diff --git a/escheduler-api/src/main/java/cn/escheduler/api/controller/AccessTokenController.java b/escheduler-api/src/main/java/cn/escheduler/api/controller/AccessTokenController.java index 27ac1772a083c620a9154d524d25c40a92804b5c..103709c50213d88515290b5db09031309744dc32 100644 --- a/escheduler-api/src/main/java/cn/escheduler/api/controller/AccessTokenController.java +++ b/escheduler-api/src/main/java/cn/escheduler/api/controller/AccessTokenController.java @@ -22,6 +22,7 @@ import cn.escheduler.api.service.AccessTokenService; import cn.escheduler.api.service.UsersService; import cn.escheduler.api.utils.Constants; import cn.escheduler.api.utils.Result; +import cn.escheduler.common.utils.ParameterUtils; import cn.escheduler.dao.model.User; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -113,6 +114,7 @@ public class AccessTokenController extends BaseController{ if(result.get(Constants.STATUS) != Status.SUCCESS){ return returnDataListPaging(result); } + searchVal = ParameterUtils.handleEscapes(searchVal); result = accessTokenService.queryAccessTokenList(loginUser, searchVal, pageNo, pageSize); return returnDataListPaging(result); }catch (Exception e){ diff --git a/escheduler-api/src/main/java/cn/escheduler/api/controller/AlertGroupController.java b/escheduler-api/src/main/java/cn/escheduler/api/controller/AlertGroupController.java index 759f9009e2c1ba711cd886a2a4f982f627cbab54..bf61cf76e3279fec1c690783e6811279fe380069 100644 --- a/escheduler-api/src/main/java/cn/escheduler/api/controller/AlertGroupController.java +++ b/escheduler-api/src/main/java/cn/escheduler/api/controller/AlertGroupController.java @@ -20,6 +20,7 @@ import cn.escheduler.api.service.AlertGroupService; import cn.escheduler.api.utils.Constants; import cn.escheduler.api.utils.Result; import cn.escheduler.common.enums.AlertType; +import cn.escheduler.common.utils.ParameterUtils; import cn.escheduler.dao.model.User; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -109,6 +110,7 @@ public class AlertGroupController extends BaseController{ return returnDataListPaging(result); } + searchVal = ParameterUtils.handleEscapes(searchVal); result = alertGroupService.listPaging(loginUser, searchVal, pageNo, pageSize); return returnDataListPaging(result); }catch (Exception e){ diff --git a/escheduler-api/src/main/java/cn/escheduler/api/controller/DataSourceController.java b/escheduler-api/src/main/java/cn/escheduler/api/controller/DataSourceController.java index be8149b18a71ca5f61044042211d79e699919024..fcaf2beae96f6fb101d02afce905fff710d08dcc 100644 --- a/escheduler-api/src/main/java/cn/escheduler/api/controller/DataSourceController.java +++ b/escheduler-api/src/main/java/cn/escheduler/api/controller/DataSourceController.java @@ -21,6 +21,7 @@ import cn.escheduler.api.service.DataSourceService; import cn.escheduler.api.utils.Constants; import cn.escheduler.api.utils.Result; import cn.escheduler.common.enums.DbType; +import cn.escheduler.common.utils.ParameterUtils; import cn.escheduler.dao.model.User; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -182,6 +183,7 @@ public class DataSourceController extends BaseController { if (result.get(Constants.STATUS) != Status.SUCCESS) { return returnDataListPaging(result); } + searchVal = ParameterUtils.handleEscapes(searchVal); result = dataSourceService.queryDataSourceListPaging(loginUser, searchVal, pageNo, pageSize); return returnDataListPaging(result); } catch (Exception e) { diff --git a/escheduler-api/src/main/java/cn/escheduler/api/controller/ProcessDefinitionController.java b/escheduler-api/src/main/java/cn/escheduler/api/controller/ProcessDefinitionController.java index ec1f38b0ced4133944fe4625038397601388557a..4678425e308fa4407ad936dfe5da3cf598a85dd1 100644 --- a/escheduler-api/src/main/java/cn/escheduler/api/controller/ProcessDefinitionController.java +++ b/escheduler-api/src/main/java/cn/escheduler/api/controller/ProcessDefinitionController.java @@ -20,6 +20,7 @@ import cn.escheduler.api.enums.Status; import cn.escheduler.api.service.ProcessDefinitionService; import cn.escheduler.api.utils.Constants; import cn.escheduler.api.utils.Result; +import cn.escheduler.common.utils.ParameterUtils; import cn.escheduler.dao.model.User; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -235,6 +236,7 @@ public class ProcessDefinitionController extends BaseController{ if(result.get(Constants.STATUS) != Status.SUCCESS){ return returnDataListPaging(result); } + searchVal = ParameterUtils.handleEscapes(searchVal); result = processDefinitionService.queryProcessDefinitionListPaging(loginUser, projectName, searchVal, pageNo, pageSize, userId); return returnDataListPaging(result); }catch (Exception e){ diff --git a/escheduler-api/src/main/java/cn/escheduler/api/controller/ProcessInstanceController.java b/escheduler-api/src/main/java/cn/escheduler/api/controller/ProcessInstanceController.java index 323e240d7921383f30e5a5efc6bcae2232e14d6f..2ae21ffb8978f9c1f00a538a2a6d0002bb76b642 100644 --- a/escheduler-api/src/main/java/cn/escheduler/api/controller/ProcessInstanceController.java +++ b/escheduler-api/src/main/java/cn/escheduler/api/controller/ProcessInstanceController.java @@ -22,6 +22,7 @@ import cn.escheduler.api.utils.Constants; import cn.escheduler.api.utils.Result; import cn.escheduler.common.enums.ExecutionStatus; import cn.escheduler.common.enums.Flag; +import cn.escheduler.common.utils.ParameterUtils; import cn.escheduler.dao.model.User; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -72,6 +73,7 @@ public class ProcessInstanceController extends BaseController{ "search value:{},state type:{},host:{},start time:{}, end time:{},page number:{}, page size:{}", loginUser.getUserName(), projectName, processDefinitionId, searchVal, stateType,host, startTime, endTime, pageNo, pageSize); + searchVal = ParameterUtils.handleEscapes(searchVal); Map result = processInstanceService.queryProcessInstanceList( loginUser, projectName, processDefinitionId, startTime, endTime, searchVal, stateType, host, pageNo, pageSize); return returnDataListPaging(result); diff --git a/escheduler-api/src/main/java/cn/escheduler/api/controller/ProjectController.java b/escheduler-api/src/main/java/cn/escheduler/api/controller/ProjectController.java index b6ca222adca33120a20c77d25ebcac75a4f328f9..1a4b30c8899e875854d20b61c20d028ae806daeb 100644 --- a/escheduler-api/src/main/java/cn/escheduler/api/controller/ProjectController.java +++ b/escheduler-api/src/main/java/cn/escheduler/api/controller/ProjectController.java @@ -21,6 +21,7 @@ import cn.escheduler.api.enums.Status; import cn.escheduler.api.service.ProjectService; import cn.escheduler.api.utils.Constants; import cn.escheduler.api.utils.Result; +import cn.escheduler.common.utils.ParameterUtils; import cn.escheduler.dao.model.User; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -134,6 +135,7 @@ public class ProjectController extends BaseController { try { logger.info("login user {}, query project list paging", loginUser.getUserName()); + searchVal = ParameterUtils.handleEscapes(searchVal); Map result = projectService.queryProjectListPaging(loginUser, pageSize, pageNo, searchVal); return returnDataListPaging(result); } catch (Exception e) { diff --git a/escheduler-api/src/main/java/cn/escheduler/api/controller/QueueController.java b/escheduler-api/src/main/java/cn/escheduler/api/controller/QueueController.java index 29c01a148346df9dff8af421f92b73006bcc14ce..89ac8f05c12d8280d196ab9151d75e41b109397f 100644 --- a/escheduler-api/src/main/java/cn/escheduler/api/controller/QueueController.java +++ b/escheduler-api/src/main/java/cn/escheduler/api/controller/QueueController.java @@ -21,6 +21,7 @@ import cn.escheduler.api.enums.Status; import cn.escheduler.api.service.QueueService; import cn.escheduler.api.utils.Constants; import cn.escheduler.api.utils.Result; +import cn.escheduler.common.utils.ParameterUtils; import cn.escheduler.dao.model.User; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -82,6 +83,7 @@ public class QueueController extends BaseController{ return returnDataListPaging(result); } + searchVal = ParameterUtils.handleEscapes(searchVal); result = queueService.queryList(loginUser,searchVal,pageNo,pageSize); return returnDataListPaging(result); }catch (Exception e){ diff --git a/escheduler-api/src/main/java/cn/escheduler/api/controller/ResourcesController.java b/escheduler-api/src/main/java/cn/escheduler/api/controller/ResourcesController.java index 12a03ca3197d9597d3d0ced510d1c07a3d071293..1574012d193a619a0b69a080eb8e4022e526855c 100644 --- a/escheduler-api/src/main/java/cn/escheduler/api/controller/ResourcesController.java +++ b/escheduler-api/src/main/java/cn/escheduler/api/controller/ResourcesController.java @@ -23,6 +23,7 @@ import cn.escheduler.api.utils.Constants; import cn.escheduler.api.utils.Result; import cn.escheduler.common.enums.ResourceType; import cn.escheduler.common.enums.UdfType; +import cn.escheduler.common.utils.ParameterUtils; import cn.escheduler.dao.model.User; import org.apache.commons.lang.StringUtils; import org.slf4j.Logger; @@ -146,6 +147,7 @@ public class ResourcesController extends BaseController{ return returnDataListPaging(result); } + searchVal = ParameterUtils.handleEscapes(searchVal); result = resourceService.queryResourceListPaging(loginUser,type,searchVal,pageNo, pageSize); return returnDataListPaging(result); }catch (Exception e){ diff --git a/escheduler-api/src/main/java/cn/escheduler/api/controller/SchedulerController.java b/escheduler-api/src/main/java/cn/escheduler/api/controller/SchedulerController.java index 8449bd1d38795f36c33a713c45b248647890ca04..5433ff04679096fa73f64bf7408a80e49b790b0f 100644 --- a/escheduler-api/src/main/java/cn/escheduler/api/controller/SchedulerController.java +++ b/escheduler-api/src/main/java/cn/escheduler/api/controller/SchedulerController.java @@ -24,6 +24,7 @@ import cn.escheduler.common.enums.FailureStrategy; import cn.escheduler.common.enums.Priority; import cn.escheduler.common.enums.ReleaseState; import cn.escheduler.common.enums.WarningType; +import cn.escheduler.common.utils.ParameterUtils; import cn.escheduler.dao.model.User; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -201,6 +202,7 @@ public class SchedulerController extends BaseController{ logger.info("login user {}, query schedule, project name: {}, process definition id: {}", loginUser.getUserName(), projectName, processDefinitionId); try { + searchVal = ParameterUtils.handleEscapes(searchVal); Map result = schedulerService.querySchedule(loginUser, projectName, processDefinitionId, searchVal, pageNo, pageSize); return returnDataListPaging(result); }catch (Exception e){ diff --git a/escheduler-api/src/main/java/cn/escheduler/api/controller/TaskInstanceController.java b/escheduler-api/src/main/java/cn/escheduler/api/controller/TaskInstanceController.java index d9d18923e0b531b609c7bb6c28f567f91cc93047..401f5e8f0affe19b3b2557bc7aaafb540b0dbd7a 100644 --- a/escheduler-api/src/main/java/cn/escheduler/api/controller/TaskInstanceController.java +++ b/escheduler-api/src/main/java/cn/escheduler/api/controller/TaskInstanceController.java @@ -21,6 +21,7 @@ import cn.escheduler.api.service.TaskInstanceService; import cn.escheduler.api.utils.Constants; import cn.escheduler.api.utils.Result; import cn.escheduler.common.enums.ExecutionStatus; +import cn.escheduler.common.utils.ParameterUtils; import cn.escheduler.dao.model.User; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -68,6 +69,7 @@ public class TaskInstanceController extends BaseController{ try{ logger.info("query task instance list, project name:{},process instance:{}, search value:{},task name:{}, state type:{}, host:{}, start:{}, end:{}", projectName, processInstanceId, searchVal, taskName, stateType, host, startTime, endTime); + searchVal = ParameterUtils.handleEscapes(searchVal); Map result = taskInstanceService.queryTaskListPaging( loginUser, projectName, processInstanceId, taskName, startTime, endTime, searchVal, stateType, host, pageNo, pageSize); return returnDataListPaging(result); diff --git a/escheduler-api/src/main/java/cn/escheduler/api/controller/TenantController.java b/escheduler-api/src/main/java/cn/escheduler/api/controller/TenantController.java index 2feb68783d40a6facc84a295def8e7e0b0fa96eb..46e5b2961dba886be7b29bac8fcf94c53b8dd82a 100644 --- a/escheduler-api/src/main/java/cn/escheduler/api/controller/TenantController.java +++ b/escheduler-api/src/main/java/cn/escheduler/api/controller/TenantController.java @@ -21,7 +21,9 @@ import cn.escheduler.api.enums.Status; import cn.escheduler.api.service.TenantService; import cn.escheduler.api.utils.Constants; import cn.escheduler.api.utils.Result; +import cn.escheduler.common.utils.ParameterUtils; import cn.escheduler.dao.model.User; +import org.apache.commons.lang3.StringUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; @@ -98,6 +100,7 @@ public class TenantController extends BaseController{ if(result.get(Constants.STATUS) != Status.SUCCESS){ return returnDataListPaging(result); } + searchVal = ParameterUtils.handleEscapes(searchVal); result = tenantService.queryTenantList(loginUser, searchVal, pageNo, pageSize); return returnDataListPaging(result); }catch (Exception e){ diff --git a/escheduler-api/src/main/java/cn/escheduler/api/controller/UsersController.java b/escheduler-api/src/main/java/cn/escheduler/api/controller/UsersController.java index 72f2eb31c24334de4577dd528f4bf79686bcb3c8..524ac73faa38fac8e2f01fe2d0b25f96dc0c2c94 100644 --- a/escheduler-api/src/main/java/cn/escheduler/api/controller/UsersController.java +++ b/escheduler-api/src/main/java/cn/escheduler/api/controller/UsersController.java @@ -21,6 +21,7 @@ import cn.escheduler.api.enums.Status; import cn.escheduler.api.service.UsersService; import cn.escheduler.api.utils.Constants; import cn.escheduler.api.utils.Result; +import cn.escheduler.common.utils.ParameterUtils; import cn.escheduler.dao.model.User; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -101,6 +102,7 @@ public class UsersController extends BaseController{ if(result.get(Constants.STATUS) != Status.SUCCESS){ return returnDataListPaging(result); } + searchVal = ParameterUtils.handleEscapes(searchVal); result = usersService.queryUserList(loginUser, searchVal, pageNo, pageSize); return returnDataListPaging(result); }catch (Exception e){ diff --git a/escheduler-api/src/main/java/cn/escheduler/api/controller/WorkerGroupController.java b/escheduler-api/src/main/java/cn/escheduler/api/controller/WorkerGroupController.java index 4843a8083ee1272948e1408ffd84a3d751413f1b..93ca2dfa3ce39e98d6964b619c30159b757e895d 100644 --- a/escheduler-api/src/main/java/cn/escheduler/api/controller/WorkerGroupController.java +++ b/escheduler-api/src/main/java/cn/escheduler/api/controller/WorkerGroupController.java @@ -21,6 +21,7 @@ import cn.escheduler.api.enums.Status; import cn.escheduler.api.service.WorkerGroupService; import cn.escheduler.api.utils.Constants; import cn.escheduler.api.utils.Result; +import cn.escheduler.common.utils.ParameterUtils; import cn.escheduler.dao.model.User; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -90,6 +91,7 @@ public class WorkerGroupController extends BaseController{ loginUser.getUserName() , pageNo, pageSize, searchVal); try { + searchVal = ParameterUtils.handleEscapes(searchVal); Map result = workerGroupService.queryAllGroupPaging(pageNo, pageSize, searchVal); return returnDataListPaging(result); }catch (Exception e){ diff --git a/escheduler-common/src/main/java/cn/escheduler/common/utils/ParameterUtils.java b/escheduler-common/src/main/java/cn/escheduler/common/utils/ParameterUtils.java index 055a77405187bdabf20ca6ca518e054808c6253f..50f4040ee6f2b3240da3f4b525290bb3816bcad0 100644 --- a/escheduler-common/src/main/java/cn/escheduler/common/utils/ParameterUtils.java +++ b/escheduler-common/src/main/java/cn/escheduler/common/utils/ParameterUtils.java @@ -159,4 +159,18 @@ public class ParameterUtils { } return null; } + + + /** + * handle escapes + * @param inputString + * @return + */ + public static String handleEscapes(String inputString){ + + if(StringUtils.isNotEmpty(inputString)){ + return inputString.replace("%", "////%"); + } + return inputString; + } }