pengjunjie/JeecgBoot
1
0
Fork 1
mirror of https://github.com/jeecgboot/JeecgBoot.git synced 2026-01-03 20:35:29 +08:00
Code Issues Packages Projects Releases Wiki Activity

JeecgBoot 2.4.6版本发布

Browse Source
This commit is contained in:
zhangdaiscott
2021-08-13 15:27:30 +08:00
parent 77ae4413ca
commit cd74b7f882
126 changed files with 3242 additions and 980 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
jeecg-boot/jeecg-boot-base/jeecg-boot-base-core/src/main/java/org/jeecg/common/api/CommonAPI.java
View File

@ -3,6 +3,7 @@ package org.jeecg.common.api;
import org.jeecg.common.system.vo.*;
import java.util.List;
import java.util.Map;
import java.util.Set;
public interface CommonAPI {
@ -85,6 +86,13 @@ public interface CommonAPI {
*/
public List<DictModel> queryDictItemsByCode(String code);
/**
* 获取有效的数据字典项
* @param code
* @return
*/
public List<DictModel> queryEnableDictItemsByCode(String code);
/**
* 13获取表数据字典
* @param table
@ -94,4 +102,22 @@ public interface CommonAPI {
*/
List<DictModel> queryTableDictItemsByCode(String table, String text, String code);
/**
* 14 普通字典的翻译根据多个dictCode和多条数据多个以逗号分割
* @param dictCodes 例如user_status,sex
* @param keys 例如1,2,0
* @return
*/
Map<String, List<DictModel>> translateManyDict(String dictCodes, String keys);
/**
* 15 字典表的 翻译,可批量
* @param table
* @param text
* @param code
* @param keys 多个用逗号分割
* @return
*/
List<DictModel> translateDictFromTableByKeys(String table, String text, String code, String keys);
}

224
jeecg-boot/jeecg-boot-base/jeecg-boot-base-core/src/main/java/org/jeecg/common/aspect/DictAspect.java
View File

@ -1,5 +1,6 @@
package org.jeecg.common.aspect;
import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.JSONObject;
import com.baomidou.mybatisplus.core.metadata.IPage;
import com.fasterxml.jackson.annotation.JsonFormat;
@ -14,17 +15,17 @@ import org.jeecg.common.api.CommonAPI;
import org.jeecg.common.api.vo.Result;
import org.jeecg.common.aspect.annotation.Dict;
import org.jeecg.common.constant.CommonConstant;
import org.jeecg.modules.base.service.BaseCommonService;
import org.jeecg.common.system.vo.DictModel;
import org.jeecg.common.util.oConvertUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.stereotype.Component;
import org.springframework.util.StringUtils;
import java.lang.reflect.Field;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Date;
import java.util.List;
import java.util.*;
import java.util.stream.Collectors;
/**
* @Description: 字典aop类
@ -56,7 +57,7 @@ public class DictAspect {
long start=System.currentTimeMillis();
this.parseDictText(result);
long end=System.currentTimeMillis();
log.debug("解析注入JSON数据 耗时"+(end-start)+"ms");
log.debug("注入字典到JSON数据 耗时"+(end-start)+"ms");
return result;
}
@ -86,6 +87,12 @@ public class DictAspect {
if (result instanceof Result) {
if (((Result) result).getResult() instanceof IPage) {
List<JSONObject> items = new ArrayList<>();
//step.1 筛选出加了 Dict 注解的字段列表
List<Field> dictFieldList = new ArrayList<>();
// 字典数据列表, key = 字典codevalue=数据列表
Map<String, List<String>> dataListMap = new HashMap<>();
for (Object record : ((IPage) ((Result) result).getResult()).getRecords()) {
ObjectMapper mapper = new ObjectMapper();
String json="{}";
@ -98,20 +105,28 @@ public class DictAspect {
JSONObject item = JSONObject.parseObject(json);
//update-begin--Author:scott -- Date:20190603 ----for解决继承实体字段无法翻译问题------
//for (Field field : record.getClass().getDeclaredFields()) {
// 遍历所有字段把字典Code取出来放到 map 里
for (Field field : oConvertUtils.getAllFields(record)) {
String value = item.getString(field.getName());
if (oConvertUtils.isEmpty(value)) {
continue;
}
//update-end--Author:scott -- Date:20190603 ----for解决继承实体字段无法翻译问题------
if (field.getAnnotation(Dict.class) != null) {
if (!dictFieldList.contains(field)) {
dictFieldList.add(field);
}
String code = field.getAnnotation(Dict.class).dicCode();
String text = field.getAnnotation(Dict.class).dicText();
String table = field.getAnnotation(Dict.class).dictTable();
String key = String.valueOf(item.get(field.getName()));
//翻译字典值对应的txt
String textValue = translateDictValue(code, text, table, key);
log.debug(" 字典Val : "+ textValue);
log.debug(" __翻译字典字段__ "+field.getName() + CommonConstant.DICT_TEXT_SUFFIX+" "+ textValue);
item.put(field.getName() + CommonConstant.DICT_TEXT_SUFFIX, textValue);
List<String> dataList;
String dictCode = code;
if (!StringUtils.isEmpty(table)) {
dictCode = String.format("%s,%s,%s", table, text, code);
}
dataList = dataListMap.computeIfAbsent(dictCode, k -> new ArrayList<>());
this.listAddAllDeduplicate(dataList, Arrays.asList(value.split(",")));
}
//date类型默认转换string格式化日期
if (field.getType().getName().equals("java.util.Date")&&field.getAnnotation(JsonFormat.class)==null&&item.get(field.getName())!=null){
@ -121,12 +136,194 @@ public class DictAspect {
}
items.add(item);
}
//step.2 调用翻译方法,一次性翻译
Map<String, List<DictModel>> translText = this.translateAllDict(dataListMap);
//step.3 将翻译结果填充到返回结果里
for (JSONObject record : items) {
for (Field field : dictFieldList) {
String code = field.getAnnotation(Dict.class).dicCode();
String text = field.getAnnotation(Dict.class).dicText();
String table = field.getAnnotation(Dict.class).dictTable();
String fieldDictCode = code;
if (!StringUtils.isEmpty(table)) {
fieldDictCode = String.format("%s,%s,%s", table, text, code);
}
String value = record.getString(field.getName());
if (oConvertUtils.isNotEmpty(value)) {
List<DictModel> dictModels = translText.get(fieldDictCode);
if(dictModels==null || dictModels.size()==0){
continue;
}
String textValue = this.translDictText(dictModels, value);
log.debug(" 字典Val : " + textValue);
log.debug(" __翻译字典字段__ " + field.getName() + CommonConstant.DICT_TEXT_SUFFIX + " " + textValue);
// TODO-sun 测试输出,待删
log.debug(" ---- dictCode: " + fieldDictCode);
log.debug(" ---- value: " + value);
log.debug(" ----- text: " + textValue);
log.debug(" ---- dictModels: " + JSON.toJSONString(dictModels));
record.put(field.getName() + CommonConstant.DICT_TEXT_SUFFIX, textValue);
}
}
}
((IPage) ((Result) result).getResult()).setRecords(items);
}
}
}
/**
* list 去重添加
*/
private void listAddAllDeduplicate(List<String> dataList, List<String> addList) {
// 筛选出dataList中没有的数据
List<String> filterList = addList.stream().filter(i -> !dataList.contains(i)).collect(Collectors.toList());
dataList.addAll(filterList);
}
/**
* 一次性把所有的字典都翻译了
* 1. 所有的普通数据字典的所有数据只执行一次SQL
* 2. 表字典相同的所有数据只执行一次SQL
* @param dataListMap
* @return
*/
private Map<String, List<DictModel>> translateAllDict(Map<String, List<String>> dataListMap) {
// 翻译后的字典文本key=dictCode
Map<String, List<DictModel>> translText = new HashMap<>();
// 需要翻译的数据有些可以从redis缓存中获取就不走数据库查询
List<String> needTranslData = new ArrayList<>();
//step.1 先通过redis中获取缓存字典数据
for (String dictCode : dataListMap.keySet()) {
List<String> dataList = dataListMap.get(dictCode);
if (dataList.size() == 0) {
continue;
}
// 表字典需要翻译的数据
List<String> needTranslDataTable = new ArrayList<>();
for (String s : dataList) {
String data = s.trim();
if (data.length() == 0) {
continue; //跳过循环
}
if (dictCode.contains(",")) {
String keyString = String.format("sys:cache:dictTable::SimpleKey [%s,%s]", dictCode, data);
if (redisTemplate.hasKey(keyString)) {
try {
String text = oConvertUtils.getString(redisTemplate.opsForValue().get(keyString));
List<DictModel> list = translText.computeIfAbsent(dictCode, k -> new ArrayList<>());
list.add(new DictModel(data, text));
} catch (Exception e) {
log.warn(e.getMessage());
}
} else if (!needTranslDataTable.contains(data)) {
// 去重添加
needTranslDataTable.add(data);
}
} else {
String keyString = String.format("sys:cache:dict::%s:%s", dictCode, data);
if (redisTemplate.hasKey(keyString)) {
try {
String text = oConvertUtils.getString(redisTemplate.opsForValue().get(keyString));
List<DictModel> list = translText.computeIfAbsent(dictCode, k -> new ArrayList<>());
list.add(new DictModel(data, text));
} catch (Exception e) {
log.warn(e.getMessage());
}
} else if (!needTranslData.contains(data)) {
// 去重添加
needTranslData.add(data);
}
}
}
//step.2 调用数据库翻译表字典
if (needTranslDataTable.size() > 0) {
String[] arr = dictCode.split(",");
String table = arr[0], text = arr[1], code = arr[2];
String values = String.join(",", needTranslDataTable);
log.info("translateDictFromTableByKeys.dictCode:" + dictCode);
log.info("translateDictFromTableByKeys.values:" + values);
List<DictModel> texts = commonAPI.translateDictFromTableByKeys(table, text, code, values);
log.info("translateDictFromTableByKeys.result:" + texts);
List<DictModel> list = translText.computeIfAbsent(dictCode, k -> new ArrayList<>());
list.addAll(texts);
// 做 redis 缓存
for (DictModel dict : texts) {
String redisKey = String.format("sys:cache:dictTable::SimpleKey [%s,%s]", dictCode, dict.getValue());
try {
redisTemplate.opsForValue().set(redisKey, dict.getText());
} catch (Exception e) {
log.warn(e.getMessage(), e);
}
}
}
}
//step.3 调用数据库进行翻译普通字典
if (needTranslData.size() > 0) {
List<String> dictCodeList = Arrays.asList(dataListMap.keySet().toArray(new String[]{}));
// 将不包含逗号的字典code筛选出来因为带逗号的是表字典而不是普通的数据字典
List<String> filterDictCodes = dictCodeList.stream().filter(key -> !key.contains(",")).collect(Collectors.toList());
String dictCodes = String.join(",", filterDictCodes);
String values = String.join(",", needTranslData);
log.info("translateManyDict.dictCodes:" + dictCodes);
log.info("translateManyDict.values:" + values);
Map<String, List<DictModel>> manyDict = commonAPI.translateManyDict(dictCodes, values);
log.info("translateManyDict.result:" + manyDict);
for (String dictCode : manyDict.keySet()) {
List<DictModel> list = translText.computeIfAbsent(dictCode, k -> new ArrayList<>());
List<DictModel> newList = manyDict.get(dictCode);
list.addAll(newList);
// 做 redis 缓存
for (DictModel dict : newList) {
String redisKey = String.format("sys:cache:dict::%s:%s", dictCode, dict.getValue());
try {
redisTemplate.opsForValue().set(redisKey, dict.getText());
} catch (Exception e) {
log.warn(e.getMessage(), e);
}
}
}
}
return translText;
}
/**
* 字典值替换文本
*
* @param dictModels
* @param values
* @return
*/
private String translDictText(List<DictModel> dictModels, String values) {
List<String> result = new ArrayList<>();
// 允许多个逗号分隔,允许传数组对象
String[] splitVal = values.split(",");
for (String val : splitVal) {
String dictText = val;
for (DictModel dict : dictModels) {
if (val.equals(dict.getValue())) {
dictText = dict.getText();
break;
}
}
result.add(dictText);
}
return String.join(",", result);
}
/**
* 翻译字典文本
* @param code
@ -135,6 +332,7 @@ public class DictAspect {
* @param key
* @return
*/
@Deprecated
private String translateDictValue(String code, String text, String table, String key) {
if(oConvertUtils.isEmpty(key)) {
return null;
@ -151,7 +349,7 @@ public class DictAspect {
if (!StringUtils.isEmpty(table)){
log.info("--DictAspect------dicTable="+ table+" ,dicText= "+text+" ,dicCode="+code);
String keyString = String.format("sys:cache:dictTable::SimpleKey [%s,%s,%s,%s]",table,text,code,k.trim());
if (redisTemplate.hasKey(keyString)){
if (redisTemplate.hasKey(keyString)){
try {
tmpValue = oConvertUtils.getString(redisTemplate.opsForValue().get(keyString));
} catch (Exception e) {

14
jeecg-boot/jeecg-boot-base/jeecg-boot-base-core/src/main/java/org/jeecg/common/constant/DataBaseConstant.java
View File

@ -11,12 +11,14 @@ public interface DataBaseConstant {
public static final String DB_TYPE_SQLSERVER = "SQLSERVER";
public static final String DB_TYPE_MARIADB = "MARIADB";
// 数据库类型,对应 database_type 字典
public static final String DB_TYPE_MYSQL_NUM = "1";
public static final String DB_TYPE_ORACLE_NUM = "2";
public static final String DB_TYPE_SQLSERVER_NUM = "3";
public static final String DB_TYPE_POSTGRESQL_NUM = "4";
public static final String DB_TYPE_MARIADB_NUM = "5";
// // 数据库类型,对应 database_type 字典
// public static final String DB_TYPE_MYSQL_NUM = "1";
// public static final String DB_TYPE_MYSQL7_NUM = "6";
// public static final String DB_TYPE_ORACLE_NUM = "2";
// public static final String DB_TYPE_SQLSERVER_NUM = "3";
// public static final String DB_TYPE_POSTGRESQL_NUM = "4";
// public static final String DB_TYPE_MARIADB_NUM = "5";
//*********系统上下文变量****************************************
/**
* 数据-所属机构编码

1
jeecg-boot/jeecg-boot-base/jeecg-boot-base-core/src/main/java/org/jeecg/common/constant/ServiceNameConstants.java
View File

@ -29,6 +29,7 @@ public interface ServiceNameConstants {
* 系统管理 admin
*/
String SYSTEM_SERVICE = "jeecg-system";
String SYSTEM_ONLINE = "jeecg-online";
/**
* gateway通过header传递根路径 basePath

82
jeecg-boot/jeecg-boot-base/jeecg-boot-base-core/src/main/java/org/jeecg/common/constant/enums/RoleIndexConfigEnum.java Normal file
View File

@ -0,0 +1,82 @@
package org.jeecg.common.constant.enums;
/**
* 首页自定义
* 通过角色编码与首页组件路径配置
*/
public enum RoleIndexConfigEnum {
/**
* 管理员
*/
ADMIN("admin1", "dashboard/Analysis2"),
/**
* 测试
*/
TEST("test", "dashboard/Analysis"),
/**
* hr
*/
HR("hr", "dashboard/Analysis1");
/**
* 角色编码
*/
String roleCode;
/**
* 路由index
*/
String componentUrl;
/**
* 构造器
*
* @param roleCode 角色编码
* @param componentUrl 首页组件路径(规则跟菜单配置一样)
*/
RoleIndexConfigEnum(String roleCode, String componentUrl) {
this.roleCode = roleCode;
this.componentUrl = componentUrl;
}
/**
* 根据code找枚举
* @param roleCode 角色编码
* @return
*/
public static RoleIndexConfigEnum getEnumByCode(String roleCode) {
for (RoleIndexConfigEnum e : RoleIndexConfigEnum.values()) {
if (e.roleCode.equals(roleCode)) {
return e;
}
}
return null;
}
/**
* 根据code找index
* @param roleCode 角色编码
* @return
*/
public static String getIndexByCode(String roleCode) {
for (RoleIndexConfigEnum e : RoleIndexConfigEnum.values()) {
if (e.roleCode.equals(roleCode)) {
return e.componentUrl;
}
}
return null;
}
public String getRoleCode() {
return roleCode;
}
public void setRoleCode(String roleCode) {
this.roleCode = roleCode;
}
public String getComponentUrl() {
return componentUrl;
}
public void setComponentUrl(String componentUrl) {
this.componentUrl = componentUrl;
}
}

25
jeecg-boot/jeecg-boot-base/jeecg-boot-base-core/src/main/java/org/jeecg/common/es/JeecgElasticsearchTemplate.java
View File

@ -26,6 +26,8 @@ public class JeecgElasticsearchTemplate {
/** es服务地址 */
private String baseUrl;
private final String FORMAT_JSON = "format=json";
/** Elasticsearch 的版本号 */
private String version = null;
// ElasticSearch 最大可返回条目数
public static final int ES_MAX_SIZE = 10000;
@ -37,15 +39,31 @@ public class JeecgElasticsearchTemplate {
// 验证配置的ES地址是否有效
if (checkEnabled) {
try {
RestUtil.get(this.getBaseUrl().toString());
this.getElasticsearchVersion();
log.info("ElasticSearch 服务连接成功");
log.info("ElasticSearch version: " + this.version);
} catch (Exception e) {
this.version = "";
log.warn("ElasticSearch 服务连接失败原因配置未通过。可能是BaseURL未配置或配置有误也可能是Elasticsearch服务未启动。接下来将会拒绝执行任何方法");
}
}
}
}
/**
* 获取 Elasticsearch 的版本号信息失败返回null
*/
private void getElasticsearchVersion() {
if (this.version == null) {
String url = this.getBaseUrl().toString();
JSONObject result = RestUtil.get(url);
if (result != null) {
JSONObject v = result.getJSONObject("version");
this.version = v.getString("number");
}
}
}
public StringBuilder getBaseUrl(String indexName, String typeName) {
typeName = typeName.trim().toLowerCase();
return this.getBaseUrl(indexName).append("/").append(typeName);
@ -185,6 +203,11 @@ public class JeecgElasticsearchTemplate {
*/
public JSONObject getIndexMapping(String indexName, String typeName) {
String url = this.getBaseUrl(indexName, typeName).append("/_mapping?").append(FORMAT_JSON).toString();
// 针对 es 7.x 版本做兼容
this.getElasticsearchVersion();
if (oConvertUtils.isNotEmpty(this.version) && this.version.startsWith("7")) {
url += "&include_type_name=true";
}
log.info("getIndexMapping-url:" + url);
/*
* 参考返回JSON结构

16
jeecg-boot/jeecg-boot-base/jeecg-boot-base-core/src/main/java/org/jeecg/common/system/query/QueryCondition.java
View File

@ -7,7 +7,13 @@ public class QueryCondition implements Serializable {
private static final long serialVersionUID = 4740166316629191651L;
private String field;
/** 组件的类型例如input、select、radio */
private String type;
/**
* 对应的数据库字段的类型
* 支持int、bigDecimal、short、long、float、double、boolean
*/
private String dbType;
private String rule;
private String val;
@ -27,6 +33,14 @@ public class QueryCondition implements Serializable {
this.type = type;
}
public String getDbType() {
return dbType;
}
public void setDbType(String dbType) {
this.dbType = dbType;
}
public String getRule() {
return rule;
}
@ -49,7 +63,7 @@ public class QueryCondition implements Serializable {
if(field == null || "".equals(field)){
return "";
}
sb.append(this.field).append(" ").append(this.rule).append(" ").append(this.type).append(" ").append(this.val);
sb.append(this.field).append(" ").append(this.rule).append(" ").append(this.type).append(" ").append(this.dbType).append(" ").append(this.val);
return sb.toString();
}
}

95
jeecg-boot/jeecg-boot-base/jeecg-boot-base-core/src/main/java/org/jeecg/common/system/query/QueryGenerator.java
View File

@ -1,21 +1,5 @@
package org.jeecg.common.system.query;
import com.alibaba.fastjson.JSON;
import com.baomidou.mybatisplus.annotation.TableField;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.beanutils.PropertyUtils;
import org.jeecg.common.constant.CommonConstant;
import org.jeecg.common.constant.DataBaseConstant;
import org.jeecg.common.system.util.JeecgDataAutorUtils;
import org.jeecg.common.system.util.JwtUtil;
import org.jeecg.common.system.vo.SysPermissionDataRuleModel;
import org.jeecg.common.util.CommonUtils;
import org.jeecg.common.util.DateUtils;
import org.jeecg.common.util.SqlInjectionUtil;
import org.jeecg.common.util.oConvertUtils;
import org.springframework.util.NumberUtils;
import java.beans.PropertyDescriptor;
import java.io.UnsupportedEncodingException;
import java.lang.reflect.Field;
@ -28,6 +12,25 @@ import java.util.regex.Matcher;
import java.util.regex.Pattern;
import java.util.stream.Collectors;
import org.apache.commons.beanutils.PropertyUtils;
import org.jeecg.common.constant.CommonConstant;
import org.jeecg.common.constant.DataBaseConstant;
import org.jeecg.common.system.util.JeecgDataAutorUtils;
import org.jeecg.common.system.util.JwtUtil;
import org.jeecg.common.system.vo.SysPermissionDataRuleModel;
import org.jeecg.common.util.CommonUtils;
import org.jeecg.common.util.DateUtils;
import org.jeecg.common.util.SqlInjectionUtil;
import org.jeecg.common.util.oConvertUtils;
import org.springframework.util.NumberUtils;
import com.alibaba.fastjson.JSON;
import com.baomidou.mybatisplus.annotation.DbType;
import com.baomidou.mybatisplus.annotation.TableField;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import lombok.extern.slf4j.Slf4j;
@Slf4j
public class QueryGenerator {
public static final String SQL_RULES_COLUMN = "SQL_RULES_COLUMN";
@ -238,12 +241,12 @@ public class QueryGenerator {
//queryWrapper.orderByAsc(oConvertUtils.camelToUnderline(column));
String columnStr = oConvertUtils.camelToUnderline(column);
String[] columnArray = columnStr.split(",");
queryWrapper.orderByAsc(columnArray);
queryWrapper.orderByAsc(Arrays.asList(columnArray));
} else {
//queryWrapper.orderByDesc(oConvertUtils.camelToUnderline(column));
String columnStr = oConvertUtils.camelToUnderline(column);
String[] columnArray = columnStr.split(",");
queryWrapper.orderByDesc(columnArray);
queryWrapper.orderByDesc(Arrays.asList(columnArray));
}
//update-end--Author:scott Date:20210531 for36 多条件排序无效问题修正-------
}
@ -284,6 +287,39 @@ public class QueryGenerator {
}else if("datetime".equals(rule.getType())){
queryValue = DateUtils.str2Date(rule.getVal(), DateUtils.datetimeFormat.get());
}
// update-begin--author:sunjianlei date:20210702 for【/issues/I3VR8E】高级查询没有类型转换查询参数都是字符串类型 ----
String dbType = rule.getDbType();
if (oConvertUtils.isNotEmpty(dbType)) {
try {
String valueStr = String.valueOf(queryValue);
switch (dbType.toLowerCase().trim()) {
case "int":
queryValue = Integer.parseInt(valueStr);
break;
case "bigdecimal":
queryValue = new BigDecimal(valueStr);
break;
case "short":
queryValue = Short.parseShort(valueStr);
break;
case "long":
queryValue = Long.parseLong(valueStr);
break;
case "float":
queryValue = Float.parseFloat(valueStr);
break;
case "double":
queryValue = Double.parseDouble(valueStr);
break;
case "boolean":
queryValue = Boolean.parseBoolean(valueStr);
break;
}
} catch (Exception e) {
log.error("高级查询值转换失败:", e);
}
}
// update-begin--author:sunjianlei date:20210702 for【/issues/I3VR8E】高级查询没有类型转换查询参数都是字符串类型 ----
addEasyQuery(andWrapper, fieldColumnMap.get(rule.getField()), QueryRuleEnum.getByValue(rule.getRule()), queryValue);
//update-end-author:taoyan date:20201228 for: 【高级查询】 oracle 日期等于查询报错
@ -313,13 +349,15 @@ public class QueryGenerator {
*/
private static QueryRuleEnum convert2Rule(Object value) {
// 避免空数据
// update-begin-author:taoyan date:20210629 for: 查询条件输入空格导致return null后续判断导致抛出null异常
if (value == null) {
return null;
return QueryRuleEnum.EQ;
}
String val = (value + "").toString().trim();
if (val.length() == 0) {
return null;
return QueryRuleEnum.EQ;
}
// update-end-author:taoyan date:20210629 for: 查询条件输入空格导致return null后续判断导致抛出null异常
QueryRuleEnum rule =null;
//update-begin--Author:scott Date:20190724 forinitQueryWrapper组装sql查询条件错误 #284-------------------
@ -820,20 +858,25 @@ public class QueryGenerator {
}
private static String getInConditionValue(Object value,boolean isString) {
//update-begin-author:taoyan date:20210628 for: 查询条件如果输入,导致sql报错
String[] temp = value.toString().split(",");
if(temp.length==0){
return "('')";
}
if(isString) {
String temp[] = value.toString().split(",");
String res="";
List<String> res = new ArrayList<>();
for (String string : temp) {
if(DataBaseConstant.DB_TYPE_SQLSERVER.equals(getDbType())){
res+=",N'"+string+"'";
res.add("N'"+string+"'");
}else{
res+=",'"+string+"'";
res.add("'"+string+"'");
}
}
return "("+res.substring(1)+")";
return "("+String.join("," ,res)+")";
}else {
return "("+value.toString()+")";
}
//update-end-author:taoyan date:20210628 for: 查询条件如果输入,导致sql报错
}
private static String getLikeConditionValue(Object value) {
@ -1003,8 +1046,6 @@ public class QueryGenerator {
/** 当前系统数据库类型 */
private static String DB_TYPE;
/**
* 获取系统数据库类型
*/

18
jeecg-boot/jeecg-boot-base/jeecg-boot-base-core/src/main/java/org/jeecg/common/system/vo/DictModelMany.java Normal file
View File

@ -0,0 +1,18 @@
package org.jeecg.common.system.vo;
import lombok.Data;
import lombok.EqualsAndHashCode;
/**
* 查询多个字典时用到
*/
@Data
@EqualsAndHashCode(callSuper = true)
public class DictModelMany extends DictModel {
/**
* 字典code根据多个字段code查询时才用到用于区分不同的字典选项
*/
private String dictCode;
}

10
jeecg-boot/jeecg-boot-base/jeecg-boot-base-core/src/main/java/org/jeecg/common/system/vo/DynamicDataSourceModel.java
View File

@ -36,10 +36,12 @@ public class DynamicDataSourceModel {
* 数据源地址
*/
private java.lang.String dbUrl;
/**
* 数据库名称
*/
private java.lang.String dbName;
// /**
// * 数据库名称
// */
// private java.lang.String dbName;
/**
* 用户名
*/

62
jeecg-boot/jeecg-boot-base/jeecg-boot-base-core/src/main/java/org/jeecg/common/util/CommonUtils.java
View File

@ -1,27 +1,27 @@
package org.jeecg.common.util;
import cn.hutool.core.util.StrUtil;
import cn.hutool.extra.pinyin.PinyinUtil;
import lombok.extern.slf4j.Slf4j;
import org.jeecg.common.constant.CommonConstant;
import org.jeecg.common.constant.DataBaseConstant;
import org.jeecg.common.exception.JeecgBootException;
import org.jeecg.common.util.oss.OssBootUtil;
import org.jeecgframework.poi.util.PoiPublicUtil;
import org.springframework.util.FileCopyUtils;
import org.springframework.web.multipart.MultipartFile;
import javax.sql.DataSource;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.io.*;
import java.sql.Connection;
import java.sql.DatabaseMetaData;
import java.sql.SQLException;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.sql.DataSource;
import org.jeecg.common.constant.CommonConstant;
import org.jeecg.common.constant.DataBaseConstant;
import org.jeecg.common.util.filter.FileTypeFilter;
import org.jeecg.common.util.oss.OssBootUtil;
import org.jeecgframework.poi.util.PoiPublicUtil;
import org.springframework.util.FileCopyUtils;
import org.springframework.web.multipart.MultipartFile;
import com.baomidou.mybatisplus.annotation.DbType;
import com.baomidou.mybatisplus.extension.toolkit.JdbcUtils;
import lombok.extern.slf4j.Slf4j;
@Slf4j
public class CommonUtils {
@ -116,6 +116,9 @@ public class CommonUtils {
*/
public static String uploadLocal(MultipartFile mf,String bizPath,String uploadpath){
try {
//update-begin-author:liusq date:20210809 for: 过滤上传文件类型
FileTypeFilter.fileTypeFilter(mf);
//update-end-author:liusq date:20210809 for: 过滤上传文件类型
String fileName = null;
File file = new File(uploadpath + File.separator + bizPath + File.separator );
if (!file.exists()) {
@ -143,6 +146,8 @@ public class CommonUtils {
return dbpath;
} catch (IOException e) {
log.error(e.getMessage(), e);
}catch (Exception e) {
log.error(e.getMessage(), e);
}
return "";
}
@ -163,6 +168,13 @@ public class CommonUtils {
/** 当前系统数据库类型 */
private static String DB_TYPE = "";
private static DbType dbTypeEnum = null;
/**
* 全局获取平台数据库类型(作废了)
* @return
*/
@Deprecated
public static String getDatabaseType() {
if(oConvertUtils.isNotEmpty(DB_TYPE)){
return DB_TYPE;
@ -177,6 +189,24 @@ public class CommonUtils {
}
}
/**
* 全局获取平台数据库类型对应mybaisPlus枚举
* @return
*/
public static DbType getDatabaseTypeEnum() {
if (oConvertUtils.isNotEmpty(dbTypeEnum)) {
return dbTypeEnum;
}
try {
DataSource dataSource = SpringContextUtils.getApplicationContext().getBean(DataSource.class);
dbTypeEnum = JdbcUtils.getDbType(dataSource.getConnection().getMetaData().getURL());
return dbTypeEnum;
} catch (SQLException e) {
log.warn(e.getMessage(), e);
return null;
}
}
/**
* 获取数据库类型
* @param dataSource

2
jeecg-boot/jeecg-boot-base/jeecg-boot-base-core/src/main/java/org/jeecg/common/util/DateUtils.java
View File

@ -291,7 +291,7 @@ public class DateUtils extends PropertyEditorSupport {
Date dt = new Date();
DateFormat df = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss");
String nowTime = df.format(dt);
Timestamp buydate = Timestamp.valueOf(nowTime);
java.sql.Timestamp buydate = java.sql.Timestamp.valueOf(nowTime);
return buydate;
}

4
jeecg-boot/jeecg-boot-base/jeecg-boot-base-core/src/main/java/org/jeecg/common/util/MinioUtil.java
View File

@ -2,6 +2,7 @@ package org.jeecg.common.util;
import io.minio.*;
import lombok.extern.slf4j.Slf4j;
import org.jeecg.common.util.filter.FileTypeFilter;
import org.jeecg.common.util.filter.StrAttackFilter;
import org.springframework.web.multipart.MultipartFile;
@ -68,6 +69,9 @@ public class MinioUtil {
minioClient.makeBucket(MakeBucketArgs.builder().bucket(newBucket).build());
log.info("create a new bucket.");
}
//update-begin-author:liusq date:20210809 for: 过滤上传文件类型
FileTypeFilter.fileTypeFilter(file);
//update-end-author:liusq date:20210809 for: 过滤上传文件类型
InputStream stream = file.getInputStream();
// 获取文件名
String orgName = file.getOriginalFilename();

4
jeecg-boot/jeecg-boot-base/jeecg-boot-base-core/src/main/java/org/jeecg/common/util/PathMatcherUtil.java
View File

@ -1,10 +1,10 @@
package org.jeecg.common.util;
import org.springframework.util.AntPathMatcher;
import java.util.Collection;
import java.util.Map;
import org.springframework.util.AntPathMatcher;
/**
* 使用Spring自身提供的地址匹配工具匹配URL
*/

17
jeecg-boot/jeecg-boot-base/jeecg-boot-base-core/src/main/java/org/jeecg/common/util/ReflectHelper.java
View File

@ -192,6 +192,23 @@ public class ReflectHelper {
}
}
/**
* 获取属性值
*/
public static Object getFieldVal(String fieldName, Object o) {
try {
// 暴力反射获取属性
Field filed = o.getClass().getDeclaredField(fieldName);
// 设置反射时取消Java的访问检查暴力访问
filed.setAccessible(true);
Object val = filed.get(o);
return val;
} catch (Exception e) {
e.printStackTrace();
return null;
}
}
/**
* 获取属性名数组
*/

39
jeecg-boot/jeecg-boot-base/jeecg-boot-base-core/src/main/java/org/jeecg/common/util/dynamic/db/DbTypeUtils.java Normal file
View File

@ -0,0 +1,39 @@
package org.jeecg.common.util.dynamic.db;
import com.baomidou.mybatisplus.annotation.DbType;
/**
* 数据库类型判断
* 【有些数据库引擎是一样的,以达到复用目的】
*/
public class DbTypeUtils {
public static boolean dbTypeIsMySQL(DbType dbType) {
return dbTypeIf(dbType, DbType.MYSQL, DbType.MARIADB, DbType.CLICK_HOUSE, DbType.SQLITE);
}
public static boolean dbTypeIsOracle(DbType dbType) {
return dbTypeIf(dbType, DbType.ORACLE, DbType.ORACLE_12C, DbType.DM);
}
public static boolean dbTypeIsSQLServer(DbType dbType) {
return dbTypeIf(dbType, DbType.SQL_SERVER, DbType.SQL_SERVER2005);
}
public static boolean dbTypeIsPostgre(DbType dbType) {
return dbTypeIf(dbType, DbType.POSTGRE_SQL, DbType.KINGBASE_ES, DbType.GAUSS);
}
/**
* 判断数据库类型
*/
public static boolean dbTypeIf(DbType dbType, DbType... correctTypes) {
for (DbType type : correctTypes) {
if (type.equals(dbType)) {
return true;
}
}
return false;
}
}

3
jeecg-boot/jeecg-boot-base/jeecg-boot-base-core/src/main/java/org/jeecg/common/util/dynamic/db/DynamicDBUtil.java
View File

@ -49,7 +49,7 @@ public class DynamicDBUtil {
dataSource.setBreakAfterAcquireFailure(true);
dataSource.setConnectionErrorRetryAttempts(0);
dataSource.setUsername(dbUser);
dataSource.setMaxWait(60000);
dataSource.setMaxWait(30000);
dataSource.setPassword(dbPassword);
log.info("******************************************");
@ -151,6 +151,7 @@ public class DynamicDBUtil {
list = findList(dbKey, sql, param);
if (oConvertUtils.listIsEmpty(list)) {
log.error("Except one, but not find actually");
return null;
}
if (list.size() > 1) {
log.error("Except one, but more than one actually");

213
jeecg-boot/jeecg-boot-base/jeecg-boot-base-core/src/main/java/org/jeecg/common/util/dynamic/db/SqlUtils.java
View File

@ -1,213 +0,0 @@
package org.jeecg.common.util.dynamic.db;
import org.apache.commons.lang3.StringUtils;
import org.jeecg.common.constant.DataBaseConstant;
import org.jeecg.common.system.vo.DynamicDataSourceModel;
import java.text.MessageFormat;
import java.util.Map;
/**
* 根据不同的数据库动态生成SQL例如分页
*/
public class SqlUtils {
public static final String DATABSE_TYPE_MYSQL = "mysql";
public static final String DATABSE_TYPE_MARIADB = "mariadb";
public static final String DATABSE_TYPE_POSTGRE = "postgresql";
public static final String DATABSE_TYPE_ORACLE = "oracle";
public static final String DATABSE_TYPE_SQLSERVER = "sqlserver";
/**
* 分页SQL
*/
public static final String MYSQL_SQL = "select * from ( {0}) sel_tab00 limit {1},{2}";
public static final String POSTGRE_SQL = "select * from ( {0}) sel_tab00 limit {2} offset {1}";
public static final String ORACLE_SQL = "select * from (select row_.*,rownum rownum_ from ({0}) row_ where rownum <= {1}) where rownum_>{2}";
public static final String SQLSERVER_SQL = "select * from ( select row_number() over(order by tempColumn) tempRowNumber, * from (select top {1} tempColumn = 0, {0}) t ) tt where tempRowNumber > {2}";
/**
* 获取所有表的SQL
*/
public static final String MYSQL_ALLTABLES_SQL = "select distinct table_name from information_schema.columns where table_schema = {0}";
public static final String POSTGRE__ALLTABLES_SQL = "SELECT distinct c.relname AS table_name FROM pg_class c";
public static final String ORACLE__ALLTABLES_SQL = "select distinct colstable.table_name as table_name from user_tab_cols colstable";
public static final String SQLSERVER__ALLTABLES_SQL = "select distinct c.name as table_name from sys.objects c";
/**
* 获取指定表的所有列名
*/
public static final String MYSQL_ALLCOLUMNS_SQL = "select column_name from information_schema.columns where table_name = {0} and table_schema = {1}";
public static final String POSTGRE_ALLCOLUMNS_SQL = "select table_name from information_schema.columns where table_name = {0}";
public static final String ORACLE_ALLCOLUMNS_SQL = "select column_name from all_tab_columns where table_name ={0}";
public static final String SQLSERVER_ALLCOLUMNS_SQL = "select name from syscolumns where id={0}";
/*
* 判断数据库类型
*/
public static boolean dbTypeIsMySQL(String dbType) {
return dbTypeIf(dbType, DATABSE_TYPE_MYSQL, DataBaseConstant.DB_TYPE_MYSQL_NUM) || dbTypeIf(dbType, DATABSE_TYPE_MARIADB, DataBaseConstant.DB_TYPE_MARIADB_NUM);
}
public static boolean dbTypeIsOracle(String dbType) {
return dbTypeIf(dbType, DATABSE_TYPE_ORACLE, DataBaseConstant.DB_TYPE_ORACLE_NUM);
}
public static boolean dbTypeIsSQLServer(String dbType) {
return dbTypeIf(dbType, DATABSE_TYPE_SQLSERVER, DataBaseConstant.DB_TYPE_SQLSERVER_NUM);
}
public static boolean dbTypeIsPostgre(String dbType) {
return dbTypeIf(dbType, DATABSE_TYPE_POSTGRE, DataBaseConstant.DB_TYPE_POSTGRESQL_NUM);
}
/**
* 判断数据库类型
*/
public static boolean dbTypeIf(String dbType, String... correctTypes) {
for (String type : correctTypes) {
if (type.equalsIgnoreCase(dbType)) {
return true;
}
}
return false;
}
/**
* 获取全 SQL
* 拼接 where 条件
*
* @param sql
* @param params
* @return
*/
public static String getFullSql(String sql, Map params) {
return getFullSql(sql, params, null, null);
}
/**
* 获取全 SQL
* 拼接 where 条件
* 拼接 order 排序
*
* @param sql
* @param params
* @param orderColumn 排序字段
* @param orderBy 排序方式,只能是 DESC 或 ASC
* @return
*/
public static String getFullSql(String sql, Map params, String orderColumn, String orderBy) {
StringBuilder sqlBuilder = new StringBuilder();
sqlBuilder.append("SELECT t.* FROM ( ").append(sql).append(" ) t ");
if (params != null && params.size() >= 1) {
sqlBuilder.append("WHERE 1=1 ");
for (Object key : params.keySet()) {
String value = String.valueOf(params.get(key));
if (StringUtils.isNotBlank(value)) {
sqlBuilder.append(" AND (").append(key).append(" = N'").append(value).append("')");
}
}
if (StringUtils.isNotBlank(orderColumn) && StringUtils.isNotBlank(orderBy)) {
sqlBuilder.append("ORDER BY ").append(orderColumn).append(" ").append("DESC".equalsIgnoreCase(orderBy) ? "DESC" : "ASC");
}
}
return sqlBuilder.toString();
}
/**
* 获取求数量 SQL
*
* @param sql
* @return
*/
public static String getCountSql(String sql) {
return String.format("SELECT COUNT(1) \"total\" FROM ( %s ) temp_count", sql);
}
/**
* 生成分页查询 SQL
*
* @param dbType 数据库类型
* @param sql
* @param page
* @param rows
* @return
*/
public static String createPageSqlByDBType(String dbType, String sql, int page, int rows) {
int beginNum = (page - 1) * rows;
Object[] sqlParam = new Object[3];
sqlParam[0] = sql;
sqlParam[1] = String.valueOf(beginNum);
sqlParam[2] = String.valueOf(rows);
if (dbTypeIsMySQL(dbType)) {
sql = MessageFormat.format(MYSQL_SQL, sqlParam);
} else if (dbTypeIsPostgre(dbType)) {
sql = MessageFormat.format(POSTGRE_SQL, sqlParam);
} else {
int beginIndex = (page - 1) * rows;
int endIndex = beginIndex + rows;
sqlParam[2] = Integer.toString(beginIndex);
sqlParam[1] = Integer.toString(endIndex);
if (dbTypeIsOracle(dbType)) {
sql = MessageFormat.format(ORACLE_SQL, sqlParam);
} else if (dbTypeIsSQLServer(dbType)) {
sqlParam[0] = sql.substring(getAfterSelectInsertPoint(sql));
sql = MessageFormat.format(SQLSERVER_SQL, sqlParam);
}
}
return sql;
}
/**
* 生成分页查询 SQL
*
* @param sql
* @param page
* @param rows
* @return
*/
public static String createPageSqlByDBKey(String dbKey, String sql, int page, int rows) {
DynamicDataSourceModel dynamicSourceEntity = DataSourceCachePool.getCacheDynamicDataSourceModel(dbKey);
String dbType = dynamicSourceEntity.getDbType();
return createPageSqlByDBType(dbType, sql, page, rows);
}
private static int getAfterSelectInsertPoint(String sql) {
int selectIndex = sql.toLowerCase().indexOf("select");
int selectDistinctIndex = sql.toLowerCase().indexOf("select distinct");
return selectIndex + (selectDistinctIndex == selectIndex ? 15 : 6);
}
public static String getAllTableSql(String dbType, Object... params) {
if (StringUtils.isNotEmpty(dbType)) {
if (dbTypeIsMySQL(dbType)) {
return MessageFormat.format(MYSQL_ALLTABLES_SQL, params);
} else if (dbTypeIsOracle(dbType)) {
return ORACLE__ALLTABLES_SQL;
} else if (dbTypeIsPostgre(dbType)) {
return POSTGRE__ALLTABLES_SQL;
} else if (dbTypeIsSQLServer(dbType)) {
return SQLSERVER__ALLTABLES_SQL;
}
}
return null;
}
public static String getAllColumnSQL(String dbType, Object... params) {
if (StringUtils.isNotEmpty(dbType)) {
if (dbTypeIsMySQL(dbType)) {
return MessageFormat.format(MYSQL_ALLCOLUMNS_SQL, params);
} else if (dbTypeIsOracle(dbType)) {
return MessageFormat.format(ORACLE_ALLCOLUMNS_SQL, params);
} else if (dbTypeIsPostgre(dbType)) {
return MessageFormat.format(POSTGRE_ALLCOLUMNS_SQL, params);
} else if (dbTypeIsSQLServer(dbType)) {
return MessageFormat.format(SQLSERVER_ALLCOLUMNS_SQL, params);
}
}
return null;
}
}

166
jeecg-boot/jeecg-boot-base/jeecg-boot-base-core/src/main/java/org/jeecg/common/util/filter/FileTypeFilter.java Normal file
View File

@ -0,0 +1,166 @@
package org.jeecg.common.util.filter;
import org.apache.commons.lang3.StringUtils;
import org.springframework.web.multipart.MultipartFile;
import java.io.InputStream;
import java.util.HashMap;
import java.util.Iterator;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
/**
* @Description: TODO
* @author: lsq
* @date: 2021年08月09日 15:29
*/
public class FileTypeFilter {
//文件后缀
private static String[] forbidType = {"jsp","php"};
// 初始化文件头类型,不够的自行补充
final static HashMap<String, String> fileTypeMap = new HashMap<>();
static {
fileTypeMap.put("3c25402070616765206c", "jsp");
fileTypeMap.put("3c3f7068700a0a2f2a2a0a202a205048", "php");
/* fileTypeMap.put("ffd8ffe000104a464946", "jpg");
fileTypeMap.put("89504e470d0a1a0a0000", "png");
fileTypeMap.put("47494638396126026f01", "gif");
fileTypeMap.put("49492a00227105008037", "tif");
fileTypeMap.put("424d228c010000000000", "bmp");
fileTypeMap.put("424d8240090000000000", "bmp");
fileTypeMap.put("424d8e1b030000000000", "bmp");
fileTypeMap.put("41433130313500000000", "dwg");
fileTypeMap.put("3c21444f435459504520", "html");
fileTypeMap.put("3c21646f637479706520", "htm");
fileTypeMap.put("48544d4c207b0d0a0942", "css");
fileTypeMap.put("696b2e71623d696b2e71", "js");
fileTypeMap.put("7b5c727466315c616e73", "rtf");
fileTypeMap.put("38425053000100000000", "psd");
fileTypeMap.put("46726f6d3a203d3f6762", "eml");
fileTypeMap.put("d0cf11e0a1b11ae10000", "doc");
fileTypeMap.put("5374616E64617264204A", "mdb");
fileTypeMap.put("252150532D41646F6265", "ps");
fileTypeMap.put("255044462d312e350d0a", "pdf");
fileTypeMap.put("2e524d46000000120001", "rmvb");
fileTypeMap.put("464c5601050000000900", "flv");
fileTypeMap.put("00000020667479706d70", "mp4");
fileTypeMap.put("49443303000000002176", "mp3");
fileTypeMap.put("000001ba210001000180", "mpg");
fileTypeMap.put("3026b2758e66cf11a6d9", "wmv");
fileTypeMap.put("52494646e27807005741", "wav");
fileTypeMap.put("52494646d07d60074156", "avi");
fileTypeMap.put("4d546864000000060001", "mid");
fileTypeMap.put("504b0304140000000800", "zip");
fileTypeMap.put("526172211a0700cf9073", "rar");
fileTypeMap.put("235468697320636f6e66", "ini");
fileTypeMap.put("504b03040a0000000000", "jar");
fileTypeMap.put("4d5a9000030000000400", "exe");
fileTypeMap.put("3c25402070616765206c", "jsp");
fileTypeMap.put("4d616e69666573742d56", "mf");
fileTypeMap.put("3c3f786d6c2076657273", "xml");
fileTypeMap.put("494e5345525420494e54", "sql");
fileTypeMap.put("7061636b616765207765", "java");
fileTypeMap.put("406563686f206f66660d", "bat");
fileTypeMap.put("1f8b0800000000000000", "gz");
fileTypeMap.put("6c6f67346a2e726f6f74", "properties");
fileTypeMap.put("cafebabe0000002e0041", "class");
fileTypeMap.put("49545346030000006000", "chm");
fileTypeMap.put("04000000010000001300", "mxp");
fileTypeMap.put("504b0304140006000800", "docx");
fileTypeMap.put("6431303a637265617465", "torrent");
fileTypeMap.put("6D6F6F76", "mov");
fileTypeMap.put("FF575043", "wpd");
fileTypeMap.put("CFAD12FEC5FD746F", "dbx");
fileTypeMap.put("2142444E", "pst");
fileTypeMap.put("AC9EBD8F", "qdf");
fileTypeMap.put("E3828596", "pwl");
fileTypeMap.put("2E7261FD", "ram");*/
}
/**
* @param fileName
* @return String
* @description 通过文件后缀名获取文件类型
*/
private static String getFileTypeBySuffix(String fileName) {
return fileName.substring(fileName.lastIndexOf(".") + 1, fileName.length());
}
/**
* 文件类型过滤
*
* @param file
*/
public static void fileTypeFilter(MultipartFile file) throws Exception {
String suffix = getFileType(file);
for (String type : forbidType) {
if (type.contains(suffix)) {
throw new Exception("上传失败,文件类型异常:" + suffix);
}
}
}
/**
* 通过读取文件头部获得文件类型
*
* @param file
* @return 文件类型
* @throws Exception
*/
private static String getFileType(MultipartFile file) throws Exception {
String fileExtendName = null;
InputStream is;
try {
//is = new FileInputStream(file);
is = file.getInputStream();
byte[] b = new byte[10];
is.read(b, 0, b.length);
String fileTypeHex = String.valueOf(bytesToHexString(b));
Iterator<String> keyIter = fileTypeMap.keySet().iterator();
while (keyIter.hasNext()) {
String key = keyIter.next();
// 验证前5个字符比较
if (key.toLowerCase().startsWith(fileTypeHex.toLowerCase().substring(0, 5))
|| fileTypeHex.toLowerCase().substring(0, 5).startsWith(key.toLowerCase())) {
fileExtendName = fileTypeMap.get(key);
break;
}
}
// 如果不是上述类型,则判断扩展名
if (StringUtils.isBlank(fileExtendName)) {
String fileName = file.getOriginalFilename();
return getFileTypeBySuffix(fileName);
}
is.close();
return fileExtendName;
} catch (Exception exception) {
throw new Exception(exception.getMessage(), exception);
}
}
/**
* 获得文件头部字符串
*
* @param src
* @return
*/
private static String bytesToHexString(byte[] src) {
StringBuilder stringBuilder = new StringBuilder();
if (src == null || src.length <= 0) {
return null;
}
for (int i = 0; i < src.length; i++) {
int v = src[i] & 0xFF;
String hv = Integer.toHexString(v);
if (hv.length() < 2) {
stringBuilder.append(0);
}
stringBuilder.append(hv);
}
return stringBuilder.toString();
}
}

7
jeecg-boot/jeecg-boot-base/jeecg-boot-base-core/src/main/java/org/jeecg/common/util/oss/OssBootUtil.java
View File

@ -9,6 +9,7 @@ import com.aliyun.oss.model.PutObjectResult;
import lombok.extern.slf4j.Slf4j;
import org.apache.tomcat.util.http.fileupload.FileItemStream;
import org.jeecg.common.util.CommonUtils;
import org.jeecg.common.util.filter.FileTypeFilter;
import org.jeecg.common.util.filter.StrAttackFilter;
import org.jeecg.common.util.oConvertUtils;
import org.springframework.web.multipart.MultipartFile;
@ -110,6 +111,9 @@ public class OssBootUtil {
if("" == orgName){
orgName=file.getName();
}
//update-begin-author:liusq date:20210809 for: 过滤上传文件类型
FileTypeFilter.fileTypeFilter(file);
//update-end-author:liusq date:20210809 for: 过滤上传文件类型
orgName = CommonUtils.getFileName(orgName);
String fileName = orgName.indexOf(".")==-1
?orgName + "_" + System.currentTimeMillis()
@ -136,6 +140,9 @@ public class OssBootUtil {
} catch (IOException e) {
e.printStackTrace();
return null;
}catch (Exception e) {
e.printStackTrace();
return null;
}
return FILE_URL;
}

5
jeecg-boot/jeecg-boot-base/jeecg-boot-base-core/src/main/java/org/jeecg/common/util/security/SecurityTools.java
View File

@ -8,9 +8,8 @@ import cn.hutool.crypto.asymmetric.RSA;
import cn.hutool.crypto.asymmetric.Sign;
import cn.hutool.crypto.asymmetric.SignAlgorithm;
import cn.hutool.crypto.symmetric.AES;
import cn.hutool.json.JSONObject;
import org.jeecg.common.util.security.entity.*;
import com.alibaba.fastjson.JSONObject;
import javax.crypto.SecretKey;
import java.security.KeyPair;
@ -34,7 +33,7 @@ public class SecurityTools {
String dencrptValue =aes.decryptStr(data);
//log.info("解密后报文"+dencrptValue);
resp.setData(new JSONObject(dencrptValue));
resp.setData(JSONObject.parseObject(dencrptValue));
boolean verify = sign.verify(dencrptValue.getBytes(), Base64Decoder.decode(signData));
resp.setSuccess(verify);

2
jeecg-boot/jeecg-boot-base/jeecg-boot-base-core/src/main/java/org/jeecg/common/util/security/entity/SecurityResp.java
View File

@ -1,6 +1,6 @@
package org.jeecg.common.util.security.entity;
import cn.hutool.json.JSONObject;
import com.alibaba.fastjson.JSONObject;
import lombok.Data;
@Data

14
jeecg-boot/jeecg-boot-base/jeecg-boot-base-core/src/main/java/org/jeecg/config/DruidConfig.java
View File

@ -1,8 +1,9 @@
package org.jeecg.config;
import com.alibaba.druid.spring.boot.autoconfigure.DruidDataSourceAutoConfigure;
import com.alibaba.druid.spring.boot.autoconfigure.properties.DruidStatProperties;
import com.alibaba.druid.util.Utils;
import java.io.IOException;
import javax.servlet.*;
import org.springframework.boot.autoconfigure.AutoConfigureAfter;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.boot.autoconfigure.condition.ConditionalOnWebApplication;
@ -10,8 +11,9 @@ import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import javax.servlet.*;
import java.io.IOException;
import com.alibaba.druid.spring.boot.autoconfigure.DruidDataSourceAutoConfigure;
import com.alibaba.druid.spring.boot.autoconfigure.properties.DruidStatProperties;
import com.alibaba.druid.util.Utils;
@Configuration
@AutoConfigureAfter(DruidDataSourceAutoConfigure.class)
@ -34,7 +36,7 @@ public class DruidConfig {
* 去除Druid监控页面的广告
*
* @param properties DruidStatProperties属性集合
* @return {@link org.springframework.boot.web.servlet.FilterRegistrationBean}
* @return {@link FilterRegistrationBean}
*/
@Bean
@ConditionalOnWebApplication

6
jeecg-boot/jeecg-boot-base/jeecg-boot-base-core/src/main/java/org/jeecg/config/StaticConfig.java
View File

@ -20,6 +20,12 @@ public class StaticConfig {
@Value(value = "${spring.mail.username}")
private String emailFrom;
/**
* 签名密钥串
*/
@Value(value = "${jeecg.signatureSecret}")
private String signatureSecret;
/*@Bean
public void initStatic() {

3
jeecg-boot/jeecg-boot-base/jeecg-boot-base-core/src/main/java/org/jeecg/config/Swagger2Config.java
View File

@ -110,7 +110,8 @@ public class Swagger2Config implements WebMvcConfigurer {
// 描述
.description("后台API接口")
// 作者
.contact("JEECG团队")
.contact(new Contact("北京国炬信息技术有限公司","www.jeccg.com","jeecgos@163.com"))
// .contact("JEECG团队")
.license("The Apache License, Version 2.0")
.licenseUrl("http://www.apache.org/licenses/LICENSE-2.0.html")
.build();

260
jeecg-boot/jeecg-boot-base/jeecg-boot-base-core/src/main/java/org/jeecg/config/mybatis/JeecgTenantParser.java
View File

@ -1,130 +1,130 @@
package org.jeecg.config.mybatis;
import com.baomidou.mybatisplus.extension.plugins.tenant.TenantSqlParser;
import net.sf.jsqlparser.expression.BinaryExpression;
import net.sf.jsqlparser.expression.Expression;
import net.sf.jsqlparser.expression.Parenthesis;
import net.sf.jsqlparser.expression.operators.conditional.AndExpression;
import net.sf.jsqlparser.expression.operators.conditional.OrExpression;
import net.sf.jsqlparser.expression.operators.relational.*;
import net.sf.jsqlparser.schema.Column;
import net.sf.jsqlparser.schema.Table;
import net.sf.jsqlparser.statement.select.*;
import java.util.List;
/**
* 复写租户条件
*/
public class JeecgTenantParser extends TenantSqlParser {
/**
* @param expression
* @param table
* @return
*/
protected Expression processTableAlias(Expression expression, Table table) {
String tableAliasName;
if (table.getAlias() == null) {
tableAliasName = table.getName();
} else {
tableAliasName = table.getAlias().getName();
}
// in
if (expression instanceof InExpression) {
InExpression in = (InExpression) expression;
if (in.getLeftExpression() instanceof Column) {
setTableAliasNameForColumn((Column) in.getLeftExpression(), tableAliasName);
}
// 比较操作
} else if (expression instanceof BinaryExpression) {
BinaryExpression compare = (BinaryExpression) expression;
if (compare.getLeftExpression() instanceof Column) {
setTableAliasNameForColumn((Column) compare.getLeftExpression(), tableAliasName);
} else if (compare.getRightExpression() instanceof Column) {
setTableAliasNameForColumn((Column) compare.getRightExpression(), tableAliasName);
}
// between
} else if (expression instanceof Between) {
Between between = (Between) expression;
if (between.getLeftExpression() instanceof Column) {
setTableAliasNameForColumn((Column) between.getLeftExpression(), tableAliasName);
}
}
return expression;
}
private void setTableAliasNameForColumn(Column column, String tableAliasName) {
column.setColumnName(tableAliasName + "." + column.getColumnName());
}
/**
* 默认是按 tenant_id=1 按等于条件追加
*
* @param currentExpression 现有的条件比如你原来的sql查询条件
* @param table
* @return
*/
@Override
protected Expression builderExpression(Expression currentExpression, Table table) {
final Expression tenantExpression = this.getTenantHandler().getTenantId(true);
Expression appendExpression;
if (!(tenantExpression instanceof SupportsOldOracleJoinSyntax)) {
appendExpression = new EqualsTo();
((EqualsTo) appendExpression).setLeftExpression(this.getAliasColumn(table));
((EqualsTo) appendExpression).setRightExpression(tenantExpression);
} else {
appendExpression = processTableAlias(tenantExpression, table);
}
if (currentExpression == null) {
return appendExpression;
}
if (currentExpression instanceof BinaryExpression) {
BinaryExpression binaryExpression = (BinaryExpression) currentExpression;
if (binaryExpression.getLeftExpression() instanceof FromItem) {
processFromItem((FromItem) binaryExpression.getLeftExpression());
}
if (binaryExpression.getRightExpression() instanceof FromItem) {
processFromItem((FromItem) binaryExpression.getRightExpression());
}
} else if (currentExpression instanceof InExpression) {
InExpression inExp = (InExpression) currentExpression;
ItemsList rightItems = inExp.getRightItemsList();
if (rightItems instanceof SubSelect) {
processSelectBody(((SubSelect) rightItems).getSelectBody());
}
}
if (currentExpression instanceof OrExpression) {
return new AndExpression(new Parenthesis(currentExpression), appendExpression);
} else {
return new AndExpression(currentExpression, appendExpression);
}
}
@Override
protected void processPlainSelect(PlainSelect plainSelect, boolean addColumn) {
FromItem fromItem = plainSelect.getFromItem();
if (fromItem instanceof Table) {
Table fromTable = (Table) fromItem;
if (!this.getTenantHandler().doTableFilter(fromTable.getName())) {
plainSelect.setWhere(builderExpression(plainSelect.getWhere(), fromTable));
if (addColumn) {
plainSelect.getSelectItems().add(new SelectExpressionItem(new Column(this.getTenantHandler().getTenantIdColumn())));
}
}
} else {
processFromItem(fromItem);
}
List<Join> joins = plainSelect.getJoins();
if (joins != null && joins.size() > 0) {
joins.forEach(j -> {
processJoin(j);
processFromItem(j.getRightItem());
});
}
}
}
//package org.jeecg.config.mybatis;
//
//import com.baomidou.mybatisplus.extension.plugins.tenant.TenantSqlParser;
//import net.sf.jsqlparser.expression.BinaryExpression;
//import net.sf.jsqlparser.expression.Expression;
//import net.sf.jsqlparser.expression.Parenthesis;
//import net.sf.jsqlparser.expression.operators.conditional.AndExpression;
//import net.sf.jsqlparser.expression.operators.conditional.OrExpression;
//import net.sf.jsqlparser.expression.operators.relational.*;
//import net.sf.jsqlparser.schema.Column;
//import net.sf.jsqlparser.schema.Table;
//import net.sf.jsqlparser.statement.select.*;
//
//import java.util.List;
//
///**
// * 复写租户条件
// */
//public class JeecgTenantParser extends TenantSqlParser {
//
// /**
// * @param expression
// * @param table
// * @return
// */
// protected Expression processTableAlias(Expression expression, Table table) {
// String tableAliasName;
// if (table.getAlias() == null) {
// tableAliasName = table.getName();
// } else {
// tableAliasName = table.getAlias().getName();
// }
//
// // in
// if (expression instanceof InExpression) {
// InExpression in = (InExpression) expression;
// if (in.getLeftExpression() instanceof Column) {
// setTableAliasNameForColumn((Column) in.getLeftExpression(), tableAliasName);
// }
//
// // 比较操作
// } else if (expression instanceof BinaryExpression) {
// BinaryExpression compare = (BinaryExpression) expression;
// if (compare.getLeftExpression() instanceof Column) {
// setTableAliasNameForColumn((Column) compare.getLeftExpression(), tableAliasName);
// } else if (compare.getRightExpression() instanceof Column) {
// setTableAliasNameForColumn((Column) compare.getRightExpression(), tableAliasName);
// }
//
// // between
// } else if (expression instanceof Between) {
// Between between = (Between) expression;
// if (between.getLeftExpression() instanceof Column) {
// setTableAliasNameForColumn((Column) between.getLeftExpression(), tableAliasName);
// }
// }
// return expression;
// }
//
// private void setTableAliasNameForColumn(Column column, String tableAliasName) {
// column.setColumnName(tableAliasName + "." + column.getColumnName());
// }
//
// /**
// * 默认是按 tenant_id=1 按等于条件追加
// *
// * @param currentExpression 现有的条件比如你原来的sql查询条件
// * @param table
// * @return
// */
// @Override
// protected Expression builderExpression(Expression currentExpression, Table table) {
// final Expression tenantExpression = this.getTenantHandler().getTenantId(true);
// Expression appendExpression;
// if (!(tenantExpression instanceof SupportsOldOracleJoinSyntax)) {
// appendExpression = new EqualsTo();
// ((EqualsTo) appendExpression).setLeftExpression(this.getAliasColumn(table));
// ((EqualsTo) appendExpression).setRightExpression(tenantExpression);
// } else {
// appendExpression = processTableAlias(tenantExpression, table);
// }
// if (currentExpression == null) {
// return appendExpression;
// }
// if (currentExpression instanceof BinaryExpression) {
// BinaryExpression binaryExpression = (BinaryExpression) currentExpression;
// if (binaryExpression.getLeftExpression() instanceof FromItem) {
// processFromItem((FromItem) binaryExpression.getLeftExpression());
// }
// if (binaryExpression.getRightExpression() instanceof FromItem) {
// processFromItem((FromItem) binaryExpression.getRightExpression());
// }
// } else if (currentExpression instanceof InExpression) {
// InExpression inExp = (InExpression) currentExpression;
// ItemsList rightItems = inExp.getRightItemsList();
// if (rightItems instanceof SubSelect) {
// processSelectBody(((SubSelect) rightItems).getSelectBody());
// }
// }
// if (currentExpression instanceof OrExpression) {
// return new AndExpression(new Parenthesis(currentExpression), appendExpression);
// } else {
// return new AndExpression(currentExpression, appendExpression);
// }
// }
//
// @Override
// protected void processPlainSelect(PlainSelect plainSelect, boolean addColumn) {
// FromItem fromItem = plainSelect.getFromItem();
// if (fromItem instanceof Table) {
// Table fromTable = (Table) fromItem;
// if (!this.getTenantHandler().doTableFilter(fromTable.getName())) {
// plainSelect.setWhere(builderExpression(plainSelect.getWhere(), fromTable));
// if (addColumn) {
// plainSelect.getSelectItems().add(new SelectExpressionItem(new Column(this.getTenantHandler().getTenantIdColumn())));
// }
// }
// } else {
// processFromItem(fromItem);
// }
// List<Join> joins = plainSelect.getJoins();
// if (joins != null && joins.size() > 0) {
// joins.forEach(j -> {
// processJoin(j);
// processFromItem(j.getRightItem());
// });
// }
// }
//
//}

142
jeecg-boot/jeecg-boot-base/jeecg-boot-base-core/src/main/java/org/jeecg/config/mybatis/MybatisPlusConfig.java
View File

@ -1,142 +0,0 @@
package org.jeecg.config.mybatis;
import com.baomidou.mybatisplus.core.parser.ISqlParser;
import com.baomidou.mybatisplus.core.parser.ISqlParserFilter;
import com.baomidou.mybatisplus.core.toolkit.PluginUtils;
import com.baomidou.mybatisplus.extension.plugins.PaginationInterceptor;
import com.baomidou.mybatisplus.extension.plugins.tenant.TenantHandler;
import com.baomidou.mybatisplus.extension.plugins.tenant.TenantSqlParser;
import net.sf.jsqlparser.expression.Expression;
import net.sf.jsqlparser.expression.LongValue;
import net.sf.jsqlparser.expression.operators.relational.ExpressionList;
import net.sf.jsqlparser.expression.operators.relational.InExpression;
import net.sf.jsqlparser.schema.Column;
import org.apache.ibatis.reflection.MetaObject;
import org.jeecg.common.util.oConvertUtils;
import org.mybatis.spring.annotation.MapperScan;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import java.util.ArrayList;
import java.util.List;
/**
* 单数据源配置jeecg.datasource.open = false时生效
* @Author zhoujf
*
*/
@Configuration
@MapperScan(value={"org.jeecg.modules.**.mapper*"})
public class MybatisPlusConfig {
/**
* tenant_id 字段名
*/
public static final String tenant_field = "tenant_id";
/**
* 有哪些表需要做多租户 这些表需要添加一个字段 字段名和tenant_field对应的值一样
*/
private static final List<String> tenantTable = new ArrayList<String>();
/**
* ddl 关键字 判断不走多租户的sql过滤
*/
private static final List<String> DDL_KEYWORD = new ArrayList<String>();
static {
tenantTable.add("jee_bug_danbiao");
DDL_KEYWORD.add("alter");
}
/**
* 多租户属于 SQL 解析部分,依赖 MP 分页插件
*/
@Bean
public PaginationInterceptor paginationInterceptor() {
PaginationInterceptor paginationInterceptor = new PaginationInterceptor().setLimit(-1);
//多租户配置 配置后每次执行sql会走一遍他的转化器 如果不需要多租户功能 可以将其注释
tenantConfig(paginationInterceptor);
return paginationInterceptor;
}
/**
* 多租户的配置
* @param paginationInterceptor
*/
private void tenantConfig(PaginationInterceptor paginationInterceptor){
/*
* 【测试多租户】 SQL 解析处理拦截器<br>
* 这里固定写成住户 1 实际情况你可以从cookie读取因此数据看不到 【 麻花藤 】 这条记录( 注意观察 SQL <br>
*/
List<ISqlParser> sqlParserList = new ArrayList<>();
TenantSqlParser tenantSqlParser = new JeecgTenantParser();
tenantSqlParser.setTenantHandler(new TenantHandler() {
@Override
public Expression getTenantId(boolean select) {
String tenant_id = oConvertUtils.getString(TenantContext.getTenant(),"0");
return new LongValue(tenant_id);
}
@Override
public String getTenantIdColumn() {
return tenant_field;
}
@Override
public boolean doTableFilter(String tableName) {
//true则不加租户条件查询 false则加
// return excludeTable.contains(tableName);
if(tenantTable.contains(tableName)){
return false;
}
return true;
}
private Expression in(String ids){
final InExpression inExpression = new InExpression();
inExpression.setLeftExpression(new Column(getTenantIdColumn()));
final ExpressionList itemsList = new ExpressionList();
final List<Expression> inValues = new ArrayList<>(2);
for(String id:ids.split(",")){
inValues.add(new LongValue(id));
}
itemsList.setExpressions(inValues);
inExpression.setRightItemsList(itemsList);
return inExpression;
}
});
sqlParserList.add(tenantSqlParser);
paginationInterceptor.setSqlParserList(sqlParserList);
paginationInterceptor.setSqlParserFilter(new ISqlParserFilter() {
@Override
public boolean doFilter(MetaObject metaObject) {
String sql = (String) metaObject.getValue(PluginUtils.DELEGATE_BOUNDSQL_SQL);
for(String tableName: tenantTable){
String sql_lowercase = sql.toLowerCase();
if(sql_lowercase.indexOf(tableName.toLowerCase())>=0){
for(String key: DDL_KEYWORD){
if(sql_lowercase.indexOf(key)>=0){
return true;
}
}
return false;
}
}
/*if ("mapper路径.方法名".equals(ms.getId())) {
//使用这种判断也可以避免走此过滤器
return true;
}*/
return true;
}
});
}
// /**
// * mybatis-plus SQL执行效率插件【生产环境可以关闭】
// */
// @Bean
// public PerformanceInterceptor performanceInterceptor() {
// return new PerformanceInterceptor();
// }
}

88
jeecg-boot/jeecg-boot-base/jeecg-boot-base-core/src/main/java/org/jeecg/config/mybatis/MybatisPlusSaasConfig.java Normal file
View File

@ -0,0 +1,88 @@
package org.jeecg.config.mybatis;
import java.util.ArrayList;
import java.util.List;
import org.jeecg.common.util.oConvertUtils;
import org.mybatis.spring.annotation.MapperScan;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import com.baomidou.mybatisplus.extension.plugins.MybatisPlusInterceptor;
import com.baomidou.mybatisplus.extension.plugins.handler.TenantLineHandler;
import com.baomidou.mybatisplus.extension.plugins.inner.PaginationInnerInterceptor;
import com.baomidou.mybatisplus.extension.plugins.inner.TenantLineInnerInterceptor;
import net.sf.jsqlparser.expression.Expression;
import net.sf.jsqlparser.expression.LongValue;
/**
* 单数据源配置jeecg.datasource.open = false时生效
* @Author zhoujf
*
*/
@Configuration
@MapperScan(value={"org.jeecg.modules.**.mapper*"})
public class MybatisPlusSaasConfig {
/**
* tenant_id 字段名
*/
private static final String TENANT_FIELD_NAME = "tenant_id";
/**
* 哪些表需要做多租户 表需要添加一个字段 tenant_id
*/
private static final List<String> tenantTable = new ArrayList<String>();
static {
tenantTable.add("demo");
}
@Bean
public MybatisPlusInterceptor mybatisPlusInterceptor() {
MybatisPlusInterceptor interceptor = new MybatisPlusInterceptor();
// 先 add TenantLineInnerInterceptor 再 add PaginationInnerInterceptor
interceptor.addInnerInterceptor(new TenantLineInnerInterceptor(new TenantLineHandler() {
@Override
public Expression getTenantId() {
String tenant_id = oConvertUtils.getString(TenantContext.getTenant(),"0");
return new LongValue(tenant_id);
}
@Override
public String getTenantIdColumn(){
return TENANT_FIELD_NAME;
}
// 返回 true 表示不走租户逻辑
@Override
public boolean ignoreTable(String tableName) {
for(String temp: tenantTable){
if(temp.equalsIgnoreCase(tableName)){
return false;
}
}
return true;
}
}));
interceptor.addInnerInterceptor(new PaginationInnerInterceptor());
return interceptor;
}
// /**
// * 下个版本会删除,现在为了避免缓存出现问题不得不配置
// * @return
// */
// @Bean
// public ConfigurationCustomizer configurationCustomizer() {
// return configuration -> configuration.setUseDeprecatedExecutor(false);
// }
// /**
// * mybatis-plus SQL执行效率插件【生产环境可以关闭】
// */
// @Bean
// public PerformanceInterceptor performanceInterceptor() {
// return new PerformanceInterceptor();
// }
}

19
jeecg-boot/jeecg-boot-base/jeecg-boot-base-core/src/main/java/org/jeecg/config/shiro/ShiroConfig.java
View File

@ -83,7 +83,6 @@ public class ShiroConfig {
filterChainDefinitionMap.put("/sys/phoneLogin", "anon");//手机登录
filterChainDefinitionMap.put("/sys/user/checkOnlyUser", "anon");//校验用户是否存在
filterChainDefinitionMap.put("/sys/user/register", "anon");//用户注册
filterChainDefinitionMap.put("/sys/user/querySysUser", "anon");//根据手机号获取用户信息
filterChainDefinitionMap.put("/sys/user/phoneVerification", "anon");//用户忘记密码验证手机号
filterChainDefinitionMap.put("/sys/user/passwordChange", "anon");//用户更改密码
filterChainDefinitionMap.put("/auth/2step-code", "anon");//登录验证码
@ -101,9 +100,11 @@ public class ShiroConfig {
filterChainDefinitionMap.put("/**/*.png", "anon");
filterChainDefinitionMap.put("/**/*.ico", "anon");
// update-begin--Author:sunjianlei Date:20190813 for排除字体格式的后缀
filterChainDefinitionMap.put("/**/*.ttf", "anon");
filterChainDefinitionMap.put("/**/*.woff", "anon");
filterChainDefinitionMap.put("/**/*.woff2", "anon");
// update-begin--Author:sunjianlei Date:20190813 for排除字体格式的后缀
filterChainDefinitionMap.put("/druid/**", "anon");
filterChainDefinitionMap.put("/swagger-ui.html", "anon");
@ -111,36 +112,26 @@ public class ShiroConfig {
filterChainDefinitionMap.put("/webjars/**", "anon");
filterChainDefinitionMap.put("/v2/**", "anon");
// update-begin--Author:sunjianlei Date:20210510 for排除消息通告查看详情页面用于第三方APP
filterChainDefinitionMap.put("/sys/annountCement/show/**", "anon");
// update-end--Author:sunjianlei Date:20210510 for排除消息通告查看详情页面用于第三方APP
//积木报表排除
filterChainDefinitionMap.put("/jmreport/**", "anon");
filterChainDefinitionMap.put("/**/*.js.map", "anon");
filterChainDefinitionMap.put("/**/*.css.map", "anon");
//大屏设计器排除
filterChainDefinitionMap.put("/bigscreen/**", "anon");
//测试示例
filterChainDefinitionMap.put("/test/bigScreen/**", "anon"); //大屏模板例子
//filterChainDefinitionMap.put("/test/jeecgDemo/rabbitMqClientTest/**", "anon"); //MQ测试
//filterChainDefinitionMap.put("/test/jeecgDemo/html", "anon"); //模板页面
//filterChainDefinitionMap.put("/test/jeecgDemo/redis/**", "anon"); //redis测试
//大屏模板例子
filterChainDefinitionMap.put("/test/bigScreen/**", "anon");
//websocket排除
filterChainDefinitionMap.put("/websocket/**", "anon");//系统通知和公告
filterChainDefinitionMap.put("/newsWebsocket/**", "anon");//CMS模块
filterChainDefinitionMap.put("/vxeSocket/**", "anon");//JVxeTable无痕刷新示例
//性能监控 TODO 存在安全漏洞泄露TOEKNdurid连接池也有
filterChainDefinitionMap.put("/actuator/**", "anon");
// 添加自己的过滤器并且取名为jwt
Map<String, Filter> filterMap = new HashMap<String, Filter>(1);
//如果cloudServer为空 则说明是单体 需要加载跨域配置
//如果cloudServer为空 则说明是单体 需要加载跨域配置【微服务跨域切换】
Object cloudServer = env.getProperty(CommonConstant.CLOUD_SERVER_KEY);
filterMap.put("jwt", new JwtFilter(cloudServer==null));
shiroFilterFactoryBean.setFilters(filterMap);

13
jeecg-boot/jeecg-boot-base/jeecg-boot-base-core/src/main/java/org/jeecg/config/shiro/ShiroRealm.java
View File

@ -18,6 +18,7 @@ import org.jeecg.common.system.vo.LoginUser;
import org.jeecg.common.util.RedisUtil;
import org.jeecg.common.util.SpringContextUtils;
import org.jeecg.common.util.oConvertUtils;
import org.jeecg.config.mybatis.TenantContext;
import org.springframework.context.annotation.Lazy;
import org.springframework.stereotype.Component;
@ -126,7 +127,17 @@ public class ShiroRealm extends AuthorizingRealm {
if (!jwtTokenRefresh(token, username, loginUser.getPassword())) {
throw new AuthenticationException("Token失效请重新登录!");
}
//update-begin-author:taoyan date:20210609 for:校验用户的tenant_id和前端传过来的是否一致
String userTenantIds = loginUser.getRelTenantIds();
if(oConvertUtils.isNotEmpty(userTenantIds)){
String contextTenantId = TenantContext.getTenant();
if(oConvertUtils.isNotEmpty(contextTenantId) && !"0".equals(contextTenantId)){
if(String.join(",",userTenantIds).indexOf(contextTenantId)<0){
throw new AuthenticationException("用户租户信息变更,请重新登陆!");
}
}
}
//update-end-author:taoyan date:20210609 for:校验用户的tenant_id和前端传过来的是否一致
return loginUser;
}

7
jeecg-boot/jeecg-boot-base/jeecg-boot-base-core/src/main/java/org/jeecg/config/shiro/filters/JwtFilter.java
View File

@ -4,6 +4,7 @@ import lombok.extern.slf4j.Slf4j;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.web.filter.authc.BasicHttpAuthenticationFilter;
import org.jeecg.common.constant.CommonConstant;
import org.jeecg.common.util.oConvertUtils;
import org.jeecg.config.mybatis.TenantContext;
import org.jeecg.config.shiro.JwtToken;
import org.springframework.http.HttpStatus;
@ -22,6 +23,10 @@ import javax.servlet.http.HttpServletResponse;
@Slf4j
public class JwtFilter extends BasicHttpAuthenticationFilter {
/**
* 默认开启跨域设置(使用单体)
* 微服务情况下此属性设置为false
*/
private boolean allowOrigin = true;
public JwtFilter(){}
@ -55,7 +60,7 @@ public class JwtFilter extends BasicHttpAuthenticationFilter {
HttpServletRequest httpServletRequest = (HttpServletRequest) request;
String token = httpServletRequest.getHeader(CommonConstant.X_ACCESS_TOKEN);
// update-begin--Author:lvdandan Date:20210105 forJT-355 OA聊天添加token验证获取token参数
if(token == null){
if (oConvertUtils.isEmpty(token)) {
token = httpServletRequest.getParameter("token");
}
// update-end--Author:lvdandan Date:20210105 forJT-355 OA聊天添加token验证获取token参数

15
jeecg-boot/jeecg-boot-base/jeecg-boot-base-core/src/main/java/org/jeecg/config/sign/interceptor/SignAuthInterceptor.java
View File

@ -1,8 +1,12 @@
package org.jeecg.config.sign.interceptor;
import com.alibaba.fastjson.JSON;
import lombok.extern.slf4j.Slf4j;
import java.io.PrintWriter;
import java.util.SortedMap;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.jeecg.common.api.vo.Result;
import org.jeecg.common.constant.CommonConstant;
import org.jeecg.common.util.DateUtils;
@ -11,10 +15,9 @@ import org.jeecg.config.sign.util.HttpUtils;
import org.jeecg.config.sign.util.SignUtil;
import org.springframework.web.servlet.HandlerInterceptor;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.PrintWriter;
import java.util.SortedMap;
import com.alibaba.fastjson.JSON;
import lombok.extern.slf4j.Slf4j;
/**
* 签名拦截器

4
jeecg-boot/jeecg-boot-base/jeecg-boot-base-core/src/main/java/org/jeecg/config/sign/util/BodyReaderHttpServletRequestWrapper.java
View File

@ -11,8 +11,8 @@ import java.nio.charset.Charset;
/**
* 保存过滤器里面的流
*
* @author show
* @date 10:03 2019/5/30
* @author jeecg
* @date 20210621
*/
public class BodyReaderHttpServletRequestWrapper extends HttpServletRequestWrapper {

14
jeecg-boot/jeecg-boot-base/jeecg-boot-base-core/src/main/java/org/jeecg/config/sign/util/HttpUtils.java
View File

@ -1,11 +1,5 @@
package org.jeecg.config.sign.util;
import com.alibaba.fastjson.JSONObject;
import lombok.extern.slf4j.Slf4j;
import org.jeecg.common.util.oConvertUtils;
import org.springframework.http.HttpMethod;
import javax.servlet.http.HttpServletRequest;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
@ -16,6 +10,14 @@ import java.util.Map;
import java.util.SortedMap;
import java.util.TreeMap;
import javax.servlet.http.HttpServletRequest;
import lombok.extern.slf4j.Slf4j;
import org.jeecg.common.util.oConvertUtils;
import org.springframework.http.HttpMethod;
import com.alibaba.fastjson.JSONObject;
/**
* http 工具类 获取请求中的参数
*

17
jeecg-boot/jeecg-boot-base/jeecg-boot-base-core/src/main/java/org/jeecg/config/sign/util/SignUtil.java
View File

@ -2,6 +2,10 @@ package org.jeecg.config.sign.util;
import com.alibaba.fastjson.JSONObject;
import lombok.extern.slf4j.Slf4j;
import org.jeecg.common.exception.JeecgBootException;
import org.jeecg.common.util.SpringContextUtils;
import org.jeecg.common.util.oConvertUtils;
import org.jeecg.config.StaticConfig;
import org.springframework.util.DigestUtils;
import org.springframework.util.StringUtils;
@ -10,13 +14,11 @@ import java.util.SortedMap;
/**
* 签名工具类
*
* @author show
* @date 10:01 2019/5/30
* @author jeecg
* @date 20210621
*/
@Slf4j
public class SignUtil {
//签名密钥串(前后端要一致,正式发布请自行修改)
private static final String signatureSecret = "dd05f1c54d63749eda95f9fa6d49v442a";
public static final String xPathVariable = "x-path-variable";
/**
@ -44,6 +46,11 @@ public class SignUtil {
params.remove("_t");
String paramsJsonStr = JSONObject.toJSONString(params);
log.info("Param paramsJsonStr : {}", paramsJsonStr);
return DigestUtils.md5DigestAsHex((paramsJsonStr+signatureSecret).getBytes()).toUpperCase();
StaticConfig staticConfig = SpringContextUtils.getBean(StaticConfig.class);
String signatureSecret = staticConfig.getSignatureSecret();
if(oConvertUtils.isEmpty(signatureSecret) || signatureSecret.contains("${")){
throw new JeecgBootException("签名密钥 ${jeecg.signatureSecret} 缺少配置 ");
}
return DigestUtils.md5DigestAsHex((paramsJsonStr + signatureSecret).getBytes()).toUpperCase();
}
}

5
jeecg-boot/jeecg-boot-base/jeecg-boot-base-core/src/main/java/org/jeecg/modules/base/mapper/BaseCommonMapper.java
View File

@ -1,6 +1,6 @@
package org.jeecg.modules.base.mapper;
import com.baomidou.mybatisplus.annotation.SqlParser;
import com.baomidou.mybatisplus.annotation.InterceptorIgnore;
import org.apache.ibatis.annotations.Param;
import org.jeecg.common.api.dto.LogDTO;
@ -10,7 +10,8 @@ public interface BaseCommonMapper {
* 保存日志
* @param dto
*/
@SqlParser(filter=true)
//@SqlParser(filter=true)
@InterceptorIgnore
void saveLog(@Param("dto")LogDTO dto);
}