mirror of https://gitee.com/maxjhandsome/pig
commit
8e9aaafdc9
|
@ -18,12 +18,12 @@
|
|||
|
||||
| 依赖 | 版本 |
|
||||
| ---------------------- | ------------- |
|
||||
| Spring Boot | 2.3.4.RELEASE |
|
||||
| Spring Boot | 2.3.5.RELEASE |
|
||||
| Spring Cloud | Hoxton.SR8 |
|
||||
| Spring Cloud Alibaba | 2.2.3.RELEASE |
|
||||
| Spring Security OAuth2 | 2.3.6 |
|
||||
| Mybatis Plus | 3.4.0 |
|
||||
| hutool | 5.4.4 |
|
||||
| hutool | 5.4.7 |
|
||||
| Avue | 2.6.16 |
|
||||
|
||||
### 模块说明
|
||||
|
@ -99,7 +99,7 @@ mvn archetype:generate \
|
|||
-Dpackage=com.pig4cloud.pig.demo \
|
||||
-DarchetypeGroupId=com.pig4cloud.archetype \
|
||||
-DarchetypeArtifactId=pig-gen \
|
||||
-DarchetypeVersion=2.10.0 \
|
||||
-DarchetypeVersion=2.10.1 \
|
||||
-DarchetypeCatalog=local
|
||||
```
|
||||
|
||||
|
|
|
@ -21,7 +21,7 @@
|
|||
<parent>
|
||||
<groupId>com.pig4cloud</groupId>
|
||||
<artifactId>pig</artifactId>
|
||||
<version>2.10.0</version>
|
||||
<version>2.10.1</version>
|
||||
</parent>
|
||||
|
||||
<artifactId>pig-auth</artifactId>
|
||||
|
@ -44,19 +44,19 @@
|
|||
<dependency>
|
||||
<groupId>com.pig4cloud</groupId>
|
||||
<artifactId>pig-common-sentinel</artifactId>
|
||||
<version>2.10.0</version>
|
||||
<version>2.10.1</version>
|
||||
</dependency>
|
||||
<!--upms api、model 模块-->
|
||||
<dependency>
|
||||
<groupId>com.pig4cloud</groupId>
|
||||
<artifactId>pig-upms-api</artifactId>
|
||||
<version>2.10.0</version>
|
||||
<version>2.10.1</version>
|
||||
</dependency>
|
||||
<!--security-->
|
||||
<dependency>
|
||||
<groupId>com.pig4cloud</groupId>
|
||||
<artifactId>pig-common-security</artifactId>
|
||||
<version>2.10.0</version>
|
||||
<version>2.10.1</version>
|
||||
</dependency>
|
||||
<!--JDBC相关-->
|
||||
<dependency>
|
||||
|
|
|
@ -21,7 +21,7 @@
|
|||
<parent>
|
||||
<groupId>com.pig4cloud</groupId>
|
||||
<artifactId>pig-common</artifactId>
|
||||
<version>2.10.0</version>
|
||||
<version>2.10.1</version>
|
||||
</parent>
|
||||
|
||||
<artifactId>pig-common-core</artifactId>
|
||||
|
|
|
@ -1,17 +1,19 @@
|
|||
/*
|
||||
* Copyright (c) 2020 pig4cloud Authors. All Rights Reserved.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
* You may obtain a copy of the License at
|
||||
* * Copyright (c) 2019-2020, 冷冷 (wangiegie@gmail.com).
|
||||
* * <p>
|
||||
* * Licensed under the GNU Lesser General Public License 3.0 (the "License");
|
||||
* * you may not use this file except in compliance with the License.
|
||||
* * You may obtain a copy of the License at
|
||||
* * <p>
|
||||
* * https://www.gnu.org/licenses/lgpl.html
|
||||
* * <p>
|
||||
* * Unless required by applicable law or agreed to in writing, software
|
||||
* * distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* * See the License for the specific language governing permissions and
|
||||
* * limitations under the License.
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing, software
|
||||
* distributed under the License is distributed on an "AS IS" BASIS,
|
||||
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*/
|
||||
|
||||
package com.pig4cloud.pig.common.core.mybatis;
|
||||
|
@ -27,7 +29,11 @@ import org.springframework.web.method.support.HandlerMethodArgumentResolver;
|
|||
import org.springframework.web.method.support.ModelAndViewContainer;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import java.util.*;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Arrays;
|
||||
import java.util.List;
|
||||
import java.util.Optional;
|
||||
import java.util.function.Predicate;
|
||||
import java.util.stream.Collectors;
|
||||
|
||||
/**
|
||||
|
@ -39,6 +45,9 @@ import java.util.stream.Collectors;
|
|||
@Slf4j
|
||||
public class SqlFilterArgumentResolver implements HandlerMethodArgumentResolver {
|
||||
|
||||
private final static String[] KEYWORDS = { "master", "truncate", "insert", "select", "delete", "update", "declare",
|
||||
"alter", "drop", "sleep" };
|
||||
|
||||
/**
|
||||
* 判断Controller是否包含page 参数
|
||||
* @param parameter 参数
|
||||
|
@ -69,7 +78,7 @@ public class SqlFilterArgumentResolver implements HandlerMethodArgumentResolver
|
|||
String current = request.getParameter("current");
|
||||
String size = request.getParameter("size");
|
||||
|
||||
Page<?> page = new Page<>();
|
||||
Page page = new Page();
|
||||
if (StrUtil.isNotBlank(current)) {
|
||||
page.setCurrent(Long.parseLong(current));
|
||||
}
|
||||
|
@ -79,32 +88,28 @@ public class SqlFilterArgumentResolver implements HandlerMethodArgumentResolver
|
|||
}
|
||||
|
||||
List<OrderItem> orderItemList = new ArrayList<>();
|
||||
Optional.ofNullable(ascs).ifPresent(s -> orderItemList.addAll(Arrays.stream(s).filter(StrUtil::isNotBlank)
|
||||
.map(this::clear).map(OrderItem::asc).collect(Collectors.toList())));
|
||||
Optional.ofNullable(descs).ifPresent(s -> orderItemList.addAll(Arrays.stream(s).filter(StrUtil::isNotBlank)
|
||||
.map(this::clear).map(OrderItem::desc).collect(Collectors.toList())));
|
||||
Optional.ofNullable(ascs).ifPresent(s -> orderItemList.addAll(
|
||||
Arrays.stream(s).filter(sqlInjectPredicate()).map(OrderItem::asc).collect(Collectors.toList())));
|
||||
Optional.ofNullable(descs).ifPresent(s -> orderItemList.addAll(
|
||||
Arrays.stream(s).filter(sqlInjectPredicate()).map(OrderItem::desc).collect(Collectors.toList())));
|
||||
page.addOrder(orderItemList);
|
||||
|
||||
return page;
|
||||
}
|
||||
|
||||
/**
|
||||
* 参数清理
|
||||
* @param param 参数
|
||||
* @return String
|
||||
* 判断用户输入里面有没有关键字
|
||||
* @return Predicate
|
||||
*/
|
||||
private String clear(String param) {
|
||||
if (StrUtil.isBlank(param)) {
|
||||
return StrUtil.trim(param);
|
||||
}
|
||||
StringBuilder builder = new StringBuilder();
|
||||
for (int i = 0; i < param.length(); i++) {
|
||||
char c = param.charAt(i);
|
||||
if (Character.isJavaIdentifierPart(c)) {
|
||||
builder.append(c);
|
||||
private Predicate<String> sqlInjectPredicate() {
|
||||
return sql -> {
|
||||
for (String keyword : KEYWORDS) {
|
||||
if (StrUtil.containsIgnoreCase(sql, keyword)) {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
}
|
||||
return builder.toString();
|
||||
return true;
|
||||
};
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -21,7 +21,7 @@
|
|||
<parent>
|
||||
<artifactId>pig-common</artifactId>
|
||||
<groupId>com.pig4cloud</groupId>
|
||||
<version>2.10.0</version>
|
||||
<version>2.10.1</version>
|
||||
</parent>
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
|
||||
|
|
|
@ -23,7 +23,7 @@
|
|||
<parent>
|
||||
<groupId>com.pig4cloud</groupId>
|
||||
<artifactId>pig-common</artifactId>
|
||||
<version>2.10.0</version>
|
||||
<version>2.10.1</version>
|
||||
</parent>
|
||||
|
||||
<artifactId>pig-common-job</artifactId>
|
||||
|
|
|
@ -21,7 +21,7 @@
|
|||
<parent>
|
||||
<groupId>com.pig4cloud</groupId>
|
||||
<artifactId>pig-common</artifactId>
|
||||
<version>2.10.0</version>
|
||||
<version>2.10.1</version>
|
||||
</parent>
|
||||
|
||||
<artifactId>pig-common-log</artifactId>
|
||||
|
@ -35,13 +35,13 @@
|
|||
<dependency>
|
||||
<groupId>com.pig4cloud</groupId>
|
||||
<artifactId>pig-common-core</artifactId>
|
||||
<version>2.10.0</version>
|
||||
<version>2.10.1</version>
|
||||
</dependency>
|
||||
<!--UPMS接口模块-->
|
||||
<dependency>
|
||||
<groupId>com.pig4cloud</groupId>
|
||||
<artifactId>pig-upms-api</artifactId>
|
||||
<version>2.10.0</version>
|
||||
<version>2.10.1</version>
|
||||
</dependency>
|
||||
<!--安全依赖获取上下文信息-->
|
||||
<dependency>
|
||||
|
|
|
@ -21,7 +21,7 @@
|
|||
<parent>
|
||||
<groupId>com.pig4cloud</groupId>
|
||||
<artifactId>pig-common</artifactId>
|
||||
<version>2.10.0</version>
|
||||
<version>2.10.1</version>
|
||||
</parent>
|
||||
|
||||
<artifactId>pig-common-mybatis</artifactId>
|
||||
|
|
|
@ -21,7 +21,7 @@
|
|||
<parent>
|
||||
<groupId>com.pig4cloud</groupId>
|
||||
<artifactId>pig-common</artifactId>
|
||||
<version>2.10.0</version>
|
||||
<version>2.10.1</version>
|
||||
</parent>
|
||||
|
||||
<artifactId>pig-common-security</artifactId>
|
||||
|
@ -35,7 +35,7 @@
|
|||
<dependency>
|
||||
<groupId>com.pig4cloud</groupId>
|
||||
<artifactId>pig-common-core</artifactId>
|
||||
<version>2.10.0</version>
|
||||
<version>2.10.1</version>
|
||||
</dependency>
|
||||
<!--安全模块-->
|
||||
<dependency>
|
||||
|
@ -50,7 +50,7 @@
|
|||
<dependency>
|
||||
<groupId>com.pig4cloud</groupId>
|
||||
<artifactId>pig-upms-api</artifactId>
|
||||
<version>2.10.0</version>
|
||||
<version>2.10.1</version>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
</project>
|
||||
|
|
|
@ -21,7 +21,7 @@
|
|||
<parent>
|
||||
<groupId>com.pig4cloud</groupId>
|
||||
<artifactId>pig-common</artifactId>
|
||||
<version>2.10.0</version>
|
||||
<version>2.10.1</version>
|
||||
</parent>
|
||||
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
|
@ -32,7 +32,7 @@
|
|||
<dependency>
|
||||
<groupId>com.pig4cloud</groupId>
|
||||
<artifactId>pig-common-core</artifactId>
|
||||
<version>2.10.0</version>
|
||||
<version>2.10.1</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>com.alibaba.cloud</groupId>
|
||||
|
|
|
@ -24,7 +24,7 @@
|
|||
<parent>
|
||||
<groupId>com.pig4cloud</groupId>
|
||||
<artifactId>pig-common</artifactId>
|
||||
<version>2.10.0</version>
|
||||
<version>2.10.1</version>
|
||||
</parent>
|
||||
|
||||
<artifactId>pig-common-swagger</artifactId>
|
||||
|
|
|
@ -6,7 +6,7 @@
|
|||
<parent>
|
||||
<groupId>com.pig4cloud</groupId>
|
||||
<artifactId>pig-common</artifactId>
|
||||
<version>2.10.0</version>
|
||||
<version>2.10.1</version>
|
||||
</parent>
|
||||
|
||||
<artifactId>pig-common-test</artifactId>
|
||||
|
@ -18,7 +18,7 @@
|
|||
<dependency>
|
||||
<groupId>com.pig4cloud</groupId>
|
||||
<artifactId>pig-common-security</artifactId>
|
||||
<version>2.10.0</version>
|
||||
<version>2.10.1</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.security</groupId>
|
||||
|
|
|
@ -21,7 +21,7 @@
|
|||
<parent>
|
||||
<groupId>com.pig4cloud</groupId>
|
||||
<artifactId>pig</artifactId>
|
||||
<version>2.10.0</version>
|
||||
<version>2.10.1</version>
|
||||
</parent>
|
||||
|
||||
<artifactId>pig-common</artifactId>
|
||||
|
|
|
@ -21,7 +21,7 @@
|
|||
<parent>
|
||||
<groupId>com.pig4cloud</groupId>
|
||||
<artifactId>pig</artifactId>
|
||||
<version>2.10.0</version>
|
||||
<version>2.10.1</version>
|
||||
</parent>
|
||||
|
||||
<artifactId>pig-gateway</artifactId>
|
||||
|
|
|
@ -18,7 +18,7 @@
|
|||
<parent>
|
||||
<groupId>com.pig4cloud</groupId>
|
||||
<artifactId>pig</artifactId>
|
||||
<version>2.10.0</version>
|
||||
<version>2.10.1</version>
|
||||
</parent>
|
||||
|
||||
<artifactId>pig-register</artifactId>
|
||||
|
|
|
@ -21,7 +21,7 @@
|
|||
<parent>
|
||||
<groupId>com.pig4cloud</groupId>
|
||||
<artifactId>pig-upms</artifactId>
|
||||
<version>2.10.0</version>
|
||||
<version>2.10.1</version>
|
||||
</parent>
|
||||
|
||||
<artifactId>pig-upms-api</artifactId>
|
||||
|
|
|
@ -21,7 +21,7 @@
|
|||
<parent>
|
||||
<groupId>com.pig4cloud</groupId>
|
||||
<artifactId>pig-upms</artifactId>
|
||||
<version>2.10.0</version>
|
||||
<version>2.10.1</version>
|
||||
</parent>
|
||||
|
||||
<artifactId>pig-upms-biz</artifactId>
|
||||
|
|
|
@ -21,7 +21,7 @@
|
|||
<parent>
|
||||
<groupId>com.pig4cloud</groupId>
|
||||
<artifactId>pig</artifactId>
|
||||
<version>2.10.0</version>
|
||||
<version>2.10.1</version>
|
||||
</parent>
|
||||
|
||||
<artifactId>pig-upms</artifactId>
|
||||
|
|
|
@ -22,7 +22,7 @@
|
|||
<parent>
|
||||
<groupId>com.pig4cloud</groupId>
|
||||
<artifactId>pig-visual</artifactId>
|
||||
<version>2.10.0</version>
|
||||
<version>2.10.1</version>
|
||||
</parent>
|
||||
|
||||
<artifactId>pig-codegen</artifactId>
|
||||
|
|
|
@ -21,7 +21,7 @@
|
|||
<parent>
|
||||
<groupId>com.pig4cloud</groupId>
|
||||
<artifactId>pig-visual</artifactId>
|
||||
<version>2.10.0</version>
|
||||
<version>2.10.1</version>
|
||||
</parent>
|
||||
|
||||
<artifactId>pig-monitor</artifactId>
|
||||
|
|
|
@ -6,7 +6,7 @@
|
|||
<parent>
|
||||
<groupId>com.pig4cloud</groupId>
|
||||
<artifactId>pig-visual</artifactId>
|
||||
<version>2.10.0</version>
|
||||
<version>2.10.1</version>
|
||||
</parent>
|
||||
|
||||
<artifactId>pig-sentinel-dashboard</artifactId>
|
||||
|
|
|
@ -4,7 +4,7 @@
|
|||
<parent>
|
||||
<groupId>com.pig4cloud</groupId>
|
||||
<artifactId>pig-visual</artifactId>
|
||||
<version>2.10.0</version>
|
||||
<version>2.10.1</version>
|
||||
</parent>
|
||||
|
||||
<artifactId>pig-xxl-job-admin</artifactId>
|
||||
|
|
|
@ -21,7 +21,7 @@
|
|||
<parent>
|
||||
<groupId>com.pig4cloud</groupId>
|
||||
<artifactId>pig</artifactId>
|
||||
<version>2.10.0</version>
|
||||
<version>2.10.1</version>
|
||||
</parent>
|
||||
|
||||
<artifactId>pig-visual</artifactId>
|
||||
|
|
6
pom.xml
6
pom.xml
|
@ -28,20 +28,20 @@
|
|||
|
||||
<groupId>com.pig4cloud</groupId>
|
||||
<artifactId>pig</artifactId>
|
||||
<version>2.10.0</version>
|
||||
<version>2.10.1</version>
|
||||
<name>${project.artifactId}</name>
|
||||
<packaging>pom</packaging>
|
||||
<url>https://www.pig4cloud.com</url>
|
||||
|
||||
<properties>
|
||||
<spring-boot.version>2.3.4.RELEASE</spring-boot.version>
|
||||
<spring-boot.version>2.3.5.RELEASE</spring-boot.version>
|
||||
<spring-cloud.version>Hoxton.SR8</spring-cloud.version>
|
||||
<spring-cloud-alibaba.version>2.2.3.RELEASE</spring-cloud-alibaba.version>
|
||||
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
|
||||
<maven.compiler.source>1.8</maven.compiler.source>
|
||||
<maven.compiler.target>1.8</maven.compiler.target>
|
||||
<spring-boot-admin.version>2.3.0</spring-boot-admin.version>
|
||||
<hutool.version>5.4.6</hutool.version>
|
||||
<hutool.version>5.4.7</hutool.version>
|
||||
<mybatis-plus.version>3.4.0</mybatis-plus.version>
|
||||
<dynamic-ds.version>3.2.0</dynamic-ds.version>
|
||||
<captcha.version>2.2.0</captcha.version>
|
||||
|
|
Loading…
Reference in New Issue