From 4470052c3b6bdeb18e45987f8aa293d1e93d0552 Mon Sep 17 00:00:00 2001
From: Ludc <2870569285@qq.com>
Date: 星期二, 18 十一月 2025 11:59:12 +0800
Subject: [PATCH] 所有文件上传接口增加文件安全校验逻辑。
---
Source/UBCS/ubcs-service/ubcs-code/src/main/java/com/vci/ubcs/code/service/impl/MdmIOServiceImpl.java | 39 ++++++++++++++++++++++++---------------
1 files changed, 24 insertions(+), 15 deletions(-)
diff --git a/Source/UBCS/ubcs-service/ubcs-code/src/main/java/com/vci/ubcs/code/service/impl/MdmIOServiceImpl.java b/Source/UBCS/ubcs-service/ubcs-code/src/main/java/com/vci/ubcs/code/service/impl/MdmIOServiceImpl.java
index 3e2f852..364dedf 100644
--- a/Source/UBCS/ubcs-service/ubcs-code/src/main/java/com/vci/ubcs/code/service/impl/MdmIOServiceImpl.java
+++ b/Source/UBCS/ubcs-service/ubcs-code/src/main/java/com/vci/ubcs/code/service/impl/MdmIOServiceImpl.java
@@ -3,6 +3,7 @@
import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.JSONObject;
import com.alibaba.nacos.common.utils.StringUtils;
+import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
import com.baomidou.mybatisplus.core.toolkit.Wrappers;
import com.google.protobuf.ServiceException;
import com.vci.ubcs.code.applyjtcodeservice.feign.IMdmInterJtClient;
@@ -1247,19 +1248,21 @@
//鎴戜滑闇�瑕佸厛鏌ヨ涓�涓嬶紝鍐呭鏄惁宸茬粡瀛樺湪
if (!CollectionUtils.isEmpty(thisCbos)) {
List<String> existIds = new ArrayList<>();
+ // TODO: 2024/12/3 Ludc 杩欏効鏌ヨ鍋氫簡淇敼鏀规垚缁勬垚涓�鍙ql鏌ヨ锛岃�屼笉鏄垎鎵规鏌ヨ
+ LambdaQueryWrapper<CodeAllCode> wrapper = Wrappers.<CodeAllCode>query().lambda()
+ .eq(CodeAllCode::getCodeRuleOid, ruleOid);
VciBaseUtil.switchCollectionForOracleIn(thisCbos).stream().forEach(cbos -> {
- List<CodeAllCode> codeAllCodeList = codeAllCodeService.selectByWrapper(Wrappers.<CodeAllCode>query().lambda().eq(CodeAllCode::getCodeRuleOid, ruleOid)
- .notIn(CodeAllCode::getId, cbos.stream().map(s -> s.getId()).collect(Collectors.toSet()).toArray(new String[0]))
- .notIn(CodeAllCode::getLcStatus, CodeAllCodeLC.TASK_BACK.getValue() + "','" + CodeAllCodeLC.OBSOLETED.getValue())
- );
- existIds.addAll(Optional.ofNullable(codeAllCodeList).orElseGet(() -> new ArrayList<>()).stream().map(s -> {
- String id = s.getId();
- if (StringUtils.isBlank(id)) {
- id = s.getId();
- }
- return id;
- }).collect(Collectors.toList()));
+ wrapper.notIn(CodeAllCode::getId, cbos.stream().map(s -> s.getId()).collect(Collectors.toSet()).toArray(new String[0]));
});
+ wrapper.notIn(CodeAllCode::getLcStatus, CodeAllCodeLC.TASK_BACK.getValue() + "','" + CodeAllCodeLC.OBSOLETED.getValue());
+ List<CodeAllCode> codeAllCodeList = codeAllCodeService.selectByWrapper(wrapper);
+ existIds.addAll(Optional.ofNullable(codeAllCodeList).orElseGet(() -> new ArrayList<>()).stream().map(s -> {
+ String id = s.getId();
+ if (StringUtils.isBlank(id)) {
+ id = s.getId();
+ }
+ return id;
+ }).collect(Collectors.toList()));
List<String> existIdCbos = thisCbos.stream().filter(s -> {
String id = s.getId();
if (StringUtils.isBlank(id)) {
@@ -3373,10 +3376,16 @@
private void getCodeOrderDTOs(CodeClassifyVO codeClassifyVO, CodeClassifyTemplateVO templateVO, Map<String, RowDatas> codeDataMap, Map<String, ClientBusinessObject> codeSystemObjectMap, List<CodeOrderDTO> codeOrderDTOList, Map<String, String> errorMap, boolean isCodeOrGroupCode) {
codeSystemObjectMap.keySet().forEach(code -> {
ClientBusinessObject sysDataObject = codeSystemObjectMap.get(code);
- if (isCodeOrGroupCode) {
- code = sysDataObject.getAttributeValue("GROUPCODE");
+ /*if (isCodeOrGroupCode) {
+ // code = sysDataObject.getAttributeValue("GROUPCODE");
if (StringUtils.isBlank(code)) {
code = sysDataObject.getId();
+ }
+ }*/
+ if(isCodeOrGroupCode){
+ String groupCode=sysDataObject.getAttributeValue("GROUPCODE");
+ if(codeDataMap.containsKey(groupCode)){
+ code=groupCode;
}
}
CodeOrderDTO orderDTO = new CodeOrderDTO();
@@ -4952,7 +4961,7 @@
}
}
- /******
+ /**
* 鏍规嵁缂栫爜瑙勫垯缂撳瓨鏁版嵁
* @param uuid
* @param codeImprotDataVOs
@@ -4996,7 +5005,7 @@
});
}
- /****
+ /**
* 鏁版嵁鐩镐技椤规暟鎹牎楠宺edis缂撳瓨
* @param codeClassifyOid
* @param templateVO
--
Gitblit v1.9.3