Merge branch 'master' into master

2026-02-04 01:25:34 +08:00 · 2025-05-14 22:17:00 +08:00
parent a56bd05389 9cf3328ea4
commit 8979dd7ae9
26 changed files with 2331 additions and 962 deletions
--- a/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/config/firewall/SqlInjection/impl/DictTableWhiteListHandlerImpl.java
+++ b/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/config/firewall/SqlInjection/impl/DictTableWhiteListHandlerImpl.java
@ -4,14 +4,14 @@ import lombok.extern.slf4j.Slf4j;
 import org.jeecg.common.constant.SymbolConstant;
 import org.jeecg.common.exception.JeecgSqlInjectionException;
 import org.jeecg.common.util.oConvertUtils;
-import org.jeecg.common.util.sqlparse.JSqlParserUtils;
-import org.jeecg.common.util.sqlparse.vo.SelectSqlInfo;
 import org.jeecg.config.JeecgBaseConfig;
 import org.jeecg.config.firewall.SqlInjection.IDictTableWhiteListHandler;
 import org.jeecg.config.firewall.interceptor.LowCodeModeInterceptor;
 import org.jeecg.modules.system.entity.SysTableWhiteList;
 import org.jeecg.modules.system.security.DictQueryBlackListHandler;
 import org.jeecg.modules.system.service.ISysTableWhiteListService;
+import org.jeecgframework.minidao.sqlparser.impl.vo.SelectSqlInfo;
+import org.jeecgframework.minidao.util.MiniDaoUtil;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Component;

@ -65,7 +65,7 @@ public class DictTableWhiteListHandlerImpl implements IDictTableWhiteListHandler
    public boolean isPassBySql(String sql) {
        Map<String, SelectSqlInfo> parsedMap = null;
        try {
-            parsedMap = JSqlParserUtils.parseAllSelectTable(sql);
+            parsedMap = MiniDaoUtil.parseAllSelectTable(sql);
        } catch (Exception e) {
            log.warn("校验sql语句，解析报错：{}", e.getMessage());
        }
@ -127,7 +127,7 @@ public class DictTableWhiteListHandlerImpl implements IDictTableWhiteListHandler
        log.info("字典拼接的查询SQL：{}", sql);
        try {
            // 进行SQL解析
-            JSqlParserUtils.parseSelectSqlInfo(sql);
+            MiniDaoUtil.parseSelectSqlInfo(sql);
        } catch (Exception e) {
            // 如果SQL解析失败，则通过字段名和表名进行校验
            return checkWhiteList(tableName, new HashSet<>(Arrays.asList(fields)));
--- a/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/monitor/actuator/undertow/CustomUndertowMetricsHandler.java
+++ b/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/monitor/actuator/undertow/CustomUndertowMetricsHandler.java
@ -78,7 +78,9 @@ public class CustomUndertowMetricsHandler {
            // 获取当前 session，如果不存在则创建
            Session session = sessionManager.getSession(exchange, sessionConfig);
            if (session == null) {
-                sessionManager.createSession(exchange, sessionConfig);
+                try {
+                    sessionManager.createSession(exchange, sessionConfig);
+                } catch (Exception e) {}
            }

            // 执行下一个 Handler
--- a/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/openapi/controller/OpenApiController.java
+++ b/jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/openapi/controller/OpenApiController.java
@ -382,7 +382,7 @@ public class OpenApiController extends JeecgController<OpenApi, OpenApiService>
        SwaggerInfo info = new SwaggerInfo();

        info.setDescription("OpenAPI 接口列表");
-        info.setVersion("3.7.1");
+        info.setVersion("3.8.0");
        info.setTitle("OpenAPI 接口列表");
        info.setTermsOfService("https://jeecg.com");