bug修改 -shizhilong

9e816bbd · shizhilong · ec6fc30a · 9e816bbd · 9e816bbd · 9e816bbd
Commit 9e816bbd authored Jul 24, 2023 by shizhilong
4 changed files
--- a/jeecg-module-system/src/main/java/org/jeecg/modules/school/controller/SchoolPlanBatchMasterController.java
+++ b/jeecg-module-system/src/main/java/org/jeecg/modules/school/controller/SchoolPlanBatchMasterController.java
 package org.jeecg.modules.school.controller;
+import cn.hutool.core.util.ObjectUtil;
+import com.baomidou.mybatisplus.core.conditions.update.LambdaUpdateWrapper;
 import com.baomidou.mybatisplus.core.metadata.IPage;
+import com.baomidou.mybatisplus.core.toolkit.Wrappers;
 import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
+import io.swagger.annotations.ApiParam;
+import org.apache.shiro.SecurityUtils;
 import org.jeecg.common.api.vo.Result;
 import org.jeecg.common.aspect.annotation.AutoLog;
+import org.jeecg.common.system.vo.LoginUser;
 import org.jeecg.modules.school.dto.SchoolPlanBatchMasterDTO;
 import org.jeecg.modules.school.entity.SchoolPlanBatchMaster;
 import org.jeecg.modules.school.service.ISchoolPlanBatchMasterService;
 import org.jeecg.modules.school.vo.SchoolPlanBatchMasterVO;
-import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.*;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RequestParam;
-import org.springframework.web.bind.annotation.RestController;
 import org.jeecg.common.system.base.controller.JeecgController;
+import java.util.Date;
 /**
 * <p>
 * 作业计划批次管理表 前端控制器
@@ -49,4 +54,39 @@ public class SchoolPlanBatchMasterController extends JeecgController<SchoolPlanB
        return Result.OK(pageData);
    }
+    @AutoLog(value = "作业计划批次管理新增或者编辑")
+    @ApiOperation(value = "作业计划批次管理新增或者编辑", notes = "作业计划批次管理新增或者编辑")
+    @PostMapping(value = "/saveOrUpdate")
+    @ResponseBody
+    public Result<String> saveOrUpdate(@RequestBody SchoolPlanBatchMaster schoolPlanBatchMaster) {
+        //获取当前登录人信息
+        LoginUser user = (LoginUser) SecurityUtils.getSubject().getPrincipal();
+        String realname = user.getRealname();
+        schoolPlanBatchMaster.setUpdateTime(new Date());
+        schoolPlanBatchMaster.setDelFlag("0");
+        schoolPlanBatchMaster.setUpdateBy(realname);
+        if (ObjectUtil.isEmpty(schoolPlanBatchMaster.getId())) {
+            this.service.save(schoolPlanBatchMaster);
+        } else {
+            this.service.updateById(schoolPlanBatchMaster);
+        }
+        return Result.OK("操作成功!");
+    }
+    /**
+     * 删除作业计划批次管理数据
+     * @param id
+     * @return
+     */
+    @AutoLog(value = "删除作业计划批次管理数据")
+    @ApiOperation(value = "删除作业计划批次管理数据", notes = "删除作业计划批次管理数据")
+    @GetMapping(value = "/delete")
+    public Result<String> delete(@ApiParam(name = "作业计划批次管理id", required = true) String id) {
+        //删除动静态几何尺寸数据
+        LambdaUpdateWrapper<SchoolPlanBatchMaster> update = Wrappers.lambdaUpdate();
+        update.set(SchoolPlanBatchMaster::getDelFlag, "1");
+        update.eq(SchoolPlanBatchMaster::getId, id);
+        this.service.update(update);
+        return Result.OK("删除成功!");
+    }
 }
--- a/jeecg-module-system/src/main/java/org/jeecg/modules/system/controller/DuplicateCheckController.java
+++ b/jeecg-module-system/src/main/java/org/jeecg/modules/system/controller/DuplicateCheckController.java
@@ -2,13 +2,19 @@ package org.jeecg.modules.system.controller;
 import javax.servlet.http.HttpServletRequest;
+import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
+import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
+import com.baomidou.mybatisplus.core.toolkit.Wrappers;
+import io.swagger.annotations.ApiParam;
 import org.apache.commons.lang.StringUtils;
 import org.jeecg.common.api.vo.Result;
 import org.jeecg.common.constant.SymbolConstant;
 import org.jeecg.common.util.SqlInjectionUtil;
+import org.jeecg.modules.system.entity.SysUser;
 import org.jeecg.modules.system.mapper.SysDictMapper;
 import org.jeecg.modules.system.model.DuplicateCheckVo;
 import org.jeecg.modules.system.security.DictQueryBlackListHandler;
+import org.jeecg.modules.system.service.ISysUserService;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.web.bind.annotation.ExceptionHandler;
 import org.springframework.web.bind.annotation.RequestMapping;
@@ -19,6 +25,8 @@ import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import lombok.extern.slf4j.Slf4j;
+import java.util.List;
 /**
 * @Title: DuplicateCheckAction
 * @Description: 重复校验工具
@@ -29,78 +37,110 @@ import lombok.extern.slf4j.Slf4j;
 @Slf4j
 @RestController
 @RequestMapping("/sys/duplicate")
-@Api(tags="重复校验")
+@Api(tags = "重复校验")
 public class DuplicateCheckController {
-	@Autowired
+    @Autowired
-	SysDictMapper sysDictMapper;
+    SysDictMapper sysDictMapper;
-	@Autowired
+    @Autowired
-	DictQueryBlackListHandler dictQueryBlackListHandler;
+    DictQueryBlackListHandler dictQueryBlackListHandler;
-	/**
+    @Autowired
-	 * 校验数据是否在系统中是否存在
+    private ISysUserService sysUserService;
-	 * 
-	 * @return
+    /**
-	 */
+     * 校验数据是否在系统中是否存在
-	@RequestMapping(value = "/check", method = RequestMethod.GET)
+     *
-	@ApiOperation("重复校验接口")
+     * @return
-	public Result<String> doDuplicateCheck(DuplicateCheckVo duplicateCheckVo, HttpServletRequest request) {
+     */
-		Long num = null;
+    @RequestMapping(value = "/check", method = RequestMethod.GET)
+    @ApiOperation("重复校验接口")
+    public Result<String> doDuplicateCheck(DuplicateCheckVo duplicateCheckVo, HttpServletRequest request) {
+        Long num = null;
-		log.debug("----duplicate check------："+ duplicateCheckVo.toString());
+        log.debug("----duplicate check------：" + duplicateCheckVo.toString());
-		//关联表字典（举例：sys_user,realname,id）
+        //关联表字典（举例：sys_user,realname,id）
-		//SQL注入校验（只限制非法串改数据库）
+        //SQL注入校验（只限制非法串改数据库）
-		final String[] sqlInjCheck = {duplicateCheckVo.getTableName(),duplicateCheckVo.getFieldName()};
+        final String[] sqlInjCheck = {duplicateCheckVo.getTableName(), duplicateCheckVo.getFieldName()};
-		SqlInjectionUtil.filterContent(sqlInjCheck);
+        SqlInjectionUtil.filterContent(sqlInjCheck);
-		// update-begin-author:taoyan date:20211227 for: JTC-25 【online报表】oracle 操作问题 录入弹框啥都不填直接保存 ①编码不是应该提示必填么？②报错也应该是具体文字提示，不是后台错误日志
+        // update-begin-author:taoyan date:20211227 for: JTC-25 【online报表】oracle 操作问题 录入弹框啥都不填直接保存 ①编码不是应该提示必填么？②报错也应该是具体文字提示，不是后台错误日志
-		if(StringUtils.isEmpty(duplicateCheckVo.getFieldVal())){
+        if (StringUtils.isEmpty(duplicateCheckVo.getFieldVal())) {
-			Result rs = new Result();
+            Result rs = new Result();
-			rs.setCode(500);
+            rs.setCode(500);
-			rs.setSuccess(true);
+            rs.setSuccess(true);
-			rs.setMessage("数据为空,不作处理！");
+            rs.setMessage("数据为空,不作处理！");
-			return rs;
+            return rs;
-		}
+        }
-		//update-begin-author:taoyan date:20220329 for: VUEN-223【安全漏洞】当前被攻击的接口
+        //update-begin-author:taoyan date:20220329 for: VUEN-223【安全漏洞】当前被攻击的接口
-		String checkSql = duplicateCheckVo.getTableName() + SymbolConstant.COMMA + duplicateCheckVo.getFieldName() + SymbolConstant.COMMA;
+        String checkSql = duplicateCheckVo.getTableName() + SymbolConstant.COMMA + duplicateCheckVo.getFieldName() + SymbolConstant.COMMA;
-		if(!dictQueryBlackListHandler.isPass(checkSql)){
+        if (!dictQueryBlackListHandler.isPass(checkSql)) {
-			return Result.error(dictQueryBlackListHandler.getError());
+            return Result.error(dictQueryBlackListHandler.getError());
-		}
+        }
-		//update-end-author:taoyan date:20220329 for: VUEN-223【安全漏洞】当前被攻击的接口
+        //update-end-author:taoyan date:20220329 for: VUEN-223【安全漏洞】当前被攻击的接口
-		// update-end-author:taoyan date:20211227 for: JTC-25 【online报表】oracle 操作问题 录入弹框啥都不填直接保存 ①编码不是应该提示必填么？②报错也应该是具体文字提示，不是后台错误日志
+        // update-end-author:taoyan date:20211227 for: JTC-25 【online报表】oracle 操作问题 录入弹框啥都不填直接保存 ①编码不是应该提示必填么？②报错也应该是具体文字提示，不是后台错误日志
-		if (StringUtils.isNotBlank(duplicateCheckVo.getDataId())) {
+        if (StringUtils.isNotBlank(duplicateCheckVo.getDataId())) {
-			// [2].编辑页面校验
+            // [2].编辑页面校验
-			num = sysDictMapper.duplicateCheckCountSql(duplicateCheckVo);
+            num = sysDictMapper.duplicateCheckCountSql(duplicateCheckVo);
-		} else {
+        } else {
-			// [1].添加页面校验
+            // [1].添加页面校验
-			num = sysDictMapper.duplicateCheckCountSqlNoDataId(duplicateCheckVo);
+            num = sysDictMapper.duplicateCheckCountSqlNoDataId(duplicateCheckVo);
-		}
+        }
-		if (num == null || num == 0) {
+        if (num == null || num == 0) {
-			// 该值可用
+            // 该值可用
-			return Result.ok("该值可用！");
+            return Result.ok("该值可用！");
-		} else {
+        } else {
-			// 该值不可用
+            // 该值不可用
-			log.info("该值不可用，系统中已存在！");
+            log.info("该值不可用，系统中已存在！");
 //			return Result.error("该值不可用，系统中已存在！");
-			return Result.error("");
+            return Result.error("");
-		}
+        }
-	}
+    }
+    /**
+     * 校验用户相关信息是否存在
+     *
+     * @return
+     */
+//    @RequestMapping(value = "/checkUser", method = RequestMethod.GET)
+//    @ApiOperation("校验用户相关信息是否存在")
+//    public Result<String> checkUser(@ApiParam(name = "需要校验的参数", required = true) String name,@ApiParam(name = "类型", required = true) String type) {
+//        LambdaQueryWrapper<SysUser> lambdaQuery = Wrappers.lambdaQuery();
+//        if("1".equals(type)){
+//            lambdaQuery.eq(SysUser::getUsername, name);
+//        }
+//        if("2".equals(type)){
+//            lambdaQuery.eq(SysUser::getRealname, name);
+//        }
+//        if("3".equals(type)){
+//            lambdaQuery.eq(SysUser::getWorkNo, name);
+//        }
+//        if("4".equals(type)){
+//            lambdaQuery.eq(SysUser::getPhone, name);
+//        }
+//        lambdaQuery.eq(SysUser::getDelFlag, 0);
+//        List<SysUser> list = sysUserService.list(lambdaQuery);
+//        if (list != null && list.size() > 0) {
+//			return Result.error("参数已存在");
+//        }
+//        return Result.ok("");
+//    }
 	/**
-	 * VUEN-2584【issue】平台sql注入漏洞几个问题
+     * VUEN-2584【issue】平台sql注入漏洞几个问题
-	 * 部分特殊函数 可以将查询结果混夹在错误信息中，导致数据库的信息暴露
+     * 部分特殊函数 可以将查询结果混夹在错误信息中，导致数据库的信息暴露
-	 * @param e
+     *
-	 * @return
+     * @param e
-	 */
+     * @return
-	@ExceptionHandler(java.sql.SQLException.class)
+     */
-	public Result<?> handleSQLException(Exception e){
+    @ExceptionHandler(java.sql.SQLException.class)
-		String msg = e.getMessage();
+    public Result<?> handleSQLException(Exception e) {
-		String extractvalue = "extractvalue";
+        String msg = e.getMessage();
-		String updatexml = "updatexml";
+        String extractvalue = "extractvalue";
-		if(msg!=null && (msg.toLowerCase().indexOf(extractvalue)>=0 || msg.toLowerCase().indexOf(updatexml)>=0)){
+        String updatexml = "updatexml";
-			return Result.error("校验失败，sql解析异常！");
+        if (msg != null && (msg.toLowerCase().indexOf(extractvalue) >= 0 || msg.toLowerCase().indexOf(updatexml) >= 0)) {
-		}
+            return Result.error("校验失败，sql解析异常！");
-		return Result.error("校验失败，sql解析异常！" + msg);
+        }
-	}
+        return Result.error("校验失败，sql解析异常！" + msg);
+    }
 }
--- a/jeecg-module-system/src/main/java/org/jeecg/modules/system/controller/SysUserController.java
+++ b/jeecg-module-system/src/main/java/org/jeecg/modules/system/controller/SysUserController.java
@@ -10,6 +10,7 @@ import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
 import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
 import com.baomidou.mybatisplus.core.conditions.update.UpdateWrapper;
 import com.baomidou.mybatisplus.core.metadata.IPage;
+import com.baomidou.mybatisplus.core.toolkit.Wrappers;
 import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
@@ -155,23 +156,23 @@ public class SysUserController {
        QueryWrapper<SysUser> queryWrapper = new QueryWrapper<>();
        //用户账号
        String username = req.getParameter("username");
-        if(ObjectUtil.isNotEmpty(username)){
+        if (ObjectUtil.isNotEmpty(username)) {
-            queryWrapper.like("username",username);
+            queryWrapper.like("username", username);
        }
        //用户姓名
        String realname = req.getParameter("realname");
-        if(ObjectUtil.isNotEmpty(realname)){
+        if (ObjectUtil.isNotEmpty(realname)) {
-            queryWrapper.like("realname",realname);
+            queryWrapper.like("realname", realname);
        }
        //性别
        String sex = req.getParameter("sex");
-        if(ObjectUtil.isNotEmpty(sex)){
+        if (ObjectUtil.isNotEmpty(sex)) {
-            queryWrapper.eq("sex",sex);
+            queryWrapper.eq("sex", sex);
        }
        //手机号码
        String phone = req.getParameter("phone");
-        if(ObjectUtil.isNotEmpty(phone)){
+        if (ObjectUtil.isNotEmpty(phone)) {
-            queryWrapper.like("phone",phone);
+            queryWrapper.like("phone", phone);
        }
        return sysUserService.queryPageList(req, queryWrapper, pageSize, pageNo);
    }
@@ -185,6 +186,35 @@ public class SysUserController {
        String selectedDeparts = jsonObject.getString("selecteddeparts");
        try {
            SysUser user = JSON.parseObject(jsonObject.toJSONString(), SysUser.class);
+            LambdaQueryWrapper<SysUser> lambdaQuery = Wrappers.lambdaQuery();
+            lambdaQuery.eq(SysUser::getUsername, user.getUsername());
+            lambdaQuery.eq(SysUser::getDelFlag,0);
+            List<SysUser> list = sysUserService.list(lambdaQuery);
+            if (list != null && list.size() > 0) {
+                return Result.error("登录账号已存在");
+            }
+            LambdaQueryWrapper<SysUser> workNoQuery = Wrappers.lambdaQuery();
+            workNoQuery.eq(SysUser::getWorkNo, user.getWorkNo());
+            workNoQuery.eq(SysUser::getDelFlag,0);
+            List<SysUser> workNoList = sysUserService.list(workNoQuery);
+            if (workNoList != null && workNoList.size() > 0) {
+                return Result.error("工号已存在");
+            }
+            LambdaQueryWrapper<SysUser> phoneQuery = Wrappers.lambdaQuery();
+            phoneQuery.eq(SysUser::getPhone, user.getPhone());
+            phoneQuery.eq(SysUser::getDelFlag,0);
+            List<SysUser> phoneList = sysUserService.list(phoneQuery);
+            if (phoneList != null && phoneList.size() > 0) {
+                return Result.error("手机号码已存在");
+            }
+            LambdaQueryWrapper<SysUser> emailQuery = Wrappers.lambdaQuery();
+            emailQuery.eq(SysUser::getEmail, user.getEmail());
+            emailQuery.eq(SysUser::getDelFlag,0);
+            List<SysUser> emailList = sysUserService.list(emailQuery);
+            if (emailList != null && emailList.size() > 0) {
+                return Result.error("邮箱已存在");
+            }
            user.setCreateTime(new Date());//设置创建时间
            String salt = oConvertUtils.randomGen(8);
            user.setSalt(salt);
@@ -219,6 +249,39 @@ public class SysUserController {
                result.error500("未找到对应实体");
            } else {
                SysUser user = JSON.parseObject(jsonObject.toJSONString(), SysUser.class);
+                LambdaQueryWrapper<SysUser> lambdaQuery = Wrappers.lambdaQuery();
+                lambdaQuery.eq(SysUser::getUsername, user.getUsername());
+                lambdaQuery.eq(SysUser::getDelFlag,0);
+                lambdaQuery.ne(SysUser::getId,user.getId());
+                List<SysUser> list = sysUserService.list(lambdaQuery);
+                if (list != null && list.size() > 0) {
+                    return Result.error("登录账号已存在");
+                }
+                LambdaQueryWrapper<SysUser> workNoQuery = Wrappers.lambdaQuery();
+                workNoQuery.eq(SysUser::getWorkNo, user.getWorkNo());
+                workNoQuery.eq(SysUser::getDelFlag,0);
+                workNoQuery.ne(SysUser::getId,user.getId());
+                List<SysUser> workNoList = sysUserService.list(workNoQuery);
+                if (workNoList != null && workNoList.size() > 0) {
+                    return Result.error("工号已存在");
+                }
+                LambdaQueryWrapper<SysUser> phoneQuery = Wrappers.lambdaQuery();
+                phoneQuery.eq(SysUser::getPhone, user.getPhone());
+                phoneQuery.eq(SysUser::getDelFlag,0);
+                phoneQuery.ne(SysUser::getId,user.getId());
+                List<SysUser> phoneList = sysUserService.list(phoneQuery);
+                if (phoneList != null && phoneList.size() > 0) {
+                    return Result.error("手机号码已存在");
+                }
+                LambdaQueryWrapper<SysUser> emailQuery = Wrappers.lambdaQuery();
+                emailQuery.eq(SysUser::getEmail, user.getEmail());
+                emailQuery.eq(SysUser::getDelFlag,0);
+                emailQuery.ne(SysUser::getId,user.getId());
+                List<SysUser> emailList = sysUserService.list(emailQuery);
+                if (emailList != null && emailList.size() > 0) {
+                    return Result.error("邮箱已存在");
+                }
                user.setUpdateTime(new Date());
                //String passwordEncode = PasswordUtil.encrypt(user.getUsername(), user.getPassword(), sysUser.getSalt());
                user.setPassword(sysUser.getPassword());

--- a/jeecg-module-system/src/main/java/org/jeecg/modules/system/service/impl/SysUserServiceImpl.java
+++ b/jeecg-module-system/src/main/java/org/jeecg/modules/system/service/impl/SysUserServiceImpl.java
@@ -134,6 +134,7 @@ public class SysUserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impl
 		//TODO 外部模拟登陆临时账号，列表不显示
 		queryWrapper.ne("username", "_reserve_user_external");
+		queryWrapper.eq("del_flag",0);
 		Page<SysUser> page = new Page<SysUser>(pageNo, pageSize);
 		IPage<SysUser> pageList = this.page(page, queryWrapper);