diff --git a/ruoyi-common/ruoyi-common-core/src/main/java/org/dromara/common/core/utils/ObjectUtils.java b/ruoyi-common/ruoyi-common-core/src/main/java/org/dromara/common/core/utils/ObjectUtils.java index 82faf2c57..93617b018 100644 --- a/ruoyi-common/ruoyi-common-core/src/main/java/org/dromara/common/core/utils/ObjectUtils.java +++ b/ruoyi-common/ruoyi-common-core/src/main/java/org/dromara/common/core/utils/ObjectUtils.java @@ -43,19 +43,6 @@ public class ObjectUtils extends ObjectUtil { return defaultValue; } - /** - * 如果值不为空,则返回值 - * - * @param obj 对象 - * @return 对象字段 - */ - public static T notNull(T obj) { - if (isNotNull(obj)) { - return obj; - } - return null; - } - /** * 如果值不为空,则返回值,否则返回默认值 * diff --git a/ruoyi-common/ruoyi-common-mybatis/src/main/java/org/dromara/common/mybatis/handler/InjectionMetaObjectHandler.java b/ruoyi-common/ruoyi-common-mybatis/src/main/java/org/dromara/common/mybatis/handler/InjectionMetaObjectHandler.java index 85ef2e97a..fec25792a 100644 --- a/ruoyi-common/ruoyi-common-mybatis/src/main/java/org/dromara/common/mybatis/handler/InjectionMetaObjectHandler.java +++ b/ruoyi-common/ruoyi-common-mybatis/src/main/java/org/dromara/common/mybatis/handler/InjectionMetaObjectHandler.java @@ -71,7 +71,10 @@ public class InjectionMetaObjectHandler implements MetaObjectHandler { baseEntity.setUpdateTime(current); // 获取当前登录用户的ID,并填充更新人信息 - baseEntity.setUpdateBy(ObjectUtils.notNull(LoginHelper.getUserId())); + Long userId = LoginHelper.getUserId(); + if (ObjectUtil.isNotNull(userId)) { + baseEntity.setUpdateBy(userId); + } } else { this.strictUpdateFill(metaObject, "updateTime", Date.class, new Date()); } diff --git a/ruoyi-common/ruoyi-common-sensitive/src/main/java/org/dromara/common/sensitive/annotation/Sensitive.java b/ruoyi-common/ruoyi-common-sensitive/src/main/java/org/dromara/common/sensitive/annotation/Sensitive.java index 1dfc896ff..e75dc5bf2 100644 --- a/ruoyi-common/ruoyi-common-sensitive/src/main/java/org/dromara/common/sensitive/annotation/Sensitive.java +++ b/ruoyi-common/ruoyi-common-sensitive/src/main/java/org/dromara/common/sensitive/annotation/Sensitive.java @@ -22,7 +22,13 @@ import java.lang.annotation.Target; public @interface Sensitive { SensitiveStrategy strategy(); - String roleKey() default ""; + /** + * 角色标识符 多个角色满足一个即可 + */ + String[] roleKey() default {}; - String perms() default ""; + /** + * 权限标识符 多个权限满足一个即可 + */ + String[] perms() default {}; } diff --git a/ruoyi-common/ruoyi-common-sensitive/src/main/java/org/dromara/common/sensitive/core/SensitiveService.java b/ruoyi-common/ruoyi-common-sensitive/src/main/java/org/dromara/common/sensitive/core/SensitiveService.java index 7b5264b87..03a7f9c75 100644 --- a/ruoyi-common/ruoyi-common-sensitive/src/main/java/org/dromara/common/sensitive/core/SensitiveService.java +++ b/ruoyi-common/ruoyi-common-sensitive/src/main/java/org/dromara/common/sensitive/core/SensitiveService.java @@ -13,6 +13,6 @@ public interface SensitiveService { /** * 是否脱敏 */ - boolean isSensitive(String roleKey, String perms); + boolean isSensitive(String[] roleKey, String[] perms); } diff --git a/ruoyi-common/ruoyi-common-sensitive/src/main/java/org/dromara/common/sensitive/handler/SensitiveHandler.java b/ruoyi-common/ruoyi-common-sensitive/src/main/java/org/dromara/common/sensitive/handler/SensitiveHandler.java index c76c83a98..d454724d7 100644 --- a/ruoyi-common/ruoyi-common-sensitive/src/main/java/org/dromara/common/sensitive/handler/SensitiveHandler.java +++ b/ruoyi-common/ruoyi-common-sensitive/src/main/java/org/dromara/common/sensitive/handler/SensitiveHandler.java @@ -26,8 +26,8 @@ import java.util.Objects; public class SensitiveHandler extends JsonSerializer implements ContextualSerializer { private SensitiveStrategy strategy; - private String roleKey; - private String perms; + private String[] roleKey; + private String[] perms; @Override public void serialize(String value, JsonGenerator gen, SerializerProvider serializers) throws IOException { diff --git a/ruoyi-common/ruoyi-common-web/src/main/java/org/dromara/common/web/filter/XssHttpServletRequestWrapper.java b/ruoyi-common/ruoyi-common-web/src/main/java/org/dromara/common/web/filter/XssHttpServletRequestWrapper.java index 190f94eab..914e54995 100644 --- a/ruoyi-common/ruoyi-common-web/src/main/java/org/dromara/common/web/filter/XssHttpServletRequestWrapper.java +++ b/ruoyi-common/ruoyi-common-web/src/main/java/org/dromara/common/web/filter/XssHttpServletRequestWrapper.java @@ -1,19 +1,22 @@ package org.dromara.common.web.filter; import cn.hutool.core.io.IoUtil; +import cn.hutool.core.map.MapUtil; +import cn.hutool.core.util.ArrayUtil; import cn.hutool.core.util.StrUtil; import cn.hutool.http.HtmlUtil; -import org.dromara.common.core.utils.StringUtils; -import org.springframework.http.HttpHeaders; -import org.springframework.http.MediaType; - import jakarta.servlet.ReadListener; import jakarta.servlet.ServletInputStream; import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletRequestWrapper; +import org.dromara.common.core.utils.StringUtils; +import org.springframework.http.HttpHeaders; +import org.springframework.http.MediaType; + import java.io.ByteArrayInputStream; import java.io.IOException; import java.nio.charset.StandardCharsets; +import java.util.HashMap; import java.util.Map; /** @@ -32,16 +35,22 @@ public class XssHttpServletRequestWrapper extends HttpServletRequestWrapper { @Override public String getParameter(String name) { String value = super.getParameter(name); - if (value != null) { - return HtmlUtil.cleanHtmlTag(value).trim(); + if (value == null) { + return null; } - return value; + return HtmlUtil.cleanHtmlTag(value).trim(); } @Override public Map getParameterMap() { Map valueMap = super.getParameterMap(); - for (Map.Entry entry : valueMap.entrySet()) { + if (MapUtil.isEmpty(valueMap)) { + return valueMap; + } + // 避免某些容器不允许改参数的情况 copy一份重新改 + Map map = new HashMap<>(valueMap.size()); + map.putAll(valueMap); + for (Map.Entry entry : map.entrySet()) { String[] values = entry.getValue(); if (values != null) { int length = values.length; @@ -50,25 +59,25 @@ public class XssHttpServletRequestWrapper extends HttpServletRequestWrapper { // 防xss攻击和过滤前后空格 escapseValues[i] = HtmlUtil.cleanHtmlTag(values[i]).trim(); } - valueMap.put(entry.getKey(), escapseValues); + map.put(entry.getKey(), escapseValues); } } - return valueMap; + return map; } @Override public String[] getParameterValues(String name) { String[] values = super.getParameterValues(name); - if (values != null) { - int length = values.length; - String[] escapseValues = new String[length]; - for (int i = 0; i < length; i++) { - // 防xss攻击和过滤前后空格 - escapseValues[i] = HtmlUtil.cleanHtmlTag(values[i]).trim(); - } - return escapseValues; + if (ArrayUtil.isEmpty(values)) { + return values; } - return values; + int length = values.length; + String[] escapseValues = new String[length]; + for (int i = 0; i < length; i++) { + // 防xss攻击和过滤前后空格 + escapseValues[i] = HtmlUtil.cleanHtmlTag(values[i]).trim(); + } + return escapseValues; } @Override diff --git a/ruoyi-common/ruoyi-common-websocket/pom.xml b/ruoyi-common/ruoyi-common-websocket/pom.xml index db86dcbe4..0587cd79a 100644 --- a/ruoyi-common/ruoyi-common-websocket/pom.xml +++ b/ruoyi-common/ruoyi-common-websocket/pom.xml @@ -35,6 +35,12 @@ org.springframework.boot spring-boot-starter-websocket + + + org.springframework.boot + spring-boot-starter-tomcat + + diff --git a/ruoyi-modules/ruoyi-generator/src/main/java/org/dromara/generator/util/GenUtils.java b/ruoyi-modules/ruoyi-generator/src/main/java/org/dromara/generator/util/GenUtils.java index 676896250..0981997d8 100644 --- a/ruoyi-modules/ruoyi-generator/src/main/java/org/dromara/generator/util/GenUtils.java +++ b/ruoyi-modules/ruoyi-generator/src/main/java/org/dromara/generator/util/GenUtils.java @@ -37,6 +37,7 @@ public class GenUtils { public static void initColumnField(GenTableColumn column, GenTable table) { String dataType = getDbType(column.getColumnType()); String columnName = column.getColumnName(); + column.setTableId(table.getTableId()); // 设置java字段名 column.setJavaField(StringUtils.toCamelCase(columnName)); // 设置默认类型 diff --git a/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/impl/SysSensitiveServiceImpl.java b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/impl/SysSensitiveServiceImpl.java index 5f4d121b1..8a0d45ef3 100644 --- a/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/impl/SysSensitiveServiceImpl.java +++ b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/service/impl/SysSensitiveServiceImpl.java @@ -1,7 +1,7 @@ package org.dromara.system.service.impl; import cn.dev33.satoken.stp.StpUtil; -import org.dromara.common.core.utils.StringUtils; +import cn.hutool.core.util.ArrayUtil; import org.dromara.common.satoken.utils.LoginHelper; import org.dromara.common.sensitive.core.SensitiveService; import org.dromara.common.tenant.helper.TenantHelper; @@ -22,19 +22,19 @@ public class SysSensitiveServiceImpl implements SensitiveService { * 是否脱敏 */ @Override - public boolean isSensitive(String roleKey, String perms) { + public boolean isSensitive(String[] roleKey, String[] perms) { if (!LoginHelper.isLogin()) { return true; } - boolean roleExist = StringUtils.isNotBlank(roleKey); - boolean permsExist = StringUtils.isNotBlank(perms); + boolean roleExist = ArrayUtil.isNotEmpty(roleKey); + boolean permsExist = ArrayUtil.isNotEmpty(perms); if (roleExist && permsExist) { - if (StpUtil.hasRole(roleKey) && StpUtil.hasPermission(perms)) { + if (StpUtil.hasRoleOr(roleKey) && StpUtil.hasPermissionOr(perms)) { return false; } - } else if (roleExist && StpUtil.hasRole(roleKey)) { + } else if (roleExist && StpUtil.hasRoleOr(roleKey)) { return false; - } else if (permsExist && StpUtil.hasPermission(perms)) { + } else if (permsExist && StpUtil.hasPermissionOr(perms)) { return false; }