From 4470052c3b6bdeb18e45987f8aa293d1e93d0552 Mon Sep 17 00:00:00 2001
From: Ludc <2870569285@qq.com>
Date: 星期二, 18 十一月 2025 11:59:12 +0800
Subject: [PATCH] 所有文件上传接口增加文件安全校验逻辑。
---
Source/UBCS/ubcs-service/ubcs-code/src/main/java/com/vci/ubcs/code/service/impl/CodeClassifyServiceImpl.java | 69 +++++++++++++++++++++++-----------
1 files changed, 47 insertions(+), 22 deletions(-)
diff --git a/Source/UBCS/ubcs-service/ubcs-code/src/main/java/com/vci/ubcs/code/service/impl/CodeClassifyServiceImpl.java b/Source/UBCS/ubcs-service/ubcs-code/src/main/java/com/vci/ubcs/code/service/impl/CodeClassifyServiceImpl.java
index 04d1501..43a3678 100644
--- a/Source/UBCS/ubcs-service/ubcs-code/src/main/java/com/vci/ubcs/code/service/impl/CodeClassifyServiceImpl.java
+++ b/Source/UBCS/ubcs-service/ubcs-code/src/main/java/com/vci/ubcs/code/service/impl/CodeClassifyServiceImpl.java
@@ -49,6 +49,7 @@
import com.vci.ubcs.starter.web.util.LangBaseUtil;
import com.vci.ubcs.starter.web.util.VciBaseUtil;
import com.vci.ubcs.system.cache.NacosConfigCache;
+import com.vci.ubcs.system.dto.ClassifyAuthDTO;
import com.vci.ubcs.system.feign.ISysClient;
import org.apache.poi.hssf.util.HSSFColor;
import org.slf4j.Logger;
@@ -71,12 +72,9 @@
import java.awt.event.ItemEvent;
import java.io.File;
import java.util.*;
-import java.util.concurrent.ForkJoinPool;
import java.util.stream.Collectors;
-import java.util.stream.Stream;
import static com.vci.ubcs.code.constant.FrameWorkDefaultValueConstant.*;
-import static com.vci.ubcs.starter.web.util.VciBaseUtil.getTableName;
@Service
public class CodeClassifyServiceImpl extends ServiceImpl<CodeClassifyMapper, CodeClassify> implements ICodeClassifyService {
@@ -119,14 +117,10 @@
private CodeBasicSecMapper codeBasicSecMapper;
/**
- * 鑷畾涔夊苟鍙慒orkJoinPool
- */
- private static final ForkJoinPool customForkJoinPool = new ForkJoinPool(Runtime.getRuntime().availableProcessors()-1);
-
- /**
* 涓婄骇鑺傜偣鐨勫睘鎬у悕绉�
*/
public static final String PARENT_FIELD_NAME = "parentCodeClassifyOid";
+
/**
* 浣跨敤鏌ヨ灏佽鍣ㄦ潵鏌ヨ
* @param wrapper 鏌ヨ灏佽鍣�
@@ -163,6 +157,7 @@
* @param
*/
@Override
+ @Transactional(rollbackFor = Exception.class)
public R addSave(CodeClassify codeClassifyEntity) {
try {
VciBaseUtil.alertNotNull(codeClassifyEntity.getId(),"涓婚搴撶紪鍙蜂笉鑳戒负绌猴紒",codeClassifyEntity.getName(),"涓婚搴撳悕绉颁笉鑳戒负绌猴紒");
@@ -189,8 +184,19 @@
}
DefaultAttrAssimtUtil.addDefaultAttrAssimt(codeClassifyEntity, MdmBtmTypeConstant.CODE_CLASSIFY);
codeClassifyEntity.setLcStatus(FRAMEWORK_DATA_ENABLED);
- int insertNumber = codeClassifyMapper.insert(codeClassifyEntity);
- return R.status(SqlHelper.retBool(insertNumber));
+ boolean resBoolean = SqlHelper.retBool(codeClassifyMapper.insert(codeClassifyEntity));
+ if (!resBoolean) {
+ return R.status(resBoolean);
+ }
+ // 鍒嗙被娣诲姞鎴愬姛锛岀粰绯荤粺绠$悊鍛樺拰褰撳墠瑙掕壊澧炲姞鍒嗙被鏉冮檺鍜屾暟鎹潈闄�
+ ClassifyAuthDTO classifyAuthDTO = new ClassifyAuthDTO();
+ classifyAuthDTO.setClassifyId(codeClassifyEntity.getOid());
+// classifyAuthDTO.setClassId(codeClassifyEntity.getId());
+ R r = sysClient.saveAddClassifyDefaultAuth(classifyAuthDTO);
+ if (!r.isSuccess()) {
+ throw new ServiceException("缁欒鑹叉巿浜堥粯璁ゆ潈闄愭椂鍑虹幇閿欒锛屽師鍥狅細"+r.getMsg());
+ }
+ return R.status(resBoolean);
}
/**
@@ -567,6 +573,7 @@
}
if(StringUtils.isNotBlank(id) || StringUtils.isNotBlank(lcStatus) ){
//String tableName = this.getTableName(treeQueryObject.getConditionMap().get("btmTypeId"),treeQueryObject.getConditionMap().get("id"), treeQueryObject.getConditionMap().get("lcStatus"));
+ // TODO: 2024-1-24 23:25鎴戝幓鎺変簡鎳掑姞杞斤紝鍥犱负浼氬奖鍝嶆暟鎹巿鏉冭繃婊ゅ拰鍒嗙被鎼滅储鍔熻兘锛岃�屼笖杩欏効鎰熻娌″繀瑕佸仛鎳掑姞杞�
doList = codeClassifyMapper
.selectCodeClassifyDOByTree(
treeQueryObject.getConditionMap().get("id"),
@@ -593,16 +600,18 @@
// 闈炶秴绠¤繃婊ゆ湭鎺堟潈鐨勫垎绫�
if(!VciBaseUtil.checkAdminTenant()){
// 閭d簺鍒嗙被鍏峰鏌ョ湅鏉冮檺
- R<List<String>> viewClassByRoleIds = sysClient.getViewClassByRoleIds(Arrays.asList(AuthUtil.getUser().getRoleId().split(",")),treeQueryObject.getConditionMap().getOrDefault("authType","classify_auth"),treeQueryObject.getConditionMap().getOrDefault("menuCode","classify_view"));
+ R<List<String>> viewClassByRoleIds = sysClient.getViewClassByRoleIds(
+ Arrays.asList(AuthUtil.getUser().getRoleId().split(",")),
+ treeQueryObject.getConditionMap().getOrDefault("authType","classify_auth"),
+ treeQueryObject.getConditionMap().getOrDefault("buttonCode","classify_view"),
+ treeQueryObject.getConditionMap().getOrDefault("menuCode","classifyTree")
+ );
// 璇锋眰澶辫触鎴栬�呰姹傚緱鍒扮殑鍏峰鏌ョ湅鏉冮檺鐨勫垎绫籭d闆嗗悎涓虹┖
if(!viewClassByRoleIds.isSuccess() && viewClassByRoleIds.getData().isEmpty()){
throw new ServiceException("涓绘暟鎹煡鐪嬫潈闄愭湭閰嶇疆锛屾垨閰嶇疆鏈夎锛�");
}
- long startTime = System.currentTimeMillis();
// 杩囨护
filterTreeNodes(tree,viewClassByRoleIds.getData());
- long endTime = System.currentTimeMillis();
- System.out.println(("鎵ц鏃堕棿锛�"+(endTime-startTime)/1000)+"s");
}
// 鍔犺浇鍒嗙被鏄惁鍏锋湁瀛愬垎绫�
tree.parallelStream().forEach(item -> {
@@ -624,7 +633,7 @@
/*Boolean checkHasChild = checkHasChild(tree.getOid());
tree.setLeaf(!checkHasChild);*/
if (classifyIds.contains(tree.getOid())) {
- // 濡傛灉椤跺眰鑺傜偣瀛樺湪浜� classifyIds 涓紝鐩存帴淇濈暀鍏跺瓙鑺傜偣闆嗗悎
+ // 濡傛灉椤跺眰鑺傜偣瀛樺湪 classifyIds 锛岀洿鎺ヤ繚鐣欏叾瀛愯妭鐐归泦鍚�
continue;
}
if (tree.getChildren() != null && !tree.getChildren().isEmpty()) {
@@ -745,6 +754,24 @@
String oids = codeClassifies.stream()
.map(CodeClassify::getOid)
.map(s -> "'" + s + "'")
+ .collect(Collectors.joining(","));;
+ return oids;
+ }
+
+ /**
+ * 鏍规嵁椤跺眰鑺傜偣oid鏌ヨ鎵�鏈夊彾瀛愯妭鐐瑰垎绫籵id
+ * @param pid
+ * @return
+ */
+ @Override
+ public String selectLeafByPid(String pid) {
+ List<CodeClassify> codeClassifies = codeClassifyMapper.selectLeafByPid(pid);
+ if(codeClassifies.isEmpty()){
+ return "";
+ }
+ String oids = codeClassifies.stream()
+ .map(CodeClassify::getOid)
+ .map(s ->s)
.collect(Collectors.joining(","));;
return oids;
}
@@ -1460,11 +1487,11 @@
if(!CollectionUtils.isEmpty(dataList)){
for(Map data:dataList){
CodeClassify codeClassifyDO = new CodeClassify();
- codeClassifyDO.setOid(VciBaseUtil.getStringValueFromObject(data.get("OID")));
- codeClassifyDO.setId(VciBaseUtil.getStringValueFromObject(data.get("ID")));
- codeClassifyDO.setName(VciBaseUtil.getStringValueFromObject(data.get("NAME")));
- codeClassifyDO.setBtmTypeId(VciBaseUtil.getStringValueFromObject(data.get("BTMTYPEID")));
- codeClassifyDO.setBtmTypeName(VciBaseUtil.getStringValueFromObject(data.get("BTMTYPENAME")));
+ codeClassifyDO.setOid(VciBaseUtil.getStringValueFromObject(VciBaseUtil.getMapValueIgnoreCase(data,"OID")));
+ codeClassifyDO.setId(VciBaseUtil.getStringValueFromObject(VciBaseUtil.getMapValueIgnoreCase(data,"ID")));
+ codeClassifyDO.setName(VciBaseUtil.getStringValueFromObject(VciBaseUtil.getMapValueIgnoreCase(data,"NAME")));
+ codeClassifyDO.setBtmTypeId(VciBaseUtil.getStringValueFromObject(VciBaseUtil.getMapValueIgnoreCase(data,"BTMTYPEID")));
+ codeClassifyDO.setBtmTypeName(VciBaseUtil.getStringValueFromObject(VciBaseUtil.getMapValueIgnoreCase(data,"BTMTYPENAME")));
oidList.add(codeClassifyDO);
}
}
@@ -1528,7 +1555,5 @@
wrapper.eq("parentCodeClassifyOid",codeClassifyOid);
return codeClassifyMapper.selectCount(wrapper).intValue();
}
-
-
}
--
Gitblit v1.9.3