wsy182/RuoYi-Cloud
1
1
Fork 0
mirror of https://gitee.com/y_project/RuoYi-Cloud.git synced 2026-01-26 11:51:55 +08:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: wsy182:v3.2.0
Branches Tags
wsy182:master wsy182:springboot3
wsy182:v3.6.7 wsy182:v3.6.6 wsy182:v3.6.5 wsy182:v3.6.4 wsy182:v3.6.3 wsy182:v3.6.2 wsy182:v3.6.1 wsy182:v3.6.0 wsy182:v3.5.0 wsy182:v3.4.0 wsy182:v3.3.0 wsy182:v3.2.0 wsy182:v3.1.0 wsy182:v3.0.0 wsy182:v2.5.0 wsy182:v2.4.0 wsy182:v2.3.0 wsy182:v2.2 wsy182:v2.1 wsy182:v2.0
..
compare: wsy182:v3.6.0
Branches Tags
wsy182:springboot3 wsy182:master
wsy182:v3.6.7 wsy182:v3.6.6 wsy182:v3.6.5 wsy182:v3.6.4 wsy182:v3.6.3 wsy182:v3.6.2 wsy182:v3.6.1 wsy182:v3.6.0 wsy182:v3.5.0 wsy182:v3.4.0 wsy182:v3.3.0 wsy182:v3.2.0 wsy182:v3.1.0 wsy182:v3.0.0 wsy182:v2.5.0 wsy182:v2.4.0 wsy182:v2.3.0 wsy182:v2.2 wsy182:v2.1 wsy182:v2.0

260 Commits
v3.2.0 ... v3.6.0

Author SHA1 Message Date
RuoYi
87009e72bf 若依 3.6.0 2022-07-16 10:34:02 +08:00
RuoYi
d6a2028ec3 升级transmittable-thread-local到最新版本2.13.2 2022-07-15 15:19:22 +08:00
RuoYi
ef28473992 升级Spring Cloud相关组件到最新版 2022-07-15 14:32:58 +08:00
RuoYi
1543fb801b 升级element-ui到最新版本2.15.9 2022-07-15 10:03:48 +08:00
RuoYi
e753cea03e 修改验证码开关变量名 2022-07-15 10:02:59 +08:00
RuoYi
78332c2786 升级fastjson到最新版2.0.9 2022-07-12 18:20:46 +08:00
RuoYi
4b1351ef21 修改验证码开关变量名 2022-07-12 18:19:35 +08:00
RuoYi
f12baad00c 优化代码 2022-07-12 18:19:10 +08:00
RuoYi
81d3c90bbc 添加新群号:148794840 2022-07-09 16:47:52 +08:00
疯狂的狮子Li
0d58ecb09c 删除重复注释 2022-07-03 04:22:19 +00:00
RuoYi
1e16852a3c 升级spring-boot到最新版本2.6.8 2022-06-26 13:47:58 +08:00
RuoYi
57e63a184d 升级fastjson到最新版2.0.8 2022-06-26 13:15:38 +08:00
RuoYi
20476e9dd1 默认不启用压缩文件缓存防止node_modules过大 2022-06-26 13:15:28 +08:00
RuoYi
95aa343805 优化字典数据回显样式下拉框显示值 2022-06-26 13:15:17 +08:00
RuoYi
a573c4b10d 字典类型删除多余的mapper注解 2022-06-26 13:13:20 +08:00
疯狂的狮子Li
5964dc81ab remove 删除无用 admin-client 依赖声明 避免造成误解 2022-06-24 04:54:54 +00:00
RuoYi
721701274b 升级seata到最新版1.5.1 2022-06-17 21:41:23 +08:00
RuoYi
78c356a9f3 升级fastjson到最新版2.0.7 2022-06-17 20:52:41 +08:00
若依
b622675522 使用Lazy,AutoConfigureBefore注解解决循环引用及Bean重复问题 
Merge pull request !205 from 淡然逝去/N/A
 2022-06-17 12:51:22 +00:00
若依
912f607062 !203 WebSecurityConfigurerAdapter 在Spring Security 5.7过时 
Merge pull request !203 from 板砖/master
 2022-06-17 12:37:36 +00:00
淡然逝去
1297d094cb 使用 @Lazy,@AutoConfigureBefore注解解决循环引用及Bean重复问题,删除allow-bean-definition-overriding: true, allow-circular-references: true配置信息 2022-06-16 04:56:12 +00:00
RuoYi
ccfc4f7ad7 升级druid到最新版本1.2.11 2022-06-14 21:35:47 +08:00
RuoYi
8ee702e4a2 reset babel 2022-06-14 21:26:24 +08:00
wuzh
5945537ade WebSecurityConfigurerAdapter 过时更新 2022-06-13 21:34:59 +08:00
RuoYi
2051819d2d 删除多余的工具类 2022-06-13 21:07:11 +08:00
RuoYi
570d468814 optimized code 2022-06-13 20:57:03 +08:00
若依
5fd16ff806 !202 update ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/XssFilter.java. 
Merge pull request !202 from 光速蜗牛/N/A
 2022-06-13 12:49:34 +00:00
若依
17246d8a27 !199 简化逻辑判断 
Merge pull request !199 from 光速蜗牛/master
 2022-06-13 12:48:42 +00:00
若依
6d404a1f3b !198 去除多余的逗号 
Merge pull request !198 from runphp/N/A
 2022-06-13 12:48:18 +00:00
若依
7417c1d473 !197 update 优化新增用户与角色信息、用户与岗位信息逻辑 
Merge pull request !197 from 疯狂的狮子Li/N/A
 2022-06-13 12:48:11 +00:00
若依
9b35679ba6 !196 修正OpenFeign部分情况下传递header中Authorization参数值为空导致获取用户信息失败问题 
Merge pull request !196 from JellyBins/N/A
 2022-06-13 12:45:30 +00:00
若依
7af84cb923 !195 修复【增加对空字符串参数的过滤】提交的参数判断问题 
Merge pull request !195 from 清溪先生/master
 2022-06-13 12:42:23 +00:00
若依
8242cec9ac !194 update 使用 gateway 自带工具 优化缓存Request与body 
Merge pull request !194 from 疯狂的狮子Li/N/A
 2022-06-13 12:41:24 +00:00
光速蜗牛
5b8cf9701f update ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/XssFilter.java. 
update 优化 XssFilter 使用枚举替换字符串
 2022-06-13 10:12:38 +00:00
cgl
a52d455032 简化逻辑判断 2022-06-13 17:05:23 +08:00
runphp
d28f81dc68 去除多余的逗号 2022-06-11 01:13:30 +00:00
疯狂的狮子Li
7475cff47d update 优化新增用户与角色信息、用户与岗位信息逻辑 2022-06-08 13:55:25 +00:00
我以为
d6e6b99316 修正OpenFeign部分情况下传递header认证信息为空问题 #https://gitee.com/y_project/RuoYi-Cloud/issues/I5AGRR 2022-06-02 03:00:16 +00:00
清溪先生
5a48c5dba7 修复【增加对空字符串参数的过滤】提交的参数判断问题; 
Signed-off-by: 清溪先生 <usfree2021@163.com>
 2022-06-02 08:53:31 +08:00
疯狂的狮子Li
ad7133f39d update 使用 gateway 自带工具 优化缓存Request与body 2022-05-31 05:03:34 +00:00
疯狂的狮子Li
fca189fa73 update 优化 CacheRequestFilter 使用枚举替换字符串 2022-05-31 02:55:17 +00:00
RuoYi
6cda8cb28f 表单构建按钮不显示正则校验 2022-05-29 09:49:54 +08:00
RuoYi
9c29907d57 增加对空字符串参数的过滤 2022-05-29 09:49:43 +08:00
RuoYi
b3d462e873 用户列表查询不显示密码字段 2022-05-29 09:49:29 +08:00
RuoYi
cdcc466300 升级fastjson到最新版2.0.4 2022-05-26 10:04:13 +08:00
RuoYi
12ca164c44 升级fastjson到最新版1.2.83 2022-05-24 10:14:31 +08:00
RuoYi
1d1b9501b7 用户头像上传限制只能为图片格式 2022-05-22 19:16:52 +08:00
RuoYi
24376681b8 优化switch case条件 2022-05-22 19:14:27 +08:00
RuoYi
386f3eb016 修复操作日志查询类型条件为0时会查到所有数据 2022-05-22 19:14:12 +08:00
疯狂的狮子Li
2a6a74ead5 fix 修复编辑报错 去除 NOT NULL 判断 兼容 nacos 低版本 2022-05-16 02:22:17 +00:00
若依
01e4e619e6 !188 【轻量级 PR】代码异味。项目review时发现多了逗号。 
Merge pull request !188 from Tigger_hyk/master
 2022-05-13 08:21:36 +00:00
若依
f6f07f255a !187 【轻量级 PR】:体验优化。用户管理左侧树型组件增加选中高亮保持。 
Merge pull request !187 from Tigger_hyk/dev
 2022-05-13 07:00:33 +00:00
huyikai
2eaa52c7aa Unexpected use of comma operator 2022-05-13 14:54:40 +08:00
huyikai
86b9e675b5 体验优化-用户管理左侧树型组件增加选中高亮保持。 2022-05-12 10:55:34 +08:00
RuoYi
b76cd4d0e2 update ry_config.sql 2022-05-10 17:23:33 +08:00
RuoYi
a4ad2b8b3c 升级spring-boot-admin到最新版2.6.7 2022-05-10 10:17:36 +08:00
RuoYi
103bf66f77 修复字典数据显示不全问题 2022-05-10 10:17:17 +08:00
RuoYi
5dbed46552 优化excel创建表格样式 2022-05-09 17:48:20 +08:00
若依
97500fbccb !182 简化返回值 
Merge pull request !182 from shawn/dev
 2022-05-09 09:44:49 +00:00
RuoYi
70f306418f 修改代码生成树形选择器组件 2022-04-25 10:30:02 +08:00
RuoYi
6bc77169fe 修改显示顺序orderNum类型为整型 2022-04-25 10:29:46 +08:00
RuoYi
742f3106a2 修复长主键溢出问题 将查询返回类型改为 Long 2022-04-24 19:10:41 +08:00
RuoYi
9ec4d19384 update ry_config.sql 2022-04-24 19:10:13 +08:00
RuoYi
68040827e2 最新alibaba/seata版本无需处理循环引用问题 2022-04-24 19:09:44 +08:00
若依
75d91c7d1d !185 spring-cloud.version 2021.0.1 官方推荐对应 spring-cloud-alibaba 2021.0.1.0 
Merge pull request !185 from abbfun/N/A
 2022-04-24 10:18:47 +00:00
若依
95c1286f06 !184 spring-boot 最新版本 2.6.7 
Merge pull request !184 from abbfun/N/A
 2022-04-24 10:18:40 +00:00
abbfun
f63a76f661 spring-cloud.version 2021.0.1 官方推荐对应 spring-cloud-alibaba 2021.0.1.0 
spring-cloud.version 2021.0.1 对应 spring-cloud-alibaba 2021.0.1.0,
官方说明
https://github.com/alibaba/spring-cloud-alibaba/wiki/%E7%89%88%E6%9C%AC%E8%AF%B4%E6%98%8E#%E6%AF%95%E4%B8%9A%E7%89%88%E6%9C%AC%E4%BE%9D%E8%B5%96%E5%85%B3%E7%B3%BB%E6%8E%A8%E8%8D%90%E4%BD%BF%E7%94%A8
 2022-04-23 14:36:48 +00:00
abbfun
6644d3077d spring-boot 最新版本 2.6.7 2022-04-23 13:44:57 +00:00
RuoYi
54d1c58338 Excel注解支持color字体颜色 2022-04-23 21:07:52 +08:00
shawn
9da3b34b9c 简化返回值逻辑判断 2022-04-20 21:37:59 +08:00
RuoYi
1ec806ae80 设置分页参数默认值 2022-04-17 10:35:15 +08:00
RuoYi
4df2b72b30 检查定时任务bean所在包名是否为白名单配置 2022-04-17 10:35:00 +08:00
RuoYi
a0ce434163 升级element-ui到最新版本2.15.8 2022-04-15 09:39:15 +08:00
RuoYi
5053510236 字典类型必须以字母开头,且只能为(小写字母,数字,下滑线) 2022-04-15 09:38:39 +08:00
RuoYi
d14f27e5eb 若依 3.5.0 2022-04-11 09:02:50 +08:00
RuoYi
72cf2edf03 升级spring-boot-admin到最新版2.6.6 2022-04-10 18:55:27 +08:00
RuoYi
8c6035c8f9 升级spring-boot-admin到最新版2.6.5 2022-04-09 18:06:23 +08:00
RuoYi
f7b761275c 添加页签openPage支持传递参数 2022-04-08 15:43:52 +08:00
RuoYi
6f7b02372e 代码生成树表新增(展开/折叠) 2022-04-07 11:04:16 +08:00
RuoYi
0b6166663c 用户缓存信息添加部门ancestors祖级列表 2022-04-07 09:52:00 +08:00
RuoYi
723583a3b8 修复Excel注解prompt/combo同时使用不生效问题 2022-04-03 18:28:58 +08:00
RuoYi
6a017dddd1 升级spring-boot到最新版本2.6.6 防止RCE漏洞 2022-04-02 10:25:23 +08:00
RuoYi
6f5c149ba0 降级jsencrypt版本兼容IE浏览器 2022-04-02 10:25:04 +08:00
RuoYi
5d44d2b5a6 新增清理分页的线程变量方法 2022-03-31 11:58:23 +08:00
RuoYi
7c3425ee9b 升级spring-boot到最新版本2.6.5 2022-03-30 10:26:02 +08:00
RuoYi
6133563bf3 升级spring-boot-admin到最新版2.6.3 2022-03-30 10:25:35 +08:00
RuoYi
2d67d7c8e2 升级fastjson到最新版1.2.80 2022-03-30 10:25:17 +08:00
RuoYi
55a7a90bab update registry source 2022-03-30 10:23:51 +08:00
RuoYi
a70d5ee2ab topNav自定义隐藏侧边栏路由 2022-03-30 10:21:28 +08:00
RuoYi
e5c938c64a 优化IP地址获取到多个的问题 2022-03-27 15:35:20 +08:00
RuoYi
ccf84377f8 优化导出excel单元格验证,包含变更为开头.防止正常内容被替换 2022-03-27 15:34:13 +08:00
RuoYi
dc8938ab2f 优化固定Header后顶部导航栏样式问题(I4XDN5) 2022-03-17 09:49:05 +08:00
RuoYi
bc05b453df update README 2022-03-17 09:48:53 +08:00
RuoYi
368a9044be 修复Oracle数据库用户表头像列为null时不显示默认头像问题 2022-03-17 09:48:00 +08:00
RuoYi
242101ae6e 添加新群号:213618602 2022-03-16 09:18:21 +08:00
RuoYi
0b08933a8c 优化导出数据LocalDateTime类型无数据问题 2022-03-15 14:42:44 +08:00
RuoYi
99932d91c0 优化菜单名称过长悬停显示标题 2022-03-15 12:03:01 +08:00
若依
59387216b4 !168 登录信息状态常量值更正 
Merge pull request !168 from mastery/my-ry-cloud
 2022-03-11 02:12:24 +00:00
YangHuang
66f5f11069 登录信息状态枚举值更正 2022-03-11 10:04:26 +08:00
若依
33694c860f !165 记录登录信息状态值改为常量 
Merge pull request !165 from mastery/my-ry-cloud
 2022-03-09 02:29:28 +00:00
RuoYi
4c5c1d1f78 文件上传兼容Weblogic环境 2022-03-09 10:17:51 +08:00
若依
14cd3e2c6a !164 fix_bug 修复遗漏的拼写错误 
Merge pull request !164 from 董浩然/fix_bug
 2022-03-09 01:38:20 +00:00
YangHuang
34487865f3 记录登录信息状态值改为常量 2022-03-09 00:46:24 +08:00
donghaoran
2444fcc646 fix_bug 修复遗漏的拼写错误 2022-03-07 21:30:26 +08:00
RuoYi
8b3d75a6a0 开启TopNav没有子菜单情况隐藏侧边栏 2022-03-06 09:05:56 +08:00
疯狂的狮子Li
4feb0adb6e fix 修复变量拼写错误 2022-03-05 05:07:40 +00:00
RuoYi
82535c82d3 修复导入Excel时字典字段类型为Long转义为空问题 2022-03-05 08:41:19 +08:00
RuoYi
7a09412ecb 修复表单清除元素位置未垂直居中问题(I4V27B) 2022-03-04 19:26:47 +08:00
RuoYi
a30622b460 升级spring-boot到最新版本2.6.4 2022-02-26 09:59:39 +08:00
若依
df0813089e !159 解决 docker/copy.sh 复制文件名错误问题 
Merge pull request !159 from ningqingsheng/N/A
 2022-02-26 01:09:27 +00:00
若依
e059ed9c7f !160 【轻量级pr】poi ExcelUtil 增加对java8 日期的支持 
Merge pull request !160 from dazer007/excelUtil_add_java8_date
 2022-02-26 01:08:00 +00:00
duandazhi
105c9d99c8 poi ExcelUtil 增加对java8 日志类型的支持 2022-02-25 21:09:50 +08:00
ningqingsheng
a65eaf880d 解决 docker/copy.sh 复制命错误问题 2022-02-25 09:28:51 +00:00
RuoYi
04706403d3 组件fileUpload支持多文件同时选择上传 2022-02-25 11:44:05 +08:00
RuoYi
c43565ef43 组件ImageUpload支持多图同时选择上传 2022-02-25 09:11:31 +08:00
RuoYi
089ebaf9c5 代码生成子表支持日期/字典配置 2022-02-24 09:29:53 +08:00
RuoYi
6f3c3f1b7e 页面若未匹配到字典标签则返回原字典值 2022-02-23 16:52:31 +08:00
若依
2dc5e7319a !157 【轻量级 PR】:修复个人中心页面,修改个人信息功能的email字段的表单验证信息错误 
Merge pull request !157 from East/master
 2022-02-23 01:36:30 +00:00
East
b5d2628b71 修复个人中心页面,修改个人信息的时候,表单验证里email字段的验证message多一个单引号的问题 2022-02-23 09:27:15 +08:00
RuoYi
9460acd91b 优化菜单关键字导致的插件报错问题 2022-02-22 19:44:24 +08:00
若依
480d49f2b3 !154 优化2022-02-17的【修复分页组件请求两次问题】的实现 
Merge pull request !154 from East/master
 2022-02-21 07:13:44 +00:00
East
1358b21c3a 优化分页组件发送两次请求的实现 2022-02-21 13:12:03 +08:00
RuoYi
480bba4f9d 升级spring-cloud到最新版2021.0.1 2022-02-20 16:51:42 +08:00
RuoYi
a14c06a1f1 升级spring-boot-mybatis到最新版2.2.2 2022-02-20 16:51:08 +08:00
RuoYi
2e1ef93aa6 修改登录超时刷新页面跳转登录页面还提示重新登录问题 2022-02-19 17:12:50 +08:00
疯狂的狮子Li
14c412113f update 补全事务注解异常 2022-02-17 11:15:34 +00:00
RuoYi
642cfbda0a 修复分页组件请求两次问题 2022-02-17 18:56:21 +08:00
RuoYi
0e13296752 代码生成同步保留必填/类型选项 2022-02-13 21:09:16 +08:00
若依
8fac26edca !151 fix Value 'baos' is always 'null' 
Merge pull request !151 from runphp/N/A
 2022-02-13 12:59:10 +00:00
runphp
b0b16e1fc5 fix Value 'baos' is always 'null' 2022-02-13 01:22:42 +00:00
RuoYi
297193b6ce 代码生成编辑修改打开新页签 2022-02-12 14:28:30 +08:00
RuoYi
99e14d0e29 update gitignore 2022-02-12 14:23:33 +08:00
RuoYi
dbca691746 优化代码 2022-02-12 14:23:11 +08:00
若依
e66f65b257 !149 Result type not match for select id="selectMenuListByRoleId" 
Merge pull request !149 from runphp/N/A
 2022-02-12 06:06:08 +00:00
若依
5f60a37d8a !148 Condition 'DEFAULT_MAX_SIZE != -1' is always 'true' 
Merge pull request !148 from runphp/N/A
 2022-02-12 06:05:33 +00:00
若依
d30e136c1d !147 变量filename赋值后未使用 
Merge pull request !147 from runphp/N/A
 2022-02-12 06:03:45 +00:00
若依
9c122a4bfe !146 The 'filter().findAny().isPresent()' chain can be replaced with 'anyMatch()' 
Merge pull request !146 from runphp/N/A
 2022-02-12 06:03:20 +00:00
若依
1761a4f588 !145 修复文档参数名错误 
Merge pull request !145 from runphp/N/A
 2022-02-12 06:02:37 +00:00
若依
b60fa5c920 !144 删除方法无返回值时,方法注释上的@return 
Merge pull request !144 from 我的世界有我/master
 2022-02-12 06:01:41 +00:00
runphp
4191f5ca5c Result type not match for select id="selectMenuListByRoleId" 2022-02-11 10:35:57 +00:00
runphp
a00482d5d7 Condition 'DEFAULT_MAX_SIZE != -1' is always 'true' 2022-02-11 07:46:11 +00:00
runphp
2610869e9c 变量filename赋值后未使用 2022-02-11 07:18:44 +00:00
runphp
155eb55953 The 'filter().findAny().isPresent()' chain can be replaced with 'anyMatch()' 2022-02-11 06:15:39 +00:00
runphp
8541ca99af 修复文档参数名错误 2022-02-11 06:00:57 +00:00
caohong
9cb15ec2ae 方法结果没有返回值时,去掉方法注释 @Return 2022-02-11 09:23:24 +08:00
RuoYi
27d46fc0a4 修复Xss注解字段值为空时的异常问题 2022-02-10 17:09:20 +08:00
若依
5800ac6b9e !143 修改错误单词拼写 
Merge pull request !143 from 云川/master
 2022-02-10 09:04:58 +00:00
liuyuchuan
c57ec64e63 修改错误单词拼写,由**Capcha**改为**Captcha** 2022-02-08 18:08:22 +08:00
RuoYi
1a1d6562d2 用户访问控制时校验数据权限,防止越权 2022-01-27 12:21:02 +08:00
RuoYi
255101f6f7 导出Excel时屏蔽公式,防止CSV注入风险 2022-01-27 12:20:41 +08:00
RuoYi
bd30f3d53a 若依 3.4.0 2022-01-24 10:09:41 +08:00
RuoYi
0c24d59a2c 升级spring-boot-admin到最新版2.6.2 2022-01-23 10:52:39 +08:00
RuoYi
4557ca0ace fix css class name 2022-01-23 10:51:01 +08:00
RuoYi
18c0b3dec4 升级nacos到最新版2.0.4 2022-01-22 14:32:44 +08:00
RuoYi
674b7a0b04 升级spring-boot到最新版本2.6.3 2022-01-22 11:25:41 +08:00
RuoYi
d511f1bd94 升级spring-boot-admin到最新版2.6.1 2022-01-20 11:37:26 +08:00
RuoYi
fa75346763 修复选项卡点击右键刷新丢失参数问题 2022-01-18 11:44:30 +08:00
RuoYi
79b1717f9a vue3下点击编辑,取消修改报错问题 2022-01-18 11:42:45 +08:00
RuoYi
6b4d03cb8d update copyright 2022 2022-01-14 10:53:41 +08:00
RuoYi
2d7fd84c57 swagger 在 springboot 2.6.x 不兼容问题的处理 2022-01-14 10:53:30 +08:00
RuoYi
d0a19e5b6f 定时任务屏蔽违规的字符 2022-01-14 10:53:03 +08:00
若依
14db619b20 !136 优化加载字典缓存数据 
Merge pull request !136 from runphp/N/A
 2022-01-14 02:46:59 +00:00
若依
c166bb0a89 !135 字段更新未同步 
Merge pull request !135 from runphp/N/A
 2022-01-14 02:44:44 +00:00
runphp
4a60f91994 优化加载字典缓存数据 2022-01-12 03:42:38 +00:00
runphp
d601b5781e 字段更新未同步 2022-01-12 02:12:09 +00:00
RuoYi
8223a5dcc4 Vue3前端代码生成模板同步到最新 2022-01-11 18:10:40 +08:00
RuoYi
b40e5c19b2 升级Spring Cloud相关组件到最新版本 2022-01-10 15:02:13 +08:00
RuoYi
5ebc354cfc 优化部门修改缩放后出现的错位问题 2022-01-08 09:24:27 +08:00
RuoYi
ca5d3e3556 添加遗漏的分页参数合理化属性 2022-01-07 13:17:06 +08:00
RuoYi
c44cf9b9f6 定时任务目标字符串验证包名白名单 2022-01-06 14:58:56 +08:00
RuoYi
cde32b45c0 定时任务目标字符串过滤特殊字符 2022-01-05 15:04:51 +08:00
RuoYi
6274bfcd8c 代码生成列表图片支持预览 2022-01-04 20:20:11 +08:00
RuoYi
29fac802f3 update donate 2022-01-04 20:19:18 +08:00
RuoYi
37597a85d5 update README.md 2022-01-04 20:13:22 +08:00
若依
f46aa17c77 Create FUNDING.yml 2022-01-04 19:50:34 +08:00
RuoYi
6c70291d0a update README.md 2022-01-04 10:56:25 +08:00
RuoYi
14ff957bde 前端支持设置是否需要防止数据重复提交 2022-01-02 10:37:58 +08:00
RuoYi
34439a6532 空值不进行回显数据字典 2022-01-02 10:30:35 +08:00
RuoYi
db07f4a354 预览组件支持多图显示 2022-01-01 09:47:14 +08:00
RuoYi
820ea549e3 代码生成新增Java类型Boolean 2022-01-01 09:39:41 +08:00
若依
2b42931486 !133 减少一次sql查询(SysUser对象包含了角色列表) 
Merge pull request !133 from runphp/N/A
 2022-01-01 01:38:22 +00:00
runphp
9bf5dfdc5f 减少一次sql查询(SysUser对象包含了角色列表) 
减少一次sql查询(SysUser对象包含了角色列表)
 2021-12-31 06:54:22 +00:00
RuoYi
a3f8d03611 修复登录失效后多次请求提示多次弹窗问题 2021-12-31 10:04:46 +08:00
RuoYi
b6f21f451d 升级log4j2到2.17.1,防止漏洞风险 2021-12-30 14:48:33 +08:00
RuoYi
418b74b39d 用户管理部门查询选择节点后分页参数初始 2021-12-29 15:39:34 +08:00
RuoYi
919190dedc 定时任务cron表达式小时设置24 2021-12-29 15:39:19 +08:00
若依
81ccdc49ec !132 修改单词拼写错误:praseStrEmpty -> parseStrEmpty 
Merge pull request !132 from 我的世界有我/master
 2021-12-29 07:35:56 +00:00
caohong
b006fad9b6 修改单词拼写错误:praseStrEmpty -> parseStrEmpty 2021-12-29 14:29:33 +08:00
RuoYi
74a02ca3dc 升级spring-boot到最新版本2.5.8 2021-12-27 12:41:42 +08:00
RuoYi
efaaacabb0 优化代码生成字典组重复问题 2021-12-24 15:47:48 +08:00
RuoYi
3410150e28 升级fastjson到最新版1.2.79 2021-12-21 13:41:49 +08:00
RuoYi
054fd7546f SQL工具类新增检查关键字方法 2021-12-21 13:41:40 +08:00
RuoYi
1797831afc 新增使用Gzip解压缩静态文件地址 2021-12-20 14:26:05 +08:00
RuoYi
24be94be5e 集成compression-webpack-plugin插件实现打包Gzip压缩 2021-12-20 09:44:13 +08:00
RuoYi
33ba42a759 升级log4j2到安全版本,防止漏洞风险 2021-12-19 20:01:17 +08:00
RuoYi
1e7b9fb94c 路由支持单独配置菜单或角色权限 2021-12-18 18:27:14 +08:00
RuoYi
45e5133e97 新增图片预览组件 2021-12-18 18:25:56 +08:00
RuoYi
7713948f5c 修复菜单图标缺少的prop属性 2021-12-18 18:21:23 +08:00
RuoYi
b64507d64a 请求分页方法设置成通用方便灵活调用 2021-12-18 18:20:25 +08:00
RuoYi
b06db48891 修复打包后字体图标偶现的乱码问题 2021-12-17 11:37:58 +08:00
RuoYi
43f1681f51 修复版本差异导致的懒加载报错问题 2021-12-16 16:45:17 +08:00
RuoYi
5c90f0bbb7 新增Vue3前端代码生成模板 2021-12-16 09:59:46 +08:00
RuoYi
c1b223e3a7 用户导入提示溢出则显示滚动条 2021-12-16 09:58:48 +08:00
RuoYi
0d7b23a44f 优化cron组件中周回显问题 2021-12-16 09:58:27 +08:00
RuoYi
f91f931c0b 自定义xss校验注解实现 2021-12-15 11:00:47 +08:00
RuoYi
329e124db0 add docker/copy.sh. 2021-12-14 17:41:36 +08:00
RuoYi
c64b5edf20 数据库脚本设置默认编码 2021-12-14 17:40:02 +08:00
若依
c049d29eee !124 解决deplon.sh脚本启动docker然后gateway总是报nacos9848端口问题 
Merge pull request !124 from zbk/master
 2021-12-14 09:33:46 +00:00
RuoYi
7804d0bd2f 升级log4j2到安全版本,防止漏洞风险 2021-12-14 12:10:20 +08:00
RuoYi
7901116744 升级log4j2到安全版本,防止漏洞风险 2021-12-14 10:50:14 +08:00
RuoYi
eb5df8834b 修复多参数逗号分隔的问题 2021-12-14 10:46:49 +08:00
zbk
711aa763b9 update docker/deploy.sh. 2021-12-13 15:45:42 +00:00
RuoYi
3c7018b38a 若依 3.3.0 2021-12-13 09:02:33 +08:00
RuoYi
2a5091c6f4 优化下载解析blob异常提示 2021-12-10 10:02:22 +08:00
RuoYi
b6222b9755 升级dynamic-ds到最新版本3.5.0 2021-12-10 09:51:22 +08:00
RuoYi
4db3e90872 代码生成预览支持复制内容 2021-12-09 10:03:43 +08:00
RuoYi
19ac02fd70 自定义文字复制剪贴指令 2021-12-09 10:03:07 +08:00
RuoYi
9d094587b3 升级clipboard到最新版本2.0.8 2021-12-09 10:02:42 +08:00
RuoYi
2bc2b08bc7 升级spring-boot-admin到最新版2.5.4 2021-12-07 13:48:52 +08:00
RuoYi
f64a5dd5ca 修正用户分配角色属性错误 2021-12-06 21:56:00 +08:00
RuoYi
9f21dbbc5c 修复长主键溢出问题 将查询返回类型改为 Long 2021-12-06 21:55:41 +08:00
RuoYi
05ce7d92a9 🎉 RuoYi-Cloud-Vue3(Vue3 Element Plus Vite)版本 2021-12-02 10:47:30 +08:00
RuoYi
2e17d9c084 Crontab组件优化 2021-12-02 10:44:46 +08:00
RuoYi
82779f3c70 优化提示信息 2021-12-02 10:44:15 +08:00
RuoYi
b1bc3ceb27 注册成功提示类型success 2021-11-26 18:10:34 +08:00
RuoYi
e2a7df4a2c camelCase中应该是下划线,而不是横杠 2021-11-26 18:09:50 +08:00
Ricky
2a452a00e0 升级velocity到最新版本2.3(语法升级) 2021-11-25 15:23:46 +08:00
Ricky
4d4123243c 修复代码生成复选框字典遗漏问题 2021-11-25 13:42:06 +08:00
RuoYi
2c1bdc9670 添加新群号:236543183 2021-11-25 10:06:29 +08:00
RuoYi
08885f65cd 升级velocity到最新版本2.3 2021-11-24 16:40:18 +08:00
RuoYi
961825d25c update bin 2021-11-24 16:39:55 +08:00
RuoYi
337d1bab02 优化前端代码 2021-11-24 16:37:20 +08:00
Ricky
b6a71fe988 防止修改用户个人信息接口修改用户名 2021-11-22 22:54:24 +08:00
RuoYi
786df8e278 升级js-cookie到最新版本3.0.1 2021-11-22 18:13:49 +08:00
RuoYi
451d218f4b 优化提示信息 2021-11-22 18:13:39 +08:00
RuoYi
adcb6194c8 新增tab对象简化页签操作 2021-11-19 17:58:55 +08:00
RuoYi
334f79efe4 升级jsencrypt到最新版本3.2.1 2021-11-18 17:54:57 +08:00
RuoYi
73b38b143b 代码生成模板主子表删除方法缺少事务 2021-11-18 17:54:20 +08:00
RuoYi
ef541b220b 删除多余的通用配置 2021-11-18 17:53:31 +08:00
RuoYi
173c0e384f 优化导出数据操作 2021-11-17 12:12:58 +08:00
RuoYi
360ccc7adc 修复响应体过大出现的乱码问题 2021-11-16 18:50:17 +08:00
RuoYi
df760d3504 任务参数忽略双引号中的逗号 2021-11-16 18:49:36 +08:00
RuoYi
0beecf7ea1 升级core-js到最新版本3.19.1 2021-11-16 18:49:26 +08:00
若依
aa2821a19d !118 update ruoyi-common/ruoyi-common-log/src/main/java/com/ruoyi/common/log/aspect/LogAspect.java. 
Merge pull request !118 from TwelveT/N/A
 2021-11-16 10:43:54 +00:00
TwelveT
2288fa218e update ruoyi-common/ruoyi-common-log/src/main/java/com/ruoyi/common/log/aspect/LogAspect.java. 
修复feign对过大的参数会直接报错,无法调用BUG
 2021-11-12 09:01:56 +00:00
RuoYi
6adc583c38 升级spring-boot-admin到最新版2.5.3 2021-11-10 11:29:39 +08:00
RuoYi
52111e4bf9 升级axios到最新版本0.24.0 2021-11-10 11:27:54 +08:00
RuoYi
68db4092ed 任务屏蔽违规字符 2021-11-01 15:45:22 +08:00
RuoYi
acf8d9719f 修复字符串无法被反转义问题 2021-11-01 15:45:10 +08:00
RuoYi
92e5d2a97a 回显数据字典键值修正 2021-11-01 15:44:58 +08:00
RuoYi
e165901506 登录/验证码请求headers不设置token 2021-11-01 15:44:42 +08:00
RuoYi
3187b1c46e 升级spring-boot到最新版本2.5.6 2021-10-27 16:56:54 +08:00
RuoYi
662dec2fe2 修正错别字 2021-10-25 10:29:27 +08:00
RuoYi
3901695a6f 解析blob响应是否登录失效 2021-10-25 09:49:13 +08:00
RuoYi
d0a5c25b5d 新增认证对象简化权限验证 2021-10-20 11:23:18 +08:00
RuoYi
9c5c6c6be7 优化获取缓存信息方式 2021-10-18 10:59:56 +08:00
RuoYi
d8da1b796c 优化权限认证注解 2021-10-16 18:28:38 +08:00
RuoYi
e2dfdb2236 生产环境使用路由懒加载提升页面响应速度 2021-10-15 17:56:28 +08:00
RuoYi
a8eba6949e 角色列表返回类型保持一致 2021-10-15 17:30:30 +08:00
RuoYi
3e907e8da7 修复五级以上菜单404问题 2021-10-14 16:24:39 +08:00
285 changed files with 5671 additions and 2685 deletions
Expand all files Collapse all files

1
.github/FUNDING.yml vendored Normal file
View File

@@ -0,0 +1 @@
custom: http://doc.ruoyi.vip/ruoyi-cloud/other/donate.html

3
.gitignore vendored
View File

@@ -25,6 +25,8 @@ target/
*.iml
*.ipr
### JRebel ###
rebel.xml
### NetBeans ###
nbproject/private/
build/*
@@ -37,6 +39,7 @@ nbdist/
# Others
*.log
*.xml.versionsBackup
*.swp
!*/build/*.java
!*/build/*.html

14
README.md
View File

@@ -1,3 +1,14 @@
<p align="center">
<img alt="logo" src="https://oscimg.oschina.net/oscnet/up-b99b286755aef70355a7084753f89cdb7c9.png">
</p>
<h1 align="center" style="margin: 30px 0 30px; font-weight: bold;">RuoYi v3.6.0</h1>
<h4 align="center">基于 Vue/Element UI 和 Spring Boot/Spring Cloud & Alibaba 前后端分离的分布式微服务架构</h4>
<p align="center">
<a href="https://gitee.com/y_project/RuoYi-Cloud/stargazers"><img src="https://gitee.com/y_project/RuoYi-Cloud/badge/star.svg?theme=dark"></a>
<a href="https://gitee.com/y_project/RuoYi-Cloud"><img src="https://img.shields.io/badge/RuoYi-v3.6.0-brightgreen.svg"></a>
<a href="https://gitee.com/y_project/RuoYi-Cloud/blob/master/LICENSE"><img src="https://img.shields.io/github/license/mashape/apistatus.svg"></a>
</p>
## 平台简介
若依是一套全部开源的快速开发平台,毫无保留给个人及企业免费使用。
@@ -6,6 +17,7 @@
* 后端采用Spring Boot、Spring Cloud & Alibaba。
* 注册中心、配置中心选型Nacos权限认证使用Redis。
* 流量控制框架选型Sentinel分布式事务选型Seata。
* 提供了技术栈([Vue3](https://v3.cn.vuejs.org) [Element Plus](https://element-plus.org/zh-CN) [Vite](https://cn.vitejs.dev))版本[RuoYi-Cloud-Vue3](https://github.com/yangzongzhuan/RuoYi-Cloud-Vue3),保持同步更新。
* 如需不分离应用,请移步 [RuoYi](https://gitee.com/y_project/RuoYi),如需分离应用,请移步 [RuoYi-Vue](https://gitee.com/y_project/RuoYi-Vue)
* 阿里云折扣场:[点我进入](http://aly.ruoyi.vip),腾讯云秒杀场:[点我进入](http://txy.ruoyi.vip)&nbsp;&nbsp;
* 阿里云优惠券:[点我领取](https://www.aliyun.com/minisite/goods?userCode=brki8iof&share_source=copy_link),腾讯云优惠券:[点我领取](https://cloud.tencent.com/redirect.php?redirect=1025&cps_key=198c8df2ed259157187173bc7f4f32fd&from=console)&nbsp;&nbsp;
@@ -115,4 +127,4 @@ com.ruoyi
## 若依微服务交流群
QQ群 [![加入QQ群](https://img.shields.io/badge/已满-42799195-blue.svg)](https://jq.qq.com/?_wv=1027&k=yqInfq0S) [![加入QQ群](https://img.shields.io/badge/已满-170157040-blue.svg)](https://jq.qq.com/?_wv=1027&k=Oy1mb3p8) [![加入QQ群](https://img.shields.io/badge/已满-130643120-blue.svg)](https://jq.qq.com/?_wv=1027&k=rvxkJtXK) [![加入QQ群](https://img.shields.io/badge/已满-225920371-blue.svg)](https://jq.qq.com/?_wv=1027&k=0Ck3PvTe) [![加入QQ群](https://img.shields.io/badge/201705537-blue.svg)](https://jq.qq.com/?_wv=1027&k=FnHHP4TT) 点击按钮入群。
QQ群 [![加入QQ群](https://img.shields.io/badge/已满-42799195-blue.svg)](https://jq.qq.com/?_wv=1027&k=yqInfq0S) [![加入QQ群](https://img.shields.io/badge/已满-170157040-blue.svg)](https://jq.qq.com/?_wv=1027&k=Oy1mb3p8) [![加入QQ群](https://img.shields.io/badge/已满-130643120-blue.svg)](https://jq.qq.com/?_wv=1027&k=rvxkJtXK) [![加入QQ群](https://img.shields.io/badge/已满-225920371-blue.svg)](https://jq.qq.com/?_wv=1027&k=0Ck3PvTe) [![加入QQ群](https://img.shields.io/badge/已满-201705537-blue.svg)](https://jq.qq.com/?_wv=1027&k=FnHHP4TT) [![加入QQ群](https://img.shields.io/badge/已满-236543183-blue.svg)](https://jq.qq.com/?_wv=1027&k=qdT1Ojpz) [![加入QQ群](https://img.shields.io/badge/已满-213618602-blue.svg)](https://jq.qq.com/?_wv=1027&k=nw3OiyXs) [![加入QQ群](https://img.shields.io/badge/148794840-blue.svg)](https://jq.qq.com/?_wv=1027&k=kiU5WDls) 点击按钮入群。

2
bin/run-auth.bat
View File

@@ -8,7 +8,7 @@ cd ../ruoyi-auth/target
set JAVA_OPTS=-Xms512m -Xmx1024m -XX:MetaspaceSize=128m -XX:MaxMetaspaceSize=512m
java -Dfile.encoding=utf-8 -jar %JAVA_OPTS% ruoyi-auth.jar
java -Dfile.encoding=utf-8 %JAVA_OPTS% -jar ruoyi-auth.jar
cd bin
pause

2
bin/run-gateway.bat
View File

@@ -8,7 +8,7 @@ cd ../ruoyi-gateway/target
set JAVA_OPTS=-Xms512m -Xmx1024m -XX:MetaspaceSize=128m -XX:MaxMetaspaceSize=512m
java -Dfile.encoding=utf-8 -jar %JAVA_OPTS% ruoyi-gateway.jar
java -Dfile.encoding=utf-8 %JAVA_OPTS% -jar ruoyi-gateway.jar
cd bin
pause

2
bin/run-modules-file.bat
View File

@@ -8,7 +8,7 @@ cd ../ruoyi-modules/ruoyi-file/target
set JAVA_OPTS=-Xms512m -Xmx1024m -XX:MetaspaceSize=128m -XX:MaxMetaspaceSize=512m
java -Dfile.encoding=utf-8 -jar %JAVA_OPTS% ruoyi-modules-file.jar
java -Dfile.encoding=utf-8 %JAVA_OPTS% -jar ruoyi-modules-file.jar
cd bin
pause

2
bin/run-modules-gen.bat
View File

@@ -8,7 +8,7 @@ cd ../ruoyi-modules/ruoyi-gen/target
set JAVA_OPTS=-Xms512m -Xmx1024m -XX:MetaspaceSize=128m -XX:MaxMetaspaceSize=512m
java -Dfile.encoding=utf-8 -jar %JAVA_OPTS% ruoyi-modules-gen.jar
java -Dfile.encoding=utf-8 %JAVA_OPTS% -jar ruoyi-modules-gen.jar
cd bin
pause

2
bin/run-modules-job.bat
View File

@@ -8,7 +8,7 @@ cd ../ruoyi-modules/ruoyi-job/target
set JAVA_OPTS=-Xms512m -Xmx1024m -XX:MetaspaceSize=128m -XX:MaxMetaspaceSize=512m
java -Dfile.encoding=utf-8 -jar %JAVA_OPTS% ruoyi-modules-job.jar
java -Dfile.encoding=utf-8 %JAVA_OPTS% -jar ruoyi-modules-job.jar
cd bin
pause

2
bin/run-modules-system.bat
View File

@@ -8,7 +8,7 @@ cd ../ruoyi-modules/ruoyi-system/target
set JAVA_OPTS=-Xms512m -Xmx1024m -XX:MetaspaceSize=128m -XX:MaxMetaspaceSize=512m
java -Dfile.encoding=utf-8 -jar %JAVA_OPTS% ruoyi-modules-system.jar
java -Dfile.encoding=utf-8 %JAVA_OPTS% -jar ruoyi-modules-system.jar
cd bin
pause

2
bin/run-monitor.bat
View File

@@ -8,7 +8,7 @@ cd ../ruoyi-visual/ruoyi-monitor/target
set JAVA_OPTS=-Xms512m -Xmx1024m -XX:MetaspaceSize=128m -XX:MaxMetaspaceSize=512m
java -Dfile.encoding=utf-8 -jar %JAVA_OPTS% ruoyi-visual-monitor.jar
java -Dfile.encoding=utf-8 %JAVA_OPTS% -jar ruoyi-visual-monitor.jar
cd bin
pause

41
docker/copy.sh Normal file
View File

@@ -0,0 +1,41 @@
#!/bin/sh
# 复制项目的文件到对应docker路径便于一键生成镜像。
usage() {
echo "Usage: sh copy.sh"
exit 1
}
# copy sql
echo "begin copy sql "
cp ../sql/ry_20210908.sql ./mysql/db
cp ../sql/ry_config_20220114.sql ./mysql/db
# copy html
echo "begin copy html "
cp -r ../ruoyi-ui/dist/** ./nginx/html/dist
# copy jar
echo "begin copy ruoyi-gateway "
cp ../ruoyi-gateway/target/ruoyi-gateway.jar ./ruoyi/gateway/jar
echo "begin copy ruoyi-auth "
cp ../ruoyi-auth/target/ruoyi-auth.jar ./ruoyi/auth/jar
echo "begin copy ruoyi-visual "
cp ../ruoyi-visual/ruoyi-monitor/target/ruoyi-visual-monitor.jar ./ruoyi/visual/monitor/jar
echo "begin copy ruoyi-modules-system "
cp ../ruoyi-modules/ruoyi-system/target/ruoyi-modules-system.jar ./ruoyi/modules/system/jar
echo "begin copy ruoyi-modules-file "
cp ../ruoyi-modules/ruoyi-file/target/ruoyi-modules-file.jar ./ruoyi/modules/file/jar
echo "begin copy ruoyi-modules-job "
cp ../ruoyi-modules/ruoyi-job/target/ruoyi-modules-job.jar ./ruoyi/modules/job/jar
echo "begin copy ruoyi-modules-gen "
cp ../ruoyi-modules/ruoyi-gen/target/ruoyi-modules-gen.jar ./ruoyi/modules/gen/jar

4
docker/deploy.sh
View File

@@ -26,12 +26,12 @@ port(){
# 启动基础环境(必须)
base(){
docker-compose up -d ruoyi-mysql ruoyi-redis ruoyi-nacos ruoyi-nginx
docker-compose up -d ruoyi-mysql ruoyi-redis ruoyi-nacos
}
# 启动程序模块(必须)
modules(){
docker-compose up -d ruoyi-gateway ruoyi-auth ruoyi-modules-system
docker-compose up -d ruoyi-nginx ruoyi-gateway ruoyi-auth ruoyi-modules-system
}
# 关闭所有环境/模块

96
pom.xml
View File

@@ -6,38 +6,40 @@
<groupId>com.ruoyi</groupId>
<artifactId>ruoyi</artifactId>
<version>3.2.0</version>
<version>3.6.0</version>
<name>ruoyi</name>
<url>http://www.ruoyi.vip</url>
<description>若依微服务系统</description>
<properties>
<ruoyi.version>3.2.0</ruoyi.version>
<ruoyi.version>3.6.0</ruoyi.version>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
<java.version>1.8</java.version>
<spring-boot.version>2.5.5</spring-boot.version>
<spring-cloud.version>2020.0.4</spring-cloud.version>
<spring-cloud-alibaba.version>2021.1</spring-cloud-alibaba.version>
<alibaba.nacos.version>2.0.3</alibaba.nacos.version>
<spring-boot-admin.version>2.5.2</spring-boot-admin.version>
<spring-boot.mybatis>2.2.0</spring-boot.mybatis>
<spring-boot.version>2.7.1</spring-boot.version>
<spring-cloud.version>2021.0.3</spring-cloud.version>
<spring-cloud-alibaba.version>2021.0.1.0</spring-cloud-alibaba.version>
<alibaba.nacos.version>2.0.4</alibaba.nacos.version>
<alibaba.seata.version>1.5.1</alibaba.seata.version>
<spring-boot-admin.version>2.7.2</spring-boot-admin.version>
<spring-boot.mybatis>2.2.2</spring-boot.mybatis>
<swagger.fox.version>3.0.0</swagger.fox.version>
<swagger.core.version>1.6.2</swagger.core.version>
<tobato.version>1.27.2</tobato.version>
<kaptcha.version>2.3.2</kaptcha.version>
<pagehelper.boot.version>1.4.0</pagehelper.boot.version>
<druid.version>1.2.8</druid.version>
<dynamic-ds.version>3.4.1</dynamic-ds.version>
<pagehelper.boot.version>1.4.3</pagehelper.boot.version>
<druid.version>1.2.11</druid.version>
<dynamic-ds.version>3.5.1</dynamic-ds.version>
<commons.io.version>2.11.0</commons.io.version>
<commons.fileupload.version>1.4</commons.fileupload.version>
<velocity.version>1.7</velocity.version>
<fastjson.version>1.2.78</fastjson.version>
<velocity.version>2.3</velocity.version>
<fastjson.version>2.0.9</fastjson.version>
<jjwt.version>0.9.1</jjwt.version>
<minio.version>8.2.2</minio.version>
<poi.version>4.1.2</poi.version>
<common-pool.version>2.10.0</common-pool.version>
<commons-collections.version>3.2.2</commons-collections.version>
<transmittable-thread-local.version>2.13.2</transmittable-thread-local.version>
</properties>
<!-- 依赖声明 -->
@@ -69,6 +71,13 @@
<version>${alibaba.nacos.version}</version>
</dependency>
<!-- Alibaba Seata 配置 -->
<dependency>
<groupId>io.seata</groupId>
<artifactId>seata-spring-boot-starter</artifactId>
<version>${alibaba.seata.version}</version>
</dependency>
<!-- SpringBoot 依赖配置 -->
<dependency>
<groupId>org.springframework.boot</groupId>
@@ -78,13 +87,6 @@
<scope>import</scope>
</dependency>
<!-- SpringBoot 监控客户端 -->
<dependency>
<groupId>de.codecentric</groupId>
<artifactId>spring-boot-admin-starter-client</artifactId>
<version>${spring-boot-admin.version}</version>
</dependency>
<!-- FastDFS 分布式文件系统 -->
<dependency>
<groupId>com.github.tobato</groupId>
@@ -149,14 +151,8 @@
<!-- 代码生成使用模板 -->
<dependency>
<groupId>org.apache.velocity</groupId>
<artifactId>velocity</artifactId>
<artifactId>velocity-engine-core</artifactId>
<version>${velocity.version}</version>
<exclusions>
<exclusion>
<groupId>commons-collections</groupId>
<artifactId>commons-collections</artifactId>
</exclusion>
</exclusions>
</dependency>
<!-- Collection 增强Java集合框架 -->
@@ -168,16 +164,23 @@
<!-- JSON 解析器和生成器 -->
<dependency>
<groupId>com.alibaba</groupId>
<artifactId>fastjson</artifactId>
<groupId>com.alibaba.fastjson2</groupId>
<artifactId>fastjson2</artifactId>
<version>${fastjson.version}</version>
</dependency>
<!-- 公共资源池 -->
<!-- JWT -->
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-pool2</artifactId>
<version>${common-pool.version}</version>
<groupId>io.jsonwebtoken</groupId>
<artifactId>jjwt</artifactId>
<version>${jjwt.version}</version>
</dependency>
<!-- 线程传递值 -->
<dependency>
<groupId>com.alibaba</groupId>
<artifactId>transmittable-thread-local</artifactId>
<version>${transmittable-thread-local.version}</version>
</dependency>
<!-- 核心模块 -->
@@ -271,4 +274,29 @@
</plugins>
</build>
<repositories>
<repository>
<id>public</id>
<name>aliyun nexus</name>
<url>https://maven.aliyun.com/repository/public</url>
<releases>
<enabled>true</enabled>
</releases>
</repository>
</repositories>
<pluginRepositories>
<pluginRepository>
<id>public</id>
<name>aliyun nexus</name>
<url>https://maven.aliyun.com/repository/public</url>
<releases>
<enabled>true</enabled>
</releases>
<snapshots>
<enabled>false</enabled>
</snapshots>
</pluginRepository>
</pluginRepositories>
</project>

2
ruoyi-api/pom.xml
View File

@@ -4,7 +4,7 @@
<parent>
<groupId>com.ruoyi</groupId>
<artifactId>ruoyi</artifactId>
<version>3.2.0</version>
<version>3.6.0</version>
</parent>
<modelVersion>4.0.0</modelVersion>

2
ruoyi-api/ruoyi-api-system/pom.xml
View File

@@ -5,7 +5,7 @@
<parent>
<groupId>com.ruoyi</groupId>
<artifactId>ruoyi-api</artifactId>
<version>3.2.0</version>
<version>3.6.0</version>
</parent>
<modelVersion>4.0.0</modelVersion>

9
ruoyi-api/ruoyi-api-system/src/main/java/com/ruoyi/system/api/domain/SysDept.java
View File

@@ -4,6 +4,7 @@ import java.util.ArrayList;
import java.util.List;
import javax.validation.constraints.Email;
import javax.validation.constraints.NotBlank;
import javax.validation.constraints.NotNull;
import javax.validation.constraints.Size;
import org.apache.commons.lang3.builder.ToStringBuilder;
import org.apache.commons.lang3.builder.ToStringStyle;
@@ -31,7 +32,7 @@ public class SysDept extends BaseEntity
private String deptName;
/** 显示顺序 */
private String orderNum;
private Integer orderNum;
/** 负责人 */
private String leader;
@@ -96,13 +97,13 @@ public class SysDept extends BaseEntity
this.deptName = deptName;
}
@NotBlank(message = "显示顺序不能为空")
public String getOrderNum()
@NotNull(message = "显示顺序不能为空")
public Integer getOrderNum()
{
return orderNum;
}
public void setOrderNum(String orderNum)
public void setOrderNum(Integer orderNum)
{
this.orderNum = orderNum;
}

2
ruoyi-api/ruoyi-api-system/src/main/java/com/ruoyi/system/api/domain/SysDictType.java
View File

@@ -1,6 +1,7 @@
package com.ruoyi.system.api.domain;
import javax.validation.constraints.NotBlank;
import javax.validation.constraints.Pattern;
import javax.validation.constraints.Size;
import org.apache.commons.lang3.builder.ToStringBuilder;
import org.apache.commons.lang3.builder.ToStringStyle;
@@ -57,6 +58,7 @@ public class SysDictType extends BaseEntity
@NotBlank(message = "字典类型不能为空")
@Size(min = 0, max = 100, message = "字典类型类型长度不能超过100个字符")
@Pattern(regexp = "^[a-z][a-z0-9_]*$", message = "字典类型必须以字母开头,且只能为(小写字母,数字,下滑线)")
public String getDictType()
{
return dictType;

9
ruoyi-api/ruoyi-api-system/src/main/java/com/ruoyi/system/api/domain/SysUser.java
View File

@@ -2,17 +2,15 @@ package com.ruoyi.system.api.domain;
import java.util.Date;
import java.util.List;
import javax.validation.constraints.Email;
import javax.validation.constraints.NotBlank;
import javax.validation.constraints.Size;
import javax.validation.constraints.*;
import org.apache.commons.lang3.builder.ToStringBuilder;
import org.apache.commons.lang3.builder.ToStringStyle;
import com.fasterxml.jackson.annotation.JsonProperty;
import com.ruoyi.common.core.annotation.Excel;
import com.ruoyi.common.core.annotation.Excel.ColumnType;
import com.ruoyi.common.core.annotation.Excel.Type;
import com.ruoyi.common.core.annotation.Excels;
import com.ruoyi.common.core.web.domain.BaseEntity;
import com.ruoyi.common.core.xss.Xss;
/**
* 用户对象 sys_user
@@ -131,6 +129,7 @@ public class SysUser extends BaseEntity
this.deptId = deptId;
}
@Xss(message = "用户昵称不能包含脚本字符")
@Size(min = 0, max = 30, message = "用户昵称长度不能超过30个字符")
public String getNickName()
{
@@ -142,6 +141,7 @@ public class SysUser extends BaseEntity
this.nickName = nickName;
}
@Xss(message = "用户账号不能包含脚本字符")
@NotBlank(message = "用户账号不能为空")
@Size(min = 0, max = 30, message = "用户账号长度不能超过30个字符")
public String getUserName()
@@ -197,7 +197,6 @@ public class SysUser extends BaseEntity
this.avatar = avatar;
}
@JsonProperty
public String getPassword()
{
return password;

4
ruoyi-api/ruoyi-api-system/src/main/resources/META-INF/spring.factories
View File

@@ -1,4 +0,0 @@
org.springframework.boot.autoconfigure.EnableAutoConfiguration=\
com.ruoyi.system.api.factory.RemoteUserFallbackFactory,\
com.ruoyi.system.api.factory.RemoteLogFallbackFactory, \
com.ruoyi.system.api.factory.RemoteFileFallbackFactory

3
ruoyi-api/ruoyi-api-system/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports Normal file
View File

@@ -0,0 +1,3 @@
com.ruoyi.system.api.factory.RemoteUserFallbackFactory
com.ruoyi.system.api.factory.RemoteLogFallbackFactory
com.ruoyi.system.api.factory.RemoteFileFallbackFactory

2
ruoyi-auth/pom.xml
View File

@@ -4,7 +4,7 @@
<parent>
<groupId>com.ruoyi</groupId>
<artifactId>ruoyi</artifactId>
<version>3.2.0</version>
<version>3.6.0</version>
</parent>
<modelVersion>4.0.0</modelVersion>

11
ruoyi-auth/src/main/java/com/ruoyi/auth/controller/TokenController.java
View File

@@ -10,8 +10,11 @@ import com.ruoyi.auth.form.LoginBody;
import com.ruoyi.auth.form.RegisterBody;
import com.ruoyi.auth.service.SysLoginService;
import com.ruoyi.common.core.domain.R;
import com.ruoyi.common.core.utils.JwtUtils;
import com.ruoyi.common.core.utils.StringUtils;
import com.ruoyi.common.security.auth.AuthUtil;
import com.ruoyi.common.security.service.TokenService;
import com.ruoyi.common.security.utils.SecurityUtils;
import com.ruoyi.system.api.model.LoginUser;
/**
@@ -40,12 +43,12 @@ public class TokenController
@DeleteMapping("logout")
public R<?> logout(HttpServletRequest request)
{
LoginUser loginUser = tokenService.getLoginUser(request);
if (StringUtils.isNotNull(loginUser))
String token = SecurityUtils.getToken(request);
if (StringUtils.isNotEmpty(token))
{
String username = loginUser.getUsername();
String username = JwtUtils.getUserName(token);
// 删除用户缓存记录
tokenService.delLoginUser(loginUser.getToken());
AuthUtil.logoutByToken(token);
// 记录用户退出日志
sysLoginService.logout(username);
}

6
ruoyi-auth/src/main/java/com/ruoyi/auth/service/SysLoginService.java
View File

@@ -8,10 +8,10 @@ import com.ruoyi.common.core.constant.UserConstants;
import com.ruoyi.common.core.domain.R;
import com.ruoyi.common.core.enums.UserStatus;
import com.ruoyi.common.core.exception.ServiceException;
import com.ruoyi.common.core.utils.SecurityUtils;
import com.ruoyi.common.core.utils.ServletUtils;
import com.ruoyi.common.core.utils.StringUtils;
import com.ruoyi.common.core.utils.ip.IpUtils;
import com.ruoyi.common.security.utils.SecurityUtils;
import com.ruoyi.system.api.RemoteLogService;
import com.ruoyi.system.api.RemoteUserService;
import com.ruoyi.system.api.domain.SysLogininfor;
@@ -148,11 +148,11 @@ public class SysLoginService
// 日志状态
if (StringUtils.equalsAny(status, Constants.LOGIN_SUCCESS, Constants.LOGOUT, Constants.REGISTER))
{
logininfor.setStatus("0");
logininfor.setStatus(Constants.LOGIN_SUCCESS_STATUS);
}
else if (Constants.LOGIN_FAIL.equals(status))
{
logininfor.setStatus("1");
logininfor.setStatus(Constants.LOGIN_FAIL_STATUS);
}
remoteLogService.saveLogininfor(logininfor, SecurityConstants.INNER);
}

2
ruoyi-common/pom.xml
View File

@@ -4,7 +4,7 @@
<parent>
<groupId>com.ruoyi</groupId>
<artifactId>ruoyi</artifactId>
<version>3.2.0</version>
<version>3.6.0</version>
</parent>
<modelVersion>4.0.0</modelVersion>

24
ruoyi-common/ruoyi-common-core/pom.xml
View File

@@ -5,7 +5,7 @@
<parent>
<groupId>com.ruoyi</groupId>
<artifactId>ruoyi-common</artifactId>
<version>3.2.0</version>
<version>3.6.0</version>
</parent>
<modelVersion>4.0.0</modelVersion>
@@ -41,10 +41,10 @@
<artifactId>spring-web</artifactId>
</dependency>
<!-- Apache Commons Pool2 -->
<!-- Transmittable ThreadLocal -->
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-pool2</artifactId>
<groupId>com.alibaba</groupId>
<artifactId>transmittable-thread-local</artifactId>
</dependency>
<!-- Pagehelper -->
@@ -67,8 +67,20 @@
<!-- Alibaba Fastjson -->
<dependency>
<groupId>com.alibaba</groupId>
<artifactId>fastjson</artifactId>
<groupId>com.alibaba.fastjson2</groupId>
<artifactId>fastjson2</artifactId>
</dependency>
<!-- Jwt -->
<dependency>
<groupId>io.jsonwebtoken</groupId>
<artifactId>jjwt</artifactId>
</dependency>
<!-- Jaxb -->
<dependency>
<groupId>javax.xml.bind</groupId>
<artifactId>jaxb-api</artifactId>
</dependency>
<!-- Apache Lang3 -->

37
ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/annotation/Excel.java
View File

@@ -5,6 +5,8 @@ import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;
import java.math.BigDecimal;
import org.apache.poi.ss.usermodel.HorizontalAlignment;
import org.apache.poi.ss.usermodel.IndexedColors;
import com.ruoyi.common.core.utils.poi.ExcelHandlerAdapter;
/**
@@ -51,11 +53,6 @@ public @interface Excel
*/
public int roundingMode() default BigDecimal.ROUND_HALF_EVEN;
/**
* 导出类型0数字 1字符串
*/
public ColumnType cellType() default ColumnType.STRING;
/**
* 导出时在excel中每个列的高度 单位为字符
*/
@@ -102,9 +99,19 @@ public @interface Excel
public boolean isStatistics() default false;
/**
* 导出字段对齐方式0默认1靠左2居中3靠右
* 导出类型0数字 1字符串
*/
public Align align() default Align.AUTO;
public ColumnType cellType() default ColumnType.STRING;
/**
* 导出字体颜色
*/
public IndexedColors color() default IndexedColors.BLACK;
/**
* 导出字段对齐方式
*/
public HorizontalAlignment align() default HorizontalAlignment.CENTER;
/**
* 自定义数据处理器
@@ -116,22 +123,6 @@ public @interface Excel
*/
public String[] args() default {};
public enum Align
{
AUTO(0), LEFT(1), CENTER(2), RIGHT(3);
private final int value;
Align(int value)
{
this.value = value;
}
public int value()
{
return this.value;
}
}
/**
* 字段类型0导出导入1仅导出2仅导入
*/

10
ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/constant/CacheConstants.java
View File

@@ -7,6 +7,16 @@ package com.ruoyi.common.core.constant;
*/
public class CacheConstants
{
/**
* 缓存有效期默认720分钟
*/
public final static long EXPIRATION = 720;
/**
* 缓存刷新时间默认120分钟
*/
public final static long REFRESH_TIME = 120;
/**
* 权限缓存前缀
*/

34
ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/constant/Constants.java
View File

@@ -20,12 +20,17 @@ public class Constants
/**
* RMI 远程方法调用
*/
public static final String LOOKUP_RMI = "rmi://";
public static final String LOOKUP_RMI = "rmi:";
/**
* LDAP 远程方法调用
*/
public static final String LOOKUP_LDAP = "ldap://";
public static final String LOOKUP_LDAP = "ldap:";
/**
* LDAPS 远程方法调用
*/
public static final String LOOKUP_LDAPS = "ldaps:";
/**
* http请求
@@ -47,6 +52,16 @@ public class Constants
*/
public static final Integer FAIL = 500;
/**
* 登录成功状态
*/
public static final String LOGIN_SUCCESS_STATUS = "0";
/**
* 登录失败状态
*/
public static final String LOGIN_FAIL_STATUS = "1";
/**
* 登录成功
*/
@@ -97,10 +112,6 @@ public class Constants
*/
public static final long CAPTCHA_EXPIRATION = 2;
/**
* 令牌有效期(分钟)
*/
public final static long TOKEN_EXPIRE = 720;
/**
* 参数管理 cache key
@@ -116,4 +127,15 @@ public class Constants
* 资源映射路径 前缀
*/
public static final String RESOURCE_PREFIX = "/profile";
/**
* 定时任务白名单配置(仅允许访问的包名,如其他需要可以自行添加)
*/
public static final String[] JOB_WHITELIST_STR = { "com.ruoyi" };
/**
* 定时任务违规的字符
*/
public static final String[] JOB_ERROR_STR = { "java.net.URL", "javax.naming.InitialContext", "org.yaml.snakeyaml",
"org.springframework", "org.apache", "com.ruoyi.common.core.utils.file" };
}

3
ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/constant/GenConstants.java
View File

@@ -109,6 +109,9 @@ public class GenConstants
/** 模糊查询 */
public static final String QUERY_LIKE = "LIKE";
/** 相等查询 */
public static final String QUERY_EQ = "EQ";
/** 需要 */
public static final String REQUIRE = "1";
}

20
ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/constant/SecurityConstants.java
View File

@@ -7,16 +7,6 @@ package com.ruoyi.common.core.constant;
*/
public class SecurityConstants
{
/**
* 令牌自定义标识
*/
public static final String TOKEN_AUTHENTICATION = "Authorization";
/**
* 令牌前缀
*/
public static final String TOKEN_PREFIX = "Bearer ";
/**
* 用户ID字段
*/
@@ -41,4 +31,14 @@ public class SecurityConstants
* 内部请求
*/
public static final String INNER = "inner";
/**
* 用户标识
*/
public static final String USER_KEY = "user_key";
/**
* 登录用户
*/
public static final String LOGIN_USER = "login_user";
}

25
ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/constant/TokenConstants.java Normal file
View File

@@ -0,0 +1,25 @@
package com.ruoyi.common.core.constant;
/**
* Token的Key常量
*
* @author ruoyi
*/
public class TokenConstants
{
/**
* 令牌自定义标识
*/
public static final String AUTHENTICATION = "Authorization";
/**
* 令牌前缀
*/
public static final String PREFIX = "Bearer ";
/**
* 令牌秘钥
*/
public final static String SECRET = "abcdefghijklmnopqrstuvwxyz";
}

88
ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/context/SecurityContextHolder.java Normal file
View File

@@ -0,0 +1,88 @@
package com.ruoyi.common.core.context;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
import com.alibaba.ttl.TransmittableThreadLocal;
import com.ruoyi.common.core.constant.SecurityConstants;
import com.ruoyi.common.core.text.Convert;
import com.ruoyi.common.core.utils.StringUtils;
/**
* 获取当前线程变量中的 用户id、用户名称、Token等信息
* 注意: 必须在网关通过请求头的方法传入同时在HeaderInterceptor拦截器设置值。 否则这里无法获取
*
* @author ruoyi
*/
public class SecurityContextHolder
{
private static final TransmittableThreadLocal<Map<String, Object>> THREAD_LOCAL = new TransmittableThreadLocal<>();
public static void set(String key, Object value)
{
Map<String, Object> map = getLocalMap();
map.put(key, value == null ? StringUtils.EMPTY : value);
}
public static String get(String key)
{
Map<String, Object> map = getLocalMap();
return Convert.toStr(map.getOrDefault(key, StringUtils.EMPTY));
}
public static <T> T get(String key, Class<T> clazz)
{
Map<String, Object> map = getLocalMap();
return StringUtils.cast(map.getOrDefault(key, null));
}
public static Map<String, Object> getLocalMap()
{
Map<String, Object> map = THREAD_LOCAL.get();
if (map == null)
{
map = new ConcurrentHashMap<String, Object>();
THREAD_LOCAL.set(map);
}
return map;
}
public static void setLocalMap(Map<String, Object> threadLocalMap)
{
THREAD_LOCAL.set(threadLocalMap);
}
public static Long getUserId()
{
return Convert.toLong(get(SecurityConstants.DETAILS_USER_ID), 0L);
}
public static void setUserId(String account)
{
set(SecurityConstants.DETAILS_USER_ID, account);
}
public static String getUserName()
{
return get(SecurityConstants.DETAILS_USERNAME);
}
public static void setUserName(String username)
{
set(SecurityConstants.DETAILS_USERNAME, username);
}
public static String getUserKey()
{
return get(SecurityConstants.USER_KEY);
}
public static void setUserKey(String userKey)
{
set(SecurityConstants.USER_KEY, userKey);
}
public static void remove()
{
THREAD_LOCAL.remove();
}
}

16
ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/exception/auth/NotLoginException.java Normal file
View File

@@ -0,0 +1,16 @@
package com.ruoyi.common.core.exception.auth;
/**
* 未能通过的登录认证异常
*
* @author ruoyi
*/
public class NotLoginException extends RuntimeException
{
private static final long serialVersionUID = 1L;
public NotLoginException(String message)
{
super(message);
}
}

23
ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/exception/auth/NotPermissionException.java Normal file
View File

@@ -0,0 +1,23 @@
package com.ruoyi.common.core.exception.auth;
import org.apache.commons.lang3.StringUtils;
/**
* 未能通过的权限认证异常
*
* @author ruoyi
*/
public class NotPermissionException extends RuntimeException
{
private static final long serialVersionUID = 1L;
public NotPermissionException(String permission)
{
super(permission);
}
public NotPermissionException(String[] permissions)
{
super(StringUtils.join(permissions, ","));
}
}

23
ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/exception/auth/NotRoleException.java Normal file
View File

@@ -0,0 +1,23 @@
package com.ruoyi.common.core.exception.auth;
import org.apache.commons.lang3.StringUtils;
/**
* 未能通过的角色认证异常
*
* @author ruoyi
*/
public class NotRoleException extends RuntimeException
{
private static final long serialVersionUID = 1L;
public NotRoleException(String role)
{
super(role);
}
public NotRoleException(String[] roles)
{
super(StringUtils.join(roles, ","));
}
}

13
ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/text/Convert.java
View File

@@ -561,17 +561,12 @@ public class Convert
switch (valueStr)
{
case "true":
return true;
case "false":
return false;
case "yes":
return true;
case "ok":
return true;
case "no":
return false;
case "1":
return true;
case "false":
case "no":
case "0":
return false;
default:
@@ -907,7 +902,7 @@ public class Convert
*/
public static String toSBC(String input, Set<Character> notConvertSet)
{
char c[] = input.toCharArray();
char[] c = input.toCharArray();
for (int i = 0; i < c.length; i++)
{
if (null != notConvertSet && notConvertSet.contains(c[i]))
@@ -949,7 +944,7 @@ public class Convert
*/
public static String toDBC(String text, Set<Character> notConvertSet)
{
char c[] = text.toCharArray();
char[] c = text.toCharArray();
for (int i = 0; i < c.length; i++)
{
if (null != notConvertSet && notConvertSet.contains(c[i]))

36
ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/utils/DateUtils.java
View File

@@ -3,12 +3,17 @@ package com.ruoyi.common.core.utils;
import java.lang.management.ManagementFactory;
import java.text.ParseException;
import java.text.SimpleDateFormat;
import java.time.LocalDate;
import java.time.LocalDateTime;
import java.time.LocalTime;
import java.time.ZoneId;
import java.time.ZonedDateTime;
import java.util.Date;
import org.apache.commons.lang3.time.DateFormatUtils;
/**
* 时间工具类
*
*
* @author ruoyi
*/
public class DateUtils extends org.apache.commons.lang3.time.DateUtils
@@ -22,15 +27,15 @@ public class DateUtils extends org.apache.commons.lang3.time.DateUtils
public static String YYYYMMDDHHMMSS = "yyyyMMddHHmmss";
public static String YYYY_MM_DD_HH_MM_SS = "yyyy-MM-dd HH:mm:ss";
private static String[] parsePatterns = {
"yyyy-MM-dd", "yyyy-MM-dd HH:mm:ss", "yyyy-MM-dd HH:mm", "yyyy-MM",
"yyyy-MM-dd", "yyyy-MM-dd HH:mm:ss", "yyyy-MM-dd HH:mm", "yyyy-MM",
"yyyy/MM/dd", "yyyy/MM/dd HH:mm:ss", "yyyy/MM/dd HH:mm", "yyyy/MM",
"yyyy.MM.dd", "yyyy.MM.dd HH:mm:ss", "yyyy.MM.dd HH:mm", "yyyy.MM"};
/**
* 获取当前Date型日期
*
*
* @return Date() 当前日期
*/
public static Date getNowDate()
@@ -40,7 +45,7 @@ public class DateUtils extends org.apache.commons.lang3.time.DateUtils
/**
* 获取当前日期, 默认格式为yyyy-MM-dd
*
*
* @return String
*/
public static String getDate()
@@ -121,7 +126,7 @@ public class DateUtils extends org.apache.commons.lang3.time.DateUtils
return null;
}
}
/**
* 获取服务器启动时间
*/
@@ -152,4 +157,23 @@ public class DateUtils extends org.apache.commons.lang3.time.DateUtils
// long sec = diff % nd % nh % nm / ns;
return day + "" + hour + "小时" + min + "分钟";
}
/**
* 增加 LocalDateTime ==> Date
*/
public static Date toDate(LocalDateTime temporalAccessor)
{
ZonedDateTime zdt = temporalAccessor.atZone(ZoneId.systemDefault());
return Date.from(zdt.toInstant());
}
/**
* 增加 LocalDate ==> Date
*/
public static Date toDate(LocalDate temporalAccessor)
{
LocalDateTime localDateTime = LocalDateTime.of(temporalAccessor, LocalTime.of(0, 0, 0));
ZonedDateTime zdt = localDateTime.atZone(ZoneId.systemDefault());
return Date.from(zdt.toInstant());
}
}

3
ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/utils/ExceptionUtil.java
View File

@@ -18,8 +18,7 @@ public class ExceptionUtil
{
StringWriter sw = new StringWriter();
e.printStackTrace(new PrintWriter(sw, true));
String str = sw.toString();
return str;
return sw.toString();
}
public static String getRootErrorMessage(Exception e)

123
ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/utils/JwtUtils.java Normal file
View File

@@ -0,0 +1,123 @@
package com.ruoyi.common.core.utils;
import java.util.Map;
import com.ruoyi.common.core.constant.SecurityConstants;
import com.ruoyi.common.core.constant.TokenConstants;
import com.ruoyi.common.core.text.Convert;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;
/**
* Jwt工具类
*
* @author ruoyi
*/
public class JwtUtils
{
public static String secret = TokenConstants.SECRET;
/**
* 从数据声明生成令牌
*
* @param claims 数据声明
* @return 令牌
*/
public static String createToken(Map<String, Object> claims)
{
String token = Jwts.builder().setClaims(claims).signWith(SignatureAlgorithm.HS512, secret).compact();
return token;
}
/**
* 从令牌中获取数据声明
*
* @param token 令牌
* @return 数据声明
*/
public static Claims parseToken(String token)
{
return Jwts.parser().setSigningKey(secret).parseClaimsJws(token).getBody();
}
/**
* 根据令牌获取用户标识
*
* @param token 令牌
* @return 用户ID
*/
public static String getUserKey(String token)
{
Claims claims = parseToken(token);
return getValue(claims, SecurityConstants.USER_KEY);
}
/**
* 根据令牌获取用户标识
*
* @param claims 身份信息
* @return 用户ID
*/
public static String getUserKey(Claims claims)
{
return getValue(claims, SecurityConstants.USER_KEY);
}
/**
* 根据令牌获取用户ID
*
* @param token 令牌
* @return 用户ID
*/
public static String getUserId(String token)
{
Claims claims = parseToken(token);
return getValue(claims, SecurityConstants.DETAILS_USER_ID);
}
/**
* 根据身份信息获取用户ID
*
* @param claims 身份信息
* @return 用户ID
*/
public static String getUserId(Claims claims)
{
return getValue(claims, SecurityConstants.DETAILS_USER_ID);
}
/**
* 根据令牌获取用户名
*
* @param token 令牌
* @return 用户名
*/
public static String getUserName(String token)
{
Claims claims = parseToken(token);
return getValue(claims, SecurityConstants.DETAILS_USERNAME);
}
/**
* 根据身份信息获取用户名
*
* @param claims 身份信息
* @return 用户名
*/
public static String getUserName(Claims claims)
{
return getValue(claims, SecurityConstants.DETAILS_USERNAME);
}
/**
* 根据身份信息获取键值
*
* @param claims 身份信息
* @param key 键
* @return 值
*/
public static String getValue(Claims claims, String key)
{
return Convert.toStr(claims.get(key), "");
}
}

35
ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/utils/PageUtils.java Normal file
View File

@@ -0,0 +1,35 @@
package com.ruoyi.common.core.utils;
import com.github.pagehelper.PageHelper;
import com.ruoyi.common.core.utils.sql.SqlUtil;
import com.ruoyi.common.core.web.page.PageDomain;
import com.ruoyi.common.core.web.page.TableSupport;
/**
* 分页工具类
*
* @author ruoyi
*/
public class PageUtils extends PageHelper
{
/**
* 设置请求分页数据
*/
public static void startPage()
{
PageDomain pageDomain = TableSupport.buildPageRequest();
Integer pageNum = pageDomain.getPageNum();
Integer pageSize = pageDomain.getPageSize();
String orderBy = SqlUtil.escapeOrderBySql(pageDomain.getOrderBy());
Boolean reasonable = pageDomain.getReasonable();
PageHelper.startPage(pageNum, pageSize, orderBy).setReasonable(reasonable);
}
/**
* 清理分页的线程变量
*/
public static void clearPage()
{
PageHelper.clearPage();
}
}

164
ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/utils/ReUtil.java
View File

@@ -1,164 +0,0 @@
package com.ruoyi.common.core.utils;
import java.util.Arrays;
import java.util.Collection;
import java.util.HashSet;
import java.util.Set;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import com.ruoyi.common.core.text.Convert;
import com.ruoyi.common.core.utils.StringUtils;
public class ReUtil
{
public final static Pattern GROUP_VAR = Pattern.compile("\\$(\\d+)");
/**
* 正则中需要被转义的关键字
*/
public final static Set<Character> RE_KEYS = new HashSet<>(
Arrays.asList('$', '(', ')', '*', '+', '.', '[', ']', '?', '\\', '^', '{', '}', '|'));;
/**
* 正则替换指定值<br>
* 通过正则查找到字符串然后把匹配到的字符串加入到replacementTemplate中$1表示分组1的字符串
*
* <p>
* 例如原字符串是中文1234我想把1234换成(1234),则可以:
*
* <pre>
* ReUtil.replaceAll("中文1234", "(\\d+)", "($1)"))
*
* 结果:中文(1234)
* </pre>
*
* @param content 文本
* @param regex 正则
* @param replacementTemplate 替换的文本模板,可以使用$1类似的变量提取正则匹配出的内容
* @return 处理后的文本
*/
public static String replaceAll(CharSequence content, String regex, String replacementTemplate)
{
final Pattern pattern = Pattern.compile(regex, Pattern.DOTALL);
return replaceAll(content, pattern, replacementTemplate);
}
/**
* 正则替换指定值<br>
* 通过正则查找到字符串然后把匹配到的字符串加入到replacementTemplate中$1表示分组1的字符串
*
* @param content 文本
* @param pattern {@link Pattern}
* @param replacementTemplate 替换的文本模板,可以使用$1类似的变量提取正则匹配出的内容
* @return 处理后的文本
* @since 3.0.4
*/
public static String replaceAll(CharSequence content, Pattern pattern, String replacementTemplate)
{
if (StringUtils.isEmpty(content))
{
return StringUtils.EMPTY;
}
final Matcher matcher = pattern.matcher(content);
boolean result = matcher.find();
if (result)
{
final Set<String> varNums = findAll(GROUP_VAR, replacementTemplate, 1, new HashSet<>());
final StringBuffer sb = new StringBuffer();
do
{
String replacement = replacementTemplate;
for (String var : varNums)
{
int group = Integer.parseInt(var);
replacement = replacement.replace("$" + var, matcher.group(group));
}
matcher.appendReplacement(sb, escape(replacement));
result = matcher.find();
}
while (result);
matcher.appendTail(sb);
return sb.toString();
}
return Convert.toStr(content);
}
/**
* 取得内容中匹配的所有结果
*
* @param <T> 集合类型
* @param pattern 编译后的正则模式
* @param content 被查找的内容
* @param group 正则的分组
* @param collection 返回的集合类型
* @return 结果集
*/
public static <T extends Collection<String>> T findAll(Pattern pattern, CharSequence content, int group,
T collection)
{
if (null == pattern || null == content)
{
return null;
}
if (null == collection)
{
throw new NullPointerException("Null collection param provided!");
}
final Matcher matcher = pattern.matcher(content);
while (matcher.find())
{
collection.add(matcher.group(group));
}
return collection;
}
/**
* 转义字符,将正则的关键字转义
*
* @param c 字符
* @return 转义后的文本
*/
public static String escape(char c)
{
final StringBuilder builder = new StringBuilder();
if (RE_KEYS.contains(c))
{
builder.append('\\');
}
builder.append(c);
return builder.toString();
}
/**
* 转义字符串,将正则的关键字转义
*
* @param content 文本
* @return 转义后的文本
*/
public static String escape(CharSequence content)
{
if (StringUtils.isBlank(content))
{
return StringUtils.EMPTY;
}
final StringBuilder builder = new StringBuilder();
int len = content.length();
char current;
for (int i = 0; i < len; i++)
{
current = content.charAt(i);
if (RE_KEYS.contains(current))
{
builder.append('\\');
}
builder.append(current);
}
return builder.toString();
}
}

36
ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/utils/ServletUtils.java
View File

@@ -5,7 +5,6 @@ import java.io.UnsupportedEncodingException;
import java.net.URLDecoder;
import java.net.URLEncoder;
import java.util.Enumeration;
import java.util.LinkedHashMap;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
@@ -15,10 +14,11 @@ import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpStatus;
import org.springframework.http.MediaType;
import org.springframework.http.server.reactive.ServerHttpResponse;
import org.springframework.util.LinkedCaseInsensitiveMap;
import org.springframework.web.context.request.RequestAttributes;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;
import com.alibaba.fastjson.JSONObject;
import com.alibaba.fastjson2.JSON;
import com.ruoyi.common.core.constant.Constants;
import com.ruoyi.common.core.domain.R;
import com.ruoyi.common.core.text.Convert;
@@ -130,9 +130,19 @@ public class ServletUtils
}
}
public static String getHeader(HttpServletRequest request, String name)
{
String value = request.getHeader(name);
if (StringUtils.isEmpty(value))
{
return StringUtils.EMPTY;
}
return urlDecode(value);
}
public static Map<String, String> getHeaders(HttpServletRequest request)
{
Map<String, String> map = new LinkedHashMap<>();
Map<String, String> map = new LinkedCaseInsensitiveMap<>();
Enumeration<String> enumeration = request.getHeaderNames();
if (enumeration != null)
{
@@ -151,9 +161,8 @@ public class ServletUtils
*
* @param response 渲染对象
* @param string 待渲染的字符串
* @return null
*/
public static String renderString(HttpServletResponse response, String string)
public static void renderString(HttpServletResponse response, String string)
{
try
{
@@ -166,7 +175,6 @@ public class ServletUtils
{
e.printStackTrace();
}
return null;
}
/**
@@ -177,13 +185,13 @@ public class ServletUtils
public static boolean isAjaxRequest(HttpServletRequest request)
{
String accept = request.getHeader("accept");
if (accept != null && accept.indexOf("application/json") != -1)
if (accept != null && accept.contains("application/json"))
{
return true;
}
String xRequestedWith = request.getHeader("X-Requested-With");
if (xRequestedWith != null && xRequestedWith.indexOf("XMLHttpRequest") != -1)
if (xRequestedWith != null && xRequestedWith.contains("XMLHttpRequest"))
{
return true;
}
@@ -195,11 +203,7 @@ public class ServletUtils
}
String ajax = request.getParameter("__ajax");
if (StringUtils.inStringIgnoreCase(ajax, "json", "xml"))
{
return true;
}
return false;
return StringUtils.inStringIgnoreCase(ajax, "json", "xml");
}
/**
@@ -216,7 +220,7 @@ public class ServletUtils
}
catch (UnsupportedEncodingException e)
{
return "";
return StringUtils.EMPTY;
}
}
@@ -234,7 +238,7 @@ public class ServletUtils
}
catch (UnsupportedEncodingException e)
{
return "";
return StringUtils.EMPTY;
}
}
@@ -292,7 +296,7 @@ public class ServletUtils
response.setStatusCode(status);
response.getHeaders().add(HttpHeaders.CONTENT_TYPE, contentType);
R<?> result = R.fail(code, value.toString());
DataBuffer dataBuffer = response.bufferFactory().wrap(JSONObject.toJSONString(result).getBytes());
DataBuffer dataBuffer = response.bufferFactory().wrap(JSON.toJSONString(result).getBytes());
return response.writeWith(Mono.just(dataBuffer));
}
}

51
ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/utils/StringUtils.java
View File

@@ -478,4 +478,53 @@ public class StringUtils extends org.apache.commons.lang3.StringUtils
{
return (T) obj;
}
}
/**
* 数字左边补齐0使之达到指定长度。注意如果数字转换为字符串后长度大于size则只保留 最后size个字符。
*
* @param num 数字对象
* @param size 字符串指定长度
* @return 返回数字的字符串格式,该字符串为指定长度。
*/
public static final String padl(final Number num, final int size)
{
return padl(num.toString(), size, '0');
}
/**
* 字符串左补齐。如果原始字符串s长度大于size则只保留最后size个字符。
*
* @param s 原始字符串
* @param size 字符串指定长度
* @param c 用于补齐的字符
* @return 返回指定长度的字符串,由原字符串左补齐或截取得到。
*/
public static final String padl(final String s, final int size, final char c)
{
final StringBuilder sb = new StringBuilder(size);
if (s != null)
{
final int len = s.length();
if (s.length() <= size)
{
for (int i = size - len; i > 0; i--)
{
sb.append(c);
}
sb.append(s);
}
else
{
return s.substring(len - size, len);
}
}
else
{
for (int i = size; i > 0; i--)
{
sb.append(c);
}
}
return sb.toString();
}
}

24
ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/utils/bean/BeanValidators.java Normal file
View File

@@ -0,0 +1,24 @@
package com.ruoyi.common.core.utils.bean;
import java.util.Set;
import javax.validation.ConstraintViolation;
import javax.validation.ConstraintViolationException;
import javax.validation.Validator;
/**
* bean对象属性验证
*
* @author ruoyi
*/
public class BeanValidators
{
public static void validateWithException(Validator validator, Object object, Class<?>... groups)
throws ConstraintViolationException
{
Set<ConstraintViolation<Object>> constraintViolations = validator.validate(object, groups);
if (!constraintViolations.isEmpty())
{
throw new ConstraintViolationException(constraintViolations);
}
}
}

19
ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/utils/file/FileTypeUtils.java
View File

@@ -1,7 +1,10 @@
package com.ruoyi.common.core.utils.file;
import java.io.File;
import java.util.Objects;
import org.apache.commons.io.FilenameUtils;
import org.apache.commons.lang3.StringUtils;
import org.springframework.web.multipart.MultipartFile;
/**
* 文件类型工具类
@@ -45,6 +48,22 @@ public class FileTypeUtils
return fileName.substring(separatorIndex + 1).toLowerCase();
}
/**
* 获取文件名的后缀
*
* @param file 表单文件
* @return 后缀名
*/
public static final String getExtension(MultipartFile file)
{
String extension = FilenameUtils.getExtension(file.getOriginalFilename());
if (StringUtils.isEmpty(extension))
{
extension = MimeTypeUtils.getExtension(Objects.requireNonNull(file.getContentType()));
}
return extension;
}
/**
* 获取文件类型
*

5
ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/utils/file/ImageUtils.java
View File

@@ -1,7 +1,6 @@
package com.ruoyi.common.core.utils.file;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.InputStream;
import java.net.URL;
import java.net.URLConnection;
@@ -55,13 +54,12 @@ public class ImageUtils
/**
* 读取文件为字节数据
*
* @param key 地址
* @param url 地址
* @return 字节数据
*/
public static byte[] readFile(String url)
{
InputStream in = null;
ByteArrayOutputStream baos = null;
try
{
// 网络地址
@@ -81,7 +79,6 @@ public class ImageUtils
finally
{
IOUtils.closeQuietly(in);
IOUtils.closeQuietly(baos);
}
}
}

34
ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/utils/html/EscapeUtil.java
View File

@@ -69,26 +69,37 @@ public class EscapeUtil
*/
private static String encode(String text)
{
int len;
if ((text == null) || ((len = text.length()) == 0))
if (StringUtils.isEmpty(text))
{
return StringUtils.EMPTY;
}
StringBuilder buffer = new StringBuilder(len + (len >> 2));
final StringBuilder tmp = new StringBuilder(text.length() * 6);
char c;
for (int i = 0; i < len; i++)
for (int i = 0; i < text.length(); i++)
{
c = text.charAt(i);
if (c < 64)
if (c < 256)
{
buffer.append(TEXT[c]);
tmp.append("%");
if (c < 16)
{
tmp.append("0");
}
tmp.append(Integer.toString(c, 16));
}
else
{
buffer.append(c);
tmp.append("%u");
if (c <= 0xfff)
{
// issue#I49JU8@Gitee
tmp.append("0");
}
tmp.append(Integer.toString(c, 16));
}
}
return buffer.toString();
return tmp.toString();
}
/**
@@ -145,11 +156,12 @@ public class EscapeUtil
public static void main(String[] args)
{
String html = "<script>alert(1);</script>";
String escape = EscapeUtil.escape(html);
// String html = "<scr<script>ipt>alert(\"XSS\")</scr<script>ipt>";
// String html = "<123";
// String html = "123>";
System.out.println(EscapeUtil.clean(html));
System.out.println(EscapeUtil.escape(html));
System.out.println(EscapeUtil.unescape(html));
System.out.println("clean: " + EscapeUtil.clean(html));
System.out.println("escape: " + escape);
System.out.println("unescape: " + EscapeUtil.unescape(escape));
}
}

137
ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/utils/ip/IpUtils.java
View File

@@ -12,58 +12,62 @@ import com.ruoyi.common.core.utils.StringUtils;
*/
public class IpUtils
{
/**
* 获取客户端IP
*
* @param request 请求对象
* @return IP地址
*/
public static String getIpAddr(HttpServletRequest request)
{
if (request == null)
{
return null;
return "unknown";
}
String ip = request.getHeader("x-forwarded-for");
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip))
{
ip = request.getHeader("Proxy-Client-IP");
}
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip))
{
ip = request.getHeader("X-Forwarded-For");
}
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip))
{
ip = request.getHeader("WL-Proxy-Client-IP");
}
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip))
{
ip = request.getHeader("X-Real-IP");
}
String ip = null;
// X-Forwarded-ForSquid 服务代理
String ipAddresses = request.getHeader("X-Forwarded-For");
if (ipAddresses == null || ipAddresses.length() == 0 || "unknown".equalsIgnoreCase(ipAddresses))
{
// Proxy-Client-IPapache 服务代理
ipAddresses = request.getHeader("Proxy-Client-IP");
}
if (ipAddresses == null || ipAddresses.length() == 0 || "unknown".equalsIgnoreCase(ipAddresses))
{
// WL-Proxy-Client-IPweblogic 服务代理
ipAddresses = request.getHeader("WL-Proxy-Client-IP");
}
if (ipAddresses == null || ipAddresses.length() == 0 || "unknown".equalsIgnoreCase(ipAddresses))
{
// HTTP_CLIENT_IP有些代理服务器
ipAddresses = request.getHeader("HTTP_CLIENT_IP");
}
if (ipAddresses == null || ipAddresses.length() == 0 || "unknown".equalsIgnoreCase(ipAddresses))
{
// X-Real-IPnginx服务代理
ipAddresses = request.getHeader("X-Real-IP");
}
// 有些网络通过多层代理那么获取到的ip就会有多个一般都是通过逗号,分割开来并且第一个ip为客户端的真实IP
if (ipAddresses != null && ipAddresses.length() != 0)
{
ip = ipAddresses.split(",")[0];
}
// 还是不能获取到最后再通过request.getRemoteAddr();获取
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ipAddresses))
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip))
{
ip = request.getRemoteAddr();
}
return ip.equals("0:0:0:0:0:0:0:1") ? "127.0.0.1" : ip;
return "0:0:0:0:0:0:0:1".equals(ip) ? "127.0.0.1" : getMultistageReverseProxyIp(ip);
}
/**
* 检查是否为内部IP地址
*
* @param ip IP地址
* @return 结果
*/
public static boolean internalIp(String ip)
{
byte[] addr = textToNumericFormatV4(ip);
return internalIp(addr) || "127.0.0.1".equals(ip);
}
/**
* 检查是否为内部IP地址
*
* @param addr byte地址
* @return 结果
*/
private static boolean internalIp(byte[] addr)
{
if (StringUtils.isNull(addr) || addr.length < 2)
@@ -124,7 +128,8 @@ public class IpUtils
{
case 1:
l = Long.parseLong(elements[0]);
if ((l < 0L) || (l > 4294967295L)){
if ((l < 0L) || (l > 4294967295L))
{
return null;
}
bytes[0] = (byte) (int) (l >> 24 & 0xFF);
@@ -134,12 +139,14 @@ public class IpUtils
break;
case 2:
l = Integer.parseInt(elements[0]);
if ((l < 0L) || (l > 255L)) {
if ((l < 0L) || (l > 255L))
{
return null;
}
bytes[0] = (byte) (int) (l & 0xFF);
l = Integer.parseInt(elements[1]);
if ((l < 0L) || (l > 16777215L)) {
if ((l < 0L) || (l > 16777215L))
{
return null;
}
bytes[1] = (byte) (int) (l >> 16 & 0xFF);
@@ -150,13 +157,15 @@ public class IpUtils
for (i = 0; i < 2; ++i)
{
l = Integer.parseInt(elements[i]);
if ((l < 0L) || (l > 255L)) {
if ((l < 0L) || (l > 255L))
{
return null;
}
bytes[i] = (byte) (int) (l & 0xFF);
}
l = Integer.parseInt(elements[2]);
if ((l < 0L) || (l > 65535L)) {
if ((l < 0L) || (l > 65535L))
{
return null;
}
bytes[2] = (byte) (int) (l >> 8 & 0xFF);
@@ -166,7 +175,8 @@ public class IpUtils
for (i = 0; i < 4; ++i)
{
l = Integer.parseInt(elements[i]);
if ((l < 0L) || (l > 255L)) {
if ((l < 0L) || (l > 255L))
{
return null;
}
bytes[i] = (byte) (int) (l & 0xFF);
@@ -183,6 +193,11 @@ public class IpUtils
return bytes;
}
/**
* 获取IP地址
*
* @return 本地IP地址
*/
public static String getHostIp()
{
try
@@ -195,6 +210,11 @@ public class IpUtils
return "127.0.0.1";
}
/**
* 获取主机名
*
* @return 本地主机名
*/
public static String getHostName()
{
try
@@ -206,4 +226,39 @@ public class IpUtils
}
return "未知";
}
/**
* 从多级反向代理中获得第一个非unknown IP地址
*
* @param ip 获得的IP地址
* @return 第一个非unknown IP地址
*/
public static String getMultistageReverseProxyIp(String ip)
{
// 多级反向代理检测
if (ip != null && ip.indexOf(",") > 0)
{
final String[] ips = ip.trim().split(",");
for (String subIp : ips)
{
if (false == isUnknown(subIp))
{
ip = subIp;
break;
}
}
}
return ip;
}
/**
* 检测给定字符串是否为未知多用于检测HTTP请求相关
*
* @param checkString 被检测的字符串
* @return 是否未知
*/
public static boolean isUnknown(String checkString)
{
return StringUtils.isBlank(checkString) || "unknown".equalsIgnoreCase(checkString);
}
}

233
ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/utils/poi/ExcelUtil.java
View File

@@ -2,11 +2,12 @@ package com.ruoyi.common.core.utils.poi;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.lang.reflect.Field;
import java.lang.reflect.Method;
import java.math.BigDecimal;
import java.text.DecimalFormat;
import java.time.LocalDate;
import java.time.LocalDateTime;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Comparator;
@@ -17,6 +18,7 @@ import java.util.Map;
import java.util.Set;
import java.util.stream.Collectors;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.RegExUtils;
import org.apache.poi.ss.usermodel.BorderStyle;
import org.apache.poi.ss.usermodel.Cell;
import org.apache.poi.ss.usermodel.CellStyle;
@@ -57,13 +59,17 @@ import com.ruoyi.common.core.utils.reflect.ReflectUtils;
/**
* Excel相关处理
*
*
* @author ruoyi
*/
public class ExcelUtil<T>
{
private static final Logger log = LoggerFactory.getLogger(ExcelUtil.class);
public static final String FORMULA_REGEX_STR = "=|-|\\+|@";
public static final String[] FORMULA_STR = { "=", "-", "+", "@" };
/**
* Excel sheet最大行数默认65536
*/
@@ -108,7 +114,7 @@ public class ExcelUtil<T>
* 当前行号
*/
private int rownum;
/**
* 标题
*/
@@ -173,7 +179,7 @@ public class ExcelUtil<T>
/**
* 对excel表单默认第一个索引名转换成list
*
*
* @param is 输入流
* @return 转换后集合
*/
@@ -184,7 +190,7 @@ public class ExcelUtil<T>
/**
* 对excel表单默认第一个索引名转换成list
*
*
* @param is 输入流
* @param titleNum 标题占用行数
* @return 转换后集合
@@ -196,7 +202,7 @@ public class ExcelUtil<T>
/**
* 对excel表单指定表格索引名转换成list
*
*
* @param sheetName 表格索引名
* @param titleNum 标题占用行数
* @param is 输入流
@@ -281,7 +287,7 @@ public class ExcelUtil<T>
String dateFormat = field.getAnnotation(Excel.class).dateFormat();
if (StringUtils.isNotEmpty(dateFormat))
{
val = DateUtils.parseDateToStr(dateFormat, (Date) val);
val = parseDateToStr(dateFormat, val);
}
else
{
@@ -293,7 +299,7 @@ public class ExcelUtil<T>
{
val = Convert.toInt(val);
}
else if (Long.TYPE == fieldType || Long.class == fieldType)
else if ((Long.TYPE == fieldType || Long.class == fieldType) && StringUtils.isNumeric(Convert.toStr(val)))
{
val = Convert.toLong(val);
}
@@ -350,21 +356,21 @@ public class ExcelUtil<T>
/**
* 对list数据源将其里面的数据导入到excel表单
*
*
* @param response 返回数据
* @param list 导出数据集合
* @param sheetName 工作表的名称
* @return 结果
* @throws IOException
*/
public void exportExcel(HttpServletResponse response, List<T> list, String sheetName)throws IOException
public void exportExcel(HttpServletResponse response, List<T> list, String sheetName)
{
exportExcel(response, list, sheetName, StringUtils.EMPTY);
}
/**
* 对list数据源将其里面的数据导入到excel表单
*
*
* @param response 返回数据
* @param list 导出数据集合
* @param sheetName 工作表的名称
@@ -372,57 +378,51 @@ public class ExcelUtil<T>
* @return 结果
* @throws IOException
*/
public void exportExcel(HttpServletResponse response, List<T> list, String sheetName, String title) throws IOException
public void exportExcel(HttpServletResponse response, List<T> list, String sheetName, String title)
{
response.setContentType("application/vnd.openxmlformats-officedocument.spreadsheetml.sheet");
response.setCharacterEncoding("utf-8");
this.init(list, sheetName, title, Type.EXPORT);
exportExcel(response.getOutputStream());
exportExcel(response);
}
/**
* 对list数据源将其里面的数据导入到excel表单
*
*
* @param sheetName 工作表的名称
* @return 结果
*/
/**
* 对list数据源将其里面的数据导入到excel表单
*
* @param sheetName 工作表的名称
* @return 结果
*/
public void importTemplateExcel(HttpServletResponse response, String sheetName) throws IOException
public void importTemplateExcel(HttpServletResponse response, String sheetName)
{
importTemplateExcel(response, sheetName, StringUtils.EMPTY);
}
/**
* 对list数据源将其里面的数据导入到excel表单
*
*
* @param sheetName 工作表的名称
* @param title 标题
* @return 结果
*/
public void importTemplateExcel(HttpServletResponse response, String sheetName, String title) throws IOException
public void importTemplateExcel(HttpServletResponse response, String sheetName, String title)
{
response.setContentType("application/vnd.openxmlformats-officedocument.spreadsheetml.sheet");
response.setCharacterEncoding("utf-8");
this.init(null, sheetName, title, Type.IMPORT);
exportExcel(response.getOutputStream());
exportExcel(response);
}
/**
* 对list数据源将其里面的数据导入到excel表单
*
*
* @return 结果
*/
public void exportExcel(OutputStream out)
public void exportExcel(HttpServletResponse response)
{
try
{
writeSheet();
wb.write(out);
wb.write(response.getOutputStream());
}
catch (Exception e)
{
@@ -431,7 +431,6 @@ public class ExcelUtil<T>
finally
{
IOUtils.closeQuietly(wb);
IOUtils.closeQuietly(out);
}
}
@@ -465,7 +464,7 @@ public class ExcelUtil<T>
/**
* 填充excel数据
*
*
* @param index 序号
* @param row 单元格行
*/
@@ -490,7 +489,7 @@ public class ExcelUtil<T>
/**
* 创建表格样式
*
*
* @param wb 工作薄对象
* @return 样式列表
*/
@@ -548,21 +547,46 @@ public class ExcelUtil<T>
style.setFont(totalFont);
styles.put("total", style);
style = wb.createCellStyle();
style.cloneStyleFrom(styles.get("data"));
style.setAlignment(HorizontalAlignment.LEFT);
styles.put("data1", style);
styles.putAll(annotationStyles(wb));
style = wb.createCellStyle();
style.cloneStyleFrom(styles.get("data"));
style.setAlignment(HorizontalAlignment.CENTER);
styles.put("data2", style);
style = wb.createCellStyle();
style.cloneStyleFrom(styles.get("data"));
style.setAlignment(HorizontalAlignment.RIGHT);
styles.put("data3", style);
return styles;
}
/**
* 根据Excel注解创建表格样式
*
* @param wb 工作薄对象
* @return 自定义样式列表
*/
private Map<String, CellStyle> annotationStyles(Workbook wb)
{
Map<String, CellStyle> styles = new HashMap<String, CellStyle>();
for (Object[] os : fields)
{
Excel excel = (Excel) os[1];
String key = "data_" + excel.align() + "_" + excel.color();
if (!styles.containsKey(key))
{
CellStyle style = wb.createCellStyle();
style = wb.createCellStyle();
style.setAlignment(excel.align());
style.setVerticalAlignment(VerticalAlignment.CENTER);
style.setBorderRight(BorderStyle.THIN);
style.setRightBorderColor(IndexedColors.GREY_50_PERCENT.getIndex());
style.setBorderLeft(BorderStyle.THIN);
style.setLeftBorderColor(IndexedColors.GREY_50_PERCENT.getIndex());
style.setBorderTop(BorderStyle.THIN);
style.setTopBorderColor(IndexedColors.GREY_50_PERCENT.getIndex());
style.setBorderBottom(BorderStyle.THIN);
style.setBottomBorderColor(IndexedColors.GREY_50_PERCENT.getIndex());
Font dataFont = wb.createFont();
dataFont.setFontName("Arial");
dataFont.setFontHeightInPoints((short) 10);
dataFont.setColor(excel.color().index);
style.setFont(dataFont);
styles.put(key, style);
}
}
return styles;
}
@@ -582,7 +606,7 @@ public class ExcelUtil<T>
/**
* 设置单元格信息
*
*
* @param value 单元格值
* @param attr 注解相关
* @param cell 单元格信息
@@ -591,7 +615,13 @@ public class ExcelUtil<T>
{
if (ColumnType.STRING == attr.cellType())
{
cell.setCellValue(StringUtils.isNull(value) ? attr.defaultValue() : value + attr.suffix());
String cellValue = Convert.toStr(value);
// 对于任何以表达式触发字符 =-+@开头的单元格直接使用tab字符作为前缀防止CSV注入。
if (StringUtils.startsWithAny(cellValue, FORMULA_STR))
{
cellValue = RegExUtils.replaceFirst(cellValue, FORMULA_REGEX_STR, "\t$0");
}
cell.setCellValue(StringUtils.isNull(cellValue) ? attr.defaultValue() : cellValue + attr.suffix());
}
else if (ColumnType.NUMERIC == attr.cellType())
{
@@ -656,17 +686,10 @@ public class ExcelUtil<T>
// 设置列宽
sheet.setColumnWidth(column, (int) ((attr.width() + 0.72) * 256));
}
// 如果设置了提示信息则鼠标放上去提示.
if (StringUtils.isNotEmpty(attr.prompt()))
if (StringUtils.isNotEmpty(attr.prompt()) || attr.combo().length > 0)
{
// 这里默认设了2-101列提示.
setXSSFPrompt(sheet, "", attr.prompt(), 1, 100, column, column);
}
// 如果设置了combo属性则本列只能选择不能输入
if (attr.combo().length > 0)
{
// 这里默认设了2-101列只能选择不能输入.
setXSSFValidation(sheet, attr.combo(), 1, 100, column, column);
// 提示信息或只能选择不能输入的列内容.
setPromptOrValidation(sheet, attr.combo(), attr.prompt(), 1, 100, column, column);
}
}
@@ -685,8 +708,7 @@ public class ExcelUtil<T>
{
// 创建cell
cell = row.createCell(column);
int align = attr.align().value();
cell.setCellStyle(styles.get("data" + (align >= 1 && align <= 3 ? align : "")));
cell.setCellStyle(styles.get("data_" + attr.align() + "_" + attr.color()));
// 用于读取对象中的属性
Object value = getTargetValue(vo, field, attr);
@@ -695,7 +717,7 @@ public class ExcelUtil<T>
String separator = attr.separator();
if (StringUtils.isNotEmpty(dateFormat) && StringUtils.isNotNull(value))
{
cell.setCellValue(DateUtils.parseDateToStr(dateFormat, (Date) value));
cell.setCellValue(parseDateToStr(dateFormat, value));
}
else if (StringUtils.isNotEmpty(readConverterExp) && StringUtils.isNotNull(value))
{
@@ -725,48 +747,29 @@ public class ExcelUtil<T>
}
/**
* 设置 POI XSSFSheet 单元格提示
* 设置 POI XSSFSheet 单元格提示或选择框
*
* @param sheet 表单
* @param promptTitle 提示标题
* @param textlist 下拉框显示的内容
* @param promptContent 提示内容
* @param firstRow 开始行
* @param endRow 结束行
* @param firstCol 开始列
* @param endCol 结束列
*/
public void setXSSFPrompt(Sheet sheet, String promptTitle, String promptContent, int firstRow, int endRow,
public void setPromptOrValidation(Sheet sheet, String[] textlist, String promptContent, int firstRow, int endRow,
int firstCol, int endCol)
{
DataValidationHelper helper = sheet.getDataValidationHelper();
DataValidationConstraint constraint = helper.createCustomConstraint("DD1");
DataValidationConstraint constraint = textlist.length > 0 ? helper.createExplicitListConstraint(textlist) : helper.createCustomConstraint("DD1");
CellRangeAddressList regions = new CellRangeAddressList(firstRow, endRow, firstCol, endCol);
DataValidation dataValidation = helper.createValidation(constraint, regions);
dataValidation.createPromptBox(promptTitle, promptContent);
dataValidation.setShowPromptBox(true);
sheet.addValidationData(dataValidation);
}
/**
* 设置某些列的值只能输入预制的数据,显示下拉框.
*
* @param sheet 要设置的sheet.
* @param textlist 下拉框显示的内容
* @param firstRow 开始行
* @param endRow 结束行
* @param firstCol 开始列
* @param endCol 结束列
* @return 设置好的sheet.
*/
public void setXSSFValidation(Sheet sheet, String[] textlist, int firstRow, int endRow, int firstCol, int endCol)
{
DataValidationHelper helper = sheet.getDataValidationHelper();
// 加载下拉列表内容
DataValidationConstraint constraint = helper.createExplicitListConstraint(textlist);
// 设置数据有效性加载在哪个单元格上,四个参数分别是:起始行、终止行、起始列、终止列
CellRangeAddressList regions = new CellRangeAddressList(firstRow, endRow, firstCol, endCol);
// 数据有效性对象
DataValidation dataValidation = helper.createValidation(constraint, regions);
if (StringUtils.isNotEmpty(promptContent))
{
// 如果设置了提示信息则鼠标放上去提示
dataValidation.createPromptBox("", promptContent);
dataValidation.setShowPromptBox(true);
}
// 处理Excel兼容性问题
if (dataValidation instanceof XSSFDataValidation)
{
@@ -777,13 +780,12 @@ public class ExcelUtil<T>
{
dataValidation.setSuppressDropDownArrow(false);
}
sheet.addValidationData(dataValidation);
}
/**
* 解析导出值 0=男,1=女,2=未知
*
*
* @param propertyValue 参数值
* @param converterExp 翻译注解
* @param separator 分隔符
@@ -820,7 +822,7 @@ public class ExcelUtil<T>
/**
* 反向解析值 男=0,女=1,未知=2
*
*
* @param propertyValue 参数值
* @param converterExp 翻译注解
* @param separator 分隔符
@@ -857,7 +859,7 @@ public class ExcelUtil<T>
/**
* 数据处理器
*
*
* @param value 数据值
* @param excel 数据注解
* @return
@@ -925,7 +927,7 @@ public class ExcelUtil<T>
/**
* 获取bean中的属性值
*
*
* @param vo 实体对象
* @param field 字段
* @param excel 注解
@@ -938,7 +940,7 @@ public class ExcelUtil<T>
if (StringUtils.isNotEmpty(excel.targetAttr()))
{
String target = excel.targetAttr();
if (target.indexOf(".") > -1)
if (target.contains("."))
{
String[] targets = target.split("[.]");
for (String name : targets)
@@ -956,7 +958,7 @@ public class ExcelUtil<T>
/**
* 以类的属性的get方法方法形式获取值
*
*
* @param o
* @param name
* @return value
@@ -1033,7 +1035,7 @@ public class ExcelUtil<T>
for (Object[] os : this.fields)
{
Excel excel = (Excel) os[1];
maxHeight = maxHeight > excel.height() ? maxHeight : excel.height();
maxHeight = Math.max(maxHeight, excel.height());
}
return (short) (maxHeight * 20);
}
@@ -1051,7 +1053,7 @@ public class ExcelUtil<T>
/**
* 创建工作表
*
*
* @param sheetNo sheet数量
* @param index 序号
*/
@@ -1068,7 +1070,7 @@ public class ExcelUtil<T>
/**
* 获取单元格值
*
*
* @param row 获取的行
* @param column 获取单元格列号
* @return 单元格值
@@ -1128,7 +1130,7 @@ public class ExcelUtil<T>
/**
* 判断是否是空行
*
*
* @param row 判断的行
* @return
*/
@@ -1148,4 +1150,37 @@ public class ExcelUtil<T>
}
return true;
}
}
/**
* 格式化不同类型的日期对象
*
* @param dateFormat 日期格式
* @param val 被格式化的日期对象
* @return 格式化后的日期字符
*/
public String parseDateToStr(String dateFormat, Object val)
{
if (val == null)
{
return "";
}
String str;
if (val instanceof Date)
{
str = DateUtils.parseDateToStr(dateFormat, (Date) val);
}
else if (val instanceof LocalDateTime)
{
str = DateUtils.parseDateToStr(dateFormat, DateUtils.toDate((LocalDateTime) val));
}
else if (val instanceof LocalDate)
{
str = DateUtils.parseDateToStr(dateFormat, DateUtils.toDate((LocalDate) val));
}
else
{
str = val.toString();
}
return str;
}
}

24
ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/utils/sql/SqlUtil.java
View File

@@ -10,6 +10,11 @@ import com.ruoyi.common.core.utils.StringUtils;
*/
public class SqlUtil
{
/**
* 定义常用的 sql关键字
*/
public static String SQL_REGEX = "select |insert |delete |update |drop |count |exec |chr |mid |master |truncate |char |and |declare ";
/**
* 仅支持字母、数字、下划线、空格、逗号、小数点(支持多个字段排序)
*/
@@ -34,4 +39,23 @@ public class SqlUtil
{
return value.matches(SQL_PATTERN);
}
/**
* SQL关键字检查
*/
public static void filterKeyword(String value)
{
if (StringUtils.isEmpty(value))
{
return;
}
String[] sqlKeywords = StringUtils.split(SQL_REGEX, "\\|");
for (String sqlKeyword : sqlKeywords)
{
if (StringUtils.indexOfIgnoreCase(value, sqlKeyword) > -1)
{
throw new UtilException("参数存在SQL注入风险");
}
}
}
}

4
ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/utils/IdUtils.java → ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/utils/uuid/IdUtils.java
View File

@@ -1,6 +1,4 @@
package com.ruoyi.common.core.utils;
import com.ruoyi.common.core.text.UUID;
package com.ruoyi.common.core.utils.uuid;
/**
* ID生成器工具类

86
ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/utils/uuid/Seq.java Normal file
View File

@@ -0,0 +1,86 @@
package com.ruoyi.common.core.utils.uuid;
import java.util.concurrent.atomic.AtomicInteger;
import com.ruoyi.common.core.utils.DateUtils;
import com.ruoyi.common.core.utils.StringUtils;
/**
* @author ruoyi 序列生成类
*/
public class Seq
{
// 通用序列类型
public static final String commSeqType = "COMMON";
// 上传序列类型
public static final String uploadSeqType = "UPLOAD";
// 通用接口序列数
private static AtomicInteger commSeq = new AtomicInteger(1);
// 上传接口序列数
private static AtomicInteger uploadSeq = new AtomicInteger(1);
// 机器标识
private static String machineCode = "A";
/**
* 获取通用序列号
*
* @return 序列值
*/
public static String getId()
{
return getId(commSeqType);
}
/**
* 默认16位序列号 yyMMddHHmmss + 一位机器标识 + 3长度循环递增字符串
*
* @return 序列值
*/
public static String getId(String type)
{
AtomicInteger atomicInt = commSeq;
if (uploadSeqType.equals(type))
{
atomicInt = uploadSeq;
}
return getId(atomicInt, 3);
}
/**
* 通用接口序列号 yyMMddHHmmss + 一位机器标识 + length长度循环递增字符串
*
* @param atomicInt 序列数
* @param length 数值长度
* @return 序列值
*/
public static String getId(AtomicInteger atomicInt, int length)
{
String result = DateUtils.dateTimeNow();
result += machineCode;
result += getSeq(atomicInt, length);
return result;
}
/**
* 序列循环递增字符串[1, 10 的 (length)幂次方), 用0左补齐length位数
*
* @return 序列值
*/
private synchronized static String getSeq(AtomicInteger atomicInt, int length)
{
// 先取值再+1
int value = atomicInt.getAndIncrement();
// 如果更新后值>=10 的 (length)幂次方则重置为1
int maxSeq = (int) Math.pow(10, length);
if (atomicInt.get() >= maxSeq)
{
atomicInt.set(1);
}
// 转字符串用0左补齐
return StringUtils.padl(value, length);
}
}

2
ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/text/UUID.java → ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/utils/uuid/UUID.java
View File

@@ -1,4 +1,4 @@
package com.ruoyi.common.core.text;
package com.ruoyi.common.core.utils.uuid;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;

24
ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/web/controller/BaseController.java
View File

@@ -7,16 +7,12 @@ import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.web.bind.WebDataBinder;
import org.springframework.web.bind.annotation.InitBinder;
import com.github.pagehelper.PageHelper;
import com.github.pagehelper.PageInfo;
import com.ruoyi.common.core.constant.HttpStatus;
import com.ruoyi.common.core.utils.DateUtils;
import com.ruoyi.common.core.utils.StringUtils;
import com.ruoyi.common.core.utils.sql.SqlUtil;
import com.ruoyi.common.core.utils.PageUtils;
import com.ruoyi.common.core.web.domain.AjaxResult;
import com.ruoyi.common.core.web.page.PageDomain;
import com.ruoyi.common.core.web.page.TableDataInfo;
import com.ruoyi.common.core.web.page.TableSupport;
/**
* web层通用数据处理
@@ -49,15 +45,15 @@ public class BaseController
*/
protected void startPage()
{
PageDomain pageDomain = TableSupport.buildPageRequest();
Integer pageNum = pageDomain.getPageNum();
Integer pageSize = pageDomain.getPageSize();
if (StringUtils.isNotNull(pageNum) && StringUtils.isNotNull(pageSize))
{
String orderBy = SqlUtil.escapeOrderBySql(pageDomain.getOrderBy());
Boolean reasonable = pageDomain.getReasonable();
PageHelper.startPage(pageNum, pageSize, orderBy).setReasonable(reasonable);
}
PageUtils.startPage();
}
/**
* 清理分页的线程变量
*/
protected void clearPage()
{
PageUtils.clearPage();
}
/**

5
ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/web/page/TableSupport.java
View File

@@ -1,5 +1,6 @@
package com.ruoyi.common.core.web.page;
import com.ruoyi.common.core.text.Convert;
import com.ruoyi.common.core.utils.ServletUtils;
/**
@@ -40,8 +41,8 @@ public class TableSupport
public static PageDomain getPageDomain()
{
PageDomain pageDomain = new PageDomain();
pageDomain.setPageNum(ServletUtils.getParameterToInt(PAGE_NUM));
pageDomain.setPageSize(ServletUtils.getParameterToInt(PAGE_SIZE));
pageDomain.setPageNum(Convert.toInt(ServletUtils.getParameter(PAGE_NUM), 1));
pageDomain.setPageSize(Convert.toInt(ServletUtils.getParameter(PAGE_SIZE), 10));
pageDomain.setOrderByColumn(ServletUtils.getParameter(ORDER_BY_COLUMN));
pageDomain.setIsAsc(ServletUtils.getParameter(IS_ASC));
pageDomain.setReasonable(ServletUtils.getParameterToBool(REASONABLE));

27
ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/xss/Xss.java Normal file
View File

@@ -0,0 +1,27 @@
package com.ruoyi.common.core.xss;
import javax.validation.Constraint;
import javax.validation.Payload;
import java.lang.annotation.ElementType;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;
/**
* 自定义xss校验注解
*
* @author ruoyi
*/
@Retention(RetentionPolicy.RUNTIME)
@Target(value = { ElementType.METHOD, ElementType.FIELD, ElementType.CONSTRUCTOR, ElementType.PARAMETER })
@Constraint(validatedBy = { XssValidator.class })
public @interface Xss
{
String message()
default "不允许任何脚本运行";
Class<?>[] groups() default {};
Class<? extends Payload>[] payload() default {};
}

34
ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/xss/XssValidator.java Normal file
View File

@@ -0,0 +1,34 @@
package com.ruoyi.common.core.xss;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.validation.ConstraintValidator;
import javax.validation.ConstraintValidatorContext;
import com.ruoyi.common.core.utils.StringUtils;
/**
* 自定义xss校验注解实现
*
* @author ruoyi
*/
public class XssValidator implements ConstraintValidator<Xss, String>
{
private static final String HTML_PATTERN = "<(\\S*?)[^>]*>.*?|<.*? />";
@Override
public boolean isValid(String value, ConstraintValidatorContext constraintValidatorContext)
{
if (StringUtils.isBlank(value))
{
return true;
}
return !containsHtml(value);
}
public static boolean containsHtml(String value)
{
Pattern pattern = Pattern.compile(HTML_PATTERN);
Matcher matcher = pattern.matcher(value);
return matcher.matches();
}
}

4
ruoyi-common/ruoyi-common-core/src/main/resources/META-INF/spring.factories
View File

@@ -1,4 +0,0 @@
org.springframework.boot.autoconfigure.EnableAutoConfiguration=\
com.ruoyi.common.core.utils.SpringUtils

1
ruoyi-common/ruoyi-common-core/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports Normal file
View File

@@ -0,0 +1 @@
com.ruoyi.common.core.utils.SpringUtils

2
ruoyi-common/ruoyi-common-datascope/pom.xml
View File

@@ -5,7 +5,7 @@
<parent>
<groupId>com.ruoyi</groupId>
<artifactId>ruoyi-common</artifactId>
<version>3.2.0</version>
<version>3.6.0</version>
</parent>
<modelVersion>4.0.0</modelVersion>

10
ruoyi-common/ruoyi-common-datascope/src/main/java/com/ruoyi/common/datascope/aspect/DataScopeAspect.java
View File

@@ -3,12 +3,11 @@ package com.ruoyi.common.datascope.aspect;
import org.aspectj.lang.JoinPoint;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.annotation.Before;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import com.ruoyi.common.core.utils.StringUtils;
import com.ruoyi.common.core.web.domain.BaseEntity;
import com.ruoyi.common.datascope.annotation.DataScope;
import com.ruoyi.common.security.service.TokenService;
import com.ruoyi.common.security.utils.SecurityUtils;
import com.ruoyi.system.api.domain.SysRole;
import com.ruoyi.system.api.domain.SysUser;
import com.ruoyi.system.api.model.LoginUser;
@@ -52,9 +51,6 @@ public class DataScopeAspect
*/
public static final String DATA_SCOPE = "dataScope";
@Autowired
private TokenService tokenService;
@Before("@annotation(controllerDataScope)")
public void doBefore(JoinPoint point, DataScope controllerDataScope) throws Throwable
{
@@ -65,7 +61,7 @@ public class DataScopeAspect
protected void handleDataScope(final JoinPoint joinPoint, DataScope controllerDataScope)
{
// 获取当前的用户
LoginUser loginUser = tokenService.getLoginUser();
LoginUser loginUser = SecurityUtils.getLoginUser();
if (StringUtils.isNotNull(loginUser))
{
SysUser currentUser = loginUser.getSysUser();
@@ -123,7 +119,7 @@ public class DataScopeAspect
else
{
// 数据权限为仅本人且没有userAlias别名不查询任何数据
sqlString.append(" OR 1=0 ");
sqlString.append(StringUtils.format(" OR {}.dept_id = 0 ", deptAlias));
}
}
}

4
ruoyi-common/ruoyi-common-datascope/src/main/resources/META-INF/spring.factories
View File

@@ -1,4 +0,0 @@
org.springframework.boot.autoconfigure.EnableAutoConfiguration=\
com.ruoyi.common.datascope.aspect.DataScopeAspect

1
ruoyi-common/ruoyi-common-datascope/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports Normal file
View File

@@ -0,0 +1 @@
com.ruoyi.common.datascope.aspect.DataScopeAspect

2
ruoyi-common/ruoyi-common-datasource/pom.xml
View File

@@ -5,7 +5,7 @@
<parent>
<groupId>com.ruoyi</groupId>
<artifactId>ruoyi-common</artifactId>
<version>3.2.0</version>
<version>3.6.0</version>
</parent>
<modelVersion>4.0.0</modelVersion>

2
ruoyi-common/ruoyi-common-log/pom.xml
View File

@@ -5,7 +5,7 @@
<parent>
<groupId>com.ruoyi</groupId>
<artifactId>ruoyi-common</artifactId>
<version>3.2.0</version>
<version>3.6.0</version>
</parent>
<modelVersion>4.0.0</modelVersion>

4
ruoyi-common/ruoyi-common-log/src/main/java/com/ruoyi/common/log/aspect/LogAspect.java
View File

@@ -15,14 +15,14 @@ import org.springframework.http.HttpMethod;
import org.springframework.stereotype.Component;
import org.springframework.validation.BindingResult;
import org.springframework.web.multipart.MultipartFile;
import com.alibaba.fastjson.JSON;
import com.ruoyi.common.core.utils.SecurityUtils;
import com.alibaba.fastjson2.JSON;
import com.ruoyi.common.core.utils.ServletUtils;
import com.ruoyi.common.core.utils.StringUtils;
import com.ruoyi.common.core.utils.ip.IpUtils;
import com.ruoyi.common.log.annotation.Log;
import com.ruoyi.common.log.enums.BusinessStatus;
import com.ruoyi.common.log.service.AsyncLogService;
import com.ruoyi.common.security.utils.SecurityUtils;
import com.ruoyi.system.api.domain.SysOperLog;
/**

3
ruoyi-common/ruoyi-common-log/src/main/resources/META-INF/spring.factories
View File

@@ -1,3 +0,0 @@
org.springframework.boot.autoconfigure.EnableAutoConfiguration=\
com.ruoyi.common.log.service.AsyncLogService,\
com.ruoyi.common.log.aspect.LogAspect

2
ruoyi-common/ruoyi-common-log/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports Normal file
View File

@@ -0,0 +1,2 @@
com.ruoyi.common.log.service.AsyncLogService
com.ruoyi.common.log.aspect.LogAspect

2
ruoyi-common/ruoyi-common-redis/pom.xml
View File

@@ -5,7 +5,7 @@
<parent>
<groupId>com.ruoyi</groupId>
<artifactId>ruoyi-common</artifactId>
<version>3.2.0</version>
<version>3.6.0</version>
</parent>
<modelVersion>4.0.0</modelVersion>

34
ruoyi-common/ruoyi-common-redis/src/main/java/com/ruoyi/common/redis/configure/FastJson2JsonRedisSerializer.java
View File

@@ -1,15 +1,11 @@
package com.ruoyi.common.redis.configure;
import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.serializer.SerializerFeature;
import com.fasterxml.jackson.databind.JavaType;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.databind.type.TypeFactory;
import java.nio.charset.Charset;
import org.springframework.data.redis.serializer.RedisSerializer;
import org.springframework.data.redis.serializer.SerializationException;
import com.alibaba.fastjson.parser.ParserConfig;
import org.springframework.util.Assert;
import java.nio.charset.Charset;
import com.alibaba.fastjson2.JSON;
import com.alibaba.fastjson2.JSONReader;
import com.alibaba.fastjson2.JSONWriter;
/**
* Redis使用FastJson序列化
@@ -18,17 +14,10 @@ import java.nio.charset.Charset;
*/
public class FastJson2JsonRedisSerializer<T> implements RedisSerializer<T>
{
@SuppressWarnings("unused")
private ObjectMapper objectMapper = new ObjectMapper();
public static final Charset DEFAULT_CHARSET = Charset.forName("UTF-8");
private Class<T> clazz;
static
{
ParserConfig.getGlobalInstance().setAutoTypeSupport(true);
}
public FastJson2JsonRedisSerializer(Class<T> clazz)
{
@@ -43,7 +32,7 @@ public class FastJson2JsonRedisSerializer<T> implements RedisSerializer<T>
{
return new byte[0];
}
return JSON.toJSONString(t, SerializerFeature.WriteClassName).getBytes(DEFAULT_CHARSET);
return JSON.toJSONString(t, JSONWriter.Feature.WriteClassName).getBytes(DEFAULT_CHARSET);
}
@Override
@@ -55,17 +44,6 @@ public class FastJson2JsonRedisSerializer<T> implements RedisSerializer<T>
}
String str = new String(bytes, DEFAULT_CHARSET);
return JSON.parseObject(str, clazz);
}
public void setObjectMapper(ObjectMapper objectMapper)
{
Assert.notNull(objectMapper, "'objectMapper' must not be null");
this.objectMapper = objectMapper;
}
protected JavaType getJavaType(Class<?> clazz)
{
return TypeFactory.defaultInstance().constructType(clazz);
return JSON.parseObject(str, clazz, JSONReader.Feature.SupportAutoType);
}
}

13
ruoyi-common/ruoyi-common-redis/src/main/java/com/ruoyi/common/redis/configure/RedisConfig.java
View File

@@ -1,5 +1,7 @@
package com.ruoyi.common.redis.configure;
import org.springframework.boot.autoconfigure.AutoConfigureBefore;
import org.springframework.boot.autoconfigure.data.redis.RedisAutoConfiguration;
import org.springframework.cache.annotation.CachingConfigurerSupport;
import org.springframework.cache.annotation.EnableCaching;
import org.springframework.context.annotation.Bean;
@@ -7,11 +9,6 @@ import org.springframework.context.annotation.Configuration;
import org.springframework.data.redis.connection.RedisConnectionFactory;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.data.redis.serializer.StringRedisSerializer;
import com.fasterxml.jackson.annotation.JsonAutoDetect;
import com.fasterxml.jackson.annotation.JsonTypeInfo;
import com.fasterxml.jackson.annotation.PropertyAccessor;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.databind.jsontype.impl.LaissezFaireSubTypeValidator;
/**
* redis配置
@@ -20,6 +17,7 @@ import com.fasterxml.jackson.databind.jsontype.impl.LaissezFaireSubTypeValidator
*/
@Configuration
@EnableCaching
@AutoConfigureBefore(RedisAutoConfiguration.class)
public class RedisConfig extends CachingConfigurerSupport
{
@Bean
@@ -31,11 +29,6 @@ public class RedisConfig extends CachingConfigurerSupport
FastJson2JsonRedisSerializer serializer = new FastJson2JsonRedisSerializer(Object.class);
ObjectMapper mapper = new ObjectMapper();
mapper.setVisibility(PropertyAccessor.ALL, JsonAutoDetect.Visibility.ANY);
mapper.activateDefaultTyping(LaissezFaireSubTypeValidator.instance, ObjectMapper.DefaultTyping.NON_FINAL, JsonTypeInfo.As.PROPERTY);
serializer.setObjectMapper(mapper);
// 使用StringRedisSerializer来序列化和反序列化redis的key值
template.setKeySerializer(new StringRedisSerializer());
template.setValueSerializer(serializer);

11
ruoyi-common/ruoyi-common-redis/src/main/java/com/ruoyi/common/redis/service/RedisService.java
View File

@@ -74,6 +74,17 @@ public class RedisService
return redisTemplate.expire(key, timeout, unit);
}
/**
* 获取有效时间
*
* @param key Redis键
* @return 有效时间
*/
public long getExpire(final String key)
{
return redisTemplate.getExpire(key);
}
/**
* 判断 key是否存在
*

5
ruoyi-common/ruoyi-common-redis/src/main/resources/META-INF/spring.factories
View File

@@ -1,5 +0,0 @@
org.springframework.boot.autoconfigure.EnableAutoConfiguration=\
com.ruoyi.common.redis.configure.RedisConfig,\
com.ruoyi.common.redis.service.RedisService

2
ruoyi-common/ruoyi-common-redis/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports Normal file
View File

@@ -0,0 +1,2 @@
com.ruoyi.common.redis.configure.RedisConfig
com.ruoyi.common.redis.service.RedisService

14
ruoyi-common/ruoyi-common-security/pom.xml
View File

@@ -4,7 +4,7 @@
<parent>
<groupId>com.ruoyi</groupId>
<artifactId>ruoyi-common</artifactId>
<version>3.2.0</version>
<version>3.6.0</version>
</parent>
<modelVersion>4.0.0</modelVersion>
@@ -15,19 +15,25 @@
</description>
<dependencies>
<!-- Spring Web -->
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-webmvc</artifactId>
</dependency>
<!-- RuoYi Api System -->
<dependency>
<groupId>com.ruoyi</groupId>
<artifactId>ruoyi-api-system</artifactId>
</dependency>
<!-- RuoYi Common Redis-->
<dependency>
<groupId>com.ruoyi</groupId>
<artifactId>ruoyi-common-redis</artifactId>
</dependency>
</dependencies>
</project>

20
ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/annotation/Logical.java Normal file
View File

@@ -0,0 +1,20 @@
package com.ruoyi.common.security.annotation;
/**
* 权限注解的验证模式
*
* @author ruoyi
*
*/
public enum Logical
{
/**
* 必须具有所有的元素
*/
AND,
/**
* 只需具有其中一个元素
*/
OR
}

46
ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/annotation/PreAuthorize.java
View File

@@ -1,46 +0,0 @@
package com.ruoyi.common.security.annotation;
import java.lang.annotation.ElementType;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;
/**
* 权限注解
*
* @author ruoyi
*/
@Target({ ElementType.TYPE, ElementType.METHOD })
@Retention(RetentionPolicy.RUNTIME)
public @interface PreAuthorize
{
/**
* 验证用户是否具备某权限
*/
public String hasPermi() default "";
/**
* 验证用户是否不具备某权限,与 hasPermi逻辑相反
*/
public String lacksPermi() default "";
/**
* 验证用户是否具有以下任意一个权限
*/
public String[] hasAnyPermi() default {};
/**
* 判断用户是否拥有某个角色
*/
public String hasRole() default "";
/**
* 验证用户是否不具备某角色,与 isRole逻辑相反
*/
public String lacksRole() default "";
/**
* 验证用户是否具有以下任意一个角色
*/
public String[] hasAnyRoles() default {};
}

18
ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/annotation/RequiresLogin.java Normal file
View File

@@ -0,0 +1,18 @@
package com.ruoyi.common.security.annotation;
import java.lang.annotation.ElementType;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;
/**
* 登录认证:只有登录之后才能进入该方法
*
* @author ruoyi
*
*/
@Retention(RetentionPolicy.RUNTIME)
@Target({ ElementType.METHOD, ElementType.TYPE })
public @interface RequiresLogin
{
}

27
ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/annotation/RequiresPermissions.java Normal file
View File

@@ -0,0 +1,27 @@
package com.ruoyi.common.security.annotation;
import java.lang.annotation.ElementType;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;
/**
* 权限认证:必须具有指定权限才能进入该方法
*
* @author ruoyi
*
*/
@Retention(RetentionPolicy.RUNTIME)
@Target({ ElementType.METHOD, ElementType.TYPE })
public @interface RequiresPermissions
{
/**
* 需要校验的权限码
*/
String[] value() default {};
/**
* 验证模式AND | OR默认AND
*/
Logical logical() default Logical.AND;
}

26
ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/annotation/RequiresRoles.java Normal file
View File

@@ -0,0 +1,26 @@
package com.ruoyi.common.security.annotation;
import java.lang.annotation.ElementType;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;
/**
* 角色认证:必须具有指定角色标识才能进入该方法
*
* @author ruoyi
*/
@Retention(RetentionPolicy.RUNTIME)
@Target({ ElementType.METHOD, ElementType.TYPE })
public @interface RequiresRoles
{
/**
* 需要校验的角色标识
*/
String[] value() default {};
/**
* 验证逻辑AND | OR默认AND
*/
Logical logical() default Logical.AND;
}

322
ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/aspect/PreAuthorizeAspect.java
View File

@@ -1,225 +1,97 @@
package com.ruoyi.common.security.aspect;
import java.lang.reflect.Method;
import java.util.Collection;
import org.aspectj.lang.ProceedingJoinPoint;
import org.aspectj.lang.Signature;
import org.aspectj.lang.annotation.Around;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.reflect.MethodSignature;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import org.springframework.util.CollectionUtils;
import org.springframework.util.PatternMatchUtils;
import com.ruoyi.common.core.exception.PreAuthorizeException;
import com.ruoyi.common.core.utils.StringUtils;
import com.ruoyi.common.security.annotation.PreAuthorize;
import com.ruoyi.common.security.service.TokenService;
import com.ruoyi.system.api.model.LoginUser;
/**
* 自定义权限实现
*
* @author ruoyi
*/
@Aspect
@Component
public class PreAuthorizeAspect
{
@Autowired
private TokenService tokenService;
/** 所有权限标识 */
private static final String ALL_PERMISSION = "*:*:*";
/** 管理员角色权限标识 */
private static final String SUPER_ADMIN = "admin";
/** 数组为0时 */
private static final Integer ARRAY_EMPTY = 0;
@Around("@annotation(com.ruoyi.common.security.annotation.PreAuthorize)")
public Object around(ProceedingJoinPoint point) throws Throwable
{
Signature signature = point.getSignature();
MethodSignature methodSignature = (MethodSignature) signature;
Method method = methodSignature.getMethod();
PreAuthorize annotation = method.getAnnotation(PreAuthorize.class);
if (annotation == null)
{
return point.proceed();
}
if (StringUtils.isNotEmpty(annotation.hasPermi()))
{
if (hasPermi(annotation.hasPermi()))
{
return point.proceed();
}
throw new PreAuthorizeException();
}
else if (StringUtils.isNotEmpty(annotation.lacksPermi()))
{
if (lacksPermi(annotation.lacksPermi()))
{
return point.proceed();
}
throw new PreAuthorizeException();
}
else if (ARRAY_EMPTY < annotation.hasAnyPermi().length)
{
if (hasAnyPermi(annotation.hasAnyPermi()))
{
return point.proceed();
}
throw new PreAuthorizeException();
}
else if (StringUtils.isNotEmpty(annotation.hasRole()))
{
if (hasRole(annotation.hasRole()))
{
return point.proceed();
}
throw new PreAuthorizeException();
}
else if (StringUtils.isNotEmpty(annotation.lacksRole()))
{
if (lacksRole(annotation.lacksRole()))
{
return point.proceed();
}
throw new PreAuthorizeException();
}
else if (ARRAY_EMPTY < annotation.hasAnyRoles().length)
{
if (hasAnyRoles(annotation.hasAnyRoles()))
{
return point.proceed();
}
throw new PreAuthorizeException();
}
return point.proceed();
}
/**
* 验证用户是否具备某权限
*
* @param permission 权限字符串
* @return 用户是否具备某权限
*/
public boolean hasPermi(String permission)
{
LoginUser userInfo = tokenService.getLoginUser();
if (StringUtils.isNull(userInfo) || CollectionUtils.isEmpty(userInfo.getPermissions()))
{
return false;
}
return hasPermissions(userInfo.getPermissions(), permission);
}
/**
* 验证用户是否不具备某权限,与 hasPermi逻辑相反
*
* @param permission 权限字符串
* @return 用户是否不具备某权限
*/
public boolean lacksPermi(String permission)
{
return hasPermi(permission) != true;
}
/**
* 验证用户是否具有以下任意一个权限
*
* @param permissions 权限列表
* @return 用户是否具有以下任意一个权限
*/
public boolean hasAnyPermi(String[] permissions)
{
LoginUser userInfo = tokenService.getLoginUser();
if (StringUtils.isNull(userInfo) || CollectionUtils.isEmpty(userInfo.getPermissions()))
{
return false;
}
Collection<String> authorities = userInfo.getPermissions();
for (String permission : permissions)
{
if (permission != null && hasPermissions(authorities, permission))
{
return true;
}
}
return false;
}
/**
* 判断用户是否拥有某个角色
*
* @param role 角色字符串
* @return 用户是否具备某角色
*/
public boolean hasRole(String role)
{
LoginUser userInfo = tokenService.getLoginUser();
if (StringUtils.isNull(userInfo) || CollectionUtils.isEmpty(userInfo.getRoles()))
{
return false;
}
for (String roleKey : userInfo.getRoles())
{
if (SUPER_ADMIN.equals(roleKey) || roleKey.equals(role))
{
return true;
}
}
return false;
}
/**
* 验证用户是否不具备某角色,与 isRole逻辑相反。
*
* @param role 角色名称
* @return 用户是否不具备某角色
*/
public boolean lacksRole(String role)
{
return hasRole(role) != true;
}
/**
* 验证用户是否具有以下任意一个角色
*
* @param roles 角色列表
* @return 用户是否具有以下任意一个角色
*/
public boolean hasAnyRoles(String[] roles)
{
LoginUser userInfo = tokenService.getLoginUser();
if (StringUtils.isNull(userInfo) || CollectionUtils.isEmpty(userInfo.getRoles()))
{
return false;
}
for (String role : roles)
{
if (hasRole(role))
{
return true;
}
}
return false;
}
/**
* 判断是否包含权限
*
* @param authorities 权限列表
* @param permission 权限字符串
* @return 用户是否具备某权限
*/
private boolean hasPermissions(Collection<String> authorities, String permission)
{
return authorities.stream().filter(StringUtils::hasText)
.anyMatch(x -> ALL_PERMISSION.contains(x) || PatternMatchUtils.simpleMatch(x, permission));
}
}
package com.ruoyi.common.security.aspect;
import java.lang.reflect.Method;
import org.aspectj.lang.ProceedingJoinPoint;
import org.aspectj.lang.annotation.Around;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.annotation.Pointcut;
import org.aspectj.lang.reflect.MethodSignature;
import org.springframework.stereotype.Component;
import com.ruoyi.common.security.annotation.RequiresLogin;
import com.ruoyi.common.security.annotation.RequiresPermissions;
import com.ruoyi.common.security.annotation.RequiresRoles;
import com.ruoyi.common.security.auth.AuthUtil;
/**
* 基于 Spring Aop 的注解鉴权
*
* @author kong
*/
@Aspect
@Component
public class PreAuthorizeAspect
{
/**
* 构建
*/
public PreAuthorizeAspect()
{
}
/**
* 定义AOP签名 (切入所有使用鉴权注解的方法)
*/
public static final String POINTCUT_SIGN = " @annotation(com.ruoyi.common.security.annotation.RequiresLogin) || "
+ "@annotation(com.ruoyi.common.security.annotation.RequiresPermissions) || "
+ "@annotation(com.ruoyi.common.security.annotation.RequiresRoles)";
/**
* 声明AOP签名
*/
@Pointcut(POINTCUT_SIGN)
public void pointcut()
{
}
/**
* 环绕切入
*
* @param joinPoint 切面对象
* @return 底层方法执行后的返回值
* @throws Throwable 底层方法抛出的异常
*/
@Around("pointcut()")
public Object around(ProceedingJoinPoint joinPoint) throws Throwable
{
// 注解鉴权
MethodSignature signature = (MethodSignature) joinPoint.getSignature();
checkMethodAnnotation(signature.getMethod());
try
{
// 执行原有逻辑
Object obj = joinPoint.proceed();
return obj;
}
catch (Throwable e)
{
throw e;
}
}
/**
* 对一个Method对象进行注解检查
*/
public void checkMethodAnnotation(Method method)
{
// 校验 @RequiresLogin 注解
RequiresLogin requiresLogin = method.getAnnotation(RequiresLogin.class);
if (requiresLogin != null)
{
AuthUtil.checkLogin();
}
// 校验 @RequiresRoles 注解
RequiresRoles requiresRoles = method.getAnnotation(RequiresRoles.class);
if (requiresRoles != null)
{
AuthUtil.checkRole(requiresRoles);
}
// 校验 @RequiresPermissions 注解
RequiresPermissions requiresPermissions = method.getAnnotation(RequiresPermissions.class);
if (requiresPermissions != null)
{
AuthUtil.checkPermi(requiresPermissions);
}
}
}

371
ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/auth/AuthLogic.java Normal file
View File

@@ -0,0 +1,371 @@
package com.ruoyi.common.security.auth;
import java.util.Collection;
import java.util.HashSet;
import java.util.Set;
import org.springframework.util.PatternMatchUtils;
import com.ruoyi.common.core.exception.auth.NotLoginException;
import com.ruoyi.common.core.exception.auth.NotPermissionException;
import com.ruoyi.common.core.exception.auth.NotRoleException;
import com.ruoyi.common.core.utils.SpringUtils;
import com.ruoyi.common.core.utils.StringUtils;
import com.ruoyi.common.security.annotation.Logical;
import com.ruoyi.common.security.annotation.RequiresLogin;
import com.ruoyi.common.security.annotation.RequiresPermissions;
import com.ruoyi.common.security.annotation.RequiresRoles;
import com.ruoyi.common.security.service.TokenService;
import com.ruoyi.common.security.utils.SecurityUtils;
import com.ruoyi.system.api.model.LoginUser;
/**
* Token 权限验证,逻辑实现类
*
* @author ruoyi
*/
public class AuthLogic
{
/** 所有权限标识 */
private static final String ALL_PERMISSION = "*:*:*";
/** 管理员角色权限标识 */
private static final String SUPER_ADMIN = "admin";
public TokenService tokenService = SpringUtils.getBean(TokenService.class);
/**
* 会话注销
*/
public void logout()
{
String token = SecurityUtils.getToken();
if (token == null)
{
return;
}
logoutByToken(token);
}
/**
* 会话注销根据指定Token
*/
public void logoutByToken(String token)
{
tokenService.delLoginUser(token);
}
/**
* 检验用户是否已经登录,如未登录,则抛出异常
*/
public void checkLogin()
{
getLoginUser();
}
/**
* 获取当前用户缓存信息, 如果未登录,则抛出异常
*
* @return 用户缓存信息
*/
public LoginUser getLoginUser()
{
String token = SecurityUtils.getToken();
if (token == null)
{
throw new NotLoginException("未提供token");
}
LoginUser loginUser = SecurityUtils.getLoginUser();
if (loginUser == null)
{
throw new NotLoginException("无效的token");
}
return loginUser;
}
/**
* 获取当前用户缓存信息, 如果未登录,则抛出异常
*
* @param token 前端传递的认证信息
* @return 用户缓存信息
*/
public LoginUser getLoginUser(String token)
{
return tokenService.getLoginUser(token);
}
/**
* 验证当前用户有效期, 如果相差不足120分钟自动刷新缓存
*
* @param loginUser 当前用户信息
*/
public void verifyLoginUserExpire(LoginUser loginUser)
{
tokenService.verifyToken(loginUser);
}
/**
* 验证用户是否具备某权限
*
* @param permission 权限字符串
* @return 用户是否具备某权限
*/
public boolean hasPermi(String permission)
{
return hasPermi(getPermiList(), permission);
}
/**
* 验证用户是否具备某权限, 如果验证未通过,则抛出异常: NotPermissionException
*
* @param permission 权限字符串
* @return 用户是否具备某权限
*/
public void checkPermi(String permission)
{
if (!hasPermi(getPermiList(), permission))
{
throw new NotPermissionException(permission);
}
}
/**
* 根据注解(@RequiresPermissions)鉴权, 如果验证未通过,则抛出异常: NotPermissionException
*
* @param requiresPermissions 注解对象
*/
public void checkPermi(RequiresPermissions requiresPermissions)
{
if (requiresPermissions.logical() == Logical.AND)
{
checkPermiAnd(requiresPermissions.value());
}
else
{
checkPermiOr(requiresPermissions.value());
}
}
/**
* 验证用户是否含有指定权限,必须全部拥有
*
* @param permissions 权限列表
*/
public void checkPermiAnd(String... permissions)
{
Set<String> permissionList = getPermiList();
for (String permission : permissions)
{
if (!hasPermi(permissionList, permission))
{
throw new NotPermissionException(permission);
}
}
}
/**
* 验证用户是否含有指定权限,只需包含其中一个
*
* @param permissions 权限码数组
*/
public void checkPermiOr(String... permissions)
{
Set<String> permissionList = getPermiList();
for (String permission : permissions)
{
if (hasPermi(permissionList, permission))
{
return;
}
}
if (permissions.length > 0)
{
throw new NotPermissionException(permissions);
}
}
/**
* 判断用户是否拥有某个角色
*
* @param role 角色标识
* @return 用户是否具备某角色
*/
public boolean hasRole(String role)
{
return hasRole(getRoleList(), role);
}
/**
* 判断用户是否拥有某个角色, 如果验证未通过,则抛出异常: NotRoleException
*
* @param role 角色标识
*/
public void checkRole(String role)
{
if (!hasRole(role))
{
throw new NotRoleException(role);
}
}
/**
* 根据注解(@RequiresRoles)鉴权
*
* @param requiresRoles 注解对象
*/
public void checkRole(RequiresRoles requiresRoles)
{
if (requiresRoles.logical() == Logical.AND)
{
checkRoleAnd(requiresRoles.value());
}
else
{
checkRoleOr(requiresRoles.value());
}
}
/**
* 验证用户是否含有指定角色,必须全部拥有
*
* @param roles 角色标识数组
*/
public void checkRoleAnd(String... roles)
{
Set<String> roleList = getRoleList();
for (String role : roles)
{
if (!hasRole(roleList, role))
{
throw new NotRoleException(role);
}
}
}
/**
* 验证用户是否含有指定角色,只需包含其中一个
*
* @param roles 角色标识数组
*/
public void checkRoleOr(String... roles)
{
Set<String> roleList = getRoleList();
for (String role : roles)
{
if (hasRole(roleList, role))
{
return;
}
}
if (roles.length > 0)
{
throw new NotRoleException(roles);
}
}
/**
* 根据注解(@RequiresLogin)鉴权
*
* @param at 注解对象
*/
public void checkByAnnotation(RequiresLogin at)
{
this.checkLogin();
}
/**
* 根据注解(@RequiresRoles)鉴权
*
* @param at 注解对象
*/
public void checkByAnnotation(RequiresRoles at)
{
String[] roleArray = at.value();
if (at.logical() == Logical.AND)
{
this.checkRoleAnd(roleArray);
}
else
{
this.checkRoleOr(roleArray);
}
}
/**
* 根据注解(@RequiresPermissions)鉴权
*
* @param at 注解对象
*/
public void checkByAnnotation(RequiresPermissions at)
{
String[] permissionArray = at.value();
if (at.logical() == Logical.AND)
{
this.checkPermiAnd(permissionArray);
}
else
{
this.checkPermiOr(permissionArray);
}
}
/**
* 获取当前账号的角色列表
*
* @return 角色列表
*/
public Set<String> getRoleList()
{
try
{
LoginUser loginUser = getLoginUser();
return loginUser.getRoles();
}
catch (Exception e)
{
return new HashSet<>();
}
}
/**
* 获取当前账号的权限列表
*
* @return 权限列表
*/
public Set<String> getPermiList()
{
try
{
LoginUser loginUser = getLoginUser();
return loginUser.getPermissions();
}
catch (Exception e)
{
return new HashSet<>();
}
}
/**
* 判断是否包含权限
*
* @param authorities 权限列表
* @param permission 权限字符串
* @return 用户是否具备某权限
*/
public boolean hasPermi(Collection<String> authorities, String permission)
{
return authorities.stream().filter(StringUtils::hasText)
.anyMatch(x -> ALL_PERMISSION.contains(x) || PatternMatchUtils.simpleMatch(x, permission));
}
/**
* 判断是否包含角色
*
* @param roles 角色列表
* @param role 角色
* @return 用户是否具备某角色权限
*/
public boolean hasRole(Collection<String> roles, String role)
{
return roles.stream().filter(StringUtils::hasText)
.anyMatch(x -> SUPER_ADMIN.contains(x) || PatternMatchUtils.simpleMatch(x, role));
}
}

162
ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/auth/AuthUtil.java Normal file
View File

@@ -0,0 +1,162 @@
package com.ruoyi.common.security.auth;
import com.ruoyi.common.security.annotation.RequiresPermissions;
import com.ruoyi.common.security.annotation.RequiresRoles;
import com.ruoyi.system.api.model.LoginUser;
/**
* Token 权限验证工具类
*
* @author ruoyi
*/
public class AuthUtil
{
/**
* 底层的 AuthLogic 对象
*/
public static AuthLogic authLogic = new AuthLogic();
/**
* 会话注销
*/
public static void logout()
{
authLogic.logout();
}
/**
* 会话注销根据指定Token
*
* @param tokenValue 指定token
*/
public static void logoutByToken(String token)
{
authLogic.logoutByToken(token);
}
/**
* 检验当前会话是否已经登录,如未登录,则抛出异常
*/
public static void checkLogin()
{
authLogic.checkLogin();
}
/**
* 获取当前登录用户信息
*/
public static LoginUser getLoginUser(String token)
{
return authLogic.getLoginUser(token);
}
/**
* 验证当前用户有效期
*/
public static void verifyLoginUserExpire(LoginUser loginUser)
{
authLogic.verifyLoginUserExpire(loginUser);
}
/**
* 当前账号是否含有指定角色标识, 返回true或false
*
* @param role 角色标识
* @return 是否含有指定角色标识
*/
public static boolean hasRole(String role)
{
return authLogic.hasRole(role);
}
/**
* 当前账号是否含有指定角色标识, 如果验证未通过,则抛出异常: NotRoleException
*
* @param role 角色标识
*/
public static void checkRole(String role)
{
authLogic.checkRole(role);
}
/**
* 根据注解传入参数鉴权, 如果验证未通过,则抛出异常: NotRoleException
*
* @param requiresRoles 角色权限注解
*/
public static void checkRole(RequiresRoles requiresRoles)
{
authLogic.checkRole(requiresRoles);
}
/**
* 当前账号是否含有指定角色标识 [指定多个,必须全部验证通过]
*
* @param roles 角色标识数组
*/
public static void checkRoleAnd(String... roles)
{
authLogic.checkRoleAnd(roles);
}
/**
* 当前账号是否含有指定角色标识 [指定多个,只要其一验证通过即可]
*
* @param roles 角色标识数组
*/
public static void checkRoleOr(String... roles)
{
authLogic.checkRoleOr(roles);
}
/**
* 当前账号是否含有指定权限, 返回true或false
*
* @param permission 权限码
* @return 是否含有指定权限
*/
public static boolean hasPermi(String permission)
{
return authLogic.hasPermi(permission);
}
/**
* 当前账号是否含有指定权限, 如果验证未通过,则抛出异常: NotPermissionException
*
* @param permission 权限码
*/
public static void checkPermi(String permission)
{
authLogic.checkPermi(permission);
}
/**
* 根据注解传入参数鉴权, 如果验证未通过,则抛出异常: NotPermissionException
*
* @param requiresPermissions 权限注解
*/
public static void checkPermi(RequiresPermissions requiresPermissions)
{
authLogic.checkPermi(requiresPermissions);
}
/**
* 当前账号是否含有指定权限 [指定多个,必须全部验证通过]
*
* @param permissions 权限码数组
*/
public static void checkPermiAnd(String... permissions)
{
authLogic.checkPermiAnd(permissions);
}
/**
* 当前账号是否含有指定权限 [指定多个,只要其一验证通过即可]
*
* @param permissions 权限码数组
*/
public static void checkPermiOr(String... permissions)
{
authLogic.checkPermiOr(permissions);
}
}

33
ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/config/WebMvcConfig.java Normal file
View File

@@ -0,0 +1,33 @@
package com.ruoyi.common.security.config;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
import com.ruoyi.common.security.interceptor.HeaderInterceptor;
/**
* 拦截器配置
*
* @author ruoyi
*/
public class WebMvcConfig implements WebMvcConfigurer
{
/** 不需要拦截地址 */
public static final String[] excludeUrls = { "/login", "/logout", "/refresh" };
@Override
public void addInterceptors(InterceptorRegistry registry)
{
registry.addInterceptor(getHeaderInterceptor())
.addPathPatterns("/**")
.excludePathPatterns(excludeUrls)
.order(-10);
}
/**
* 自定义请求头拦截器
*/
public HeaderInterceptor getHeaderInterceptor()
{
return new HeaderInterceptor();
}
}

24
ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/handler/GlobalExceptionHandler.java
View File

@@ -11,8 +11,9 @@ import org.springframework.web.bind.annotation.RestControllerAdvice;
import com.ruoyi.common.core.constant.HttpStatus;
import com.ruoyi.common.core.exception.DemoModeException;
import com.ruoyi.common.core.exception.InnerAuthException;
import com.ruoyi.common.core.exception.PreAuthorizeException;
import com.ruoyi.common.core.exception.ServiceException;
import com.ruoyi.common.core.exception.auth.NotPermissionException;
import com.ruoyi.common.core.exception.auth.NotRoleException;
import com.ruoyi.common.core.utils.StringUtils;
import com.ruoyi.common.core.web.domain.AjaxResult;
@@ -27,14 +28,25 @@ public class GlobalExceptionHandler
private static final Logger log = LoggerFactory.getLogger(GlobalExceptionHandler.class);
/**
* 权限异常
* 权限异常
*/
@ExceptionHandler(PreAuthorizeException.class)
public AjaxResult handlePreAuthorizeException(PreAuthorizeException e, HttpServletRequest request)
@ExceptionHandler(NotPermissionException.class)
public AjaxResult handleNotPermissionException(NotPermissionException e, HttpServletRequest request)
{
String requestURI = request.getRequestURI();
log.error("请求地址'{}',权限校验失败'{}'", requestURI, e.getMessage());
return AjaxResult.error(HttpStatus.FORBIDDEN, "没有权限,请联系管理员授权");
log.error("请求地址'{}',权限校验失败'{}'", requestURI, e.getMessage());
return AjaxResult.error(HttpStatus.FORBIDDEN, "没有访问权限,请联系管理员授权");
}
/**
* 角色权限异常
*/
@ExceptionHandler(NotRoleException.class)
public AjaxResult handleNotRoleException(NotRoleException e, HttpServletRequest request)
{
String requestURI = request.getRequestURI();
log.error("请求地址'{}',角色权限校验失败'{}'", requestURI, e.getMessage());
return AjaxResult.error(HttpStatus.FORBIDDEN, "没有访问权限,请联系管理员授权");
}
/**

54
ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/interceptor/HeaderInterceptor.java Normal file
View File

@@ -0,0 +1,54 @@
package com.ruoyi.common.security.interceptor;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.AsyncHandlerInterceptor;
import com.ruoyi.common.core.constant.SecurityConstants;
import com.ruoyi.common.core.context.SecurityContextHolder;
import com.ruoyi.common.core.utils.ServletUtils;
import com.ruoyi.common.core.utils.StringUtils;
import com.ruoyi.common.security.auth.AuthUtil;
import com.ruoyi.common.security.utils.SecurityUtils;
import com.ruoyi.system.api.model.LoginUser;
/**
* 自定义请求头拦截器将Header数据封装到线程变量中方便获取
* 注意:此拦截器会同时验证当前用户有效期自动刷新有效期
*
* @author ruoyi
*/
public class HeaderInterceptor implements AsyncHandlerInterceptor
{
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception
{
if (!(handler instanceof HandlerMethod))
{
return true;
}
SecurityContextHolder.setUserId(ServletUtils.getHeader(request, SecurityConstants.DETAILS_USER_ID));
SecurityContextHolder.setUserName(ServletUtils.getHeader(request, SecurityConstants.DETAILS_USERNAME));
SecurityContextHolder.setUserKey(ServletUtils.getHeader(request, SecurityConstants.USER_KEY));
String token = SecurityUtils.getToken();
if (StringUtils.isNotEmpty(token))
{
LoginUser loginUser = AuthUtil.getLoginUser(token);
if (StringUtils.isNotNull(loginUser))
{
AuthUtil.verifyLoginUserExpire(loginUser);
SecurityContextHolder.set(SecurityConstants.LOGIN_USER, loginUser);
}
}
return true;
}
@Override
public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex)
throws Exception
{
SecurityContextHolder.remove();
}
}

82
ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/service/TokenService.java
View File

@@ -7,13 +7,14 @@ import javax.servlet.http.HttpServletRequest;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import com.ruoyi.common.core.constant.CacheConstants;
import com.ruoyi.common.core.constant.Constants;
import com.ruoyi.common.core.utils.IdUtils;
import com.ruoyi.common.core.utils.SecurityUtils;
import com.ruoyi.common.core.constant.SecurityConstants;
import com.ruoyi.common.core.utils.JwtUtils;
import com.ruoyi.common.core.utils.ServletUtils;
import com.ruoyi.common.core.utils.StringUtils;
import com.ruoyi.common.core.utils.ip.IpUtils;
import com.ruoyi.common.core.utils.uuid.IdUtils;
import com.ruoyi.common.redis.service.RedisService;
import com.ruoyi.common.security.utils.SecurityUtils;
import com.ruoyi.system.api.model.LoginUser;
/**
@@ -27,31 +28,41 @@ public class TokenService
@Autowired
private RedisService redisService;
private final static long EXPIRE_TIME = Constants.TOKEN_EXPIRE * 60;
protected static final long MILLIS_SECOND = 1000;
protected static final long MILLIS_MINUTE = 60 * MILLIS_SECOND;
private final static long expireTime = CacheConstants.EXPIRATION;
private final static String ACCESS_TOKEN = CacheConstants.LOGIN_TOKEN_KEY;
protected static final long MILLIS_SECOND = 1000;
private final static Long MILLIS_MINUTE_TEN = CacheConstants.REFRESH_TIME * MILLIS_MINUTE;
/**
* 创建令牌
*/
public Map<String, Object> createToken(LoginUser loginUser)
{
// 生成token
String token = IdUtils.fastUUID();
Long userId = loginUser.getSysUser().getUserId();
String userName = loginUser.getSysUser().getUserName();
loginUser.setToken(token);
loginUser.setUserid(loginUser.getSysUser().getUserId());
loginUser.setUsername(loginUser.getSysUser().getUserName());
loginUser.setUserid(userId);
loginUser.setUsername(userName);
loginUser.setIpaddr(IpUtils.getIpAddr(ServletUtils.getRequest()));
refreshToken(loginUser);
// 保存或更新用户token
Map<String, Object> map = new HashMap<String, Object>();
map.put("access_token", token);
map.put("expires_in", EXPIRE_TIME);
redisService.setCacheObject(ACCESS_TOKEN + token, loginUser, EXPIRE_TIME, TimeUnit.SECONDS);
return map;
// Jwt存储信息
Map<String, Object> claimsMap = new HashMap<String, Object>();
claimsMap.put(SecurityConstants.USER_KEY, token);
claimsMap.put(SecurityConstants.DETAILS_USER_ID, userId);
claimsMap.put(SecurityConstants.DETAILS_USERNAME, userName);
// 接口返回信息
Map<String, Object> rspMap = new HashMap<String, Object>();
rspMap.put("access_token", JwtUtils.createToken(claimsMap));
rspMap.put("expires_in", expireTime);
return rspMap;
}
/**
@@ -83,13 +94,20 @@ public class TokenService
*/
public LoginUser getLoginUser(String token)
{
if (StringUtils.isNotEmpty(token))
LoginUser user = null;
try
{
String userKey = getTokenKey(token);
LoginUser user = redisService.getCacheObject(userKey);
return user;
if (StringUtils.isNotEmpty(token))
{
String userkey = JwtUtils.getUserKey(token);
user = redisService.getCacheObject(getTokenKey(userkey));
return user;
}
}
return null;
catch (Exception e)
{
}
return user;
}
/**
@@ -103,12 +121,30 @@ public class TokenService
}
}
/**
* 删除用户缓存信息
*/
public void delLoginUser(String token)
{
if (StringUtils.isNotEmpty(token))
{
String userKey = getTokenKey(token);
redisService.deleteObject(userKey);
String userkey = JwtUtils.getUserKey(token);
redisService.deleteObject(getTokenKey(userkey));
}
}
/**
* 验证令牌有效期相差不足120分钟自动刷新缓存
*
* @param loginUser
*/
public void verifyToken(LoginUser loginUser)
{
long expireTime = loginUser.getExpireTime();
long currentTime = System.currentTimeMillis();
if (expireTime - currentTime <= MILLIS_MINUTE_TEN)
{
refreshToken(loginUser);
}
}
@@ -120,10 +156,10 @@ public class TokenService
public void refreshToken(LoginUser loginUser)
{
loginUser.setLoginTime(System.currentTimeMillis());
loginUser.setExpireTime(loginUser.getLoginTime() + EXPIRE_TIME * MILLIS_SECOND);
loginUser.setExpireTime(loginUser.getLoginTime() + expireTime * MILLIS_MINUTE);
// 根据uuid将loginUser缓存
String userKey = getTokenKey(loginUser.getToken());
redisService.setCacheObject(userKey, loginUser, EXPIRE_TIME, TimeUnit.SECONDS);
redisService.setCacheObject(userKey, loginUser, expireTime, TimeUnit.MINUTES);
}
private String getTokenKey(String token)

8
ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/utils/DictUtils.java
View File

@@ -2,6 +2,7 @@ package com.ruoyi.common.security.utils;
import java.util.Collection;
import java.util.List;
import com.alibaba.fastjson2.JSONArray;
import com.ruoyi.common.core.constant.Constants;
import com.ruoyi.common.core.utils.SpringUtils;
import com.ruoyi.common.core.utils.StringUtils;
@@ -34,11 +35,10 @@ public class DictUtils
*/
public static List<SysDictData> getDictCache(String key)
{
Object cacheObj = SpringUtils.getBean(RedisService.class).getCacheObject(getCacheKey(key));
if (StringUtils.isNotNull(cacheObj))
JSONArray arrayCache = SpringUtils.getBean(RedisService.class).getCacheObject(getCacheKey(key));
if (StringUtils.isNotNull(arrayCache))
{
List<SysDictData> dictDatas = StringUtils.cast(cacheObj);
return dictDatas;
return arrayCache.toList(SysDictData.class);
}
return null;
}

53
ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/utils/SecurityUtils.java → ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/utils/SecurityUtils.java
View File

@@ -1,9 +1,13 @@
package com.ruoyi.common.core.utils;
package com.ruoyi.common.security.utils;
import javax.servlet.http.HttpServletRequest;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import com.ruoyi.common.core.constant.SecurityConstants;
import com.ruoyi.common.core.text.Convert;
import com.ruoyi.common.core.constant.TokenConstants;
import com.ruoyi.common.core.context.SecurityContextHolder;
import com.ruoyi.common.core.utils.ServletUtils;
import com.ruoyi.common.core.utils.StringUtils;
import com.ruoyi.system.api.model.LoginUser;
/**
* 权限获取工具类
@@ -12,21 +16,36 @@ import com.ruoyi.common.core.text.Convert;
*/
public class SecurityUtils
{
/**
* 获取用户
*/
public static String getUsername()
{
String username = ServletUtils.getRequest().getHeader(SecurityConstants.DETAILS_USERNAME);
return ServletUtils.urlDecode(username);
}
/**
* 获取用户ID
*/
public static Long getUserId()
{
return Convert.toLong(ServletUtils.getRequest().getHeader(SecurityConstants.DETAILS_USER_ID));
return SecurityContextHolder.getUserId();
}
/**
* 获取用户名称
*/
public static String getUsername()
{
return SecurityContextHolder.getUserName();
}
/**
* 获取用户key
*/
public static String getUserKey()
{
return SecurityContextHolder.getUserKey();
}
/**
* 获取登录用户信息
*/
public static LoginUser getLoginUser()
{
return SecurityContextHolder.get(SecurityConstants.LOGIN_USER, LoginUser.class);
}
/**
@@ -42,18 +61,20 @@ public class SecurityUtils
*/
public static String getToken(HttpServletRequest request)
{
String token = request.getHeader(SecurityConstants.TOKEN_AUTHENTICATION);
// 从header获取token标识
String token = request.getHeader(TokenConstants.AUTHENTICATION);
return replaceTokenPrefix(token);
}
/**
* 替换token前缀
* 裁剪token前缀
*/
public static String replaceTokenPrefix(String token)
{
if (StringUtils.isNotEmpty(token) && token.startsWith(SecurityConstants.TOKEN_PREFIX))
// 如果前端设置了令牌前缀则裁剪掉前缀
if (StringUtils.isNotEmpty(token) && token.startsWith(TokenConstants.PREFIX))
{
token = token.replace(SecurityConstants.TOKEN_PREFIX, "");
token = token.replaceFirst(TokenConstants.PREFIX, "");
}
return token;
}

5
ruoyi-common/ruoyi-common-security/src/main/resources/META-INF/spring.factories
View File

@@ -1,5 +0,0 @@
org.springframework.boot.autoconfigure.EnableAutoConfiguration=\
com.ruoyi.common.security.service.TokenService,\
com.ruoyi.common.security.aspect.PreAuthorizeAspect,\
com.ruoyi.common.security.aspect.InnerAuthAspect,\
com.ruoyi.common.security.handler.GlobalExceptionHandler

5
ruoyi-common/ruoyi-common-security/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports Normal file
View File

@@ -0,0 +1,5 @@
com.ruoyi.common.security.config.WebMvcConfig
com.ruoyi.common.security.service.TokenService
com.ruoyi.common.security.aspect.PreAuthorizeAspect
com.ruoyi.common.security.aspect.InnerAuthAspect
com.ruoyi.common.security.handler.GlobalExceptionHandler

2
ruoyi-common/ruoyi-common-swagger/pom.xml
View File

@@ -5,7 +5,7 @@
<parent>
<groupId>com.ruoyi</groupId>
<artifactId>ruoyi-common</artifactId>
<version>3.2.0</version>
<version>3.6.0</version>
</parent>
<modelVersion>4.0.0</modelVersion>

54
ruoyi-common/ruoyi-common-swagger/src/main/java/com/ruoyi/common/swagger/config/SwaggerBeanPostProcessor.java Normal file
View File

@@ -0,0 +1,54 @@
package com.ruoyi.common.swagger.config;
import org.springframework.beans.BeansException;
import org.springframework.beans.factory.config.BeanPostProcessor;
import org.springframework.stereotype.Component;
import org.springframework.util.ReflectionUtils;
import org.springframework.web.servlet.mvc.method.RequestMappingInfoHandlerMapping;
import springfox.documentation.spring.web.plugins.WebFluxRequestHandlerProvider;
import springfox.documentation.spring.web.plugins.WebMvcRequestHandlerProvider;
import java.lang.reflect.Field;
import java.util.List;
import java.util.stream.Collectors;
/**
* swagger 在 springboot 2.6.x 不兼容问题的处理
*
* @author ruoyi
*/
@Component
public class SwaggerBeanPostProcessor implements BeanPostProcessor
{
@Override
public Object postProcessAfterInitialization(Object bean, String beanName) throws BeansException
{
if (bean instanceof WebMvcRequestHandlerProvider || bean instanceof WebFluxRequestHandlerProvider)
{
customizeSpringfoxHandlerMappings(getHandlerMappings(bean));
}
return bean;
}
private <T extends RequestMappingInfoHandlerMapping> void customizeSpringfoxHandlerMappings(List<T> mappings)
{
List<T> copy = mappings.stream().filter(mapping -> mapping.getPatternParser() == null)
.collect(Collectors.toList());
mappings.clear();
mappings.addAll(copy);
}
@SuppressWarnings("unchecked")
private List<RequestMappingInfoHandlerMapping> getHandlerMappings(Object bean)
{
try
{
Field field = ReflectionUtils.findField(bean.getClass(), "handlerMappings");
field.setAccessible(true);
return (List<RequestMappingInfoHandlerMapping>) field.get(bean);
}
catch (IllegalArgumentException | IllegalAccessException e)
{
throw new IllegalStateException(e);
}
}
}

3
ruoyi-common/ruoyi-common-swagger/src/main/resources/META-INF/spring.factories
View File

@@ -1,3 +0,0 @@
org.springframework.boot.autoconfigure.EnableAutoConfiguration=\
com.ruoyi.common.swagger.config.SwaggerAutoConfiguration,\
com.ruoyi.common.swagger.config.SwaggerWebConfiguration

3
ruoyi-common/ruoyi-common-swagger/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports Normal file
View File

@@ -0,0 +1,3 @@
com.ruoyi.common.swagger.config.SwaggerAutoConfiguration
com.ruoyi.common.swagger.config.SwaggerWebConfiguration
com.ruoyi.common.swagger.config.SwaggerBeanPostProcessor

8
ruoyi-gateway/pom.xml
View File

@@ -4,7 +4,7 @@
<parent>
<groupId>com.ruoyi</groupId>
<artifactId>ruoyi</artifactId>
<version>3.2.0</version>
<version>3.6.0</version>
</parent>
<modelVersion>4.0.0</modelVersion>
@@ -57,6 +57,12 @@
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-actuator</artifactId>
</dependency>
<!-- SpringCloud Loadbalancer -->
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-loadbalancer</artifactId>
</dependency>
<!--验证码 -->
<dependency>

4
ruoyi-gateway/src/main/java/com/ruoyi/gateway/config/KaptchaTextCreator.java
View File

@@ -20,7 +20,7 @@ public class KaptchaTextCreator extends DefaultTextCreator
int x = random.nextInt(10);
int y = random.nextInt(10);
StringBuilder suChinese = new StringBuilder();
int randomoperands = (int) Math.round(Math.random() * 2);
int randomoperands = random.nextInt(3);
if (randomoperands == 0)
{
result = x * y;
@@ -30,7 +30,7 @@ public class KaptchaTextCreator extends DefaultTextCreator
}
else if (randomoperands == 1)
{
if (!(x == 0) && y % x == 0)
if ((x != 0) && y % x == 0)
{
result = y / x;
suChinese.append(CNUMBERS[y]);

3
ruoyi-gateway/src/main/java/com/ruoyi/gateway/config/SwaggerProvider.java
View File

@@ -6,6 +6,7 @@ import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.cloud.gateway.config.GatewayProperties;
import org.springframework.cloud.gateway.route.RouteLocator;
import org.springframework.cloud.gateway.support.NameUtils;
import org.springframework.context.annotation.Lazy;
import org.springframework.stereotype.Component;
import org.springframework.web.reactive.config.ResourceHandlerRegistry;
import org.springframework.web.reactive.config.WebFluxConfigurer;
@@ -24,9 +25,11 @@ public class SwaggerProvider implements SwaggerResourcesProvider, WebFluxConfigu
* Swagger2默认的url后缀
*/
public static final String SWAGGER2URL = "/v2/api-docs";
/**
* 网关路由
*/
@Lazy
@Autowired
private RouteLocator routeLocator;

41
ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/AuthFilter.java
View File

@@ -1,26 +1,24 @@
package com.ruoyi.gateway.filter;
import javax.annotation.Resource;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.cloud.gateway.filter.GatewayFilterChain;
import org.springframework.cloud.gateway.filter.GlobalFilter;
import org.springframework.core.Ordered;
import org.springframework.data.redis.core.ValueOperations;
import org.springframework.http.server.reactive.ServerHttpRequest;
import org.springframework.stereotype.Component;
import org.springframework.web.server.ServerWebExchange;
import com.alibaba.fastjson.JSONObject;
import com.ruoyi.common.core.constant.CacheConstants;
import com.ruoyi.common.core.constant.Constants;
import com.ruoyi.common.core.constant.HttpStatus;
import com.ruoyi.common.core.constant.SecurityConstants;
import com.ruoyi.common.core.utils.SecurityUtils;
import com.ruoyi.common.core.constant.TokenConstants;
import com.ruoyi.common.core.utils.JwtUtils;
import com.ruoyi.common.core.utils.ServletUtils;
import com.ruoyi.common.core.utils.StringUtils;
import com.ruoyi.common.redis.service.RedisService;
import com.ruoyi.gateway.config.properties.IgnoreWhiteProperties;
import io.jsonwebtoken.Claims;
import reactor.core.publisher.Mono;
/**
@@ -33,18 +31,14 @@ public class AuthFilter implements GlobalFilter, Ordered
{
private static final Logger log = LoggerFactory.getLogger(AuthFilter.class);
private final static long EXPIRE_TIME = Constants.TOKEN_EXPIRE * 60;
// 排除过滤的 uri 地址nacos自行添加
@Autowired
private IgnoreWhiteProperties ignoreWhite;
@Resource(name = "stringRedisTemplate")
private ValueOperations<String, String> sops;
@Autowired
private RedisService redisService;
@Override
public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain)
{
@@ -62,22 +56,26 @@ public class AuthFilter implements GlobalFilter, Ordered
{
return unauthorizedResponse(exchange, "令牌不能为空");
}
String userStr = sops.get(getTokenKey(token));
if (StringUtils.isEmpty(userStr))
Claims claims = JwtUtils.parseToken(token);
if (claims == null)
{
return unauthorizedResponse(exchange, "令牌已过期或验证不正确!");
}
String userkey = JwtUtils.getUserKey(claims);
boolean islogin = redisService.hasKey(getTokenKey(userkey));
if (!islogin)
{
return unauthorizedResponse(exchange, "登录状态已过期");
}
JSONObject cacheObj = JSONObject.parseObject(userStr);
String userid = cacheObj.getString("userid");
String username = cacheObj.getString("username");
String userid = JwtUtils.getUserId(claims);
String username = JwtUtils.getUserName(claims);
if (StringUtils.isEmpty(userid) || StringUtils.isEmpty(username))
{
return unauthorizedResponse(exchange, "令牌验证失败");
}
// 设置过期时间
redisService.expire(getTokenKey(token), EXPIRE_TIME);
// 设置用户信息到请求
addHeader(mutate, SecurityConstants.USER_KEY, userkey);
addHeader(mutate, SecurityConstants.DETAILS_USER_ID, userid);
addHeader(mutate, SecurityConstants.DETAILS_USERNAME, username);
// 内部请求来源参数清除
@@ -120,8 +118,13 @@ public class AuthFilter implements GlobalFilter, Ordered
*/
private String getToken(ServerHttpRequest request)
{
String token = request.getHeaders().getFirst(SecurityConstants.TOKEN_AUTHENTICATION);
return SecurityUtils.replaceTokenPrefix(token);
String token = request.getHeaders().getFirst(TokenConstants.AUTHENTICATION);
// 如果前端设置了令牌前缀,则裁剪掉前缀
if (StringUtils.isNotEmpty(token) && token.startsWith(TokenConstants.PREFIX))
{
token = token.replaceFirst(TokenConstants.PREFIX, StringUtils.EMPTY);
}
return token;
}
@Override

2
ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/BlackListUrlFilter.java
View File

@@ -44,7 +44,7 @@ public class BlackListUrlFilter extends AbstractGatewayFilterFactory<BlackListUr
public boolean matchBlacklist(String url)
{
return blacklistUrlPattern.isEmpty() ? false : blacklistUrlPattern.stream().filter(p -> p.matcher(url).find()).findAny().isPresent();
return !blacklistUrlPattern.isEmpty() && blacklistUrlPattern.stream().anyMatch(p -> p.matcher(url).find());
}
public List<String> getBlacklistUrl()

Some files were not shown because too many files have changed in this diff Show More