Merge remote-tracking branch 'origin/dev' into warm-flow-future

This commit is contained in:
AprilWind 2024-11-13 10:20:02 +08:00
commit 4f82f2b315
9 changed files with 57 additions and 45 deletions

View File

@ -43,19 +43,6 @@ public class ObjectUtils extends ObjectUtil {
return defaultValue;
}
/**
* 如果值不为空则返回值
*
* @param obj 对象
* @return 对象字段
*/
public static <T> T notNull(T obj) {
if (isNotNull(obj)) {
return obj;
}
return null;
}
/**
* 如果值不为空则返回值否则返回默认值
*

View File

@ -71,7 +71,10 @@ public class InjectionMetaObjectHandler implements MetaObjectHandler {
baseEntity.setUpdateTime(current);
// 获取当前登录用户的ID并填充更新人信息
baseEntity.setUpdateBy(ObjectUtils.notNull(LoginHelper.getUserId()));
Long userId = LoginHelper.getUserId();
if (ObjectUtil.isNotNull(userId)) {
baseEntity.setUpdateBy(userId);
}
} else {
this.strictUpdateFill(metaObject, "updateTime", Date.class, new Date());
}

View File

@ -22,7 +22,13 @@ import java.lang.annotation.Target;
public @interface Sensitive {
SensitiveStrategy strategy();
String roleKey() default "";
/**
* 角色标识符 多个角色满足一个即可
*/
String[] roleKey() default {};
String perms() default "";
/**
* 权限标识符 多个权限满足一个即可
*/
String[] perms() default {};
}

View File

@ -13,6 +13,6 @@ public interface SensitiveService {
/**
* 是否脱敏
*/
boolean isSensitive(String roleKey, String perms);
boolean isSensitive(String[] roleKey, String[] perms);
}

View File

@ -26,8 +26,8 @@ import java.util.Objects;
public class SensitiveHandler extends JsonSerializer<String> implements ContextualSerializer {
private SensitiveStrategy strategy;
private String roleKey;
private String perms;
private String[] roleKey;
private String[] perms;
@Override
public void serialize(String value, JsonGenerator gen, SerializerProvider serializers) throws IOException {

View File

@ -1,19 +1,22 @@
package org.dromara.common.web.filter;
import cn.hutool.core.io.IoUtil;
import cn.hutool.core.map.MapUtil;
import cn.hutool.core.util.ArrayUtil;
import cn.hutool.core.util.StrUtil;
import cn.hutool.http.HtmlUtil;
import org.dromara.common.core.utils.StringUtils;
import org.springframework.http.HttpHeaders;
import org.springframework.http.MediaType;
import jakarta.servlet.ReadListener;
import jakarta.servlet.ServletInputStream;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletRequestWrapper;
import org.dromara.common.core.utils.StringUtils;
import org.springframework.http.HttpHeaders;
import org.springframework.http.MediaType;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.util.HashMap;
import java.util.Map;
/**
@ -32,16 +35,22 @@ public class XssHttpServletRequestWrapper extends HttpServletRequestWrapper {
@Override
public String getParameter(String name) {
String value = super.getParameter(name);
if (value != null) {
return HtmlUtil.cleanHtmlTag(value).trim();
if (value == null) {
return null;
}
return value;
return HtmlUtil.cleanHtmlTag(value).trim();
}
@Override
public Map<String, String[]> getParameterMap() {
Map<String, String[]> valueMap = super.getParameterMap();
for (Map.Entry<String, String[]> entry : valueMap.entrySet()) {
if (MapUtil.isEmpty(valueMap)) {
return valueMap;
}
// 避免某些容器不允许改参数的情况 copy一份重新改
Map<String, String[]> map = new HashMap<>(valueMap.size());
map.putAll(valueMap);
for (Map.Entry<String, String[]> entry : map.entrySet()) {
String[] values = entry.getValue();
if (values != null) {
int length = values.length;
@ -50,25 +59,25 @@ public class XssHttpServletRequestWrapper extends HttpServletRequestWrapper {
// 防xss攻击和过滤前后空格
escapseValues[i] = HtmlUtil.cleanHtmlTag(values[i]).trim();
}
valueMap.put(entry.getKey(), escapseValues);
map.put(entry.getKey(), escapseValues);
}
}
return valueMap;
return map;
}
@Override
public String[] getParameterValues(String name) {
String[] values = super.getParameterValues(name);
if (values != null) {
int length = values.length;
String[] escapseValues = new String[length];
for (int i = 0; i < length; i++) {
// 防xss攻击和过滤前后空格
escapseValues[i] = HtmlUtil.cleanHtmlTag(values[i]).trim();
}
return escapseValues;
if (ArrayUtil.isEmpty(values)) {
return values;
}
return values;
int length = values.length;
String[] escapseValues = new String[length];
for (int i = 0; i < length; i++) {
// 防xss攻击和过滤前后空格
escapseValues[i] = HtmlUtil.cleanHtmlTag(values[i]).trim();
}
return escapseValues;
}
@Override

View File

@ -35,6 +35,12 @@
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-websocket</artifactId>
<exclusions>
<exclusion>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-tomcat</artifactId>
</exclusion>
</exclusions>
</dependency>
</dependencies>
</project>

View File

@ -37,6 +37,7 @@ public class GenUtils {
public static void initColumnField(GenTableColumn column, GenTable table) {
String dataType = getDbType(column.getColumnType());
String columnName = column.getColumnName();
column.setTableId(table.getTableId());
// 设置java字段名
column.setJavaField(StringUtils.toCamelCase(columnName));
// 设置默认类型

View File

@ -1,7 +1,7 @@
package org.dromara.system.service.impl;
import cn.dev33.satoken.stp.StpUtil;
import org.dromara.common.core.utils.StringUtils;
import cn.hutool.core.util.ArrayUtil;
import org.dromara.common.satoken.utils.LoginHelper;
import org.dromara.common.sensitive.core.SensitiveService;
import org.dromara.common.tenant.helper.TenantHelper;
@ -22,19 +22,19 @@ public class SysSensitiveServiceImpl implements SensitiveService {
* 是否脱敏
*/
@Override
public boolean isSensitive(String roleKey, String perms) {
public boolean isSensitive(String[] roleKey, String[] perms) {
if (!LoginHelper.isLogin()) {
return true;
}
boolean roleExist = StringUtils.isNotBlank(roleKey);
boolean permsExist = StringUtils.isNotBlank(perms);
boolean roleExist = ArrayUtil.isNotEmpty(roleKey);
boolean permsExist = ArrayUtil.isNotEmpty(perms);
if (roleExist && permsExist) {
if (StpUtil.hasRole(roleKey) && StpUtil.hasPermission(perms)) {
if (StpUtil.hasRoleOr(roleKey) && StpUtil.hasPermissionOr(perms)) {
return false;
}
} else if (roleExist && StpUtil.hasRole(roleKey)) {
} else if (roleExist && StpUtil.hasRoleOr(roleKey)) {
return false;
} else if (permsExist && StpUtil.hasPermission(perms)) {
} else if (permsExist && StpUtil.hasPermissionOr(perms)) {
return false;
}