!80 up spring boot 2.3.5

Merge pull request !80 from lengleng/dev

!80 up spring boot 2.3.5
Merge pull request !80 from lengleng/dev
8e9aaafd · pig_冷冷 · Gitee · 2f3fd1cb · 7f1f31c2 · 8e9aaafd
24 changed file
--- a/README.md
+++ b/README.md
@@ -18,12 +18,12 @@
 | 依赖                   | 版本          |
 | ---------------------- | ------------- |
-| Spring Boot            | 2.3.4.RELEASE |
+| Spring Boot            | 2.3.5.RELEASE |
 | Spring Cloud           | Hoxton.SR8    |
 | Spring Cloud Alibaba   | 2.2.3.RELEASE |
 | Spring Security OAuth2 | 2.3.6         |
 | Mybatis Plus           | 3.4.0         |
-| hutool                 | 5.4.4         |
+| hutool                 | 5.4.7         |
 | Avue                   | 2.6.16        |
 ### 模块说明
@@ -99,7 +99,7 @@ mvn archetype:generate \
       -Dpackage=com.pig4cloud.pig.demo \
       -DarchetypeGroupId=com.pig4cloud.archetype \
       -DarchetypeArtifactId=pig-gen \
-       -DarchetypeVersion=2.10.0 \
+       -DarchetypeVersion=2.10.1 \
       -DarchetypeCatalog=local
 ```

--- a/pig-auth/pom.xml
+++ b/pig-auth/pom.xml
@@ -21,7 +21,7 @@
 	<parent>
 		<groupId>com.pig4cloud</groupId>
 		<artifactId>pig</artifactId>
-		<version>2.10.0</version>
+		<version>2.10.1</version>
 	</parent>
 	<artifactId>pig-auth</artifactId>
@@ -44,19 +44,19 @@
 		<dependency>
 			<groupId>com.pig4cloud</groupId>
 			<artifactId>pig-common-sentinel</artifactId>
-			<version>2.10.0</version>
+			<version>2.10.1</version>
 		</dependency>
 		<!--upms api、model 模块-->
 		<dependency>
 			<groupId>com.pig4cloud</groupId>
 			<artifactId>pig-upms-api</artifactId>
-			<version>2.10.0</version>
+			<version>2.10.1</version>
 		</dependency>
 		<!--security-->
 		<dependency>
 			<groupId>com.pig4cloud</groupId>
 			<artifactId>pig-common-security</artifactId>
-			<version>2.10.0</version>
+			<version>2.10.1</version>
 		</dependency>
 		<!--JDBC相关-->
 		<dependency>

--- a/pig-common/pig-common-core/pom.xml
+++ b/pig-common/pig-common-core/pom.xml
@@ -21,7 +21,7 @@
 	<parent>
 		<groupId>com.pig4cloud</groupId>
 		<artifactId>pig-common</artifactId>
-		<version>2.10.0</version>
+		<version>2.10.1</version>
 	</parent>
 	<artifactId>pig-common-core</artifactId>

--- a/pig-common/pig-common-core/src/main/java/com/pig4cloud/pig/common/core/mybatis/SqlFilterArgumentResolver.java
+++ b/pig-common/pig-common-core/src/main/java/com/pig4cloud/pig/common/core/mybatis/SqlFilterArgumentResolver.java
 /*
- * Copyright (c) 2020 pig4cloud Authors. All Rights Reserved.
 *
- * Licensed under the Apache License, Version 2.0 (the "License");
+ *  *  Copyright (c) 2019-2020, 冷冷 (wangiegie@gmail.com).
- * you may not use this file except in compliance with the License.
+ *  *  <p>
- * You may obtain a copy of the License at
+ *  *  Licensed under the GNU Lesser General Public License 3.0 (the "License");
+ *  *  you may not use this file except in compliance with the License.
+ *  *  You may obtain a copy of the License at
+ *  *  <p>
+ *  * https://www.gnu.org/licenses/lgpl.html
+ *  *  <p>
+ *  * Unless required by applicable law or agreed to in writing, software
+ *  * distributed under the License is distributed on an "AS IS" BASIS,
+ *  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  * See the License for the specific language governing permissions and
+ *  * limitations under the License.
 *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
 */
 package com.pig4cloud.pig.common.core.mybatis;
@@ -27,7 +29,11 @@ import org.springframework.web.method.support.HandlerMethodArgumentResolver;
 import org.springframework.web.method.support.ModelAndViewContainer;
 import javax.servlet.http.HttpServletRequest;
-import java.util.*;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.List;
+import java.util.Optional;
+import java.util.function.Predicate;
 import java.util.stream.Collectors;
 /**
@@ -39,6 +45,9 @@ import java.util.stream.Collectors;
 @Slf4j
 public class SqlFilterArgumentResolver implements HandlerMethodArgumentResolver {
+	private final static String[] KEYWORDS = { "master", "truncate", "insert", "select", "delete", "update", "declare",
+			"alter", "drop", "sleep" };
 	/**
 	 * 判断Controller是否包含page 参数
 	 * @param parameter 参数
@@ -69,7 +78,7 @@ public class SqlFilterArgumentResolver implements HandlerMethodArgumentResolver
 		String current = request.getParameter("current");
 		String size = request.getParameter("size");
-		Page<?> page = new Page<>();
+		Page page = new Page();
 		if (StrUtil.isNotBlank(current)) {
 			page.setCurrent(Long.parseLong(current));
 		}
@@ -79,32 +88,28 @@ public class SqlFilterArgumentResolver implements HandlerMethodArgumentResolver
 		}
 		List<OrderItem> orderItemList = new ArrayList<>();
-		Optional.ofNullable(ascs).ifPresent(s -> orderItemList.addAll(Arrays.stream(s).filter(StrUtil::isNotBlank)
+		Optional.ofNullable(ascs).ifPresent(s -> orderItemList.addAll(
-				.map(this::clear).map(OrderItem::asc).collect(Collectors.toList())));
+				Arrays.stream(s).filter(sqlInjectPredicate()).map(OrderItem::asc).collect(Collectors.toList())));
-		Optional.ofNullable(descs).ifPresent(s -> orderItemList.addAll(Arrays.stream(s).filter(StrUtil::isNotBlank)
+		Optional.ofNullable(descs).ifPresent(s -> orderItemList.addAll(
-				.map(this::clear).map(OrderItem::desc).collect(Collectors.toList())));
+				Arrays.stream(s).filter(sqlInjectPredicate()).map(OrderItem::desc).collect(Collectors.toList())));
 		page.addOrder(orderItemList);
 		return page;
 	}
 	/**
-	 * 参数清理
+	 * 判断用户输入里面有没有关键字
-	 * @param param 参数
+	 * @return Predicate
-	 * @return String
 	 */
-	private String clear(String param) {
+	private Predicate<String> sqlInjectPredicate() {
-		if (StrUtil.isBlank(param)) {
+		return sql -> {
-			return StrUtil.trim(param);
+			for (String keyword : KEYWORDS) {
-		}
+				if (StrUtil.containsIgnoreCase(sql, keyword)) {
-		StringBuilder builder = new StringBuilder();
+					return false;
-		for (int i = 0; i < param.length(); i++) {
-			char c = param.charAt(i);
-			if (Character.isJavaIdentifierPart(c)) {
-				builder.append(c);
 				}
 			}
-		return builder.toString();
+			return true;
+		};
 	}
 }
--- a/pig-common/pig-common-datasource/pom.xml
+++ b/pig-common/pig-common-datasource/pom.xml
@@ -21,7 +21,7 @@
 	<parent>
 		<artifactId>pig-common</artifactId>
 		<groupId>com.pig4cloud</groupId>
-		<version>2.10.0</version>
+		<version>2.10.1</version>
 	</parent>
 	<modelVersion>4.0.0</modelVersion>

--- a/pig-common/pig-common-job/pom.xml
+++ b/pig-common/pig-common-job/pom.xml
@@ -23,7 +23,7 @@
 	<parent>
 		<groupId>com.pig4cloud</groupId>
 		<artifactId>pig-common</artifactId>
-		<version>2.10.0</version>
+		<version>2.10.1</version>
 	</parent>
 	<artifactId>pig-common-job</artifactId>

--- a/pig-common/pig-common-log/pom.xml
+++ b/pig-common/pig-common-log/pom.xml
@@ -21,7 +21,7 @@
 	<parent>
 		<groupId>com.pig4cloud</groupId>
 		<artifactId>pig-common</artifactId>
-		<version>2.10.0</version>
+		<version>2.10.1</version>
 	</parent>
 	<artifactId>pig-common-log</artifactId>
@@ -35,13 +35,13 @@
 		<dependency>
 			<groupId>com.pig4cloud</groupId>
 			<artifactId>pig-common-core</artifactId>
-			<version>2.10.0</version>
+			<version>2.10.1</version>
 		</dependency>
 		<!--UPMS接口模块-->
 		<dependency>
 			<groupId>com.pig4cloud</groupId>
 			<artifactId>pig-upms-api</artifactId>
-			<version>2.10.0</version>
+			<version>2.10.1</version>
 		</dependency>
 		<!--安全依赖获取上下文信息-->
 		<dependency>

--- a/pig-common/pig-common-mybatis/pom.xml
+++ b/pig-common/pig-common-mybatis/pom.xml
@@ -21,7 +21,7 @@
 	<parent>
 		<groupId>com.pig4cloud</groupId>
 		<artifactId>pig-common</artifactId>
-		<version>2.10.0</version>
+		<version>2.10.1</version>
 	</parent>
 	<artifactId>pig-common-mybatis</artifactId>

--- a/pig-common/pig-common-security/pom.xml
+++ b/pig-common/pig-common-security/pom.xml
@@ -21,7 +21,7 @@
 	<parent>
 		<groupId>com.pig4cloud</groupId>
 		<artifactId>pig-common</artifactId>
-		<version>2.10.0</version>
+		<version>2.10.1</version>
 	</parent>
 	<artifactId>pig-common-security</artifactId>
@@ -35,7 +35,7 @@
 		<dependency>
 			<groupId>com.pig4cloud</groupId>
 			<artifactId>pig-common-core</artifactId>
-			<version>2.10.0</version>
+			<version>2.10.1</version>
 		</dependency>
 		<!--安全模块-->
 		<dependency>
@@ -50,7 +50,7 @@
 		<dependency>
 			<groupId>com.pig4cloud</groupId>
 			<artifactId>pig-upms-api</artifactId>
-			<version>2.10.0</version>
+			<version>2.10.1</version>
 		</dependency>
 	</dependencies>
 </project>
--- a/pig-common/pig-common-sentinel/pom.xml
+++ b/pig-common/pig-common-sentinel/pom.xml
@@ -21,7 +21,7 @@
 	<parent>
 		<groupId>com.pig4cloud</groupId>
 		<artifactId>pig-common</artifactId>
-		<version>2.10.0</version>
+		<version>2.10.1</version>
 	</parent>
 	<modelVersion>4.0.0</modelVersion>
@@ -32,7 +32,7 @@
 		<dependency>
 			<groupId>com.pig4cloud</groupId>
 			<artifactId>pig-common-core</artifactId>
-			<version>2.10.0</version>
+			<version>2.10.1</version>
 		</dependency>
 		<dependency>
 			<groupId>com.alibaba.cloud</groupId>

--- a/pig-common/pig-common-swagger/pom.xml
+++ b/pig-common/pig-common-swagger/pom.xml
@@ -24,7 +24,7 @@
 	<parent>
 		<groupId>com.pig4cloud</groupId>
 		<artifactId>pig-common</artifactId>
-		<version>2.10.0</version>
+		<version>2.10.1</version>
 	</parent>
 	<artifactId>pig-common-swagger</artifactId>

--- a/pig-common/pig-common-test/pom.xml
+++ b/pig-common/pig-common-test/pom.xml
@@ -6,7 +6,7 @@
 	<parent>
 		<groupId>com.pig4cloud</groupId>
 		<artifactId>pig-common</artifactId>
-		<version>2.10.0</version>
+		<version>2.10.1</version>
 	</parent>
 	<artifactId>pig-common-test</artifactId>
@@ -18,7 +18,7 @@
 		<dependency>
 			<groupId>com.pig4cloud</groupId>
 			<artifactId>pig-common-security</artifactId>
-			<version>2.10.0</version>
+			<version>2.10.1</version>
 		</dependency>
 		<dependency>
 			<groupId>org.springframework.security</groupId>

--- a/pig-common/pom.xml
+++ b/pig-common/pom.xml
@@ -21,7 +21,7 @@
 	<parent>
 		<groupId>com.pig4cloud</groupId>
 		<artifactId>pig</artifactId>
-		<version>2.10.0</version>
+		<version>2.10.1</version>
 	</parent>
 	<artifactId>pig-common</artifactId>

--- a/pig-gateway/pom.xml
+++ b/pig-gateway/pom.xml
@@ -21,7 +21,7 @@
 	<parent>
 		<groupId>com.pig4cloud</groupId>
 		<artifactId>pig</artifactId>
-		<version>2.10.0</version>
+		<version>2.10.1</version>
 	</parent>
 	<artifactId>pig-gateway</artifactId>

--- a/pig-register/pom.xml
+++ b/pig-register/pom.xml
@@ -18,7 +18,7 @@
 	<parent>
 		<groupId>com.pig4cloud</groupId>
 		<artifactId>pig</artifactId>
-		<version>2.10.0</version>
+		<version>2.10.1</version>
 	</parent>
 	<artifactId>pig-register</artifactId>

--- a/pig-upms/pig-upms-api/pom.xml
+++ b/pig-upms/pig-upms-api/pom.xml
@@ -21,7 +21,7 @@
 	<parent>
 		<groupId>com.pig4cloud</groupId>
 		<artifactId>pig-upms</artifactId>
-		<version>2.10.0</version>
+		<version>2.10.1</version>
 	</parent>
 	<artifactId>pig-upms-api</artifactId>

--- a/pig-upms/pig-upms-biz/pom.xml
+++ b/pig-upms/pig-upms-biz/pom.xml
@@ -21,7 +21,7 @@
 	<parent>
 		<groupId>com.pig4cloud</groupId>
 		<artifactId>pig-upms</artifactId>
-		<version>2.10.0</version>
+		<version>2.10.1</version>
 	</parent>
 	<artifactId>pig-upms-biz</artifactId>

--- a/pig-upms/pom.xml
+++ b/pig-upms/pom.xml
@@ -21,7 +21,7 @@
 	<parent>
 		<groupId>com.pig4cloud</groupId>
 		<artifactId>pig</artifactId>
-		<version>2.10.0</version>
+		<version>2.10.1</version>
 	</parent>
 	<artifactId>pig-upms</artifactId>

--- a/pig-visual/pig-codegen/pom.xml
+++ b/pig-visual/pig-codegen/pom.xml
@@ -22,7 +22,7 @@
 	<parent>
 		<groupId>com.pig4cloud</groupId>
 		<artifactId>pig-visual</artifactId>
-		<version>2.10.0</version>
+		<version>2.10.1</version>
 	</parent>
 	<artifactId>pig-codegen</artifactId>

--- a/pig-visual/pig-monitor/pom.xml
+++ b/pig-visual/pig-monitor/pom.xml
@@ -21,7 +21,7 @@
 	<parent>
 		<groupId>com.pig4cloud</groupId>
 		<artifactId>pig-visual</artifactId>
-		<version>2.10.0</version>
+		<version>2.10.1</version>
 	</parent>
 	<artifactId>pig-monitor</artifactId>

--- a/pig-visual/pig-sentinel-dashboard/pom.xml
+++ b/pig-visual/pig-sentinel-dashboard/pom.xml
@@ -6,7 +6,7 @@
 	<parent>
 		<groupId>com.pig4cloud</groupId>
 		<artifactId>pig-visual</artifactId>
-		<version>2.10.0</version>
+		<version>2.10.1</version>
 	</parent>
 	<artifactId>pig-sentinel-dashboard</artifactId>

--- a/pig-visual/pig-xxl-job-admin/pom.xml
+++ b/pig-visual/pig-xxl-job-admin/pom.xml
@@ -4,7 +4,7 @@
 	<parent>
 		<groupId>com.pig4cloud</groupId>
 		<artifactId>pig-visual</artifactId>
-		<version>2.10.0</version>
+		<version>2.10.1</version>
 	</parent>
 	<artifactId>pig-xxl-job-admin</artifactId>

--- a/pig-visual/pom.xml
+++ b/pig-visual/pom.xml
@@ -21,7 +21,7 @@
 	<parent>
 		<groupId>com.pig4cloud</groupId>
 		<artifactId>pig</artifactId>
-		<version>2.10.0</version>
+		<version>2.10.1</version>
 	</parent>
 	<artifactId>pig-visual</artifactId>

--- a/pom.xml
+++ b/pom.xml
@@ -28,20 +28,20 @@
 	<groupId>com.pig4cloud</groupId>
 	<artifactId>pig</artifactId>
-	<version>2.10.0</version>
+	<version>2.10.1</version>
 	<name>${project.artifactId}</name>
 	<packaging>pom</packaging>
 	<url>https://www.pig4cloud.com</url>
 	<properties>
-		<spring-boot.version>2.3.4.RELEASE</spring-boot.version>
+		<spring-boot.version>2.3.5.RELEASE</spring-boot.version>
 		<spring-cloud.version>Hoxton.SR8</spring-cloud.version>
 		<spring-cloud-alibaba.version>2.2.3.RELEASE</spring-cloud-alibaba.version>
 		<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
 		<maven.compiler.source>1.8</maven.compiler.source>
 		<maven.compiler.target>1.8</maven.compiler.target>
 		<spring-boot-admin.version>2.3.0</spring-boot-admin.version>
-		<hutool.version>5.4.6</hutool.version>
+		<hutool.version>5.4.7</hutool.version>
 		<mybatis-plus.version>3.4.0</mybatis-plus.version>
 		<dynamic-ds.version>3.2.0</dynamic-ds.version>
 		<captcha.version>2.2.0</captcha.version>