTerminalTypeEnum.APP.getKey());
|
||||
}
|
||||
} catch (Exception e) {
|
||||
//e.printStackTrace();
|
||||
}
|
||||
} catch (Exception e) {
|
||||
sysLog.setIp("127.0.0.1");
|
||||
}
|
||||
|
||||
@ -56,7 +56,7 @@
|
||||
</div>
|
||||
<div style="width: 600px; margin: 0 auto; margin-top: 50px; font-size: 12px; -webkit-font-smoothing: subpixel-antialiased; text-size-adjust: 100%;">
|
||||
<p style="text-align: center; line-height: 20.4px; text-size-adjust: 100%; font-family: 'Microsoft YaHei'!important; padding: 0px !important; margin: 0px !important; color: #7e8890 !important;">
|
||||
<span class="appleLinks">Copyright © 2023-2024 北京国炬科技股份有限公司. 保留所有权利。</span>
|
||||
<span class="appleLinks">Copyright © 2023-2024 北京国炬信息技术有限公司. 保留所有权利。</span>
|
||||
</p>
|
||||
<p style="text-align: center;line-height: 20.4px; text-size-adjust: 100%; font-family: 'Microsoft YaHei'!important; padding: 0px !important; margin: 0px; color: #7e8890 !important; margin-top: 10px;">
|
||||
<span class="appleLinks">邮件由系统自动发送,请勿直接回复本邮件!</span>
|
||||
|
||||
@ -6,7 +6,10 @@
|
||||
<body>
|
||||
<div class="box-content">
|
||||
<div class="info-top">
|
||||
<img src="https://jeecgdev.oss-cn-beijing.aliyuncs.com/temp/logo(1)_1697180761742.png" style="float: left; margin: 0 10px 0 0; width: 32px;height:32px" /><div style="color:#fff"><strong>【重要】新数据提醒</strong></div>
|
||||
<img src="https://qiaoqiaoyun.oss-cn-beijing.aliyuncs.com/site/qqyunemaillogo.png" style="width: 35px;height:35px; background: #5e8ee5; border-radius: 5px;" />
|
||||
<div style="color:#fff;">
|
||||
<strong>【重要】新数据提醒</strong>
|
||||
</div>
|
||||
</div>
|
||||
<div class="info-wrap">
|
||||
<div class="tips" style="padding:15px;">
|
||||
@ -23,12 +26,12 @@
|
||||
<a style="color: #006eff;" href="${moreLink}" target="_blank" rel="noopener">[查看所有数据]</a>
|
||||
</p>
|
||||
</div>
|
||||
<div class="footer">北京国炬平台</div>
|
||||
<div class="footer">敲敲云平台</div>
|
||||
<div class="footer" id="currentTime"></div>
|
||||
</div>
|
||||
<div style="width: 600px; margin: 0 auto; margin-top: 50px; font-size: 12px; -webkit-font-smoothing: subpixel-antialiased; text-size-adjust: 100%;">
|
||||
<p style="text-align: center; line-height: 20.4px; text-size-adjust: 100%; font-family: 'Microsoft YaHei'!important; padding: 0px !important; margin: 0px !important; color: #7e8890 !important;">
|
||||
<span class="appleLinks">Copyright © 2023-2024 北京国炬科技股份有限公司. 保留所有权利。</span>
|
||||
<span class="appleLinks">Copyright © 2023-2024 北京敲敲云科技有限公司. 保留所有权利。</span>
|
||||
</p>
|
||||
<p style="text-align: center;line-height: 20.4px; text-size-adjust: 100%; font-family: 'Microsoft YaHei'!important; padding: 0px !important; margin: 0px; color: #7e8890 !important; margin-top: 10px;">
|
||||
<span class="appleLinks">邮件由系统自动发送,请勿直接回复本邮件!</span>
|
||||
@ -46,6 +49,8 @@
|
||||
}
|
||||
|
||||
.info-top{
|
||||
display: flex;
|
||||
align-items: center;
|
||||
padding: 15px 25px;
|
||||
border-top-left-radius: 10px;
|
||||
border-top-right-radius: 10px;
|
||||
|
||||
@ -0,0 +1,41 @@
|
||||
package org.jeecg.test.sqlparse;
|
||||
|
||||
import net.sf.jsqlparser.JSQLParserException;
|
||||
import org.jeecg.common.util.IpUtils;
|
||||
import org.jeecg.common.util.oConvertUtils;
|
||||
import org.junit.Test;
|
||||
|
||||
import java.util.Arrays;
|
||||
import java.util.HashMap;
|
||||
import java.util.Map;
|
||||
|
||||
import static org.junit.Assert.assertFalse;
|
||||
import static org.junit.Assert.assertTrue;
|
||||
|
||||
/**
|
||||
* @author: scott
|
||||
* @date: 2024年04月29日 16:48
|
||||
*/
|
||||
public class TestIpUtil {
|
||||
public static void main(String[] args) {
|
||||
Map<String, String[]> map = new HashMap<>();
|
||||
map.put("key1", new String[]{"value1", "value2", "value3"});
|
||||
map.put("key4", null);
|
||||
map.put("key2", new String[]{"value4", "value5"});
|
||||
map.put("key3", new String[]{"value6"});
|
||||
System.out.println(oConvertUtils.mapToString(map));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void test() {
|
||||
String ip = "2408:8207:1851:10e0:50bd:1a50:60c8:b030, 115.231.101.180";
|
||||
String[] ipAddresses = ip.split(",");
|
||||
for (String ipAddress : ipAddresses) {
|
||||
System.out.println(ipAddress);
|
||||
ipAddress = ipAddress.trim();
|
||||
if (IpUtils.isValidIpAddress(ipAddress)) {
|
||||
System.out.println("ipAddress= " + ipAddress);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user