Merge branch 'master' of gitee.com:beijing_hongye_huicheng/lilishop into feature/pg

# Conflicts:
#	framework/src/main/java/cn/lili/common/security/filter/XssHttpServletRequestWrapper.java

framework/src/main/java/cn/lili/common/security/filter/XssHttpServletRequestWrapper.java

@@ -29,7 +29,13 @@ import java.util.Map;
  */
 public class XssHttpServletRequestWrapper extends HttpServletRequestWrapper {
 
-    private static final String[] ignoreField = {"logo", "url", "photo", "intro", "content", "name", "image"};
+
+    /**
+     * xss过滤参数
+     *
+     * @todo 这里的参数应该更智能些，例如iv，前端的参数包含这两个字母就会放过，这是有问题的
+     */
+    private static final String[] IGNORE_FIELD = {"logo", "url", "photo", "intro", "content", "name", "image", "encrypted", "iv","mail"};
 
     public XssHttpServletRequestWrapper(HttpServletRequest request) {
         super(request);
@@ -227,7 +233,7 @@ public class XssHttpServletRequestWrapper extends HttpServletRequestWrapper {
      * @return 参数值
      */
     private String filterXss(String name, String value) {
-        if (CharSequenceUtil.containsAny(name.toLowerCase(Locale.ROOT), ignoreField)) {
+        if (CharSequenceUtil.containsAny(name.toLowerCase(Locale.ROOT), IGNORE_FIELD)) {
             // 忽略的处理，（过滤敏感字符）
             return HtmlUtil.unescape(HtmlUtil.filter(value));
         } else {

framework/src/main/java/cn/lili/modules/connect/serviceimpl/ConnectServiceImpl.java

@@ -4,16 +4,15 @@ import cn.hutool.json.JSONObject;
 import cn.hutool.json.JSONUtil;
 import cn.lili.cache.Cache;
 import cn.lili.cache.CachePrefix;
+import cn.lili.common.context.ThreadContextHolder;
+import cn.lili.common.enums.ClientTypeEnum;
 import cn.lili.common.enums.ResultCode;
 import cn.lili.common.exception.ServiceException;
 import cn.lili.common.security.AuthUser;
 import cn.lili.common.security.context.UserContext;
 import cn.lili.common.security.token.Token;
-import cn.lili.modules.member.token.MemberTokenGenerate;
 import cn.lili.common.utils.CookieUtil;
 import cn.lili.common.utils.StringUtils;
-import cn.lili.common.context.ThreadContextHolder;
-import cn.lili.common.enums.ClientTypeEnum;
 import cn.lili.modules.connect.entity.Connect;
 import cn.lili.modules.connect.entity.dto.ConnectAuthUser;
 import cn.lili.modules.connect.entity.dto.WechatMPLoginParams;
@@ -22,6 +21,7 @@ import cn.lili.modules.connect.mapper.ConnectMapper;
 import cn.lili.modules.connect.service.ConnectService;
 import cn.lili.modules.member.entity.dos.Member;
 import cn.lili.modules.member.service.MemberService;
+import cn.lili.modules.member.token.MemberTokenGenerate;
 import cn.lili.modules.system.entity.dos.Setting;
 import cn.lili.modules.system.entity.dto.connect.WechatConnectSetting;
 import cn.lili.modules.system.entity.dto.connect.dto.WechatConnectSettingItem;
@@ -309,6 +309,8 @@ public class ConnectServiceImpl extends ServiceImpl<ConnectMapper, Connect> impl
      * @return 用户信息
      */
     public JSONObject getUserInfo(String encryptedData, String sessionKey, String iv) {
+
+        log.info("encryptedData:{},sessionKey:{},iv:{}", encryptedData, sessionKey, iv);
         //被加密的数据
         byte[] dataByte = Base64.getDecoder().decode(encryptedData);
         //加密秘钥

framework/src/main/java/cn/lili/modules/member/entity/vo/MemberVO.java

@@ -84,5 +84,9 @@ public class MemberVO implements Serializable {
     @ApiModelProperty(value = "经验值数量")
     private Long experience;
 
+    @JsonFormat(timezone = "GMT+8", pattern = "yyyy-MM-dd HH:mm:ss")
+    @DateTimeFormat(pattern = "yyyy-MM-dd HH:mm:ss")
+    @ApiModelProperty(value = "创建时间", hidden = true)
+    private Date createTime;
 
 }

framework/src/main/java/cn/lili/modules/store/entity/dos/StoreDetail.java

@@ -18,7 +18,10 @@ import lombok.NoArgsConstructor;
 import org.hibernate.validator.constraints.Length;
 import org.springframework.format.annotation.DateTimeFormat;
 
-import javax.validation.constraints.*;
+import javax.validation.constraints.Email;
+import javax.validation.constraints.Min;
+import javax.validation.constraints.NotBlank;
+import javax.validation.constraints.Size;
 import java.util.Date;
 
 /**
@@ -180,11 +183,28 @@ public class StoreDetail extends BaseIdEntity {
 
     public StoreDetail(Store store, AdminStoreApplyDTO adminStoreApplyDTO) {
         this.storeId = store.getId();
+        //过滤字段值
+        isNotNull(adminStoreApplyDTO);
         //设置店铺公司信息、设置店铺银行信息、设置店铺其他信息
         BeanUtil.copyProperties(adminStoreApplyDTO, this);
         this.settlementDay = DateUtil.date();
         this.stockWarning = 10;
     }
 
+    public void isNotNull(AdminStoreApplyDTO adminStoreApplyDTO){
+        if("null".equals(adminStoreApplyDTO.getSalesConsigneeName())){
+            adminStoreApplyDTO.setSalesConsigneeName("");
+        }
+        if("null".equals(adminStoreApplyDTO.getSalesConsigneeMobile())){
+            adminStoreApplyDTO.setSalesConsigneeMobile("");
+        }
+        if("null".equals(adminStoreApplyDTO.getSalesConsigneeDetail())){
+            adminStoreApplyDTO.setSalesConsigneeDetail("");
+        }
+        if("null".equals(adminStoreApplyDTO.getDdCode())){
+            adminStoreApplyDTO.setDdCode("");
+        }
+    }
+
 
 }

framework/src/main/java/cn/lili/modules/store/serviceimpl/StoreDetailServiceImpl.java

@@ -75,7 +75,8 @@ public class StoreDetailServiceImpl extends ServiceImpl<StoreDetailMapper, Store
 
     @Override
     public StoreDetailVO getStoreDetailVO(String storeId) {
-        return this.baseMapper.getStoreDetail(storeId);
+        StoreDetailVO storeDetail = this.baseMapper.getStoreDetail(storeId);
+        return storeDetail;
     }
 
     @Override

framework/src/main/java/cn/lili/modules/store/serviceimpl/StoreServiceImpl.java

@@ -115,7 +115,6 @@ public class StoreServiceImpl extends ServiceImpl<StoreMapper, Store> implements
         if (Boolean.TRUE.equals(member.getHaveStore())) {
             throw new ServiceException(ResultCode.STORE_APPLY_DOUBLE_ERROR);
         }
-
         //添加店铺
         Store store = new Store(member, adminStoreApplyDTO);
         this.save(store);