caojiahao/dev_caojiahao
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

几个代码编译问题处理

Browse Source
This commit is contained in:
Chopper 2021-12-07 04:33:51 +08:00
parent b8b14df39b
commit 7b98d1d9d0
7 changed files with 110 additions and 103 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
common-api/src/main/java/cn/lili/controller/common/FileController.java
View File

@ -78,9 +78,7 @@ public class FileController {
} }
throw new ServiceException(ResultCode.USER_AUTHORITY_ERROR); throw new ServiceException(ResultCode.USER_AUTHORITY_ERROR);
case MANAGER: case MANAGER:
if (file.getUserEnums().equals(authUser.getRole().name())) { break;
break;
}
default: default:
throw new ServiceException(ResultCode.USER_AUTHORITY_ERROR); throw new ServiceException(ResultCode.USER_AUTHORITY_ERROR);
} }

141
framework/src/main/java/cn/lili/common/security/filter/XssHttpServletRequestWrapper.java
View File

@ -4,6 +4,7 @@ package cn.lili.common.security.filter;
import cn.hutool.core.text.CharSequenceUtil; import cn.hutool.core.text.CharSequenceUtil;
import cn.hutool.http.HtmlUtil; import cn.hutool.http.HtmlUtil;
import cn.hutool.json.JSONUtil; import cn.hutool.json.JSONUtil;
import lombok.extern.slf4j.Slf4j;
import org.owasp.html.Sanitizers; import org.owasp.html.Sanitizers;
import javax.servlet.ReadListener; import javax.servlet.ReadListener;
@ -27,6 +28,7 @@ import java.util.Map;
* @version v1.0 * @version v1.0
* 2021-06-04 10:39 * 2021-06-04 10:39
*/ */
@Slf4j
public class XssHttpServletRequestWrapper extends HttpServletRequestWrapper { public class XssHttpServletRequestWrapper extends HttpServletRequestWrapper {
@ -141,45 +143,72 @@ public class XssHttpServletRequestWrapper extends HttpServletRequestWrapper {
*/ */
@Override @Override
public ServletInputStream getInputStream() throws IOException { public ServletInputStream getInputStream() throws IOException {
//获取输入流
ServletInputStream in = super.getInputStream();
//用于存储输入流
StringBuilder body = new StringBuilder();
InputStreamReader reader = new InputStreamReader(in, StandardCharsets.UTF_8);
BufferedReader bufferedReader = new BufferedReader(reader);
//按行读取输入流
String line = bufferedReader.readLine();
while (line != null) {
//将获取到的第一行数据append到StringBuffer中
body.append(line);
//继续读取下一行流直到line为空
line = bufferedReader.readLine();
}
//关闭流
bufferedReader.close();
reader.close();
in.close();
if (CharSequenceUtil.isNotEmpty(body) && Boolean.TRUE.equals(JSONUtil.isJsonObj(body.toString()))) { BufferedReader bufferedReader = null;
//将body转换为map
Map<String, Object> map = JSONUtil.parseObj(body.toString()); InputStreamReader reader = null;
//创建空的map用于存储结果
Map<String, Object> resultMap = new HashMap<>(map.size()); //获取输入流
//遍历数组 ServletInputStream in = null;
for (Map.Entry<String, Object> entry : map.entrySet()) { try {
//如果map.get(key)获取到的是字符串就需要进行处理如果不是直接存储resultMap in = super.getInputStream();
if (map.get(entry.getKey()) instanceof String) { //用于存储输入流
resultMap.put(entry.getKey(), filterXss(entry.getKey(), entry.getValue().toString())); StringBuilder body = new StringBuilder();
} else { reader = new InputStreamReader(in, StandardCharsets.UTF_8);
resultMap.put(entry.getKey(), entry.getValue()); bufferedReader = new BufferedReader(reader);
//按行读取输入流
String line = bufferedReader.readLine();
while (line != null) {
//将获取到的第一行数据append到StringBuffer中
body.append(line);
//继续读取下一行流直到line为空
line = bufferedReader.readLine();
}
if (CharSequenceUtil.isNotEmpty(body) && Boolean.TRUE.equals(JSONUtil.isJsonObj(body.toString()))) {
//将body转换为map
Map<String, Object> map = JSONUtil.parseObj(body.toString());
//创建空的map用于存储结果
Map<String, Object> resultMap = new HashMap<>(map.size());
//遍历数组
for (Map.Entry<String, Object> entry : map.entrySet()) {
//如果map.get(key)获取到的是字符串就需要进行处理如果不是直接存储resultMap
if (map.get(entry.getKey()) instanceof String) {
resultMap.put(entry.getKey(), filterXss(entry.getKey(), entry.getValue().toString()));
} else {
resultMap.put(entry.getKey(), entry.getValue());
}
} }
//将resultMap转换为json字符串
String resultStr = JSONUtil.toJsonStr(resultMap);
//将json字符串转换为字节
final ByteArrayInputStream resultBIS = new ByteArrayInputStream(resultStr.getBytes());
//实现接口
return new ServletInputStream() {
@Override
public boolean isFinished() {
return false;
}
@Override
public boolean isReady() {
return false;
}
@Override
public void setReadListener(ReadListener readListener) {
}
@Override
public int read() {
return resultBIS.read();
}
};
} }
//将resultMap转换为json字符串
String resultStr = JSONUtil.toJsonStr(resultMap);
//将json字符串转换为字节 //将json字符串转换为字节
final ByteArrayInputStream resultBIS = new ByteArrayInputStream(resultStr.getBytes()); final ByteArrayInputStream bis = new ByteArrayInputStream(body.toString().getBytes());
//实现接口 //实现接口
return new ServletInputStream() { return new ServletInputStream() {
@Override @Override
@ -194,41 +223,31 @@ public class XssHttpServletRequestWrapper extends HttpServletRequestWrapper {
@Override @Override
public void setReadListener(ReadListener readListener) { public void setReadListener(ReadListener readListener) {
} }
@Override @Override
public int read() { public int read() {
return resultBIS.read(); return bis.read();
} }
}; };
} catch (Exception e) {
log.error("get request inputStream error", e);
return null;
} finally {
//关闭流
if (bufferedReader != null) {
bufferedReader.close();
}
if (reader != null) {
reader.close();
}
if (in != null) {
in.close();
}
} }
//将json字符串转换为字节
final ByteArrayInputStream bis = new ByteArrayInputStream(body.toString().getBytes());
//实现接口
return new ServletInputStream() {
@Override
public boolean isFinished() {
return false;
}
@Override
public boolean isReady() {
return false;
}
@Override
public void setReadListener(ReadListener readListener) {
}
@Override
public int read() {
return bis.read();
}
};
} }
private String cleanXSS(String value) { private String cleanXSS(String value) {

13
framework/src/main/java/cn/lili/common/utils/Base64DecodeMultipartFile.java
View File

@ -55,7 +55,7 @@ public class Base64DecodeMultipartFile implements MultipartFile {
} }
@Override @Override
public InputStream getInputStream() throws IOException { public InputStream getInputStream() {
return new ByteArrayInputStream(imgContent); return new ByteArrayInputStream(imgContent);
} }
@ -66,8 +66,9 @@ public class Base64DecodeMultipartFile implements MultipartFile {
stream = new FileOutputStream(dest); stream = new FileOutputStream(dest);
stream.write(imgContent); stream.write(imgContent);
} catch (IOException e) { } catch (IOException e) {
log.error("transferTo错误",e); log.error("transferTo错误", e);
}finally { } finally {
assert stream != null;
stream.close(); stream.close();
} }
} }
@ -94,7 +95,7 @@ public class Base64DecodeMultipartFile implements MultipartFile {
byte[] bytes = Base64.getDecoder().decode(base64); byte[] bytes = Base64.getDecoder().decode(base64);
stream = new ByteArrayInputStream(bytes); stream = new ByteArrayInputStream(bytes);
} catch (Exception e) { } catch (Exception e) {
log.error("base64ToInputStream错误",e); log.error("base64ToInputStream错误", e);
} }
return stream; return stream;
} }
@ -111,13 +112,13 @@ public class Base64DecodeMultipartFile implements MultipartFile {
} }
data = swapStream.toByteArray(); data = swapStream.toByteArray();
} catch (IOException e) { } catch (IOException e) {
log.error("转码错误",e); log.error("转码错误", e);
} finally { } finally {
if (in != null) { if (in != null) {
try { try {
in.close(); in.close();
} catch (IOException e) { } catch (IOException e) {
log.error("inputStreamToStream错误",e); log.error("inputStreamToStream错误", e);
} }
} }
} }

11
framework/src/main/java/cn/lili/common/utils/BeanUtil.java
View File

@ -16,7 +16,7 @@ public class BeanUtil {
* 复制属性 * 复制属性
* *
* @param objectFrom 源自对象 * @param objectFrom 源自对象
* @param objectTo 复制给对象 * @param objectTo 复制给对象
*/ */
public static void copyProperties(Object objectFrom, Object objectTo) { public static void copyProperties(Object objectFrom, Object objectTo) {
BeanUtils.copyProperties(objectFrom, objectTo); BeanUtils.copyProperties(objectFrom, objectTo);
@ -25,6 +25,7 @@ public class BeanUtil {
/** /**
* 获取属性名数组 * 获取属性名数组
*
* @param o 获取字段的对象 * @param o 获取字段的对象
* @return 返回各个字段 * @return 返回各个字段
*/ */
@ -49,8 +50,9 @@ public class BeanUtil {
/** /**
* 根据属性名获取属性值 * 根据属性名获取属性值
*
* @param fieldName 属性名 * @param fieldName 属性名
* @param o 对象 * @param o 对象
* @return 属性值 * @return 属性值
*/ */
public static Object getFieldValueByName(String fieldName, Object o) { public static Object getFieldValueByName(String fieldName, Object o) {
@ -69,6 +71,7 @@ public class BeanUtil {
/** /**
* 将对象转换为key value * 将对象转换为key value
* A=a&B=b&C=c 格式 * A=a&B=b&C=c 格式
*
* @param object 对象 * @param object 对象
* @return 格式化结果 * @return 格式化结果
*/ */
@ -87,6 +90,7 @@ public class BeanUtil {
String key = fieldNames[j]; String key = fieldNames[j];
//获取值 //获取值
Object value = BeanUtil.getFieldValueByName(key, object); Object value = BeanUtil.getFieldValueByName(key, object);
assert value != null;
stringBuffer.append(key).append("=").append(value.toString()); stringBuffer.append(key).append("=").append(value.toString());
} }
return stringBuffer.toString(); return stringBuffer.toString();
@ -95,8 +99,9 @@ public class BeanUtil {
/** /**
* key value键值对 转换为 对象 * key value键值对 转换为 对象
* A=a&B=b&C=c 格式 转换为对象 * A=a&B=b&C=c 格式 转换为对象
*
* @param str 对象字符串 * @param str 对象字符串
* @param t 范型 * @param t 范型
* @param <T> 范型 * @param <T> 范型
* @return 格式化结果 * @return 格式化结果
*/ */

37
framework/src/main/java/cn/lili/common/utils/CurrencyUtil.java
View File

@ -29,8 +29,8 @@ public final class CurrencyUtil {
* @return 两个参数的和 * @return 两个参数的和
*/ */
public static Double add(double v1, double v2) { public static Double add(double v1, double v2) {
BigDecimal b1 = new BigDecimal(v1); BigDecimal b1 = BigDecimal.valueOf(v1);
BigDecimal b2 = new BigDecimal(v2); BigDecimal b2 = BigDecimal.valueOf(v2);
return b1.add(b2).setScale(2, RoundingMode.HALF_UP).doubleValue(); return b1.add(b2).setScale(2, RoundingMode.HALF_UP).doubleValue();
} }
@ -42,8 +42,8 @@ public final class CurrencyUtil {
* @return 两个参数的差 * @return 两个参数的差
*/ */
public static double sub(double v1, double v2) { public static double sub(double v1, double v2) {
BigDecimal b1 = new BigDecimal(v1); BigDecimal b1 = BigDecimal.valueOf(v1);
BigDecimal b2 = new BigDecimal(v2); BigDecimal b2 = BigDecimal.valueOf(v2);
return b1.subtract(b2).setScale(2, RoundingMode.HALF_UP).doubleValue(); return b1.subtract(b2).setScale(2, RoundingMode.HALF_UP).doubleValue();
} }
@ -55,8 +55,8 @@ public final class CurrencyUtil {
* @return 两个参数的积 * @return 两个参数的积
*/ */
public static Double mul(double v1, double v2) { public static Double mul(double v1, double v2) {
BigDecimal b1 = new BigDecimal(v1); BigDecimal b1 = BigDecimal.valueOf(v1);
BigDecimal b2 = new BigDecimal(v2); BigDecimal b2 = BigDecimal.valueOf(v2);
return b1.multiply(b2).setScale(2, RoundingMode.HALF_UP).doubleValue(); return b1.multiply(b2).setScale(2, RoundingMode.HALF_UP).doubleValue();
} }
@ -73,8 +73,8 @@ public final class CurrencyUtil {
throw new IllegalArgumentException( throw new IllegalArgumentException(
"The scale must be a positive integer or zero"); "The scale must be a positive integer or zero");
} }
BigDecimal b1 = new BigDecimal(v1); BigDecimal b1 = BigDecimal.valueOf(v1);
BigDecimal b2 = new BigDecimal(v2); BigDecimal b2 = BigDecimal.valueOf(v2);
return b1.multiply(b2).setScale(scale, RoundingMode.HALF_UP).doubleValue(); return b1.multiply(b2).setScale(scale, RoundingMode.HALF_UP).doubleValue();
} }
@ -106,28 +106,11 @@ public final class CurrencyUtil {
if (v2 == 0) { if (v2 == 0) {
return 0; return 0;
} }
BigDecimal b1 = new BigDecimal(v1); BigDecimal b1 = BigDecimal.valueOf(v1);
BigDecimal b2 = new BigDecimal(v2); BigDecimal b2 = BigDecimal.valueOf(v2);
return b1.divide(b2, scale, RoundingMode.HALF_UP).doubleValue(); return b1.divide(b2, scale, RoundingMode.HALF_UP).doubleValue();
} }
/**
* 提供精确的小数位四舍五入处理
*
* @param v 需要四舍五入的数字
* @param scale 小数点后保留几位
* @return 四舍五入后的结果
*/
public static double round(double v, int scale) {
if (scale < 0) {
throw new IllegalArgumentException(
"The scale must be a positive integer or zero");
}
BigDecimal b = new BigDecimal(v);
BigDecimal one = new BigDecimal("1");
return b.divide(one, scale, RoundingMode.HALF_UP).doubleValue();
}
/** /**
* 金额转分 * 金额转分
* *

4
framework/src/main/java/cn/lili/common/utils/DateUtil.java
View File

@ -273,7 +273,7 @@ public class DateUtil {
* @return 时间戳 * @return 时间戳
*/ */
public static long getDateline(String date) { public static long getDateline(String date) {
return toDate(date, STANDARD_DATE_FORMAT).getTime() / 1000; return Objects.requireNonNull(toDate(date, STANDARD_DATE_FORMAT)).getTime() / 1000;
} }
/** /**
@ -311,7 +311,7 @@ public class DateUtil {
* @return 时间戳 * @return 时间戳
*/ */
public static long getDateline(String date, String pattern) { public static long getDateline(String date, String pattern) {
return toDate(date, pattern).getTime() / 1000; return Objects.requireNonNull(toDate(date, pattern)).getTime() / 1000;
} }
/** /**

3
framework/src/main/java/cn/lili/modules/goods/util/WechatMediaUtil.java
View File

@ -105,8 +105,9 @@ public class WechatMediaUtil {
} catch (Exception e) { } catch (Exception e) {
log.error("微信媒体上传失败", e); log.error("微信媒体上传失败", e);
} }
assert resultStr != null;
JSONObject jsonObject = new JSONObject(resultStr.toString()); JSONObject jsonObject = new JSONObject(resultStr.toString());
log.info("微信媒体上传:" + jsonObject.toString()); log.info("微信媒体上传:" + jsonObject);
//判断是否传递成功如果token过期则重新获取 //判断是否传递成功如果token过期则重新获取
if (jsonObject.get("errcode") != null && ("40001").equals(jsonObject.get("errcode"))) { if (jsonObject.get("errcode") != null && ("40001").equals(jsonObject.get("errcode"))) {
wechatAccessTokenUtil.removeAccessToken(ClientTypeEnum.WECHAT_MP); wechatAccessTokenUtil.removeAccessToken(ClientTypeEnum.WECHAT_MP);