联讯物业系统后台
parent: f1d1ad21 | 补丁 | 提交 | ignore whitespace
java110
2021-09-14 507cb531dfc076c95ffe20a92424bb9a61bf0071 
优化代码
6个文件已修改
1个文件已添加
154 ■■■■■ 已修改文件
java110-db/src/main/resources/mapper/oa/OaWorkflowFormServiceDaoImplMapper.xml 10 ●●●●● 补丁 | 查看 | 原始文档 | blame | 历史
java110-interface/src/main/java/com/java110/intf/oa/IOaWorkflowFormInnerServiceSMO.java 8 ●●●●● 补丁 | 查看 | 原始文档 | blame | 历史
service-oa/src/main/java/com/java110/oa/OaServiceApplicationStart.java 4 ●●●● 补丁 | 查看 | 原始文档 | blame | 历史
service-oa/src/main/java/com/java110/oa/cmd/oaWorkflow/UpdateOaWorkflowFormData.java 114 ●●●●● 补丁 | 查看 | 原始文档 | blame | 历史
service-oa/src/main/java/com/java110/oa/dao/IOaWorkflowFormServiceDao.java 6 ●●●●● 补丁 | 查看 | 原始文档 | blame | 历史
service-oa/src/main/java/com/java110/oa/dao/impl/OaWorkflowFormServiceDaoImpl.java 7 ●●●●● 补丁 | 查看 | 原始文档 | blame | 历史
service-oa/src/main/java/com/java110/oa/smo/impl/OaWorkflowFormInnerServiceSMOImpl.java 5 ●●●●● 补丁 | 查看 | 原始文档 | blame | 历史 
 java110-db/src/main/resources/mapper/oa/OaWorkflowFormServiceDaoImplMapper.xml


@@ -190,5 +190,15 @@


        where t.id = #{id}


    </update>




    <!-- 修改信息 -->


    <update id="updateOaWorkflowFormDataAll" parameterType="Map">


        update ${tableName} set


            status_cd = '0'


            <foreach collection="columns" item="item" separator=",">


                ,${item}


            </foreach>


        where id = #{id}


    </update>






</mapper>




 java110-interface/src/main/java/com/java110/intf/oa/IOaWorkflowFormInnerServiceSMO.java


@@ -91,4 +91,12 @@


     */


    @RequestMapping(value = "/updateOaWorkflowFormData", method = RequestMethod.POST)


    int updateOaWorkflowFormData(@RequestBody JSONObject reqJson);




    /**


     * 修改表单数据


     *


     * @param reqJson


     */


    @RequestMapping(value = "/updateOaWorkflowFormDataAll", method = RequestMethod.POST)


    int updateOaWorkflowFormDataAll(@RequestBody JSONObject reqJson);


}




 service-oa/src/main/java/com/java110/oa/OaServiceApplicationStart.java


@@ -15,8 +15,10 @@


 */


package com.java110.oa;




import com.java110.core.annotation.Java110CmdDiscovery;


import com.java110.core.annotation.Java110ListenerDiscovery;


import com.java110.core.client.RestTemplate;


import com.java110.core.event.cmd.ServiceCmdEventPublishing;


import com.java110.core.event.service.BusinessServiceDataFlowEventPublishing;


import com.java110.service.init.ServiceStartInit;


import org.slf4j.Logger;


@@ -47,6 +49,8 @@


@SpringBootApplication(scanBasePackages = {"com.java110.service", "com.java110.oa",


        "com.java110.core", "com.java110.config.properties.code", "com.java110.db"})


@EnableDiscoveryClient


@Java110CmdDiscovery(cmdPublishClass = ServiceCmdEventPublishing.class,


        basePackages = {"com.java110.dev.cmd"})


@Java110ListenerDiscovery(listenerPublishClass = BusinessServiceDataFlowEventPublishing.class,


        basePackages = {"com.java110.oa.listener"})


@EnableFeignClients(basePackages = {"com.java110.intf.user",




 service-oa/src/main/java/com/java110/oa/cmd/oaWorkflow/UpdateOaWorkflowFormData.java


New file


@@ -0,0 +1,114 @@


package com.java110.oa.cmd.oaWorkflow;




import com.alibaba.fastjson.JSONObject;


import com.java110.core.annotation.Java110Cmd;


import com.java110.core.annotation.Java110Transactional;


import com.java110.core.context.ICmdDataFlowContext;


import com.java110.core.event.cmd.AbstractServiceCmdListener;


import com.java110.core.event.cmd.CmdEvent;


import com.java110.dto.oaWorkflow.OaWorkflowDto;


import com.java110.dto.oaWorkflowForm.OaWorkflowFormDto;


import com.java110.intf.oa.IOaWorkflowFormInnerServiceSMO;


import com.java110.intf.oa.IOaWorkflowInnerServiceSMO;


import com.java110.oa.bmo.oaWorkflowForm.IGetOaWorkflowFormBMO;


import com.java110.utils.exception.CmdException;


import com.java110.utils.util.Assert;


import com.java110.utils.util.StringUtil;


import com.java110.vo.ResultVo;


import org.springframework.beans.factory.annotation.Autowired;




import java.util.ArrayList;


import java.util.List;


import java.util.regex.Matcher;


import java.util.regex.Pattern;




/**


 * 修改表单数据


 */


@Java110Cmd(serviceCode = "/oaWorkflow/updateOaWorkflowFormData")


public class UpdateOaWorkflowFormData extends AbstractServiceCmdListener {




    @Autowired


    private IOaWorkflowFormInnerServiceSMO oaWorkflowFormInnerServiceSMOImpl;




    @Autowired


    private IOaWorkflowInnerServiceSMO oaWorkflowInnerServiceSMOImpl;




    @Autowired


    private IGetOaWorkflowFormBMO getOaWorkflowFormBMOImpl;




    @Override


    public void validate(CmdEvent event, ICmdDataFlowContext cmdDataFlowContext, JSONObject reqJson) {


        Assert.hasKeyAndValue(reqJson, "id", "ID不能为空");


        Assert.hasKeyAndValue(reqJson, "flowId", "流程不能为空");


    }




    @Override


    @Java110Transactional


    public void doCmd(CmdEvent event, ICmdDataFlowContext cmdDataFlowContext, JSONObject reqJson) throws CmdException {




        OaWorkflowFormDto oaWorkflowFormDto = new OaWorkflowFormDto();


        oaWorkflowFormDto.setFlowId(reqJson.get("flowId").toString());


        oaWorkflowFormDto.setStoreId(reqJson.get("storeId").toString());


        oaWorkflowFormDto.setRow(1);


        oaWorkflowFormDto.setPage(1);


        List<OaWorkflowFormDto> oaWorkflowFormDtos = oaWorkflowFormInnerServiceSMOImpl.queryOaWorkflowForms(oaWorkflowFormDto);


        Assert.listOnlyOne(oaWorkflowFormDtos, "未包含流程表单,请先设置表单");




        //


        OaWorkflowDto oaWorkflowDto = new OaWorkflowDto();


        oaWorkflowDto.setStoreId(reqJson.getString("storeId"));


        oaWorkflowDto.setFlowId(reqJson.getString("flowId"));


        List<OaWorkflowDto> oaWorkflowDtos = oaWorkflowInnerServiceSMOImpl.queryOaWorkflows(oaWorkflowDto);


        Assert.listOnlyOne(oaWorkflowDtos, "流程不存在");




        if (!OaWorkflowDto.STATE_COMPLAINT.equals(oaWorkflowDtos.get(0).getState())) {


            throw new IllegalArgumentException(oaWorkflowDtos.get(0).getFlowName() + "流程未部署");


        }




        if (StringUtil.isEmpty(oaWorkflowDtos.get(0).getProcessDefinitionKey())) {


            throw new IllegalArgumentException(oaWorkflowDtos.get(0).getFlowName() + "流程未部署");


        }




        List<String> columns = new ArrayList<>();


        List<String> values = new ArrayList<>();


        for (String key : reqJson.keySet()) {


            if ("flowId".equals(key) || "id".equals(key)) {


                continue;


            }


            columns.add(key + "=" + reqJson.getString(key));




            //简单校验


            validateColumns(columns);


        }


        reqJson.put("columns", columns.toArray(new String[columns.size()]));




        //保存表单数据


        reqJson.put("tableName", oaWorkflowFormDtos.get(0).getTableName());




        int flag = oaWorkflowFormInnerServiceSMOImpl.updateOaWorkflowFormDataAll(reqJson);


        if (flag < 1) {


            throw new IllegalArgumentException("保存失败");


        }






        cmdDataFlowContext.setResponseEntity(ResultVo.success());




    }




    private void validateColumns(List<String> columns) {


        String columnBak = "";


        for (String column : columns) {


            columnBak = column.toLowerCase();


            if (containsSqlInjection(columnBak)) {


                throw new IllegalArgumentException("非法操作,可能破坏系统稳定性");


            }


        }


    }




    public static boolean containsSqlInjection(Object obj) {


        Pattern pattern = Pattern.compile("\\b(exec|insert|select|drop|grant|alter|delete|update|count|chr|mid|master|truncate|char|declare)\\b|(\\*|;|\\+|'|%)");


        Matcher matcher = pattern.matcher(obj.toString().toLowerCase());


        return matcher.find();


    }


}




 service-oa/src/main/java/com/java110/oa/dao/IOaWorkflowFormServiceDao.java


@@ -84,4 +84,10 @@


     * @return


     */


    int updateOaWorkflowFormData(Map beanCovertMap);


    /**


     * 修改表单数据


     * @param beanCovertMap


     * @return


     */


    int updateOaWorkflowFormDataAll(Map beanCovertMap);


}




 service-oa/src/main/java/com/java110/oa/dao/impl/OaWorkflowFormServiceDaoImpl.java


@@ -145,6 +145,7 @@


    }








    @Override


    public int updateOaWorkflowFormData(Map paramIn) {


        logger.debug("保存updateOaWorkflowFormData 入参 info : {}",paramIn);


@@ -152,5 +153,11 @@


        int saveFlag = sqlSessionTemplate.insert("oaWorkflowFormServiceDaoImpl.updateOaWorkflowFormData",paramIn);


        return saveFlag;


    }


    @Override


    public int updateOaWorkflowFormDataAll(Map paramIn) {


        logger.debug("保存updateOaWorkflowFormData 入参 info : {}",paramIn);




        int saveFlag = sqlSessionTemplate.insert("oaWorkflowFormServiceDaoImpl.updateOaWorkflowFormDataAll",paramIn);


        return saveFlag;


    }


}




 service-oa/src/main/java/com/java110/oa/smo/impl/OaWorkflowFormInnerServiceSMOImpl.java


@@ -127,6 +127,11 @@


        return oaWorkflowFormServiceDaoImpl.updateOaWorkflowFormData(reqJson);


    }




    @Override


    public int updateOaWorkflowFormDataAll(@RequestBody JSONObject reqJson) {


        return oaWorkflowFormServiceDaoImpl.updateOaWorkflowFormDataAll(reqJson);


    }




    public IOaWorkflowFormServiceDao getOaWorkflowFormServiceDaoImpl() {


        return oaWorkflowFormServiceDaoImpl;


    }