添加菜单路由地址和名称的校验规则

优化防重提交间隔时间可自定义
修复Excel自定义格式样式污染问题
2026-01-09 11:19:02 +08:00 · 2026-01-08 13:42:00 +08:00 · 2026-01-06 13:54:27 +08:00 · 2026-01-05 14:50:53 +08:00 · 2026-01-05 14:50:37 +08:00
14 changed files with 134 additions and 38 deletions
--- a/ruoyi-api/ruoyi-api-system/src/main/java/com/ruoyi/system/api/domain/SysUser.java
+++ b/ruoyi-api/ruoyi-api-system/src/main/java/com/ruoyi/system/api/domain/SysUser.java
@ -114,11 +114,6 @@ public class SysUser extends BaseEntity
    }

    public boolean isAdmin()
-    {
-        return isAdmin(this.userId);
-    }
-
-    public static boolean isAdmin(Long userId)
    {
        return UserConstants.isAdmin(userId);
    }
--- a/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/utils/poi/ExcelUtil.java
+++ b/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/utils/poi/ExcelUtil.java
@ -1003,7 +1003,7 @@ public class ExcelUtil<T>
                String separator = attr.separator();
                if (StringUtils.isNotEmpty(dateFormat) && StringUtils.isNotNull(value))
                {
-                    cell.getCellStyle().setDataFormat(this.wb.getCreationHelper().createDataFormat().getFormat(dateFormat));
+                    cell.setCellStyle(createCellStyle(cell.getCellStyle(), dateFormat));
                    cell.setCellValue(parseDateToStr(dateFormat, value));
                }
                else if (StringUtils.isNotEmpty(readConverterExp) && StringUtils.isNotNull(value))
@ -1033,6 +1033,21 @@ public class ExcelUtil<T>
        return cell;
    }

+    /**
+     * 使用自定义格式，同时避免样式污染
+     * 
+     * @param cellStyle 从此样式复制
+     * @param format 格式匹配的字符串
+     * @return 格式化后CellStyle对象
+     */
+    private CellStyle createCellStyle(CellStyle cellStyle, String format)
+    {
+        CellStyle style = wb.createCellStyle();
+        style.cloneStyleFrom(cellStyle);
+        style.setDataFormat(wb.getCreationHelper().createDataFormat().getFormat(format));
+        return style;
+    }
+
    /**
     * 设置 POI XSSFSheet 单元格提示或选择框
     * 
--- a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/utils/SecurityUtils.java
+++ b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/utils/SecurityUtils.java
@ -4,6 +4,7 @@ import javax.servlet.http.HttpServletRequest;
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import com.ruoyi.common.core.constant.SecurityConstants;
 import com.ruoyi.common.core.constant.TokenConstants;
+import com.ruoyi.common.core.constant.UserConstants;
 import com.ruoyi.common.core.context.SecurityContextHolder;
 import com.ruoyi.common.core.utils.ServletUtils;
 import com.ruoyi.common.core.utils.StringUtils;
@ -79,6 +80,16 @@ public class SecurityUtils
        return token;
    }

+    /**
+     * 是否为管理员
+     * 
+     * @return 结果
+     */
+    public static boolean isAdmin()
+    {
+        return isAdmin(getUserId());
+    }
+
    /**
     * 是否为管理员
     * 
@ -87,7 +98,7 @@ public class SecurityUtils
     */
    public static boolean isAdmin(Long userId)
    {
-        return userId != null && 1L == userId;
+        return UserConstants.isAdmin(userId);
    }

    /**
--- a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysMenuController.java
+++ b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysMenuController.java
@ -97,6 +97,10 @@ public class SysMenuController extends BaseController
        {
            return error("新增菜单'" + menu.getMenuName() + "'失败，地址必须以http(s)://开头");
        }
+        else if (!menuService.checkRouteConfigUnique(menu))
+        {
+            return error("新增菜单'" + menu.getMenuName() + "'失败，路由名称或地址已存在");
+        }
        menu.setCreateBy(SecurityUtils.getUsername());
        return toAjax(menuService.insertMenu(menu));
    }
@ -121,6 +125,10 @@ public class SysMenuController extends BaseController
        {
            return error("修改菜单'" + menu.getMenuName() + "'失败，上级菜单不能选择自己");
        }
+        else if (!menuService.checkRouteConfigUnique(menu))
+        {
+            return error("修改菜单'" + menu.getMenuName() + "'失败，路由名称或地址已存在");
+        }
        menu.setUpdateBy(SecurityUtils.getUsername());
        return toAjax(menuService.updateMenu(menu));
    }
--- a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysUserController.java
+++ b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysUserController.java
@ -235,7 +235,7 @@ public class SysUserController extends BaseController
            ajax.put("roleIds", sysUser.getRoles().stream().map(SysRole::getRoleId).collect(Collectors.toList()));
        }
        List<SysRole> roles = roleService.selectRoleAll();
-        ajax.put("roles", SysUser.isAdmin(userId) ? roles : roles.stream().filter(r -> !r.isAdmin()).collect(Collectors.toList()));
+        ajax.put("roles", SecurityUtils.isAdmin(userId) ? roles : roles.stream().filter(r -> !r.isAdmin()).collect(Collectors.toList()));
        ajax.put("posts", postService.selectPostAll());
        return ajax;
    }
@ -350,7 +350,7 @@ public class SysUserController extends BaseController
        SysUser user = userService.selectUserById(userId);
        List<SysRole> roles = roleService.selectRolesByUserId(userId);
        ajax.put("user", user);
-        ajax.put("roles", SysUser.isAdmin(userId) ? roles : roles.stream().filter(r -> !r.isAdmin()).collect(Collectors.toList()));
+        ajax.put("roles", SecurityUtils.isAdmin(userId) ? roles : roles.stream().filter(r -> !r.isAdmin()).collect(Collectors.toList()));
        return ajax;
    }

--- a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/mapper/SysMenuMapper.java
+++ b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/mapper/SysMenuMapper.java
@ -122,4 +122,13 @@ public interface SysMenuMapper
     * @return 结果
     */
    public SysMenu checkMenuNameUnique(@Param("menuName") String menuName, @Param("parentId") Long parentId);
+
+    /**
+     * 根据路由路径或名称查询菜单信息（用于唯一性校验）
+     *
+     * @param path 路由地址
+     * @param routeName 路由名称
+     * @return 匹配的菜单列表
+     */
+    public List<SysMenu> selectMenusByPathOrRouteName(@Param("path") String path, @Param("routeName") String routeName);
 }
--- a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/service/ISysMenuService.java
+++ b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/service/ISysMenuService.java
@ -141,4 +141,12 @@ public interface ISysMenuService
     * @return 结果
     */
    public boolean checkMenuNameUnique(SysMenu menu);
+
+    /**
+     * 校验路由组合是否唯一
+     *
+     * @param menu 菜单信息
+     * @return 结果
+     */
+    public boolean checkRouteConfigUnique(SysMenu menu);
 }
--- a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysDeptServiceImpl.java
+++ b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysDeptServiceImpl.java
@ -15,7 +15,6 @@ import com.ruoyi.common.datascope.annotation.DataScope;
 import com.ruoyi.common.security.utils.SecurityUtils;
 import com.ruoyi.system.api.domain.SysDept;
 import com.ruoyi.system.api.domain.SysRole;
-import com.ruoyi.system.api.domain.SysUser;
 import com.ruoyi.system.domain.vo.TreeSelect;
 import com.ruoyi.system.mapper.SysDeptMapper;
 import com.ruoyi.system.mapper.SysRoleMapper;
@ -190,7 +189,7 @@ public class SysDeptServiceImpl implements ISysDeptService
    @Override
    public void checkDeptDataScope(Long deptId)
    {
-        if (!SysUser.isAdmin(SecurityUtils.getUserId()) && StringUtils.isNotNull(deptId))
+        if (!SecurityUtils.isAdmin() && StringUtils.isNotNull(deptId))
        {
            SysDept dept = new SysDept();
            dept.setDeptId(deptId);
--- a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysMenuServiceImpl.java
+++ b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysMenuServiceImpl.java
@ -8,6 +8,8 @@ import java.util.LinkedList;
 import java.util.List;
 import java.util.Set;
 import java.util.stream.Collectors;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 import com.ruoyi.common.core.constant.Constants;
@ -15,7 +17,6 @@ import com.ruoyi.common.core.constant.UserConstants;
 import com.ruoyi.common.core.utils.StringUtils;
 import com.ruoyi.common.security.utils.SecurityUtils;
 import com.ruoyi.system.api.domain.SysRole;
-import com.ruoyi.system.api.domain.SysUser;
 import com.ruoyi.system.domain.SysMenu;
 import com.ruoyi.system.domain.vo.MetaVo;
 import com.ruoyi.system.domain.vo.RouterVo;
@ -33,8 +34,12 @@ import com.ruoyi.system.service.ISysMenuService;
@Service
 public class SysMenuServiceImpl implements ISysMenuService
 {
+    private static final Logger log = LoggerFactory.getLogger(SysMenuServiceImpl.class);
+
    public static final String PREMISSION_STRING = "perms[\"{0}\"]";

+    public static final Long MENU_ROOT_ID = 0L;
+
    @Autowired
    private SysMenuMapper menuMapper;

@ -67,7 +72,7 @@ public class SysMenuServiceImpl implements ISysMenuService
    {
        List<SysMenu> menuList = null;
        // 管理员显示所有菜单信息
-        if (SysUser.isAdmin(userId))
+        if (SecurityUtils.isAdmin(userId))
        {
            menuList = menuMapper.selectMenuList(menu);
        }
@ -139,7 +144,7 @@ public class SysMenuServiceImpl implements ISysMenuService
        {
            menus = menuMapper.selectMenuTreeByUserId(userId);
        }
-        return getChildPerms(menus, 0);
+        return getChildPerms(menus, MENU_ROOT_ID);
    }

    /**
@ -194,7 +199,7 @@ public class SysMenuServiceImpl implements ISysMenuService
                childrenList.add(children);
                router.setChildren(childrenList);
            }
-            else if (menu.getParentId().intValue() == 0 && isInnerLink(menu))
+            else if (menu.getParentId().intValue() == MENU_ROOT_ID && isInnerLink(menu))
            {
                router.setMeta(new MetaVo(menu.getMenuName(), menu.getIcon()));
                router.setPath("/");
@ -346,6 +351,47 @@ public class SysMenuServiceImpl implements ISysMenuService
        return UserConstants.UNIQUE;
    }

+    /**
+     * 校验路由名称是否唯一
+     *
+     * @param menu 菜单信息
+     * @return 结果
+     */
+    @Override
+    public boolean checkRouteConfigUnique(SysMenu menu)
+    {
+        Long menuId = StringUtils.isNull(menu.getMenuId()) ? -1L : menu.getMenuId();
+        Long parentId = menu.getParentId();
+        String path = menu.getPath();
+        String routeName = StringUtils.isEmpty(menu.getRouteName()) ? path : menu.getRouteName();
+        List<SysMenu> sysMenuList = menuMapper.selectMenusByPathOrRouteName(path, routeName);
+        for (SysMenu sysMenu : sysMenuList)
+        {
+            if (sysMenu.getMenuId().longValue() != menuId.longValue())
+            {
+                Long dbParentId = sysMenu.getParentId();
+                String dbPath = sysMenu.getPath();
+                String dbRouteName = StringUtils.isEmpty(sysMenu.getRouteName()) ? dbPath : sysMenu.getRouteName();
+                if (StringUtils.equalsAnyIgnoreCase(path, dbPath) && parentId.longValue() == dbParentId.longValue())
+                {
+                    log.warn("[同级路由冲突] 同级下已存在相同路由路径 '{}'，冲突菜单：{}", dbPath, sysMenu.getMenuName());
+                    return UserConstants.NOT_UNIQUE;
+                }
+                else if (StringUtils.equalsAnyIgnoreCase(path, dbPath) && parentId.longValue() == MENU_ROOT_ID)
+                {
+                    log.warn("[根目录路由冲突] 根目录下路由 '{}' 必须唯一，已被菜单 '{}' 占用", path, sysMenu.getMenuName());
+                    return UserConstants.NOT_UNIQUE;
+                }
+                else if (StringUtils.equalsAnyIgnoreCase(routeName, dbRouteName))
+                {
+                    log.warn("[路由名称冲突] 路由名称 '{}' 需全局唯一，已被菜单 '{}' 使用", routeName, sysMenu.getMenuName());
+                    return UserConstants.NOT_UNIQUE;
+                }
+            }
+        }
+        return UserConstants.UNIQUE;
+    }
+
    /**
     * 获取路由名称
     * 
@ -385,12 +431,12 @@ public class SysMenuServiceImpl implements ISysMenuService
    {
        String routerPath = menu.getPath();
        // 内链打开外网方式
-        if (menu.getParentId().intValue() != 0 && isInnerLink(menu))
+        if (menu.getParentId().intValue() != MENU_ROOT_ID && isInnerLink(menu))
        {
            routerPath = innerLinkReplaceEach(routerPath);
        }
        // 非外链并且是一级目录（类型为目录）
-        if (0 == menu.getParentId().intValue() && UserConstants.TYPE_DIR.equals(menu.getMenuType())
+        if (MENU_ROOT_ID == menu.getParentId().intValue() && UserConstants.TYPE_DIR.equals(menu.getMenuType())
                && UserConstants.NO_FRAME.equals(menu.getIsFrame()))
        {
            routerPath = "/" + menu.getPath();
@ -416,7 +462,7 @@ public class SysMenuServiceImpl implements ISysMenuService
        {
            component = menu.getComponent();
        }
-        else if (StringUtils.isEmpty(menu.getComponent()) && menu.getParentId().intValue() != 0 && isInnerLink(menu))
+        else if (StringUtils.isEmpty(menu.getComponent()) && menu.getParentId().intValue() != MENU_ROOT_ID && isInnerLink(menu))
        {
            component = UserConstants.INNER_LINK;
        }
@ -435,10 +481,21 @@ public class SysMenuServiceImpl implements ISysMenuService
     */
    public boolean isMenuFrame(SysMenu menu)
    {
-        return menu.getParentId().intValue() == 0 && UserConstants.TYPE_MENU.equals(menu.getMenuType())
+        return menu.getParentId().intValue() == MENU_ROOT_ID && UserConstants.TYPE_MENU.equals(menu.getMenuType())
                && menu.getIsFrame().equals(UserConstants.NO_FRAME);
    }

+    /**
+     * 是否为parent_view组件
+     * 
+     * @param menu 菜单信息
+     * @return 结果
+     */
+    public boolean isParentView(SysMenu menu)
+    {
+        return menu.getParentId().intValue() != MENU_ROOT_ID && UserConstants.TYPE_DIR.equals(menu.getMenuType());
+    }
+
    /**
     * 是否为内链组件
     * 
@ -450,17 +507,6 @@ public class SysMenuServiceImpl implements ISysMenuService
        return menu.getIsFrame().equals(UserConstants.NO_FRAME) && StringUtils.ishttp(menu.getPath());
    }

-    /**
-     * 是否为parent_view组件
-     * 
-     * @param menu 菜单信息
-     * @return 结果
-     */
-    public boolean isParentView(SysMenu menu)
-    {
-        return menu.getParentId().intValue() != 0 && UserConstants.TYPE_DIR.equals(menu.getMenuType());
-    }
-
    /**
     * 根据父节点的ID获取所有子节点
     * 
@ -468,7 +514,7 @@ public class SysMenuServiceImpl implements ISysMenuService
     * @param parentId 传入的父节点ID
     * @return String
     */
-    public List<SysMenu> getChildPerms(List<SysMenu> list, int parentId)
+    public List<SysMenu> getChildPerms(List<SysMenu> list, long parentId)
    {
        List<SysMenu> returnList = new ArrayList<SysMenu>();
        for (Iterator<SysMenu> iterator = list.iterator(); iterator.hasNext();)
--- a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysRoleServiceImpl.java
+++ b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysRoleServiceImpl.java
@ -15,7 +15,6 @@ import com.ruoyi.common.core.utils.StringUtils;
 import com.ruoyi.common.datascope.annotation.DataScope;
 import com.ruoyi.common.security.utils.SecurityUtils;
 import com.ruoyi.system.api.domain.SysRole;
-import com.ruoyi.system.api.domain.SysUser;
 import com.ruoyi.system.domain.SysRoleDept;
 import com.ruoyi.system.domain.SysRoleMenu;
 import com.ruoyi.system.domain.SysUserRole;
@ -197,7 +196,7 @@ public class SysRoleServiceImpl implements ISysRoleService
    @Override
    public void checkRoleDataScope(Long... roleIds)
    {
-        if (!SysUser.isAdmin(SecurityUtils.getUserId()))
+        if (!SecurityUtils.isAdmin())
        {
            for (Long roleId : roleIds)
            {
--- a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysUserServiceImpl.java
+++ b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysUserServiceImpl.java
@ -238,7 +238,7 @@ public class SysUserServiceImpl implements ISysUserService
    @Override
    public void checkUserDataScope(Long userId)
    {
-        if (!SysUser.isAdmin(SecurityUtils.getUserId()))
+        if (!SecurityUtils.isAdmin())
        {
            SysUser user = new SysUser();
            user.setUserId(userId);
--- a/ruoyi-modules/ruoyi-system/src/main/resources/mapper/system/SysMenuMapper.xml
+++ b/ruoyi-modules/ruoyi-system/src/main/resources/mapper/system/SysMenuMapper.xml
@ -130,7 +130,12 @@
 	
 	<select id="checkMenuNameUnique" parameterType="SysMenu" resultMap="SysMenuResult">
 		<include refid="selectMenuVo"/>
-		where menu_name=#{menuName} and parent_id = #{parentId} limit 1
+		where menu_name= #{menuName} and parent_id = #{parentId} limit 1
+	</select>
+	
+	<select id="selectMenusByPathOrRouteName" parameterType="SysMenu" resultMap="SysMenuResult">
+		<include refid="selectMenuVo"/>
+		where menu_type in ('M', 'C') and (path = #{path} or path = #{routeName} or route_name = #{path} or route_name = #{routeName})
 	</select>
 	
 	<update id="updateMenu" parameterType="SysMenu">
--- a/ruoyi-ui/src/settings.js
+++ b/ruoyi-ui/src/settings.js
@ -52,5 +52,5 @@ module.exports = {
  /**
   * 底部版权文本内容
   */
-  footerContent: 'Copyright © 2018-2025 RuoYi. All Rights Reserved.'
+  footerContent: 'Copyright © 2018-2026 RuoYi. All Rights Reserved.'
 }
--- a/ruoyi-ui/src/utils/request.js
+++ b/ruoyi-ui/src/utils/request.js
@ -26,6 +26,8 @@ service.interceptors.request.use(config => {
  const isToken = (config.headers || {}).isToken === false
  // 是否需要防止数据重复提交
  const isRepeatSubmit = (config.headers || {}).repeatSubmit === false
+  // 间隔时间(ms)，小于此时间视为重复提交
+  const interval = (config.headers || {}).interval || 1000
  if (getToken() && !isToken) {
    config.headers['Authorization'] = 'Bearer ' + getToken() // 让每个请求携带自定义token 请根据实际情况自行修改
  }
@ -55,7 +57,6 @@ service.interceptors.request.use(config => {
      const s_url = sessionObj.url                  // 请求地址
      const s_data = sessionObj.data                // 请求数据
      const s_time = sessionObj.time                // 请求时间
-      const interval = 1000                         // 间隔时间(ms)，小于此时间视为重复提交
      if (s_data === requestObj.data && requestObj.time - s_time < interval && s_url === requestObj.url) {
        const message = '数据正在处理，请勿重复提交'
        console.warn(`[${s_url}]: ` + message)
@ -115,7 +116,7 @@ service.interceptors.response.use(res => {
    } else if (message.includes("timeout")) {
      message = "系统接口请求超时"
    } else if (message.includes("Request failed with status code")) {
-      message = "系统接口" + message.substr(message.length - 3) + "异常"
+      message = "系统接口" + message.slice(-3) + "异常"
    }
    Message({ message: message, type: 'error', duration: 5 * 1000 })
    return Promise.reject(error)
Author	SHA1	Message	Date
RuoYi	5d54693b27	添加菜单路由地址和名称的校验规则	2026-01-09 11:19:02 +08:00
RuoYi	cfd619fa4f	优化防重提交间隔时间可自定义	2026-01-08 13:42:00 +08:00
RuoYi	e942847b89	修复Excel自定义格式样式污染问题	2026-01-06 13:54:27 +08:00
RuoYi	0b09d7c1da	copyright 2026	2026-01-05 14:50:53 +08:00
RuoYi	1c0562ba18	将isAdmin方法统一到SecurityUtils	2026-01-05 14:50:37 +08:00