Merge remote-tracking branch 'origin/dev' into warm-flow-future
This commit is contained in:
commit
4f82f2b315
@ -43,19 +43,6 @@ public class ObjectUtils extends ObjectUtil {
|
||||
return defaultValue;
|
||||
}
|
||||
|
||||
/**
|
||||
* 如果值不为空,则返回值
|
||||
*
|
||||
* @param obj 对象
|
||||
* @return 对象字段
|
||||
*/
|
||||
public static <T> T notNull(T obj) {
|
||||
if (isNotNull(obj)) {
|
||||
return obj;
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
||||
/**
|
||||
* 如果值不为空,则返回值,否则返回默认值
|
||||
*
|
||||
|
@ -71,7 +71,10 @@ public class InjectionMetaObjectHandler implements MetaObjectHandler {
|
||||
baseEntity.setUpdateTime(current);
|
||||
|
||||
// 获取当前登录用户的ID,并填充更新人信息
|
||||
baseEntity.setUpdateBy(ObjectUtils.notNull(LoginHelper.getUserId()));
|
||||
Long userId = LoginHelper.getUserId();
|
||||
if (ObjectUtil.isNotNull(userId)) {
|
||||
baseEntity.setUpdateBy(userId);
|
||||
}
|
||||
} else {
|
||||
this.strictUpdateFill(metaObject, "updateTime", Date.class, new Date());
|
||||
}
|
||||
|
@ -22,7 +22,13 @@ import java.lang.annotation.Target;
|
||||
public @interface Sensitive {
|
||||
SensitiveStrategy strategy();
|
||||
|
||||
String roleKey() default "";
|
||||
/**
|
||||
* 角色标识符 多个角色满足一个即可
|
||||
*/
|
||||
String[] roleKey() default {};
|
||||
|
||||
String perms() default "";
|
||||
/**
|
||||
* 权限标识符 多个权限满足一个即可
|
||||
*/
|
||||
String[] perms() default {};
|
||||
}
|
||||
|
@ -13,6 +13,6 @@ public interface SensitiveService {
|
||||
/**
|
||||
* 是否脱敏
|
||||
*/
|
||||
boolean isSensitive(String roleKey, String perms);
|
||||
boolean isSensitive(String[] roleKey, String[] perms);
|
||||
|
||||
}
|
||||
|
@ -26,8 +26,8 @@ import java.util.Objects;
|
||||
public class SensitiveHandler extends JsonSerializer<String> implements ContextualSerializer {
|
||||
|
||||
private SensitiveStrategy strategy;
|
||||
private String roleKey;
|
||||
private String perms;
|
||||
private String[] roleKey;
|
||||
private String[] perms;
|
||||
|
||||
@Override
|
||||
public void serialize(String value, JsonGenerator gen, SerializerProvider serializers) throws IOException {
|
||||
|
@ -1,19 +1,22 @@
|
||||
package org.dromara.common.web.filter;
|
||||
|
||||
import cn.hutool.core.io.IoUtil;
|
||||
import cn.hutool.core.map.MapUtil;
|
||||
import cn.hutool.core.util.ArrayUtil;
|
||||
import cn.hutool.core.util.StrUtil;
|
||||
import cn.hutool.http.HtmlUtil;
|
||||
import org.dromara.common.core.utils.StringUtils;
|
||||
import org.springframework.http.HttpHeaders;
|
||||
import org.springframework.http.MediaType;
|
||||
|
||||
import jakarta.servlet.ReadListener;
|
||||
import jakarta.servlet.ServletInputStream;
|
||||
import jakarta.servlet.http.HttpServletRequest;
|
||||
import jakarta.servlet.http.HttpServletRequestWrapper;
|
||||
import org.dromara.common.core.utils.StringUtils;
|
||||
import org.springframework.http.HttpHeaders;
|
||||
import org.springframework.http.MediaType;
|
||||
|
||||
import java.io.ByteArrayInputStream;
|
||||
import java.io.IOException;
|
||||
import java.nio.charset.StandardCharsets;
|
||||
import java.util.HashMap;
|
||||
import java.util.Map;
|
||||
|
||||
/**
|
||||
@ -32,16 +35,22 @@ public class XssHttpServletRequestWrapper extends HttpServletRequestWrapper {
|
||||
@Override
|
||||
public String getParameter(String name) {
|
||||
String value = super.getParameter(name);
|
||||
if (value != null) {
|
||||
return HtmlUtil.cleanHtmlTag(value).trim();
|
||||
if (value == null) {
|
||||
return null;
|
||||
}
|
||||
return value;
|
||||
return HtmlUtil.cleanHtmlTag(value).trim();
|
||||
}
|
||||
|
||||
@Override
|
||||
public Map<String, String[]> getParameterMap() {
|
||||
Map<String, String[]> valueMap = super.getParameterMap();
|
||||
for (Map.Entry<String, String[]> entry : valueMap.entrySet()) {
|
||||
if (MapUtil.isEmpty(valueMap)) {
|
||||
return valueMap;
|
||||
}
|
||||
// 避免某些容器不允许改参数的情况 copy一份重新改
|
||||
Map<String, String[]> map = new HashMap<>(valueMap.size());
|
||||
map.putAll(valueMap);
|
||||
for (Map.Entry<String, String[]> entry : map.entrySet()) {
|
||||
String[] values = entry.getValue();
|
||||
if (values != null) {
|
||||
int length = values.length;
|
||||
@ -50,25 +59,25 @@ public class XssHttpServletRequestWrapper extends HttpServletRequestWrapper {
|
||||
// 防xss攻击和过滤前后空格
|
||||
escapseValues[i] = HtmlUtil.cleanHtmlTag(values[i]).trim();
|
||||
}
|
||||
valueMap.put(entry.getKey(), escapseValues);
|
||||
map.put(entry.getKey(), escapseValues);
|
||||
}
|
||||
}
|
||||
return valueMap;
|
||||
return map;
|
||||
}
|
||||
|
||||
@Override
|
||||
public String[] getParameterValues(String name) {
|
||||
String[] values = super.getParameterValues(name);
|
||||
if (values != null) {
|
||||
int length = values.length;
|
||||
String[] escapseValues = new String[length];
|
||||
for (int i = 0; i < length; i++) {
|
||||
// 防xss攻击和过滤前后空格
|
||||
escapseValues[i] = HtmlUtil.cleanHtmlTag(values[i]).trim();
|
||||
}
|
||||
return escapseValues;
|
||||
if (ArrayUtil.isEmpty(values)) {
|
||||
return values;
|
||||
}
|
||||
return values;
|
||||
int length = values.length;
|
||||
String[] escapseValues = new String[length];
|
||||
for (int i = 0; i < length; i++) {
|
||||
// 防xss攻击和过滤前后空格
|
||||
escapseValues[i] = HtmlUtil.cleanHtmlTag(values[i]).trim();
|
||||
}
|
||||
return escapseValues;
|
||||
}
|
||||
|
||||
@Override
|
||||
|
@ -35,6 +35,12 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.boot</groupId>
|
||||
<artifactId>spring-boot-starter-websocket</artifactId>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>org.springframework.boot</groupId>
|
||||
<artifactId>spring-boot-starter-tomcat</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
</project>
|
||||
|
@ -37,6 +37,7 @@ public class GenUtils {
|
||||
public static void initColumnField(GenTableColumn column, GenTable table) {
|
||||
String dataType = getDbType(column.getColumnType());
|
||||
String columnName = column.getColumnName();
|
||||
column.setTableId(table.getTableId());
|
||||
// 设置java字段名
|
||||
column.setJavaField(StringUtils.toCamelCase(columnName));
|
||||
// 设置默认类型
|
||||
|
@ -1,7 +1,7 @@
|
||||
package org.dromara.system.service.impl;
|
||||
|
||||
import cn.dev33.satoken.stp.StpUtil;
|
||||
import org.dromara.common.core.utils.StringUtils;
|
||||
import cn.hutool.core.util.ArrayUtil;
|
||||
import org.dromara.common.satoken.utils.LoginHelper;
|
||||
import org.dromara.common.sensitive.core.SensitiveService;
|
||||
import org.dromara.common.tenant.helper.TenantHelper;
|
||||
@ -22,19 +22,19 @@ public class SysSensitiveServiceImpl implements SensitiveService {
|
||||
* 是否脱敏
|
||||
*/
|
||||
@Override
|
||||
public boolean isSensitive(String roleKey, String perms) {
|
||||
public boolean isSensitive(String[] roleKey, String[] perms) {
|
||||
if (!LoginHelper.isLogin()) {
|
||||
return true;
|
||||
}
|
||||
boolean roleExist = StringUtils.isNotBlank(roleKey);
|
||||
boolean permsExist = StringUtils.isNotBlank(perms);
|
||||
boolean roleExist = ArrayUtil.isNotEmpty(roleKey);
|
||||
boolean permsExist = ArrayUtil.isNotEmpty(perms);
|
||||
if (roleExist && permsExist) {
|
||||
if (StpUtil.hasRole(roleKey) && StpUtil.hasPermission(perms)) {
|
||||
if (StpUtil.hasRoleOr(roleKey) && StpUtil.hasPermissionOr(perms)) {
|
||||
return false;
|
||||
}
|
||||
} else if (roleExist && StpUtil.hasRole(roleKey)) {
|
||||
} else if (roleExist && StpUtil.hasRoleOr(roleKey)) {
|
||||
return false;
|
||||
} else if (permsExist && StpUtil.hasPermission(perms)) {
|
||||
} else if (permsExist && StpUtil.hasPermissionOr(perms)) {
|
||||
return false;
|
||||
}
|
||||
|
||||
|
Loading…
x
Reference in New Issue
Block a user