wsy182/RuoYi-Cloud
1
1
Fork 0
mirror of https://gitee.com/y_project/RuoYi-Cloud.git synced 2026-01-28 20:41:56 +08:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: wsy182:v3.6.7
Branches Tags
wsy182:master wsy182:springboot3
wsy182:v3.6.7 wsy182:v3.6.6 wsy182:v3.6.5 wsy182:v3.6.4 wsy182:v3.6.3 wsy182:v3.6.2 wsy182:v3.6.1 wsy182:v3.6.0 wsy182:v3.5.0 wsy182:v3.4.0 wsy182:v3.3.0 wsy182:v3.2.0 wsy182:v3.1.0 wsy182:v3.0.0 wsy182:v2.5.0 wsy182:v2.4.0 wsy182:v2.3.0 wsy182:v2.2 wsy182:v2.1 wsy182:v2.0
..
compare: wsy182:d7eef05716cf5013695cdd31369216b88c4825ad
Branches Tags
wsy182:springboot3 wsy182:master
wsy182:v3.6.7 wsy182:v3.6.6 wsy182:v3.6.5 wsy182:v3.6.4 wsy182:v3.6.3 wsy182:v3.6.2 wsy182:v3.6.1 wsy182:v3.6.0 wsy182:v3.5.0 wsy182:v3.4.0 wsy182:v3.3.0 wsy182:v3.2.0 wsy182:v3.1.0 wsy182:v3.0.0 wsy182:v2.5.0 wsy182:v2.4.0 wsy182:v2.3.0 wsy182:v2.2 wsy182:v2.1 wsy182:v2.0

5 Commits
v3.6.7 ... d7eef05716

Author SHA1 Message Date
沧澜一粟
d7eef05716 Pre Merge pull request !447 from 沧澜一粟/master 2026-01-06 05:54:34 +00:00
RuoYi
e942847b89 修复Excel自定义格式样式污染问题 2026-01-06 13:54:27 +08:00
RuoYi
0b09d7c1da copyright 2026 2026-01-05 14:50:53 +08:00
RuoYi
1c0562ba18 将isAdmin方法统一到SecurityUtils 2026-01-05 14:50:37 +08:00
zxx
a394fdb84a axios升级版本到0.30.2 修复漏洞CVE-2025-58754 2025-12-26 18:23:22 +08:00
10 changed files with 36 additions and 18 deletions
Expand all files Collapse all files

5
ruoyi-api/ruoyi-api-system/src/main/java/com/ruoyi/system/api/domain/SysUser.java
View File

@@ -114,11 +114,6 @@ public class SysUser extends BaseEntity
}
public boolean isAdmin()
{
return isAdmin(this.userId);
}
public static boolean isAdmin(Long userId)
{
return UserConstants.isAdmin(userId);
}

17
ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/utils/poi/ExcelUtil.java
View File

@@ -1003,7 +1003,7 @@ public class ExcelUtil<T>
String separator = attr.separator();
if (StringUtils.isNotEmpty(dateFormat) && StringUtils.isNotNull(value))
{
cell.getCellStyle().setDataFormat(this.wb.getCreationHelper().createDataFormat().getFormat(dateFormat));
cell.setCellStyle(createCellStyle(cell.getCellStyle(), dateFormat));
cell.setCellValue(parseDateToStr(dateFormat, value));
}
else if (StringUtils.isNotEmpty(readConverterExp) && StringUtils.isNotNull(value))
@@ -1033,6 +1033,21 @@ public class ExcelUtil<T>
return cell;
}
/**
* 使用自定义格式,同时避免样式污染
*
* @param cellStyle 从此样式复制
* @param format 格式匹配的字符串
* @return 格式化后CellStyle对象
*/
private CellStyle createCellStyle(CellStyle cellStyle, String format)
{
CellStyle style = wb.createCellStyle();
style.cloneStyleFrom(cellStyle);
style.setDataFormat(wb.getCreationHelper().createDataFormat().getFormat(format));
return style;
}
/**
* 设置 POI XSSFSheet 单元格提示或选择框
*

13
ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/utils/SecurityUtils.java
View File

@@ -4,6 +4,7 @@ import javax.servlet.http.HttpServletRequest;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import com.ruoyi.common.core.constant.SecurityConstants;
import com.ruoyi.common.core.constant.TokenConstants;
import com.ruoyi.common.core.constant.UserConstants;
import com.ruoyi.common.core.context.SecurityContextHolder;
import com.ruoyi.common.core.utils.ServletUtils;
import com.ruoyi.common.core.utils.StringUtils;
@@ -79,6 +80,16 @@ public class SecurityUtils
return token;
}
/**
* 是否为管理员
*
* @return 结果
*/
public static boolean isAdmin()
{
return isAdmin(getUserId());
}
/**
* 是否为管理员
*
@@ -87,7 +98,7 @@ public class SecurityUtils
*/
public static boolean isAdmin(Long userId)
{
return userId != null && 1L == userId;
return UserConstants.isAdmin(userId);
}
/**

4
ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysUserController.java
View File

@@ -235,7 +235,7 @@ public class SysUserController extends BaseController
ajax.put("roleIds", sysUser.getRoles().stream().map(SysRole::getRoleId).collect(Collectors.toList()));
}
List<SysRole> roles = roleService.selectRoleAll();
ajax.put("roles", SysUser.isAdmin(userId) ? roles : roles.stream().filter(r -> !r.isAdmin()).collect(Collectors.toList()));
ajax.put("roles", SecurityUtils.isAdmin(userId) ? roles : roles.stream().filter(r -> !r.isAdmin()).collect(Collectors.toList()));
ajax.put("posts", postService.selectPostAll());
return ajax;
}
@@ -350,7 +350,7 @@ public class SysUserController extends BaseController
SysUser user = userService.selectUserById(userId);
List<SysRole> roles = roleService.selectRolesByUserId(userId);
ajax.put("user", user);
ajax.put("roles", SysUser.isAdmin(userId) ? roles : roles.stream().filter(r -> !r.isAdmin()).collect(Collectors.toList()));
ajax.put("roles", SecurityUtils.isAdmin(userId) ? roles : roles.stream().filter(r -> !r.isAdmin()).collect(Collectors.toList()));
return ajax;
}

3
ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysDeptServiceImpl.java
View File

@@ -15,7 +15,6 @@ import com.ruoyi.common.datascope.annotation.DataScope;
import com.ruoyi.common.security.utils.SecurityUtils;
import com.ruoyi.system.api.domain.SysDept;
import com.ruoyi.system.api.domain.SysRole;
import com.ruoyi.system.api.domain.SysUser;
import com.ruoyi.system.domain.vo.TreeSelect;
import com.ruoyi.system.mapper.SysDeptMapper;
import com.ruoyi.system.mapper.SysRoleMapper;
@@ -190,7 +189,7 @@ public class SysDeptServiceImpl implements ISysDeptService
@Override
public void checkDeptDataScope(Long deptId)
{
if (!SysUser.isAdmin(SecurityUtils.getUserId()) && StringUtils.isNotNull(deptId))
if (!SecurityUtils.isAdmin() && StringUtils.isNotNull(deptId))
{
SysDept dept = new SysDept();
dept.setDeptId(deptId);

3
ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysMenuServiceImpl.java
View File

@@ -15,7 +15,6 @@ import com.ruoyi.common.core.constant.UserConstants;
import com.ruoyi.common.core.utils.StringUtils;
import com.ruoyi.common.security.utils.SecurityUtils;
import com.ruoyi.system.api.domain.SysRole;
import com.ruoyi.system.api.domain.SysUser;
import com.ruoyi.system.domain.SysMenu;
import com.ruoyi.system.domain.vo.MetaVo;
import com.ruoyi.system.domain.vo.RouterVo;
@@ -67,7 +66,7 @@ public class SysMenuServiceImpl implements ISysMenuService
{
List<SysMenu> menuList = null;
// 管理员显示所有菜单信息
if (SysUser.isAdmin(userId))
if (SecurityUtils.isAdmin(userId))
{
menuList = menuMapper.selectMenuList(menu);
}

3
ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysRoleServiceImpl.java
View File

@@ -15,7 +15,6 @@ import com.ruoyi.common.core.utils.StringUtils;
import com.ruoyi.common.datascope.annotation.DataScope;
import com.ruoyi.common.security.utils.SecurityUtils;
import com.ruoyi.system.api.domain.SysRole;
import com.ruoyi.system.api.domain.SysUser;
import com.ruoyi.system.domain.SysRoleDept;
import com.ruoyi.system.domain.SysRoleMenu;
import com.ruoyi.system.domain.SysUserRole;
@@ -197,7 +196,7 @@ public class SysRoleServiceImpl implements ISysRoleService
@Override
public void checkRoleDataScope(Long... roleIds)
{
if (!SysUser.isAdmin(SecurityUtils.getUserId()))
if (!SecurityUtils.isAdmin())
{
for (Long roleId : roleIds)
{

2
ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysUserServiceImpl.java
View File

@@ -238,7 +238,7 @@ public class SysUserServiceImpl implements ISysUserService
@Override
public void checkUserDataScope(Long userId)
{
if (!SysUser.isAdmin(SecurityUtils.getUserId()))
if (!SecurityUtils.isAdmin())
{
SysUser user = new SysUser();
user.setUserId(userId);

2
ruoyi-ui/package.json
View File

@@ -25,7 +25,7 @@
},
"dependencies": {
"@riophae/vue-treeselect": "0.4.0",
"axios": "0.28.1",
"axios": "0.30.2",
"clipboard": "2.0.8",
"core-js": "3.37.1",
"echarts": "5.4.0",

2
ruoyi-ui/src/settings.js
View File

@@ -52,5 +52,5 @@ module.exports = {
/**
* 底部版权文本内容
*/
footerContent: 'Copyright © 2018-2025 RuoYi. All Rights Reserved.'
footerContent: 'Copyright © 2018-2026 RuoYi. All Rights Reserved.'
}