From 2e8577da184c359ac1e268bc2ba20854f917537a Mon Sep 17 00:00:00 2001 From: o2sword <171715986@qq.com> Date: Mon, 15 Aug 2022 11:12:00 +0800 Subject: [PATCH] =?UTF-8?q?1=E3=80=81=E4=BF=AE=E5=A4=8D=E7=9B=AE=E5=BD=95?= =?UTF-8?q?=E9=81=8D=E5=8E=86=E9=97=AE=E9=A2=98=202=E3=80=81=E4=B8=AA?= =?UTF-8?q?=E4=BA=BA=E4=BF=A1=E6=81=AF=E4=BF=AE=E6=94=B9=E9=99=90=E5=88=B6?= =?UTF-8?q?=E4=BF=AE=E6=94=B9=E5=90=8D=E7=A7=B0=E3=80=81=E5=B7=A5=E5=8F=B7?= =?UTF-8?q?=E3=80=81=E5=94=AF=E4=B8=80=E7=BC=96=E7=A0=81?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../personal/jaxrs/person/ActionEdit.java | 10 ++-------- .../personal/jaxrs/person/BaseAction.java | 4 ++-- .../x/program/center/jaxrs/config/ActionOpen.java | 11 ++++++++--- .../jaxrs/config/ActionOpenRuntimeConfig.java | 8 ++++---- .../x/program/center/jaxrs/config/ActionSave.java | 15 ++++++++------- .../program/center/jaxrs/config/ConfigAction.java | 2 +- .../jaxrs/config/ExceptionIllegalFileName.java | 13 +++++++++++++ .../jaxrs/module/ActionDispatchResource.java | 6 ++++-- 8 files changed, 42 insertions(+), 27 deletions(-) create mode 100644 o2server/x_program_center/src/main/java/com/x/program/center/jaxrs/config/ExceptionIllegalFileName.java diff --git a/o2server/x_organization_assemble_personal/src/main/java/com/x/organization/assemble/personal/jaxrs/person/ActionEdit.java b/o2server/x_organization_assemble_personal/src/main/java/com/x/organization/assemble/personal/jaxrs/person/ActionEdit.java index 7a9cb7a289..de38a96e7f 100644 --- a/o2server/x_organization_assemble_personal/src/main/java/com/x/organization/assemble/personal/jaxrs/person/ActionEdit.java +++ b/o2server/x_organization_assemble_personal/src/main/java/com/x/organization/assemble/personal/jaxrs/person/ActionEdit.java @@ -38,9 +38,7 @@ class ActionEdit extends BaseAction { /** 从内存中pick出来的无法作为实体保存 */ person = emc.find(person.getId(), Person.class); Wi.copier.copy(wi, person); - this.checkName(business, person.getName(), person.getId()); this.checkMobile(business, person.getMobile(), person.getId()); - this.checkEmployee(business, person.getEmployee(), person.getId()); this.checkMail(business, person.getMail(), person.getId()); /** 不能更新person的superior 和 controllerList */ emc.beginTransaction(Person.class); @@ -61,17 +59,13 @@ class ActionEdit extends BaseAction { private static final long serialVersionUID = 1571810726944802231L; -// static WrapCopier copier = WrapCopierFactory.wi(Wi.class, Person.class, null, -// ListTools.toList(JpaObject.FieldsUnmodify, "icon", "iconMdpi", "iconLdpi", "pinyin", "pinyinInitial", -// "password", "passwordExpiredTime", "lastLoginTime", "lastLoginAddress", "lastLoginClient", -// "superior", "controllerList")); - static WrapCopier copier = WrapCopierFactory.wi(Wi.class, Person.class, null, ListTools.toList(JpaObject.FieldsUnmodify, Person.icon_FIELDNAME, Person.iconMdpi_FIELDNAME, Person.iconLdpi_FIELDNAME, Person.pinyin_FIELDNAME, Person.pinyinInitial_FIELDNAME, Person.password_FIELDNAME, Person.passwordExpiredTime_FIELDNAME, Person.lastLoginTime_FIELDNAME, Person.lastLoginAddress_FIELDNAME, Person.lastLoginClient_FIELDNAME, Person.superior_FIELDNAME, - Person.controllerList_FIELDNAME, Person.ipAddress_FIELDNAME)); + Person.controllerList_FIELDNAME, Person.ipAddress_FIELDNAME, Person.name_FIELDNAME, + Person.unique_FIELDNAME, Person.employee_FIELDNAME)); } public static class Wo extends WoId { diff --git a/o2server/x_organization_assemble_personal/src/main/java/com/x/organization/assemble/personal/jaxrs/person/BaseAction.java b/o2server/x_organization_assemble_personal/src/main/java/com/x/organization/assemble/personal/jaxrs/person/BaseAction.java index 490e837823..ba4aec1aee 100644 --- a/o2server/x_organization_assemble_personal/src/main/java/com/x/organization/assemble/personal/jaxrs/person/BaseAction.java +++ b/o2server/x_organization_assemble_personal/src/main/java/com/x/organization/assemble/personal/jaxrs/person/BaseAction.java @@ -120,7 +120,7 @@ abstract class BaseAction extends StandardJaxrsAction { protected void checkEmployee(Business business, String employee, String excludeId) throws Exception { if (StringUtils.isNotEmpty(employee)) { - if (StringUtils.isEmpty(employee) || (!StringTools.isSimply(employee))) { + if (!StringTools.isSimply(employee)) { throw new ExceptionInvalidEmployee(employee); } if (StringUtils.isNotEmpty(business.person().getWithEmployee(employee, excludeId))) { @@ -140,4 +140,4 @@ abstract class BaseAction extends StandardJaxrsAction { } } -} \ No newline at end of file +} diff --git a/o2server/x_program_center/src/main/java/com/x/program/center/jaxrs/config/ActionOpen.java b/o2server/x_program_center/src/main/java/com/x/program/center/jaxrs/config/ActionOpen.java index 5f7e8a9bf1..53e25ac833 100644 --- a/o2server/x_program_center/src/main/java/com/x/program/center/jaxrs/config/ActionOpen.java +++ b/o2server/x_program_center/src/main/java/com/x/program/center/jaxrs/config/ActionOpen.java @@ -6,6 +6,7 @@ import java.util.Date; import javax.servlet.http.HttpServletRequest; +import com.x.base.core.project.tools.StringTools; import org.apache.commons.io.FileUtils; import com.google.gson.JsonElement; @@ -19,8 +20,12 @@ import com.x.base.core.project.logger.LoggerFactory; import com.x.base.core.project.tools.DefaultCharset; import org.apache.commons.lang3.StringUtils; +/** + * 获取配置文件 + * @author sword + */ public class ActionOpen extends BaseAction { - private static Logger logger = LoggerFactory.getLogger(ActionOpen.class); + private static final Logger LOGGER = LoggerFactory.getLogger(ActionOpen.class); ActionResult execute(HttpServletRequest request, EffectivePerson effectivePerson,JsonElement jsonElement) throws Exception { ActionResult result = new ActionResult<>(); @@ -30,8 +35,8 @@ public class ActionOpen extends BaseAction { if (StringUtils.isBlank(fileName)) { throw new ExceptionNameEmpty(); } - if(fileName.indexOf(SLASH) > -1){ - throw new Exception("名称不能包含'/'!"); + if(!StringTools.isFileName(fileName)){ + throw new ExceptionIllegalFileName(fileName); } File file = new File(Config.base(),"config/"+fileName); diff --git a/o2server/x_program_center/src/main/java/com/x/program/center/jaxrs/config/ActionOpenRuntimeConfig.java b/o2server/x_program_center/src/main/java/com/x/program/center/jaxrs/config/ActionOpenRuntimeConfig.java index 50cfb21a7f..06f9c92e74 100644 --- a/o2server/x_program_center/src/main/java/com/x/program/center/jaxrs/config/ActionOpenRuntimeConfig.java +++ b/o2server/x_program_center/src/main/java/com/x/program/center/jaxrs/config/ActionOpenRuntimeConfig.java @@ -9,10 +9,10 @@ import com.x.base.core.project.http.EffectivePerson; import com.x.base.core.project.logger.Logger; import com.x.base.core.project.logger.LoggerFactory; import com.x.base.core.project.tools.DefaultCharset; +import com.x.base.core.project.tools.StringTools; import org.apache.commons.io.FileUtils; import org.apache.commons.lang3.StringUtils; -import javax.servlet.http.HttpServletRequest; import java.io.File; /** @@ -20,7 +20,7 @@ import java.io.File; * @author sword */ public class ActionOpenRuntimeConfig extends BaseAction { - private static Logger logger = LoggerFactory.getLogger(ActionOpenRuntimeConfig.class); + private static final Logger LOGGER = LoggerFactory.getLogger(ActionOpenRuntimeConfig.class); ActionResult execute(EffectivePerson effectivePerson,JsonElement jsonElement) throws Exception { ActionResult result = new ActionResult<>(); @@ -30,8 +30,8 @@ public class ActionOpenRuntimeConfig extends BaseAction { if (StringUtils.isBlank(fileName)) { throw new ExceptionNameEmpty(); } - if(fileName.indexOf(SLASH) > -1){ - throw new Exception("名称不能包含'/'!"); + if(!StringTools.isFileName(fileName)){ + throw new ExceptionIllegalFileName(fileName); } File file = new File(Config.base(),"config/"+fileName); diff --git a/o2server/x_program_center/src/main/java/com/x/program/center/jaxrs/config/ActionSave.java b/o2server/x_program_center/src/main/java/com/x/program/center/jaxrs/config/ActionSave.java index 45359e4a25..f3e4fc9eca 100644 --- a/o2server/x_program_center/src/main/java/com/x/program/center/jaxrs/config/ActionSave.java +++ b/o2server/x_program_center/src/main/java/com/x/program/center/jaxrs/config/ActionSave.java @@ -13,6 +13,7 @@ import java.util.Map; import javax.servlet.http.HttpServletRequest; +import com.x.base.core.project.tools.StringTools; import org.apache.commons.lang3.BooleanUtils; import com.google.gson.Gson; @@ -35,9 +36,9 @@ import org.apache.commons.lang3.StringUtils; * @author sword */ public class ActionSave extends BaseAction { - private static Logger logger = LoggerFactory.getLogger(ActionSave.class); + private static final Logger LOGGER = LoggerFactory.getLogger(ActionSave.class); - ActionResult execute(HttpServletRequest request, EffectivePerson effectivePerson, JsonElement jsonElement) + ActionResult execute(EffectivePerson effectivePerson, JsonElement jsonElement) throws Exception { ActionResult result = new ActionResult<>(); Wi wi = this.convertToWrapIn(jsonElement, Wi.class); @@ -48,8 +49,8 @@ public class ActionSave extends BaseAction { if (StringUtils.isBlank(fileName)) { throw new ExceptionNameEmpty(); } - if(fileName.indexOf(SLASH) > -1){ - throw new IllegalAccessException("名称不能包含'/'!"); + if(!StringTools.isFileName(fileName)){ + throw new ExceptionIllegalFileName(fileName); } String data = wi.getFileContent(); @@ -80,7 +81,7 @@ public class ActionSave extends BaseAction { try { Thread.sleep(1000); } catch (InterruptedException e) { - logger.error(e); + LOGGER.error(e); } this.configFlush(effectivePerson); @@ -124,11 +125,11 @@ public class ActionSave extends BaseAction { dos.write(bytes, 0, length); dos.flush(); } - logger.info("同步文件{}到节点{}完成.......", syncFilePath, nodeName); + LOGGER.info("同步文件{}到节点{}完成.......", syncFilePath, nodeName); } syncFileFlag = true; } catch (Exception ex) { - logger.warn("同步文件{}到节点{}异常:{}", syncFilePath, nodeName, ex.getMessage()); + LOGGER.warn("同步文件{}到节点{}异常:{}", syncFilePath, nodeName, ex.getMessage()); syncFileFlag = false; } return syncFileFlag; diff --git a/o2server/x_program_center/src/main/java/com/x/program/center/jaxrs/config/ConfigAction.java b/o2server/x_program_center/src/main/java/com/x/program/center/jaxrs/config/ConfigAction.java index cb70f6542e..4d827b0a28 100644 --- a/o2server/x_program_center/src/main/java/com/x/program/center/jaxrs/config/ConfigAction.java +++ b/o2server/x_program_center/src/main/java/com/x/program/center/jaxrs/config/ConfigAction.java @@ -318,7 +318,7 @@ public class ConfigAction extends StandardJaxrsAction { ActionResult result = new ActionResult<>(); EffectivePerson effectivePerson = this.effectivePerson(request); try { - result = new ActionSave().execute(request, effectivePerson, jsonElement); + result = new ActionSave().execute(effectivePerson, jsonElement); } catch (Exception e) { LOGGER.error(e, effectivePerson, request, null); result.error(e); diff --git a/o2server/x_program_center/src/main/java/com/x/program/center/jaxrs/config/ExceptionIllegalFileName.java b/o2server/x_program_center/src/main/java/com/x/program/center/jaxrs/config/ExceptionIllegalFileName.java new file mode 100644 index 0000000000..282cdf9621 --- /dev/null +++ b/o2server/x_program_center/src/main/java/com/x/program/center/jaxrs/config/ExceptionIllegalFileName.java @@ -0,0 +1,13 @@ +package com.x.program.center.jaxrs.config; + +import com.x.base.core.project.exception.LanguagePromptException; + +class ExceptionIllegalFileName extends LanguagePromptException { + + private static final long serialVersionUID = -8324509965998709044L; + + public ExceptionIllegalFileName(String name) { + super("无效的文件名称:{}.", name); + } + +} diff --git a/o2server/x_program_center/src/main/java/com/x/program/center/jaxrs/module/ActionDispatchResource.java b/o2server/x_program_center/src/main/java/com/x/program/center/jaxrs/module/ActionDispatchResource.java index c328e15e83..49af8b754c 100644 --- a/o2server/x_program_center/src/main/java/com/x/program/center/jaxrs/module/ActionDispatchResource.java +++ b/o2server/x_program_center/src/main/java/com/x/program/center/jaxrs/module/ActionDispatchResource.java @@ -2,6 +2,7 @@ package com.x.program.center.jaxrs.module; import java.io.File; +import com.x.base.core.project.tools.StringTools; import org.apache.commons.lang3.BooleanUtils; import org.apache.commons.lang3.StringUtils; import org.glassfish.jersey.media.multipart.FormDataContentDisposition; @@ -34,8 +35,9 @@ class ActionDispatchResource extends BaseAction { if (StringUtils.isEmpty(file)) { file = this.fileName(disposition); } - if ((file.indexOf("/") > -1) || (!file.toLowerCase().endsWith(".zip") && StringUtils.isEmpty(filePath)) - || (bytes == null || bytes.length == 0)) { + boolean flag = (!StringTools.isFileName(file)) || (!file.toLowerCase().endsWith(".zip") && StringUtils.isEmpty(filePath)) + || (bytes == null || bytes.length == 0); + if (flag) { throw new ExceptionIllegalFile(file); } if (StringUtils.isNotEmpty(filePath)) { -- GitLab