Merge branch 'master' into test

Merge branch 'master' of https://gitee.com/y_project/RuoYi-Vue
功能迭代
2022-05-20 09:00:37 +08:00 · 2022-05-20 08:59:45 +08:00 · 2022-05-20 08:56:41 +08:00 · 2022-05-13 15:02:16 +08:00 · 2022-05-11 17:27:34 +08:00 · 2022-05-11 16:40:50 +08:00
367 changed files with 22172 additions and 13004 deletions
--- a/.github/FUNDING.yml
+++ b/.github/FUNDING.yml
@ -0,0 +1 @@
+custom: http://doc.ruoyi.vip/ruoyi-vue/other/donate.html
--- a/.gitignore
+++ b/.gitignore
@ -25,6 +25,9 @@ target/
 *.iml
 *.ipr

+### JRebel ###
+rebel.xml
+
 ### NetBeans ###
 nbproject/private/
 build/*
--- a/README.md
+++ b/README.md
@ -1,3 +1,14 @@
+<p align="center">
+	<img alt="logo" src="https://oscimg.oschina.net/oscnet/up-d3d0a9303e11d522a06cd263f3079027715.png">
+</p>
+<h1 align="center" style="margin: 30px 0 30px; font-weight: bold;">RuoYi v3.8.2</h1>
+<h4 align="center">基于SpringBoot+Vue前后端分离的Java快速开发框架</h4>
+<p align="center">
+	<a href="https://gitee.com/y_project/RuoYi-Vue/stargazers"><img src="https://gitee.com/y_project/RuoYi-Vue/badge/star.svg?theme=dark"></a>
+	<a href="https://gitee.com/y_project/RuoYi-Vue"><img src="https://img.shields.io/badge/RuoYi-v3.8.2-brightgreen.svg"></a>
+	<a href="https://gitee.com/y_project/RuoYi-Vue/blob/master/LICENSE"><img src="https://img.shields.io/github/license/mashape/apistatus.svg"></a>
+</p>
+
 ## 平台简介

 若依是一套全部开源的快速开发平台，毫无保留给个人及企业免费使用。
@ -7,6 +18,7 @@
 * 权限认证使用Jwt，支持多终端认证系统。
 * 支持加载动态权限菜单，多方式轻松权限控制。
 * 高效率开发，使用代码生成器可以一键生成前后端代码。
+* 提供了技术栈（[Vue3](https://v3.cn.vuejs.org) [Element Plus](https://element-plus.org/zh-CN) [Vite](https://cn.vitejs.dev)）版本[RuoYi-Vue3](https://github.com/yangzongzhuan/RuoYi-Vue3)，保持同步更新。
 * 提供了单应用版本[RuoYi-Vue-fast](https://github.com/yangzongzhuan/RuoYi-Vue-fast)，Oracle版本[RuoYi-Vue-Oracle](https://github.com/yangzongzhuan/RuoYi-Vue-Oracle)，保持同步更新。
 * 不分离版本，请移步[RuoYi](https://gitee.com/y_project/RuoYi)，微服务版本，请移步[RuoYi-Cloud](https://gitee.com/y_project/RuoYi-Cloud)
 * 特别鸣谢：[element](https://github.com/ElemeFE/element)，[vue-element-admin](https://github.com/PanJiaChen/vue-element-admin)，[eladmin-web](https://github.com/elunez/eladmin-web)。
@ -82,4 +94,4 @@

 ## 若依前后端分离交流群

-QQ群： [![加入QQ群](https://img.shields.io/badge/已满-937441-blue.svg)](https://jq.qq.com/?_wv=1027&k=5bVB1og) [![加入QQ群](https://img.shields.io/badge/已满-887144332-blue.svg)](https://jq.qq.com/?_wv=1027&k=5eiA4DH) [![加入QQ群](https://img.shields.io/badge/已满-180251782-blue.svg)](https://jq.qq.com/?_wv=1027&k=5AxMKlC) [![加入QQ群](https://img.shields.io/badge/104180207-blue.svg)](https://jq.qq.com/?_wv=1027&k=51G72yr) 点击按钮入群。
+QQ群： [![加入QQ群](https://img.shields.io/badge/已满-937441-blue.svg)](https://jq.qq.com/?_wv=1027&k=5bVB1og) [![加入QQ群](https://img.shields.io/badge/已满-887144332-blue.svg)](https://jq.qq.com/?_wv=1027&k=5eiA4DH) [![加入QQ群](https://img.shields.io/badge/已满-180251782-blue.svg)](https://jq.qq.com/?_wv=1027&k=5AxMKlC) [![加入QQ群](https://img.shields.io/badge/已满-104180207-blue.svg)](https://jq.qq.com/?_wv=1027&k=51G72yr) [![加入QQ群](https://img.shields.io/badge/已满-186866453-blue.svg)](https://jq.qq.com/?_wv=1027&k=VvjN2nvu) [![加入QQ群](https://img.shields.io/badge/已满-201396349-blue.svg)](https://jq.qq.com/?_wv=1027&k=5vYAqA05) [![加入QQ群](https://img.shields.io/badge/已满-101456076-blue.svg)](https://jq.qq.com/?_wv=1027&k=kOIINEb5) [![加入QQ群](https://img.shields.io/badge/已满-101539465-blue.svg)](https://jq.qq.com/?_wv=1027&k=UKtX5jhs) [![加入QQ群](https://img.shields.io/badge/已满-264312783-blue.svg)](https://jq.qq.com/?_wv=1027&k=EI9an8lJ) [![加入QQ群](https://img.shields.io/badge/167385320-blue.svg)](https://jq.qq.com/?_wv=1027&k=SWCtLnMz) 点击按钮入群。
--- a/bin/clean.bat
+++ b/bin/clean.bat
@ -1,6 +1,6 @@
@echo off
 echo.
-echo [<5B><>Ϣ] <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>·<EFBFBD><C2B7><EFBFBD><EFBFBD>
+echo [<5B><>Ϣ] <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>target<EFBFBD><EFBFBD><EFBFBD><EFBFBD>·<EFBFBD><EFBFBD><EFBFBD><EFBFBD>
 echo.

 %~d0
--- a/bin/run.bat
+++ b/bin/run.bat
@ -1,6 +1,6 @@
@echo off
 echo.
-echo [<5B><>Ϣ] <20><><EFBFBD><EFBFBD>Web<65><62><EFBFBD>̡<EFBFBD>
+echo [<5B><>Ϣ] ʹ<EFBFBD><EFBFBD>Jar<EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>Web<EFBFBD><EFBFBD><EFBFBD>̡<EFBFBD>
 echo.

 cd %~dp0
--- a/pom.xml
+++ b/pom.xml
@ -6,30 +6,31 @@
 	
    <groupId>com.ruoyi</groupId>
    <artifactId>ruoyi</artifactId>
-    <version>3.4.0</version>
+    <version>3.8.2</version>

    <name>ruoyi</name>
    <url>http://www.ruoyi.vip</url>
    <description>若依管理系统</description>
    
    <properties>
-        <ruoyi.version>3.4.0</ruoyi.version>
+        <ruoyi.version>3.8.2</ruoyi.version>
        <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
        <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
-        <java.version>1.8</java.version>
+        <java.version>11</java.version>
        <maven-jar-plugin.version>3.1.1</maven-jar-plugin.version>
-        <druid.version>1.2.4</druid.version>
+        <druid.version>1.2.8</druid.version>
        <bitwalker.version>1.21</bitwalker.version>
-        <swagger.version>2.9.2</swagger.version>
+        <swagger.version>3.0.0</swagger.version>
        <kaptcha.version>2.3.2</kaptcha.version>
-        <pagehelper.boot.version>1.3.0</pagehelper.boot.version>
-        <fastjson.version>1.2.75</fastjson.version>
-        <oshi.version>5.3.6</oshi.version>
-        <jna.version>5.6.0</jna.version>
-        <commons.io.version>2.5</commons.io.version>
-        <commons.fileupload.version>1.3.3</commons.fileupload.version>
+        <mybatis-spring-boot.version>2.2.2</mybatis-spring-boot.version>
+        <pagehelper.boot.version>1.4.1</pagehelper.boot.version>
+        <fastjson.version>1.2.80</fastjson.version>
+        <oshi.version>6.1.6</oshi.version>
+        <commons.io.version>2.11.0</commons.io.version>
+        <commons.fileupload.version>1.4</commons.fileupload.version>
+        <commons.collections.version>3.2.2</commons.collections.version>
        <poi.version>4.1.2</poi.version>
-        <velocity.version>1.7</velocity.version>
+        <velocity.version>2.3</velocity.version>
        <jwt.version>0.9.1</jwt.version>
    </properties>
 	
@ -41,7 +42,7 @@
            <dependency>
                <groupId>org.springframework.boot</groupId>
                <artifactId>spring-boot-dependencies</artifactId>
-                <version>2.2.13.RELEASE</version>
+                <version>2.5.13</version>
                <type>pom</type>
                <scope>import</scope>
            </dependency>
@ -60,6 +61,13 @@
                <version>${bitwalker.version}</version>
            </dependency>

+            <!-- SpringBoot集成mybatis框架 -->
+            <dependency>
+                <groupId>org.mybatis.spring.boot</groupId>
+                <artifactId>mybatis-spring-boot-starter</artifactId>
+                <version>${mybatis-spring-boot.version}</version>
+            </dependency>
+
            <!-- pagehelper 分页插件 -->
            <dependency>
                <groupId>com.github.pagehelper</groupId>
@ -74,28 +82,12 @@
                <version>${oshi.version}</version>
            </dependency>

-            <dependency>
-                <groupId>net.java.dev.jna</groupId>
-                <artifactId>jna</artifactId>
-                <version>${jna.version}</version>
-            </dependency>
-
-            <dependency>
-                <groupId>net.java.dev.jna</groupId>
-                <artifactId>jna-platform</artifactId>
-                <version>${jna.version}</version>
-            </dependency>
-			
-            <!-- swagger2-->
+            <!-- Swagger3依赖 -->
            <dependency>
                <groupId>io.springfox</groupId>
-                <artifactId>springfox-swagger2</artifactId>
+                <artifactId>springfox-boot-starter</artifactId>
                <version>${swagger.version}</version>
                <exclusions>
-                    <exclusion>
-                        <groupId>io.swagger</groupId>
-                        <artifactId>swagger-annotations</artifactId>
-                    </exclusion>
                    <exclusion>
                        <groupId>io.swagger</groupId>
                        <artifactId>swagger-models</artifactId>
@ -103,13 +95,6 @@
                </exclusions>
            </dependency>

-            <!-- swagger2-UI-->
-            <dependency>
-                <groupId>io.springfox</groupId>
-                <artifactId>springfox-swagger-ui</artifactId>
-                <version>${swagger.version}</version>
-            </dependency>
-            
            <!-- io常用工具类 -->
            <dependency>
                <groupId>commons-io</groupId>
@ -134,10 +119,17 @@
            <!-- velocity代码生成使用模板 -->
            <dependency>
                <groupId>org.apache.velocity</groupId>
-                <artifactId>velocity</artifactId>
+                <artifactId>velocity-engine-core</artifactId>
                <version>${velocity.version}</version>
            </dependency>

+            <!-- collections工具类 -->
+            <dependency>
+                <groupId>commons-collections</groupId>
+                <artifactId>commons-collections</artifactId>
+                <version>${commons.collections.version}</version>
+            </dependency>
+
            <!-- 阿里JSON解析器 -->
            <dependency>
                <groupId>com.alibaba</groupId>
@ -231,7 +223,7 @@
        <repository>
            <id>public</id>
            <name>aliyun nexus</name>
-            <url>http://maven.aliyun.com/nexus/content/groups/public/</url>
+            <url>https://maven.aliyun.com/repository/public</url>
            <releases>
                <enabled>true</enabled>
            </releases>
@ -242,7 +234,7 @@
        <pluginRepository>
            <id>public</id>
            <name>aliyun nexus</name>
-            <url>http://maven.aliyun.com/nexus/content/groups/public/</url>
+            <url>https://maven.aliyun.com/repository/public</url>
            <releases>
                <enabled>true</enabled>
            </releases>
--- a/ruoyi-admin/pom.xml
+++ b/ruoyi-admin/pom.xml
@ -5,7 +5,7 @@
    <parent>
        <artifactId>ruoyi</artifactId>
        <groupId>com.ruoyi</groupId>
-        <version>3.4.0</version>
+        <version>3.8.2</version>
    </parent>
    <modelVersion>4.0.0</modelVersion>
    <packaging>jar</packaging>
@ -24,29 +24,17 @@
            <optional>true</optional> <!-- 表示依赖不会传递 -->
        </dependency>

-        <!-- swagger2-->
+        <!-- swagger3-->
        <dependency>
            <groupId>io.springfox</groupId>
-            <artifactId>springfox-swagger2</artifactId>
-        </dependency>
-
-        <!--防止进入swagger页面报类型转换错误，排除2.9.2中的引用，手动增加1.5.21版本-->
-        <dependency>
-            <groupId>io.swagger</groupId>
-            <artifactId>swagger-annotations</artifactId>
-            <version>1.5.21</version>
+            <artifactId>springfox-boot-starter</artifactId>
        </dependency>

+        <!-- 防止进入swagger页面报类型转换错误，排除3.0.0中的引用，手动增加1.6.2版本 -->
        <dependency>
            <groupId>io.swagger</groupId>
            <artifactId>swagger-models</artifactId>
-            <version>1.5.21</version>
-        </dependency>
-
-        <!-- swagger2-UI-->
-        <dependency>
-            <groupId>io.springfox</groupId>
-            <artifactId>springfox-swagger-ui</artifactId>
+            <version>1.6.2</version>
        </dependency>

         <!-- Mysql驱动包 -->
--- a/ruoyi-admin/src/main/java/com/ruoyi/RuoYiApplication.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/RuoYiApplication.java
@ -16,11 +16,11 @@ public class RuoYiApplication
    {
        // System.setProperty("spring.devtools.restart.enabled", "false");
        SpringApplication.run(RuoYiApplication.class, args);
-        System.out.println("(♥◠‿◠)ﾉﾞ  若依启动成功   ლ(´ڡ`ლ)ﾞ  \n" +
+        System.out.println("(♥◠‿◠)ﾉﾞ  我们一起学喵叫   ლ(´ڡ`ლ)ﾞ  \n" +
                " .-------.       ____     __        \n" +
-                " |  _ _   \\      \\   \\   /  /    \n" +
-                " | ( ' )  |       \\  _. /  '       \n" +
-                " |(_ o _) /        _( )_ .'         \n" +
+                " |  _ _   \\   喵   \\   \\   /  /    \n" +
+                " | ( ' )  |   喵    \\  _. /  '       \n" +
+                " |(_ o _) /     喵   _( )_ .'         \n" +
                " | (_,_).' __  ___(_ o _)'          \n" +
                " |  |\\ \\  |  ||   |(_,_)'         \n" +
                " |  | \\ `'   /|   `-'  /           \n" +
--- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/RemoteSensing/AdahTestingController.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/RemoteSensing/AdahTestingController.java
@ -0,0 +1,9 @@
+package com.ruoyi.web.controller.RemoteSensing;
+
+/**
+ *  亚大综合监测
+ * @Author: JinSheng Song
+ * @Date: 2022/5/11 9:08
+ */
+public class AdahTestingController {
+}
--- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/RemoteSensing/AtmosphereController.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/RemoteSensing/AtmosphereController.java
@ -0,0 +1,9 @@
+package com.ruoyi.web.controller.RemoteSensing;
+
+/**
+ * 大气质量监测
+ * @Author: JinSheng Song
+ * @Date: 2022/5/11 10:56
+ */
+public class AtmosphereController {
+}
--- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/RemoteSensing/AustraliaMiddleEastController.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/RemoteSensing/AustraliaMiddleEastController.java
@ -0,0 +1,76 @@
+package com.ruoyi.web.controller.RemoteSensing;
+
+import com.ruoyi.common.core.domain.AjaxResult;
+import com.ruoyi.system.service.IAustraliaMiddleEastService;
+import com.ruoyi.system.service.IForestService;
+import com.ruoyi.system.vo.AustraliaMiddleEastVO;
+import org.apache.ibatis.annotations.Param;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestMethod;
+import org.springframework.web.bind.annotation.RestController;
+
+import javax.annotation.Resource;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.util.List;
+
+/**
+ *  澳大利亚中东部地区
+ * @Author: JinSheng Song
+ * @Date: 2022/5/11 9:08
+ */
+@RestController
+@RequestMapping(value = "/business-service/api/orderMng", produces = "application/json;charset=UTF-8")
+public class AustraliaMiddleEastController
+{
+   // @Autowired
+    private IAustraliaMiddleEastService australiaMiddleEastService;
+
+    /**
+     * 查询方法
+     * @param response
+     * @param request
+     * @return
+     */
+    @RequestMapping(value = "/SelectAustralia",method = {RequestMethod.POST})
+    public AjaxResult SelectAustralia(HttpServletResponse response, HttpServletRequest request)
+    {
+        List<AustraliaMiddleEastVO> eastVOSList= australiaMiddleEastService.selectAustralia();
+             return AjaxResult.success(eastVOSList);
+    }
+
+    /**
+     * 删除方法
+     * @param ID
+     * @return
+     */
+    @RequestMapping(value = "/DelAustralia",method = {RequestMethod.POST})
+    public AjaxResult DelAustralia(@Param("ID") String ID)
+    {
+        int NUM = australiaMiddleEastService.DelAustralia(ID);
+        if (NUM>0)
+        {
+            return AjaxResult.success();
+        }
+        return  AjaxResult.error();
+
+    }
+
+    /**
+     * 新增方法
+     * @param eastVOS
+     * @return
+     */
+    @RequestMapping(value = "/IntoAustralia",method = {RequestMethod.POST})
+    public AjaxResult IntoAustralia(AustraliaMiddleEastVO eastVOS)
+    {
+        int NUM =  australiaMiddleEastService.IntoAustralia(eastVOS);
+        if (NUM>0)
+        {
+            return AjaxResult.success();
+        }
+        return  AjaxResult.error();
+    }
+}
--- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/RemoteSensing/ENSOController.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/RemoteSensing/ENSOController.java
@ -0,0 +1,9 @@
+package com.ruoyi.web.controller.RemoteSensing;
+
+/**
+ * ENSO影响监测
+ * @Author: JinSheng Song
+ * @Date: 2022/5/11 9:12
+ */
+public class ENSOController {
+}
--- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/RemoteSensing/ForestController.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/RemoteSensing/ForestController.java
@ -0,0 +1,9 @@
+package com.ruoyi.web.controller.RemoteSensing;
+
+/**
+ * 森林监测
+ * @Author: JinSheng Song
+ * @Date: 2022/5/11 9:13
+ */
+public class ForestController {
+}
--- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/RemoteSensing/GlobalEcologyController.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/RemoteSensing/GlobalEcologyController.java
@ -0,0 +1,15 @@
+package com.ruoyi.web.controller.RemoteSensing;
+
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+/**
+ *全球生态环境监测
+     * @Author: JinSheng Song
+ * @Date: 2022/5/11 9:05
+ */
+@RestController
+@RequestMapping("/monitor/clobal")
+public class GlobalEcologyController {
+
+}
--- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/RemoteSensing/RegionVGIController.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/RemoteSensing/RegionVGIController.java
--- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/RemoteSensing/SpecialReportController.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/RemoteSensing/SpecialReportController.java
@ -0,0 +1,9 @@
+package com.ruoyi.web.controller.RemoteSensing;
+
+/**
+ * 专题报告
+ * @Author: JinSheng Song
+ * @Date: 2022/5/11 11:10
+ */
+public class SpecialReportController {
+}
--- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/RemoteSensing/UrbanController.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/RemoteSensing/UrbanController.java
@ -0,0 +1,9 @@
+package com.ruoyi.web.controller.RemoteSensing;
+
+/**
+ * 城市监测
+ * @Author: JinSheng Song
+ * @Date: 2022/5/11 10:55
+ */
+public class UrbanController {
+}
--- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/common/CaptchaController.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/common/CaptchaController.java
@ -6,10 +6,13 @@ import java.util.concurrent.TimeUnit;
 import javax.annotation.Resource;
 import javax.imageio.ImageIO;
 import javax.servlet.http.HttpServletResponse;
+import com.ruoyi.common.config.RuoYiConfig;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.beans.factory.annotation.Value;
+import org.springframework.stereotype.Component;
+import org.springframework.stereotype.Service;
 import org.springframework.util.FastByteArrayOutputStream;
 import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 import com.google.code.kaptcha.Producer;
 import com.ruoyi.common.constant.Constants;
@ -17,6 +20,7 @@ import com.ruoyi.common.core.domain.AjaxResult;
 import com.ruoyi.common.core.redis.RedisCache;
 import com.ruoyi.common.utils.sign.Base64;
 import com.ruoyi.common.utils.uuid.IdUtils;
+import com.ruoyi.system.service.ISysConfigService;

 /**
 * 验证码操作处理
@ -32,19 +36,25 @@ public class CaptchaController
    @Resource(name = "captchaProducerMath")
    private Producer captchaProducerMath;

-    @Autowired
+    @Resource
    private RedisCache redisCache;
    
-    // 验证码类型
-    @Value("${ruoyi.captchaType}")
-    private String captchaType;
-
+    @Resource
+    private ISysConfigService configService;
    /**
     * 生成验证码
     */
    @GetMapping("/captchaImage")
    public AjaxResult getCode(HttpServletResponse response) throws IOException
    {
+        AjaxResult ajax = AjaxResult.success();
+        boolean captchaOnOff = configService.selectCaptchaOnOff();
+        ajax.put("captchaOnOff", captchaOnOff);
+        if (!captchaOnOff)
+        {
+            return ajax;
+        }
+
        // 保存验证码信息
        String uuid = IdUtils.simpleUUID();
        String verifyKey = Constants.CAPTCHA_CODE_KEY + uuid;
@ -53,6 +63,7 @@ public class CaptchaController
        BufferedImage image = null;

        // 生成验证码
+        String captchaType = RuoYiConfig.getCaptchaType();
        if ("math".equals(captchaType))
        {
            String capText = captchaProducerMath.createText();
@ -78,7 +89,6 @@ public class CaptchaController
            return AjaxResult.error(e.getMessage());
        }

-        AjaxResult ajax = AjaxResult.success();
        ajax.put("uuid", uuid);
        ajax.put("img", Base64.encode(os.toByteArray()));
        return ajax;
--- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/common/CommonController.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/common/CommonController.java
@ -1,5 +1,7 @@
 package com.ruoyi.web.controller.common;

+import java.util.ArrayList;
+import java.util.List;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import org.slf4j.Logger;
@ -8,6 +10,7 @@ import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.MediaType;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 import org.springframework.web.multipart.MultipartFile;
 import com.ruoyi.common.config.RuoYiConfig;
@ -24,6 +27,7 @@ import com.ruoyi.framework.config.ServerConfig;
 * @author ruoyi
 */
@RestController
+@RequestMapping("/common")
 public class CommonController
 {
    private static final Logger log = LoggerFactory.getLogger(CommonController.class);
@ -31,13 +35,15 @@ public class CommonController
    @Autowired
    private ServerConfig serverConfig;

+    private static final String FILE_DELIMETER = ",";
+
    /**
     * 通用下载请求
     * 
     * @param fileName 文件名称
     * @param delete 是否删除
     */
-    @GetMapping("common/download")
+    @GetMapping("/download")
    public void fileDownload(String fileName, Boolean delete, HttpServletResponse response, HttpServletRequest request)
    {
        try
@ -64,9 +70,9 @@ public class CommonController
    }

    /**
-     * 通用上传请求
+     * 通用上传请求（单个）
     */
-    @PostMapping("/common/upload")
+    @PostMapping("/upload")
    public AjaxResult uploadFile(MultipartFile file) throws Exception
    {
        try
@ -77,8 +83,47 @@ public class CommonController
            String fileName = FileUploadUtils.upload(filePath, file);
            String url = serverConfig.getUrl() + fileName;
            AjaxResult ajax = AjaxResult.success();
-            ajax.put("fileName", fileName);
            ajax.put("url", url);
+            ajax.put("fileName", fileName);
+            ajax.put("newFileName", FileUtils.getName(fileName));
+            ajax.put("originalFilename", file.getOriginalFilename());
+            return ajax;
+        }
+        catch (Exception e)
+        {
+            return AjaxResult.error(e.getMessage());
+        }
+    }
+
+    /**
+     * 通用上传请求（多个）
+     */
+    @PostMapping("/uploads")
+    public AjaxResult uploadFiles(List<MultipartFile> files) throws Exception
+    {
+        try
+        {
+            // 上传文件路径
+            String filePath = RuoYiConfig.getUploadPath();
+            List<String> urls = new ArrayList<String>();
+            List<String> fileNames = new ArrayList<String>();
+            List<String> newFileNames = new ArrayList<String>();
+            List<String> originalFilenames = new ArrayList<String>();
+            for (MultipartFile file : files)
+            {
+                // 上传并返回新文件名称
+                String fileName = FileUploadUtils.upload(filePath, file);
+                String url = serverConfig.getUrl() + fileName;
+                urls.add(url);
+                fileNames.add(fileName);
+                newFileNames.add(FileUtils.getName(fileName));
+                originalFilenames.add(file.getOriginalFilename());
+            }
+            AjaxResult ajax = AjaxResult.success();
+            ajax.put("urls", StringUtils.join(urls, FILE_DELIMETER));
+            ajax.put("fileNames", StringUtils.join(fileNames, FILE_DELIMETER));
+            ajax.put("newFileNames", StringUtils.join(newFileNames, FILE_DELIMETER));
+            ajax.put("originalFilenames", StringUtils.join(originalFilenames, FILE_DELIMETER));
            return ajax;
        }
        catch (Exception e)
@ -90,7 +135,7 @@ public class CommonController
    /**
     * 本地资源通用下载
     */
-    @GetMapping("/common/download/resource")
+    @GetMapping("/download/resource")
    public void resourceDownload(String resource, HttpServletRequest request, HttpServletResponse response)
            throws Exception
    {
--- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/monitor/SysLogininforController.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/monitor/SysLogininforController.java
@ -1,11 +1,13 @@
 package com.ruoyi.web.controller.monitor;

 import java.util.List;
+import javax.servlet.http.HttpServletResponse;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.web.bind.annotation.DeleteMapping;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PathVariable;
+import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 import com.ruoyi.common.annotation.Log;
@ -40,12 +42,12 @@ public class SysLogininforController extends BaseController

    @Log(title = "登录日志", businessType = BusinessType.EXPORT)
    @PreAuthorize("@ss.hasPermi('monitor:logininfor:export')")
-    @GetMapping("/export")
-    public AjaxResult export(SysLogininfor logininfor)
+    @PostMapping("/export")
+    public void export(HttpServletResponse response, SysLogininfor logininfor)
    {
        List<SysLogininfor> list = logininforService.selectLogininforList(logininfor);
        ExcelUtil<SysLogininfor> util = new ExcelUtil<SysLogininfor>(SysLogininfor.class);
-        return util.exportExcel(list, "登录日志");
+        util.exportExcel(response, list, "登录日志");
    }

    @PreAuthorize("@ss.hasPermi('monitor:logininfor:remove')")
--- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/monitor/SysOperlogController.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/monitor/SysOperlogController.java
@ -1,11 +1,13 @@
 package com.ruoyi.web.controller.monitor;

 import java.util.List;
+import javax.servlet.http.HttpServletResponse;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.web.bind.annotation.DeleteMapping;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PathVariable;
+import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 import com.ruoyi.common.annotation.Log;
@ -40,14 +42,15 @@ public class SysOperlogController extends BaseController

    @Log(title = "操作日志", businessType = BusinessType.EXPORT)
    @PreAuthorize("@ss.hasPermi('monitor:operlog:export')")
-    @GetMapping("/export")
-    public AjaxResult export(SysOperLog operLog)
+    @PostMapping("/export")
+    public void export(HttpServletResponse response, SysOperLog operLog)
    {
        List<SysOperLog> list = operLogService.selectOperLogList(operLog);
        ExcelUtil<SysOperLog> util = new ExcelUtil<SysOperLog>(SysOperLog.class);
-        return util.exportExcel(list, "操作日志");
+        util.exportExcel(response, list, "操作日志");
    }

+    @Log(title = "操作日志", businessType = BusinessType.DELETE)
    @PreAuthorize("@ss.hasPermi('monitor:operlog:remove')")
    @DeleteMapping("/{operIds}")
    public AjaxResult remove(@PathVariable Long[] operIds)
--- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysConfigController.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysConfigController.java
@ -1,6 +1,7 @@
 package com.ruoyi.web.controller.system;

 import java.util.List;
+import javax.servlet.http.HttpServletResponse;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
@ -13,13 +14,11 @@ import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 import com.ruoyi.common.annotation.Log;
-import com.ruoyi.common.annotation.RepeatSubmit;
 import com.ruoyi.common.constant.UserConstants;
 import com.ruoyi.common.core.controller.BaseController;
 import com.ruoyi.common.core.domain.AjaxResult;
 import com.ruoyi.common.core.page.TableDataInfo;
 import com.ruoyi.common.enums.BusinessType;
-import com.ruoyi.common.utils.SecurityUtils;
 import com.ruoyi.common.utils.poi.ExcelUtil;
 import com.ruoyi.system.domain.SysConfig;
 import com.ruoyi.system.service.ISysConfigService;
@ -50,12 +49,12 @@ public class SysConfigController extends BaseController

    @Log(title = "参数管理", businessType = BusinessType.EXPORT)
    @PreAuthorize("@ss.hasPermi('system:config:export')")
-    @GetMapping("/export")
-    public AjaxResult export(SysConfig config)
+    @PostMapping("/export")
+    public void export(HttpServletResponse response, SysConfig config)
    {
        List<SysConfig> list = configService.selectConfigList(config);
        ExcelUtil<SysConfig> util = new ExcelUtil<SysConfig>(SysConfig.class);
-        return util.exportExcel(list, "参数数据");
+        util.exportExcel(response, list, "参数数据");
    }

    /**
@ -83,14 +82,13 @@ public class SysConfigController extends BaseController
    @PreAuthorize("@ss.hasPermi('system:config:add')")
    @Log(title = "参数管理", businessType = BusinessType.INSERT)
    @PostMapping
-    @RepeatSubmit
    public AjaxResult add(@Validated @RequestBody SysConfig config)
    {
        if (UserConstants.NOT_UNIQUE.equals(configService.checkConfigKeyUnique(config)))
        {
            return AjaxResult.error("新增参数'" + config.getConfigName() + "'失败，参数键名已存在");
        }
-        config.setCreateBy(SecurityUtils.getUsername());
+        config.setCreateBy(getUsername());
        return toAjax(configService.insertConfig(config));
    }

@ -106,7 +104,7 @@ public class SysConfigController extends BaseController
        {
            return AjaxResult.error("修改参数'" + config.getConfigName() + "'失败，参数键名已存在");
        }
-        config.setUpdateBy(SecurityUtils.getUsername());
+        config.setUpdateBy(getUsername());
        return toAjax(configService.updateConfig(config));
    }

@ -118,18 +116,19 @@ public class SysConfigController extends BaseController
    @DeleteMapping("/{configIds}")
    public AjaxResult remove(@PathVariable Long[] configIds)
    {
-        return toAjax(configService.deleteConfigByIds(configIds));
+        configService.deleteConfigByIds(configIds);
+        return success();
    }

    /**
-     * 清空缓存
+     * 刷新参数缓存
     */
    @PreAuthorize("@ss.hasPermi('system:config:remove')")
    @Log(title = "参数管理", businessType = BusinessType.CLEAN)
-    @DeleteMapping("/clearCache")
-    public AjaxResult clearCache()
+    @DeleteMapping("/refreshCache")
+    public AjaxResult refreshCache()
    {
-        configService.clearCache();
+        configService.resetConfigCache();
        return AjaxResult.success();
    }
 }
--- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysDeptController.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysDeptController.java
@ -20,7 +20,6 @@ import com.ruoyi.common.core.controller.BaseController;
 import com.ruoyi.common.core.domain.AjaxResult;
 import com.ruoyi.common.core.domain.entity.SysDept;
 import com.ruoyi.common.enums.BusinessType;
-import com.ruoyi.common.utils.SecurityUtils;
 import com.ruoyi.common.utils.StringUtils;
 import com.ruoyi.system.service.ISysDeptService;

@ -75,6 +74,7 @@ public class SysDeptController extends BaseController
    @GetMapping(value = "/{deptId}")
    public AjaxResult getInfo(@PathVariable Long deptId)
    {
+        deptService.checkDeptDataScope(deptId);
        return AjaxResult.success(deptService.selectDeptById(deptId));
    }

@ -113,7 +113,7 @@ public class SysDeptController extends BaseController
        {
            return AjaxResult.error("新增部门'" + dept.getDeptName() + "'失败，部门名称已存在");
        }
-        dept.setCreateBy(SecurityUtils.getUsername());
+        dept.setCreateBy(getUsername());
        return toAjax(deptService.insertDept(dept));
    }

@ -125,20 +125,21 @@ public class SysDeptController extends BaseController
    @PutMapping
    public AjaxResult edit(@Validated @RequestBody SysDept dept)
    {
+        Long deptId = dept.getDeptId();
+        deptService.checkDeptDataScope(deptId);
        if (UserConstants.NOT_UNIQUE.equals(deptService.checkDeptNameUnique(dept)))
        {
            return AjaxResult.error("修改部门'" + dept.getDeptName() + "'失败，部门名称已存在");
        }
-        else if (dept.getParentId().equals(dept.getDeptId()))
+        else if (dept.getParentId().equals(deptId))
        {
            return AjaxResult.error("修改部门'" + dept.getDeptName() + "'失败，上级部门不能是自己");
        }
-        else if (StringUtils.equals(UserConstants.DEPT_DISABLE, dept.getStatus())
-                && deptService.selectNormalChildrenDeptById(dept.getDeptId()) > 0)
+        else if (StringUtils.equals(UserConstants.DEPT_DISABLE, dept.getStatus()) && deptService.selectNormalChildrenDeptById(deptId) > 0)
        {
            return AjaxResult.error("该部门包含未停用的子部门！");
        }
-        dept.setUpdateBy(SecurityUtils.getUsername());
+        dept.setUpdateBy(getUsername());
        return toAjax(deptService.updateDept(dept));
    }

@ -158,6 +159,7 @@ public class SysDeptController extends BaseController
        {
            return AjaxResult.error("部门存在用户,不允许删除");
        }
+        deptService.checkDeptDataScope(deptId);
        return toAjax(deptService.deleteDeptById(deptId));
    }
 }
--- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysDictDataController.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysDictDataController.java
@ -2,6 +2,7 @@ package com.ruoyi.web.controller.system;

 import java.util.ArrayList;
 import java.util.List;
+import javax.servlet.http.HttpServletResponse;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
@ -19,7 +20,6 @@ import com.ruoyi.common.core.domain.AjaxResult;
 import com.ruoyi.common.core.domain.entity.SysDictData;
 import com.ruoyi.common.core.page.TableDataInfo;
 import com.ruoyi.common.enums.BusinessType;
-import com.ruoyi.common.utils.SecurityUtils;
 import com.ruoyi.common.utils.StringUtils;
 import com.ruoyi.common.utils.poi.ExcelUtil;
 import com.ruoyi.system.service.ISysDictDataService;
@ -51,12 +51,12 @@ public class SysDictDataController extends BaseController

    @Log(title = "字典数据", businessType = BusinessType.EXPORT)
    @PreAuthorize("@ss.hasPermi('system:dict:export')")
-    @GetMapping("/export")
-    public AjaxResult export(SysDictData dictData)
+    @PostMapping("/export")
+    public void export(HttpServletResponse response, SysDictData dictData)
    {
        List<SysDictData> list = dictDataService.selectDictDataList(dictData);
        ExcelUtil<SysDictData> util = new ExcelUtil<SysDictData>(SysDictData.class);
-        return util.exportExcel(list, "字典数据");
+        util.exportExcel(response, list, "字典数据");
    }

    /**
@ -91,7 +91,7 @@ public class SysDictDataController extends BaseController
    @PostMapping
    public AjaxResult add(@Validated @RequestBody SysDictData dict)
    {
-        dict.setCreateBy(SecurityUtils.getUsername());
+        dict.setCreateBy(getUsername());
        return toAjax(dictDataService.insertDictData(dict));
    }

@ -103,7 +103,7 @@ public class SysDictDataController extends BaseController
    @PutMapping
    public AjaxResult edit(@Validated @RequestBody SysDictData dict)
    {
-        dict.setUpdateBy(SecurityUtils.getUsername());
+        dict.setUpdateBy(getUsername());
        return toAjax(dictDataService.updateDictData(dict));
    }

@ -115,6 +115,7 @@ public class SysDictDataController extends BaseController
    @DeleteMapping("/{dictCodes}")
    public AjaxResult remove(@PathVariable Long[] dictCodes)
    {
-        return toAjax(dictDataService.deleteDictDataByIds(dictCodes));
+        dictDataService.deleteDictDataByIds(dictCodes);
+        return success();
    }
 }
--- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysDictTypeController.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysDictTypeController.java
@ -1,6 +1,7 @@
 package com.ruoyi.web.controller.system;

 import java.util.List;
+import javax.servlet.http.HttpServletResponse;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
@ -19,7 +20,6 @@ import com.ruoyi.common.core.domain.AjaxResult;
 import com.ruoyi.common.core.domain.entity.SysDictType;
 import com.ruoyi.common.core.page.TableDataInfo;
 import com.ruoyi.common.enums.BusinessType;
-import com.ruoyi.common.utils.SecurityUtils;
 import com.ruoyi.common.utils.poi.ExcelUtil;
 import com.ruoyi.system.service.ISysDictTypeService;

@ -46,12 +46,12 @@ public class SysDictTypeController extends BaseController

    @Log(title = "字典类型", businessType = BusinessType.EXPORT)
    @PreAuthorize("@ss.hasPermi('system:dict:export')")
-    @GetMapping("/export")
-    public AjaxResult export(SysDictType dictType)
+    @PostMapping("/export")
+    public void export(HttpServletResponse response, SysDictType dictType)
    {
        List<SysDictType> list = dictTypeService.selectDictTypeList(dictType);
        ExcelUtil<SysDictType> util = new ExcelUtil<SysDictType>(SysDictType.class);
-        return util.exportExcel(list, "字典类型");
+        util.exportExcel(response, list, "字典类型");
    }

    /**
@ -76,7 +76,7 @@ public class SysDictTypeController extends BaseController
        {
            return AjaxResult.error("新增字典'" + dict.getDictName() + "'失败，字典类型已存在");
        }
-        dict.setCreateBy(SecurityUtils.getUsername());
+        dict.setCreateBy(getUsername());
        return toAjax(dictTypeService.insertDictType(dict));
    }

@ -92,7 +92,7 @@ public class SysDictTypeController extends BaseController
        {
            return AjaxResult.error("修改字典'" + dict.getDictName() + "'失败，字典类型已存在");
        }
-        dict.setUpdateBy(SecurityUtils.getUsername());
+        dict.setUpdateBy(getUsername());
        return toAjax(dictTypeService.updateDictType(dict));
    }

@ -104,18 +104,19 @@ public class SysDictTypeController extends BaseController
    @DeleteMapping("/{dictIds}")
    public AjaxResult remove(@PathVariable Long[] dictIds)
    {
-        return toAjax(dictTypeService.deleteDictTypeByIds(dictIds));
+        dictTypeService.deleteDictTypeByIds(dictIds);
+        return success();
    }

    /**
-     * 清空缓存
+     * 刷新字典缓存
     */
    @PreAuthorize("@ss.hasPermi('system:dict:remove')")
    @Log(title = "字典类型", businessType = BusinessType.CLEAN)
-    @DeleteMapping("/clearCache")
-    public AjaxResult clearCache()
+    @DeleteMapping("/refreshCache")
+    public AjaxResult refreshCache()
    {
-        dictTypeService.clearCache();
+        dictTypeService.resetDictCache();
        return AjaxResult.success();
    }

--- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysIndexController.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysIndexController.java
@ -0,0 +1,29 @@
+package com.ruoyi.web.controller.system;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+import com.ruoyi.common.config.RuoYiConfig;
+import com.ruoyi.common.utils.StringUtils;
+
+/**
+ * 首页
+ *
+ * @author ruoyi
+ */
+@RestController
+public class SysIndexController
+{
+    /** 系统基础配置 */
+    @Autowired
+    private RuoYiConfig ruoyiConfig;
+
+    /**
+     * 访问首页，提示语
+     */
+    @RequestMapping("/")
+    public String index()
+    {
+        return StringUtils.format("欢迎使用{}后台管理框架，当前版本：v{}，请通过前端地址访问。", ruoyiConfig.getName(), ruoyiConfig.getVersion());
+    }
+}
--- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysLoginController.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysLoginController.java
@ -12,11 +12,9 @@ import com.ruoyi.common.core.domain.AjaxResult;
 import com.ruoyi.common.core.domain.entity.SysMenu;
 import com.ruoyi.common.core.domain.entity.SysUser;
 import com.ruoyi.common.core.domain.model.LoginBody;
-import com.ruoyi.common.core.domain.model.LoginUser;
-import com.ruoyi.common.utils.ServletUtils;
+import com.ruoyi.common.utils.SecurityUtils;
 import com.ruoyi.framework.web.service.SysLoginService;
 import com.ruoyi.framework.web.service.SysPermissionService;
-import com.ruoyi.framework.web.service.TokenService;
 import com.ruoyi.system.service.ISysMenuService;

 /**
@ -36,9 +34,6 @@ public class SysLoginController
    @Autowired
    private SysPermissionService permissionService;

-    @Autowired
-    private TokenService tokenService;
-
    /**
     * 登录方法
     * 
@ -64,8 +59,7 @@ public class SysLoginController
    @GetMapping("getInfo")
    public AjaxResult getInfo()
    {
-        LoginUser loginUser = tokenService.getLoginUser(ServletUtils.getRequest());
-        SysUser user = loginUser.getUser();
+        SysUser user = SecurityUtils.getLoginUser().getUser();
        // 角色集合
        Set<String> roles = permissionService.getRolePermission(user);
        // 权限集合
@ -85,10 +79,8 @@ public class SysLoginController
    @GetMapping("getRouters")
    public AjaxResult getRouters()
    {
-        LoginUser loginUser = tokenService.getLoginUser(ServletUtils.getRequest());
-        // 用户信息
-        SysUser user = loginUser.getUser();
-        List<SysMenu> menus = menuService.selectMenuTreeByUserId(user.getUserId());
+        Long userId = SecurityUtils.getUserId();
+        List<SysMenu> menus = menuService.selectMenuTreeByUserId(userId);
        return AjaxResult.success(menuService.buildMenus(menus));
    }
 }
--- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysMenuController.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysMenuController.java
@ -13,17 +13,12 @@ import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 import com.ruoyi.common.annotation.Log;
-import com.ruoyi.common.constant.Constants;
 import com.ruoyi.common.constant.UserConstants;
 import com.ruoyi.common.core.controller.BaseController;
 import com.ruoyi.common.core.domain.AjaxResult;
 import com.ruoyi.common.core.domain.entity.SysMenu;
-import com.ruoyi.common.core.domain.model.LoginUser;
 import com.ruoyi.common.enums.BusinessType;
-import com.ruoyi.common.utils.SecurityUtils;
-import com.ruoyi.common.utils.ServletUtils;
 import com.ruoyi.common.utils.StringUtils;
-import com.ruoyi.framework.web.service.TokenService;
 import com.ruoyi.system.service.ISysMenuService;

 /**
@ -38,9 +33,6 @@ public class SysMenuController extends BaseController
    @Autowired
    private ISysMenuService menuService;

-    @Autowired
-    private TokenService tokenService;
-
    /**
     * 获取菜单列表
     */
@ -48,9 +40,7 @@ public class SysMenuController extends BaseController
    @GetMapping("/list")
    public AjaxResult list(SysMenu menu)
    {
-        LoginUser loginUser = tokenService.getLoginUser(ServletUtils.getRequest());
-        Long userId = loginUser.getUser().getUserId();
-        List<SysMenu> menus = menuService.selectMenuList(menu, userId);
+        List<SysMenu> menus = menuService.selectMenuList(menu, getUserId());
        return AjaxResult.success(menus);
    }

@ -70,9 +60,7 @@ public class SysMenuController extends BaseController
    @GetMapping("/treeselect")
    public AjaxResult treeselect(SysMenu menu)
    {
-        LoginUser loginUser = tokenService.getLoginUser(ServletUtils.getRequest());
-        Long userId = loginUser.getUser().getUserId();
-        List<SysMenu> menus = menuService.selectMenuList(menu, userId);
+        List<SysMenu> menus = menuService.selectMenuList(menu, getUserId());
        return AjaxResult.success(menuService.buildMenuTreeSelect(menus));
    }

@ -82,8 +70,7 @@ public class SysMenuController extends BaseController
    @GetMapping(value = "/roleMenuTreeselect/{roleId}")
    public AjaxResult roleMenuTreeselect(@PathVariable("roleId") Long roleId)
    {
-        LoginUser loginUser = tokenService.getLoginUser(ServletUtils.getRequest());
-        List<SysMenu> menus = menuService.selectMenuList(loginUser.getUser().getUserId());
+        List<SysMenu> menus = menuService.selectMenuList(getUserId());
        AjaxResult ajax = AjaxResult.success();
        ajax.put("checkedKeys", menuService.selectMenuListByRoleId(roleId));
        ajax.put("menus", menuService.buildMenuTreeSelect(menus));
@ -102,12 +89,11 @@ public class SysMenuController extends BaseController
        {
            return AjaxResult.error("新增菜单'" + menu.getMenuName() + "'失败，菜单名称已存在");
        }
-        else if (UserConstants.YES_FRAME.equals(menu.getIsFrame())
-                && !StringUtils.startsWithAny(menu.getPath(), Constants.HTTP, Constants.HTTPS))
+        else if (UserConstants.YES_FRAME.equals(menu.getIsFrame()) && !StringUtils.ishttp(menu.getPath()))
        {
            return AjaxResult.error("新增菜单'" + menu.getMenuName() + "'失败，地址必须以http(s)://开头");
        }
-        menu.setCreateBy(SecurityUtils.getUsername());
+        menu.setCreateBy(getUsername());
        return toAjax(menuService.insertMenu(menu));
    }

@ -123,8 +109,7 @@ public class SysMenuController extends BaseController
        {
            return AjaxResult.error("修改菜单'" + menu.getMenuName() + "'失败，菜单名称已存在");
        }
-        else if (UserConstants.YES_FRAME.equals(menu.getIsFrame())
-                && !StringUtils.startsWithAny(menu.getPath(), Constants.HTTP, Constants.HTTPS))
+        else if (UserConstants.YES_FRAME.equals(menu.getIsFrame()) && !StringUtils.ishttp(menu.getPath()))
        {
            return AjaxResult.error("修改菜单'" + menu.getMenuName() + "'失败，地址必须以http(s)://开头");
        }
@ -132,7 +117,7 @@ public class SysMenuController extends BaseController
        {
            return AjaxResult.error("修改菜单'" + menu.getMenuName() + "'失败，上级菜单不能选择自己");
        }
-        menu.setUpdateBy(SecurityUtils.getUsername());
+        menu.setUpdateBy(getUsername());
        return toAjax(menuService.updateMenu(menu));
    }

--- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysNoticeController.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysNoticeController.java
@ -17,7 +17,6 @@ import com.ruoyi.common.core.controller.BaseController;
 import com.ruoyi.common.core.domain.AjaxResult;
 import com.ruoyi.common.core.page.TableDataInfo;
 import com.ruoyi.common.enums.BusinessType;
-import com.ruoyi.common.utils.SecurityUtils;
 import com.ruoyi.system.domain.SysNotice;
 import com.ruoyi.system.service.ISysNoticeService;

@ -63,7 +62,7 @@ public class SysNoticeController extends BaseController
    @PostMapping
    public AjaxResult add(@Validated @RequestBody SysNotice notice)
    {
-        notice.setCreateBy(SecurityUtils.getUsername());
+        notice.setCreateBy(getUsername());
        return toAjax(noticeService.insertNotice(notice));
    }

@ -75,7 +74,7 @@ public class SysNoticeController extends BaseController
    @PutMapping
    public AjaxResult edit(@Validated @RequestBody SysNotice notice)
    {
-        notice.setUpdateBy(SecurityUtils.getUsername());
+        notice.setUpdateBy(getUsername());
        return toAjax(noticeService.updateNotice(notice));
    }

--- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysPostController.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysPostController.java
@ -1,6 +1,7 @@
 package com.ruoyi.web.controller.system;

 import java.util.List;
+import javax.servlet.http.HttpServletResponse;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
@ -18,7 +19,6 @@ import com.ruoyi.common.core.controller.BaseController;
 import com.ruoyi.common.core.domain.AjaxResult;
 import com.ruoyi.common.core.page.TableDataInfo;
 import com.ruoyi.common.enums.BusinessType;
-import com.ruoyi.common.utils.SecurityUtils;
 import com.ruoyi.common.utils.poi.ExcelUtil;
 import com.ruoyi.system.domain.SysPost;
 import com.ruoyi.system.service.ISysPostService;
@ -49,12 +49,12 @@ public class SysPostController extends BaseController
    
    @Log(title = "岗位管理", businessType = BusinessType.EXPORT)
    @PreAuthorize("@ss.hasPermi('system:post:export')")
-    @GetMapping("/export")
-    public AjaxResult export(SysPost post)
+    @PostMapping("/export")
+    public void export(HttpServletResponse response, SysPost post)
    {
        List<SysPost> list = postService.selectPostList(post);
        ExcelUtil<SysPost> util = new ExcelUtil<SysPost>(SysPost.class);
-        return util.exportExcel(list, "岗位数据");
+        util.exportExcel(response, list, "岗位数据");
    }

    /**
@ -83,7 +83,7 @@ public class SysPostController extends BaseController
        {
            return AjaxResult.error("新增岗位'" + post.getPostName() + "'失败，岗位编码已存在");
        }
-        post.setCreateBy(SecurityUtils.getUsername());
+        post.setCreateBy(getUsername());
        return toAjax(postService.insertPost(post));
    }

@ -103,7 +103,7 @@ public class SysPostController extends BaseController
        {
            return AjaxResult.error("修改岗位'" + post.getPostName() + "'失败，岗位编码已存在");
        }
-        post.setUpdateBy(SecurityUtils.getUsername());
+        post.setUpdateBy(getUsername());
        return toAjax(postService.updatePost(post));
    }

--- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysProfileController.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysProfileController.java
@ -12,13 +12,14 @@ import org.springframework.web.bind.annotation.RestController;
 import org.springframework.web.multipart.MultipartFile;
 import com.ruoyi.common.annotation.Log;
 import com.ruoyi.common.config.RuoYiConfig;
+import com.ruoyi.common.constant.UserConstants;
 import com.ruoyi.common.core.controller.BaseController;
 import com.ruoyi.common.core.domain.AjaxResult;
 import com.ruoyi.common.core.domain.entity.SysUser;
 import com.ruoyi.common.core.domain.model.LoginUser;
 import com.ruoyi.common.enums.BusinessType;
 import com.ruoyi.common.utils.SecurityUtils;
-import com.ruoyi.common.utils.ServletUtils;
+import com.ruoyi.common.utils.StringUtils;
 import com.ruoyi.common.utils.file.FileUploadUtils;
 import com.ruoyi.framework.web.service.TokenService;
 import com.ruoyi.system.service.ISysUserService;
@ -44,7 +45,7 @@ public class SysProfileController extends BaseController
    @GetMapping
    public AjaxResult profile()
    {
-        LoginUser loginUser = tokenService.getLoginUser(ServletUtils.getRequest());
+        LoginUser loginUser = getLoginUser();
        SysUser user = loginUser.getUser();
        AjaxResult ajax = AjaxResult.success(user);
        ajax.put("roleGroup", userService.selectUserRoleGroup(loginUser.getUsername()));
@ -59,14 +60,28 @@ public class SysProfileController extends BaseController
    @PutMapping
    public AjaxResult updateProfile(@RequestBody SysUser user)
    {
+        LoginUser loginUser = getLoginUser();
+        SysUser sysUser = loginUser.getUser();
+        user.setUserName(sysUser.getUserName());
+        if (StringUtils.isNotEmpty(user.getPhonenumber())
+                && UserConstants.NOT_UNIQUE.equals(userService.checkPhoneUnique(user)))
+        {
+            return AjaxResult.error("修改用户'" + user.getUserName() + "'失败，手机号码已存在");
+        }
+        if (StringUtils.isNotEmpty(user.getEmail())
+                && UserConstants.NOT_UNIQUE.equals(userService.checkEmailUnique(user)))
+        {
+            return AjaxResult.error("修改用户'" + user.getUserName() + "'失败，邮箱账号已存在");
+        }
+        user.setUserId(sysUser.getUserId());
+        user.setPassword(null);
        if (userService.updateUserProfile(user) > 0)
        {
-            LoginUser loginUser = tokenService.getLoginUser(ServletUtils.getRequest());
            // 更新缓存用户信息
-            loginUser.getUser().setNickName(user.getNickName());
-            loginUser.getUser().setPhonenumber(user.getPhonenumber());
-            loginUser.getUser().setEmail(user.getEmail());
-            loginUser.getUser().setSex(user.getSex());
+            sysUser.setNickName(user.getNickName());
+            sysUser.setPhonenumber(user.getPhonenumber());
+            sysUser.setEmail(user.getEmail());
+            sysUser.setSex(user.getSex());
            tokenService.setLoginUser(loginUser);
            return AjaxResult.success();
        }
@ -80,7 +95,7 @@ public class SysProfileController extends BaseController
    @PutMapping("/updatePwd")
    public AjaxResult updatePwd(String oldPassword, String newPassword)
    {
-        LoginUser loginUser = tokenService.getLoginUser(ServletUtils.getRequest());
+        LoginUser loginUser = getLoginUser();
        String userName = loginUser.getUsername();
        String password = loginUser.getPassword();
        if (!SecurityUtils.matchesPassword(oldPassword, password))
@ -110,7 +125,7 @@ public class SysProfileController extends BaseController
    {
        if (!file.isEmpty())
        {
-            LoginUser loginUser = tokenService.getLoginUser(ServletUtils.getRequest());
+            LoginUser loginUser = getLoginUser();
            String avatar = FileUploadUtils.upload(RuoYiConfig.getAvatarPath(), file);
            if (userService.updateUserAvatar(loginUser.getUsername(), avatar))
            {
--- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysRegisterController.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysRegisterController.java
@ -0,0 +1,38 @@
+package com.ruoyi.web.controller.system;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RestController;
+import com.ruoyi.common.core.controller.BaseController;
+import com.ruoyi.common.core.domain.AjaxResult;
+import com.ruoyi.common.core.domain.model.RegisterBody;
+import com.ruoyi.common.utils.StringUtils;
+import com.ruoyi.framework.web.service.SysRegisterService;
+import com.ruoyi.system.service.ISysConfigService;
+
+/**
+ * 注册验证
+ * 
+ * @author ruoyi
+ */
+@RestController
+public class SysRegisterController extends BaseController
+{
+    @Autowired
+    private SysRegisterService registerService;
+
+    @Autowired
+    private ISysConfigService configService;
+
+    @PostMapping("/register")
+    public AjaxResult register(@RequestBody RegisterBody user)
+    {
+        if (!("true".equals(configService.selectConfigByKey("sys.account.registerUser"))))
+        {
+            return error("当前系统没有开启注册功能！");
+        }
+        String msg = registerService.register(user);
+        return StringUtils.isEmpty(msg) ? success() : error(msg);
+    }
+}
--- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysRoleController.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysRoleController.java
@ -1,6 +1,7 @@
 package com.ruoyi.web.controller.system;

 import java.util.List;
+import javax.servlet.http.HttpServletResponse;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
@ -17,15 +18,15 @@ import com.ruoyi.common.constant.UserConstants;
 import com.ruoyi.common.core.controller.BaseController;
 import com.ruoyi.common.core.domain.AjaxResult;
 import com.ruoyi.common.core.domain.entity.SysRole;
+import com.ruoyi.common.core.domain.entity.SysUser;
 import com.ruoyi.common.core.domain.model.LoginUser;
 import com.ruoyi.common.core.page.TableDataInfo;
 import com.ruoyi.common.enums.BusinessType;
-import com.ruoyi.common.utils.SecurityUtils;
-import com.ruoyi.common.utils.ServletUtils;
 import com.ruoyi.common.utils.StringUtils;
 import com.ruoyi.common.utils.poi.ExcelUtil;
 import com.ruoyi.framework.web.service.SysPermissionService;
 import com.ruoyi.framework.web.service.TokenService;
+import com.ruoyi.system.domain.SysUserRole;
 import com.ruoyi.system.service.ISysRoleService;
 import com.ruoyi.system.service.ISysUserService;

@ -61,12 +62,12 @@ public class SysRoleController extends BaseController

    @Log(title = "角色管理", businessType = BusinessType.EXPORT)
    @PreAuthorize("@ss.hasPermi('system:role:export')")
-    @GetMapping("/export")
-    public AjaxResult export(SysRole role)
+    @PostMapping("/export")
+    public void export(HttpServletResponse response, SysRole role)
    {
        List<SysRole> list = roleService.selectRoleList(role);
        ExcelUtil<SysRole> util = new ExcelUtil<SysRole>(SysRole.class);
-        return util.exportExcel(list, "角色数据");
+        util.exportExcel(response, list, "角色数据");
    }

    /**
@ -76,6 +77,7 @@ public class SysRoleController extends BaseController
    @GetMapping(value = "/{roleId}")
    public AjaxResult getInfo(@PathVariable Long roleId)
    {
+        roleService.checkRoleDataScope(roleId);
        return AjaxResult.success(roleService.selectRoleById(roleId));
    }

@ -95,7 +97,7 @@ public class SysRoleController extends BaseController
        {
            return AjaxResult.error("新增角色'" + role.getRoleName() + "'失败，角色权限已存在");
        }
-        role.setCreateBy(SecurityUtils.getUsername());
+        role.setCreateBy(getUsername());
        return toAjax(roleService.insertRole(role));

    }
@ -109,6 +111,7 @@ public class SysRoleController extends BaseController
    public AjaxResult edit(@Validated @RequestBody SysRole role)
    {
        roleService.checkRoleAllowed(role);
+        roleService.checkRoleDataScope(role.getRoleId());
        if (UserConstants.NOT_UNIQUE.equals(roleService.checkRoleNameUnique(role)))
        {
            return AjaxResult.error("修改角色'" + role.getRoleName() + "'失败，角色名称已存在");
@ -117,12 +120,12 @@ public class SysRoleController extends BaseController
        {
            return AjaxResult.error("修改角色'" + role.getRoleName() + "'失败，角色权限已存在");
        }
-        role.setUpdateBy(SecurityUtils.getUsername());
+        role.setUpdateBy(getUsername());
        
        if (roleService.updateRole(role) > 0)
        {
            // 更新缓存用户权限
-            LoginUser loginUser = tokenService.getLoginUser(ServletUtils.getRequest());
+            LoginUser loginUser = getLoginUser();
            if (StringUtils.isNotNull(loginUser.getUser()) && !loginUser.getUser().isAdmin())
            {
                loginUser.setPermissions(permissionService.getMenuPermission(loginUser.getUser()));
@ -143,6 +146,7 @@ public class SysRoleController extends BaseController
    public AjaxResult dataScope(@RequestBody SysRole role)
    {
        roleService.checkRoleAllowed(role);
+        roleService.checkRoleDataScope(role.getRoleId());
        return toAjax(roleService.authDataScope(role));
    }

@ -155,7 +159,8 @@ public class SysRoleController extends BaseController
    public AjaxResult changeStatus(@RequestBody SysRole role)
    {
        roleService.checkRoleAllowed(role);
-        role.setUpdateBy(SecurityUtils.getUsername());
+        roleService.checkRoleDataScope(role.getRoleId());
+        role.setUpdateBy(getUsername());
        return toAjax(roleService.updateRoleStatus(role));
    }

@ -179,4 +184,62 @@ public class SysRoleController extends BaseController
    {
        return AjaxResult.success(roleService.selectRoleAll());
    }
+
+    /**
+     * 查询已分配用户角色列表
+     */
+    @PreAuthorize("@ss.hasPermi('system:role:list')")
+    @GetMapping("/authUser/allocatedList")
+    public TableDataInfo allocatedList(SysUser user)
+    {
+        startPage();
+        List<SysUser> list = userService.selectAllocatedList(user);
+        return getDataTable(list);
+    }
+
+    /**
+     * 查询未分配用户角色列表
+     */
+    @PreAuthorize("@ss.hasPermi('system:role:list')")
+    @GetMapping("/authUser/unallocatedList")
+    public TableDataInfo unallocatedList(SysUser user)
+    {
+        startPage();
+        List<SysUser> list = userService.selectUnallocatedList(user);
+        return getDataTable(list);
+    }
+
+    /**
+     * 取消授权用户
+     */
+    @PreAuthorize("@ss.hasPermi('system:role:edit')")
+    @Log(title = "角色管理", businessType = BusinessType.GRANT)
+    @PutMapping("/authUser/cancel")
+    public AjaxResult cancelAuthUser(@RequestBody SysUserRole userRole)
+    {
+        return toAjax(roleService.deleteAuthUser(userRole));
+    }
+
+    /**
+     * 批量取消授权用户
+     */
+    @PreAuthorize("@ss.hasPermi('system:role:edit')")
+    @Log(title = "角色管理", businessType = BusinessType.GRANT)
+    @PutMapping("/authUser/cancelAll")
+    public AjaxResult cancelAuthUserAll(Long roleId, Long[] userIds)
+    {
+        return toAjax(roleService.deleteAuthUsers(roleId, userIds));
+    }
+
+    /**
+     * 批量选择用户授权
+     */
+    @PreAuthorize("@ss.hasPermi('system:role:edit')")
+    @Log(title = "角色管理", businessType = BusinessType.GRANT)
+    @PutMapping("/authUser/selectAll")
+    public AjaxResult selectAuthUserAll(Long roleId, Long[] userIds)
+    {
+        roleService.checkRoleDataScope(roleId);
+        return toAjax(roleService.insertAuthUsers(roleId, userIds));
+    }
 }
--- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysUserController.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysUserController.java
@ -2,6 +2,8 @@ package com.ruoyi.web.controller.system;

 import java.util.List;
 import java.util.stream.Collectors;
+import javax.servlet.http.HttpServletResponse;
+import org.apache.commons.lang3.ArrayUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
@ -20,14 +22,11 @@ import com.ruoyi.common.core.controller.BaseController;
 import com.ruoyi.common.core.domain.AjaxResult;
 import com.ruoyi.common.core.domain.entity.SysRole;
 import com.ruoyi.common.core.domain.entity.SysUser;
-import com.ruoyi.common.core.domain.model.LoginUser;
 import com.ruoyi.common.core.page.TableDataInfo;
 import com.ruoyi.common.enums.BusinessType;
 import com.ruoyi.common.utils.SecurityUtils;
-import com.ruoyi.common.utils.ServletUtils;
 import com.ruoyi.common.utils.StringUtils;
 import com.ruoyi.common.utils.poi.ExcelUtil;
-import com.ruoyi.framework.web.service.TokenService;
 import com.ruoyi.system.service.ISysPostService;
 import com.ruoyi.system.service.ISysRoleService;
 import com.ruoyi.system.service.ISysUserService;
@ -50,9 +49,6 @@ public class SysUserController extends BaseController
    @Autowired
    private ISysPostService postService;

-    @Autowired
-    private TokenService tokenService;
-
    /**
     * 获取用户列表
     */
@ -67,12 +63,12 @@ public class SysUserController extends BaseController

    @Log(title = "用户管理", businessType = BusinessType.EXPORT)
    @PreAuthorize("@ss.hasPermi('system:user:export')")
-    @GetMapping("/export")
-    public AjaxResult export(SysUser user)
+    @PostMapping("/export")
+    public void export(HttpServletResponse response, SysUser user)
    {
        List<SysUser> list = userService.selectUserList(user);
        ExcelUtil<SysUser> util = new ExcelUtil<SysUser>(SysUser.class);
-        return util.exportExcel(list, "用户数据");
+        util.exportExcel(response, list, "用户数据");
    }

    @Log(title = "用户管理", businessType = BusinessType.IMPORT)
@ -82,17 +78,16 @@ public class SysUserController extends BaseController
    {
        ExcelUtil<SysUser> util = new ExcelUtil<SysUser>(SysUser.class);
        List<SysUser> userList = util.importExcel(file.getInputStream());
-        LoginUser loginUser = tokenService.getLoginUser(ServletUtils.getRequest());
-        String operName = loginUser.getUsername();
+        String operName = getUsername();
        String message = userService.importUser(userList, updateSupport, operName);
        return AjaxResult.success(message);
    }

-    @GetMapping("/importTemplate")
-    public AjaxResult importTemplate()
+    @PostMapping("/importTemplate")
+    public void importTemplate(HttpServletResponse response)
    {
        ExcelUtil<SysUser> util = new ExcelUtil<SysUser>(SysUser.class);
-        return util.importTemplateExcel("用户数据");
+        util.importTemplateExcel(response, "用户数据");
    }

    /**
@ -102,15 +97,17 @@ public class SysUserController extends BaseController
    @GetMapping(value = { "/", "/{userId}" })
    public AjaxResult getInfo(@PathVariable(value = "userId", required = false) Long userId)
    {
+        userService.checkUserDataScope(userId);
        AjaxResult ajax = AjaxResult.success();
        List<SysRole> roles = roleService.selectRoleAll();
        ajax.put("roles", SysUser.isAdmin(userId) ? roles : roles.stream().filter(r -> !r.isAdmin()).collect(Collectors.toList()));
        ajax.put("posts", postService.selectPostAll());
        if (StringUtils.isNotNull(userId))
        {
-            ajax.put(AjaxResult.DATA_TAG, userService.selectUserById(userId));
+            SysUser sysUser = userService.selectUserById(userId);
+            ajax.put(AjaxResult.DATA_TAG, sysUser);
            ajax.put("postIds", postService.selectPostListByUserId(userId));
-            ajax.put("roleIds", roleService.selectRoleListByUserId(userId));
+            ajax.put("roleIds", sysUser.getRoles().stream().map(SysRole::getRoleId).collect(Collectors.toList()));
        }
        return ajax;
    }
@ -137,7 +134,7 @@ public class SysUserController extends BaseController
        {
            return AjaxResult.error("新增用户'" + user.getUserName() + "'失败，邮箱账号已存在");
        }
-        user.setCreateBy(SecurityUtils.getUsername());
+        user.setCreateBy(getUsername());
        user.setPassword(SecurityUtils.encryptPassword(user.getPassword()));
        return toAjax(userService.insertUser(user));
    }
@ -151,6 +148,7 @@ public class SysUserController extends BaseController
    public AjaxResult edit(@Validated @RequestBody SysUser user)
    {
        userService.checkUserAllowed(user);
+        userService.checkUserDataScope(user.getUserId());
        if (StringUtils.isNotEmpty(user.getPhonenumber())
                && UserConstants.NOT_UNIQUE.equals(userService.checkPhoneUnique(user)))
        {
@ -161,7 +159,7 @@ public class SysUserController extends BaseController
        {
            return AjaxResult.error("修改用户'" + user.getUserName() + "'失败，邮箱账号已存在");
        }
-        user.setUpdateBy(SecurityUtils.getUsername());
+        user.setUpdateBy(getUsername());
        return toAjax(userService.updateUser(user));
    }

@ -173,6 +171,10 @@ public class SysUserController extends BaseController
    @DeleteMapping("/{userIds}")
    public AjaxResult remove(@PathVariable Long[] userIds)
    {
+        if (ArrayUtils.contains(userIds, getUserId()))
+        {
+            return error("当前用户不能删除");
+        }
        return toAjax(userService.deleteUserByIds(userIds));
    }

@ -185,8 +187,9 @@ public class SysUserController extends BaseController
    public AjaxResult resetPwd(@RequestBody SysUser user)
    {
        userService.checkUserAllowed(user);
+        userService.checkUserDataScope(user.getUserId());
        user.setPassword(SecurityUtils.encryptPassword(user.getPassword()));
-        user.setUpdateBy(SecurityUtils.getUsername());
+        user.setUpdateBy(getUsername());
        return toAjax(userService.resetPwd(user));
    }

@ -199,7 +202,36 @@ public class SysUserController extends BaseController
    public AjaxResult changeStatus(@RequestBody SysUser user)
    {
        userService.checkUserAllowed(user);
-        user.setUpdateBy(SecurityUtils.getUsername());
+        userService.checkUserDataScope(user.getUserId());
+        user.setUpdateBy(getUsername());
        return toAjax(userService.updateUserStatus(user));
    }
+
+    /**
+     * 根据用户编号获取授权角色
+     */
+    @PreAuthorize("@ss.hasPermi('system:user:query')")
+    @GetMapping("/authRole/{userId}")
+    public AjaxResult authRole(@PathVariable("userId") Long userId)
+    {
+        AjaxResult ajax = AjaxResult.success();
+        SysUser user = userService.selectUserById(userId);
+        List<SysRole> roles = roleService.selectRolesByUserId(userId);
+        ajax.put("user", user);
+        ajax.put("roles", SysUser.isAdmin(userId) ? roles : roles.stream().filter(r -> !r.isAdmin()).collect(Collectors.toList()));
+        return ajax;
+    }
+
+    /**
+     * 用户授权角色
+     */
+    @PreAuthorize("@ss.hasPermi('system:user:edit')")
+    @Log(title = "用户管理", businessType = BusinessType.GRANT)
+    @PutMapping("/authRole")
+    public AjaxResult insertAuthRole(Long userId, Long[] roleIds)
+    {
+        userService.checkUserDataScope(userId);
+        userService.insertUserAuth(userId, roleIds);
+        return success();
+    }
 }
--- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/tool/TestController.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/tool/TestController.java
@ -9,6 +9,7 @@ import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.PutMapping;
+import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 import com.ruoyi.common.core.controller.BaseController;
@ -16,6 +17,7 @@ import com.ruoyi.common.core.domain.AjaxResult;
 import com.ruoyi.common.utils.StringUtils;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiImplicitParam;
+import io.swagger.annotations.ApiImplicitParams;
 import io.swagger.annotations.ApiModel;
 import io.swagger.annotations.ApiModelProperty;
 import io.swagger.annotations.ApiOperation;
@ -45,7 +47,7 @@ public class TestController extends BaseController
    }

    @ApiOperation("获取用户详细")
-    @ApiImplicitParam(name = "userId", value = "用户ID", required = true, dataType = "int", paramType = "path")
+    @ApiImplicitParam(name = "userId", value = "用户ID", required = true, dataType = "int", paramType = "path", dataTypeClass = Integer.class)
    @GetMapping("/{userId}")
    public AjaxResult getUser(@PathVariable Integer userId)
    {
@ -55,57 +57,61 @@ public class TestController extends BaseController
        }
        else
        {
-            return AjaxResult.error("用户不存在");
+            return error("用户不存在");
        }
    }

    @ApiOperation("新增用户")
-    @ApiImplicitParam(name = "userEntity", value = "新增用户信息", dataType = "UserEntity")
+    @ApiImplicitParams({
+        @ApiImplicitParam(name = "userId", value = "用户id", dataType = "Integer", dataTypeClass = Integer.class),
+        @ApiImplicitParam(name = "username", value = "用户名称", dataType = "String", dataTypeClass = String.class),
+        @ApiImplicitParam(name = "password", value = "用户密码", dataType = "String", dataTypeClass = String.class),
+        @ApiImplicitParam(name = "mobile", value = "用户手机", dataType = "String", dataTypeClass = String.class)
+    })
    @PostMapping("/save")
    public AjaxResult save(UserEntity user)
    {
        if (StringUtils.isNull(user) || StringUtils.isNull(user.getUserId()))
        {
-            return AjaxResult.error("用户ID不能为空");
+            return error("用户ID不能为空");
        }
        return AjaxResult.success(users.put(user.getUserId(), user));
    }

    @ApiOperation("更新用户")
-    @ApiImplicitParam(name = "userEntity", value = "新增用户信息", dataType = "UserEntity")
    @PutMapping("/update")
-    public AjaxResult update(UserEntity user)
+    public AjaxResult update(@RequestBody UserEntity user)
    {
        if (StringUtils.isNull(user) || StringUtils.isNull(user.getUserId()))
        {
-            return AjaxResult.error("用户ID不能为空");
+            return error("用户ID不能为空");
        }
        if (users.isEmpty() || !users.containsKey(user.getUserId()))
        {
-            return AjaxResult.error("用户不存在");
+            return error("用户不存在");
        }
        users.remove(user.getUserId());
        return AjaxResult.success(users.put(user.getUserId(), user));
    }

    @ApiOperation("删除用户信息")
-    @ApiImplicitParam(name = "userId", value = "用户ID", required = true, dataType = "int", paramType = "path")
+    @ApiImplicitParam(name = "userId", value = "用户ID", required = true, dataType = "int", paramType = "path", dataTypeClass = Integer.class)
    @DeleteMapping("/{userId}")
    public AjaxResult delete(@PathVariable Integer userId)
    {
        if (!users.isEmpty() && users.containsKey(userId))
        {
            users.remove(userId);
-            return AjaxResult.success();
+            return success();
        }
        else
        {
-            return AjaxResult.error("用户不存在");
+            return error("用户不存在");
        }
    }
 }

-@ApiModel("用户实体")
+@ApiModel(value = "UserEntity", description = "用户实体")
 class UserEntity
 {
    @ApiModelProperty("用户ID")
--- a/ruoyi-admin/src/main/java/com/ruoyi/web/core/config/SwaggerConfig.java
+++ b/ruoyi-admin/src/main/java/com/ruoyi/web/core/config/SwaggerConfig.java
@ -8,6 +8,7 @@ import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import com.ruoyi.common.config.RuoYiConfig;
 import io.swagger.annotations.ApiOperation;
+import io.swagger.models.auth.In;
 import springfox.documentation.builders.ApiInfoBuilder;
 import springfox.documentation.builders.PathSelectors;
 import springfox.documentation.builders.RequestHandlerSelectors;
@ -16,10 +17,10 @@ import springfox.documentation.service.ApiKey;
 import springfox.documentation.service.AuthorizationScope;
 import springfox.documentation.service.Contact;
 import springfox.documentation.service.SecurityReference;
+import springfox.documentation.service.SecurityScheme;
 import springfox.documentation.spi.DocumentationType;
 import springfox.documentation.spi.service.contexts.SecurityContext;
 import springfox.documentation.spring.web.plugins.Docket;
-import springfox.documentation.swagger2.annotations.EnableSwagger2;

 /**
 * Swagger2的接口配置
@ -27,7 +28,6 @@ import springfox.documentation.swagger2.annotations.EnableSwagger2;
 * @author ruoyi
 */
@Configuration
-@EnableSwagger2
 public class SwaggerConfig
 {
    /** 系统基础配置 */
@ -48,7 +48,7 @@ public class SwaggerConfig
    @Bean
    public Docket createRestApi()
    {
-        return new Docket(DocumentationType.SWAGGER_2)
+        return new Docket(DocumentationType.OAS_30)
                // 是否启用Swagger
                .enable(enabled)
                // 用来创建该API的基本信息，展示在文档的页面中（自定义展示的信息）
@ -71,10 +71,10 @@ public class SwaggerConfig
    /**
     * 安全模式，这里指定token通过Authorization头请求头传递
     */
-    private List<ApiKey> securitySchemes()
+    private List<SecurityScheme> securitySchemes()
    {
-        List<ApiKey> apiKeyList = new ArrayList<ApiKey>();
-        apiKeyList.add(new ApiKey("Authorization", "Authorization", "header"));
+        List<SecurityScheme> apiKeyList = new ArrayList<SecurityScheme>();
+        apiKeyList.add(new ApiKey("Authorization", "Authorization", In.HEADER.toValue()));
        return apiKeyList;
    }

@ -87,7 +87,7 @@ public class SwaggerConfig
        securityContexts.add(
                SecurityContext.builder()
                        .securityReferences(defaultAuth())
-                        .forPaths(PathSelectors.regex("^(?!auth).*$"))
+                        .operationSelector(o -> o.requestMappingPattern().matches("/.*"))
                        .build());
        return securityContexts;
    }
--- a/ruoyi-admin/src/main/resources/application-druid.yml
+++ b/ruoyi-admin/src/main/resources/application-druid.yml
@ -6,9 +6,9 @@ spring:
        druid:
            # 主库数据源
            master:
-                url: jdbc:mysql://localhost:3306/ry-vue?useUnicode=true&characterEncoding=utf8&zeroDateTimeBehavior=convertToNull&useSSL=true&serverTimezone=GMT%2B8
-                username: root
-                password: password
+                url: jdbc:mysql://192.168.2.9:3306/nuoyi?useUnicode=true&characterEncoding=utf8&zeroDateTimeBehavior=convertToNull&useSSL=true&serverTimezone=GMT%2B8
+                username: saas
+                password: XKrs123.
            # 从库数据源
            slave:
                # 从数据源开关/默认关闭
@ -43,8 +43,8 @@ spring:
                allow:
                url-pattern: /druid/*
                # 控制台管理用户名和密码
-                login-username: 
-                login-password: 
+                login-username: ruoyi
+                login-password: 123456
            filter:
                stat:
                    enabled: true
--- a/ruoyi-admin/src/main/resources/application.yml
+++ b/ruoyi-admin/src/main/resources/application.yml
@ -3,9 +3,9 @@ ruoyi:
  # 名称
  name: RuoYi
  # 版本
-  version: 3.4.0
+  version: 3.8.2
  # 版权年份
-  copyrightYear: 2021
+  copyrightYear: 2022
  # 实例演示开关
  demoEnabled: true
  # 文件路径 示例（ Windows配置D:/ruoyi/uploadPath，Linux配置 /home/ruoyi/uploadPath）
@ -25,10 +25,13 @@ server:
  tomcat:
    # tomcat的URI编码
    uri-encoding: UTF-8
+    # 连接数满后的排队数，默认为100
+    accept-count: 1000
+    threads:
      # tomcat最大线程数，默认为200
-    max-threads: 800
-    # Tomcat启动初始化的线程数，默认值25
-    min-spare-threads: 30
+      max: 800
+      # Tomcat启动初始化的线程数，默认值10
+      min-spare: 100

 # 日志配置
 logging:
@ -38,12 +41,15 @@ logging:

 # Spring配置
 spring:
+#  config:
+#    activate:
+#      on-profile: druid
+  profiles:
+    active: druid
  # 资源信息
  messages:
    # 国际化资源文件路径
    basename: i18n/messages
-  profiles: 
-    active: druid
  # 文件上传
  servlet:
     multipart:
@ -63,9 +69,9 @@ spring:
    # 端口，默认为6379
    port: 6379
    # 数据库索引
-    database: 0
+    database: 3
    # 密码
-    password: 
+    password: yhy_app
    # 连接超时时间
    timeout: 10s
    lettuce:
@ -100,7 +106,6 @@ mybatis:
 # PageHelper分页插件
 pagehelper: 
  helperDialect: mysql
-  reasonable: true
  supportMethodsArguments: true
  params: count=countSql 

@ -116,6 +121,6 @@ xss:
  # 过滤开关
  enabled: true
  # 排除链接（多个用逗号分隔）
-  excludes: /system/notice/*
+  excludes: /system/notice
  # 匹配链接
  urlPatterns: /system/*,/monitor/*,/tool/*
--- a/ruoyi-admin/src/main/resources/banner.txt
+++ b/ruoyi-admin/src/main/resources/banner.txt
@ -2,7 +2,7 @@ Application Version: ${ruoyi.version}
 Spring Boot Version: ${spring-boot.version}
 ////////////////////////////////////////////////////////////////////
 //                          _ooOoo_                               //
-//                         o8888888o                              //
+//                         o6666666o                              //
 //                         88" . "88                              //
 //                         (| ^_^ |)                              //
 //                         O\  =  /O                              //
--- a/ruoyi-admin/src/main/resources/i18n/messages.properties
+++ b/ruoyi-admin/src/main/resources/i18n/messages.properties
@ -19,6 +19,7 @@ user.password.not.valid=* 5-50个字符
 user.email.not.valid=邮箱格式错误
 user.mobile.phone.number.not.valid=手机号格式错误
 user.login.success=登录成功
+user.register.success=注册成功
 user.notfound=请重新登录
 user.forcelogout=管理员强制退出，请重新登录
 user.unknown.error=未知错误，请重新登录
--- a/ruoyi-admin/src/main/resources/mybatis/mybatis-config.xml
+++ b/ruoyi-admin/src/main/resources/mybatis/mybatis-config.xml
@ -3,13 +3,18 @@
 PUBLIC "-//mybatis.org//DTD Config 3.0//EN"
 "http://mybatis.org/dtd/mybatis-3-config.dtd">
 <configuration>
-	
+    <!-- 全局参数 -->
    <settings>
-		<setting name="cacheEnabled"             value="true" />  <!-- 全局映射器启用缓存 -->
-		<setting name="useGeneratedKeys"         value="true" />  <!-- 允许 JDBC 支持自动生成主键 -->
-		<setting name="defaultExecutorType"      value="REUSE" /> <!-- 配置默认的执行器 -->
-		<setting name="logImpl"                  value="SLF4J" /> <!-- 指定 MyBatis 所用日志的具体实现 -->
-		<!-- <setting name="mapUnderscoreToCamelCase" value="true"/>  驼峰式命名 -->
+        <!-- 使全局的映射器启用或禁用缓存 -->
+        <setting name="cacheEnabled"             value="true"   />
+        <!-- 允许JDBC 支持自动生成主键 -->
+        <setting name="useGeneratedKeys"         value="true"   />
+        <!-- 配置默认的执行器.SIMPLE就是普通执行器;REUSE执行器会重用预处理语句(prepared statements);BATCH执行器将重用语句并执行批量更新 -->
+        <setting name="defaultExecutorType"      value="SIMPLE" />
+		<!-- 指定 MyBatis 所用日志的具体实现 -->
+        <setting name="logImpl"                  value="SLF4J"  />
+        <!-- 使用驼峰命名法转换字段 -->
+		<!-- <setting name="mapUnderscoreToCamelCase" value="true"/> -->
 	</settings>
 	
 </configuration>
--- a/ruoyi-common/pom.xml
+++ b/ruoyi-common/pom.xml
@ -5,7 +5,7 @@
    <parent>
        <artifactId>ruoyi</artifactId>
        <groupId>com.ruoyi</groupId>
-        <version>3.4.0</version>
+        <version>3.8.2</version>
    </parent>
    <modelVersion>4.0.0</modelVersion>

@ -43,8 +43,8 @@

        <!-- 自定义验证注解 -->
        <dependency>
-            <groupId>javax.validation</groupId>
-            <artifactId>validation-api</artifactId>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-validation</artifactId>
        </dependency>

        <!--常用工具类 -->
@ -95,6 +95,12 @@
            <artifactId>jjwt</artifactId>
        </dependency>

+        <!-- Jaxb -->
+        <dependency>
+            <groupId>javax.xml.bind</groupId>
+            <artifactId>jaxb-api</artifactId>
+        </dependency>
+
        <!-- redis 缓存操作 -->
        <dependency>
            <groupId>org.springframework.boot</groupId>
--- a/ruoyi-common/src/main/java/com/ruoyi/common/annotation/Excel.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/annotation/Excel.java
@ -5,6 +5,9 @@ import java.lang.annotation.Retention;
 import java.lang.annotation.RetentionPolicy;
 import java.lang.annotation.Target;
 import java.math.BigDecimal;
+import org.apache.poi.ss.usermodel.HorizontalAlignment;
+import org.apache.poi.ss.usermodel.IndexedColors;
+import com.ruoyi.common.utils.poi.ExcelHandlerAdapter;

 /**
 * 自定义导出Excel数据注解
@ -55,11 +58,6 @@ public @interface Excel
     */
    public int roundingMode() default BigDecimal.ROUND_HALF_EVEN;

-    /**
-     * 导出类型（0数字 1字符串）
-     */
-    public ColumnType cellType() default ColumnType.STRING;
-
    /**
     * 导出时在excel中每个列的高度 单位为字符
     */
@ -106,9 +104,29 @@ public @interface Excel
    public boolean isStatistics() default false;

    /**
-     * 导出字段对齐方式（0：默认；1：靠左；2：居中；3：靠右）
+     * 导出类型（0数字 1字符串）
     */
-    Align align() default Align.AUTO;
+    public ColumnType cellType() default ColumnType.STRING;
+
+    /**
+     * 导出字体颜色
+     */
+    public IndexedColors color() default IndexedColors.BLACK;
+
+    /**
+     * 导出字段对齐方式
+     */
+    public HorizontalAlignment align() default HorizontalAlignment.CENTER;
+
+    /**
+     * 自定义数据处理器
+     */
+    public Class<?> handler() default ExcelHandlerAdapter.class;
+
+    /**
+     * 自定义数据处理器参数
+     */
+    public String[] args() default {};

    public enum Align
    {
--- a/ruoyi-common/src/main/java/com/ruoyi/common/annotation/Excels.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/annotation/Excels.java
@ -14,5 +14,5 @@ import java.lang.annotation.Target;
@Retention(RetentionPolicy.RUNTIME)
 public @interface Excels
 {
-    Excel[] value();
+    public Excel[] value();
 }
--- a/ruoyi-common/src/main/java/com/ruoyi/common/annotation/Log.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/annotation/Log.java
@ -38,4 +38,9 @@ public @interface Log
     * 是否保存请求的参数
     */
    public boolean isSaveRequestData() default true;
+
+    /**
+     * 是否保存响应的参数
+     */
+    public boolean isSaveResponseData() default true;
 }
--- a/ruoyi-common/src/main/java/com/ruoyi/common/annotation/RateLimiter.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/annotation/RateLimiter.java
@ -0,0 +1,40 @@
+package com.ruoyi.common.annotation;
+
+import java.lang.annotation.Documented;
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+import com.ruoyi.common.constant.Constants;
+import com.ruoyi.common.enums.LimitType;
+
+/**
+ * 限流注解
+ * 
+ * @author ruoyi
+ */
+@Target(ElementType.METHOD)
+@Retention(RetentionPolicy.RUNTIME)
+@Documented
+public @interface RateLimiter
+{
+    /**
+     * 限流key
+     */
+    public String key() default Constants.RATE_LIMIT_KEY;
+
+    /**
+     * 限流时间,单位秒
+     */
+    public int time() default 60;
+
+    /**
+     * 限流次数
+     */
+    public int count() default 100;
+
+    /**
+     * 限流类型
+     */
+    public LimitType limitType() default LimitType.DEFAULT;
+}
--- a/ruoyi-common/src/main/java/com/ruoyi/common/annotation/RepeatSubmit.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/annotation/RepeatSubmit.java
@ -19,5 +19,13 @@ import java.lang.annotation.Target;
@Documented
 public @interface RepeatSubmit
 {
+    /**
+     * 间隔时间(ms)，小于此时间视为重复提交
+     */
+    public int interval() default 5000;

+    /**
+     * 提示消息
+     */
+    public String message() default "不允许重复提交，请稍候再试";
 }
--- a/ruoyi-common/src/main/java/com/ruoyi/common/config/RuoYiConfig.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/config/RuoYiConfig.java
@ -30,6 +30,9 @@ public class RuoYiConfig
    /** 获取地址开关 */
    private static boolean addressEnabled;

+    /** 验证码类型 */
+    private static String captchaType;
+
    public String getName()
    {
        return name;
@ -90,6 +93,22 @@ public class RuoYiConfig
        RuoYiConfig.addressEnabled = addressEnabled;
    }

+    public static String getCaptchaType() {
+        return captchaType;
+    }
+
+    public void setCaptchaType(String captchaType) {
+        RuoYiConfig.captchaType = captchaType;
+    }
+
+    /**
+     * 获取导入上传路径
+     */
+    public static String getImportPath()
+    {
+        return getProfile() + "/import";
+    }
+
    /**
     * 获取头像上传路径
     */
--- a/ruoyi-common/src/main/java/com/ruoyi/common/constant/Constants.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/constant/Constants.java
@ -1,5 +1,7 @@
 package com.ruoyi.common.constant;

+import io.jsonwebtoken.Claims;
+
 /**
 * 通用常量信息
 * 
@ -47,6 +49,11 @@ public class Constants
     */
    public static final String LOGOUT = "Logout";

+    /**
+     * 注册
+     */
+    public static final String REGISTER = "Register";
+
    /**
     * 登录失败
     */
@ -67,6 +74,11 @@ public class Constants
     */
    public static final String REPEAT_SUBMIT_KEY = "repeat_submit:";

+    /**
+     * 限流 redis key
+     */
+    public static final String RATE_LIMIT_KEY = "rate_limit:";
+
    /**
     * 验证码有效期（分钟）
     */
@ -95,7 +107,7 @@ public class Constants
    /**
     * 用户名称
     */
-    public static final String JWT_USERNAME = "sub";
+    public static final String JWT_USERNAME = Claims.SUBJECT;

    /**
     * 用户头像
@ -126,4 +138,30 @@ public class Constants
     * 资源映射路径 前缀
     */
    public static final String RESOURCE_PREFIX = "/profile";
+
+    /**
+     * RMI 远程方法调用
+     */
+    public static final String LOOKUP_RMI = "rmi:";
+
+    /**
+     * LDAP 远程方法调用
+     */
+    public static final String LOOKUP_LDAP = "ldap:";
+
+    /**
+     * LDAPS 远程方法调用
+     */
+    public static final String LOOKUP_LDAPS = "ldaps:";
+
+    /**
+     * 定时任务白名单配置（仅允许访问的包名，如其他需要可以自行添加）
+     */
+    public static final String[] JOB_WHITELIST_STR = { "com.ruoyi" };
+
+    /**
+     * 定时任务违规的字符
+     */
+    public static final String[] JOB_ERROR_STR = { "java.net.URL", "javax.naming.InitialContext", "org.yaml.snakeyaml",
+            "org.springframework", "org.apache", "com.ruoyi.common.utils.file" };
 }
--- a/ruoyi-common/src/main/java/com/ruoyi/common/constant/GenConstants.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/constant/GenConstants.java
@ -109,6 +109,9 @@ public class GenConstants
    /** 模糊查询 */
    public static final String QUERY_LIKE = "LIKE";

+    /** 相等查询 */
+    public static final String QUERY_EQ = "EQ";
+
    /** 需要 */
    public static final String REQUIRE = "1";
 }
--- a/ruoyi-common/src/main/java/com/ruoyi/common/constant/UserConstants.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/constant/UserConstants.java
@ -57,7 +57,22 @@ public class UserConstants
    /** ParentView组件标识 */
    public final static String PARENT_VIEW = "ParentView";

+    /** InnerLink组件标识 */
+    public final static String INNER_LINK = "InnerLink";
+
    /** 校验返回结果码 */
    public final static String UNIQUE = "0";
    public final static String NOT_UNIQUE = "1";
+
+    /**
+     * 用户名长度限制
+     */
+    public static final int USERNAME_MIN_LENGTH = 2;
+    public static final int USERNAME_MAX_LENGTH = 20;
+
+    /**
+     * 密码长度限制
+     */
+    public static final int PASSWORD_MIN_LENGTH = 5;
+    public static final int PASSWORD_MAX_LENGTH = 20;
 }
--- a/ruoyi-common/src/main/java/com/ruoyi/common/core/controller/BaseController.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/core/controller/BaseController.java
@ -11,10 +11,13 @@ import com.github.pagehelper.PageHelper;
 import com.github.pagehelper.PageInfo;
 import com.ruoyi.common.constant.HttpStatus;
 import com.ruoyi.common.core.domain.AjaxResult;
+import com.ruoyi.common.core.domain.model.LoginUser;
 import com.ruoyi.common.core.page.PageDomain;
 import com.ruoyi.common.core.page.TableDataInfo;
 import com.ruoyi.common.core.page.TableSupport;
 import com.ruoyi.common.utils.DateUtils;
+import com.ruoyi.common.utils.PageUtils;
+import com.ruoyi.common.utils.SecurityUtils;
 import com.ruoyi.common.utils.StringUtils;
 import com.ruoyi.common.utils.sql.SqlUtil;

@ -25,7 +28,7 @@ import com.ruoyi.common.utils.sql.SqlUtil;
 */
 public class BaseController
 {
-    protected final Logger logger = LoggerFactory.getLogger(BaseController.class);
+    protected final Logger logger = LoggerFactory.getLogger(this.getClass());

    /**
     * 将前台传递过来的日期格式的字符串，自动转化为Date类型
@ -48,17 +51,31 @@ public class BaseController
     * 设置请求分页数据
     */
    protected void startPage()
+    {
+        PageUtils.startPage();
+    }
+
+    /**
+     * 设置请求排序数据
+     */
+    protected void startOrderBy()
    {
        PageDomain pageDomain = TableSupport.buildPageRequest();
-        Integer pageNum = pageDomain.getPageNum();
-        Integer pageSize = pageDomain.getPageSize();
-        if (StringUtils.isNotNull(pageNum) && StringUtils.isNotNull(pageSize))
+        if (StringUtils.isNotEmpty(pageDomain.getOrderBy()))
        {
            String orderBy = SqlUtil.escapeOrderBySql(pageDomain.getOrderBy());
-            PageHelper.startPage(pageNum, pageSize, orderBy);
+            PageHelper.orderBy(orderBy);
        }
    }

+    /**
+     * 清理分页的线程变量
+     */
+    protected void clearPage()
+    {
+        PageUtils.clearPage();
+    }
+
    /**
     * 响应请求分页数据
     */
@ -73,6 +90,38 @@ public class BaseController
        return rspData;
    }

+    /**
+     * 返回成功
+     */
+    public AjaxResult success()
+    {
+        return AjaxResult.success();
+    }
+
+    /**
+     * 返回失败消息
+     */
+    public AjaxResult error()
+    {
+        return AjaxResult.error();
+    }
+
+    /**
+     * 返回成功消息
+     */
+    public AjaxResult success(String message)
+    {
+        return AjaxResult.success(message);
+    }
+
+    /**
+     * 返回失败消息
+     */
+    public AjaxResult error(String message)
+    {
+        return AjaxResult.error(message);
+    }
+
    /**
     * 响应返回结果
     * 
@ -84,6 +133,17 @@ public class BaseController
        return rows > 0 ? AjaxResult.success() : AjaxResult.error();
    }

+    /**
+     * 响应返回结果
+     * 
+     * @param result 结果
+     * @return 操作结果
+     */
+    protected AjaxResult toAjax(boolean result)
+    {
+        return result ? success() : error();
+    }
+
    /**
     * 页面跳转
     */
@ -91,4 +151,36 @@ public class BaseController
    {
        return StringUtils.format("redirect:{}", url);
    }
+
+    /**
+     * 获取用户缓存信息
+     */
+    public LoginUser getLoginUser()
+    {
+        return SecurityUtils.getLoginUser();
+    }
+
+    /**
+     * 获取登录用户id
+     */
+    public Long getUserId()
+    {
+        return getLoginUser().getUserId();
+    }
+
+    /**
+     * 获取登录部门id
+     */
+    public Long getDeptId()
+    {
+        return getLoginUser().getDeptId();
+    }
+
+    /**
+     * 获取登录用户名
+     */
+    public String getUsername()
+    {
+        return getLoginUser().getUsername();
+    }
 }
--- a/ruoyi-common/src/main/java/com/ruoyi/common/core/domain/AjaxResult.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/core/domain/AjaxResult.java
@ -145,4 +145,18 @@ public class AjaxResult extends HashMap<String, Object>
    {
        return new AjaxResult(code, msg, null);
    }
+
+    /**
+     * 方便链式调用
+     *
+     * @param key 键
+     * @param value 值
+     * @return 数据对象
+     */
+    @Override
+    public AjaxResult put(String key, Object value)
+    {
+        super.put(key, value);
+        return this;
+    }
 }
--- a/ruoyi-common/src/main/java/com/ruoyi/common/core/domain/entity/SysDept.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/core/domain/entity/SysDept.java
@ -4,6 +4,7 @@ import java.util.ArrayList;
 import java.util.List;
 import javax.validation.constraints.Email;
 import javax.validation.constraints.NotBlank;
+import javax.validation.constraints.NotNull;
 import javax.validation.constraints.Size;
 import org.apache.commons.lang3.builder.ToStringBuilder;
 import org.apache.commons.lang3.builder.ToStringStyle;
@ -31,7 +32,7 @@ public class SysDept extends BaseEntity
    private String deptName;

    /** 显示顺序 */
-    private String orderNum;
+    private Integer orderNum;

    /** 负责人 */
    private String leader;
@ -96,13 +97,13 @@ public class SysDept extends BaseEntity
        this.deptName = deptName;
    }

-    @NotBlank(message = "显示顺序不能为空")
-    public String getOrderNum()
+    @NotNull(message = "显示顺序不能为空")
+    public Integer getOrderNum()
    {
        return orderNum;
    }

-    public void setOrderNum(String orderNum)
+    public void setOrderNum(Integer orderNum)
    {
        this.orderNum = orderNum;
    }
--- a/ruoyi-common/src/main/java/com/ruoyi/common/core/domain/entity/SysDictType.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/core/domain/entity/SysDictType.java
@ -1,6 +1,7 @@
 package com.ruoyi.common.core.domain.entity;

 import javax.validation.constraints.NotBlank;
+import javax.validation.constraints.Pattern;
 import javax.validation.constraints.Size;
 import org.apache.commons.lang3.builder.ToStringBuilder;
 import org.apache.commons.lang3.builder.ToStringStyle;
@ -57,6 +58,7 @@ public class SysDictType extends BaseEntity

    @NotBlank(message = "字典类型不能为空")
    @Size(min = 0, max = 100, message = "字典类型类型长度不能超过100个字符")
+    @Pattern(regexp = "^[a-z][a-z0-9_]*$", message = "字典类型必须以字母开头，且只能为（小写字母，数字，下滑线）")
    public String getDictType()
    {
        return dictType;
--- a/ruoyi-common/src/main/java/com/ruoyi/common/core/domain/entity/SysMenu.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/core/domain/entity/SysMenu.java
@ -3,6 +3,7 @@ package com.ruoyi.common.core.domain.entity;
 import java.util.ArrayList;
 import java.util.List;
 import javax.validation.constraints.NotBlank;
+import javax.validation.constraints.NotNull;
 import javax.validation.constraints.Size;
 import org.apache.commons.lang3.builder.ToStringBuilder;
 import org.apache.commons.lang3.builder.ToStringStyle;
@ -30,7 +31,7 @@ public class SysMenu extends BaseEntity
    private Long parentId;

    /** 显示顺序 */
-    private String orderNum;
+    private Integer orderNum;

    /** 路由地址 */
    private String path;
@ -38,6 +39,9 @@ public class SysMenu extends BaseEntity
    /** 组件路径 */
    private String component;

+    /** 路由参数 */
+    private String query;
+
    /** 是否为外链（0是 1否） */
    private String isFrame;

@ -104,13 +108,13 @@ public class SysMenu extends BaseEntity
        this.parentId = parentId;
    }

-    @NotBlank(message = "显示顺序不能为空")
-    public String getOrderNum()
+    @NotNull(message = "显示顺序不能为空")
+    public Integer getOrderNum()
    {
        return orderNum;
    }

-    public void setOrderNum(String orderNum)
+    public void setOrderNum(Integer orderNum)
    {
        this.orderNum = orderNum;
    }
@ -137,6 +141,16 @@ public class SysMenu extends BaseEntity
        this.component = component;
    }

+    public String getQuery()
+    {
+        return query;
+    }
+
+    public void setQuery(String query)
+    {
+        this.query = query;
+    }
+
    public String getIsFrame()
    {
        return isFrame;
--- a/ruoyi-common/src/main/java/com/ruoyi/common/core/domain/entity/SysRole.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/core/domain/entity/SysRole.java
@ -33,8 +33,8 @@ public class SysRole extends BaseEntity
    @Excel(name = "角色排序")
    private String roleSort;

-    /** 数据范围（1：所有数据权限；2：自定义数据权限；3：本部门数据权限；4：本部门及以下数据权限） */
-    @Excel(name = "数据范围", readConverterExp = "1=所有数据权限,2=自定义数据权限,3=本部门数据权限,4=本部门及以下数据权限")
+    /** 数据范围（1：所有数据权限；2：自定义数据权限；3：本部门数据权限；4：本部门及以下数据权限；5：仅本人数据权限） */
+    @Excel(name = "数据范围", readConverterExp = "1=所有数据权限,2=自定义数据权限,3=本部门数据权限,4=本部门及以下数据权限,5=仅本人数据权限")
    private String dataScope;

    /** 菜单树选择项是否关联显示（ 0：父子不互相关联显示 1：父子互相关联显示） */
--- a/ruoyi-common/src/main/java/com/ruoyi/common/core/domain/entity/SysUser.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/core/domain/entity/SysUser.java
@ -2,9 +2,7 @@ package com.ruoyi.common.core.domain.entity;

 import java.util.Date;
 import java.util.List;
-import javax.validation.constraints.Email;
-import javax.validation.constraints.NotBlank;
-import javax.validation.constraints.Size;
+import javax.validation.constraints.*;
 import org.apache.commons.lang3.builder.ToStringBuilder;
 import org.apache.commons.lang3.builder.ToStringStyle;
 import com.fasterxml.jackson.annotation.JsonIgnore;
@ -14,6 +12,7 @@ import com.ruoyi.common.annotation.Excel.ColumnType;
 import com.ruoyi.common.annotation.Excel.Type;
 import com.ruoyi.common.annotation.Excels;
 import com.ruoyi.common.core.domain.BaseEntity;
+import com.ruoyi.common.xss.Xss;

 /**
 * 用户对象 sys_user
@ -92,6 +91,9 @@ public class SysUser extends BaseEntity
    /** 岗位组 */
    private Long[] postIds;

+    /** 角色ID */
+    private Long roleId;
+
    public SysUser()
    {

@ -132,6 +134,7 @@ public class SysUser extends BaseEntity
        this.deptId = deptId;
    }

+    @Xss(message = "用户昵称不能包含脚本字符")
    @Size(min = 0, max = 30, message = "用户昵称长度不能超过30个字符")
    public String getNickName()
    {
@ -143,6 +146,7 @@ public class SysUser extends BaseEntity
        this.nickName = nickName;
    }

+    @Xss(message = "用户账号不能包含脚本字符")
    @NotBlank(message = "用户账号不能为空")
    @Size(min = 0, max = 30, message = "用户账号长度不能超过30个字符")
    public String getUserName()
@ -300,6 +304,16 @@ public class SysUser extends BaseEntity
        this.postIds = postIds;
    }

+    public Long getRoleId()
+    {
+        return roleId;
+    }
+
+    public void setRoleId(Long roleId)
+    {
+        this.roleId = roleId;
+    }
+
    @Override
    public String toString() {
        return new ToStringBuilder(this,ToStringStyle.MULTI_LINE_STYLE)
--- a/ruoyi-common/src/main/java/com/ruoyi/common/core/domain/model/LoginBody.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/core/domain/model/LoginBody.java
@ -25,7 +25,7 @@ public class LoginBody
    /**
     * 唯一标识
     */
-    private String uuid = "";
+    private String uuid;

    public String getUsername()
    {
--- a/ruoyi-common/src/main/java/com/ruoyi/common/core/domain/model/LoginUser.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/core/domain/model/LoginUser.java
@ -4,7 +4,7 @@ import java.util.Collection;
 import java.util.Set;
 import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.core.userdetails.UserDetails;
-import com.fasterxml.jackson.annotation.JsonIgnore;
+import com.alibaba.fastjson.annotation.JSONField;
 import com.ruoyi.common.core.domain.entity.SysUser;

 /**
@ -16,6 +16,16 @@ public class LoginUser implements UserDetails
 {
    private static final long serialVersionUID = 1L;

+    /**
+     * 用户ID
+     */
+    private Long userId;
+
+    /**
+     * 部门ID
+     */
+    private Long deptId;
+
    /**
     * 用户唯一标识
     */
@ -61,6 +71,26 @@ public class LoginUser implements UserDetails
     */
    private SysUser user;

+    public Long getUserId()
+    {
+        return userId;
+    }
+
+    public void setUserId(Long userId)
+    {
+        this.userId = userId;
+    }
+
+    public Long getDeptId()
+    {
+        return deptId;
+    }
+
+    public void setDeptId(Long deptId)
+    {
+        this.deptId = deptId;
+    }
+
    public String getToken()
    {
        return token;
@ -81,7 +111,15 @@ public class LoginUser implements UserDetails
        this.permissions = permissions;
    }

-    @JsonIgnore
+    public LoginUser(Long userId, Long deptId, SysUser user, Set<String> permissions)
+    {
+        this.userId = userId;
+        this.deptId = deptId;
+        this.user = user;
+        this.permissions = permissions;
+    }
+
+    @JSONField(serialize = false)
    @Override
    public String getPassword()
    {
@ -97,7 +135,7 @@ public class LoginUser implements UserDetails
    /**
     * 账户是否未过期,过期无法验证
     */
-    @JsonIgnore
+    @JSONField(serialize = false)
    @Override
    public boolean isAccountNonExpired()
    {
@ -109,7 +147,7 @@ public class LoginUser implements UserDetails
     * 
     * @return
     */
-    @JsonIgnore
+    @JSONField(serialize = false)
    @Override
    public boolean isAccountNonLocked()
    {
@ -121,7 +159,7 @@ public class LoginUser implements UserDetails
     * 
     * @return
     */
-    @JsonIgnore
+    @JSONField(serialize = false)
    @Override
    public boolean isCredentialsNonExpired()
    {
@ -133,7 +171,7 @@ public class LoginUser implements UserDetails
     * 
     * @return
     */
-    @JsonIgnore
+    @JSONField(serialize = false)
    @Override
    public boolean isEnabled()
    {
--- a/ruoyi-common/src/main/java/com/ruoyi/common/core/domain/model/RegisterBody.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/core/domain/model/RegisterBody.java
@ -0,0 +1,11 @@
+package com.ruoyi.common.core.domain.model;
+
+/**
+ * 用户注册对象
+ * 
+ * @author ruoyi
+ */
+public class RegisterBody extends LoginBody
+{
+
+}
--- a/ruoyi-common/src/main/java/com/ruoyi/common/core/page/PageDomain.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/core/page/PageDomain.java
@ -21,6 +21,9 @@ public class PageDomain
    /** 排序的方向desc或者asc */
    private String isAsc = "asc";

+    /** 分页参数合理化 */
+    private Boolean reasonable = true;
+
    public String getOrderBy()
    {
        if (StringUtils.isEmpty(orderByColumn))
@ -67,6 +70,32 @@ public class PageDomain

    public void setIsAsc(String isAsc)
    {
+        if (StringUtils.isNotEmpty(isAsc))
+        {
+            // 兼容前端排序类型
+            if ("ascending".equals(isAsc))
+            {
+                isAsc = "asc";
+            }
+            else if ("descending".equals(isAsc))
+            {
+                isAsc = "desc";
+            }
            this.isAsc = isAsc;
        }
    }
+
+    public Boolean getReasonable()
+    {
+        if (StringUtils.isNull(reasonable))
+        {
+            return Boolean.TRUE;
+        }
+        return reasonable;
+    }
+
+    public void setReasonable(Boolean reasonable)
+    {
+        this.reasonable = reasonable;
+    }
+}
--- a/ruoyi-common/src/main/java/com/ruoyi/common/core/page/TableSupport.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/core/page/TableSupport.java
@ -1,5 +1,6 @@
 package com.ruoyi.common.core.page;

+import com.ruoyi.common.core.text.Convert;
 import com.ruoyi.common.utils.ServletUtils;

 /**
@ -29,16 +30,22 @@ public class TableSupport
     */
    public static final String IS_ASC = "isAsc";

+    /**
+     * 分页参数合理化
+     */
+    public static final String REASONABLE = "reasonable";
+
    /**
     * 封装分页对象
     */
    public static PageDomain getPageDomain()
    {
        PageDomain pageDomain = new PageDomain();
-        pageDomain.setPageNum(ServletUtils.getParameterToInt(PAGE_NUM));
-        pageDomain.setPageSize(ServletUtils.getParameterToInt(PAGE_SIZE));
+        pageDomain.setPageNum(Convert.toInt(ServletUtils.getParameter(PAGE_NUM), 1));
+        pageDomain.setPageSize(Convert.toInt(ServletUtils.getParameter(PAGE_SIZE), 10));
        pageDomain.setOrderByColumn(ServletUtils.getParameter(ORDER_BY_COLUMN));
        pageDomain.setIsAsc(ServletUtils.getParameter(IS_ASC));
+        pageDomain.setReasonable(ServletUtils.getParameterToBool(REASONABLE));
        return pageDomain;
    }

--- a/ruoyi-common/src/main/java/com/ruoyi/common/core/redis/RedisCache.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/core/redis/RedisCache.java
@ -209,6 +209,18 @@ public class RedisCache
        return opsForHash.get(key, hKey);
    }

+    /**
+     * 删除Hash中的数据
+     * 
+     * @param key
+     * @param hKey
+     */
+    public void delCacheMapValue(final String key, final String hKey)
+    {
+        HashOperations hashOperations = redisTemplate.opsForHash();
+        hashOperations.delete(key, hKey);
+    }
+
    /**
     * 获取多个Hash中的数据
     *
--- a/ruoyi-common/src/main/java/com/ruoyi/common/core/text/Convert.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/core/text/Convert.java
@ -7,6 +7,7 @@ import java.nio.charset.Charset;
 import java.text.NumberFormat;
 import java.util.Set;
 import com.ruoyi.common.utils.StringUtils;
+import org.apache.commons.lang3.ArrayUtils;

 /**
 * 类型转换器
@ -795,9 +796,14 @@ public class Convert
        {
            return (String) obj;
        }
-        else if (obj instanceof byte[] || obj instanceof Byte[])
+        else if (obj instanceof byte[])
        {
-            return str((Byte[]) obj, charset);
+            return str((byte[]) obj, charset);
+        }
+        else if (obj instanceof Byte[])
+        {
+            byte[] bytes = ArrayUtils.toPrimitive((Byte[]) obj);
+            return str(bytes, charset);
        }
        else if (obj instanceof ByteBuffer)
        {
--- a/ruoyi-common/src/main/java/com/ruoyi/common/enums/LimitType.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/enums/LimitType.java
@ -0,0 +1,20 @@
+package com.ruoyi.common.enums;
+
+/**
+ * 限流类型
+ *
+ * @author ruoyi
+ */
+
+public enum LimitType
+{
+    /**
+     * 默认策略全局限流
+     */
+    DEFAULT,
+
+    /**
+     * 根据请求者IP进行限流
+     */
+    IP
+}
--- a/ruoyi-common/src/main/java/com/ruoyi/common/exception/CustomException.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/exception/CustomException.java
@ -1,43 +0,0 @@
-package com.ruoyi.common.exception;
-
-/**
- * 自定义异常
- * 
- * @author ruoyi
- */
-public class CustomException extends RuntimeException
-{
-    private static final long serialVersionUID = 1L;
-
-    private Integer code;
-
-    private String message;
-
-    public CustomException(String message)
-    {
-        this.message = message;
-    }
-
-    public CustomException(String message, Integer code)
-    {
-        this.message = message;
-        this.code = code;
-    }
-
-    public CustomException(String message, Throwable e)
-    {
-        super(message, e);
-        this.message = message;
-    }
-
-    @Override
-    public String getMessage()
-    {
-        return message;
-    }
-
-    public Integer getCode()
-    {
-        return code;
-    }
-}
--- a/ruoyi-common/src/main/java/com/ruoyi/common/exception/GlobalException.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/exception/GlobalException.java
@ -0,0 +1,58 @@
+package com.ruoyi.common.exception;
+
+/**
+ * 全局异常
+ * 
+ * @author ruoyi
+ */
+public class GlobalException extends RuntimeException
+{
+
+    private static final long serialVersionUID = 1L;
+
+    /**
+     * 错误提示
+     */
+    private String message;
+
+    /**
+     * 错误明细，内部调试错误
+     *
+     * 和 {@link CommonResult#getDetailMessage()} 一致的设计
+     */
+    private String detailMessage;
+
+    /**
+     * 空构造方法，避免反序列化问题
+     */
+    public GlobalException()
+    {
+    }
+
+    public GlobalException(String message)
+    {
+        this.message = message;
+    }
+
+    public String getDetailMessage()
+    {
+        return detailMessage;
+    }
+
+    public GlobalException setDetailMessage(String detailMessage)
+    {
+        this.detailMessage = detailMessage;
+        return this;
+    }
+
+    public String getMessage()
+    {
+        return message;
+    }
+
+    public GlobalException setMessage(String message)
+    {
+        this.message = message;
+        return this;
+    }
+}
--- a/ruoyi-common/src/main/java/com/ruoyi/common/exception/ServiceException.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/exception/ServiceException.java
@ -0,0 +1,73 @@
+package com.ruoyi.common.exception;
+
+/**
+ * 业务异常
+ * 
+ * @author ruoyi
+ */
+public final class ServiceException extends RuntimeException
+{
+    private static final long serialVersionUID = 1L;
+
+    /**
+     * 错误码
+     */
+    private Integer code;
+
+    /**
+     * 错误提示
+     */
+    private String message;
+
+    /**
+     * 错误明细，内部调试错误
+     *
+     * 和 {@link CommonResult#getDetailMessage()} 一致的设计
+     */
+    private String detailMessage;
+
+    /**
+     * 空构造方法，避免反序列化问题
+     */
+    public ServiceException()
+    {
+    }
+
+    public ServiceException(String message)
+    {
+        this.message = message;
+    }
+
+    public ServiceException(String message, Integer code)
+    {
+        this.message = message;
+        this.code = code;
+    }
+
+    public String getDetailMessage()
+    {
+        return detailMessage;
+    }
+
+    public String getMessage()
+    {
+        return message;
+    }
+
+    public Integer getCode()
+    {
+        return code;
+    }
+
+    public ServiceException setMessage(String message)
+    {
+        this.message = message;
+        return this;
+    }
+
+    public ServiceException setDetailMessage(String detailMessage)
+    {
+        this.detailMessage = detailMessage;
+        return this;
+    }
+}
--- a/ruoyi-common/src/main/java/com/ruoyi/common/exception/base/BaseException.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/exception/base/BaseException.java
@ -1,4 +1,4 @@
-package com.ruoyi.common.exception;
+package com.ruoyi.common.exception.base;

 import com.ruoyi.common.utils.MessageUtils;
 import com.ruoyi.common.utils.StringUtils;
--- a/ruoyi-common/src/main/java/com/ruoyi/common/exception/file/FileException.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/exception/file/FileException.java
@ -1,6 +1,6 @@
 package com.ruoyi.common.exception.file;

-import com.ruoyi.common.exception.BaseException;
+import com.ruoyi.common.exception.base.BaseException;

 /**
 * 文件信息异常类
--- a/ruoyi-common/src/main/java/com/ruoyi/common/exception/file/InvalidExtensionException.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/exception/file/InvalidExtensionException.java
@ -68,4 +68,14 @@ public class InvalidExtensionException extends FileUploadException
            super(allowedExtension, extension, filename);
        }
    }
+
+    public static class InvalidVideoExtensionException extends InvalidExtensionException
+    {
+        private static final long serialVersionUID = 1L;
+
+        public InvalidVideoExtensionException(String[] allowedExtension, String extension, String filename)
+        {
+            super(allowedExtension, extension, filename);
+        }
+    }
 }
--- a/ruoyi-common/src/main/java/com/ruoyi/common/exception/user/UserException.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/exception/user/UserException.java
@ -1,6 +1,6 @@
 package com.ruoyi.common.exception.user;

-import com.ruoyi.common.exception.BaseException;
+import com.ruoyi.common.exception.base.BaseException;

 /**
 * 用户信息异常类
--- a/ruoyi-common/src/main/java/com/ruoyi/common/filter/RepeatableFilter.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/filter/RepeatableFilter.java
@ -30,7 +30,7 @@ public class RepeatableFilter implements Filter
    {
        ServletRequest requestWrapper = null;
        if (request instanceof HttpServletRequest
-                && StringUtils.equalsAnyIgnoreCase(request.getContentType(), MediaType.APPLICATION_JSON_VALUE))
+                && StringUtils.startsWithIgnoreCase(request.getContentType(), MediaType.APPLICATION_JSON_VALUE))
        {
            requestWrapper = new RepeatedlyRequestWrapper((HttpServletRequest) request, response);
        }
--- a/ruoyi-common/src/main/java/com/ruoyi/common/filter/RepeatedlyRequestWrapper.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/filter/RepeatedlyRequestWrapper.java
@ -38,18 +38,21 @@ public class RepeatedlyRequestWrapper extends HttpServletRequestWrapper
    @Override
    public ServletInputStream getInputStream() throws IOException
    {
-
        final ByteArrayInputStream bais = new ByteArrayInputStream(body);
-
        return new ServletInputStream()
        {
-
            @Override
            public int read() throws IOException
            {
                return bais.read();
            }

+            @Override
+            public int available() throws IOException
+            {
+                return body.length;
+            }
+
            @Override
            public boolean isFinished()
            {
--- a/ruoyi-common/src/main/java/com/ruoyi/common/filter/XssFilter.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/filter/XssFilter.java
@ -3,8 +3,6 @@ package com.ruoyi.common.filter;
 import java.io.IOException;
 import java.util.ArrayList;
 import java.util.List;
-import java.util.regex.Matcher;
-import java.util.regex.Pattern;
 import javax.servlet.Filter;
 import javax.servlet.FilterChain;
 import javax.servlet.FilterConfig;
@ -27,16 +25,10 @@ public class XssFilter implements Filter
     */
    public List<String> excludes = new ArrayList<>();

-    /**
-     * xss过滤开关
-     */
-    public boolean enabled = false;
-
    @Override
    public void init(FilterConfig filterConfig) throws ServletException
    {
        String tempExcludes = filterConfig.getInitParameter("excludes");
-        String tempEnabled = filterConfig.getInitParameter("enabled");
        if (StringUtils.isNotEmpty(tempExcludes))
        {
            String[] url = tempExcludes.split(",");
@ -45,10 +37,6 @@ public class XssFilter implements Filter
                excludes.add(url[i]);
            }
        }
-        if (StringUtils.isNotEmpty(tempEnabled))
-        {
-            enabled = Boolean.valueOf(tempEnabled);
-        }
    }

    @Override
@ -68,25 +56,14 @@ public class XssFilter implements Filter

    private boolean handleExcludeURL(HttpServletRequest request, HttpServletResponse response)
    {
-        if (!enabled)
-        {
-            return true;
-        }
-        if (excludes == null || excludes.isEmpty())
-        {
-            return false;
-        }
        String url = request.getServletPath();
-        for (String pattern : excludes)
-        {
-            Pattern p = Pattern.compile("^" + pattern);
-            Matcher m = p.matcher(url);
-            if (m.find())
+        String method = request.getMethod();
+        // GET DELETE 不过滤
+        if (method == null || method.matches("GET") || method.matches("DELETE"))
        {
            return true;
        }
-        }
-        return false;
+        return StringUtils.matches(url, excludes);
    }

    @Override
--- a/ruoyi-common/src/main/java/com/ruoyi/common/filter/XssHttpServletRequestWrapper.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/filter/XssHttpServletRequestWrapper.java
@ -63,7 +63,8 @@ public class XssHttpServletRequestWrapper extends HttpServletRequestWrapper

        // xss过滤
        json = EscapeUtil.clean(json).trim();
-        final ByteArrayInputStream bis = new ByteArrayInputStream(json.getBytes("utf-8"));
+        byte[] jsonBytes = json.getBytes("utf-8");
+        final ByteArrayInputStream bis = new ByteArrayInputStream(jsonBytes);
        return new ServletInputStream()
        {
            @Override
@ -78,6 +79,12 @@ public class XssHttpServletRequestWrapper extends HttpServletRequestWrapper
                return true;
            }

+            @Override
+            public int available() throws IOException
+            {
+                return jsonBytes.length;
+            }
+
            @Override
            public void setReadListener(ReadListener readListener)
            {
@ -99,6 +106,6 @@ public class XssHttpServletRequestWrapper extends HttpServletRequestWrapper
    public boolean isJsonRequest()
    {
        String header = super.getHeader(HttpHeaders.CONTENT_TYPE);
-        return MediaType.APPLICATION_JSON_VALUE.equalsIgnoreCase(header);
+        return StringUtils.startsWithIgnoreCase(header, MediaType.APPLICATION_JSON_VALUE);
    }
 }
--- a/ruoyi-common/src/main/java/com/ruoyi/common/utils/Arith.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/utils/Arith.java
@ -108,7 +108,7 @@ public class Arith
                    "The scale must be a positive integer or zero");
        }
        BigDecimal b = new BigDecimal(Double.toString(v));
-        BigDecimal one = new BigDecimal("1");
+        BigDecimal one = BigDecimal.ONE;
        return b.divide(one, scale, RoundingMode.HALF_UP).doubleValue();
    }
 }
--- a/ruoyi-common/src/main/java/com/ruoyi/common/utils/DateUtils.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/utils/DateUtils.java
@ -3,6 +3,11 @@ package com.ruoyi.common.utils;
 import java.lang.management.ManagementFactory;
 import java.text.ParseException;
 import java.text.SimpleDateFormat;
+import java.time.LocalDate;
+import java.time.LocalDateTime;
+import java.time.LocalTime;
+import java.time.ZoneId;
+import java.time.ZonedDateTime;
 import java.util.Date;
 import org.apache.commons.lang3.time.DateFormatUtils;

@ -131,6 +136,14 @@ public class DateUtils extends org.apache.commons.lang3.time.DateUtils
        return new Date(time);
    }

+    /**
+     * 计算相差天数
+     */
+    public static int differentDaysByMillisecond(Date date1, Date date2)
+    {
+        return Math.abs((int) ((date2.getTime() - date1.getTime()) / (1000 * 3600 * 24)));
+    }
+
    /**
     * 计算两个时间差
     */
@ -152,4 +165,23 @@ public class DateUtils extends org.apache.commons.lang3.time.DateUtils
        // long sec = diff % nd % nh % nm / ns;
        return day + "天" + hour + "小时" + min + "分钟";
    }
+
+    /**
+     * 增加 LocalDateTime ==> Date
+     */
+    public static Date toDate(LocalDateTime temporalAccessor)
+    {
+        ZonedDateTime zdt = temporalAccessor.atZone(ZoneId.systemDefault());
+        return Date.from(zdt.toInstant());
+    }
+
+    /**
+     * 增加 LocalDate ==> Date
+     */
+    public static Date toDate(LocalDate temporalAccessor)
+    {
+        LocalDateTime localDateTime = LocalDateTime.of(temporalAccessor, LocalTime.of(0, 0, 0));
+        ZonedDateTime zdt = localDateTime.atZone(ZoneId.systemDefault());
+        return Date.from(zdt.toInstant());
+    }
 }
--- a/ruoyi-common/src/main/java/com/ruoyi/common/utils/DictUtils.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/utils/DictUtils.java
@ -41,8 +41,7 @@ public class DictUtils
        Object cacheObj = SpringUtils.getBean(RedisCache.class).getCacheObject(getCacheKey(key));
        if (StringUtils.isNotNull(cacheObj))
        {
-            List<SysDictData> dictDatas = StringUtils.cast(cacheObj);
-            return dictDatas;
+            return StringUtils.cast(cacheObj);
        }
        return null;
    }
@ -92,7 +91,7 @@ public class DictUtils
                {
                    if (value.equals(dict.getDictValue()))
                    {
-                        propertyString.append(dict.getDictLabel() + separator);
+                        propertyString.append(dict.getDictLabel()).append(separator);
                        break;
                    }
                }
@ -132,7 +131,7 @@ public class DictUtils
                {
                    if (label.equals(dict.getDictLabel()))
                    {
-                        propertyString.append(dict.getDictValue() + separator);
+                        propertyString.append(dict.getDictValue()).append(separator);
                        break;
                    }
                }
@ -151,6 +150,16 @@ public class DictUtils
        return StringUtils.stripEnd(propertyString.toString(), separator);
    }

+    /**
+     * 删除指定字典缓存
+     * 
+     * @param key 字典键
+     */
+    public static void removeDictCache(String key)
+    {
+        SpringUtils.getBean(RedisCache.class).deleteObject(getCacheKey(key));
+    }
+
    /**
     * 清空字典缓存
     */
--- a/ruoyi-common/src/main/java/com/ruoyi/common/utils/ExceptionUtil.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/utils/ExceptionUtil.java
@ -18,11 +18,10 @@ public class ExceptionUtil
    {
        StringWriter sw = new StringWriter();
        e.printStackTrace(new PrintWriter(sw, true));
-        String str = sw.toString();
-        return str;
+        return sw.toString();
    }

-    public static String getRootErrorMseeage(Exception e)
+    public static String getRootErrorMessage(Exception e)
    {
        Throwable root = ExceptionUtils.getRootCause(e);
        root = (root == null ? e : root);
--- a/ruoyi-common/src/main/java/com/ruoyi/common/utils/PageUtils.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/utils/PageUtils.java
@ -0,0 +1,36 @@
+package com.ruoyi.common.utils;
+
+import com.github.pagehelper.PageHelper;
+import com.ruoyi.common.core.page.PageDomain;
+import com.ruoyi.common.core.page.TableSupport;
+import com.ruoyi.common.utils.sql.SqlUtil;
+
+/**
+ * 分页工具类
+ * 
+ * @author ruoyi
+ */
+public class PageUtils extends PageHelper
+{
+    /**
+     * 设置请求分页数据
+     */
+    public static void
+    startPage()
+    {
+        PageDomain pageDomain = TableSupport.buildPageRequest();
+        Integer pageNum = pageDomain.getPageNum();
+        Integer pageSize = pageDomain.getPageSize();
+        String orderBy = SqlUtil.escapeOrderBySql(pageDomain.getOrderBy());
+        Boolean reasonable = pageDomain.getReasonable();
+        PageHelper.startPage(pageNum, pageSize, orderBy).setReasonable(reasonable);
+    }
+
+    /**
+     * 清理分页的线程变量
+     */
+    public static void clearPage()
+    {
+        PageHelper.clearPage();
+    }
+}
--- a/ruoyi-common/src/main/java/com/ruoyi/common/utils/SecurityUtils.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/utils/SecurityUtils.java
@ -5,7 +5,7 @@ import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import com.ruoyi.common.constant.HttpStatus;
 import com.ruoyi.common.core.domain.model.LoginUser;
-import com.ruoyi.common.exception.CustomException;
+import com.ruoyi.common.exception.ServiceException;

 /**
 * 安全服务工具类
@ -14,6 +14,36 @@ import com.ruoyi.common.exception.CustomException;
 */
 public class SecurityUtils
 {
+    /**
+     * 用户ID
+     **/
+    public static Long getUserId()
+    {
+        try
+        {
+            return getLoginUser().getUserId();
+        }
+        catch (Exception e)
+        {
+            throw new ServiceException("获取用户ID异常", HttpStatus.UNAUTHORIZED);
+        }
+    }
+
+    /**
+     * 获取部门ID
+     **/
+    public static Long getDeptId()
+    {
+        try
+        {
+            return getLoginUser().getDeptId();
+        }
+        catch (Exception e)
+        {
+            throw new ServiceException("获取部门ID异常", HttpStatus.UNAUTHORIZED);
+        }
+    }
+    
    /**
     * 获取用户账户
     **/
@ -25,7 +55,7 @@ public class SecurityUtils
        }
        catch (Exception e)
        {
-            throw new CustomException("获取用户账户异常", HttpStatus.UNAUTHORIZED);
+            throw new ServiceException("获取用户账户异常", HttpStatus.UNAUTHORIZED);
        }
    }

@ -40,7 +70,7 @@ public class SecurityUtils
        }
        catch (Exception e)
        {
-            throw new CustomException("获取用户信息异常", HttpStatus.UNAUTHORIZED);
+            throw new ServiceException("获取用户信息异常", HttpStatus.UNAUTHORIZED);
        }
    }

--- a/ruoyi-common/src/main/java/com/ruoyi/common/utils/ServletUtils.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/utils/ServletUtils.java
@ -48,6 +48,22 @@ public class ServletUtils
        return Convert.toInt(getRequest().getParameter(name), defaultValue);
    }

+    /**
+     * 获取Boolean参数
+     */
+    public static Boolean getParameterToBool(String name)
+    {
+        return Convert.toBool(getRequest().getParameter(name));
+    }
+
+    /**
+     * 获取Boolean参数
+     */
+    public static Boolean getParameterToBool(String name, Boolean defaultValue)
+    {
+        return Convert.toBool(getRequest().getParameter(name), defaultValue);
+    }
+
    /**
     * 获取request
     */
@ -83,9 +99,8 @@ public class ServletUtils
     * 
     * @param response 渲染对象
     * @param string 待渲染的字符串
-     * @return null
     */
-    public static String renderString(HttpServletResponse response, String string)
+    public static void renderString(HttpServletResponse response, String string)
    {
        try
        {
@ -98,7 +113,6 @@ public class ServletUtils
        {
            e.printStackTrace();
        }
-        return null;
    }

    /**
@ -109,13 +123,13 @@ public class ServletUtils
    public static boolean isAjaxRequest(HttpServletRequest request)
    {
        String accept = request.getHeader("accept");
-        if (accept != null && accept.indexOf("application/json") != -1)
+        if (accept != null && accept.contains("application/json"))
        {
            return true;
        }

        String xRequestedWith = request.getHeader("X-Requested-With");
-        if (xRequestedWith != null && xRequestedWith.indexOf("XMLHttpRequest") != -1)
+        if (xRequestedWith != null && xRequestedWith.contains("XMLHttpRequest"))
        {
            return true;
        }
@ -127,10 +141,6 @@ public class ServletUtils
        }

        String ajax = request.getParameter("__ajax");
-        if (StringUtils.inStringIgnoreCase(ajax, "json", "xml"))
-        {
-            return true;
-        }
-        return false;
+        return StringUtils.inStringIgnoreCase(ajax, "json", "xml");
    }
 }
--- a/ruoyi-common/src/main/java/com/ruoyi/common/utils/StringUtils.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/utils/StringUtils.java
@ -6,6 +6,8 @@ import java.util.HashSet;
 import java.util.List;
 import java.util.Map;
 import java.util.Set;
+import org.springframework.util.AntPathMatcher;
+import com.ruoyi.common.constant.Constants;
 import com.ruoyi.common.core.text.StrFormatter;

 /**
@ -260,6 +262,17 @@ public class StringUtils extends org.apache.commons.lang3.StringUtils
        return StrFormatter.format(template, params);
    }

+    /**
+     * 是否为http(s)://开头
+     * 
+     * @param link 链接
+     * @return 结果
+     */
+    public static boolean ishttp(String link)
+    {
+        return StringUtils.startsWithAny(link, Constants.HTTP, Constants.HTTPS);
+    }
+
    /**
     * 字符串转set
     * 
@ -312,7 +325,30 @@ public class StringUtils extends org.apache.commons.lang3.StringUtils
    }

    /**
-     * 下划线转驼峰命名
+     * 查找指定字符串是否包含指定字符串列表中的任意一个字符串同时串忽略大小写
+     *
+     * @param cs 指定字符串
+     * @param searchCharSequences 需要检查的字符串数组
+     * @return 是否包含任意一个字符串
+     */
+    public static boolean containsAnyIgnoreCase(CharSequence cs, CharSequence... searchCharSequences)
+    {
+        if (isEmpty(cs) || isEmpty(searchCharSequences))
+        {
+            return false;
+        }
+        for (CharSequence testStr : searchCharSequences)
+        {
+            if (containsIgnoreCase(cs, testStr))
+            {
+                return true;
+            }
+        }
+        return false;
+    }
+
+    /**
+     * 驼峰转下划线命名
     */
    public static String toUnderScoreCase(String str)
    {
@ -451,9 +487,97 @@ public class StringUtils extends org.apache.commons.lang3.StringUtils
        return sb.toString();
    }

+    /**
+     * 查找指定字符串是否匹配指定字符串列表中的任意一个字符串
+     * 
+     * @param str 指定字符串
+     * @param strs 需要检查的字符串数组
+     * @return 是否匹配
+     */
+    public static boolean matches(String str, List<String> strs)
+    {
+        if (isEmpty(str) || isEmpty(strs))
+        {
+            return false;
+        }
+        for (String pattern : strs)
+        {
+            if (isMatch(pattern, str))
+            {
+                return true;
+            }
+        }
+        return false;
+    }
+
+    /**
+     * 判断url是否与规则配置: 
+     * ? 表示单个字符; 
+     * * 表示一层路径内的任意字符串，不可跨层级; 
+     * ** 表示任意层路径;
+     * 
+     * @param pattern 匹配规则
+     * @param url 需要匹配的url
+     * @return
+     */
+    public static boolean isMatch(String pattern, String url)
+    {
+        AntPathMatcher matcher = new AntPathMatcher();
+        return matcher.match(pattern, url);
+    }
+
    @SuppressWarnings("unchecked")
    public static <T> T cast(Object obj)
    {
        return (T) obj;
    }
+
+    /**
+     * 数字左边补齐0，使之达到指定长度。注意，如果数字转换为字符串后，长度大于size，则只保留 最后size个字符。
+     * 
+     * @param num 数字对象
+     * @param size 字符串指定长度
+     * @return 返回数字的字符串格式，该字符串为指定长度。
+     */
+    public static final String padl(final Number num, final int size)
+    {
+        return padl(num.toString(), size, '0');
+    }
+
+    /**
+     * 字符串左补齐。如果原始字符串s长度大于size，则只保留最后size个字符。
+     * 
+     * @param s 原始字符串
+     * @param size 字符串指定长度
+     * @param c 用于补齐的字符
+     * @return 返回指定长度的字符串，由原字符串左补齐或截取得到。
+     */
+    public static final String padl(final String s, final int size, final char c)
+    {
+        final StringBuilder sb = new StringBuilder(size);
+        if (s != null)
+        {
+            final int len = s.length();
+            if (s.length() <= size)
+            {
+                for (int i = size - len; i > 0; i--)
+                {
+                    sb.append(c);
+                }
+                sb.append(s);
+            }
+            else
+            {
+                return s.substring(len - size, len);
+            }
+        }
+        else
+        {
+            for (int i = size; i > 0; i--)
+            {
+                sb.append(c);
+            }
+        }
+        return sb.toString();
+    }
 }
--- a/ruoyi-common/src/main/java/com/ruoyi/common/utils/Threads.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/utils/Threads.java
@ -36,7 +36,7 @@ public class Threads
     * 停止线程池
     * 先使用shutdown, 停止接收新任务并尝试完成所有已存在任务.
     * 如果超时, 则调用shutdownNow, 取消在workQueue中Pending的任务,并中断所有阻塞函数.
-     * 如果仍人超時，則強制退出.
+     * 如果仍然超時，則強制退出.
     * 另对在shutdown时线程本身被调用中断做了处理.
     */
    public static void shutdownAndAwaitTermination(ExecutorService pool)
--- a/ruoyi-common/src/main/java/com/ruoyi/common/utils/VerifyCodeUtils.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/utils/VerifyCodeUtils.java
@ -1,228 +0,0 @@
-package com.ruoyi.common.utils;
-
-import java.awt.Color;
-import java.awt.Font;
-import java.awt.Graphics;
-import java.awt.Graphics2D;
-import java.awt.RenderingHints;
-import java.awt.geom.AffineTransform;
-import java.awt.image.BufferedImage;
-import java.io.IOException;
-import java.io.OutputStream;
-import java.security.SecureRandom;
-import java.util.Arrays;
-import java.util.Random;
-import javax.imageio.ImageIO;
-
-/**
- * 验证码工具类
- * 
- * @author ruoyi
- */
-public class VerifyCodeUtils
-{
-    // 使用到Algerian字体，系统里没有的话需要安装字体，字体只显示大写，去掉了1,0,i,o几个容易混淆的字符
-    public static final String VERIFY_CODES = "123456789ABCDEFGHJKLMNPQRSTUVWXYZ";
-
-    private static Random random = new SecureRandom();
-
-    /**
-     * 使用系统默认字符源生成验证码
-     * 
-     * @param verifySize 验证码长度
-     * @return
-     */
-    public static String generateVerifyCode(int verifySize)
-    {
-        return generateVerifyCode(verifySize, VERIFY_CODES);
-    }
-
-    /**
-     * 使用指定源生成验证码
-     * 
-     * @param verifySize 验证码长度
-     * @param sources 验证码字符源
-     * @return
-     */
-    public static String generateVerifyCode(int verifySize, String sources)
-    {
-        if (sources == null || sources.length() == 0)
-        {
-            sources = VERIFY_CODES;
-        }
-        int codesLen = sources.length();
-        Random rand = new Random(System.currentTimeMillis());
-        StringBuilder verifyCode = new StringBuilder(verifySize);
-        for (int i = 0; i < verifySize; i++)
-        {
-            verifyCode.append(sources.charAt(rand.nextInt(codesLen - 1)));
-        }
-        return verifyCode.toString();
-    }
-
-    /**
-     * 输出指定验证码图片流
-     * 
-     * @param w
-     * @param h
-     * @param os
-     * @param code
-     * @throws IOException
-     */
-    public static void outputImage(int w, int h, OutputStream os, String code) throws IOException
-    {
-        int verifySize = code.length();
-        BufferedImage image = new BufferedImage(w, h, BufferedImage.TYPE_INT_RGB);
-        Random rand = new Random();
-        Graphics2D g2 = image.createGraphics();
-        g2.setRenderingHint(RenderingHints.KEY_ANTIALIASING, RenderingHints.VALUE_ANTIALIAS_ON);
-        Color[] colors = new Color[5];
-        Color[] colorSpaces = new Color[] { Color.WHITE, Color.CYAN, Color.GRAY, Color.LIGHT_GRAY, Color.MAGENTA,
-                Color.ORANGE, Color.PINK, Color.YELLOW };
-        float[] fractions = new float[colors.length];
-        for (int i = 0; i < colors.length; i++)
-        {
-            colors[i] = colorSpaces[rand.nextInt(colorSpaces.length)];
-            fractions[i] = rand.nextFloat();
-        }
-        Arrays.sort(fractions);
-
-        g2.setColor(Color.GRAY);// 设置边框色
-        g2.fillRect(0, 0, w, h);
-
-        Color c = getRandColor(200, 250);
-        g2.setColor(c);// 设置背景色
-        g2.fillRect(0, 2, w, h - 4);
-
-        // 绘制干扰线
-        Random random = new Random();
-        g2.setColor(getRandColor(160, 200));// 设置线条的颜色
-        for (int i = 0; i < 20; i++)
-        {
-            int x = random.nextInt(w - 1);
-            int y = random.nextInt(h - 1);
-            int xl = random.nextInt(6) + 1;
-            int yl = random.nextInt(12) + 1;
-            g2.drawLine(x, y, x + xl + 40, y + yl + 20);
-        }
-
-        // 添加噪点
-        float yawpRate = 0.05f;// 噪声率
-        int area = (int) (yawpRate * w * h);
-        for (int i = 0; i < area; i++)
-        {
-            int x = random.nextInt(w);
-            int y = random.nextInt(h);
-            int rgb = getRandomIntColor();
-            image.setRGB(x, y, rgb);
-        }
-
-        shear(g2, w, h, c);// 使图片扭曲
-
-        g2.setColor(getRandColor(100, 160));
-        int fontSize = h - 4;
-        Font font = new Font("Algerian", Font.ITALIC, fontSize);
-        g2.setFont(font);
-        char[] chars = code.toCharArray();
-        for (int i = 0; i < verifySize; i++)
-        {
-            AffineTransform affine = new AffineTransform();
-            affine.setToRotation(Math.PI / 4 * rand.nextDouble() * (rand.nextBoolean() ? 1 : -1),
-                    (w / verifySize) * i + fontSize / 2, h / 2);
-            g2.setTransform(affine);
-            g2.drawChars(chars, i, 1, ((w - 10) / verifySize) * i + 5, h / 2 + fontSize / 2 - 10);
-        }
-
-        g2.dispose();
-        ImageIO.write(image, "jpg", os);
-    }
-
-    private static Color getRandColor(int fc, int bc)
-    {
-        if (fc > 255) {
-            fc = 255;
-        }
-        if (bc > 255) {
-            bc = 255;
-        }
-        int r = fc + random.nextInt(bc - fc);
-        int g = fc + random.nextInt(bc - fc);
-        int b = fc + random.nextInt(bc - fc);
-        return new Color(r, g, b);
-    }
-
-    private static int getRandomIntColor()
-    {
-        int[] rgb = getRandomRgb();
-        int color = 0;
-        for (int c : rgb)
-        {
-            color = color << 8;
-            color = color | c;
-        }
-        return color;
-    }
-
-    private static int[] getRandomRgb()
-    {
-        int[] rgb = new int[3];
-        for (int i = 0; i < 3; i++)
-        {
-            rgb[i] = random.nextInt(255);
-        }
-        return rgb;
-    }
-
-    private static void shear(Graphics g, int w1, int h1, Color color)
-    {
-        shearX(g, w1, h1, color);
-        shearY(g, w1, h1, color);
-    }
-
-    private static void shearX(Graphics g, int w1, int h1, Color color)
-    {
-
-        int period = random.nextInt(2);
-
-        boolean borderGap = true;
-        int frames = 1;
-        int phase = random.nextInt(2);
-
-        for (int i = 0; i < h1; i++)
-        {
-            double d = (double) (period >> 1)
-                    * Math.sin((double) i / (double) period + (6.2831853071795862D * (double) phase) / (double) frames);
-            g.copyArea(0, i, w1, 1, (int) d, 0);
-            if (borderGap)
-            {
-                g.setColor(color);
-                g.drawLine((int) d, i, 0, i);
-                g.drawLine((int) d + w1, i, w1, i);
-            }
-        }
-
-    }
-
-    private static void shearY(Graphics g, int w1, int h1, Color color)
-    {
-
-        int period = random.nextInt(40) + 10; // 50;
-
-        boolean borderGap = true;
-        int frames = 20;
-        int phase = 7;
-        for (int i = 0; i < w1; i++)
-        {
-            double d = (double) (period >> 1)
-                    * Math.sin((double) i / (double) period + (6.2831853071795862D * (double) phase) / (double) frames);
-            g.copyArea(i, 0, 1, h1, 0, (int) d);
-            if (borderGap)
-            {
-                g.setColor(color);
-                g.drawLine(i, (int) d, i, 0);
-                g.drawLine(i, (int) d + h1, i, h1);
-            }
-
-        }
-    }
-}
--- a/ruoyi-common/src/main/java/com/ruoyi/common/utils/bean/BeanValidators.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/utils/bean/BeanValidators.java
@ -0,0 +1,24 @@
+package com.ruoyi.common.utils.bean;
+
+import java.util.Set;
+import javax.validation.ConstraintViolation;
+import javax.validation.ConstraintViolationException;
+import javax.validation.Validator;
+
+/**
+ * bean对象属性验证
+ * 
+ * @author ruoyi
+ */
+public class BeanValidators
+{
+    public static void validateWithException(Validator validator, Object object, Class<?>... groups)
+            throws ConstraintViolationException
+    {
+        Set<ConstraintViolation<Object>> constraintViolations = validator.validate(object, groups);
+        if (!constraintViolations.isEmpty())
+        {
+            throw new ConstraintViolationException(constraintViolations);
+        }
+    }
+}
--- a/ruoyi-common/src/main/java/com/ruoyi/common/utils/file/FileUploadUtils.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/utils/file/FileUploadUtils.java
@ -2,6 +2,8 @@ package com.ruoyi.common.utils.file;

 import java.io.File;
 import java.io.IOException;
+import java.nio.file.Paths;
+import java.util.Objects;
 import org.apache.commons.io.FilenameUtils;
 import org.springframework.web.multipart.MultipartFile;
 import com.ruoyi.common.config.RuoYiConfig;
@ -11,7 +13,7 @@ import com.ruoyi.common.exception.file.FileSizeLimitExceededException;
 import com.ruoyi.common.exception.file.InvalidExtensionException;
 import com.ruoyi.common.utils.DateUtils;
 import com.ruoyi.common.utils.StringUtils;
-import com.ruoyi.common.utils.uuid.IdUtils;
+import com.ruoyi.common.utils.uuid.Seq;

 /**
 * 文件上传工具类
@ -100,7 +102,7 @@ public class FileUploadUtils
            throws FileSizeLimitExceededException, IOException, FileNameLengthLimitExceededException,
            InvalidExtensionException
    {
-        int fileNamelength = file.getOriginalFilename().length();
+        int fileNamelength = Objects.requireNonNull(file.getOriginalFilename()).length();
        if (fileNamelength > FileUploadUtils.DEFAULT_FILE_NAME_LENGTH)
        {
            throw new FileNameLengthLimitExceededException(FileUploadUtils.DEFAULT_FILE_NAME_LENGTH);
@ -110,10 +112,9 @@ public class FileUploadUtils

        String fileName = extractFilename(file);

-        File desc = getAbsoluteFile(baseDir, fileName);
-        file.transferTo(desc);
-        String pathFileName = getPathFileName(baseDir, fileName);
-        return pathFileName;
+        String absPath = getAbsoluteFile(baseDir, fileName).getAbsolutePath();
+        file.transferTo(Paths.get(absPath));
+        return getPathFileName(baseDir, fileName);
    }

    /**
@ -121,33 +122,29 @@ public class FileUploadUtils
     */
    public static final String extractFilename(MultipartFile file)
    {
-        String fileName = file.getOriginalFilename();
-        String extension = getExtension(file);
-        fileName = DateUtils.datePath() + "/" + IdUtils.fastUUID() + "." + extension;
-        return fileName;
+        return StringUtils.format("{}/{}_{}.{}", DateUtils.datePath(),
+                FilenameUtils.getBaseName(file.getOriginalFilename()), Seq.getId(Seq.uploadSeqType), getExtension(file));
    }

-    private static final File getAbsoluteFile(String uploadDir, String fileName) throws IOException
+    public static final File getAbsoluteFile(String uploadDir, String fileName) throws IOException
    {
        File desc = new File(uploadDir + File.separator + fileName);

+        if (!desc.exists())
+        {
            if (!desc.getParentFile().exists())
            {
                desc.getParentFile().mkdirs();
            }
-        if (!desc.exists())
-        {
-            desc.createNewFile();
        }
        return desc;
    }

-    private static final String getPathFileName(String uploadDir, String fileName) throws IOException
+    public static final String getPathFileName(String uploadDir, String fileName) throws IOException
    {
        int dirLastIndex = RuoYiConfig.getProfile().length() + 1;
        String currentDir = StringUtils.substring(uploadDir, dirLastIndex);
-        String pathFileName = Constants.RESOURCE_PREFIX + "/" + currentDir + "/" + fileName;
-        return pathFileName;
+        return Constants.RESOURCE_PREFIX + "/" + currentDir + "/" + fileName;
    }

    /**
@ -162,7 +159,7 @@ public class FileUploadUtils
            throws FileSizeLimitExceededException, InvalidExtensionException
    {
        long size = file.getSize();
-        if (DEFAULT_MAX_SIZE != -1 && size > DEFAULT_MAX_SIZE)
+        if (size > DEFAULT_MAX_SIZE)
        {
            throw new FileSizeLimitExceededException(DEFAULT_MAX_SIZE / 1024 / 1024);
        }
@ -186,6 +183,11 @@ public class FileUploadUtils
                throw new InvalidExtensionException.InvalidMediaExtensionException(allowedExtension, extension,
                        fileName);
            }
+            else if (allowedExtension == MimeTypeUtils.VIDEO_EXTENSION)
+            {
+                throw new InvalidExtensionException.InvalidVideoExtensionException(allowedExtension, extension,
+                        fileName);
+            }
            else
            {
                throw new InvalidExtensionException(allowedExtension, extension, fileName);
@ -224,7 +226,7 @@ public class FileUploadUtils
        String extension = FilenameUtils.getExtension(file.getOriginalFilename());
        if (StringUtils.isEmpty(extension))
        {
-            extension = MimeTypeUtils.getExtension(file.getContentType());
+            extension = MimeTypeUtils.getExtension(Objects.requireNonNull(file.getContentType()));
        }
        return extension;
    }
--- a/ruoyi-common/src/main/java/com/ruoyi/common/utils/file/FileUtils.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/utils/file/FileUtils.java
@ -3,6 +3,7 @@ package com.ruoyi.common.utils.file;
 import java.io.File;
 import java.io.FileInputStream;
 import java.io.FileNotFoundException;
+import java.io.FileOutputStream;
 import java.io.IOException;
 import java.io.OutputStream;
 import java.io.UnsupportedEncodingException;
@ -10,15 +11,20 @@ import java.net.URLEncoder;
 import java.nio.charset.StandardCharsets;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
+import org.apache.commons.io.IOUtils;
 import org.apache.commons.lang3.ArrayUtils;
+import com.ruoyi.common.config.RuoYiConfig;
+import com.ruoyi.common.utils.DateUtils;
 import com.ruoyi.common.utils.StringUtils;
+import com.ruoyi.common.utils.uuid.IdUtils;
+import org.apache.commons.io.FilenameUtils;

 /**
 * 文件处理工具类
 * 
 * @author ruoyi
 */
-public class FileUtils extends org.apache.commons.io.FileUtils
+public class FileUtils
 {
    public static String FILENAME_PATTERN = "[a-zA-Z0-9_\\-\\|\\.\\u4e00-\\u9fa5]+";

@ -53,29 +59,48 @@ public class FileUtils extends org.apache.commons.io.FileUtils
        }
        finally
        {
-            if (os != null)
+            IOUtils.close(os);
+            IOUtils.close(fis);
+        }
+    }
+
+    /**
+     * 写数据到文件中
+     *
+     * @param data 数据
+     * @return 目标文件
+     * @throws IOException IO异常
+     */
+    public static String writeImportBytes(byte[] data) throws IOException
    {
+        return writeBytes(data, RuoYiConfig.getImportPath());
+    }
+
+    /**
+     * 写数据到文件中
+     *
+     * @param data 数据
+     * @param uploadDir 目标文件
+     * @return 目标文件
+     * @throws IOException IO异常
+     */
+    public static String writeBytes(byte[] data, String uploadDir) throws IOException
+    {
+        FileOutputStream fos = null;
+        String pathName = "";
        try
        {
-                    os.close();
+            String extension = getFileExtendName(data);
+            pathName = DateUtils.datePath() + "/" + IdUtils.fastUUID() + "." + extension;
+            File file = FileUploadUtils.getAbsoluteFile(uploadDir, pathName);
+            fos = new FileOutputStream(file);
+            fos.write(data);
        }
-                catch (IOException e1)
+        finally
        {
-                    e1.printStackTrace();
-                }
-            }
-            if (fis != null)
-            {
-                try
-                {
-                    fis.close();
-                }
-                catch (IOException e1)
-                {
-                    e1.printStackTrace();
-                }
-            }
+            IOUtils.close(fos);
        }
+        return FileUploadUtils.getPathFileName(uploadDir, pathName);
    }

    /**
@ -172,7 +197,6 @@ public class FileUtils extends org.apache.commons.io.FileUtils
     *
     * @param response 响应对象
     * @param realFileName 真实文件名
-     * @return
     */
    public static void setAttachmentResponseHeader(HttpServletResponse response, String realFileName) throws UnsupportedEncodingException
    {
@ -186,7 +210,9 @@ public class FileUtils extends org.apache.commons.io.FileUtils
                .append("utf-8''")
                .append(percentEncodedFileName);

+        response.addHeader("Access-Control-Expose-Headers", "Content-Disposition,download-filename");
        response.setHeader("Content-disposition", contentDispositionValue.toString());
+        response.setHeader("download-filename", percentEncodedFileName);
    }

    /**
@ -200,4 +226,68 @@ public class FileUtils extends org.apache.commons.io.FileUtils
        String encode = URLEncoder.encode(s, StandardCharsets.UTF_8.toString());
        return encode.replaceAll("\\+", "%20");
    }
+
+    /**
+     * 获取图像后缀
+     * 
+     * @param photoByte 图像数据
+     * @return 后缀名
+     */
+    public static String getFileExtendName(byte[] photoByte)
+    {
+        String strFileExtendName = "jpg";
+        if ((photoByte[0] == 71) && (photoByte[1] == 73) && (photoByte[2] == 70) && (photoByte[3] == 56)
+                && ((photoByte[4] == 55) || (photoByte[4] == 57)) && (photoByte[5] == 97))
+        {
+            strFileExtendName = "gif";
+        }
+        else if ((photoByte[6] == 74) && (photoByte[7] == 70) && (photoByte[8] == 73) && (photoByte[9] == 70))
+        {
+            strFileExtendName = "jpg";
+        }
+        else if ((photoByte[0] == 66) && (photoByte[1] == 77))
+        {
+            strFileExtendName = "bmp";
+        }
+        else if ((photoByte[1] == 80) && (photoByte[2] == 78) && (photoByte[3] == 71))
+        {
+            strFileExtendName = "png";
+        }
+        return strFileExtendName;
+    }
+
+    /**
+     * 获取文件名称 /profile/upload/2022/04/16/ruoyi.png -- ruoyi.png
+     * 
+     * @param fileName 路径名称
+     * @return 没有文件路径的名称
+     */
+    public static String getName(String fileName)
+    {
+        if (fileName == null)
+        {
+            return null;
+        }
+        int lastUnixPos = fileName.lastIndexOf('/');
+        int lastWindowsPos = fileName.lastIndexOf('\\');
+        int index = Math.max(lastUnixPos, lastWindowsPos);
+        return fileName.substring(index + 1);
+    }
+
+    /**
+     * 获取不带后缀文件名称 /profile/upload/2022/04/16/ruoyi.png -- ruoyi
+     * 
+     * @param fileName 路径名称
+     * @return 没有文件路径和后缀的名称
+     */
+    public static String getNameNotSuffix(String fileName)
+    {
+        if (fileName == null)
+        {
+            return null;
+        }
+        String baseName = FilenameUtils.getBaseName(fileName);
+        return baseName;
+    }
+
 }
--- a/ruoyi-common/src/main/java/com/ruoyi/common/utils/file/ImageUtils.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/utils/file/ImageUtils.java
@ -1,7 +1,6 @@
 package com.ruoyi.common.utils.file;

 import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
 import java.io.FileInputStream;
 import java.io.InputStream;
 import java.net.URL;
@ -59,13 +58,12 @@ public class ImageUtils
    /**
     * 读取文件为字节数据
     * 
-     * @param key 地址
+     * @param url 地址
     * @return 字节数据
     */
    public static byte[] readFile(String url)
    {
        InputStream in = null;
-        ByteArrayOutputStream baos = null;
        try
        {
            if (url.startsWith("http"))
@ -94,7 +92,7 @@ public class ImageUtils
        }
        finally
        {
-            IOUtils.closeQuietly(baos);
+            IOUtils.closeQuietly(in);
        }
    }
 }
--- a/ruoyi-common/src/main/java/com/ruoyi/common/utils/file/MimeTypeUtils.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/utils/file/MimeTypeUtils.java
@ -24,6 +24,8 @@ public class MimeTypeUtils
    public static final String[] MEDIA_EXTENSION = { "swf", "flv", "mp3", "wav", "wma", "wmv", "mid", "avi", "mpg",
            "asf", "rm", "rmvb" };

+    public static final String[] VIDEO_EXTENSION = { "mp4", "avi", "rmvb" };
+
    public static final String[] DEFAULT_ALLOWED_EXTENSION = {
            // 图片
            "bmp", "gif", "jpg", "jpeg", "png",
@ -31,6 +33,8 @@ public class MimeTypeUtils
            "doc", "docx", "xls", "xlsx", "ppt", "pptx", "html", "htm", "txt",
            // 压缩文件
            "rar", "zip", "gz", "bz2",
+            // 视频格式
+            "mp4", "avi", "rmvb",
            // pdf
            "pdf" };

--- a/ruoyi-common/src/main/java/com/ruoyi/common/utils/html/EscapeUtil.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/utils/html/EscapeUtil.java
@ -22,7 +22,7 @@ public class EscapeUtil

        // special HTML characters
        TEXT['\''] = "&#039;".toCharArray(); // 单引号
-        TEXT['"'] = "&#34;".toCharArray(); // 单引号
+        TEXT['"'] = "&#34;".toCharArray(); // 双引号
        TEXT['&'] = "&#38;".toCharArray(); // &符
        TEXT['<'] = "&#60;".toCharArray(); // 小于号
        TEXT['>'] = "&#62;".toCharArray(); // 大于号
@ -69,26 +69,37 @@ public class EscapeUtil
     */
    private static String encode(String text)
    {
-        int len;
-        if ((text == null) || ((len = text.length()) == 0))
+        if (StringUtils.isEmpty(text))
        {
            return StringUtils.EMPTY;
        }
-        StringBuilder buffer = new StringBuilder(len + (len >> 2));
+
+        final StringBuilder tmp = new StringBuilder(text.length() * 6);
        char c;
-        for (int i = 0; i < len; i++)
+        for (int i = 0; i < text.length(); i++)
        {
            c = text.charAt(i);
-            if (c < 64)
+            if (c < 256)
            {
-                buffer.append(TEXT[c]);
+                tmp.append("%");
+                if (c < 16)
+                {
+                    tmp.append("0");
+                }
+                tmp.append(Integer.toString(c, 16));
            }
            else
            {
-                buffer.append(c);
+                tmp.append("%u");
+                if (c <= 0xfff)
+                {
+                    // issue#I49JU8@Gitee
+                    tmp.append("0");
+                }
+                tmp.append(Integer.toString(c, 16));
            }
        }
-        return buffer.toString();
+        return tmp.toString();
    }

    /**
@ -145,11 +156,12 @@ public class EscapeUtil
    public static void main(String[] args)
    {
        String html = "<script>alert(1);</script>";
+        String escape = EscapeUtil.escape(html);
        // String html = "<scr<script>ipt>alert(\"XSS\")</scr<script>ipt>";
        // String html = "<123";
        // String html = "123>";
-        System.out.println(EscapeUtil.clean(html));
-        System.out.println(EscapeUtil.escape(html));
-        System.out.println(EscapeUtil.unescape(html));
+        System.out.println("clean: " + EscapeUtil.clean(html));
+        System.out.println("escape: " + escape);
+        System.out.println("unescape: " + EscapeUtil.unescape(escape));
    }
 }
--- a/ruoyi-common/src/main/java/com/ruoyi/common/utils/html/HTMLFilter.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/utils/html/HTMLFilter.java
@ -332,7 +332,7 @@ public final class HTMLFilter
            final String name = m.group(1).toLowerCase();
            if (allowed(name))
            {
-                if (false == inArray(name, vSelfClosingTags))
+                if (!inArray(name, vSelfClosingTags))
                {
                    if (vTagCounts.containsKey(name))
                    {
@ -387,7 +387,7 @@ public final class HTMLFilter
                        {
                            paramValue = processParamProtocol(paramValue);
                        }
-                        params.append(' ').append(paramName).append("=\"").append(paramValue).append("\"");
+                        params.append(' ').append(paramName).append("=\\\"").append(paramValue).append("\"");
                    }
                }

--- a/ruoyi-common/src/main/java/com/ruoyi/common/utils/http/HttpHelper.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/utils/http/HttpHelper.java
@ -4,7 +4,7 @@ import java.io.BufferedReader;
 import java.io.IOException;
 import java.io.InputStream;
 import java.io.InputStreamReader;
-import java.nio.charset.Charset;
+import java.nio.charset.StandardCharsets;
 import javax.servlet.ServletRequest;
 import org.apache.commons.lang3.exception.ExceptionUtils;
 import org.slf4j.Logger;
@ -25,7 +25,7 @@ public class HttpHelper
        BufferedReader reader = null;
        try (InputStream inputStream = request.getInputStream())
        {
-            reader = new BufferedReader(new InputStreamReader(inputStream, Charset.forName("UTF-8")));
+            reader = new BufferedReader(new InputStreamReader(inputStream, StandardCharsets.UTF_8));
            String line = "";
            while ((line = reader.readLine()) != null)
            {
--- a/ruoyi-common/src/main/java/com/ruoyi/common/utils/http/HttpUtils.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/utils/http/HttpUtils.java
@ -9,6 +9,7 @@ import java.net.ConnectException;
 import java.net.SocketTimeoutException;
 import java.net.URL;
 import java.net.URLConnection;
+import java.nio.charset.StandardCharsets;
 import java.security.cert.X509Certificate;
 import javax.net.ssl.HostnameVerifier;
 import javax.net.ssl.HttpsURLConnection;
@ -19,6 +20,7 @@ import javax.net.ssl.X509TrustManager;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import com.ruoyi.common.constant.Constants;
+import com.ruoyi.common.utils.StringUtils;

 /**
 * 通用http发送方法
@ -29,6 +31,17 @@ public class HttpUtils
 {
    private static final Logger log = LoggerFactory.getLogger(HttpUtils.class);

+    /**
+     * 向指定 URL 发送GET方法的请求
+     *
+     * @param url 发送请求的 URL
+     * @return 所代表远程资源的响应结果
+     */
+    public static String sendGet(String url)
+    {
+        return sendGet(url, StringUtils.EMPTY);
+    }
+
    /**
     * 向指定 URL 发送GET方法的请求
     *
@ -55,7 +68,7 @@ public class HttpUtils
        BufferedReader in = null;
        try
        {
-            String urlNameString = url + "?" + param;
+            String urlNameString = StringUtils.isNotBlank(param) ? url + "?" + param : url;
            log.info("sendGet - {}", urlNameString);
            URL realUrl = new URL(urlNameString);
            URLConnection connection = realUrl.openConnection();
@ -118,9 +131,8 @@ public class HttpUtils
        StringBuilder result = new StringBuilder();
        try
        {
-            String urlNameString = url;
-            log.info("sendPost - {}", urlNameString);
-            URL realUrl = new URL(urlNameString);
+            log.info("sendPost - {}", url);
+            URL realUrl = new URL(url);
            URLConnection conn = realUrl.openConnection();
            conn.setRequestProperty("accept", "*/*");
            conn.setRequestProperty("connection", "Keep-Alive");
@ -132,7 +144,7 @@ public class HttpUtils
            out = new PrintWriter(conn.getOutputStream());
            out.print(param);
            out.flush();
-            in = new BufferedReader(new InputStreamReader(conn.getInputStream(), "utf-8"));
+            in = new BufferedReader(new InputStreamReader(conn.getInputStream(), StandardCharsets.UTF_8));
            String line;
            while ((line = in.readLine()) != null)
            {
@ -206,7 +218,7 @@ public class HttpUtils
            {
                if (ret != null && !"".equals(ret.trim()))
                {
-                    result.append(new String(ret.getBytes("ISO-8859-1"), "utf-8"));
+                    result.append(new String(ret.getBytes(StandardCharsets.ISO_8859_1), StandardCharsets.UTF_8));
                }
            }
            log.info("recv - {}", result);
--- a/ruoyi-common/src/main/java/com/ruoyi/common/utils/ip/AddressUtils.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/utils/ip/AddressUtils.java
@ -25,7 +25,6 @@ public class AddressUtils

    public static String getRealAddressByIP(String ip)
    {
-        String address = UNKNOWN;
        // 内网不查询
        if (IpUtils.internalIp(ip))
        {
@ -51,6 +50,6 @@ public class AddressUtils
                log.error("获取地理位置异常 {}", ip);
            }
        }
-        return address;
+        return UNKNOWN;
    }
 }
--- a/ruoyi-common/src/main/java/com/ruoyi/common/utils/ip/IpUtils.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/utils/ip/IpUtils.java
@ -4,7 +4,6 @@ import java.net.InetAddress;
 import java.net.UnknownHostException;
 import javax.servlet.http.HttpServletRequest;
 import com.ruoyi.common.utils.StringUtils;
-import com.ruoyi.common.utils.html.EscapeUtil;

 /**
 * 获取IP方法
@ -13,6 +12,12 @@ import com.ruoyi.common.utils.html.EscapeUtil;
 */
 public class IpUtils
 {
+    /**
+     * 获取客户端IP
+     * 
+     * @param request 请求对象
+     * @return IP地址
+     */
    public static String getIpAddr(HttpServletRequest request)
    {
        if (request == null)
@ -41,15 +46,28 @@ public class IpUtils
        {
            ip = request.getRemoteAddr();
        }
-        return "0:0:0:0:0:0:0:1".equals(ip) ? "127.0.0.1" : EscapeUtil.clean(ip);
+
+        return "0:0:0:0:0:0:0:1".equals(ip) ? "127.0.0.1" : getMultistageReverseProxyIp(ip);
    }

+    /**
+     * 检查是否为内部IP地址
+     * 
+     * @param ip IP地址
+     * @return 结果
+     */
    public static boolean internalIp(String ip)
    {
        byte[] addr = textToNumericFormatV4(ip);
        return internalIp(addr) || "127.0.0.1".equals(ip);
    }

+    /**
+     * 检查是否为内部IP地址
+     * 
+     * @param addr byte地址
+     * @return 结果
+     */
    private static boolean internalIp(byte[] addr)
    {
        if (StringUtils.isNull(addr) || addr.length < 2)
@ -110,7 +128,8 @@ public class IpUtils
            {
                case 1:
                    l = Long.parseLong(elements[0]);
-                    if ((l < 0L) || (l > 4294967295L)) {
+                    if ((l < 0L) || (l > 4294967295L))
+                    {
                        return null;
                    }
                    bytes[0] = (byte) (int) (l >> 24 & 0xFF);
@ -120,12 +139,14 @@ public class IpUtils
                    break;
                case 2:
                    l = Integer.parseInt(elements[0]);
-                    if ((l < 0L) || (l > 255L)) {
+                    if ((l < 0L) || (l > 255L))
+                    {
                        return null;
                    }
                    bytes[0] = (byte) (int) (l & 0xFF);
                    l = Integer.parseInt(elements[1]);
-                    if ((l < 0L) || (l > 16777215L)) {
+                    if ((l < 0L) || (l > 16777215L))
+                    {
                        return null;
                    }
                    bytes[1] = (byte) (int) (l >> 16 & 0xFF);
@ -136,13 +157,15 @@ public class IpUtils
                    for (i = 0; i < 2; ++i)
                    {
                        l = Integer.parseInt(elements[i]);
-                        if ((l < 0L) || (l > 255L)) {
+                        if ((l < 0L) || (l > 255L))
+                        {
                            return null;
                        }
                        bytes[i] = (byte) (int) (l & 0xFF);
                    }
                    l = Integer.parseInt(elements[2]);
-                    if ((l < 0L) || (l > 65535L)) {
+                    if ((l < 0L) || (l > 65535L))
+                    {
                        return null;
                    }
                    bytes[2] = (byte) (int) (l >> 8 & 0xFF);
@ -152,7 +175,8 @@ public class IpUtils
                    for (i = 0; i < 4; ++i)
                    {
                        l = Integer.parseInt(elements[i]);
-                        if ((l < 0L) || (l > 255L)) {
+                        if ((l < 0L) || (l > 255L))
+                        {
                            return null;
                        }
                        bytes[i] = (byte) (int) (l & 0xFF);
@ -169,6 +193,11 @@ public class IpUtils
        return bytes;
    }

+    /**
+     * 获取IP地址
+     * 
+     * @return 本地IP地址
+     */
    public static String getHostIp()
    {
        try
@ -181,6 +210,11 @@ public class IpUtils
        return "127.0.0.1";
    }

+    /**
+     * 获取主机名
+     * 
+     * @return 本地主机名
+     */
    public static String getHostName()
    {
        try
@ -192,4 +226,39 @@ public class IpUtils
        }
        return "未知";
    }
+
+    /**
+     * 从多级反向代理中获得第一个非unknown IP地址
+     *
+     * @param ip 获得的IP地址
+     * @return 第一个非unknown IP地址
+     */
+    public static String getMultistageReverseProxyIp(String ip)
+    {
+        // 多级反向代理检测
+        if (ip != null && ip.indexOf(",") > 0)
+        {
+            final String[] ips = ip.trim().split(",");
+            for (String subIp : ips)
+            {
+                if (false == isUnknown(subIp))
+                {
+                    ip = subIp;
+                    break;
+                }
+            }
+        }
+        return ip;
+    }
+
+    /**
+     * 检测给定字符串是否为未知，多用于检测HTTP请求相关
+     *
+     * @param checkString 被检测的字符串
+     * @return 是否未知
+     */
+    public static boolean isUnknown(String checkString)
+    {
+        return StringUtils.isBlank(checkString) || "unknown".equalsIgnoreCase(checkString);
+    }
 }
--- a/ruoyi-common/src/main/java/com/ruoyi/common/utils/poi/ExcelHandlerAdapter.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/utils/poi/ExcelHandlerAdapter.java
@ -0,0 +1,19 @@
+package com.ruoyi.common.utils.poi;
+
+/**
+ * Excel数据格式处理适配器
+ * 
+ * @author ruoyi
+ */
+public interface ExcelHandlerAdapter
+{
+    /**
+     * 格式化
+     * 
+     * @param value 单元格数据值
+     * @param args excel注解args参数组
+     *
+     * @return 处理后的值
+     */
+    Object format(Object value, String[] args);
+}
--- a/ruoyi-common/src/main/java/com/ruoyi/common/utils/poi/ExcelUtil.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/utils/poi/ExcelUtil.java
--- a/Show More
+++ b/Show More
				`@ -0,0 +1 @@`
				`custom: http://doc.ruoyi.vip/ruoyi-vue/other/donate.html`