pengjunjie/JeecgBoot
1
0
Fork 1
mirror of https://github.com/jeecgboot/JeecgBoot.git synced 2026-01-02 10:45:27 +08:00
Code Issues Packages Projects Releases Wiki Activity

【3.7.4 开源代码同步】新增断言异常类和断言工具类,优化JWT工具类,更新文件类型白名单,切换undertow配置,修改多个YAML配置文件

Browse Source
This commit is contained in:
JEECG
2025-03-30 17:51:55 +08:00
parent 4fb53637aa
commit 9191a8b620
50 changed files with 679 additions and 930 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/common/exception/JeecgBootAssertException.java Normal file
View File

@ -0,0 +1,21 @@
package org.jeecg.common.exception;
/**
* jeecgboot断言异常
* for [QQYUN-10990]AIRAG
* @author chenrui
* @date 2025/2/14 14:31
*/
public class JeecgBootAssertException extends JeecgBootException {
private static final long serialVersionUID = 1L;
public JeecgBootAssertException(String message) {
super(message);
}
public JeecgBootAssertException(String message, int errCode) {
super(message, errCode);
}
}

21
jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/common/system/util/JwtUtil.java
View File

@ -6,6 +6,17 @@ import com.auth0.jwt.algorithms.Algorithm;
import com.auth0.jwt.exceptions.JWTDecodeException;
import com.auth0.jwt.interfaces.DecodedJWT;
import com.fasterxml.jackson.databind.ObjectMapper;
import java.io.IOException;
import java.io.OutputStream;
import java.util.Date;
import java.util.Objects;
import java.util.stream.Collectors;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import lombok.extern.slf4j.Slf4j;
import org.apache.shiro.SecurityUtils;
import org.jeecg.common.api.vo.Result;
@ -20,16 +31,6 @@ import org.jeecg.common.util.DateUtils;
import org.jeecg.common.util.SpringContextUtils;
import org.jeecg.common.util.oConvertUtils;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
import java.io.OutputStream;
import java.util.Date;
import java.util.Objects;
import java.util.stream.Collectors;
/**
* @Author Scott
* @Date 2018-07-12 14:23

239
jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/common/util/AssertUtils.java Normal file
View File

@ -0,0 +1,239 @@
package org.jeecg.common.util;
import org.jeecg.common.exception.JeecgBootAssertException;
/**
* 断言检查工具
* for for [QQYUN-10990]AIRAG
* @author chenrui
* @date 2017-06-22 10:05:56
*/
public class AssertUtils {
/**
* 确保对象为空,如果不为空抛出异常
*
* @param msg
* @param obj
* @throws JeecgBootAssertException
* @author chenrui
* @date 2017-06-22 10:05:56
*/
public static void assertEmpty(String msg, Object obj) {
if (oConvertUtils.isObjectNotEmpty(obj)) {
throw new JeecgBootAssertException(msg);
}
}
/**
* 确保对象不为空,如果为空抛出异常
*
* @param msg
* @param obj
* @throws JeecgBootAssertException
* @author chenrui
* @date 2017-06-22 10:05:56
*/
public static void assertNotEmpty(String msg, Object obj) {
if (oConvertUtils.isObjectEmpty(obj)) {
throw new JeecgBootAssertException(msg);
}
}
/**
* 验证对象是否相同
*
* @param message
* @param expected
* @param actual
* @author chenrui
* @date 2018/9/12 15:45
*/
public static void assertEquals(String message, Object expected,
Object actual) {
if (oConvertUtils.isEqual(expected, actual)) {
return;
}
throw new JeecgBootAssertException(message);
}
/**
* 验证不相同
*
* @param message
* @param expected
* @param actual
* @author chenrui
* @date 2018/9/12 15:45
*/
public static void assertNotEquals(String message, Object expected,
Object actual) {
if (oConvertUtils.isEqual(expected, actual)) {
throw new JeecgBootAssertException(message);
}
}
/**
* 验证是否相等
*
* @param message
* @param expected
* @param actual
* @author chenrui
* @date 2018/9/12 15:45
*/
public static void assertSame(String message, Object expected,
Object actual) {
if (expected == actual) {
return;
}
throw new JeecgBootAssertException(message);
}
/**
* 验证不相等
*
* @param message
* @param unexpected
* @param actual
* @author chenrui
* @date 2018/9/12 15:45
*/
public static void assertNotSame(String message, Object unexpected,
Object actual) {
if (unexpected == actual) {
throw new JeecgBootAssertException(message);
}
}
/**
* 验证是否为真
*
* @param message
* @param condition
*/
public static void assertTrue(String message, boolean condition) {
if (!condition) {
throw new JeecgBootAssertException(message);
}
}
/**
* 验证 condition是否为false
*
* @param message
* @param condition
*/
public static void assertFalse(String message, boolean condition) {
assertTrue(message, !condition);
}
/**
* 验证是否存在
*
* @param message
* @param obj
* @param objs
* @param <T>
* @throws JeecgBootAssertException
* @author chenrui
* @date 2018/1/31 22:14
*/
public static <T> void assertIn(String message, T obj, T... objs) {
assertNotEmpty(message, obj);
assertNotEmpty(message, objs);
if (!oConvertUtils.isIn(obj, objs)) {
throw new JeecgBootAssertException(message);
}
}
/**
* 验证是否不存在
*
* @param message
* @param obj
* @param objs
* @param <T>
* @throws JeecgBootAssertException
* @author chenrui
* @date 2018/1/31 22:14
*/
public static <T> void assertNotIn(String message, T obj, T... objs) {
assertNotEmpty(message, obj);
assertNotEmpty(message, objs);
if (oConvertUtils.isIn(obj, objs)) {
throw new JeecgBootAssertException(message);
}
}
/**
* 确保src大于des
*
* @param message
* @param src
* @param des
* @author chenrui
* @date 2018/9/19 15:30
*/
public static void assertGt(String message, Number src, Number des) {
if (oConvertUtils.isGt(src, des)) {
return;
}
throw new JeecgBootAssertException(message);
}
/**
* 确保src大于等于des
*
* @param message
* @param src
* @param des
* @author chenrui
* @date 2018/9/19 15:30
*/
public static void assertGe(String message, Number src, Number des) {
if (oConvertUtils.isGe(src, des)) {
return;
}
throw new JeecgBootAssertException(message);
}
/**
* 确保src小于des
*
* @param message
* @param src
* @param des
* @author chenrui
* @date 2018/9/19 15:30
*/
public static void assertLt(String message, Number src, Number des) {
if (oConvertUtils.isGe(src, des)) {
throw new JeecgBootAssertException(message);
}
}
/**
* 确保src小于等于des
*
* @param message
* @param src
* @param des
* @author chenrui
* @date 2018/9/19 15:30
*/
public static void assertLe(String message, Number src, Number des) {
if (oConvertUtils.isGt(src, des)) {
throw new JeecgBootAssertException(message);
}
}
}

5
jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/common/util/filter/SsrfFileTypeFilter.java
View File

@ -42,6 +42,7 @@ public class SsrfFileTypeFilter {
FILE_TYPE_WHITE_LIST.add("pdf");
FILE_TYPE_WHITE_LIST.add("csv");
// FILE_TYPE_WHITE_LIST.add("xml");
FILE_TYPE_WHITE_LIST.add("md");
//音视频文件
FILE_TYPE_WHITE_LIST.add("mp4");
@ -65,6 +66,10 @@ public class SsrfFileTypeFilter {
FILE_TYPE_WHITE_LIST.add("apk");
FILE_TYPE_WHITE_LIST.add("wgt");
//幻灯片文件后缀
FILE_TYPE_WHITE_LIST.add("ppt");
FILE_TYPE_WHITE_LIST.add("pptx");
//设置禁止文件的头部标记
FILE_TYPE_MAP.put("3c25402070616765206c", "jsp");
FILE_TYPE_MAP.put("3c3f7068700a0a2f2a2a0a202a205048", "php");

105
jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/common/util/oConvertUtils.java
View File

@ -13,6 +13,7 @@ import javax.servlet.http.HttpServletRequest;
import java.io.IOException;
import java.io.InputStream;
import java.io.UnsupportedEncodingException;
import java.lang.reflect.Array;
import java.lang.reflect.Field;
import java.math.BigDecimal;
import java.math.BigInteger;
@ -1028,5 +1029,109 @@ public class oConvertUtils {
}
return result;
}
/**
* 判断对象是否为空 <br/>
* 支持各种类型的对象
* for for [QQYUN-10990]AIRAG
* @param obj
* @return
* @author chenrui
* @date 2025/2/13 18:34
*/
public static boolean isObjectEmpty(Object obj) {
if (null == obj) {
return true;
}
if (obj instanceof CharSequence) {
return isEmpty(obj);
} else if (obj instanceof Map) {
return ((Map<?, ?>) obj).isEmpty();
} else if (obj instanceof Iterable) {
return isObjectEmpty(((Iterable<?>) obj).iterator());
} else if (obj instanceof Iterator) {
return !((Iterator<?>) obj).hasNext();
} else if (isArray(obj)) {
return 0 == Array.getLength(obj);
}
return false;
}
/**
* iterator 是否为空
* for for [QQYUN-10990]AIRAG
* @param iterator Iterator对象
* @return 是否为空
*/
public static boolean isEmptyIterator(Iterator<?> iterator) {
return null == iterator || false == iterator.hasNext();
}
/**
* 判断对象是否不为空
* for for [QQYUN-10990]AIRAG
* @param object
* @return
* @author chenrui
* @date 2025/2/13 18:35
*/
public static boolean isObjectNotEmpty(Object object) {
return !isObjectEmpty(object);
}
/**
* 如果src大于des返回true
* for [QQYUN-10990]AIRAG
* @param src
* @param des
* @return
* @author: chenrui
* @date: 2018/9/19 15:30
*/
public static boolean isGt(Number src, Number des) {
if (null == src || null == des) {
throw new IllegalArgumentException("参数不能为空");
}
if (src.doubleValue() > des.doubleValue()) {
return true;
}
return false;
}
/**
* 如果src大于等于des返回true
* for [QQYUN-10990]AIRAG
* @param src
* @param des
* @return
* @author: chenrui
* @date: 2018/9/19 15:30
*/
public static boolean isGe(Number src, Number des) {
if (null == src || null == des) {
throw new IllegalArgumentException("参数不能为空");
}
if (src.doubleValue() < des.doubleValue()) {
return false;
}
return true;
}
/**
* 判断是否存在
* for [QQYUN-10990]AIRAG
* @param obj
* @param objs
* @param <T>
* @return
* @author chenrui
* @date 2020/9/12 15:50
*/
public static <T> boolean isIn(T obj, T... objs) {
return isIn(obj, objs);
}
}

12
jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/config/JeecgBaseConfig.java
View File

@ -17,6 +17,10 @@ public class JeecgBaseConfig {
* @TODO 降低使用成本加的默认值,实际以 yml配置 为准
*/
private String signatureSecret = "dd05f1c54d63749eda95f9fa6d49v442a";
/**
* 自定义后台资源前缀解决表单设计器无法通过前端nginx转发访问
*/
private String customResourcePrefixPath;
/**
* 需要加强校验的接口清单
*/
@ -68,6 +72,14 @@ public class JeecgBaseConfig {
*/
private BaiduApi baiduApi;
public String getCustomResourcePrefixPath() {
return customResourcePrefixPath;
}
public void setCustomResourcePrefixPath(String customResourcePrefixPath) {
this.customResourcePrefixPath = customResourcePrefixPath;
}
public Elasticsearch getElasticsearch() {
return elasticsearch;
}

4
jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/config/WebMvcConfiguration.java
View File

@ -20,6 +20,7 @@ import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Conditional;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Primary;
import org.springframework.http.CacheControl;
import org.springframework.http.converter.HttpMessageConverter;
import org.springframework.http.converter.json.MappingJackson2HttpMessageConverter;
import org.springframework.web.cors.CorsConfiguration;
@ -37,6 +38,7 @@ import java.time.LocalDateTime;
import java.time.LocalTime;
import java.time.format.DateTimeFormatter;
import java.util.List;
import java.util.concurrent.TimeUnit;
/**
* Spring Boot 2.0 解决跨域问题
@ -67,6 +69,8 @@ public class WebMvcConfiguration implements WebMvcConfigurer {
.addResourceLocations("file:" + jeecgBaseConfig.getPath().getWebapp() + "//");
}
resourceHandlerRegistration.addResourceLocations(staticLocations.split(","));
// 设置缓存控制标头 Cache-Control有效期为30天
resourceHandlerRegistration.setCacheControl(CacheControl.maxAge(30, TimeUnit.DAYS));
}
/**

13
jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/config/mybatis/MybatisPlusSaasConfig.java
View File

@ -60,7 +60,18 @@ public class MybatisPlusSaasConfig {
TENANT_TABLE.add("sys_category");
TENANT_TABLE.add("sys_data_source");
TENANT_TABLE.add("sys_position");
//TENANT_TABLE.add("sys_announcement");
//b-2.仪表盘
TENANT_TABLE.add("onl_drag_page");
TENANT_TABLE.add("onl_drag_dataset_head");
TENANT_TABLE.add("jimu_report_data_source");
TENANT_TABLE.add("jimu_report");
TENANT_TABLE.add("jimu_dict");
//b-4.AIRAG
TENANT_TABLE.add("airag_app");
TENANT_TABLE.add("airag_flow");
TENANT_TABLE.add("airag_knowledge");
TENANT_TABLE.add("airag_knowledge_doc");
TENANT_TABLE.add("airag_model");
}
//2.示例测试

4
jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/config/shiro/ShiroConfig.java
View File

@ -217,6 +217,10 @@ public class ShiroConfig {
//update-begin---author:chenrui ---date:20241202 for[issues/7491]运行时间好长,效率慢 ------------
registration.addUrlPatterns("/test/ai/chat/send");
//update-end---author:chenrui ---date:20241202 for[issues/7491]运行时间好长,效率慢 ------------
registration.addUrlPatterns("/airag/flow/run");
registration.addUrlPatterns("/airag/flow/debug");
registration.addUrlPatterns("/airag/chat/send");
registration.addUrlPatterns("/airag/app/debug");
//支持异步
registration.setAsyncSupported(true);
registration.setDispatcherTypes(DispatcherType.REQUEST, DispatcherType.ASYNC);

4
jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/config/shiro/ignore/IgnoreAuthPostProcessor.java
View File

@ -91,6 +91,10 @@ public class IgnoreAuthPostProcessor implements InitializingBean {
if (bases.length > 0) {
for (String base : bases) {
for (String uri : uris) {
// 如果uri包含路径占位符, 则需要将其替换为*
if (uri.matches(".*\\{.*}.*")) {
uri = uri.replaceAll("\\{.*?}", "*");
}
urls.add(prefix(base) + prefix(uri));
}
}

5
jeecg-boot/jeecg-boot-base-core/src/main/java/org/jeecg/config/shiro/ignore/InMemoryIgnoreAuth.java
View File

@ -1,5 +1,7 @@
package org.jeecg.config.shiro.ignore;
import org.springframework.util.AntPathMatcher;
import org.springframework.util.PathMatcher;
import java.util.ArrayList;
import java.util.List;
@ -12,6 +14,7 @@ import java.util.List;
public class InMemoryIgnoreAuth {
private static final List<String> IGNORE_AUTH_LIST = new ArrayList<>();
private static PathMatcher MATCHER = new AntPathMatcher();
public InMemoryIgnoreAuth() {}
public static void set(List<String> list) {
@ -28,7 +31,7 @@ public class InMemoryIgnoreAuth {
public static boolean contains(String url) {
for (String ignoreAuth : IGNORE_AUTH_LIST) {
if (url.endsWith(ignoreAuth)) {
if(MATCHER.match(ignoreAuth,url)){
return true;
}
}