Merge branch 'master' of gitee.com:y_project/RuoYi-Vue into master
This commit is contained in:
nadirvishun
Gitee
@ -5,7 +5,7 @@
|
||||
<parent>
|
||||
<artifactId>ruoyi</artifactId>
|
||||
<groupId>com.ruoyi</groupId>
|
||||
<version>3.7.0</version>
|
||||
<version>3.8.0</version>
|
||||
</parent>
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
|
||||
@ -43,8 +43,8 @@
|
||||
|
||||
<!-- 自定义验证注解 -->
|
||||
<dependency>
|
||||
<groupId>javax.validation</groupId>
|
||||
<artifactId>validation-api</artifactId>
|
||||
<groupId>org.springframework.boot</groupId>
|
||||
<artifactId>spring-boot-starter-validation</artifactId>
|
||||
</dependency>
|
||||
|
||||
<!--常用工具类 -->
|
||||
@ -89,12 +89,18 @@
|
||||
<artifactId>snakeyaml</artifactId>
|
||||
</dependency>
|
||||
|
||||
<!--Token生成与解析-->
|
||||
<!-- Token生成与解析-->
|
||||
<dependency>
|
||||
<groupId>io.jsonwebtoken</groupId>
|
||||
<artifactId>jjwt</artifactId>
|
||||
</dependency>
|
||||
|
||||
<!-- Jaxb -->
|
||||
<dependency>
|
||||
<groupId>javax.xml.bind</groupId>
|
||||
<artifactId>jaxb-api</artifactId>
|
||||
</dependency>
|
||||
|
||||
<!-- redis 缓存操作 -->
|
||||
<dependency>
|
||||
<groupId>org.springframework.boot</groupId>
|
||||
|
||||
@ -27,5 +27,5 @@ public @interface RepeatSubmit
|
||||
/**
|
||||
* 提示消息
|
||||
*/
|
||||
public String message() default "不允许重复提交,请稍后再试";
|
||||
public String message() default "不允许重复提交,请稍候再试";
|
||||
}
|
||||
|
||||
@ -30,6 +30,9 @@ public class RuoYiConfig
|
||||
/** 获取地址开关 */
|
||||
private static boolean addressEnabled;
|
||||
|
||||
/** 验证码类型 */
|
||||
private static String captchaType;
|
||||
|
||||
public String getName()
|
||||
{
|
||||
return name;
|
||||
@ -90,6 +93,14 @@ public class RuoYiConfig
|
||||
RuoYiConfig.addressEnabled = addressEnabled;
|
||||
}
|
||||
|
||||
public static String getCaptchaType() {
|
||||
return captchaType;
|
||||
}
|
||||
|
||||
public void setCaptchaType(String captchaType) {
|
||||
RuoYiConfig.captchaType = captchaType;
|
||||
}
|
||||
|
||||
/**
|
||||
* 获取导入上传路径
|
||||
*/
|
||||
|
||||
@ -148,4 +148,10 @@ public class Constants
|
||||
* LDAP 远程方法调用
|
||||
*/
|
||||
public static final String LOOKUP_LDAP = "ldap://";
|
||||
}
|
||||
|
||||
/**
|
||||
* 定时任务违规的字符
|
||||
*/
|
||||
public static final String[] JOB_ERROR_STR = { "java.net.URL", "javax.naming.InitialContext", "org.yaml.snakeyaml",
|
||||
"org.springframework.jndi" };
|
||||
}
|
||||
@ -16,6 +16,7 @@ import com.ruoyi.common.core.page.PageDomain;
|
||||
import com.ruoyi.common.core.page.TableDataInfo;
|
||||
import com.ruoyi.common.core.page.TableSupport;
|
||||
import com.ruoyi.common.utils.DateUtils;
|
||||
import com.ruoyi.common.utils.PageUtils;
|
||||
import com.ruoyi.common.utils.SecurityUtils;
|
||||
import com.ruoyi.common.utils.StringUtils;
|
||||
import com.ruoyi.common.utils.sql.SqlUtil;
|
||||
@ -51,15 +52,7 @@ public class BaseController
|
||||
*/
|
||||
protected void startPage()
|
||||
{
|
||||
PageDomain pageDomain = TableSupport.buildPageRequest();
|
||||
Integer pageNum = pageDomain.getPageNum();
|
||||
Integer pageSize = pageDomain.getPageSize();
|
||||
if (StringUtils.isNotNull(pageNum) && StringUtils.isNotNull(pageSize))
|
||||
{
|
||||
String orderBy = SqlUtil.escapeOrderBySql(pageDomain.getOrderBy());
|
||||
Boolean reasonable = pageDomain.getReasonable();
|
||||
PageHelper.startPage(pageNum, pageSize, orderBy).setReasonable(reasonable);
|
||||
}
|
||||
PageUtils.startPage();
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@ -145,4 +145,18 @@ public class AjaxResult extends HashMap<String, Object>
|
||||
{
|
||||
return new AjaxResult(code, msg, null);
|
||||
}
|
||||
|
||||
/**
|
||||
* 方便链式调用
|
||||
*
|
||||
* @param key 键
|
||||
* @param value 值
|
||||
* @return 数据对象
|
||||
*/
|
||||
@Override
|
||||
public AjaxResult put(String key, Object value)
|
||||
{
|
||||
super.put(key, value);
|
||||
return this;
|
||||
}
|
||||
}
|
||||
|
||||
@ -2,9 +2,7 @@ package com.ruoyi.common.core.domain.entity;
|
||||
|
||||
import java.util.Date;
|
||||
import java.util.List;
|
||||
import javax.validation.constraints.Email;
|
||||
import javax.validation.constraints.NotBlank;
|
||||
import javax.validation.constraints.Size;
|
||||
import javax.validation.constraints.*;
|
||||
import org.apache.commons.lang3.builder.ToStringBuilder;
|
||||
import org.apache.commons.lang3.builder.ToStringStyle;
|
||||
import com.fasterxml.jackson.annotation.JsonIgnore;
|
||||
@ -14,6 +12,7 @@ import com.ruoyi.common.annotation.Excel.ColumnType;
|
||||
import com.ruoyi.common.annotation.Excel.Type;
|
||||
import com.ruoyi.common.annotation.Excels;
|
||||
import com.ruoyi.common.core.domain.BaseEntity;
|
||||
import com.ruoyi.common.xss.Xss;
|
||||
|
||||
/**
|
||||
* 用户对象 sys_user
|
||||
@ -135,6 +134,7 @@ public class SysUser extends BaseEntity
|
||||
this.deptId = deptId;
|
||||
}
|
||||
|
||||
@Xss(message = "用户昵称不能包含脚本字符")
|
||||
@Size(min = 0, max = 30, message = "用户昵称长度不能超过30个字符")
|
||||
public String getNickName()
|
||||
{
|
||||
@ -146,6 +146,7 @@ public class SysUser extends BaseEntity
|
||||
this.nickName = nickName;
|
||||
}
|
||||
|
||||
@Xss(message = "用户账号不能包含脚本字符")
|
||||
@NotBlank(message = "用户账号不能为空")
|
||||
@Size(min = 0, max = 30, message = "用户账号长度不能超过30个字符")
|
||||
public String getUserName()
|
||||
|
||||
@ -4,7 +4,7 @@ import java.util.Collection;
|
||||
import java.util.Set;
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
import org.springframework.security.core.userdetails.UserDetails;
|
||||
import com.fasterxml.jackson.annotation.JsonIgnore;
|
||||
import com.alibaba.fastjson.annotation.JSONField;
|
||||
import com.ruoyi.common.core.domain.entity.SysUser;
|
||||
|
||||
/**
|
||||
@ -119,7 +119,7 @@ public class LoginUser implements UserDetails
|
||||
this.permissions = permissions;
|
||||
}
|
||||
|
||||
@JsonIgnore
|
||||
@JSONField(serialize = false)
|
||||
@Override
|
||||
public String getPassword()
|
||||
{
|
||||
@ -135,7 +135,7 @@ public class LoginUser implements UserDetails
|
||||
/**
|
||||
* 账户是否未过期,过期无法验证
|
||||
*/
|
||||
@JsonIgnore
|
||||
@JSONField(serialize = false)
|
||||
@Override
|
||||
public boolean isAccountNonExpired()
|
||||
{
|
||||
@ -147,7 +147,7 @@ public class LoginUser implements UserDetails
|
||||
*
|
||||
* @return
|
||||
*/
|
||||
@JsonIgnore
|
||||
@JSONField(serialize = false)
|
||||
@Override
|
||||
public boolean isAccountNonLocked()
|
||||
{
|
||||
@ -159,7 +159,7 @@ public class LoginUser implements UserDetails
|
||||
*
|
||||
* @return
|
||||
*/
|
||||
@JsonIgnore
|
||||
@JSONField(serialize = false)
|
||||
@Override
|
||||
public boolean isCredentialsNonExpired()
|
||||
{
|
||||
@ -171,7 +171,7 @@ public class LoginUser implements UserDetails
|
||||
*
|
||||
* @return
|
||||
*/
|
||||
@JsonIgnore
|
||||
@JSONField(serialize = false)
|
||||
@Override
|
||||
public boolean isEnabled()
|
||||
{
|
||||
|
||||
@ -209,6 +209,18 @@ public class RedisCache
|
||||
return opsForHash.get(key, hKey);
|
||||
}
|
||||
|
||||
/**
|
||||
* 删除Hash中的数据
|
||||
*
|
||||
* @param key
|
||||
* @param mapkey
|
||||
*/
|
||||
public void delCacheMapValue(final String key, final String hkey)
|
||||
{
|
||||
HashOperations hashOperations = redisTemplate.opsForHash();
|
||||
hashOperations.delete(key, hkey);
|
||||
}
|
||||
|
||||
/**
|
||||
* 获取多个Hash中的数据
|
||||
*
|
||||
|
||||
@ -0,0 +1,29 @@
|
||||
package com.ruoyi.common.utils;
|
||||
|
||||
import com.github.pagehelper.PageHelper;
|
||||
import com.ruoyi.common.core.page.PageDomain;
|
||||
import com.ruoyi.common.core.page.TableSupport;
|
||||
import com.ruoyi.common.utils.sql.SqlUtil;
|
||||
|
||||
/**
|
||||
* 分页工具类
|
||||
*
|
||||
* @author ruoyi
|
||||
*/
|
||||
public class PageUtils extends PageHelper
|
||||
{
|
||||
/**
|
||||
* 设置请求分页数据
|
||||
*/
|
||||
public static void startPage()
|
||||
{
|
||||
PageDomain pageDomain = TableSupport.buildPageRequest();
|
||||
Integer pageNum = pageDomain.getPageNum();
|
||||
Integer pageSize = pageDomain.getPageSize();
|
||||
if (StringUtils.isNotNull(pageNum) && StringUtils.isNotNull(pageSize))
|
||||
{
|
||||
String orderBy = SqlUtil.escapeOrderBySql(pageDomain.getOrderBy());
|
||||
PageHelper.startPage(pageNum, pageSize, orderBy);
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -36,7 +36,7 @@ public class Threads
|
||||
* 停止线程池
|
||||
* 先使用shutdown, 停止接收新任务并尝试完成所有已存在任务.
|
||||
* 如果超时, 则调用shutdownNow, 取消在workQueue中Pending的任务,并中断所有阻塞函数.
|
||||
* 如果仍人超時,則強制退出.
|
||||
* 如果仍然超時,則強制退出.
|
||||
* 另对在shutdown时线程本身被调用中断做了处理.
|
||||
*/
|
||||
public static void shutdownAndAwaitTermination(ExecutorService pool)
|
||||
|
||||
@ -0,0 +1,24 @@
|
||||
package com.ruoyi.common.utils.bean;
|
||||
|
||||
import java.util.Set;
|
||||
import javax.validation.ConstraintViolation;
|
||||
import javax.validation.ConstraintViolationException;
|
||||
import javax.validation.Validator;
|
||||
|
||||
/**
|
||||
* bean对象属性验证
|
||||
*
|
||||
* @author ruoyi
|
||||
*/
|
||||
public class BeanValidators
|
||||
{
|
||||
public static void validateWithException(Validator validator, Object object, Class<?>... groups)
|
||||
throws ConstraintViolationException
|
||||
{
|
||||
Set<ConstraintViolation<Object>> constraintViolations = validator.validate(object, groups);
|
||||
if (!constraintViolations.isEmpty())
|
||||
{
|
||||
throw new ConstraintViolationException(constraintViolations);
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -210,6 +210,8 @@ public class FileUtils
|
||||
.append("utf-8''")
|
||||
.append(percentEncodedFileName);
|
||||
|
||||
response.addHeader("Access-Control-Allow-Origin", "*");
|
||||
response.addHeader("Access-Control-Expose-Headers", "Content-Disposition,download-filename");
|
||||
response.setHeader("Content-disposition", contentDispositionValue.toString());
|
||||
response.setHeader("download-filename", percentEncodedFileName);
|
||||
}
|
||||
|
||||
@ -69,26 +69,37 @@ public class EscapeUtil
|
||||
*/
|
||||
private static String encode(String text)
|
||||
{
|
||||
int len;
|
||||
if ((text == null) || ((len = text.length()) == 0))
|
||||
if (StringUtils.isEmpty(text))
|
||||
{
|
||||
return StringUtils.EMPTY;
|
||||
}
|
||||
StringBuilder buffer = new StringBuilder(len + (len >> 2));
|
||||
|
||||
final StringBuilder tmp = new StringBuilder(text.length() * 6);
|
||||
char c;
|
||||
for (int i = 0; i < len; i++)
|
||||
for (int i = 0; i < text.length(); i++)
|
||||
{
|
||||
c = text.charAt(i);
|
||||
if (c < 64)
|
||||
if (c < 256)
|
||||
{
|
||||
buffer.append(TEXT[c]);
|
||||
tmp.append("%");
|
||||
if (c < 16)
|
||||
{
|
||||
tmp.append("0");
|
||||
}
|
||||
tmp.append(Integer.toString(c, 16));
|
||||
}
|
||||
else
|
||||
{
|
||||
buffer.append(c);
|
||||
tmp.append("%u");
|
||||
if (c <= 0xfff)
|
||||
{
|
||||
// issue#I49JU8@Gitee
|
||||
tmp.append("0");
|
||||
}
|
||||
tmp.append(Integer.toString(c, 16));
|
||||
}
|
||||
}
|
||||
return buffer.toString();
|
||||
return tmp.toString();
|
||||
}
|
||||
|
||||
/**
|
||||
@ -145,11 +156,12 @@ public class EscapeUtil
|
||||
public static void main(String[] args)
|
||||
{
|
||||
String html = "<script>alert(1);</script>";
|
||||
String escape = EscapeUtil.escape(html);
|
||||
// String html = "<scr<script>ipt>alert(\"XSS\")</scr<script>ipt>";
|
||||
// String html = "<123";
|
||||
// String html = "123>";
|
||||
System.out.println(EscapeUtil.clean(html));
|
||||
System.out.println(EscapeUtil.escape(html));
|
||||
System.out.println(EscapeUtil.unescape(html));
|
||||
System.out.println("clean: " + EscapeUtil.clean(html));
|
||||
System.out.println("escape: " + escape);
|
||||
System.out.println("unescape: " + EscapeUtil.unescape(escape));
|
||||
}
|
||||
}
|
||||
|
||||
@ -332,7 +332,7 @@ public final class HTMLFilter
|
||||
final String name = m.group(1).toLowerCase();
|
||||
if (allowed(name))
|
||||
{
|
||||
if (false == inArray(name, vSelfClosingTags))
|
||||
if (!inArray(name, vSelfClosingTags))
|
||||
{
|
||||
if (vTagCounts.containsKey(name))
|
||||
{
|
||||
|
||||
@ -19,6 +19,7 @@ import javax.net.ssl.X509TrustManager;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import com.ruoyi.common.constant.Constants;
|
||||
import com.ruoyi.common.utils.StringUtils;
|
||||
|
||||
/**
|
||||
* 通用http发送方法
|
||||
@ -29,6 +30,17 @@ public class HttpUtils
|
||||
{
|
||||
private static final Logger log = LoggerFactory.getLogger(HttpUtils.class);
|
||||
|
||||
/**
|
||||
* 向指定 URL 发送GET方法的请求
|
||||
*
|
||||
* @param url 发送请求的 URL
|
||||
* @return 所代表远程资源的响应结果
|
||||
*/
|
||||
public static String sendGet(String url)
|
||||
{
|
||||
return sendGet(url, StringUtils.EMPTY);
|
||||
}
|
||||
|
||||
/**
|
||||
* 向指定 URL 发送GET方法的请求
|
||||
*
|
||||
@ -55,7 +67,7 @@ public class HttpUtils
|
||||
BufferedReader in = null;
|
||||
try
|
||||
{
|
||||
String urlNameString = url + "?" + param;
|
||||
String urlNameString = StringUtils.isNotBlank(param) ? url + "?" + param : url;
|
||||
log.info("sendGet - {}", urlNameString);
|
||||
URL realUrl = new URL(urlNameString);
|
||||
URLConnection connection = realUrl.openConnection();
|
||||
|
||||
@ -269,22 +269,15 @@ public class ExcelUtil<T>
|
||||
}
|
||||
}
|
||||
// 有数据时才处理 得到类的所有field.
|
||||
Field[] allFields = clazz.getDeclaredFields();
|
||||
// 定义一个map用于存放列的序号和field.
|
||||
Map<Integer, Field> fieldsMap = new HashMap<Integer, Field>();
|
||||
for (int col = 0; col < allFields.length; col++)
|
||||
List<Object[]> fields = this.getFields();
|
||||
Map<Integer, Object[]> fieldsMap = new HashMap<Integer, Object[]>();
|
||||
for (Object[] objects : fields)
|
||||
{
|
||||
Field field = allFields[col];
|
||||
Excel attr = field.getAnnotation(Excel.class);
|
||||
if (attr != null && (attr.type() == Type.ALL || attr.type() == type))
|
||||
Excel attr = (Excel) objects[1];
|
||||
Integer column = cellMap.get(attr.name());
|
||||
if (column != null)
|
||||
{
|
||||
// 设置类的私有字段属性可访问.
|
||||
field.setAccessible(true);
|
||||
Integer column = cellMap.get(attr.name());
|
||||
if (column != null)
|
||||
{
|
||||
fieldsMap.put(column, field);
|
||||
}
|
||||
fieldsMap.put(column, objects);
|
||||
}
|
||||
}
|
||||
for (int i = titleNum + 1; i <= rows; i++)
|
||||
@ -297,14 +290,15 @@ public class ExcelUtil<T>
|
||||
continue;
|
||||
}
|
||||
T entity = null;
|
||||
for (Map.Entry<Integer, Field> entry : fieldsMap.entrySet())
|
||||
for (Map.Entry<Integer, Object[]> entry : fieldsMap.entrySet())
|
||||
{
|
||||
Object val = this.getCellValue(row, entry.getKey());
|
||||
|
||||
// 如果不存在实例则新建.
|
||||
entity = (entity == null ? clazz.newInstance() : entity);
|
||||
// 从map中得到对应列的field.
|
||||
Field field = fieldsMap.get(entry.getKey());
|
||||
Field field = (Field) entry.getValue()[0];
|
||||
Excel attr = (Excel) entry.getValue()[1];
|
||||
// 取得类型,并根据对象类型设置值.
|
||||
Class<?> fieldType = field.getType();
|
||||
if (String.class == fieldType)
|
||||
@ -364,7 +358,6 @@ public class ExcelUtil<T>
|
||||
}
|
||||
if (StringUtils.isNotNull(fieldType))
|
||||
{
|
||||
Excel attr = field.getAnnotation(Excel.class);
|
||||
String propertyName = field.getName();
|
||||
if (StringUtils.isNotEmpty(attr.targetAttr()))
|
||||
{
|
||||
@ -439,7 +432,7 @@ public class ExcelUtil<T>
|
||||
* @return 结果
|
||||
* @throws IOException
|
||||
*/
|
||||
public void exportExcel(HttpServletResponse response, List<T> list, String sheetName)throws IOException
|
||||
public void exportExcel(HttpServletResponse response, List<T> list, String sheetName)
|
||||
{
|
||||
exportExcel(response, list, sheetName, StringUtils.EMPTY);
|
||||
}
|
||||
@ -454,12 +447,12 @@ public class ExcelUtil<T>
|
||||
* @return 结果
|
||||
* @throws IOException
|
||||
*/
|
||||
public void exportExcel(HttpServletResponse response, List<T> list, String sheetName, String title) throws IOException
|
||||
public void exportExcel(HttpServletResponse response, List<T> list, String sheetName, String title)
|
||||
{
|
||||
response.setContentType("application/vnd.openxmlformats-officedocument.spreadsheetml.sheet");
|
||||
response.setCharacterEncoding("utf-8");
|
||||
this.init(list, sheetName, title, Type.EXPORT);
|
||||
exportExcel(response.getOutputStream());
|
||||
exportExcel(response);
|
||||
}
|
||||
|
||||
/**
|
||||
@ -492,9 +485,9 @@ public class ExcelUtil<T>
|
||||
* @param sheetName 工作表的名称
|
||||
* @return 结果
|
||||
*/
|
||||
public void importTemplateExcel(HttpServletResponse response, String sheetName) throws IOException
|
||||
public void importTemplateExcel(HttpServletResponse response, String sheetName)
|
||||
{
|
||||
importTemplateExcel(response, sheetName);
|
||||
importTemplateExcel(response, sheetName, StringUtils.EMPTY);
|
||||
}
|
||||
|
||||
/**
|
||||
@ -504,12 +497,12 @@ public class ExcelUtil<T>
|
||||
* @param title 标题
|
||||
* @return 结果
|
||||
*/
|
||||
public void importTemplateExcel(HttpServletResponse response, String sheetName, String title) throws IOException
|
||||
public void importTemplateExcel(HttpServletResponse response, String sheetName, String title)
|
||||
{
|
||||
response.setContentType("application/vnd.openxmlformats-officedocument.spreadsheetml.sheet");
|
||||
response.setCharacterEncoding("utf-8");
|
||||
this.init(null, sheetName, title, Type.IMPORT);
|
||||
exportExcel(response.getOutputStream());
|
||||
exportExcel(response);
|
||||
}
|
||||
|
||||
/**
|
||||
@ -517,12 +510,12 @@ public class ExcelUtil<T>
|
||||
*
|
||||
* @return 结果
|
||||
*/
|
||||
public void exportExcel(OutputStream out)
|
||||
public void exportExcel(HttpServletResponse response)
|
||||
{
|
||||
try
|
||||
{
|
||||
writeSheet();
|
||||
wb.write(out);
|
||||
wb.write(response.getOutputStream());
|
||||
}
|
||||
catch (Exception e)
|
||||
{
|
||||
@ -531,7 +524,6 @@ public class ExcelUtil<T>
|
||||
finally
|
||||
{
|
||||
IOUtils.closeQuietly(wb);
|
||||
IOUtils.closeQuietly(out);
|
||||
}
|
||||
}
|
||||
|
||||
@ -611,8 +603,6 @@ public class ExcelUtil<T>
|
||||
{
|
||||
Field field = (Field) os[0];
|
||||
Excel excel = (Excel) os[1];
|
||||
// 设置实体类私有属性可访问
|
||||
field.setAccessible(true);
|
||||
this.addCell(excel, row, vo, field, column++);
|
||||
}
|
||||
}
|
||||
@ -1183,7 +1173,17 @@ public class ExcelUtil<T>
|
||||
*/
|
||||
private void createExcelField()
|
||||
{
|
||||
this.fields = new ArrayList<Object[]>();
|
||||
this.fields = getFields();
|
||||
this.fields = this.fields.stream().sorted(Comparator.comparing(objects -> ((Excel) objects[1]).sort())).collect(Collectors.toList());
|
||||
this.maxHeight = getRowHeight();
|
||||
}
|
||||
|
||||
/**
|
||||
* 获取字段注解信息
|
||||
*/
|
||||
public List<Object[]> getFields()
|
||||
{
|
||||
List<Object[]> fields = new ArrayList<Object[]>();
|
||||
List<Field> tempFields = new ArrayList<>();
|
||||
tempFields.addAll(Arrays.asList(clazz.getSuperclass().getDeclaredFields()));
|
||||
tempFields.addAll(Arrays.asList(clazz.getDeclaredFields()));
|
||||
@ -1192,7 +1192,12 @@ public class ExcelUtil<T>
|
||||
// 单注解
|
||||
if (field.isAnnotationPresent(Excel.class))
|
||||
{
|
||||
putToField(field, field.getAnnotation(Excel.class));
|
||||
Excel attr = field.getAnnotation(Excel.class);
|
||||
if (attr != null && (attr.type() == Type.ALL || attr.type() == type))
|
||||
{
|
||||
field.setAccessible(true);
|
||||
fields.add(new Object[] { field, attr });
|
||||
}
|
||||
}
|
||||
|
||||
// 多注解
|
||||
@ -1200,14 +1205,17 @@ public class ExcelUtil<T>
|
||||
{
|
||||
Excels attrs = field.getAnnotation(Excels.class);
|
||||
Excel[] excels = attrs.value();
|
||||
for (Excel excel : excels)
|
||||
for (Excel attr : excels)
|
||||
{
|
||||
putToField(field, excel);
|
||||
if (attr != null && (attr.type() == Type.ALL || attr.type() == type))
|
||||
{
|
||||
field.setAccessible(true);
|
||||
fields.add(new Object[] { field, attr });
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
this.fields = this.fields.stream().sorted(Comparator.comparing(objects -> ((Excel) objects[1]).sort())).collect(Collectors.toList());
|
||||
this.maxHeight = getRowHeight();
|
||||
return fields;
|
||||
}
|
||||
|
||||
/**
|
||||
@ -1224,17 +1232,6 @@ public class ExcelUtil<T>
|
||||
return (short) (maxHeight * 20);
|
||||
}
|
||||
|
||||
/**
|
||||
* 放到字段集合中
|
||||
*/
|
||||
private void putToField(Field field, Excel attr)
|
||||
{
|
||||
if (attr != null && (attr.type() == Type.ALL || attr.type() == type))
|
||||
{
|
||||
this.fields.add(new Object[] { field, attr });
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* 创建一个工作簿
|
||||
*/
|
||||
|
||||
@ -343,25 +343,25 @@ public final class UUID implements java.io.Serializable, Comparable<UUID>
|
||||
final StringBuilder builder = new StringBuilder(isSimple ? 32 : 36);
|
||||
// time_low
|
||||
builder.append(digits(mostSigBits >> 32, 8));
|
||||
if (false == isSimple)
|
||||
if (!isSimple)
|
||||
{
|
||||
builder.append('-');
|
||||
}
|
||||
// time_mid
|
||||
builder.append(digits(mostSigBits >> 16, 4));
|
||||
if (false == isSimple)
|
||||
if (!isSimple)
|
||||
{
|
||||
builder.append('-');
|
||||
}
|
||||
// time_high_and_version
|
||||
builder.append(digits(mostSigBits, 4));
|
||||
if (false == isSimple)
|
||||
if (!isSimple)
|
||||
{
|
||||
builder.append('-');
|
||||
}
|
||||
// variant_and_sequence
|
||||
builder.append(digits(leastSigBits >> 48, 4));
|
||||
if (false == isSimple)
|
||||
if (!isSimple)
|
||||
{
|
||||
builder.append('-');
|
||||
}
|
||||
|
||||
27
ruoyi-common/src/main/java/com/ruoyi/common/xss/Xss.java
Normal file
27
ruoyi-common/src/main/java/com/ruoyi/common/xss/Xss.java
Normal file
@ -0,0 +1,27 @@
|
||||
package com.ruoyi.common.xss;
|
||||
|
||||
import javax.validation.Constraint;
|
||||
import javax.validation.Payload;
|
||||
import java.lang.annotation.ElementType;
|
||||
import java.lang.annotation.Retention;
|
||||
import java.lang.annotation.RetentionPolicy;
|
||||
import java.lang.annotation.Target;
|
||||
|
||||
/**
|
||||
* 自定义xss校验注解
|
||||
*
|
||||
* @author ruoyi
|
||||
*/
|
||||
@Retention(RetentionPolicy.RUNTIME)
|
||||
@Target(value = { ElementType.METHOD, ElementType.FIELD, ElementType.CONSTRUCTOR, ElementType.PARAMETER })
|
||||
@Constraint(validatedBy = { XssValidator.class })
|
||||
public @interface Xss
|
||||
{
|
||||
String message()
|
||||
|
||||
default "不允许任何脚本运行";
|
||||
|
||||
Class<?>[] groups() default {};
|
||||
|
||||
Class<? extends Payload>[] payload() default {};
|
||||
}
|
||||
@ -0,0 +1,29 @@
|
||||
package com.ruoyi.common.xss;
|
||||
|
||||
import javax.validation.ConstraintValidator;
|
||||
import javax.validation.ConstraintValidatorContext;
|
||||
import java.util.regex.Matcher;
|
||||
import java.util.regex.Pattern;
|
||||
|
||||
/**
|
||||
* 自定义xss校验注解实现
|
||||
*
|
||||
* @author ruoyi
|
||||
*/
|
||||
public class XssValidator implements ConstraintValidator<Xss, String>
|
||||
{
|
||||
private final String HTML_PATTERN = "<(\\S*?)[^>]*>.*?|<.*? />";
|
||||
|
||||
@Override
|
||||
public boolean isValid(String value, ConstraintValidatorContext constraintValidatorContext)
|
||||
{
|
||||
return !containsHtml(value);
|
||||
}
|
||||
|
||||
public boolean containsHtml(String value)
|
||||
{
|
||||
Pattern pattern = Pattern.compile(HTML_PATTERN);
|
||||
Matcher matcher = pattern.matcher(value);
|
||||
return matcher.matches();
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user